Pub CiD, comment m'en débarasser?
Francis
-
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
Bonjour,
J'ai chopé le virus CiD y'a pas longtemps, et mon Pc rame pas mal depuis.
Les fréquences varient pas mal, mon ordi est allumé depuis 45min et toujours pas de pop-up.
Si vous pouviez m'aider ça me rendrait un très grand service !
Merci d'avance,
Le rapport Hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:06:45, on 08/06/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe /RegAll
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [AnumanLive] C:\Users\Thierry\AppData\Roaming\Anuman Interactive\AnumanLive\AnumanLive.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - https://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: Loki Drivers Auto Removal (pr2agqwc) (pr2agqwc) - Cyanide - C:\Windows\system32\pr2agqwc.exe
--
End of file - 6628 bytes
J'ai chopé le virus CiD y'a pas longtemps, et mon Pc rame pas mal depuis.
Les fréquences varient pas mal, mon ordi est allumé depuis 45min et toujours pas de pop-up.
Si vous pouviez m'aider ça me rendrait un très grand service !
Merci d'avance,
Le rapport Hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:06:45, on 08/06/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe /RegAll
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [AnumanLive] C:\Users\Thierry\AppData\Roaming\Anuman Interactive\AnumanLive\AnumanLive.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - https://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: Loki Drivers Auto Removal (pr2agqwc) (pr2agqwc) - Cyanide - C:\Windows\system32\pr2agqwc.exe
--
End of file - 6628 bytes
Configuration: Windows vista Internet Explorer 7.0
7 réponses
-
slt,
tu télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
--- -
Je n'ai pas encore eu de pop-up aujourd'hui...
Le rapport :
-----------------------[ Lop S&D 4.2.1-3 XP/Vista ]---------------------
[ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
[ USER : Thierry ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 08/06/2008 | 21:33:54,34 ] [ PC : MAISON ]
[ MAJ : 07-06-2008 | 22:15 ]
[ UAC => 0 ]
-------------[ Listing des dossiers dans Application Data ]------------
[17/02/2008|16:42] C:\Users\Thierry\AppData\Roaming\Adobe\Plugins
[13/02/2008|16:31] C:\Users\Thierry\AppData\Roaming\Adobe\Adobe Photoshop CS3
[13/02/2008|16:31] C:\Users\Thierry\AppData\Roaming\Adobe\Online Services
[13/02/2008|12:44] C:\Users\Thierry\AppData\Roaming\Adobe\CameraRaw
[10/02/2008|23:45] C:\Users\Thierry\AppData\Roaming\Adobe\Color
[10/02/2008|23:45] C:\Users\Thierry\AppData\Roaming\Adobe\Adobe PDF
[10/02/2008|21:26] C:\Users\Thierry\AppData\Roaming\Adobe\Photoshop Elements
[27/12/2007|13:30] C:\Users\Thierry\AppData\Roaming\Adobe\Linguistics
[27/12/2007|13:30] C:\Users\Thierry\AppData\Roaming\Adobe\Acrobat
[22/12/2007|14:52] C:\Users\Thierry\AppData\Roaming\Adobe\Flash Player
[09/01/2008|12:46] C:\Users\Thierry\AppData\Roaming\Ahead\Nero BackItUp
[08/01/2008|22:02] C:\Users\Thierry\AppData\Roaming\Ahead\Nero Burning ROM
[22/12/2007|15:38] C:\Users\Thierry\AppData\Roaming\Ahead\NeroVision
[18/04/2008|20:24] C:\Users\Thierry\AppData\Roaming\Anuman Interactive\AnumanLive
[20/04/2008|16:37] C:\Users\Thierry\AppData\Roaming\Google\Local Search History
[22/12/2007|11:57] C:\Users\Thierry\AppData\Roaming\Identities\{926ECB1E-487C-4E01-92A7-4A0EEAB170CE}
[22/12/2007|12:33] C:\Users\Thierry\AppData\Roaming\InstallShield\ISEngine12.0
[20/03/2008|23:17] C:\Users\Thierry\AppData\Roaming\LimeWire\xml
[20/03/2008|23:06] C:\Users\Thierry\AppData\Roaming\LimeWire\.AppSpecialShare
[20/03/2008|23:05] C:\Users\Thierry\AppData\Roaming\LimeWire\themes
[22/12/2007|14:52] C:\Users\Thierry\AppData\Roaming\Macromedia\Flash Player
[14/05/2008|18:55] C:\Users\Thierry\AppData\Roaming\Microsoft\Windows Photo Gallery
[17/04/2008|22:33] C:\Users\Thierry\AppData\Roaming\Microsoft\Office
[17/04/2008|22:33] C:\Users\Thierry\AppData\Roaming\Microsoft\OIS
[17/04/2008|22:04] C:\Users\Thierry\AppData\Roaming\Microsoft\Crypto
[02/04/2008|21:17] C:\Users\Thierry\AppData\Roaming\Microsoft\Templates
[22/02/2008|21:49] C:\Users\Thierry\AppData\Roaming\Microsoft\Outlook
[17/02/2008|15:22] C:\Users\Thierry\AppData\Roaming\Microsoft\MMC
[27/01/2008|19:54] C:\Users\Thierry\AppData\Roaming\Microsoft\MSN Messenger
[09/01/2008|23:30] C:\Users\Thierry\AppData\Roaming\Microsoft\Internet Explorer
[08/01/2008|18:01] C:\Users\Thierry\AppData\Roaming\Microsoft\Word
[07/01/2008|23:27] C:\Users\Thierry\AppData\Roaming\Microsoft\IdentityCRL
[07/01/2008|00:27] C:\Users\Thierry\AppData\Roaming\Microsoft\UProof
[07/01/2008|00:26] C:\Users\Thierry\AppData\Roaming\Microsoft\Proof
[27/12/2007|15:15] C:\Users\Thierry\AppData\Roaming\Microsoft\Speech
[26/12/2007|14:01] C:\Users\Thierry\AppData\Roaming\Microsoft\Windows
[26/12/2007|12:50] C:\Users\Thierry\AppData\Roaming\Microsoft\eHome
[22/12/2007|15:18] C:\Users\Thierry\AppData\Roaming\Microsoft\Document Building Blocks
[22/12/2007|15:18] C:\Users\Thierry\AppData\Roaming\Microsoft\AddIns
[22/12/2007|15:02] C:\Users\Thierry\AppData\Roaming\Microsoft\HTML Help
[22/12/2007|12:33] C:\Users\Thierry\AppData\Roaming\Microsoft\Protect
[22/12/2007|12:24] C:\Users\Thierry\AppData\Roaming\Microsoft\Network
[22/12/2007|12:24] C:\Users\Thierry\AppData\Roaming\Microsoft\SystemCertificates
[22/12/2007|12:20] C:\Users\Thierry\AppData\Roaming\Microsoft\Credentials
[29/04/2008|22:07] C:\Users\Thierry\AppData\Roaming\Mozilla\Firefox
[06/01/2008|14:30] C:\Users\Thierry\AppData\Roaming\U3\temp
[21/03/2008|22:59] C:\Users\Thierry\AppData\Roaming\vlc\cache
----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------
[08/06/2008 21:14][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{1B5DFFFC-ED2A-419B-ADBC-0E8530E0485D}.job
[05/08/2004 14:00][-rah-----] C:\Windows\tasks\desktop.ini
[08/06/2008 21:33][--ah-----] C:\Windows\tasks\SA.DAT
[02/11/2006 15:09][--a------] C:\Windows\tasks\SCHEDLGU.TXT
------[ Listing des dossiers dans C:\ProgramData ]------
[17/02/2008|16:36] C:\ProgramData\Adobe
[22/12/2007|15:38] C:\ProgramData\Ahead
[02/11/2006|15:02] C:\ProgramData\Application Data
[22/12/2007|12:30] C:\ProgramData\Bureau
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[22/12/2007|12:04] C:\ProgramData\DRM
[22/12/2007|12:30] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[10/02/2008|23:38] C:\ProgramData\FLEXnet
[21/03/2008|21:04] C:\ProgramData\Google
[11/04/2008|20:47] C:\ProgramData\GRAW2
[11/04/2008|20:27] C:\ProgramData\Media Center Programs
[22/12/2007|12:30] C:\ProgramData\Menu D‚marrer
[17/02/2008|17:04] C:\ProgramData\Microsoft
[14/05/2008|17:44] C:\ProgramData\Microsoft Help
[22/12/2007|12:30] C:\ProgramData\ModŠles
[22/12/2007|15:34] C:\ProgramData\Nero
[22/12/2007|13:00] C:\ProgramData\NVIDIA
[12/02/2008|20:48] C:\ProgramData\QuickTime
[02/11/2006|15:02] C:\ProgramData\Start Menu
[02/11/2006|15:02] C:\ProgramData\Templates
[01/06/2008|15:25] C:\ProgramData\VadeRetro
[27/12/2007|15:46] C:\ProgramData\WLInstaller
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[17/02/2008|16:36] C:\Program Files\Adobe
[11/04/2008|20:28] C:\Program Files\AGEIA Technologies
[22/12/2007|13:08] C:\Program Files\Alwil Software
[22/12/2007|12:36] C:\Program Files\Analog Devices
[22/12/2007|14:43] C:\Program Files\ASUS
[11/04/2008|20:27] C:\Program Files\Common Files
[22/12/2007|11:51] C:\Program Files\ComPlus Applications
[23/05/2008|18:50] C:\Program Files\Cyanide
[22/12/2007|14:26] C:\Program Files\desktop.ini
[03/05/2008|16:50] C:\Program Files\Dobermann
[22/12/2007|12:30] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[22/03/2008|00:54] C:\Program Files\Google
[01/06/2008|15:25] C:\Program Files\Goto Software
[03/05/2008|16:51] C:\Program Files\InstallShield Installation Information
[12/04/2008|03:25] C:\Program Files\Internet Explorer
[21/03/2008|21:04] C:\Program Files\Java
[20/03/2008|23:04] C:\Program Files\LimeWire
[03/05/2008|19:25] C:\Program Files\LittleFighter2
[28/12/2007|20:42] C:\Program Files\Logitech
[30/12/2007|02:10] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[22/12/2007|12:20] C:\Program Files\microsoft frontpage
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[22/12/2007|14:51] C:\Program Files\Microsoft Office
[22/12/2007|14:51] C:\Program Files\Microsoft Visual Studio
[22/12/2007|14:49] C:\Program Files\Microsoft Visual Studio 8
[22/12/2007|14:52] C:\Program Files\Microsoft Works
[22/12/2007|14:51] C:\Program Files\Microsoft.NET
[02/11/2006|14:42] C:\Program Files\Movie Maker
[29/04/2008|22:10] C:\Program Files\Mozilla Firefox
[22/12/2007|14:51] C:\Program Files\MSBuild
[09/01/2008|23:35] C:\Program Files\MSN
[22/12/2007|12:20] C:\Program Files\MSN Gaming Zone
[22/12/2007|15:49] C:\Program Files\MSXML 4.0
[22/12/2007|15:34] C:\Program Files\Nero
[22/12/2007|14:56] C:\Program Files\NVIDIA Corporation
[22/12/2007|12:20] C:\Program Files\Online Services
[12/02/2008|20:47] C:\Program Files\QuickTime
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[03/05/2008|16:51] C:\Program Files\SEGA
[22/12/2007|12:20] C:\Program Files\Services en ligne
[23/05/2008|18:35] C:\Program Files\THQ
[08/06/2008|20:06] C:\Program Files\Trend Micro
[11/04/2008|20:15] C:\Program Files\UBISOFT
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[21/03/2008|22:41] C:\Program Files\VideoLAN
[22/12/2007|14:18] C:\Program Files\Windows Calendar
[02/11/2006|14:42] C:\Program Files\Windows Collaboration
[22/12/2007|14:18] C:\Program Files\Windows Defender
[02/11/2006|14:42] C:\Program Files\Windows Journal
[27/12/2007|15:51] C:\Program Files\Windows Live
[14/05/2008|17:44] C:\Program Files\Windows Mail
[22/12/2007|14:18] C:\Program Files\Windows Media Player
[22/12/2007|12:30] C:\Program Files\Windows NT
[02/11/2006|14:42] C:\Program Files\Windows Photo Gallery
[09/01/2008|23:23] C:\Program Files\Windows Sidebar
[17/02/2008|16:53] C:\Program Files\World of Warcraft
[22/12/2007|12:20] C:\Program Files\xerox
------[ Listing des dossiers dans C:\Program Files\Common Files ]------
[17/02/2008|16:36] C:\Program Files\Common Files\Adobe
[22/12/2007|15:37] C:\Program Files\Common Files\Ahead
[17/02/2008|17:02] C:\Program Files\Common Files\Blizzard Entertainment
[22/12/2007|14:51] C:\Program Files\Common Files\DESIGNER
[22/12/2007|14:43] C:\Program Files\Common Files\InstallShield
[20/03/2008|23:02] C:\Program Files\Common Files\Java
[10/02/2008|21:26] C:\Program Files\Common Files\Macrovision Shared
[23/05/2008|18:59] C:\Program Files\Common Files\microsoft shared
[22/12/2007|12:20] C:\Program Files\Common Files\MSSoap
[22/12/2007|12:20] C:\Program Files\Common Files\ODBC
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[22/12/2007|14:49] C:\Program Files\Common Files\System
[27/12/2007|15:51] C:\Program Files\Common Files\WindowsLiveInstaller
[11/04/2008|20:27] C:\Program Files\Common Files\Wise Installation Wizard
---------------------------[ Process ]--------------------------
... 46
... OK !
----------------------[ Recherche avec S_Lop ]---------------------
C:\Users\Thierry\AppData\Local\Temp\bis174A.exe
C:\Users\Thierry\AppData\Local\Temp\bis96F4.exe
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
C:\Windows\Prefetch\BITDOWNLOAD SETUP.EXE-094B8982.pf
C:\Windows\Prefetch\BITDOWNLOAD.EXE-722E9734.pf
C:\Users\Thierry\AppData\Roaming\MICROS~1\Windows\Cookies\thierry@www.adserver5[2].txt
C:\Users\Thierry\AppData\Roaming\MICROS~1\Windows\Cookies\thierry@adopt.euroclick[1].txt
C:\Users\Thierry\AppData\Roaming\MICROS~1\Windows\Cookies\thierry@www.2xmoinscher[2].txt
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-08 21:34:25
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
=> C:\ProgramData\Adobe\Photoshop Elements\6.0\Locale\fr_FR\Photo Creations Metadata\backgrounds\Cracked Paint.xml
=> C:\ProgramData\Adobe\Photoshop Elements\6.0\Photo Creations\backgrounds\Cracked Paint.jpg
[F:775][D:69]-> C:\Users\Thierry\AppData\Local\Temp
[F:343][D:1]-> C:\Users\Thierry\AppData\Roaming\MICROS~1\Windows\Cookies
[F:6030][D:8]-> C:\Users\Thierry\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:71][D:3]-> C:\$Recycle.Bin
[ UAC => 1 ]
--------------------[ Fin du rapport a 21:35:02,12 ]---------------------- -
* Choisis cette fois ci l'Option 2 (Suppression)
* Ne ferme pas la fenêtre lors de la suppression !
* Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
_________________
tu as ces deux cracks qui sont suspect: il est conseiller de virer ...
C:\ProgramData\Adobe\Photoshop Elements\6.0\Locale\fr_FR\Photo Creations Metadata\backgrounds\Cracked Paint.xml
C:\ProgramData\Adobe\Photoshop Elements\6.0\Photo Creations\backgrounds\Cracked Paint.jpg -
hopela !
-----------------------[ Lop S&D 4.2.1-3 XP/Vista ]---------------------
[ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
[ USER : Thierry ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 08/06/2008 | 22:57:36,35 ] [ PC : MAISON ]
[ MAJ : 07-06-2008 | 22:15 ]
[ UAC => 0 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////
Supprimé! - C:\Users\Thierry\AppData\Roaming\MICROS~1\Windows\Cookies\thierry@www.adserver5[2].txt
Supprimé! - C:\Users\Thierry\AppData\Roaming\MICROS~1\Windows\Cookies\thierry@adopt.euroclick[1].txt
Supprimé! - C:\Users\Thierry\AppData\Roaming\MICROS~1\Windows\Cookies\thierry@www.2xmoinscher[2].txt
Supprimé! - C:\Users\Thierry\AppData\Local\Temp\bis174A.exe
Supprimé! - C:\Users\Thierry\AppData\Local\Temp\bis96F4.exe
Restauré! - Fichier Hosts
//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
-------------[ Listing des dossiers dans Application Data ]------------
[17/02/2008|16:42] C:\Users\Thierry\AppData\Roaming\Adobe\Plugins
[13/02/2008|16:31] C:\Users\Thierry\AppData\Roaming\Adobe\Adobe Photoshop CS3
[13/02/2008|16:31] C:\Users\Thierry\AppData\Roaming\Adobe\Online Services
[13/02/2008|12:44] C:\Users\Thierry\AppData\Roaming\Adobe\CameraRaw
[10/02/2008|23:45] C:\Users\Thierry\AppData\Roaming\Adobe\Color
[10/02/2008|23:45] C:\Users\Thierry\AppData\Roaming\Adobe\Adobe PDF
[10/02/2008|21:26] C:\Users\Thierry\AppData\Roaming\Adobe\Photoshop Elements
[27/12/2007|13:30] C:\Users\Thierry\AppData\Roaming\Adobe\Linguistics
[27/12/2007|13:30] C:\Users\Thierry\AppData\Roaming\Adobe\Acrobat
[22/12/2007|14:52] C:\Users\Thierry\AppData\Roaming\Adobe\Flash Player
[09/01/2008|12:46] C:\Users\Thierry\AppData\Roaming\Ahead\Nero BackItUp
[08/01/2008|22:02] C:\Users\Thierry\AppData\Roaming\Ahead\Nero Burning ROM
[22/12/2007|15:38] C:\Users\Thierry\AppData\Roaming\Ahead\NeroVision
[18/04/2008|20:24] C:\Users\Thierry\AppData\Roaming\Anuman Interactive\AnumanLive
[20/04/2008|16:37] C:\Users\Thierry\AppData\Roaming\Google\Local Search History
[22/12/2007|11:57] C:\Users\Thierry\AppData\Roaming\Identities\{926ECB1E-487C-4E01-92A7-4A0EEAB170CE}
[22/12/2007|12:33] C:\Users\Thierry\AppData\Roaming\InstallShield\ISEngine12.0
[20/03/2008|23:17] C:\Users\Thierry\AppData\Roaming\LimeWire\xml
[20/03/2008|23:06] C:\Users\Thierry\AppData\Roaming\LimeWire\.AppSpecialShare
[20/03/2008|23:05] C:\Users\Thierry\AppData\Roaming\LimeWire\themes
[22/12/2007|14:52] C:\Users\Thierry\AppData\Roaming\Macromedia\Flash Player
[14/05/2008|18:55] C:\Users\Thierry\AppData\Roaming\Microsoft\Windows Photo Gallery
[17/04/2008|22:33] C:\Users\Thierry\AppData\Roaming\Microsoft\Office
[17/04/2008|22:33] C:\Users\Thierry\AppData\Roaming\Microsoft\OIS
[17/04/2008|22:04] C:\Users\Thierry\AppData\Roaming\Microsoft\Crypto
[02/04/2008|21:17] C:\Users\Thierry\AppData\Roaming\Microsoft\Templates
[22/02/2008|21:49] C:\Users\Thierry\AppData\Roaming\Microsoft\Outlook
[17/02/2008|15:22] C:\Users\Thierry\AppData\Roaming\Microsoft\MMC
[27/01/2008|19:54] C:\Users\Thierry\AppData\Roaming\Microsoft\MSN Messenger
[09/01/2008|23:30] C:\Users\Thierry\AppData\Roaming\Microsoft\Internet Explorer
[08/01/2008|18:01] C:\Users\Thierry\AppData\Roaming\Microsoft\Word
[07/01/2008|23:27] C:\Users\Thierry\AppData\Roaming\Microsoft\IdentityCRL
[07/01/2008|00:27] C:\Users\Thierry\AppData\Roaming\Microsoft\UProof
[07/01/2008|00:26] C:\Users\Thierry\AppData\Roaming\Microsoft\Proof
[27/12/2007|15:15] C:\Users\Thierry\AppData\Roaming\Microsoft\Speech
[26/12/2007|14:01] C:\Users\Thierry\AppData\Roaming\Microsoft\Windows
[26/12/2007|12:50] C:\Users\Thierry\AppData\Roaming\Microsoft\eHome
[22/12/2007|15:18] C:\Users\Thierry\AppData\Roaming\Microsoft\Document Building Blocks
[22/12/2007|15:18] C:\Users\Thierry\AppData\Roaming\Microsoft\AddIns
[22/12/2007|15:02] C:\Users\Thierry\AppData\Roaming\Microsoft\HTML Help
[22/12/2007|12:33] C:\Users\Thierry\AppData\Roaming\Microsoft\Protect
[22/12/2007|12:24] C:\Users\Thierry\AppData\Roaming\Microsoft\Network
[22/12/2007|12:24] C:\Users\Thierry\AppData\Roaming\Microsoft\SystemCertificates
[22/12/2007|12:20] C:\Users\Thierry\AppData\Roaming\Microsoft\Credentials
[29/04/2008|22:07] C:\Users\Thierry\AppData\Roaming\Mozilla\Firefox
[06/01/2008|14:30] C:\Users\Thierry\AppData\Roaming\U3\temp
[21/03/2008|22:59] C:\Users\Thierry\AppData\Roaming\vlc\cache
----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------
[08/06/2008 21:14][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{1B5DFFFC-ED2A-419B-ADBC-0E8530E0485D}.job
[05/08/2004 14:00][-rah-----] C:\Windows\tasks\desktop.ini
[08/06/2008 21:58][--ah-----] C:\Windows\tasks\SA.DAT
[02/11/2006 15:09][--a------] C:\Windows\tasks\SCHEDLGU.TXT
------[ Listing des dossiers dans C:\ProgramData ]------
[17/02/2008|16:36] C:\ProgramData\Adobe
[22/12/2007|15:38] C:\ProgramData\Ahead
[02/11/2006|15:02] C:\ProgramData\Application Data
[22/12/2007|12:30] C:\ProgramData\Bureau
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[22/12/2007|12:04] C:\ProgramData\DRM
[22/12/2007|12:30] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[10/02/2008|23:38] C:\ProgramData\FLEXnet
[21/03/2008|21:04] C:\ProgramData\Google
[11/04/2008|20:47] C:\ProgramData\GRAW2
[11/04/2008|20:27] C:\ProgramData\Media Center Programs
[22/12/2007|12:30] C:\ProgramData\Menu D‚marrer
[17/02/2008|17:04] C:\ProgramData\Microsoft
[14/05/2008|17:44] C:\ProgramData\Microsoft Help
[22/12/2007|12:30] C:\ProgramData\ModŠles
[22/12/2007|15:34] C:\ProgramData\Nero
[22/12/2007|13:00] C:\ProgramData\NVIDIA
[12/02/2008|20:48] C:\ProgramData\QuickTime
[02/11/2006|15:02] C:\ProgramData\Start Menu
[02/11/2006|15:02] C:\ProgramData\Templates
[01/06/2008|15:25] C:\ProgramData\VadeRetro
[27/12/2007|15:46] C:\ProgramData\WLInstaller
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[17/02/2008|16:36] C:\Program Files\Adobe
[11/04/2008|20:28] C:\Program Files\AGEIA Technologies
[22/12/2007|13:08] C:\Program Files\Alwil Software
[22/12/2007|12:36] C:\Program Files\Analog Devices
[22/12/2007|14:43] C:\Program Files\ASUS
[11/04/2008|20:27] C:\Program Files\Common Files
[22/12/2007|11:51] C:\Program Files\ComPlus Applications
[23/05/2008|18:50] C:\Program Files\Cyanide
[22/12/2007|14:26] C:\Program Files\desktop.ini
[03/05/2008|16:50] C:\Program Files\Dobermann
[22/12/2007|12:30] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[22/03/2008|00:54] C:\Program Files\Google
[01/06/2008|15:25] C:\Program Files\Goto Software
[03/05/2008|16:51] C:\Program Files\InstallShield Installation Information
[12/04/2008|03:25] C:\Program Files\Internet Explorer
[21/03/2008|21:04] C:\Program Files\Java
[20/03/2008|23:04] C:\Program Files\LimeWire
[03/05/2008|19:25] C:\Program Files\LittleFighter2
[28/12/2007|20:42] C:\Program Files\Logitech
[30/12/2007|02:10] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[22/12/2007|12:20] C:\Program Files\microsoft frontpage
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[22/12/2007|14:51] C:\Program Files\Microsoft Office
[22/12/2007|14:51] C:\Program Files\Microsoft Visual Studio
[22/12/2007|14:49] C:\Program Files\Microsoft Visual Studio 8
[22/12/2007|14:52] C:\Program Files\Microsoft Works
[22/12/2007|14:51] C:\Program Files\Microsoft.NET
[02/11/2006|14:42] C:\Program Files\Movie Maker
[29/04/2008|22:10] C:\Program Files\Mozilla Firefox
[22/12/2007|14:51] C:\Program Files\MSBuild
[09/01/2008|23:35] C:\Program Files\MSN
[22/12/2007|12:20] C:\Program Files\MSN Gaming Zone
[22/12/2007|15:49] C:\Program Files\MSXML 4.0
[22/12/2007|15:34] C:\Program Files\Nero
[22/12/2007|14:56] C:\Program Files\NVIDIA Corporation
[22/12/2007|12:20] C:\Program Files\Online Services
[12/02/2008|20:47] C:\Program Files\QuickTime
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[03/05/2008|16:51] C:\Program Files\SEGA
[22/12/2007|12:20] C:\Program Files\Services en ligne
[23/05/2008|18:35] C:\Program Files\THQ
[08/06/2008|20:06] C:\Program Files\Trend Micro
[11/04/2008|20:15] C:\Program Files\UBISOFT
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[21/03/2008|22:41] C:\Program Files\VideoLAN
[22/12/2007|14:18] C:\Program Files\Windows Calendar
[02/11/2006|14:42] C:\Program Files\Windows Collaboration
[22/12/2007|14:18] C:\Program Files\Windows Defender
[02/11/2006|14:42] C:\Program Files\Windows Journal
[27/12/2007|15:51] C:\Program Files\Windows Live
[14/05/2008|17:44] C:\Program Files\Windows Mail
[22/12/2007|14:18] C:\Program Files\Windows Media Player
[22/12/2007|12:30] C:\Program Files\Windows NT
[02/11/2006|14:42] C:\Program Files\Windows Photo Gallery
[09/01/2008|23:23] C:\Program Files\Windows Sidebar
[17/02/2008|16:53] C:\Program Files\World of Warcraft
[22/12/2007|12:20] C:\Program Files\xerox
------[ Listing des dossiers dans C:\Program Files\Common Files ]------
[17/02/2008|16:36] C:\Program Files\Common Files\Adobe
[22/12/2007|15:37] C:\Program Files\Common Files\Ahead
[17/02/2008|17:02] C:\Program Files\Common Files\Blizzard Entertainment
[22/12/2007|14:51] C:\Program Files\Common Files\DESIGNER
[22/12/2007|14:43] C:\Program Files\Common Files\InstallShield
[20/03/2008|23:02] C:\Program Files\Common Files\Java
[10/02/2008|21:26] C:\Program Files\Common Files\Macrovision Shared
[23/05/2008|18:59] C:\Program Files\Common Files\microsoft shared
[22/12/2007|12:20] C:\Program Files\Common Files\MSSoap
[22/12/2007|12:20] C:\Program Files\Common Files\ODBC
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[22/12/2007|14:49] C:\Program Files\Common Files\System
[27/12/2007|15:51] C:\Program Files\Common Files\WindowsLiveInstaller
[11/04/2008|20:27] C:\Program Files\Common Files\Wise Installation Wizard
---------------------------[ Process ]--------------------------
... 59
... OK !
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
Aucun fichier / dossier Lop trouvé !
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-08 22:58:00
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
=> C:\ProgramData\Adobe\Photoshop Elements\6.0\Locale\fr_FR\Photo Creations Metadata\backgrounds\Cracked Paint.xml
=> C:\ProgramData\Adobe\Photoshop Elements\6.0\Photo Creations\backgrounds\Cracked Paint.jpg
[F:774][D:69]-> C:\Users\Thierry\AppData\Local\Temp
[F:345][D:1]-> C:\Users\Thierry\AppData\Roaming\MICROS~1\Windows\Cookies
[F:6393][D:8]-> C:\Users\Thierry\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:71][D:3]-> C:\$Recycle.Bin
[ UAC => 1 ]
--------------------[ Fin du rapport a 22:58:25,18 ]---------------------- -
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question -
encore des soucis? Recolle un hijackthis
-
-
parfait
pour protéger gratos ton ordi
http://www.commentcamarche.net/telecharger/logiciel 4 securite
mettre un antivirus
AVAST en français ou ANTIVIR (en anglais mais très efficace)
https://www.malekal.com/avira-free-security-antivirus-gratuit/ (merci Malekal)
-------------
des anti-espions :
MalwareByte's Anti-Malware + SPYBOT +/- si tea timer non active de spybot:
WINDOWS DEFENDER ou SPYWARE TERMINATOR
+
SPYWAREBLASTER pour immuniser le système contre vundo notamment mais en anglais (mais facile d'utilisation : il suffit de faire "update" pour mettre à jour tous les mois et ensuite" enable all protection" pour immuniser)...
Rq : spybot et ad-aware ont sorti de nouvelles versions cette année vérifiez que vous avez la dernière version
--------
un pare feu :
celui de (Windows) ou mieux Online armor ou KERIO ou JETICO ou ZONE ALARM (mettre que le parefeu gratuit)
http://www.commentcamarche.net/telecharger/telecharger 34055356 online armor personal firewall
https://forum.pcastuces.com/sujet.asp?f=25&s=35606
https://www.clubic.com/telecharger-fiche11071-sunbelt-personal-firewall-ex-kerio.html
https://manuelsdaide.com/contact/
http://www.open-files.com/forum/index.php?showtopic=29277
http://www.commentcamarche.net/telecharger/telecharger 157 zonealarm
-----------
CCLEANER pour effacer les traces de surf
---------
naviguer avec firefox ou safari ou opera et non internet explorer plus touché par les virus
http://www.mozilla-europe.org/fr/products/firefox/
