Sujet Précédent Sujet Suivant

Ordinateur qui rame

jessi22 Messages postés 16 Statut Membre -  
Destrio5 Messages postés 99820 Statut Modérateur -
Bonjour,
comment faire pour quil ne rame plus?????
sa beug est c'est lent

35 réponses

Précédent
  • 1
  • 2
Réponse 21 / 35
Destrio5 Messages postés 99820 Statut Modérateur 10 305
 
Le scan est toujours en cours ?
0
Réponse 22 / 35
jessi22 Messages postés 16 Statut Membre
 
Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6002 ) Service Pack 2
X86-based PC ( Multiprocessor Free : AMD Turion(tm) X2 Dual-Core Mobile RM-74 )
BIOS : Default System BIOS
USER : jess ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:454 Go (Free:350 Go)
D:\ (Local Disk) - NTFS - Total:11 Go (Free:1 Go)
E:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 17/12/2009|19:19 )

[ UAC => 1 ]

--------------------\\ Listing des dossiers dans Local

[08/11/2009|21:57] C:\Users\jess\AppData\Local\Adobe
[03/10/2009|18:45] C:\Users\jess\AppData\Local\AOL
[03/10/2009|18:36] C:\Users\jess\AppData\Local\Application Data
[09/10/2009|15:08] C:\Users\jess\AppData\Local\Apps
[17/12/2009|18:25] C:\Users\jess\AppData\Local\Ares
[03/10/2009|18:45] C:\Users\jess\AppData\Local\ATI
[03/10/2009|18:45] C:\Users\jess\AppData\Local\AtStart.txt
[09/10/2009|15:40] C:\Users\jess\AppData\Local\CyberLink
[09/11/2009|18:19] C:\Users\jess\AppData\Local\d3d9caps.dat
[03/12/2009|23:45] C:\Users\jess\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[09/10/2009|15:09] C:\Users\jess\AppData\Local\Deployment
[03/10/2009|18:45] C:\Users\jess\AppData\Local\DSwitch.txt
[03/11/2009|17:30] C:\Users\jess\AppData\Local\eMule
[03/10/2009|18:42] C:\Users\jess\AppData\Local\GDIPFONTCACHEV1.DAT
[09/10/2009|15:09] C:\Users\jess\AppData\Local\Google
[16/12/2009|23:30] C:\Users\jess\AppData\Local\Hewlett-Packard
[03/10/2009|18:36] C:\Users\jess\AppData\Local\Historique
[17/12/2009|19:05] C:\Users\jess\AppData\Local\IconCache.db
[12/11/2009|22:20] C:\Users\jess\AppData\Local\IsolatedStorage
[30/11/2009|18:58] C:\Users\jess\AppData\Local\Microsoft
[03/12/2009|23:34] C:\Users\jess\AppData\Local\Microsoft Games
[22/10/2009|17:29] C:\Users\jess\AppData\Local\Microsoft Help
[09/10/2009|15:40] C:\Users\jess\AppData\Local\PowerCinema
[03/10/2009|18:45] C:\Users\jess\AppData\Local\QSwitch.txt
[12/11/2009|20:59] C:\Users\jess\AppData\Local\Symantec
[17/12/2009|19:17] C:\Users\jess\AppData\Local\Temp
[03/10/2009|18:36] C:\Users\jess\AppData\Local\Temporary Internet Files
[10/10/2009|19:12] C:\Users\jess\AppData\Local\VirtualStore

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[17/12/2009 19:19][--a------] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3245296487-552651647-840591540-1000UA.job
[16/12/2009 19:17][--a------] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3245296487-552651647-840591540-1000Core.job
[05/12/2009 20:22][--a------] C:\Windows\tasks\HPCeeScheduleForjess.job
[17/12/2009 19:08][--ah-----] C:\Windows\tasks\SA.DAT
[17/12/2009 19:06][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[22/05/2009|03:17] C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
[26/02/2009|10:08] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[26/02/2009|10:21] C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
[22/05/2009|03:16] C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
[26/02/2009|10:15] C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[22/05/2009|03:13] C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
[22/05/2009|03:16] C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
[26/02/2009|10:13] C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
[26/02/2009|10:21] C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
[22/05/2009|03:18] C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
[09/11/2009|18:20] C:\ProgramData\Adobe
[26/02/2009|10:23] C:\ProgramData\AOL
[02/11/2006|14:02] C:\ProgramData\Application Data
[22/05/2009|02:18] C:\ProgramData\Atheros
[22/05/2009|03:22] C:\ProgramData\ATI
[13/12/2009|20:26] C:\ProgramData\Bash Cast Date
[03/10/2009|18:36] C:\ProgramData\Bureau
[13/12/2009|23:13] C:\ProgramData\CyberLink
[02/11/2006|14:02] C:\ProgramData\Desktop
[02/11/2006|14:02] C:\ProgramData\Documents
[03/11/2009|17:30] C:\ProgramData\eMule
[04/12/2009|18:39] C:\ProgramData\ezsidmv.dat
[03/10/2009|18:36] C:\ProgramData\Favoris
[02/11/2006|14:02] C:\ProgramData\Favorites
[13/12/2009|21:32] C:\ProgramData\Hewlett-Packard
[17/12/2009|19:13] C:\ProgramData\HPWALog.txt
[07/10/2009|10:57] C:\ProgramData\LightScribe
[03/10/2009|18:36] C:\ProgramData\Menu D‚marrer
[11/10/2009|20:14] C:\ProgramData\Messenger Plus!
[13/12/2009|20:25] C:\ProgramData\Meta Knob Soft Soap
[03/10/2009|20:43] C:\ProgramData\Microsoft
[13/12/2009|20:27] C:\ProgramData\Microsoft Help
[03/10/2009|18:36] C:\ProgramData\ModŠles
[13/12/2009|20:25] C:\ProgramData\New that site.gbpp3x
[03/10/2009|18:46] C:\ProgramData\Norton
[26/02/2009|09:09] C:\ProgramData\NortonInstaller
[07/10/2009|10:30] C:\ProgramData\Office Genuine Advantage
[03/12/2009|22:48] C:\ProgramData\Sandlot Games
[13/12/2009|20:23] C:\ProgramData\shim less less.8othd
[13/12/2009|20:23] C:\ProgramData\shim less less.x8hbyi
[03/12/2009|22:35] C:\ProgramData\Skype
[02/11/2006|14:02] C:\ProgramData\Start Menu
[03/10/2009|19:16] C:\ProgramData\Symantec
[22/05/2009|03:18] C:\ProgramData\Temp
[02/11/2006|14:02] C:\ProgramData\Templates
[03/12/2009|23:21] C:\ProgramData\WildTangent

--------------------\\ Listing des dossiers dans C:\Program Files

[26/02/2009|10:08] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[08/11/2009|22:35] C:\Program Files\Adobe
[17/12/2009|19:13] C:\Program Files\Ad-Remover
[22/05/2009|02:19] C:\Program Files\AMD
[26/02/2009|10:23] C:\Program Files\AOL
[03/10/2009|19:29] C:\Program Files\Ares
[22/05/2009|02:18] C:\Program Files\Atheros
[22/05/2009|02:11] C:\Program Files\ATI
[22/05/2009|02:13] C:\Program Files\ATI Technologies
[13/12/2009|20:23] C:\Program Files\Circle Devlopement
[03/12/2009|22:35] C:\Program Files\Common Files
[26/02/2009|10:21] C:\Program Files\CyberLink
[22/05/2009|02:14] C:\Program Files\DIFX
[09/10/2009|15:52] C:\Program Files\DivX
[26/02/2009|10:22] C:\Program Files\EasyBits For Kids
[03/10/2009|18:36] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[22/05/2009|03:12] C:\Program Files\Hewlett-Packard
[26/02/2009|09:07] C:\Program Files\Hewlett-Packard Company
[26/02/2009|10:33] C:\Program Files\HP
[26/02/2009|10:10] C:\Program Files\HP Games
[15/12/2009|16:20] C:\Program Files\IDT
[22/05/2009|03:17] C:\Program Files\InstallShield Installation Information
[15/12/2009|15:29] C:\Program Files\Internet Explorer
[26/02/2009|10:25] C:\Program Files\Java
[22/05/2009|02:15] C:\Program Files\JMicron
[13/12/2009|23:56] C:\Program Files\LimeWire
[13/11/2009|17:25] C:\Program Files\Live-Player
[13/12/2009|20:23] C:\Program Files\Messenger Plus! Live
[22/10/2009|17:26] C:\Program Files\Microsoft
[02/11/2006|13:37] C:\Program Files\Microsoft Games
[26/02/2009|10:07] C:\Program Files\Microsoft Office
[05/10/2009|18:07] C:\Program Files\Microsoft Silverlight
[03/10/2009|19:12] C:\Program Files\Microsoft SQL Server Compact Edition
[10/11/2009|23:27] C:\Program Files\Microsoft Works
[26/02/2009|10:07] C:\Program Files\Microsoft.NET
[10/11/2009|23:27] C:\Program Files\Movie Maker
[02/11/2006|13:37] C:\Program Files\MSBuild
[05/10/2009|13:48] C:\Program Files\MSXML 4.0
[22/05/2009|03:18] C:\Program Files\muvee Technologies
[26/02/2009|09:09] C:\Program Files\Norton Internet Security
[12/11/2009|21:06] C:\Program Files\Norton Support
[26/02/2009|09:09] C:\Program Files\NortonInstaller
[03/10/2009|18:39] C:\Program Files\Online Services
[22/05/2009|02:16] C:\Program Files\Realtek
[02/11/2006|13:37] C:\Program Files\Reference Assemblies
[03/12/2009|22:35] C:\Program Files\Skype
[12/11/2009|20:40] C:\Program Files\SMINST
[06/10/2009|19:29] C:\Program Files\Symantec
[22/05/2009|02:13] C:\Program Files\Synaptics
[17/12/2009|00:12] C:\Program Files\trend micro
[02/11/2006|14:01] C:\Program Files\Uninstall Information
[10/11/2009|23:27] C:\Program Files\Windows Calendar
[10/11/2009|23:27] C:\Program Files\Windows Collaboration
[10/11/2009|23:27] C:\Program Files\Windows Defender
[10/11/2009|23:27] C:\Program Files\Windows Journal
[03/10/2009|19:13] C:\Program Files\Windows Live
[03/10/2009|19:09] C:\Program Files\Windows Live SkyDrive
[15/12/2009|15:29] C:\Program Files\Windows Mail
[10/11/2009|23:27] C:\Program Files\Windows Media Player
[03/10/2009|18:36] C:\Program Files\Windows NT
[10/11/2009|23:27] C:\Program Files\Windows Photo Gallery
[18/11/2009|20:26] C:\Program Files\Windows Portable Devices
[10/11/2009|23:27] C:\Program Files\Windows Sidebar

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[10/11/2009|23:28] C:\Program Files\Common Files\Adobe
[26/02/2009|10:07] C:\Program Files\Common Files\DESIGNER
[09/10/2009|15:52] C:\Program Files\Common Files\DivX Shared
[26/02/2009|09:07] C:\Program Files\Common Files\InstallShield
[22/05/2009|02:50] C:\Program Files\Common Files\LightScribe
[22/10/2009|17:28] C:\Program Files\Common Files\microsoft shared
[22/05/2009|03:18] C:\Program Files\Common Files\muvee Technologies
[09/10/2009|15:52] C:\Program Files\Common Files\PX Storage Engine
[05/10/2009|20:59] C:\Program Files\Common Files\Sandlot Shared
[02/11/2006|12:18] C:\Program Files\Common Files\Services
[03/12/2009|22:35] C:\Program Files\Common Files\Skype
[02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
[03/10/2009|21:40] C:\Program Files\Common Files\Symantec Shared
[10/11/2009|23:27] C:\Program Files\Common Files\System
[03/10/2009|18:52] C:\Program Files\Common Files\Windows Live

--------------------\\ Process

( 90 Processes )

iexplore.exe ~ [PID:3108]
iexplore.exe ~ [PID:2636]

--------------------\\ Recherche avec S_Lop

C:\ProgramData\shim less less.8othd
C:\ProgramData\New that site.gbpp3x
C:\ProgramData\shim less less.x8hbyi
C:\Users\jess\AppData\Local\Temp\bisA708.exe

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"tray style"="\"C:\\ProgramData\\shim less less.8othd\""
"soft soap corn funk"="\"C:\\ProgramData\\New that site.gbpp3x\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-17 19:19:56
Windows 6.0.6002 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

C:\Program Files\Live-Player
C:\Program Files\Live-Player\data
C:\Program Files\Live-Player\img
C:\Program Files\Live-Player\live-player.log
C:\Program Files\Live-Player\SkinCrafterDll.dll
C:\Program Files\Live-Player\skins
C:\Program Files\Live-Player\sqlite3.dll
C:\Program Files\Live-Player\uninst.exe
C:\Users\jess\AppData\Roaming\live-player
C:\Users\jess\AppData\Roaming\live-player\liveplayer.s3db
C:\Users\jess\AppData\Roaming\live-player\flv.swf
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player\Conditions g‚n‚rales.url
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player\Confidentialit‚.url
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player\D‚sinstaller.lnk
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player\Live-Player.lnk
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player\Website.url
[b]==> EGDACCESS <==/b

[F:307][D:34]-> C:\Users\jess\AppData\Local\Temp
[F:325][D:1]-> C:\Users\jess\AppData\Roaming\MICROS~1\Windows\Cookies
[F:560][D:12]-> C:\Users\jess\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:6][D:4]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 17/12/2009|19:29 - Option : [1]

--------------------\\ Fin du rapport a 19:29:58
[ UAC => 1 ]
0
Réponse 23 / 35
Destrio5 Messages postés 99820 Statut Modérateur 10 305
 
Ok pour le rapport, il montre des infections.

--> Double-clique sur Lop S&D pour le lancer.
(Sous Vista, il faut cliquer droit sur Lop S&D et choisir Exécuter en tant qu'administrateur)

--> Choisis cette fois-ci l'option 2 (Suppression).

--> Ne ferme pas la fenêtre lors de la suppression !

--> Poste le rapport généré (C:\lopR.txt).

(Si le Bureau ne réapparaît pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
0
Réponse 24 / 35
jessi22 Messages postés 16 Statut Membre
 
--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6002 ) Service Pack 2
X86-based PC ( Multiprocessor Free : AMD Turion(tm) X2 Dual-Core Mobile RM-74 )
BIOS : Default System BIOS
USER : jess ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:454 Go (Free:349 Go)
D:\ (Local Disk) - NTFS - Total:11 Go (Free:1 Go)
E:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 17/12/2009|19:33 )

[ UAC => 1 ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\ProgramData\shim less less.8othd
Supprime! - C:\ProgramData\New that site.gbpp3x
Supprime! - C:\ProgramData\shim less less.x8hbyi
Supprime! - C:\Users\jess\AppData\Local\Temp\bisA708.exe
-
[ Fichier Hosts ] .. Restaure!

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

--------------------\\ Listing des dossiers dans Local

[08/11/2009|21:57] C:\Users\jess\AppData\Local\Adobe
[03/10/2009|18:45] C:\Users\jess\AppData\Local\AOL
[03/10/2009|18:36] C:\Users\jess\AppData\Local\Application Data
[09/10/2009|15:08] C:\Users\jess\AppData\Local\Apps
[17/12/2009|18:25] C:\Users\jess\AppData\Local\Ares
[03/10/2009|18:45] C:\Users\jess\AppData\Local\ATI
[03/10/2009|18:45] C:\Users\jess\AppData\Local\AtStart.txt
[09/10/2009|15:40] C:\Users\jess\AppData\Local\CyberLink
[09/11/2009|18:19] C:\Users\jess\AppData\Local\d3d9caps.dat
[03/12/2009|23:45] C:\Users\jess\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[09/10/2009|15:09] C:\Users\jess\AppData\Local\Deployment
[03/10/2009|18:45] C:\Users\jess\AppData\Local\DSwitch.txt
[03/11/2009|17:30] C:\Users\jess\AppData\Local\eMule
[03/10/2009|18:42] C:\Users\jess\AppData\Local\GDIPFONTCACHEV1.DAT
[09/10/2009|15:09] C:\Users\jess\AppData\Local\Google
[16/12/2009|23:30] C:\Users\jess\AppData\Local\Hewlett-Packard
[03/10/2009|18:36] C:\Users\jess\AppData\Local\Historique
[17/12/2009|19:05] C:\Users\jess\AppData\Local\IconCache.db
[12/11/2009|22:20] C:\Users\jess\AppData\Local\IsolatedStorage
[30/11/2009|18:58] C:\Users\jess\AppData\Local\Microsoft
[03/12/2009|23:34] C:\Users\jess\AppData\Local\Microsoft Games
[22/10/2009|17:29] C:\Users\jess\AppData\Local\Microsoft Help
[09/10/2009|15:40] C:\Users\jess\AppData\Local\PowerCinema
[03/10/2009|18:45] C:\Users\jess\AppData\Local\QSwitch.txt
[12/11/2009|20:59] C:\Users\jess\AppData\Local\Symantec
[17/12/2009|19:34] C:\Users\jess\AppData\Local\Temp
[03/10/2009|18:36] C:\Users\jess\AppData\Local\Temporary Internet Files
[10/10/2009|19:12] C:\Users\jess\AppData\Local\VirtualStore

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[17/12/2009 19:19][--a------] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3245296487-552651647-840591540-1000UA.job
[16/12/2009 19:17][--a------] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3245296487-552651647-840591540-1000Core.job
[05/12/2009 20:22][--a------] C:\Windows\tasks\HPCeeScheduleForjess.job
[17/12/2009 19:08][--ah-----] C:\Windows\tasks\SA.DAT
[17/12/2009 19:06][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[22/05/2009|03:17] C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
[26/02/2009|10:08] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[26/02/2009|10:21] C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
[22/05/2009|03:16] C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
[26/02/2009|10:15] C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[22/05/2009|03:13] C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
[22/05/2009|03:16] C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
[26/02/2009|10:13] C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
[26/02/2009|10:21] C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
[22/05/2009|03:18] C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
[09/11/2009|18:20] C:\ProgramData\Adobe
[26/02/2009|10:23] C:\ProgramData\AOL
[02/11/2006|14:02] C:\ProgramData\Application Data
[22/05/2009|02:18] C:\ProgramData\Atheros
[22/05/2009|03:22] C:\ProgramData\ATI
[13/12/2009|20:26] C:\ProgramData\Bash Cast Date
[03/10/2009|18:36] C:\ProgramData\Bureau
[13/12/2009|23:13] C:\ProgramData\CyberLink
[02/11/2006|14:02] C:\ProgramData\Desktop
[02/11/2006|14:02] C:\ProgramData\Documents
[03/11/2009|17:30] C:\ProgramData\eMule
[04/12/2009|18:39] C:\ProgramData\ezsidmv.dat
[03/10/2009|18:36] C:\ProgramData\Favoris
[02/11/2006|14:02] C:\ProgramData\Favorites
[13/12/2009|21:32] C:\ProgramData\Hewlett-Packard
[17/12/2009|19:30] C:\ProgramData\HPWALog.txt
[07/10/2009|10:57] C:\ProgramData\LightScribe
[03/10/2009|18:36] C:\ProgramData\Menu D‚marrer
[11/10/2009|20:14] C:\ProgramData\Messenger Plus!
[13/12/2009|20:25] C:\ProgramData\Meta Knob Soft Soap
[03/10/2009|20:43] C:\ProgramData\Microsoft
[13/12/2009|20:27] C:\ProgramData\Microsoft Help
[03/10/2009|18:36] C:\ProgramData\ModŠles
[03/10/2009|18:46] C:\ProgramData\Norton
[26/02/2009|09:09] C:\ProgramData\NortonInstaller
[07/10/2009|10:30] C:\ProgramData\Office Genuine Advantage
[03/12/2009|22:48] C:\ProgramData\Sandlot Games
[03/12/2009|22:35] C:\ProgramData\Skype
[02/11/2006|14:02] C:\ProgramData\Start Menu
[03/10/2009|19:16] C:\ProgramData\Symantec
[22/05/2009|03:18] C:\ProgramData\Temp
[02/11/2006|14:02] C:\ProgramData\Templates
[03/12/2009|23:21] C:\ProgramData\WildTangent

--------------------\\ Listing des dossiers dans C:\Program Files

[26/02/2009|10:08] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[08/11/2009|22:35] C:\Program Files\Adobe
[17/12/2009|19:13] C:\Program Files\Ad-Remover
[22/05/2009|02:19] C:\Program Files\AMD
[26/02/2009|10:23] C:\Program Files\AOL
[03/10/2009|19:29] C:\Program Files\Ares
[22/05/2009|02:18] C:\Program Files\Atheros
[22/05/2009|02:11] C:\Program Files\ATI
[22/05/2009|02:13] C:\Program Files\ATI Technologies
[13/12/2009|20:23] C:\Program Files\Circle Devlopement
[03/12/2009|22:35] C:\Program Files\Common Files
[26/02/2009|10:21] C:\Program Files\CyberLink
[22/05/2009|02:14] C:\Program Files\DIFX
[09/10/2009|15:52] C:\Program Files\DivX
[26/02/2009|10:22] C:\Program Files\EasyBits For Kids
[03/10/2009|18:36] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[22/05/2009|03:12] C:\Program Files\Hewlett-Packard
[26/02/2009|09:07] C:\Program Files\Hewlett-Packard Company
[26/02/2009|10:33] C:\Program Files\HP
[26/02/2009|10:10] C:\Program Files\HP Games
[15/12/2009|16:20] C:\Program Files\IDT
[22/05/2009|03:17] C:\Program Files\InstallShield Installation Information
[15/12/2009|15:29] C:\Program Files\Internet Explorer
[26/02/2009|10:25] C:\Program Files\Java
[22/05/2009|02:15] C:\Program Files\JMicron
[13/12/2009|23:56] C:\Program Files\LimeWire
[13/11/2009|17:25] C:\Program Files\Live-Player
[13/12/2009|20:23] C:\Program Files\Messenger Plus! Live
[22/10/2009|17:26] C:\Program Files\Microsoft
[02/11/2006|13:37] C:\Program Files\Microsoft Games
[26/02/2009|10:07] C:\Program Files\Microsoft Office
[05/10/2009|18:07] C:\Program Files\Microsoft Silverlight
[03/10/2009|19:12] C:\Program Files\Microsoft SQL Server Compact Edition
[10/11/2009|23:27] C:\Program Files\Microsoft Works
[26/02/2009|10:07] C:\Program Files\Microsoft.NET
[10/11/2009|23:27] C:\Program Files\Movie Maker
[02/11/2006|13:37] C:\Program Files\MSBuild
[05/10/2009|13:48] C:\Program Files\MSXML 4.0
[22/05/2009|03:18] C:\Program Files\muvee Technologies
[26/02/2009|09:09] C:\Program Files\Norton Internet Security
[12/11/2009|21:06] C:\Program Files\Norton Support
[26/02/2009|09:09] C:\Program Files\NortonInstaller
[03/10/2009|18:39] C:\Program Files\Online Services
[22/05/2009|02:16] C:\Program Files\Realtek
[02/11/2006|13:37] C:\Program Files\Reference Assemblies
[03/12/2009|22:35] C:\Program Files\Skype
[12/11/2009|20:40] C:\Program Files\SMINST
[06/10/2009|19:29] C:\Program Files\Symantec
[22/05/2009|02:13] C:\Program Files\Synaptics
[17/12/2009|00:12] C:\Program Files\trend micro
[02/11/2006|14:01] C:\Program Files\Uninstall Information
[10/11/2009|23:27] C:\Program Files\Windows Calendar
[10/11/2009|23:27] C:\Program Files\Windows Collaboration
[10/11/2009|23:27] C:\Program Files\Windows Defender
[10/11/2009|23:27] C:\Program Files\Windows Journal
[03/10/2009|19:13] C:\Program Files\Windows Live
[03/10/2009|19:09] C:\Program Files\Windows Live SkyDrive
[15/12/2009|15:29] C:\Program Files\Windows Mail
[10/11/2009|23:27] C:\Program Files\Windows Media Player
[03/10/2009|18:36] C:\Program Files\Windows NT
[10/11/2009|23:27] C:\Program Files\Windows Photo Gallery
[18/11/2009|20:26] C:\Program Files\Windows Portable Devices
[10/11/2009|23:27] C:\Program Files\Windows Sidebar

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[10/11/2009|23:28] C:\Program Files\Common Files\Adobe
[26/02/2009|10:07] C:\Program Files\Common Files\DESIGNER
[09/10/2009|15:52] C:\Program Files\Common Files\DivX Shared
[26/02/2009|09:07] C:\Program Files\Common Files\InstallShield
[22/05/2009|02:50] C:\Program Files\Common Files\LightScribe
[22/10/2009|17:28] C:\Program Files\Common Files\microsoft shared
[22/05/2009|03:18] C:\Program Files\Common Files\muvee Technologies
[09/10/2009|15:52] C:\Program Files\Common Files\PX Storage Engine
[05/10/2009|20:59] C:\Program Files\Common Files\Sandlot Shared
[02/11/2006|12:18] C:\Program Files\Common Files\Services
[03/12/2009|22:35] C:\Program Files\Common Files\Skype
[02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
[03/10/2009|21:40] C:\Program Files\Common Files\Symantec Shared
[10/11/2009|23:27] C:\Program Files\Common Files\System
[03/10/2009|18:52] C:\Program Files\Common Files\Windows Live

--------------------\\ Process

( 92 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-17 19:34:59
Windows 6.0.6002 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
C:\Users\jess\AppData\Local\Temp\etilqs_w1zyZzlHUlgjOhF9Ktnd
scan completed successfully
hidden processes: 0
hidden files: 1

--------------------\\ Recherche d'autres infections

C:\Program Files\Live-Player
C:\Program Files\Live-Player\data
C:\Program Files\Live-Player\img
C:\Program Files\Live-Player\live-player.log
C:\Program Files\Live-Player\SkinCrafterDll.dll
C:\Program Files\Live-Player\skins
C:\Program Files\Live-Player\sqlite3.dll
C:\Program Files\Live-Player\uninst.exe
C:\Users\jess\AppData\Roaming\live-player
C:\Users\jess\AppData\Roaming\live-player\liveplayer.s3db
C:\Users\jess\AppData\Roaming\live-player\flv.swf
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player\Conditions g‚n‚rales.url
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player\Confidentialit‚.url
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player\D‚sinstaller.lnk
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player\Live-Player.lnk
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player\Website.url
[b]==> EGDACCESS <==/b

[F:307][D:34]-> C:\Users\jess\AppData\Local\Temp
[F:325][D:1]-> C:\Users\jess\AppData\Roaming\MICROS~1\Windows\Cookies
[F:560][D:12]-> C:\Users\jess\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:6][D:4]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 17/12/2009|19:29 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 17/12/2009|19:47 - Option : [2]

--------------------\\ Fin du rapport a 19:47:33
[ UAC => 1 ]
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 35
Destrio5 Messages postés 99820 Statut Modérateur 10 305
 
Bien.

---> Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
---> Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
---> Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
---> Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
---> Sélectionne Exécuter un examen rapide.
---> Clique sur Rechercher. L'analyse démarre.

A la fin de l'analyse, un message s'affiche :

L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

---> Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
---> Ferme tes navigateurs.
Si des malwares ont été détectés, clique sur Afficher les résultats.
---> Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
---> MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
0
Réponse 26 / 35
jessi22 Messages postés 16 Statut Membre
 
Version de la base de données: 3381
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18865

17/12/2009 20:39:06
mbam-log-2009-12-17 (20-39-06).txt

Type de recherche: Examen rapide
Eléments examinés: 95851
Temps écoulé: 29 minute(s), 15 second(s)

Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
C:\Users\jess\AppData\Roaming\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe (Rogue.Eorezo) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Live-Player (Malware.Trace) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\softwarehelper (Rogue.Eorezo) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Users\jess\AppData\Roaming\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
0
Réponse 27 / 35
Destrio5 Messages postés 99820 Statut Modérateur 10 305
 
--> Relance MBAM, va dans Quarantaine et supprime tout.

--> Refais un scan RSIT et poste le rapport log.
0
Réponse 28 / 35
jessi22 Messages postés 16 Statut Membre
 
jai supprimé ce qui etais en quarantaine mais je vai ou pour le scan??je trouve pas
0
Réponse 29 / 35
Destrio5 Messages postés 99820 Statut Modérateur 10 305
 
http://images.malwareremoval.com/random/RSIT.exe

Je m'absente.
0
Réponse 30 / 35
Utilisateur anonyme
 
Je suis ce sujet et je ne comprends pas pourquoi tu ne fais pas passer Navilog Willy.
Tu l'as bien vu, j'en suis sûr. Alors je pense que tu as une idée derrière la tête mais laquelle ?
0
Réponse 31 / 35
Destrio5 Messages postés 99820 Statut Modérateur 10 305
 
Car Ad-Remover s'occupe de l'infection Navipromo mais comme l'utilisateur n'arrive pas à faire le scan...
0
Réponse 32 / 35
Utilisateur anonyme
 
Ha ok, merci.
0
Réponse 33 / 35
Destrio5 Messages postés 99820 Statut Modérateur 10 305
 
Je n'arrive pas à te retrouver un rapport pour te montrer.

A l'occasion, utilise Ad-Remover sur du Navipromo et tu verras ;)
0
Utilisateur anonyme
 
Ok, je testerai ça.
Je n'étais pas au courant que Cyril avait inclus Navipromo à son soft.

Bonne chasse à vous :-)
0
Réponse 34 / 35
jessi22 Messages postés 16 Statut Membre
 
et moi je fais quoi maintenant???????????????????????!!
0
Réponse 35 / 35
Destrio5 Messages postés 99820 Statut Modérateur 10 305
 
Regarde les messages 27 et 29 ;)
0