Mon ordinateur plante sans cesse

Question

Bonjour,
Voila mon ordinateur vient de planter 3 fois d'affilé, je sais pas comment faire, j'ai téléchargé un fichier et quand j'ai voulu supprimer celui ci il avait disparu, depuis je n'arrive plus a faire plusieurs choses sur mon pc sans que celui ci plante, le scan Avira n'a rien donné mais mon pc a continué à planter.
Pouvez vous m'aider s'il vous plait ?

MikeMoCapaldi · Answer

Personne pour me répondre s'il vous plait ?
J'ai lancé Malwarebytes' je verrais bien ce que ça donne, bien que c'est la 2ème fois que je le lance car arrivé au bout d'un moment, mon ordinateur s'éteint.

archet9 · Answer

Pour"essayer" de voir cela:

Télécharge RSIT (de random/random) sur le bureau :

- Double clique sur RSIT.exe qui est sur le bureau
- Clique sur "Continue" dans la fenêtre
- RSIT téléchargera HijackThis si il n’est pas présent où détecté, alors il faudra accepter la licence
- Poste le contenu de log.txt plus info.txt (réduit ds la barre de taches) à la fin de l’analyse .

Les rapports sont dans le dossier ici C:\rsit
a+

MikeMoCapaldi · Answer

Voila les rapports:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Jipé at 2009-12-14 21:04:31
Microsoft® Windows Vista™ Édition Familiale Premium  Service Pack 2
System drive C: has 22 GB (15%) free of 148 GB
Total RAM: 3071 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:04:37, on 14/12/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32	askeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32	askeng.exe
C:\Windows\msa.exe
C:\Users\JIP~1\AppData\Local\Temp\c.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Users\Jipé\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\System32undll32.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\Explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\msfeedssync.exe
C:\Users\Jipé\Downloads\RSIT.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files	rend micro\Jipé.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.plusnetwork.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:8800
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet	ools\BitCometBHO_1.2.8.7.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\MpcStar\Codecs\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [GoldBarre] C:\Program Files\GoldBarre\GoldBarre.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Jipé\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [vegas] rundll32.exe C:\Windows\system32\sshnas.dll,DllWork
O4 - HKCU\..\Run: [ZagrebLand] C:\Users\JIP~1\AppData\Local\Temp\c.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: Stardock WindowBlinds (WindowBlinds) - Stardock Corporation - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\VistaSrv.exe

MikeMoCapaldi · Answer

Y'a plus personne ?

flo-91 · Answer

Bonsoir, apres la desinfection qui à été effectuée avec moi ( 7 decembre ), le probleme n'était pas résolu ?
Tu as du surement te faire réinfecter car dans ton nouveau Rapport RSit, on trouve des infections qui n'était pas présentes a la fin de la desinfection du 7 decembre.

MikeMoCapaldi · Answer

Bonsoir,
Oui voila justement, je pense que c'est ça, à mon avis j'ai du être ré-infecté :(
Je sais pas comment faire, j'ai peur que mon pc s'éteint n'importe quand maintenant

archet9 · Answer

---> Télécharge OTM (OldTimer) sur ton Bureau : 
http: http://www.geekstogo.com/forum/files/file/402-otm-oldtimers-move-it/ 


---> Double-clique sur OTMoveIt3.exe afin de le lancer. 

---> Copie (Ctrl+C) le texte suivant en gras ci-dessous : 

:processes 
explorer.exe 

:files 
c:\windows\msa.exe
c:\users\jip~1\appdata\local	emp\c.exe
 C:\Windows\system32\sshnas.dll 
 

 
 

:commands 
[purity] 
[emptytemp] 
[start explorer] 
[Reboot]

---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved. 

---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3. 

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer. 
Accepte en cliquant sur YES. 

---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\ 
Le nom du rapport correspond au moment de sa création : date_heure.log 

*******************************

Fais un scan avec cet antispyware : 
Malwarebytes + tutoriel
 
Tu l´installes; mets le a jour...(onglet mise a jour)
Click maintenant sur l´onglet recherche et coche la case :
 "Executer un examen rapide".
Puis click sur "rechercher". 
Laisses le scanner le pc...
A la fin du scan, clique sur Afficher les résultats 
Si des elements on ete trouvés : 
> click sur supprimer la selection.
si il t´es demandé de redemarrer > click sur "oui".
A la fin un rapport va s´ouvrir; 
sauvegarde le de maniere a le retrouver en vue de le poster sur le forum.
Copies et colles le rapport stp.  

a+

MikeMoCapaldi · Answer

Voila le rapport OTM ;

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
c:\windows\msa.exe moved successfully.
c:\users\jip~1\appdata\local	emp\c.exe moved successfully.
C:\Windows\system32\sshnas.dll moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: JipÃ©
->Temp folder emptied: 0 bytes
 
User: Jipé
->Temp folder emptied: 46004 bytes
->Temporary Internet Files folder emptied: 12440979 bytes
->Java cache emptied: 21678570 bytes
->FireFox cache emptied: 82885302 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 4191775 bytes
 
User: Jip&#65533;
->Temp folder emptied: 0 bytes
 
User: Public
->Temp folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 88714 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 320 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 115,74 mb
 
 
OTM by OldTimer - Version 3.1.2.2 log created on 12142009_215106

Files moved on Reboot...

Registry entries deleted on Reboot...



Et voila celui de MalwareByte ;

Malwarebytes' Anti-Malware 1.42
Version de la base de données: 3359
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18865

14/12/2009 22:05:11
mbam-log-2009-12-14 (22-05-11).txt

Type de recherche: Examen rapide
Eléments examinés: 109629
Temps écoulé: 4 minute(s), 32 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 4
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\ZagrebLand (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Videocan (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\zagrebland (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.


J'avais 7 infections, je redémarre mon pc

archet9 · Answer

J'avais 7 infections, je redémarre mon pc

==> Merci pour l'info: C'est sympa de ta part !!!

*******************************

Relances un RSIT stp et colles le rapport stp .

a+

MikeMoCapaldi · Answer

Voila le rapport RSIT;

Logfile of random's system information tool 1.06 (written by random/random)
Run by Jipé at 2009-12-14 22:25:44
Microsoft® Windows Vista™ Édition Familiale Premium  Service Pack 2
System drive C: has 22 GB (15%) free of 148 GB
Total RAM: 3071 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:25:53, on 14/12/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32	askeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Users\Jipé\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Jipé\Downloads\RSIT(2).exe
C:\Program Files	rend micro\Jipé.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.plusnetwork.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:8800
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet	ools\BitCometBHO_1.2.8.7.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\MpcStar\Codecs\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Jipé\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: Stardock WindowBlinds (WindowBlinds) - Stardock Corporation - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\VistaSrv.exe

MikeMoCapaldi · Answer

C'est bon c'est fini ?

archet9 · Answer

Ton pc plante t-il toujours ?


Telecharge GENPROC

http://www.genproc.com/GenProc.exe

Copie et colle le rapport stp...



a+

MikeMoCapaldi · Answer

Bah pour l'instant non ça va ;

Rapport GenProc 2.660 [1] - 14/12/2009 à 22:59:37
@ Windows VISTA Service Pack 2 - ACER - Mode normal
@ Mozilla Firefox 3.5.5 (fr) [Navigateur par défaut]

GenProc n'a détecté aucune infection caractéristique et suggère de suivre la procédure suivante : 


Poste un rapport Nod32 https://www.eset.com/ (il faut utiliser Internet Explorer)
- coche toutes les cases à chaque fois, et lorsque c'est terminé, colle le rapport :  
C:\Program Files\EsetOnlineScanner\log.txt



~~~~ INFORMATION COMPLEMENTAIRE ~~~~

 
Rapport de ZHPDiag v1.24.38 par Nicolas Coolman
Run by Jipé at 14/12/2009 23:00:43
Web site :  http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Platform : Windows Vista (TM) Home Premium (6.0.6002) Service Pack 2
MSIE: Internet Explorer v8.0.6001.18865
MFIE: Mozilla Firefox (3.5.5)

Boot mode: Normal (Normal boot)
Total RAM: 3070 MB (52% free)
System drive C: has 21 GB (14%) free of 144 GB

---\ 
[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - C:\Program Files\Windows Defender\MSASCui.exe
[MD5.4BC8167722B6C79B1B13F1F2076B9EEC] - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
[MD5.E1E71D80D078C576801B6FE2A29FCF85] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
[MD5.29680A793F690EEF4AAA68479D2A6DF8] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
[MD5.712FC805D0DD5C41A0C364BF5B49AA91] - C:\Acer\Empowering Technology\SysMonitor.exe
[MD5.8CBD57D84729DEBEE1E83CB5FA3E3D7A] - C:\Program Files\MpcStar\Codecs\QuickTime\QTTask.exe
[MD5.D1458A77A6E15462CB96D34089549BAC] - C:\Program Files\iTunes\iTunesHelper.exe
[MD5.3A0647BDED81DBE0BCBB51D70B22C9E0] - C:\Program Files\Java\jre6\bin\jusched.exe
[MD5.33E5A8FC8EB0EE42478F8538D0215D8F] - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
[MD5.3103FE27C967675B019E880AA6DA3D6D] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[MD5.E75105DF25DA39DCAC3EBB6D1C2AB79C] - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
[MD5.7DFCCC67990B6DE7F30F553A4E4612A4] - C:\Program Files\RocketDock\RocketDock.exe
[MD5.626A24ED1228580B9518C01930936DF9] - C:\Users\Jipé\AppData\Local\Google\Update\GoogleUpdate.exe
[MD5.18B4B12358EFCF68D76812058A26181F] - C:\Program Files\Windows Live\Messenger\msnmsgr.exe
[MD5.E91F2444DF54E725DDBBDDB7FBCE71F5] - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
[MD5.3794B461C45882E06856F282EEF025AF] - C:\Windows\system32\svchost.exe
[MD5.9015BC03F62940527EC92D45EE89E46F] - C:\Program Files\Avira\AntiVir Desktop\sched.exe
[MD5.B8720A787C1223492E6F319465E996CE] - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
[MD5.536FCD2CEC5161BFCC91CC21726B9DB2] - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
[MD5.D0B1BD387AE4F7A51BA4058C27F309EE] - C:\Windows\system32\Ati2evxx.exe
[MD5.3F56903E124E820AEECE6D471583C6C1] - C:\Program Files\Bonjour\mDNSResponder.exe
[MD5.B7DC2580425225C320CEDA78DE55A3D0] - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
[MD5.59FCCAF915BA89DD98CADF08DA91AFEE] - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
[MD5.A9745687A57CDD71237915859ABA8DAC] - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
[MD5.793FF718477345CD5D232C50BED1E452] - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
[MD5.FD306FBCCE7ADB1077B709742E7148E9] - C:\Program Files\CDBurnerXP\NMSAccessU.exe
[MD5.616F6E52CAE254727A886BA8EDA1BEEA] - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
[MD5.3978F3540329E16C0AC3BCF677E5669F] - C:\Windows\system32\lsass.exe
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - C:\Windows\system32\SLsvc.exe
[MD5.524BFBEA40E6E404737CCBC754647A2E] - C:\Windows\System32\spoolsv.exe
[MD5.C498874A4E20813DB9A42D7EC21EFA9D] - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\VistaSrv.exe
[MD5.AED0DFF80C6B3914769407E78D7AB21A] - C:\Windows\system32\SearchIndexer.exe

---\ 
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,

---\ 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.plusnetwork.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/

---\ 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:8800

---\ 
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\system32\ieframe.dll

---\ 
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet	ools\BitCometBHO_1.2.8.7.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\BitComet	ools\BitCometBHO_1.2.8.7.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

---\ 
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

---\ 
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [QuickTime Task] C:\Program Files\MpcStar\Codecs\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe
O4 - HKCU\..\Run: [Google Update] C:\Users\Jipé\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKLM\..\policies\Explorer: [BindDirectlyToPropertySetStorage] Data=0
O4 - HKLM\..\policies\Explorer: [NoDrives] Data=0

---\ 
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

---\ 
O9 - Extra button: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll,103
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO

---\ 
O10 - WLSP:\000000000001\Winsock LSP File - C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File - C:\Windows\system32
apinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File - C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File - C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File - C:\Program Files\Bonjour\mdnsNSP.dll
O10 - WLSP:\000000000006\Winsock LSP File - C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000007\Winsock LSP File - C:\Windows\system32\winrnr.dll

---\ 
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

---\ 
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll
O18 - Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\msvidctl.dll
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

---\ 
O20 - Winlogon Notify: WBSrv - C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll

---\ 
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll

---\ 
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - %SystemRoot%\system32\browseui.dll

---\ 
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service:  (Ati External Event Utility) - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: eDataSecurity Service (eDataSecurity Service) - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NMSAccessU (NMSAccessU) - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - C:\Windows\system32\SLsvc.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - C:\Windows\System32\spoolsv.exe
O23 - Service: Stardock WindowBlinds (WindowBlinds) - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\VistaSrv.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - C:\Windows\system32\SearchIndexer.exe /Embedding

---\ 
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\1-Click Maintenance.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{637C2092-6357-4F24-A6F9-8DF66B6543BD}.job

---\ 
O41 - Driver: Ancilliary Function Driver for Winsock (AFD) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: avgio (avgio) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys
O41 - Driver: avipbb (avipbb) - C:\WINDOWS\system32\DRIVERS\avipbb.sys
O41 - Driver: Pilote de CD-ROM (cdrom) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: @%systemroot%\system32\drivers\dfsc.sys,-101 (DfsC) - C:\WINDOWS\System32\Drivers\dfsc.sys
O41 - Driver: Pilote pour clavier i8042 et souris sur port PS/2 (i8042prt) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: Pilote de la classe Clavier (kbdclass) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: Pilote de la classe Souris (mouclass) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: NetBIOS Interface (NetBIOS) - C:\WINDOWS\system32\DRIVERS
etbios.sys
O41 - Driver: NETBT (netbt) - C:\WINDOWS\System32\DRIVERS
etbt.sys
O41 - Driver: NSI proxy service (nsiproxy) - C:\WINDOWS\system32\drivers
siproxy.sys
O41 - Driver: @%SystemRoot%\System32\drivers\pacer.sys,-101 (PSched) - C:\WINDOWS\system32\DRIVERS\pacer.sys
O41 - Driver: Remote Access Auto Connection Driver (RasAcd) - C:\WINDOWS\System32\DRIVERSasacd.sys
O41 - Driver: Redirected Buffering Sub Sysytem (rdbss) - C:\WINDOWS\system32\DRIVERSdbss.sys
O41 - Driver: RDPCDD (RDPCDD) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
O41 - Driver: RDP Encoder Mirror Driver (RDPENCDD) - C:\WINDOWS\system32\driversdpencdd.sys
O41 - Driver: Pilote de port série (Serial) - C:\WINDOWS\system32\DRIVERS\serial.sys
O41 - Driver: @%SystemRoot%\system32	cpipcfg.dll,-50005 (Smb) - C:\WINDOWS\system32\DRIVERS\smb.sys
O41 - Driver: ssmdrv (ssmdrv) - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
O41 - Driver: @%SystemRoot%\system32	cpipcfg.dll,-50004 (tdx) - C:\WINDOWS\system32\DRIVERS	dx.sys
O41 - Driver: Pilote de périphérique terminal (TermDD) - C:\WINDOWS\system32\DRIVERS	ermdd.sys
O41 - Driver: (no object) (VgaSave) - C:\Windows\System32\drivers\vga.sys
O41 - Driver: Remote Access IPv6 ARP Driver (Wanarpv6) - C:\WINDOWS\system32\DRIVERS\wanarp.sys

---\ 
O42 - Logiciel: Acer DVDivine
O42 - Logiciel: Acer Empowering Technology
O42 - Logiciel: Acer GameZone Console DTV 2.0.1.1
O42 - Logiciel: Acer HomeMedia
O42 - Logiciel: Acer HomeMedia Connect
O42 - Logiciel: Acer HomeMedia Trial Creator
O42 - Logiciel: Acer ScreenSaver
O42 - Logiciel: Acer SlideShow DVD
O42 - Logiciel: Acer eDataSecurity Management
O42 - Logiciel: Adobe Anchor Service CS3
O42 - Logiciel: Adobe Asset Services CS3
O42 - Logiciel: Adobe Bridge CS3
O42 - Logiciel: Adobe Bridge Start Meeting
O42 - Logiciel: Adobe CMaps
O42 - Logiciel: Adobe Camera Raw 4.0
O42 - Logiciel: Adobe Color - Photoshop Specific
O42 - Logiciel: Adobe Color Common Settings
O42 - Logiciel: Adobe Color EU Recommended Settings
O42 - Logiciel: Adobe Default Language CS3
O42 - Logiciel: Adobe Device Central CS3
O42 - Logiciel: Adobe ExtendScript Toolkit 2
O42 - Logiciel: Adobe Flash Player 10 ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: Adobe Fonts All
O42 - Logiciel: Adobe Help Viewer CS3
O42 - Logiciel: Adobe Linguistics CS3
O42 - Logiciel: Adobe Photoshop CS3
O42 - Logiciel: Adobe Reader 9.2 - Français
O42 - Logiciel: Adobe Setup
O42 - Logiciel: Adobe Shockwave Player 11.5
O42 - Logiciel: Adobe Stock Photos CS3
O42 - Logiciel: Adobe Type Support
O42 - Logiciel: Adobe WinSoft Linguistics Plugin
O42 - Logiciel: Adobe XMP Panels CS3
O42 - Logiciel: Agatha Christie Death on the Nile
O42 - Logiciel: Alice Greenfingers
O42 - Logiciel: Apple Application Support
O42 - Logiciel: Apple Mobile Device Support
O42 - Logiciel: Apple Software Update
O42 - Logiciel: Archiveur WinRAR
O42 - Logiciel: Ask.com Search Assistant 1.0.2
O42 - Logiciel: Audacity 1.2.6
O42 - Logiciel: Avira AntiVir Personal - Free Antivirus
O42 - Logiciel: Azada
O42 - Logiciel: Backspin Billiards
O42 - Logiciel: Big Kahuna Reef
O42 - Logiciel: BitComet 1.05
O42 - Logiciel: Bonjour
O42 - Logiciel: Bricks of Egypt
O42 - Logiciel: CCleaner
O42 - Logiciel: CD Art Display 2.0
O42 - Logiciel: CDBurnerXP
O42 - Logiciel: Cake Mania
O42 - Logiciel: CamStudio 2.0 Fr
O42 - Logiciel: Canon MP Navigator 3.0
O42 - Logiciel: Catalyst Control Center - Branding
O42 - Logiciel: Chicken Invaders 3
O42 - Logiciel: Chuzzle
O42 - Logiciel: Diner Dash Flo on the Go
O42 - Logiciel: DivX Codec
O42 - Logiciel: DivX Converter
O42 - Logiciel: DivX Player
O42 - Logiciel: DivX Plus DirectShow Filters
O42 - Logiciel: DivX Web Player
O42 - Logiciel: Galerie de photos Windows Live
O42 - Logiciel: Guitar Pro 5.2
O42 - Logiciel: Installation Windows Live
O42 - Logiciel: Java(TM) 6 Update 17
O42 - Logiciel: Jewel Quest Solitaire
O42 - Logiciel: Kick N Rush
O42 - Logiciel: LimeWire 5.0.11
O42 - Logiciel: MSVCRT
O42 - Logiciel: MSXML 4.0 SP2 (KB936181)
O42 - Logiciel: MSXML 4.0 SP2 (KB941833)
O42 - Logiciel: MSXML 4.0 SP2 (KB954430)
O42 - Logiciel: Mahjong Escape Ancient China
O42 - Logiciel: Mahjongg Artifacts
O42 - Logiciel: Malwarebytes' Anti-Malware
O42 - Logiciel: Megavideo Video Downloader 3.15
O42 - Logiciel: Messenger Plus! Live
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2)
O42 - Logiciel: Microsoft Office Access MUI (English) 2007
O42 - Logiciel: Microsoft Office Access Setup Metadata MUI (English) 2007
O42 - Logiciel: Microsoft Office Enterprise 2007
O42 - Logiciel: Microsoft Office Excel MUI (English) 2007
O42 - Logiciel: Microsoft Office Groove MUI (English) 2007
O42 - Logiciel: Microsoft Office Groove Setup Metadata MUI (English) 2007
O42 - Logiciel: Microsoft Office InfoPath MUI (English) 2007
O42 - Logiciel: Microsoft Office Live Add-in 1.3
O42 - Logiciel: Microsoft Office OneNote MUI (English) 2007
O42 - Logiciel: Microsoft Office Outlook Connector
O42 - Logiciel: Microsoft Office Outlook MUI (English) 2007
O42 - Logiciel: Microsoft Office PowerPoint MUI (English) 2007
O42 - Logiciel: Microsoft Office Proof (English) 2007
O42 - Logiciel: Microsoft Office Proof (French) 2007
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007
O42 - Logiciel: Microsoft Office Proofing (English) 2007
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
O42 - Logiciel: Microsoft Office Publisher MUI (English) 2007
O42 - Logiciel: Microsoft Office Shared MUI (English) 2007
O42 - Logiciel: Microsoft Office Shared Setup Metadata MUI (English) 2007
O42 - Logiciel: Microsoft Office Word MUI (English) 2007
O42 - Logiciel: Microsoft Office Word Viewer 2003
O42 - Logiciel: Microsoft Silverlight
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
O42 - Logiciel: Microsoft Works
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra
O42 - Logiciel: Mozilla Firefox (3.5.5)
O42 - Logiciel: MpcStar 4.2
O42 - Logiciel: Mystery Case Files - Huntsville
O42 - Logiciel: Mystery Solitaire - Secret Island
O42 - Logiciel: NTI Backup NOW! 4.7
O42 - Logiciel: NTI CD & DVD-Maker
O42 - Logiciel: Native Instruments Service Center
O42 - Logiciel: Native Instruments Traktor
O42 - Logiciel: Outil de téléchargement Windows Live
O42 - Logiciel: PDF Settings
O42 - Logiciel: PhotoFiltre Studio
O42 - Logiciel: QuickTime
O42 - Logiciel: Replay Media Catcher 3.02
O42 - Logiciel: RocketDock 1.3.5
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559)
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB973704)
O42 - Logiciel: Security Update for CAPICOM (KB931906)
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB973593)
O42 - Logiciel: Security Update for Microsoft Office Outlook 2007 (KB972363)
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB957789)
O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB969693)
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581)
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB969613)
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234)
O42 - Logiciel: Sony Ericsson Device Data
O42 - Logiciel: Sony Ericsson Drivers
O42 - Logiciel: Sony Ericsson PC Suite
O42 - Logiciel: Spelling Dictionaries Support For Adobe Reader 8
O42 - Logiciel: SplitCam
O42 - Logiciel: Spotify
O42 - Logiciel: TeamSpeak 2 RC2
O42 - Logiciel: Trust WB-1400T Webcam
O42 - Logiciel: TuneUp Utilities 2008
O42 - Logiciel: Turbo Pizza
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642)
O42 - Logiciel: Update for Microsoft Office 2007 Help for Common Features (KB963673)
O42 - Logiciel: Update for Microsoft Office Access 2007 Help (KB963663)
O42 - Logiciel: Update for Microsoft Office Excel 2007 Help (KB963678)
O42 - Logiciel: Update for Microsoft Office InfoPath 2007 (KB976416)
O42 - Logiciel: Update for Microsoft Office Infopath 2007 Help (KB963662)
O42 - Logiciel: Update for Microsoft Office OneNote 2007 Help (KB963670)
O42 - Logiciel: Update for Microsoft Office Outlook 2007 Help (KB963677)
O42 - Logiciel: Update for Microsoft Office Powerpoint 2007 Help (KB963669)
O42 - Logiciel: Update for Microsoft Office Publisher 2007 Help (KB963667)
O42 - Logiciel: Update for Microsoft Office Script Editor Help (KB963671)
O42 - Logiciel: Update for Microsoft Office Word 2007 (KB974561)
O42 - Logiciel: Update for Microsoft Office Word 2007 Help (KB963665)
O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (kb976884)
O42 - Logiciel: VC80CRTRedist - 8.0.50727.762
O42 - Logiciel: VideoLAN VLC media player 0.8.6e
O42 - Logiciel: VistaGlazz 1.1
O42 - Logiciel: WindowBlinds
O42 - Logiciel: Windows Live Call
O42 - Logiciel: Windows Live FolderShare
O42 - Logiciel: Windows Live Mail
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: Windows Live Movie Maker
O42 - Logiciel: Windows Media Player Firefox Plugin
O42 - Logiciel: Xilisoft 3GP Video Converter
O42 - Logiciel: Yahoo! Install Manager
O42 - Logiciel: Yahoo! Toolbar
O42 - Logiciel: Zuma Deluxe
O42 - Logiciel: eMule
O42 - Logiciel: eSobi v2

---\ 
O44 - LFC:Last File Created 14/12/2009 - 22:36:59 ---A- C:\Windows\WindowsUpdate.log
O44 - LFC:Last File Created 14/12/2009 - 22:13:20 ---A- C:\Windows\System32\PerfStringBackup.INI
O44 - LFC:Last File Created 14/12/2009 - 22:13:20 ---A- C:\Windows\System32\perfc009.dat
O44 - LFC:Last File Created 14/12/2009 - 22:13:20 ---A- C:\Windows\System32\perfc00C.dat
O44 - LFC:Last File Created 14/12/2009 - 22:13:20 ---A- C:\Windows\System32\perfh009.dat
O44 - LFC:Last File Created 14/12/2009 - 22:13:20 ---A- C:\Windows\System32\perfh00C.dat
O44 - LFC:Last File Created 14/12/2009 - 22:06:58 -S-A- C:\Windows\bootstat.dat
O44 - LFC:Last File Created 14/12/2009 - 22:06:53 ---A- C:\Windows\PFRO.log
O44 - LFC:Last File Created 10/12/2009 - 20:30:46 ---A- C:\Windows\System32\drivers\avgntflt.sys
O44 - LFC:Last File Created 06/12/2009 - 16:26:52 ---A- C:\FindyKill.txt
O44 - LFC:Last File Created 05/12/2009 - 17:40:56 ---A- C:\ComboFix.txt
O44 - LFC:Last File Created 05/12/2009 - 17:38:01 ---A- C:\Windows\system.ini
O44 - LFC:Last File Created 04/12/2009 - 20:40:46 ---A- C:\ctyjmpsv
O44 - LFC:Last File Created 04/12/2009 - 20:25:57 ---A- C:\Kill'em.txt
O44 - LFC:Last File Created 04/12/2009 - 20:25:57 ---A- C:\autoexec.bat
O44 - LFC:Last File Created 04/12/2009 - 20:18:58 ---A- C:\List'em.txt
O44 - LFC:Last File Created 03/12/2009 - 16:14:06 ---A- C:\Windows\System32\drivers\mbamswissarmy.sys
O44 - LFC:Last File Created 03/12/2009 - 16:13:56 ---A- C:\Windows\System32\drivers\mbam.sys
O44 - LFC:Last File Created 01/12/2009 - 21:06:19 ---A- C:\Windows\System32\mrt.exe
O44 - LFC:Last File Created 21/11/2009 - 07:40:20 ---A- C:\Windows\System32\wininet.dll
O44 - LFC:Last File Created 21/11/2009 - 07:40:03 ---A- C:\Windows\System32\urlmon.dll
O44 - LFC:Last File Created 21/11/2009 - 07:38:17 ---A- C:\Windows\System32\occache.dll
O44 - LFC:Last File Created 21/11/2009 - 07:35:43 ---A- C:\Windows\System32\mshtml.dll
O44 - LFC:Last File Created 21/11/2009 - 07:35:38 ---A- C:\Windows\System32\msfeeds.dll
O44 - LFC:Last File Created 21/11/2009 - 07:35:38 ---A- C:\Windows\System32\msfeedsbs.dll
O44 - LFC:Last File Created 21/11/2009 - 07:34:58 ---A- C:\Windows\System32\jsproxy.dll
O44 - LFC:Last File Created 21/11/2009 - 07:34:52 ---A- C:\Windows\System32\inetcpl.cpl
O44 - LFC:Last File Created 21/11/2009 - 07:34:39 ---A- C:\Windows\System32\iertutil.dll
O44 - LFC:Last File Created 21/11/2009 - 07:34:39 ---A- C:\Windows\System32\iesetup.dll
O44 - LFC:Last File Created 21/11/2009 - 07:34:39 ---A- C:\Windows\System32\iesysprep.dll
O44 - LFC:Last File Created 21/11/2009 - 07:34:39 ---A- C:\Windows\System32\ieui.dll
O44 - LFC:Last File Created 21/11/2009 - 07:34:38 ---A- C:\Windows\System32\ieframe.dll
O44 - LFC:Last File Created 21/11/2009 - 07:34:38 ---A- C:\Windows\System32\iepeers.dll
O44 - LFC:Last File Created 21/11/2009 - 07:34:38 ---A- C:\Windows\System32\iernonce.dll
O44 - LFC:Last File Created 21/11/2009 - 07:34:33 ---A- C:\Windows\System32\iedkcs32.dll
O44 - LFC:Last File Created 21/11/2009 - 05:59:58 ---A- C:\Windows\System32\ieUnatt.exe
O44 - LFC:Last File Created 21/11/2009 - 05:59:52 ---A- C:\Windows\System32\ie4uinit.exe
O44 - LFC:Last File Created 21/11/2009 - 05:59:14 ---A- C:\Windows\System32\msfeedssync.exe
O44 - LFC:Last File Created 21/11/2009 - 05:58:54 ---A- C:\Windows\System32\mshtml.tlb
O44 - LFC:Last File Created 17/11/2009 - 16:26:24 --HA- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
O44 - LFC:Last File Created 17/11/2009 - 16:26:10 --HA- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
O44 - LFC:Last File Created 14/11/2009 - 01:47:57 ---A- C:\Windows\PEV.exe

---\ 
O63 - Logiciel: HijackThis 2.0.2


End of the scan: 413 lines


----------------------------------------------------------------------
Sites officiels GenProc : www.alt-shift-return.org et www.genproc.com
----------------------------------------------------------------------

~~ Fin à 23:01:57 ~~

MikeMoCapaldi · Answer

C'est moi qui a écris: 
"Poste un rapport Nod32 https://www.eset.com/ (il faut utiliser Internet Explorer)
- coche toutes les cases à chaque fois, et lorsque c'est terminé, colle le rapport :
C:\Program Files\EsetOnlineScanner\log.txt" ???

Mon ordinateur plante sans cesse

14 réponses

Votre réponse

Newsletters