Tt mes fichiers se doubles ou triples. G 1 message "PCMAIN.EXE" rtl20.pbl

Matériel informatique
21

Salut Cricri58 et merci pour ton aide…
Je te fais confiance parce que je ne sais absolument pas ce que je fais sur mon PC…

Enfin voici le rapport USB FIX après “suppression” :

############################## | UsbFix V6.036 |

User : Anne (Administrateurs) # PC-DE-ANNE
Update on 21/09/2009 by Chiquitine29, C_XX & Chimay8
Start at: 22:51:57 | 24/09/2009
Website : pagesperso-orange.fr…

Genuine Intel® CPU 2140 @ 1.60GHz
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
Internet Explorer 8.0.6001.18813
Windows Firewall Status : Enabled

C:\ -> Disque fixe local # 101,8 Go (11,62 Go free) [ACER] # NTFS
D:\ -> Disque fixe local # 144,03 Go (21,37 Go free) [DATA] # NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque fixe local # 931,51 Go (550,2 Go free) [Iomega_HDD] # NTFS
K:\ -> Disque amovible # 3,83 Go (1,03 Go free) [ANNE 8G] # FAT32

############################## | Processus actifs |

C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\LogonUI.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\beidservicecrl.exe
C:\Windows\system32\beidservicepcsc.exe
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Windows\system32\msiexec.exe
C:\Windows\system32\svchost.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\userinit.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\runonce.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe

################## | Fichiers # Dossiers infectieux |

Supprimé ! D:\install.exe
Supprimé ! K:\start.exe

################## | Registre # Clés Run infectieuses |

################## | Registre # Mountpoints2 |

Supprimé ! HKCU…\Explorer\MountPoints2{b016417f-b2f9-11dd-b5a8-001d9209e0c0}\Shell\AutoRun\Command

################## | Listing des fichiers présent |

[24/04/2007 14:54|–a------|3379] C:-20070424.log
[10/09/2008 11:03|–a------|3913] C:-20080910.log
[26/03/2009 19:59|–a------|103424] C:\1036 (2).MST
[26/03/2009 19:59|–a------|103424] C:\1036.MST
[11/04/2009 08:36|-rahs----|333257] C:\bootmgr
[24/04/2007 22:59|-ra-s----|8192] C:\BOOTSECT.BAK
[23/09/2009 20:45|–a------|1021] C:\cleannavi.txt
[18/09/2006 23:43|–a------|10] C:\config.sys
[07/11/2007 08:00|–a------|17734] C:\eula.1028.txt
[07/11/2007 08:00|–a------|17734] C:\eula.1031.txt
[07/11/2007 08:00|–a------|10134] C:\eula.1033.txt
[07/11/2007 08:00|–a------|17734] C:\eula.1036.txt
[07/11/2007 08:00|–a------|17734] C:\eula.1040.txt
[07/11/2007 08:00|–a------|118] C:\eula.1041.txt
[07/11/2007 08:00|–a------|17734] C:\eula.1042.txt
[07/11/2007 08:00|–a------|17734] C:\eula.2052.txt
[07/11/2007 08:00|–a------|17734] C:\eula.3082.txt
[07/11/2007 08:00|–a------|1110] C:\globdata.ini
[?|?|?] C:\hiberfil.sys
[07/11/2007 08:00|–a------|843] C:\install.ini
[07/11/2007 08:03|–a------|76304] C:\install.res.1028.dll
[07/11/2007 08:03|–a------|96272] C:\install.res.1031.dll
[07/11/2007 08:03|–a------|91152] C:\install.res.1033.dll
[07/11/2007 08:03|–a------|97296] C:\install.res.1036.dll
[07/11/2007 08:03|–a------|95248] C:\install.res.1040.dll
[07/11/2007 08:03|–a------|81424] C:\install.res.1041.dll
[07/11/2007 08:03|–a------|79888] C:\install.res.1042.dll
[07/11/2007 08:03|–a------|75792] C:\install.res.2052.dll
[07/11/2007 08:03|–a------|96272] C:\install.res.3082.dll
[12/09/2008 21:52|-rahs----|0] C:\IO.SYS
[29/11/2006 17:35|–a------|512] C:\MDR.iss
[12/09/2008 21:52|-rahs----|0] C:\MSDOS.SYS
[?|?|?] C:\pagefile.sys
[24/04/2007 14:49|–a------|420] C:\RHDSetup.log
[24/04/2007 15:07|–a------|178] C:\setup.log
[23/09/2009 20:14|–a------|2400] C:\TB.txt
[24/09/2009 22:56|–a------|5847] C:\UsbFix.txt
[07/11/2007 08:00|–a------|5686] C:\vcredist.bmp
[07/11/2007 08:09|–a------|1442522] C:\VC_RED.cab
[07/11/2007 08:12|–a------|232960] C:\VC_RED.MSI
[07/11/2007 08:00|–a--c—|17734] D:\eula.1028.txt
[07/11/2007 08:00|–a--c—|17734] D:\eula.1031.txt
[07/11/2007 08:00|–a--c—|10134] D:\eula.1033.txt
[07/11/2007 08:00|–a--c—|17734] D:\eula.1036.txt
[07/11/2007 08:00|–a--c—|17734] D:\eula.1040.txt
[07/11/2007 08:00|–a--c—|118] D:\eula.1041.txt
[07/11/2007 08:00|–a--c—|17734] D:\eula.1042.txt
[07/11/2007 08:00|–a--c—|17734] D:\eula.2052.txt
[07/11/2007 08:00|–a--c—|17734] D:\eula.3082.txt
[07/11/2007 08:00|–a--c—|1110] D:\globdata.ini
[07/11/2007 08:00|–a--c—|843] D:\install.ini
[07/11/2007 08:03|–a--c—|76304] D:\install.res.1028.dll
[07/11/2007 08:03|–a--c—|96272] D:\install.res.1031.dll
[07/11/2007 08:03|–a--c—|91152] D:\install.res.1033.dll
[07/11/2007 08:03|–a--c—|97296] D:\install.res.1036.dll
[07/11/2007 08:03|–a--c—|95248] D:\install.res.1040.dll
[07/11/2007 08:03|–a--c—|81424] D:\install.res.1041.dll
[07/11/2007 08:03|–a--c—|79888] D:\install.res.1042.dll
[07/11/2007 08:03|–a--c—|75792] D:\install.res.2052.dll
[07/11/2007 08:03|–a--c—|96272] D:\install.res.3082.dll
[02/07/2008 23:07|-ra–c—|528] D:\MediaID.bin
[18/07/2008 08:36|–a--c—|5795543300] D:\Untitled_080718_081655(1).NBF
[18/07/2008 08:19|–a--c—|129357267] D:\Untitled_080718_081655.NBF
[07/11/2007 08:00|–a--c—|5686] D:\vcredist.bmp
[07/11/2007 08:12|–a--c—|232960] D:\VC_RED.MSI
[04/07/2009 22:39|-ra------|528] J:\MediaID.bin
[05/09/2008 21:01|–a------|32] K:\ttdesk.ver
[05/04/2008 19:49|–a------|296] K:\WMPInfo.xml
[16/03/2009 17:39|-ra------|1536] K:\userkey.psw
[05/09/2008 21:07|–a------|59] K:\ttnavigator.bif
[20/06/2008 01:11|–ahs----|568832] K:\ehthumbs_vista.db
[05/09/2008 21:07|–a------|93] K:\install.bif
[27/04/2009 16:33|-ra------|528] K:\MediaID.bin
[30/05/2009 10:04|–a------|4330] K:\ROLEX-SUBMARINER-16610-2008-Z-SERIAL-01_small[1].jpg
[15/09/2009 14:42|–ah-----|82354176] K:.HPIMAGE.VFS
[09/03/2009 09:43|–a------|305586] K:\Welcome Presentation.pptx
[14/09/2009 19:17|–a------|429607] K:\Bilan Tanah 2008 (12).pdf
[29/02/2008 14:00|–a------|1486248] K:\PortableVault.exe

################## | Vaccination |

C:\autorun.inf -> Folder created by UsbFix.

D:\autorun.inf -> Folder created by UsbFix.

J:\autorun.inf -> Folder created by UsbFix.

K:\autorun.inf -> Folder created by UsbFix.

22

Merci cricri58 pour ton aide;… je me fie à ton instinct parce que je ne sais pas ce que je fais…
Soit voici le Rapport USBFIX _ SUPPRESSION :

############################## | UsbFix V6.036 |

User : Anne (Administrateurs) # PC-DE-ANNE
Update on 21/09/2009 by Chiquitine29, C_XX & Chimay8
Start at: 22:51:57 | 24/09/2009
Website : pagesperso-orange.fr…

Genuine Intel® CPU 2140 @ 1.60GHz
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
Internet Explorer 8.0.6001.18813
Windows Firewall Status : Enabled

C:\ -> Disque fixe local # 101,8 Go (11,62 Go free) [ACER] # NTFS
D:\ -> Disque fixe local # 144,03 Go (21,37 Go free) [DATA] # NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque fixe local # 931,51 Go (550,2 Go free) [Iomega_HDD] # NTFS
K:\ -> Disque amovible # 3,83 Go (1,03 Go free) [ANNE 8G] # FAT32

############################## | Processus actifs |

C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\LogonUI.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\beidservicecrl.exe
C:\Windows\system32\beidservicepcsc.exe
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Windows\system32\msiexec.exe
C:\Windows\system32\svchost.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\userinit.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\runonce.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe

################## | Fichiers # Dossiers infectieux |

Supprimé ! D:\install.exe
Supprimé ! K:\start.exe

################## | Registre # Clés Run infectieuses |

################## | Registre # Mountpoints2 |

Supprimé ! HKCU…\Explorer\MountPoints2{b016417f-b2f9-11dd-b5a8-001d9209e0c0}\Shell\AutoRun\Command

################## | Listing des fichiers présent |

[24/04/2007 14:54|–a------|3379] C:-20070424.log
[10/09/2008 11:03|–a------|3913] C:-20080910.log
[26/03/2009 19:59|–a------|103424] C:\1036 (2).MST
[26/03/2009 19:59|–a------|103424] C:\1036.MST
[11/04/2009 08:36|-rahs----|333257] C:\bootmgr
[24/04/2007 22:59|-ra-s----|8192] C:\BOOTSECT.BAK
[23/09/2009 20:45|–a------|1021] C:\cleannavi.txt
[18/09/2006 23:43|–a------|10] C:\config.sys
[07/11/2007 08:00|–a------|17734] C:\eula.1028.txt
[07/11/2007 08:00|–a------|17734] C:\eula.1031.txt
[07/11/2007 08:00|–a------|10134] C:\eula.1033.txt
[07/11/2007 08:00|–a------|17734] C:\eula.1036.txt
[07/11/2007 08:00|–a------|17734] C:\eula.1040.txt
[07/11/2007 08:00|–a------|118] C:\eula.1041.txt
[07/11/2007 08:00|–a------|17734] C:\eula.1042.txt
[07/11/2007 08:00|–a------|17734] C:\eula.2052.txt
[07/11/2007 08:00|–a------|17734] C:\eula.3082.txt
[07/11/2007 08:00|–a------|1110] C:\globdata.ini
[?|?|?] C:\hiberfil.sys
[07/11/2007 08:00|–a------|843] C:\install.ini
[07/11/2007 08:03|–a------|76304] C:\install.res.1028.dll
[07/11/2007 08:03|–a------|96272] C:\install.res.1031.dll
[07/11/2007 08:03|–a------|91152] C:\install.res.1033.dll
[07/11/2007 08:03|–a------|97296] C:\install.res.1036.dll
[07/11/2007 08:03|–a------|95248] C:\install.res.1040.dll
[07/11/2007 08:03|–a------|81424] C:\install.res.1041.dll
[07/11/2007 08:03|–a------|79888] C:\install.res.1042.dll
[07/11/2007 08:03|–a------|75792] C:\install.res.2052.dll
[07/11/2007 08:03|–a------|96272] C:\install.res.3082.dll
[12/09/2008 21:52|-rahs----|0] C:\IO.SYS
[29/11/2006 17:35|–a------|512] C:\MDR.iss
[12/09/2008 21:52|-rahs----|0] C:\MSDOS.SYS
[?|?|?] C:\pagefile.sys
[24/04/2007 14:49|–a------|420] C:\RHDSetup.log
[24/04/2007 15:07|–a------|178] C:\setup.log
[23/09/2009 20:14|–a------|2400] C:\TB.txt
[24/09/2009 22:56|–a------|5847] C:\UsbFix.txt
[07/11/2007 08:00|–a------|5686] C:\vcredist.bmp
[07/11/2007 08:09|–a------|1442522] C:\VC_RED.cab
[07/11/2007 08:12|–a------|232960] C:\VC_RED.MSI
[07/11/2007 08:00|–a--c—|17734] D:\eula.1028.txt
[07/11/2007 08:00|–a--c—|17734] D:\eula.1031.txt
[07/11/2007 08:00|–a--c—|10134] D:\eula.1033.txt
[07/11/2007 08:00|–a--c—|17734] D:\eula.1036.txt
[07/11/2007 08:00|–a--c—|17734] D:\eula.1040.txt
[07/11/2007 08:00|–a--c—|118] D:\eula.1041.txt
[07/11/2007 08:00|–a--c—|17734] D:\eula.1042.txt
[07/11/2007 08:00|–a--c—|17734] D:\eula.2052.txt
[07/11/2007 08:00|–a--c—|17734] D:\eula.3082.txt
[07/11/2007 08:00|–a--c—|1110] D:\globdata.ini
[07/11/2007 08:00|–a--c—|843] D:\install.ini
[07/11/2007 08:03|–a--c—|76304] D:\install.res.1028.dll
[07/11/2007 08:03|–a--c—|96272] D:\install.res.1031.dll
[07/11/2007 08:03|–a--c—|91152] D:\install.res.1033.dll
[07/11/2007 08:03|–a--c—|97296] D:\install.res.1036.dll
[07/11/2007 08:03|–a--c—|95248] D:\install.res.1040.dll
[07/11/2007 08:03|–a--c—|81424] D:\install.res.1041.dll
[07/11/2007 08:03|–a--c—|79888] D:\install.res.1042.dll
[07/11/2007 08:03|–a--c—|75792] D:\install.res.2052.dll
[07/11/2007 08:03|–a--c—|96272] D:\install.res.3082.dll
[02/07/2008 23:07|-ra–c—|528] D:\MediaID.bin
[18/07/2008 08:36|–a--c—|5795543300] D:\Untitled_080718_081655(1).NBF
[18/07/2008 08:19|–a--c—|129357267] D:\Untitled_080718_081655.NBF
[07/11/2007 08:00|–a--c—|5686] D:\vcredist.bmp
[07/11/2007 08:12|–a--c—|232960] D:\VC_RED.MSI
[04/07/2009 22:39|-ra------|528] J:\MediaID.bin
[05/09/2008 21:01|–a------|32] K:\ttdesk.ver
[05/04/2008 19:49|–a------|296] K:\WMPInfo.xml
[16/03/2009 17:39|-ra------|1536] K:\userkey.psw
[05/09/2008 21:07|–a------|59] K:\ttnavigator.bif
[20/06/2008 01:11|–ahs----|568832] K:\ehthumbs_vista.db
[05/09/2008 21:07|–a------|93] K:\install.bif
[27/04/2009 16:33|-ra------|528] K:\MediaID.bin
[30/05/2009 10:04|–a------|4330] K:\ROLEX-SUBMARINER-16610-2008-Z-SERIAL-01_small[1].jpg
[15/09/2009 14:42|–ah-----|82354176] K:.HPIMAGE.VFS
[09/03/2009 09:43|–a------|305586] K:\Welcome Presentation.pptx
[14/09/2009 19:17|–a------|429607] K:\Bilan Tanah 2008 (12).pdf
[29/02/2008 14:00|–a------|1486248] K:\PortableVault.exe

################## | Vaccination |

C:\autorun.inf -> Folder created by UsbFix.

D:\autorun.inf -> Folder created by UsbFix.

J:\autorun.inf -> Folder created by UsbFix.

K:\autorun.inf -> Folder created by UsbFix.

Par contre j’ai fait le RAV ANTIVIRUS et il ne s’arrete jamais et dis que mon PC est sain…
j’ai donc quitté et redemarré

Par contre je ne trouve pas “Search Settings”… donc je m’arrete la pour le moment et attend la suite…

Merci
Trombonneh

23

Salut

Je t avais marqué pour “Contrôle” il te dit que ton PC et sain ok !!

  1. as tu fais ceci marqué en bas de la page 1 sinon fais

Désactives ton antivirus

Télécharge OTMoveIt3 (de Old_Timer) sur le bureau :

==>OTMoveIt3 (de Old_Timer)

Double-clique sur OTMoveIt3.exe sur le bureau

—> sous VISTA: clic droit: exécuter en temps qu’administrateur.

  • Assure toi que la case Unregister Dll’s and Ocx’s soit bien cochée

  • Copie le texte qui se trouve en citation et colle le dans le cadre de gauche de OTMoveIt nommé Paste Instructions for Items to be Moved

  • Clique sur MoveIt! pour lancer la suppression.
  • Ferme OTMoveIt3

Ton PC va redémarrer pour finir la suppression, si il ne le fais pas lui-même, redémarre le.

Poste le rapport de OTMoveIt qui se trouve dans C:_OTMoveIt\MovedFiles.

@+ cricri58

24

Merci voici le rapport OTMovelt3

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{b016417f-b2f9-11dd-b5a8-001d9209e0c0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{B922D405-6D13-4A2B-AE89-08A030DA4402}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{E312764E-7706-43F1-8DAB-FCDD2B1E416D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar{B922D405-6D13-4A2B-AE89-08A030DA4402}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\SearchSettings not found.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{b016417f-b2f9-11dd-b5a8-001d9209e0c0}\ not found.
========== FILES ==========
File/Folder C:\Program Files\Search Settings not found.
File/Folder C:\Program Files\pdfforge Toolbar not found.
File/Folder C:\Documents and Settings\UserAnne\Application Data\Search Settings not found.
File/Folder C:\Documents and Settings\UserAnne\Application Data\pdfforge not found.
========== COMMANDS ==========
File delete failed. C:\Users\Anne\AppData\Local\Temp\OLC\trombonneh_hotmail_com.txt scheduled to be deleted on reboot.
File delete failed. C:\Users\Anne\AppData\Local\Temp\etilqs_EcHpL0JGQHBodfWXh4kl scheduled to be deleted on reboot.
File delete failed. C:\Users\Anne\AppData\Local\Temp\etilqs_gFr2uRkhXhideTo6gKyK scheduled to be deleted on reboot.
File delete failed. C:\Users\Anne\AppData\Local\Temp\etilqs_NyLfb157egL3SZt5TX1K scheduled to be deleted on reboot.
User’s Temp folder emptied.
User’s Temporary Internet Files folder emptied.
User’s Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\Windows\temp\logishrd\LVPrcInj01.dll scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\CLDigitalHome\CLMSServer.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\CLDigitalHome\CLMS_AGENT_LOG1.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\CLDigitalHome\PCMMediaServer.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\MpCmdRun.log scheduled to be deleted on reboot.
Windows Temp folder emptied.
File delete failed. C:\Users\Anne\AppData\Local\Mozilla\Firefox\Profiles\o00wkxgs.default\OfflineCache\index.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Users\Anne\AppData\Local\Mozilla\Firefox\Profiles\o00wkxgs.default\Cache_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Users\Anne\AppData\Local\Mozilla\Firefox\Profiles\o00wkxgs.default\Cache_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Users\Anne\AppData\Local\Mozilla\Firefox\Profiles\o00wkxgs.default\Cache_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Users\Anne\AppData\Local\Mozilla\Firefox\Profiles\o00wkxgs.default\Cache_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Users\Anne\AppData\Local\Mozilla\Firefox\Profiles\o00wkxgs.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Users\Anne\AppData\Local\Mozilla\Firefox\Profiles\o00wkxgs.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.7.2 log created on 09252009_131038

Merci
Trombonneh

25

Salut Trombonneh

Fais ceci

Désactive ton Antivirus avant l analyse et fermes toutes tes autres applications ouvertes

rends toi ici ==>ESET Online Scanner

==>[ESET]www.eset-nod32.fr…[/url] Online Scanner]( [url=http://www.eset-nod32.fr/scanner.html)

Uniquement avec " Explorer" et pas un autre Navigateur

Dans le bas de la page tu cliques ==> sur Scanner en ligne

Dans la nouvelle page, coche la case devant OUI,

j’accepte les termes du contrat de licence et clique sur Start pour débuter.

Dans la nouvelle page ==> assez longue a charger

tu auras une alerte pour la barre d’information, clique sur Fermer.

Maintenant fais un clic droit dans la barre d’information en jaune dans le haut de la page,

et clique sur Installer le contrôle ActiveX

Une boite d’information va s’ouvrir, clique sur Installer

Dans la fenêtre

coches

Supprimer les menaces detectées
et
Analyser les archives

en bas dela page à droite cliques sur Démarrer

le téléchargement de la base des signatures de virus va commencer.

Après le scan de ton PC va démarrer, patiente le temps du scan.

Une fois le scan fini, Coches la case ==> Désinstaller l application à la Fermeture puis ==>cliques sur Terminer et ferme la page.

Ouvrir l’explorateur Windows et retrouver le rapport qui est dans ce répertoire :

C:\Program Files\ESET\ESET Online Scanner\log.txt

Copie/colle le contenue de ce rapport log.txt

  1. fais ==>Désactiver/Réactiver la restauration système de Vista pour éliminer les M@rdes

==>Désactiver/Réactiver la restauration système de Vista

  1. ensuite ==> Regarde le paragraphe bas de page ==>créer un point de restauration manuellement

==>Créer un point de restauration

  1. Passe un coup de Glary Utilities

  2. Poste un Log Hijackthis

@+ cricri58

26

Bjr cricri58.
Voici le dernier rapport Hijackthis…

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:55:08, on 23/09/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\mobsync.exe
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Program Files\On Demand Distribution\OD2 Music Manager\OD2MediaBar_VistaFileManager.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\CardDetector\ICON225\CardDetector.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Plaxo\3.7.1.2\PlaxoHelper_fr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\ProgramData\U3\U3Launcher\LaunchU3.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\conime.exe
D:\Programmes téléchargés\RSTI\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Anne.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.be…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = fr.fr.acer.yahoo.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = fr.fr.acer.yahoo.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d’aide de l’Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM…\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM…\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM…\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM…\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM…\Run: [MediaBarFileManager] C:\Program Files\On Demand Distribution\OD2 Music Manager\OD2MediaBar_VistaFileManager.exe
O4 - HKLM…\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdcBase.exe
O4 - HKLM…\Run: [SearchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe
O4 - HKLM…\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe /hide
O4 - HKLM…\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM…\Run: [CardDetectorICON225] C:\Program Files\CardDetector\ICON225\CardDetector.exe
O4 - HKLM…\Run: [iTunesHelper] “C:\Program Files\iTunes\iTunesHelper.exe”
O4 - HKLM…\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM…\Run: [SunJavaUpdateSched] “C:\Program Files\Java\jre6\bin\jusched.exe”
O4 - HKLM…\Run: [Malwarebytes Anti-Malware (reboot)] “C:\Program Files\Malwarebytes’ Anti-Malware\mbam.exe” /runcleanupscript
O4 - HKCU…\Run: [EPSON Stylus DX4400 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU C:\Windows\TEMP\E_S4C2C.tmp /EF HKCU
O4 - HKCU…\Run: [PlaxoUpdate] C:\Program Files\Plaxo\3.7.1.2\PlaxoHelper_fr.exe -a
O4 - HKCU…\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU…\Run: [Google Update] C:\Users\Anne\AppData\Local\Google\Update\GoogleUpdate.exe /c
O4 - HKCU…\Run: [msnmsgr] “C:\Program Files\Windows Live\Messenger\msnmsgr.exe” /background
O4 - HKCU…\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19…\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-19…\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-20…\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘SERVICE RÉSEAU’)
O4 - HKUS\S-1-5-18…\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background (User ‘Default user’)
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: LaunchU3.exe.lnk = ?
O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra ‘Tools’ menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra ‘Tools’ menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - upload.facebook.com…
O16 - DPF: {3B40FB63-B17C-4DB1-8412-975B143FC02E} (Hash Class) - connect.e-signing.be…
O16 - DPF: {3DB148C9-F5C6-4922-9DBD-FC9DDDAE75C3} (SignXML.MyCertipost) - postbox.be…
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - www.bitdefender.fr…
O16 - DPF: {C260BE74-C3C2-468C-97C5-F59F4202127B} (Attachment.UC) - postbox.be…
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eID CRL Service - Zetes - C:\Windows\system32\beidservicecrl.exe
O23 - Service: eID Privacy Service - Zetes - C:\Windows\system32\beidservicepcsc.exe
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe


End of file - 11663 bytes

Merci
Trombonneh

27

Salut

Ton Log est un ancien Log Hijackthis ==>Scan saved at 16:55:08, on 23/09/2009

avec les infections supprimées

Supprimes tes anciens Log Hijackthis

refais un nouveau Log Hijackthis

@+ cricri58

[b]C etait celui en page 1 [/b] que tu m as envoyé :)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:55:08, on 23/09/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Donc efface tous les logs en ta possession et poste un nouveau Hijackthis

28

Cher cricri58,

Voici le dernier log de Hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:34:44, on 29/09/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Program Files\On Demand Distribution\OD2 Music Manager\OD2MediaBar_VistaFileManager.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\CardDetector\ICON225\CardDetector.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Plaxo\3.7.1.2\PlaxoHelper_fr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\ProgramData\U3\U3Launcher\LaunchU3.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\conime.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Windows\Explorer.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
D:\Programmes téléchargés\Hijackthis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = fr.fr.acer.yahoo.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = fr.msn.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O1 - Hosts: ::1 localhost
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d’aide de l’Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM…\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM…\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM…\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM…\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM…\Run: [MediaBarFileManager] C:\Program Files\On Demand Distribution\OD2 Music Manager\OD2MediaBar_VistaFileManager.exe
O4 - HKLM…\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdcBase.exe
O4 - HKLM…\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe /hide
O4 - HKLM…\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM…\Run: [CardDetectorICON225] C:\Program Files\CardDetector\ICON225\CardDetector.exe
O4 - HKLM…\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM…\Run: [SunJavaUpdateSched] “C:\Program Files\Java\jre6\bin\jusched.exe”
O4 - HKLM…\Run: [Malwarebytes Anti-Malware (reboot)] “C:\Program Files\Malwarebytes’ Anti-Malware\mbam.exe” /runcleanupscript
O4 - HKLM…\Run: [iTunesHelper] “C:\Program Files\iTunes\iTunesHelper.exe”
O4 - HKCU…\Run: [EPSON Stylus DX4400 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU C:\Windows\TEMP\E_S4C2C.tmp /EF HKCU
O4 - HKCU…\Run: [PlaxoUpdate] C:\Program Files\Plaxo\3.7.1.2\PlaxoHelper_fr.exe -a
O4 - HKCU…\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU…\Run: [Google Update] C:\Users\Anne\AppData\Local\Google\Update\GoogleUpdate.exe /c
O4 - HKCU…\Run: [msnmsgr] “C:\Program Files\Windows Live\Messenger\msnmsgr.exe” /background
O4 - HKCU…\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18…\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background (User ‘Default user’)
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: LaunchU3.exe.lnk = ?
O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra ‘Tools’ menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra ‘Tools’ menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - www.eset.eu…
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - download.eset.com…
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eID CRL Service - Zetes - C:\Windows\system32\beidservicecrl.exe
O23 - Service: eID Privacy Service - Zetes - C:\Windows\system32\beidservicepcsc.exe
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe


End of file - 10671 bytes

Merci
Trombonneh

29

Salut
tu as reussi

Denier régalages

  1. tu vas dans " ajouter et supprimer des programmes" et tu Desinstalles ==>Bonjour
    ensuite

OK en quelques lignes a fixer et c est bon

Lances Hijackthis

SOUS VISTA: Clic droit sur Hijackthis/exécuter en tant qu’administrateur!

Cliques sur ==> Do a System Scan Only

coches ces Lignes

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O3 - Toolbar: (no name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file)
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: LaunchU3.exe.lnk = ?
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra ‘Tools’ menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - www.eset.eu…
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - download.eset.com
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

Fermes tes autres applications sauf ==> hijackthis ( bien sûr )

et Cliques sur ==> Fix Checked

  1. telecharges Starter ==>bon Utilitaire

==>Starter

et désactives les applications inutiles au démarrage autre que applications windows,tes protections et pilotes

  1. Télécharges ToolsCleaner! de A.Rothstein pour enlever les programmes utilisés pendant la procédure.

==>ToolsCleaner! de A.Rothstein

==> Enregistres ToolsCleaner2.exe sur le Bureau.
Sous Vista,Clic-droit > Exécuter en tant qu’ Administrateur
==> Double-cliquer dessus, puis cliquer sur Recherche --> Le programme va chercher les utilitaires installés
------> Il se peut que la fenêtre devienne blanche pendant le scan, c’est normal !
==> Copier-coller le contenu du rapport qui apparait dans la fenêtre blanche.

Lorsque la recherche est terminée ToolsCleaner affiche une liste des différents outils trouvés, cliquez sur “Suppression” afin de les supprimer.
et ensuite cliques==>vidage Corbeille
Fermes le programme en cliquant sur "Quitter ".

Postes le rapport qui se trouve ici >>> C:\TCleaner.txt
et pour Terminer supprimes ToolsCleaner

aprés

  1. Pour finir le nettoyage :

:tu vas dans program files ==> dossier trend Micro

Voila sur ce pour moi c est bon et terminé ,content d avoir pu t aider :jap:

cricri58 :hello:

30

Topic qui concerne plutôt la section logiciel, je déplace. :jap:

31

Cher Cricri58,

Je ne peux enlever le programme “Bonjour” parce qu’il est associé à I Tunes et sans ce programme je ne peux connecter mon I Phone pur la coordination entre Outlook et I Tunes etc… donc c’est le seul que je n’ai pas supprimé.

Voici le rapport de Tools Cleaner :

[ Rapport ToolsCleaner version 2.3.10 (par A.Rothstein & dj QUIOU) ]

–> Recherche:

C:\cleannavi.txt: trouvé !
C:\TB.txt: trouvé !
C:\UsbFix.txt: trouvé !
C:\SDFIX: trouvé !
C:\Toolbar SD: trouvé !
C:\UsbFix: trouvé !
C:\Rsit: trouvé !
C:\Program Files\Navilog1: trouvé !
C:\Program Files\Ad-remover: trouvé !
C:\Program Files\Navilog1\Navilog1.bat: trouvé !
C:\Program Files\Navilog1\catchme.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !
C:\Users\Anne\AppData\Local\VirtualStore\Program Files\Trend Micro\HijackThis: trouvé !
C:\Users\Anne\AppData\Local\VirtualStore\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !
C:\Users\Anne\AppData\Roaming\Microsoft\Windows\Recent\HijackThis.lnk: trouvé !
C:\Users\Anne\AppData\Roaming\Microsoft\Windows\Recent\UsbFix.lnk: trouvé !

Merci de ton aide. J’espère en effet que mes problèmes sont maintenants résolus…
En tout cas tu as l’air d’être un as de l’informatique… je te garde dans mes contacts…
Merci pour ton temps qui doit etre précieux !!
Cordialement
Trombonneh…

32

Relances ToolsCleaner ==> Recherche==> Supppression puis Vidage Corbeille

Te dis à un de ces jours et Bon surf :super:

Au plaisir :jap:

Tu mets ton Topic en " Resolu " si tu en as fini

cricri58 :hello:

33

Derniere question… comment je marque que c résolu ?
Merci.
Trombonneh:/

34

Tu clic sur les résolu+1 en haut à droite des message de Cricri58