norton antivirus bloqué et réseau inaccessible
Hors ligneJose_mano86 Le 16/11/2008 à 18:24 Profil de Jose_mano86 Configuration de Jose_mano86

Bonjour,

J'ai un portable acer avec une connexion wifi se faisant à l'aide d'un routeur lynksis. Tout fonctionnait très bien depuis 2 mois (date de l'achat) et maintenant en allumant mon portable, Norton antivirus m'indique que la protection contre les courriers électroniques envoyés et reçus n'est pas activée et lorsque j'essaie d'activer celle-ci un message d'erreur apparait en m'indiquant: "Le proxy de messagerie symantec ne peut pas analyser vos messages parce que votre réseau n'est pas correctement configuré" 1003,13. Le portable tourne bien mais je n'ai plus accès à internet.

Lors de l'ouverture de windows cet autre message d'erreur apparait:"Echec de connexion à un service windows, windows n'a pas pu se connecter au service de notification d'évènements système, ceci empêche les utilisateurs avec restrictions de se connecter. En tant qu'administrateur vous pouvez ouvrir le journal d'évènements système".

Le routeur fonctionne correctement car le portable de mon frère n'a aucun problème lors de la détection de réseau.

J'ai essayé d'effectuer une restauration mais lors de celle-ci ce message apparait: "la restauration du système n'a pas pu se terminer, une erreur non spécifiée s'est produite durant la restauration du système".

Après les analyses de norton antivirus et de spybot, aucun virus n'est détecté.
Que dois-je faire?

Merci d'avance pour vos conseils
Hors ligneMister_masque Le 16/11/2008 à 18:45 Profil de Mister_masque Configuration de Mister_masque

Salut,

Je te conseillerais plutôt de désinstaller Norton qui pour moi, et loin derrière ses concurrent même avec un efforts dans la dernière version.
Pour ce faire :

Vas dans ajout/suppression de programmes du panneau de configuration.
Dans la liste, cherche tout ce qui peut porter le mot suivant et lance la désinstallation :

CC_ccProxyMSI
CC_ccStart
ccCommon
LiveReg (Symantec Corporation)
LiveUpdate (Symantec Corporation)
Tout ce qui porte le mot Symantec
Tout ce qui porte le mot Norton


Utilise ensuite le removal tools de norton :

Norton Removal Tools

--------------------------------------------------------------------------------------

Pour le remplacer :

Antivir est un antivirus gratuit et performant :
Test: Avast-Antivir8-AVG8


Télécharge Antivir et installe le.
Met le à jours en cliquant sur "Start a update" puis clique sur "Scan system now" pour faire un scan de ta machine.
Si tu reçoit des messages d'alerte, parce que Antivir a trouvé des objets : Clique sur "Move to quarantine".

Quand le scan est fini clique sur Report et envoie moi le rapport.
Reposte un rapport HijackThis (un nouveau).

Bon courage ;)
--
Hors ligneJose_mano86 Le 16/11/2008 à 22:39 Profil de Jose_mano86 Configuration de Jose_mano86

Voici le rapport d'Activir:



Avira AntiVir Personal
Report file date: dimanche 16 novembre 2008  21:37

Scanning for 1369550 virus strains and unwanted programs.

Licensed to:      Avira AntiVir PersonalEdition Classic
Serial number:    0000149996-ADJIE-0001
Platform:         Windows Vista
Windows version:  (Service Pack 1)  [6.0.6001]
Boot mode:        Normally booted
Username:         SYSTEM
Computer name:    PC-DE-MANO

Version information:
BUILD.DAT     : 8.2.0.334      16933 Bytes  16/10/2008 14:55:00
AVSCAN.EXE    : 8.1.4.7       315649 Bytes  26/06/2008 09:57:53
AVSCAN.DLL    : 8.1.4.0        40705 Bytes  26/05/2008 08:56:40
LUKE.DLL      : 8.1.4.5       164097 Bytes  12/06/2008 13:44:19
LUKERES.DLL   : 8.1.4.0        12033 Bytes  26/05/2008 08:58:52
ANTIVIR0.VDF  : 6.40.0.0    11030528 Bytes  18/07/2007 11:33:34
ANTIVIR1.VDF  : 7.0.5.1      8182784 Bytes  24/06/2008 14:54:15
ANTIVIR2.VDF  : 7.0.5.20      142336 Bytes  30/06/2008 06:20:53
ANTIVIR3.VDF  : 7.0.5.23       17408 Bytes  30/06/2008 10:24:47
Engineversion : 8.2.0.4  
AEVDF.DLL     : 8.1.0.6       102772 Bytes  14/10/2008 11:05:56
AESCRIPT.DLL  : 8.1.1.8       319866 Bytes  16/10/2008 12:43:34
AESCN.DLL     : 8.1.1.3       123252 Bytes  14/10/2008 11:05:56
AERDL.DLL     : 8.1.1.2       438644 Bytes  12/09/2008 07:06:02
AEPACK.DLL    : 8.1.2.4       369014 Bytes  14/10/2008 11:05:56
AEOFFICE.DLL  : 8.1.0.28      196987 Bytes  14/10/2008 11:05:56
AEHEUR.DLL    : 8.1.0.59     1438071 Bytes  18/09/2008 10:07:50
AEHELP.DLL    : 8.1.1.2       115062 Bytes  14/10/2008 11:05:56
AEGEN.DLL     : 8.1.0.41      319861 Bytes  14/10/2008 11:05:56
AEEMU.DLL     : 8.1.0.9       393588 Bytes  14/10/2008 11:05:56
AECORE.DLL    : 8.1.2.6       172406 Bytes  14/10/2008 11:05:56
AEBB.DLL      : 8.1.0.3        53618 Bytes  14/10/2008 11:05:56
AVWINLL.DLL   : 1.0.0.12       15105 Bytes   9/07/2008 09:40:05
AVPREF.DLL    : 8.0.2.0        38657 Bytes  16/05/2008 10:28:01
AVREP.DLL     : 7.0.0.1       155688 Bytes  30/06/2008 15:35:20
AVREG.DLL     : 8.0.0.1        33537 Bytes   9/05/2008 12:26:40
AVARKT.DLL    : 1.0.0.23      307457 Bytes  12/02/2008 09:29:23
AVEVTLOG.DLL  : 8.0.0.16      119041 Bytes  12/06/2008 13:27:49
SQLITE3.DLL   : 3.3.17.1      339968 Bytes  22/01/2008 18:28:02
SMTPLIB.DLL   : 1.2.0.23       28929 Bytes  12/06/2008 13:49:40
NETNT.DLL     : 8.0.0.1         7937 Bytes  25/01/2008 13:05:10
RCIMAGE.DLL   : 8.0.0.51     2371841 Bytes  12/06/2008 14:48:07
RCTEXT.DLL    : 8.0.52.0       86273 Bytes  27/06/2008 14:34:37

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: dimanche 16 novembre 2008  21:37

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'SearchFilterHost.exe' - '1' Module(s) have been scanned
Scan process 'SearchProtocolHost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'VSSVC.exe' - '1' Module(s) have been scanned
Scan process 'WMIADAP.exe' - '1' Module(s) have been scanned
Scan process 'WUDFHost.exe' - '1' Module(s) have been scanned
Scan process 'capuserv.exe' - '1' Module(s) have been scanned
Scan process 'CCC.exe' - '1' Module(s) have been scanned
Scan process 'IEMonitor.exe' - '1' Module(s) have been scanned
Scan process 'RtkBtMnt.exe' - '1' Module(s) have been scanned
Scan process 'eRAgent.exe' - '1' Module(s) have been scanned
Scan process 'ePower_DMC.exe' - '1' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned
Scan process 'MOM.exe' - '1' Module(s) have been scanned
Scan process 'unsecapp.exe' - '1' Module(s) have been scanned
Scan process 'IDMan.exe' - '1' Module(s) have been scanned
Scan process 'daemon.exe' - '1' Module(s) have been scanned
Scan process 'sidebar.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'PLFSetI.exe' - '1' Module(s) have been scanned
Scan process 'PMVService.exe' - '1' Module(s) have been scanned
Scan process 'QtZgAcer.EXE' - '1' Module(s) have been scanned
Scan process 'RtHDVCpl.exe' - '1' Module(s) have been scanned
Scan process 'IAAnotif.exe' - '1' Module(s) have been scanned
Scan process 'eAudio.exe' - '1' Module(s) have been scanned
Scan process 'eDSLoader.exe' - '1' Module(s) have been scanned
Scan process 'SynTPStart.exe' - '1' Module(s) have been scanned
Scan process 'MSASCui.exe' - '1' Module(s) have been scanned
Scan process 'conime.exe' - '0' Module(s) have been scanned
Scan process 'unsecapp.exe' - '1' Module(s) have been scanned
Scan process 'WmiPrvSE.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'ePowerSvc.exe' - '1' Module(s) have been scanned
Scan process 'WmiPrvSE.exe' - '1' Module(s) have been scanned
Scan process 'eRecoveryService.exe' - '1' Module(s) have been scanned
Scan process 'XAudio.exe' - '1' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'RichVideo.exe' - '1' Module(s) have been scanned
Scan process 'MobilityService.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'IAANTmon.exe' - '1' Module(s) have been scanned
Scan process 'eNet Service.exe' - '1' Module(s) have been scanned
Scan process 'eLockServ.exe' - '1' Module(s) have been scanned
Scan process 'eDSService.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'dwm.exe' - '1' Module(s) have been scanned
Scan process 'Ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'SLsvc.exe' - '1' Module(s) have been scanned
Scan process 'audiodg.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'Ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsm.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'wininit.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
71 processes with 71 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
    [INFO]      No virus was found!
Master boot sector HD1
    [INFO]      No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
    [INFO]      No virus was found!
Boot sector 'D:\'
    [INFO]      No virus was found!

Starting to scan the registry.
The registry was scanned ( '60' files ).


Starting the file scan:

Begin scan in 'C:\' <ACER>
C:\hiberfil.sys
    [WARNING]   The file could not be opened!
C:\pagefile.sys
    [WARNING]   The file could not be opened!
C:\$RECYCLE.BIN\S-1-5-21-3638407193-1059790182-3565092846-1000\$RZKMLJB\fm.exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '494e8535.qua'!
C:\Program Files\Sports Interactive\Football Manager 2009 Demo\fm (2).exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '494087d7.qua'!
C:\Windows\System32\drivers\sptd.sys
    [WARNING]   The file could not be opened!
Begin scan in 'D:\' <DATA>


End of the scan: dimanche 16 novembre 2008  22:04
Used time: 26:31 Minute(s)

The scan has been done completely.

  19009 Scanning directories
386890 Files were scanned
      2 viruses and/or unwanted programs were found
      0 Files were classified as suspicious:
      0 files were deleted
      0 files were repaired
      2 files were moved to quarantine
      0 files were renamed
      3 Files cannot be scanned
386885 Files not concerned
   2436 Archives were scanned
      3 Warnings
      2 Notes



et voici le rapport d'Hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:13:23, on 16/11/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Users\Mano\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\Mano\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.marca.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SetPanel] C:\Acer\APanel\APanel.cmd
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [039.tmp] C:\Windows\temp\039.tmp
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: SETAUDIO.EXE
O4 - Global Startup: SETRES.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{4E750F30-F767-4C5A-B62A-FC4B99384010}: NameServer = 85.255.112.60;85.255.112.237
O17 - HKLM\System\CCS\Services\Tcpip\..\{DEE21211-E709-4487-BD85-48AA30B61F9B}: NameServer = 85.255.112.60;85.255.112.237
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: Windows Tribute Service - Unknown owner - C:\Windows\system32\kdzjm.exe (file missing)
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 10906 bytes

Si tu as besoin d'autre chose n'hesite pas à me demander

Merci pour ton aide
Hors ligneMister_masque Le 17/11/2008 à 13:01 Profil de Mister_masque Configuration de Mister_masque

Salut,

Tu es infecté par un Trojan DNSChanger.

Relance HijackThis en "Do a system scan only".
Coche:

O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O17 - HKLM\System\CCS\Services\Tcpip\..\{4E750F30-F767-4C5A-B62A-FC4B99384010}: NameServer = 85.255.112.60;85.255.112.237
O17 - HKLM\System\CCS\Services\Tcpip\..\{DEE21211-E709-4487-BD85-48AA30B61F9B}: NameServer = 85.255.112.60;85.255.112.237
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe    
O23 - Service: Windows Tribute Service - Unknown owner - C:\Windows\system32\kdzjm.exe (file missing)  


---> Clique sur Fix Cheked.

------------------------------------------------------------------------------------------------------------


Télécharge OTMoveIt3.exe (de Old_Timer) sur ton Bureau.

Double-clique sur OTMoveIt3.exe pour le lancer.
Assures toi que la case "Unregister Dll's and Ocx's" soit bien cochée.
Copiez / collez les lignes suivantes (en vert) dans la fenêtre de gauche de OTMoveIt nommé "Paste List of Files/Folders to be moved" (zone fléché sur la capture :)



Copie colle :


:files
C:\Windows\system32\kdzjm.exe

:commands
[EmptyTemp]


Clique sur MoveIt! pour lancer la suppression.
Si OTMoveIt propose de redémarrer votre PC, acceptez.
Lorsque un résultat apparaît dans le cadre Results, cliquez sur Exit.

Afficher le rapport  de OTMoveIt situé sur C:\_OTMoveIt\MovedFiles.

------------------------------------------------------------------------------------------------------------

Je vois que tu a installé MalwareBytes, une très bonne chose ;)

Aide: Un tutorial de MalwareBytes est disponible
Fait un examen complet de tout les lecteurs. Clique sur "Afficher les résultats" et poste le rapport.

Bon courage
--
Hors ligneJose_mano86 Le 17/11/2008 à 15:08 Profil de Jose_mano86 Configuration de Jose_mano86

Voici le rapport de otmoveit3:


========== FILES ==========
File/Folder C:\Windows\system32\kdzjm.exe not found.
========== COMMANDS ==========
File delete failed. C:\Users\Mano\AppData\Local\Temp\RtkBtMnt.exe scheduled to be deleted on reboot.
File delete failed. C:\Users\Mano\AppData\Local\Temp\~DF18E5.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
FireFox cache emptied.
Temp folders emptied.

OTMoveIt3 by OldTimer - Version 1.0.7.1 log created on 11172008_145737

et celui de malwarebytes:

Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1306
Windows 6.0.6001 Service Pack 1

17/11/2008 15:42:09
mbam-log-2008-11-17 (15-42-09).txt

Type de recherche: Examen complet (C:\|D:\|E:\|F:\|)
Eléments examinés: 151636
Temps écoulé: 26 minute(s), 47 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

et le dernier d'antivir au cas où tu l'aurais besoin :



Avira AntiVir Personal
Report file date: lundi 17 novembre 2008  15:11

Scanning for 1369550 virus strains and unwanted programs.

Licensed to:      Avira AntiVir PersonalEdition Classic
Serial number:    0000149996-ADJIE-0001
Platform:         Windows Vista
Windows version:  (Service Pack 1)  [6.0.6001]
Boot mode:        Save mode
Username:         Mano
Computer name:    PC-DE-MANO

Version information:
BUILD.DAT     : 8.2.0.334      16933 Bytes  16/10/2008 14:55:00
AVSCAN.EXE    : 8.1.4.7       315649 Bytes  26/06/2008 09:57:53
AVSCAN.DLL    : 8.1.4.0        40705 Bytes  26/05/2008 08:56:40
LUKE.DLL      : 8.1.4.5       164097 Bytes  12/06/2008 13:44:19
LUKERES.DLL   : 8.1.4.0        12033 Bytes  26/05/2008 08:58:52
ANTIVIR0.VDF  : 6.40.0.0    11030528 Bytes  18/07/2007 11:33:34
ANTIVIR1.VDF  : 7.0.5.1      8182784 Bytes  24/06/2008 14:54:15
ANTIVIR2.VDF  : 7.0.5.20      142336 Bytes  30/06/2008 06:20:53
ANTIVIR3.VDF  : 7.0.5.23       17408 Bytes  30/06/2008 10:24:47
Engineversion : 8.2.0.4  
AEVDF.DLL     : 8.1.0.6       102772 Bytes  14/10/2008 11:05:56
AESCRIPT.DLL  : 8.1.1.8       319866 Bytes  16/10/2008 12:43:34
AESCN.DLL     : 8.1.1.3       123252 Bytes  14/10/2008 11:05:56
AERDL.DLL     : 8.1.1.2       438644 Bytes  12/09/2008 07:06:02
AEPACK.DLL    : 8.1.2.4       369014 Bytes  14/10/2008 11:05:56
AEOFFICE.DLL  : 8.1.0.28      196987 Bytes  14/10/2008 11:05:56
AEHEUR.DLL    : 8.1.0.59     1438071 Bytes  18/09/2008 10:07:50
AEHELP.DLL    : 8.1.1.2       115062 Bytes  14/10/2008 11:05:56
AEGEN.DLL     : 8.1.0.41      319861 Bytes  14/10/2008 11:05:56
AEEMU.DLL     : 8.1.0.9       393588 Bytes  14/10/2008 11:05:56
AECORE.DLL    : 8.1.2.6       172406 Bytes  14/10/2008 11:05:56
AEBB.DLL      : 8.1.0.3        53618 Bytes  14/10/2008 11:05:56
AVWINLL.DLL   : 1.0.0.12       15105 Bytes   9/07/2008 09:40:05
AVPREF.DLL    : 8.0.2.0        38657 Bytes  16/05/2008 10:28:01
AVREP.DLL     : 7.0.0.1       155688 Bytes  30/06/2008 15:35:20
AVREG.DLL     : 8.0.0.1        33537 Bytes   9/05/2008 12:26:40
AVARKT.DLL    : 1.0.0.23      307457 Bytes  12/02/2008 09:29:23
AVEVTLOG.DLL  : 8.0.0.16      119041 Bytes  12/06/2008 13:27:49
SQLITE3.DLL   : 3.3.17.1      339968 Bytes  22/01/2008 18:28:02
SMTPLIB.DLL   : 1.2.0.23       28929 Bytes  12/06/2008 13:49:40
NETNT.DLL     : 8.0.0.1         7937 Bytes  25/01/2008 13:05:10
RCIMAGE.DLL   : 8.0.0.51     2371841 Bytes  12/06/2008 14:48:07
RCTEXT.DLL    : 8.0.52.0       86273 Bytes  27/06/2008 14:34:37

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: high

Start of the scan: lundi 17 novembre 2008  15:11

Starting search for hidden objects.
The driver could not be initialized.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'WmiPrvSE.exe' - '1' Module(s) have been scanned
Scan process 'unsecapp.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsm.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'wininit.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
18 processes with 18 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
    [INFO]      No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
    [INFO]      No virus was found!
Boot sector 'D:\'
    [INFO]      No virus was found!

Starting to scan the registry.
The registry was scanned ( '59' files ).


Starting the file scan:

Begin scan in 'C:\' <ACER>
C:\pagefile.sys
    [WARNING]   The file could not be opened!
C:\Windows\System32\drivers\sptd.sys
    [WARNING]   The file could not be opened!
Begin scan in 'D:\' <DATA>


End of the scan: lundi 17 novembre 2008  15:38
Used time: 27:11 Minute(s)

The scan has been done completely.

  18754 Scanning directories
365328 Files were scanned
      0 viruses and/or unwanted programs were found
      0 Files were classified as suspicious:
      0 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      2 Files cannot be scanned
365326 Files not concerned
   2239 Archives were scanned
      2 Warnings
      0 Notes


Que dois-je faire?

Merci beaucoup
Hors ligneMister_masque Le 17/11/2008 à 18:21 Profil de Mister_masque Configuration de Mister_masque

Reuh,

Ok, dernière étape :

Télécharge SmitFraudFix
Pour effectuer une recherche, ouvre le dossier SmitFraudfix puis double-clique sur l'icône de SmitFraudfix.
Fait défiler grâce à la touche "Espace" jusqu'au menu, sélectionne l'option 5 (Recherche et suppression des détournements DNS) avec la touche 5 et valide avec la touche Entrée.
Rapport.txt va s'afficher, poste son contenu sur le forum.

Tu peux installé Ccleaner.

Installe le (si tu le souhaite). Clique sur Analyse puis sur Lancer le nettoyage, si tu a des message de confirmation, bah confirme .
Ensuite dans le menu latéral gauche clique sur Registre, puis sur chercher les erreurs, ensuite clique sur Réparé les erreurs sélectionnés.
Confirme, et clique sur Réparer toute les erreurs. Effectue cette opération 3 fois (si c'est ton premier nettoyage).

Rapport attendu:

  1. Rapport SmitFraudFix (Option 5)
  2. Un nouveau rapport HijackThis

--
Hors ligneJose_mano86 Le 17/11/2008 à 20:13 Profil de Jose_mano86 Configuration de Jose_mano86

re re lol

voici le rapport de smitfraudfix:

SmitFraudFix v2.375

Scan done at 20:07:10,84, lun. 17/11/2008
Run from C:\Users\Mano\Desktop\SmitfraudFix
OS: Microsoft Windows [version 6.0.6001] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» DNS Before Fix


»»»»»»»»»»»»»»»»»»»»»»»» DNS After Fix



et le nouveau rapport d'hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:10:12, on 17/11/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Users\Mano\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Mano\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.marca.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: SETAUDIO.EXE
O4 - Global Startup: SETRES.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9437 bytes


Merci beaucoup
Hors ligneMister_masque Le 17/11/2008 à 20:43 Profil de Mister_masque Configuration de Mister_masque

Ou en sont tes problèmes ?

Pour supprimer, les outils que l'on a installé

Télécharge ToolsCleaner2 par A.Rothstein sur ton Bureau.

- Execute le.
- Clique sur le bouton Recherche, si le programme ne répond pas ou si la fenetre devient blanche c'est normal !
- Une fois que la recherche est terminé, clique sur Suppression.
- Ensuite clique sur, Vider la corbeille et Vider les fichiers temporaires.

NB: A la fin (il y aura des indications dans le cadre en-dessous), clique sur "Quitter" et poste le rapport qui se trouve dans C:\Tcleaner.txt

Bye
--
Hors ligneJose_mano86 Le 17/11/2008 à 20:58 Profil de Jose_mano86 Configuration de Jose_mano86

je fais ca tout de suite, par contre j'ai supprimé ma corbeille , est ce que tu sais comment la récupérer????

En ce qui concerne le problème, le portable rame au démarrage et les réseaux sont tjs introuvables.

Merci
Hors ligneMister_masque Le 17/11/2008 à 21:28 Profil de Mister_masque Configuration de Mister_masque

Panneau de configuration -> Apparence et personnalisation-> Personnalisation-> Changer les icônes du bureau(à gauche )-> et coche "corbeille"

Télécharge HijackThis (Version Non-installable)

Relance HijackThis en "Do a system scan only".
Coche:

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"    
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"    
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot    
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe    


---> Clique sur Fix Cheked.

Que veut tu dire par les réseaux sont introuvables ?
--
Vous avez résolu votre problème avec VIC ? Faites-le savoir sur les réseaux sociaux !
Vulgarisation-informatique.com
Cours en informatique & tutoriels