rick of today

re bonjour ah ben j'ai décompressé le fichier zip et lancé l'application. La mise à jour s'est faite normalement au redémarrage, j'ai lancé une mise à jour windows 10 avec l'assistant et elle a marché..... je suis passé en version 20h2. j'espère que je n'aurais pas de problème avec le bios.... je mets le sujet en résolu. merci de ton aide Tomtom.. bonne soirée . Eric

bonjour Tomtom j'ai la version 1.04 du 12/03/2018. je vais essayer le mettre à jour et je reviens vers toi merci. bonne journée

bonsoir Tomtom merci pour ton aide c'"est un ordinateur portable Acer Aspire A315-21 carte mère AMD A9 j'ai utitlisé Drivers cloud pour faire la mise à jour des drivers. j'ai également essayé une installation en mode sans echec avec prise en charge réseau en désinstallant wifi et bluetooth mais elle a planté aussi

bonjour à tous depuis plusieurs jours je ne parviens pas à installer la version 20h2 . j'ai essayé plusieurs manipulation telles quelles qui ont pu être proposées ici dans d'autres sujets mais je n'y parviens. Je viens donc demander de l'aide aux spécialistes. J'ai essayé de réparer windows update avec la résolution de problème. des erreurs ont été corrigées. j'ai enlevé Kaspersky free avec kaspersky removal tool. puis j'ai fait "une vérification des erreurs fichiers système et des composants du magasin de Windows. Clique droit sur Démarrer >> puis sur Windows PowerShell (admin) Copie/colle la commande suivante : sfc /scannow et valide avec Entrée Si aucun problème n'est trouvé tu aura le message Le programme de protection des ressources Windows n'a trouvé aucune violation d'intégrité. Puis copie/colle la commande suivante: Dism /Online /Cleanup-Image /RestoreHealth >> valide avec la touche Entrée Si tout se passe bien, tu aura le message (La restauration a été effectuée. 100% L’opération a réussi) Redémarre ton ordinateur ensuite vérifie si la mise à jour s'installe sans problème." j'ai utilisé plusieurs méthodes d'installation avec Média Creation tool et l'assistant de mise à jour windows 10. sans succés J'ai mis à jour les pilotes de l'ordinateur Voici ma version de Windows: 1909 voici le dernier message d'erreur après la tentative d'installation avec media creation tool: 0x1900101-0x20017 l'installation a échouée dans la phase SAFE_Os avec une erreur lors de l'opérateur BOOT je suis paumé.... merci d'avance pour celui ou celle qui pourra me dépanner.... bonne soirée

bonsoir Tomtom, je n'ai pas pu procéder à la désinfection car ma nièce a souhaité récupérer son ordinateur. Je lui ai indiqué le lien du forum et j'ai copié ta réponse pour qu'elle suive la procédure. Merci pour le temps passé à me dépanner. bonne soirée.

bonsoir, merci pour ta réponse Tomtom95. comment dois-je désinfecter l'ordinateur ? je crois que ma nièce n'a fait aucune sauvegarde. Ça veut dire qu'il faut restaurer l'ordinateur à l'origine ? comment dois-procéder ?

rebonjour, si ça peut aider voici les fichiers FRST https://cjoint.com/c/JIoqpvUzIJv https://cjoint.com/c/JIoqrEa0f0v

Bonjour à tous. cela fait des années que je ne suis pas venu pour exposer un problème d'infection mais là j'ai vraiment besoin d"aide. le pc portable de ma nièce est infecté par un ransomware. Elle a un fond d'écran bleu avec le texte "All Your Files are encrypted. Find u990r289f8-readme.txt and follow instructions. Est-ce que quelqu'un peut me dépanner? merci d'avance! Eric

Bonsoir à tous et à toutes, Voici mon problème. Pour des soucis de lenteur, j'ai installé Ubuntu 11 10 sur un ordi portable Samsung NC 10. Par erreur, j'ai formaté la totalité du disque dur (partitionné auparavant avec un disque de restauration). Après plusieurs jours d'utilisation, j'ai préféré revenir à Windows. Mon cousin m'a filé Windows XP Pro que j'ai dû installer par clef USB, car il n' y a pas de lecteur DVD sur le Samsung NC 10. On a utilisé Winsetup pour faire une clef bootable. Windows s'est bien installé, mais impossible de démarrer Windows sans utiliser la clef USB. Il manque des fichiers. Comment faire, je m'arrache les cheveux ! Merci d'avance à tous ceux qui se pencheront sur mon problème !

bonjour, voici les dernières nouvelles: j'ai fait un scandisk, je l'ai lancé sans être présent donc je n'ai pas vu le résultat! il semblerait que le pc ne se fige plus , ou beaucoup moins. à suivre. je posterais demain pour signaler un ralentissement ou pour fermer le sujet!

du nouveau: je n'arrive pas à lancer CHeckdisk dans la console de commande j'obtiens ça: c:\user\patani\ impossible de revenir à la racine c:\ chkds n'est pas une commande reconnue si je tape cmd il me remet la même ligne! sinon j'ai lancé combofix il m'a dit qu'avira n'était pas complètement désactivé. comment faire pour le désactiver complètement? le désinstaller? voici le log de combofix : ComboFix 11-06-25.01 - PATANI 25/06/2011 13:30:46.1.2 - x86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.2972.1835 [GMT 2:00] Lancé depuis: c:\users\PATANI\Downloads\ComboFix.exe AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7} SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\PATANI\AppData\Roaming\cacaoweb c:\windows\system32\Install.cmd c:\windows\system32\Process.exe . . ((((((((((((((((((((((((((((( Fichiers créés du 2011-05-25 au 2011-06-25 )))))))))))))))))))))))))))))))))))) . . 2011-06-25 11:27 . 2011-06-25 11:29 -------- d-----w- C:\32788R22FWJFW 2011-06-24 17:34 . 2011-06-24 17:34 -------- d-----w- c:\program files\VS Revo Group 2011-06-24 12:12 . 2011-06-24 12:12 -------- d-----w- c:\program files\Common Files\Java 2011-06-24 07:02 . 2011-06-24 07:02 512 ----a-w- C:\PhysicalMBR.bin 2011-06-24 06:56 . 2011-06-20 06:57 7074640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4C1EC117-B51D-472E-ABB2-834664D5E48A}\mpengine.dll 2011-06-24 06:53 . 2011-06-24 06:53 -------- d-----w- c:\windows\Internet Logs 2011-06-22 19:10 . 2011-06-22 19:10 -------- d-----w- c:\program files\Winamax Poker 2011-06-21 21:52 . 2011-06-22 19:10 -------- d-----w- c:\users\PATANI\AppData\Local\Adobe 2011-06-21 16:29 . 2011-06-21 16:29 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll 2011-06-21 16:29 . 2011-06-21 16:29 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll 2011-06-16 06:47 . 2011-04-22 23:25 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2011-06-16 06:47 . 2011-04-25 15:29 141104 ----a-w- c:\program files\Internet Explorer\sqmapi.dll 2011-06-16 06:47 . 2011-04-22 23:35 1797632 ----a-w- c:\windows\system32\jscript9.dll 2011-06-16 06:12 . 2010-12-20 16:35 563712 ----a-w- c:\windows\system32\oleaut32.dll 2011-06-16 06:10 . 2011-05-02 12:02 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat 2011-06-16 05:15 . 2011-04-14 14:59 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys 2011-06-16 05:14 . 2011-04-21 13:58 273408 ----a-w- c:\windows\system32\drivers\afd.sys 2011-06-16 05:14 . 2011-04-29 13:25 146432 ----a-w- c:\windows\system32\drivers\srv2.sys 2011-06-16 05:14 . 2011-04-29 13:25 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys 2011-06-16 05:12 . 2011-05-02 17:16 739328 ----a-w- c:\windows\system32\inetcomm.dll 2011-06-16 05:11 . 2011-04-29 13:24 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2011-06-16 05:11 . 2011-04-29 13:24 79872 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys 2011-06-16 05:11 . 2011-04-29 13:24 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-06-07 10:35 . 2011-06-07 10:35 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll 2011-06-07 10:35 . 2011-06-07 10:35 103864 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll 2011-06-05 17:00 . 2004-03-08 23:00 662288 ----a-w- c:\windows\system32\MSCOMCT2.OCX 2011-06-05 17:00 . 2001-10-28 15:42 116224 ----a-w- c:\windows\system32\pdfcmnnt.dll 2011-06-05 17:00 . 1998-06-23 23:00 137000 ----a-w- c:\windows\system32\MSMAPI32.OCX 2011-06-05 17:00 . 2011-06-05 17:01 -------- d-----w- c:\program files\PDFCreator 2011-06-05 17:00 . 1998-07-13 00:08 119568 ----a-w- c:\windows\system32\VB6FR.DLL 2011-06-05 17:00 . 1998-07-13 00:08 59904 ----a-w- c:\windows\system32\MSCC2FR.DLL 2011-06-05 17:00 . 1998-07-13 00:08 141312 ----a-w- c:\windows\system32\MSCMCFR.DLL 2011-06-05 17:00 . 1998-07-05 23:00 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL 2011-06-05 16:57 . 2011-06-05 16:57 -------- d-----w- c:\users\PATANI\AppData\Roaming\Softland 2011-06-05 16:56 . 2010-02-05 13:00 1700352 ----a-w- c:\windows\system32\GdiPlus.dll . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2011-06-24 12:11 . 2010-10-13 10:56 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-05-29 07:11 . 2010-10-05 19:46 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-05-29 07:11 . 2010-10-05 19:46 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-05-24 17:14 . 2010-10-06 07:14 222080 ------w- c:\windows\system32\MpSigStub.exe 2011-05-16 15:04 . 2011-05-16 15:04 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-05-03 17:23 . 2011-05-03 17:23 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2011-05-03 17:23 . 2011-05-03 17:23 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2011-05-03 17:23 . 2011-05-03 17:23 161792 ----a-w- c:\windows\system32\msls31.dll 2011-05-03 17:23 . 2011-05-03 17:23 1126912 ----a-w- c:\windows\system32\wininet.dll 2011-05-03 17:23 . 2011-05-03 17:23 86528 ----a-w- c:\windows\system32\iesysprep.dll 2011-05-03 17:23 . 2011-05-03 17:23 63488 ----a-w- c:\windows\system32\tdc.ocx 2011-05-03 17:23 . 2011-05-03 17:23 48640 ----a-w- c:\windows\system32\mshtmler.dll 2011-05-03 17:23 . 2011-05-03 17:23 367104 ----a-w- c:\windows\system32\html.iec 2011-05-03 17:23 . 2011-05-03 17:23 74752 ----a-w- c:\windows\system32\iesetup.dll 2011-05-03 17:23 . 2011-05-03 17:23 23552 ----a-w- c:\windows\system32\licmgr10.dll 2011-05-03 17:23 . 2011-05-03 17:23 152064 ----a-w- c:\windows\system32\wextract.exe 2011-05-03 17:23 . 2011-05-03 17:23 1427456 ----a-w- c:\windows\system32\inetcpl.cpl 2011-05-03 17:23 . 2011-05-03 17:23 420864 ----a-w- c:\windows\system32\vbscript.dll 2011-05-03 17:23 . 2011-05-03 17:23 150528 ----a-w- c:\windows\system32\iexpress.exe 2011-05-03 17:23 . 2011-05-03 17:23 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2011-05-03 17:23 . 2011-05-03 17:23 35840 ----a-w- c:\windows\system32\imgutil.dll 2011-05-03 17:23 . 2011-05-03 17:23 11776 ----a-w- c:\windows\system32\mshta.exe 2011-05-03 17:23 . 2011-05-03 17:23 101888 ----a-w- c:\windows\system32\admparse.dll 2011-05-03 17:23 . 2011-05-03 17:23 110592 ----a-w- c:\windows\system32\IEAdvpack.dll 2011-03-31 19:25 . 2010-10-05 18:21 137656 ----a-w- c:\windows\system32\drivers\avipbb.sys 2011-06-21 16:29 . 2011-05-06 16:26 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2008-08-04 6265376] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-06-08 894512] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-08-17 281768] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2011-01-25 14:08 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-11-29 16:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3481225747-3137295674-505525059-1000] "EnableNotificationsRef"=dword:00000001 . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R3 AVerAF35;AVerMedia A820 USB DVB-T;c:\windows\system32\Drivers\AVerAF35.sys [2009-12-08 563200] R3 CanalPlus.VOD;CanalPlus.VOD;c:\program files\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe [2010-05-03 188416] R3 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2008-01-21 21504] R3 hcw95bda;Hauppauge MOD7700 Tuner Driver;c:\windows\system32\Drivers\hcw95bda.sys [2009-07-06 573440] R3 hcw95rc;Hauppauge MOD7700 IR Driver;c:\windows\system32\DRIVERS\hcw95rc.sys [2009-07-06 15616] R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [x] R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys [2010-04-19 18432] R3 NETw5v32;Pilote de carte Intel® Wireless WiFi Link pour Windows Vista 32 bits ;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-04-27 3658752] R3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\System32\svchost.exe [2008-01-21 21504] R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [2009-02-13 11520] R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] R3 WsAudioDevice_383;WsAudioDevice_383;c:\windows\system32\drivers\WsAudioDevice_383.sys [2008-11-19 16640] S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-04-27 136360] S3 netr28;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\DRIVERS\netr28.sys [2008-07-29 418816] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs ezSharedSvc . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.com/ uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\PATANI\AppData\Roaming\Mozilla\Firefox\Profiles\1wrzvwna.default\ FF - prefs.js: browser.search.defaulturl - FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/ FF - user.js: browser.cache.memory.capacity - 65536 FF - user.js: browser.chrome.favicons - false FF - user.js: browser.display.show_image_placeholders - true FF - user.js: browser.turbo.enabled - true FF - user.js: browser.urlbar.autocomplete.enabled - true FF - user.js: browser.urlbar.autofill - true FF - user.js: content.interrupt.parsing - true FF - user.js: content.max.tokenizing.time - 2250000 FF - user.js: content.notify.backoffcount - 5 FF - user.js: content.notify.interval - 750000 FF - user.js: content.notify.ontimer - true FF - user.js: content.switch.threshold - 750000 FF - user.js: network.http.max-connections - 48 FF - user.js: network.http.max-connections-per-server - 16 FF - user.js: network.http.max-persistent-connections-per-proxy - 16 FF - user.js: network.http.max-persistent-connections-per-server - 8 FF - user.js: network.http.pipelining - true FF - user.js: network.http.pipelining.firstrequest - true FF - user.js: network.http.pipelining.maxrequests - 8 FF - user.js: network.http.proxy.pipelining - true FF - user.js: network.http.request.max-start-delay - 0 FF - user.js: nglayout.initialpaint.delay - 0 FF - user.js: plugin.expose_full_path - true FF - user.js: ui.submenuDelay - 0 . - - - - ORPHELINS SUPPRIMES - - - - . MSConfigStartUp-Mobile Connectivity Suite - c:\program files\HTC\HTC Sync\Application Launcher\Application Launcher.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-06-25 13:36 Windows 6.0.6002 Service Pack 2 NTFS . Recherche de processus cachés ... . Recherche d'éléments en démarrage automatique cachés ... . Recherche de fichiers cachés ... . Scan terminé avec succès Fichiers cachés: 0 . ************************************************************************** . Heure de fin: 2011-06-25 13:38:28 ComboFix-quarantined-files.txt 2011-06-25 11:38 . Avant-CF: 127 668 940 800 octets libres Après-CF: 128 822 435 840 octets libres . - - End Of File - - 9746A1741C16B1CAABE2DF2B1D0146F6

bonjour j'ai utilisé les logiciels REVo, CCleaner, et startuplite. je n'ai pas trouvé winamp dans les outils firefox. ça persiste à ramer par intermittence. surtout au début où je lance l'expolrateur, ou firefox. je fais quoi? merci de ta patience!

j'ai beau chercher, je ne trouve pas de trace de winamp que j'avais installé il y a longtemps. une solution pour effacer des traces du programme?

rebonjour, lorsque je parlais de Mozilla je voulais dire Firefox. MAis ça ramait et figeait avec internet explorer aussi. Quant à Ccleaner, je l'utilise régulièrement. j'ai défragmenté le disque dur avec ultra defrag car j'ai remarqué qu'avec Defraggler sous Vista ça ne défragmentait pas très bien! par contre je vais utiliser tes outils que je ne connaissais pas , et je te tiens au courant. Merci encore de ton aide. j'en conclus que ce n'était pas une infection?

merci de ton aide! voici le dernier rapport OTL All processes killed ========== OTL ========== Service WDSC stopped successfully! Service WDSC deleted successfully! Service WDFME stopped successfully! Service WDFME deleted successfully! Service WDDMService stopped successfully! Service WDDMService deleted successfully! Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}\ not found. File C:\Program Files\ZoneAlarm\tbZone.dll not found. Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}\ not found. File C:\Program Files\ZoneAlarm\tbZone.dll not found. Prefs.js: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=" removed from browser.search.defaulturl Prefs.js: personas@christopher.beard:1.6.2 removed from extensions.enabledItems Prefs.js: anttoolbar@ant.com:2.3.0 removed from extensions.enabledItems Prefs.js: cacaoweb@cacaoweb.org:1.0.11 removed from extensions.enabledItems Prefs.js: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query=" removed from keyword.URL C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}\searchplugin folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}\modules folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}\META-INF folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}\defaults folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}\components folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}\chrome folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd} folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\anttoolbar@ant.com\defaults\preferences folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\anttoolbar@ant.com\defaults folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\anttoolbar@ant.com\components folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\anttoolbar@ant.com\chrome\skin\ui folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\anttoolbar@ant.com\chrome\skin folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\anttoolbar@ant.com\chrome\locale\zh-CN folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\anttoolbar@ant.com\chrome\locale\uk-UA folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\anttoolbar@ant.com\chrome\locale\tr-TR folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\anttoolbar@ant.com\chrome\locale\sv-SE folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\anttoolbar@ant.com\chrome\locale\ru-RU folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\anttoolbar@ant.com\chrome\locale\pt-PT folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\anttoolbar@ant.com\chrome\locale\pt-BR folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\anttoolbar@ant.com\chrome\locale\nl folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\anttoolbar@ant.com\chrome\locale\ja-JP folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\anttoolbar@ant.com\chrome\locale\hu folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\anttoolbar@ant.com\chrome\locale\fr folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\anttoolbar@ant.com\chrome\locale\es-ES folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\anttoolbar@ant.com\chrome\locale\es-AR folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\anttoolbar@ant.com\chrome\locale\en-US folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\anttoolbar@ant.com\chrome\locale\de folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\anttoolbar@ant.com\chrome\locale folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\anttoolbar@ant.com\chrome\content\xul folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\anttoolbar@ant.com\chrome\content\prefs folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\anttoolbar@ant.com\chrome\content\player\skin\img\buttons folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\anttoolbar@ant.com\chrome\content\player\skin\img folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\anttoolbar@ant.com\chrome\content\player\skin folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\anttoolbar@ant.com\chrome\content\player folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\anttoolbar@ant.com\chrome\content\lib folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\anttoolbar@ant.com\chrome\content\grabber folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\anttoolbar@ant.com\chrome\content\downloader folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\anttoolbar@ant.com\chrome\content\db folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\anttoolbar@ant.com\chrome\content\antlib folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\anttoolbar@ant.com\chrome\content folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\anttoolbar@ant.com\chrome folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\anttoolbar@ant.com folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\cacaoweb@cacaoweb.org\defaults\preferences folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\cacaoweb@cacaoweb.org\defaults folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\cacaoweb@cacaoweb.org\chrome\skin folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\cacaoweb@cacaoweb.org\chrome\locale\fr-FR folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\cacaoweb@cacaoweb.org\chrome\locale\es-ES folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\cacaoweb@cacaoweb.org\chrome\locale\en-US folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\cacaoweb@cacaoweb.org\chrome\locale\de-DE folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\cacaoweb@cacaoweb.org\chrome\locale folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\cacaoweb@cacaoweb.org\chrome\content folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\cacaoweb@cacaoweb.org\chrome folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\cacaoweb@cacaoweb.org folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\personas@christopher.beard\modules folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\personas@christopher.beard\defaults\preferences folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\personas@christopher.beard\defaults folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\personas@christopher.beard\components folder moved successfully. C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\personas@christopher.beard folder moved successfully. C:\Users\PATANI\AppData\Roaming\Mozilla\Firefox\Profiles\1wrzvwna.default\searchplugins\conduit.xml moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}\ not found. File C:\Program Files\ZoneAlarm\tbZone.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}\ not found. File C:\Program Files\ZoneAlarm\tbZone.dll not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{66F2E20D-0DA8-4C11-A9C8-DD8477B88ACD} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{66F2E20D-0DA8-4C11-A9C8-DD8477B88ACD}\ not found. File C:\Program Files\ZoneAlarm\tbZone.dll not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e753cee5-736f-11e0-aa12-00238bcdd269}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e753cee5-736f-11e0-aa12-00238bcdd269}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e753cee5-736f-11e0-aa12-00238bcdd269}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e753cee5-736f-11e0-aa12-00238bcdd269}\ not found. File F:\WIN\TV\setup.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ not found. File F:\WIN\TV\setup.exe not found. C:\Windows\System32\drivers\SBREDrv.sys moved successfully. C:\Program Files\Lavasoft\Ad-Aware folder moved successfully. C:\Program Files\Lavasoft folder moved successfully. C:\ProgramData\Lavasoft\License folder moved successfully. C:\ProgramData\Lavasoft folder moved successfully. C:\Windows\System32\VCCLSID.exe moved successfully. C:\Windows\System32\SrchSTS.exe moved successfully. C:\Windows\System32\swreg.exe moved successfully. C:\Windows\System32\VACFix.exe moved successfully. C:\Windows\System32\IEDFix.exe moved successfully. C:\Windows\System32\IEDFix.C.exe moved successfully. C:\Windows\System32\404Fix.exe moved successfully. C:\Windows\System32\o4Patch.exe moved successfully. C:\Windows\System32\swxcacls.exe moved successfully. C:\Windows\System32\Agent.OMZ.Fix.exe moved successfully. ADS C:\ProgramData\TEMP:07BF512B deleted successfully. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== ========== FILES ========== < ipconfig /flushdns /c > Configuration IP de Windows Cache de r‚solution DNS vid‚. C:\Users\PATANI\Desktop\cmd.bat deleted successfully. C:\Users\PATANI\Desktop\cmd.txt deleted successfully. File\Folder C:\WINDOWS\tasks\*.job not found. File\Folder C:\*.sqm not found. File\Folder C:\WINDOWS\System32\*.tmp not found. File\Folder C:\WINDOWS\*.tmp not found. C:\Program Files\ZoneAlarm folder moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 56468 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: PATANI ->Temp folder emptied: 7717047 bytes ->Temporary Internet Files folder emptied: 464291 bytes ->Java cache emptied: 30882 bytes ->FireFox cache emptied: 53788239 bytes ->Flash cache emptied: 57079 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 20026 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 59,00 mb [EMPTYFLASH] User: All Users User: Default ->Flash cache emptied: 0 bytes User: Default User ->Flash cache emptied: 0 bytes User: PATANI ->Flash cache emptied: 0 bytes User: Public Total Flash Files Cleaned = 0,00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.24.1 log created on 06242011_134424 Files\Folders moved on Reboot... Registry entries deleted on Reboot... j'ai donc fait les mises à jours java et thunderbird. l'ordinateur continue à se bloquer/ ramer par intermittence. en faisant le gestionnaire de programmes (ctrl alt sup) le service qui utilise le plus de ressources est mozilla.

bonjour, tu es très matinal! j'ai donc suivi tes instructions: j'ai désinstallé ZoneAlarm remis le COntrôle de Programme UAC, le parefeu Vista et Windows defender. je l'ai avais désactivés car j'en avais marre d'autoriser toutes les actions / clics que je faisais. voici le premier Post OLT le OLT.txt: OTL logfile created on: 24/06/2011 09:00:39 - Run 1 OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\PATANI\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,90 Gb Total Physical Memory | 1,71 Gb Available Physical Memory | 58,83% Memory free 6,00 Gb Paging File | 4,81 Gb Available in Paging File | 80,15% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 285,09 Gb Total Space | 131,30 Gb Free Space | 46,06% Space Free | Partition Type: NTFS Computer Name: ROSEBUD | User Name: PATANI | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/06/24 08:48:49 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\PATANI\Desktop\OTL.exe PRC - [2011/06/21 18:29:45 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2011/04/27 14:29:58 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2011/03/31 21:25:52 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2010/08/17 13:38:55 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2010/01/14 22:11:14 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008/08/04 11:16:46 | 006,265,376 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2008/01/21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe ========== Modules (SafeList) ========== MOD - [2011/06/24 08:48:49 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\PATANI\Desktop\OTL.exe MOD - [2010/08/31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- -- (WDSC) SRV - File not found [On_Demand | Stopped] -- -- (WDFME) SRV - File not found [Disabled | Stopped] -- -- (WDDMService) SRV - [2011/04/27 14:29:58 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011/03/31 21:25:52 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011/02/02 12:00:32 | 000,052,288 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus® SRV - [2010/05/03 13:17:44 | 000,188,416 | R--- | M] (Canal+ Active) [On_Demand | Stopped] -- C:\Program Files\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe -- (CanalPlus.VOD) SRV - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess) SRV - [2009/01/08 14:27:35 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2008/02/03 12:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [On_Demand | Stopped] -- C:\Windows\System32\ezsvc7.dll -- (ezSharedSvc) SRV - [2008/01/21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) ========== Driver Services (SafeList) ========== DRV - [2011/03/31 21:25:52 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2010/12/13 17:51:29 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2010/06/23 09:21:32 | 000,259,176 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2010/06/17 15:28:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2010/04/19 21:29:20 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netaapl.sys -- (Netaapl) DRV - [2009/12/08 05:40:54 | 000,563,200 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVerAF35.sys -- (AVerAF35) DRV - [2009/07/06 16:33:40 | 000,015,616 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hcw95rc.sys -- (hcw95rc) DRV - [2009/07/06 16:30:58 | 000,573,440 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hcw95bda.sys -- (hcw95bda) DRV - [2009/02/13 13:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM) DRV - [2008/11/19 10:41:08 | 000,016,640 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WsAudioDevice_383.sys -- (WsAudioDevice_383) DRV - [2008/04/28 00:29:26 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Pilote de carte Intel® DRV - [2006/07/24 17:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKLM\..\URLSearchHook: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Winamp Search" FF - prefs.js..browser.search.defaultthis.engineName: " " FF - prefs.js..browser.search.defaulturl: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.google.fr/" FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.1.0.3 FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20110323 FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.2 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6 FF - prefs.js..extensions.enabledItems: anttoolbar@ant.com:2.3.0 FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.99 FF - prefs.js..extensions.enabledItems: {0e10f3d7-07f6-4f12-97b9-9b27e07139a5}:1.4.5.3 FF - prefs.js..extensions.enabledItems: cacaoweb@cacaoweb.org:1.0.11 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query=" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/21 18:29:46 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/16 21:43:32 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/05/25 12:26:59 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011/06/16 21:43:32 | 000,000,000 | ---D | M] [2010/10/05 20:30:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PATANI\AppData\Roaming\mozilla\Extensions [2010/10/05 20:27:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PATANI\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2011/06/23 20:46:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions [2010/12/18 23:27:25 | 000,000,000 | ---D | M] (Netcraft Anti-Phishing Toolbar) -- C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\{0e10f3d7-07f6-4f12-97b9-9b27e07139a5} [2011/06/22 19:16:09 | 000,000,000 | ---D | M] (ZoneAlarm Community Toolbar) -- C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd} [2011/03/24 22:18:50 | 000,000,000 | ---D | M] (WOT) -- C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2011/03/21 19:47:07 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2011/06/17 21:58:12 | 000,000,000 | ---D | M] (Ant Video Downloader) -- C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\anttoolbar@ant.com [2011/03/02 20:47:57 | 000,000,000 | ---D | M] (cacaoweb) -- C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\cacaoweb@cacaoweb.org [2011/05/06 18:26:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\nostmp [2011/03/12 01:23:56 | 000,000,000 | ---D | M] (Personas) -- C:\Users\PATANI\AppData\Roaming\mozilla\Firefox\Profiles\1wrzvwna.default\extensions\personas@christopher.beard [2010/09/01 19:56:32 | 000,000,861 | ---- | M] () -- C:\Users\PATANI\AppData\Roaming\Mozilla\Firefox\Profiles\1wrzvwna.default\searchplugins\conduit.xml [2011/05/06 17:53:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2010/10/13 12:56:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} File not found (No name found) -- () (No name found) -- C:\USERS\PATANI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1WRZVWNA.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI () (No name found) -- C:\USERS\PATANI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1WRZVWNA.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2010/10/06 22:46:07 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION [2011/06/21 18:29:45 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2010/10/13 12:56:11 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011/05/06 18:26:32 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2011/05/06 18:26:32 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2011/05/06 18:26:32 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2011/05/06 18:26:32 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2011/05/06 18:26:32 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2011/05/06 18:26:32 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (ZoneAlarm Toolbar) - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (ZoneAlarm Toolbar) - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Toolbar) - {66F2E20D-0DA8-4C11-A9C8-DD8477B88ACD} - C:\Program Files\ZoneAlarm\tbZone.dll (Conduit Ltd.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\PATANI\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg O24 - Desktop BackupWallPaper: C:\Users\PATANI\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{e753cee5-736f-11e0-aa12-00238bcdd269}\Shell - "" = AutoRun O33 - MountPoints2\{e753cee5-736f-11e0-aa12-00238bcdd269}\Shell\AutoRun\command - "" = F:\WIN\TV\setup.exe O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\WIN\TV\setup.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found NetSvcs: ezSharedSvc - C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS) Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll () CREATERESTOREPOINT Restore point Set: OTL Restore Point PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin ========== Files/Folders - Created Within 30 Days ========== [2011/06/24 08:53:36 | 000,000,000 | ---D | C] -- C:\Windows\Internet Logs [2011/06/24 08:48:47 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Users\PATANI\Desktop\OTL.exe [2011/06/22 21:10:53 | 000,000,000 | ---D | C] -- C:\Program Files\Winamax Poker [2011/06/21 23:52:34 | 000,000,000 | ---D | C] -- C:\Users\PATANI\AppData\Local\Adobe [2011/06/21 22:45:35 | 000,098,392 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys [2011/06/21 22:41:31 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft [2011/06/21 22:41:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft [2011/06/21 22:37:21 | 000,289,144 | ---- | C] (S!Ri) -- C:\Windows\System32\VCCLSID.exe [2011/06/21 22:37:21 | 000,288,417 | ---- | C] (S!Ri) -- C:\Windows\System32\SrchSTS.exe [2011/06/21 22:37:21 | 000,135,168 | ---- | C] (SteelWerX) -- C:\Windows\System32\swreg.exe [2011/06/21 22:37:21 | 000,087,552 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\VACFix.exe [2011/06/21 22:37:21 | 000,082,944 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\IEDFix.exe [2011/06/21 22:37:21 | 000,082,944 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\IEDFix.C.exe [2011/06/21 22:37:21 | 000,082,432 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\404Fix.exe [2011/06/21 22:37:21 | 000,080,384 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\o4Patch.exe [2011/06/21 22:37:21 | 000,079,360 | ---- | C] (SteelWerX) -- C:\Windows\System32\swxcacls.exe [2011/06/21 22:37:21 | 000,078,336 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\Agent.OMZ.Fix.exe [2011/06/21 22:37:21 | 000,053,248 | ---- | C] (http://www.beyondlogic.org) -- C:\Windows\System32\Process.exe [2011/06/16 08:47:46 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011/06/16 08:47:44 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2011/06/16 08:47:44 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2011/06/16 08:47:44 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011/06/05 19:01:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator [2011/06/05 19:00:57 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCOMCT2.OCX [2011/06/05 19:00:57 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMAPI32.OCX [2011/06/05 19:00:55 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCMCFR.DLL [2011/06/05 19:00:55 | 000,119,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VB6FR.DLL [2011/06/05 19:00:55 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCC2FR.DLL [2011/06/05 19:00:55 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPIDE.DLL [2011/06/05 19:00:55 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator [2011/06/05 18:57:03 | 000,000,000 | ---D | C] -- C:\Users\PATANI\AppData\Roaming\Softland [2011/06/05 18:56:59 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\GdiPlus.dll ========== Files - Modified Within 30 Days ========== [2011/06/24 09:02:09 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2011/06/24 08:58:35 | 000,679,042 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2011/06/24 08:58:35 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011/06/24 08:58:35 | 000,126,626 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2011/06/24 08:58:35 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011/06/24 08:53:05 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011/06/24 08:53:05 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011/06/24 08:52:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/06/24 08:52:56 | 3117,314,048 | -HS- | M] () -- C:\hiberfil.sys [2011/06/24 08:51:32 | 000,000,290 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2011/06/24 08:48:49 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\PATANI\Desktop\OTL.exe [2011/06/22 21:10:53 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\Winamax Poker.lnk [2011/06/21 23:36:53 | 000,006,964 | ---- | M] () -- C:\fraglist.luar [2011/06/21 22:45:34 | 000,098,392 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys [2011/06/21 22:37:32 | 000,001,808 | ---- | M] () -- C:\Windows\System32\tmp.reg [2011/06/21 19:46:31 | 000,190,976 | ---- | M] () -- C:\Users\PATANI\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/06/13 17:51:04 | 000,000,932 | ---- | M] () -- C:\Users\PATANI\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk [2011/06/12 17:30:29 | 000,706,524 | ---- | M] () -- C:\Users\PATANI\Documents\ACOB-notice-information.pdf [2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys ========== Files Created - No Company Name ========== [2011/06/24 09:02:09 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2011/06/24 08:51:32 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2011/06/21 23:36:53 | 000,006,964 | ---- | C] () -- C:\fraglist.luar [2011/06/21 22:37:32 | 000,001,808 | ---- | C] () -- C:\Windows\System32\tmp.reg [2011/06/21 22:37:21 | 000,075,776 | ---- | C] () -- C:\Windows\System32\WS2Fix.exe [2011/06/21 22:37:21 | 000,051,200 | ---- | C] () -- C:\Windows\System32\dumphive.exe [2011/06/21 22:37:21 | 000,040,960 | ---- | C] () -- C:\Windows\System32\swsc.exe [2011/06/13 17:51:04 | 000,000,932 | ---- | C] () -- C:\Users\PATANI\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk [2011/06/12 17:30:29 | 000,706,524 | ---- | C] () -- C:\Users\PATANI\Documents\ACOB-notice-information.pdf [2011/06/05 19:00:57 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll [2011/06/05 18:57:00 | 000,007,549 | ---- | C] () -- C:\Windows\System32\dopdf7.ctm [2011/05/02 21:06:26 | 000,000,135 | ---- | C] () -- C:\Windows\ODBC.INI [2011/05/02 21:05:19 | 000,142,337 | ---- | C] () -- C:\Windows\System32\Wait.exe [2011/05/02 21:04:07 | 000,008,128 | ---- | C] () -- C:\Windows\HCWPNP.INI [2010/12/24 16:25:11 | 000,000,098 | ---- | C] () -- C:\Users\PATANI\AppData\Roaming\Movies2iPhone.ini [2010/12/20 19:27:18 | 000,106,560 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat [2010/12/01 14:46:03 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt [2010/11/28 16:50:08 | 000,758,018 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2010/11/28 16:50:08 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2010/10/09 20:14:27 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2010/10/08 16:54:40 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2010/10/08 16:54:40 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2010/10/05 22:25:36 | 000,190,976 | ---- | C] () -- C:\Users\PATANI\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/10/05 21:03:22 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat [2010/10/05 21:03:13 | 000,008,172 | ---- | C] () -- C:\Windows\System32\ezdigsgn.dat [2010/10/05 20:27:04 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2010/09/24 09:49:00 | 000,014,848 | ---- | C] () -- C:\Windows\System32\lua5.1a_gui.exe [2010/09/24 09:49:00 | 000,010,752 | ---- | C] () -- C:\Windows\System32\lua5.1a.exe [2010/09/24 09:48:58 | 000,092,160 | ---- | C] () -- C:\Windows\System32\lua5.1a.dll [2009/12/03 09:27:30 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2009/01/08 21:47:57 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2009/01/08 21:47:46 | 000,014,640 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat [2009/01/08 21:47:44 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1527.dll [2009/01/08 21:47:43 | 002,192,024 | ---- | C] () -- C:\Windows\System32\igkrng500.bin [2009/01/08 21:47:43 | 000,147,172 | ---- | C] () -- C:\Windows\System32\igfcg550.bin [2009/01/08 21:47:42 | 000,495,376 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin [2009/01/08 14:25:44 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI [2009/01/08 13:28:02 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2008/01/21 10:40:50 | 000,679,042 | ---- | C] () -- C:\Windows\System32\perfh00C.dat [2008/01/21 10:40:50 | 000,340,236 | ---- | C] () -- C:\Windows\System32\perfi00C.dat [2008/01/21 10:40:50 | 000,126,626 | ---- | C] () -- C:\Windows\System32\perfc00C.dat [2008/01/21 10:40:50 | 000,037,390 | ---- | C] () -- C:\Windows\System32\perfd00C.dat [2006/11/02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006/11/02 14:47:37 | 000,325,640 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006/11/02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 12:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006/11/02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006/11/02 12:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006/11/02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006/11/02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006/11/02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006/11/02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006/11/02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2011/06/21 23:39:32 | 000,000,377 | ---- | M] () -- C:\aaw7boot.log [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2009/04/11 08:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr [2009/01/08 21:50:15 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK [2006/09/18 23:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys [2011/06/21 23:36:53 | 000,006,964 | ---- | M] () -- C:\fraglist.luar [2011/06/21 23:36:53 | 000,005,840 | ---- | M] () -- C:\fraglist.txt [2011/06/24 08:52:56 | 3117,314,048 | -HS- | M] () -- C:\hiberfil.sys [2011/01/01 20:31:02 | 000,021,454 | ---- | M] () -- C:\MP4debug.log [2011/06/24 08:52:55 | 3430,920,192 | -HS- | M] () -- C:\pagefile.sys [2011/06/24 09:02:09 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2011/06/21 22:37:59 | 000,005,636 | ---- | M] () -- C:\rapport.txt [2009/11/25 11:19:34 | 000,000,698 | ---- | M] () -- C:\RemoveCodec.iss [2009/01/08 14:13:26 | 000,000,426 | ---- | M] () -- C:\RHDSetup.log [2011/05/02 21:24:11 | 000,000,373 | ---- | M] () -- C:\setup.log [2011/03/07 01:31:53 | 000,057,326 | ---- | M] () -- C:\TDSSKiller.2.4.5.0_07.03.2011_00.31.25_log.txt [2011/03/08 01:11:28 | 000,057,326 | ---- | M] () -- C:\TDSSKiller.2.4.5.0_08.03.2011_00.11.04_log.txt [2011/06/21 21:45:46 | 000,058,278 | ---- | M] () -- C:\TDSSKiller.2.4.5.0_21.06.2011_21.42.24_log.txt [2011/05/22 22:49:55 | 000,058,032 | ---- | M] () -- C:\TDSSKiller.2.4.5.0_22.05.2011_22.49.21_log.txt < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > [2008/01/21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV [2008/01/21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV [2008/01/21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV [2006/11/02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV [2006/11/02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV < %systemroot%\system32\drivers\*.sys /90 > [2011/04/21 15:58:27 | 000,273,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\afd.sys [2011/03/31 21:25:52 | 000,137,656 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2011/04/14 16:59:03 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dfsc.sys [2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011/04/29 15:24:40 | 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb.sys [2011/04/29 15:24:50 | 000,214,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb10.sys [2011/04/29 15:24:42 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb20.sys [2011/06/21 22:45:34 | 000,098,392 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys [2011/04/29 15:25:10 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv2.sys [2011/04/29 15:25:09 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srvnet.sys < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-06-16 17:26:24 ========== Alternate Data Streams ========== @Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:07BF512B < End of report > voici le deuxième rapport extra.txt: OTL Extras logfile created on: 24/06/2011 09:00:39 - Run 1 OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\PATANI\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,90 Gb Total Physical Memory | 1,71 Gb Available Physical Memory | 58,83% Memory free 6,00 Gb Paging File | 4,81 Gb Available in Paging File | 80,15% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 285,09 Gb Total Space | 131,30 Gb Free Space | 46,06% Space Free | Partition Type: NTFS Computer Name: ROSEBUD | User Name: PATANI | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3481225747-3137295674-505525059-1000] "EnableNotifications" = 0 "EnableNotificationsRef" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{64914289-C281-4808-A384-491DFFE99A74}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{87A60317-0BBF-4D65-8D34-E961218C7A83}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{01C7FD58-9ED1-4A54-B494-6D5A8F2BFA50}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{6D82A0EF-C4CA-4588-95A8-45431F99362B}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | "{9823218B-0D2A-4375-A940-BCB6DC45AFD6}" = dir=in | app=c:\program files\itunes\itunes.exe | "{CE4AA9D1-A9CF-4391-B84E-09E42C456685}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{EEFB39D2-1407-43FE-AE18-7729BA4597CD}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{04DA096D-6236-4A5D-8FB6-3081E67009BA}" = CANAL+ CANALSAT A LA DEMANDE "{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0ED40D2A-7131-4FE7-941E-5C329336F712}" = HDReg France "{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{266517E6-D866-439D-919C-B8B1A52E6080}" = OpenOffice.org 3.2 "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 20 "{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live "{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra "{433A3206-BA86-B1D7-882B-2BCF34E7F73D}" = Winamax Poker "{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{5BF5F9C5-E95B-4AFA-94BE-F2A9CA73B61D}" = Apple Mobile Device Support "{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI "{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources "{67D0313C-4F15-437D-9A2D-C1564088A26A}" = Windows Live Sync "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{98D451C4-4ACA-4273-BB47-57CFE46B048E}" = WD SmartWare "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAD47011-8518-4608-9656-951DA35B587B}" = iTunes "{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.5 - Français "{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter "{B0900CB5-8EC0-43B4-9DAC-A32FE52DC864}" = e-Carte Bleue Banque Populaire "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common "{CA786CFF-1D31-4804-B436-F3405B14357F}" = Packard Bell Updator "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager "{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR "7-Zip" = 7-Zip 9.20 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "CCleaner" = CCleaner "Defraggler" = Defraggler "Easy GIF Animator Cracked by zoo_is1" = Easy GIF Animator 5.2 "HDMI" = Intel® Graphics Media Accelerator Driver "Machinarium" = Machinarium "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.0.1200 "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA "Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13) "Mozilla Thunderbird (3.1.7)" = Mozilla Thunderbird (3.1.7) "Soulseek2" = SoulSeek 157 NS 13e "SynTPDeinstKey" = Synaptics Pointing Device Driver "UltraDefrag" = Ultra Defragmenter "uTorrent" = µTorrent "VLC media player" = VLC media player 1.1.6 "wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1" = Winamax Poker "WBFS Manager 3.0" = WBFS Manager 3.0 "WinLiveSuite" = Windows Live "WinRAR archiver" = Archiveur WinRAR "Wondershare Streaming Audio Recorder_is1" = Wondershare Streaming Audio Recorder(Build 1.0.10.1) ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 17/06/2011 05:09:06 | Computer Name = ROSEBUD | Source = Windows Search Service | ID = 3013 Description = Error - 17/06/2011 05:09:06 | Computer Name = ROSEBUD | Source = Windows Search Service | ID = 3013 Description = Error - 17/06/2011 05:09:07 | Computer Name = ROSEBUD | Source = Windows Search Service | ID = 3013 Description = Error - 17/06/2011 05:09:07 | Computer Name = ROSEBUD | Source = Windows Search Service | ID = 3013 Description = Error - 17/06/2011 05:09:07 | Computer Name = ROSEBUD | Source = Windows Search Service | ID = 3013 Description = Error - 17/06/2011 05:09:07 | Computer Name = ROSEBUD | Source = Windows Search Service | ID = 3013 Description = Error - 17/06/2011 05:09:34 | Computer Name = ROSEBUD | Source = Windows Search Service | ID = 3013 Description = Error - 17/06/2011 05:09:34 | Computer Name = ROSEBUD | Source = Windows Search Service | ID = 3013 Description = Error - 17/06/2011 05:09:34 | Computer Name = ROSEBUD | Source = Windows Search Service | ID = 3013 Description = Error - 17/06/2011 05:09:34 | Computer Name = ROSEBUD | Source = Windows Search Service | ID = 3013 Description = [ Media Center Events ] Error - 13/10/2010 06:14:08 | Computer Name = ROSEBUD | Source = Media Center Guide | ID = 0 Description = Info sur l’événement : ERROR: SqmApiWrapper.SqmFlushSession failed; Win32 GetLastError returned 0D Processus : DefaultDomain Nom de l’objet : Media Center Guide [ System Events ] Error - 24/06/2011 02:47:02 | Computer Name = ROSEBUD | Source = disk | ID = 262151 Description = Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux. Error - 24/06/2011 02:47:06 | Computer Name = ROSEBUD | Source = disk | ID = 262151 Description = Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux. Error - 24/06/2011 02:47:10 | Computer Name = ROSEBUD | Source = disk | ID = 262151 Description = Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux. Error - 24/06/2011 02:47:14 | Computer Name = ROSEBUD | Source = disk | ID = 262151 Description = Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux. Error - 24/06/2011 02:47:18 | Computer Name = ROSEBUD | Source = disk | ID = 262151 Description = Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux. Error - 24/06/2011 02:47:22 | Computer Name = ROSEBUD | Source = disk | ID = 262151 Description = Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux. Error - 24/06/2011 02:47:27 | Computer Name = ROSEBUD | Source = disk | ID = 262151 Description = Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux. Error - 24/06/2011 02:52:48 | Computer Name = ROSEBUD | Source = volmgr | ID = 262190 Description = L'initialisation du fichier de vidage sur incident a échoué. Error - 24/06/2011 02:52:55 | Computer Name = ROSEBUD | Source = volmgr | ID = 262190 Description = L'initialisation du fichier de vidage sur incident a échoué. Error - 24/06/2011 02:53:27 | Computer Name = ROSEBUD | Source = Service Control Manager | ID = 7000 Description = < End of report >

bonsoir j'ai mis du temps à répondre. je n'arrive pas à obtenir le bilan du scan online de ESET il ne trouve rien mais ne propose pas de rapport. voici les rapports de Malware byte: Malwarebytes' Anti-Malware 1.51.0.1200 www.malwarebytes.org Version de la base de données: 6919 Windows 6.0.6002 Service Pack 2 Internet Explorer 9.0.8112.16421 22/06/2011 19:40:35 mbam-log-2011-06-22 (19-40-35).txt Type d'examen: Examen rapide Elément(s) analysé(s): 148283 Temps écoulé: 12 minute(s), 50 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) voici le rapport Security Check Results of screen317's Security Check version 0.99.15 Windows Vista Service Pack 2 (UAC is disabled!) Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: Windows Security Center service is not running! This report may not be accurate! Avira AntiVir Personal - Free Antivirus ESET Online Scanner v3 ZoneAlarm ZoneAlarm Toolbar WMI entry may not exist for antivirus; attempting automatic update. Avira successfully updated! ``````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware CCleaner Java 6 Update 20 Out of date Java installed! Adobe Flash Player 10.3.181.14 Mozilla Thunderbird (3.1.7) Thunderbird Out of Date! ```````````````````````````````` Process Check: objlist.exe by Laurent Avira Antivir avgnt.exe Avira Antivir avguard.exe ESET ESET Online Scanner OnlineCmdLineScanner.exe Zone Labs ZoneAlarm zlclient.exe ``````````End of Log```````````` d'autres infos : il se fige surtout à l'allumage, lorsque je lance firefox, et internet explorer aussi;

merci pour ton aide! l'ordinateur rame quel que soit le programme utilisé, même en ouvrant un dossier ou l'explorer, il se fige plusieurs secondes avant de réagir. je suis ta procédure et je post les rapports! encore merci.

bonsoir à tous. voici mon problème: depuis quelques jours mon ordi portable packard bell mh 36 rame. je passe des antivirus ( smitfraud, malwarebyte,adware se tds killer) mais ils ne trouvent rien. est-ce une infection ou un problème physique? voici mon rapport hijack this. merci à tous ceux qui prendront le temps de l'étudier! Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:53:48, on 21/06/2011 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\CheckPoint\ZAForceField\ForceField.exe C:\Windows\system32\conime.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\PATANI\Downloads\Logiciels\HiJackThis.exe R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R3 - URLSearchHook: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll O1 - Hosts: ::1 localhost O2 - BHO: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll O3 - Toolbar: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [iSW] "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden" O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: CanalPlus.VOD - Canal+ Active - C:\Program Files\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Easybits Shared Services for Windows (ezSharedSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: getPlus® Helper 3004 (nosGetPlusHelper) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: WD File Management Engine (WDFME) - Unknown owner - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe (file missing) O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: WD File Management Shadow Engine (WDSC) - Unknown owner - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe (file missing) O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Windows Defender (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe O23 - Service: Centre de sécurité (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe -- End of file - 17599 bytes

ben j'ai tout réinstaller et ça marche à nouveau! sûrement un problème suite à une mise à jour! merci de ton aide thorgal!

bon et bien je confirme que j'avais déjà essayé ce driver c'est un échec! le problème est toujours là! je précise que j'ai également un autre symptôme qui peut peut-être aider: la résolution de problème ne fonctionne plus et j'ai un message d'erreur code erreur 0x80070490 c'est semble t il lié à une mise à jour! en regardant dans les points de restauration, les plus récents viennent suite à une mise à jour Windows! je ne peux plus résoudre aucune erreur! pour ce qui est de la box, j'ai un autre portable qui fonctionne toujours en Wifi sans problème! j'utilise actuellement l'ordi défaillant mais en connexion Ethernet! je vous rappelle que je ne peux pas faire de restauration système elles échouent, même avec l'antivirus (Avira) et ZOne Alarm désactivés!

Merci de ton aide Thorgal j'essaye de l'installer mais il me semble que je l'ai déjà essayé! JE te tiens au courant!

Bonjour à toutes et à tous. j'ai un gros souci avec le wifi de mon ordinateur portable Packard Bell easy Note MH36 j'ai une carte réseau sans fil RaLink:RT2860. Elle ne détecte plus les réseaux disponibles, pourtant elle est allumée. si je fais "propriétés" , j'ai le message :" ce périphérique est correctement installé" Si je clique sur l'icône des réseaux, elle apparait "désactivée", si je choisis de l'activer, elle reste désactivée. J'ai essayé une restauration du système en plusieurs points, mais j'ai un message au redémarrage de l'ordinateur qui m'indique que cela n'a pas fonctionner et me conseille une récupération avancée: une réinstallation de Windows! j'ai tenté la désinstallation du pilote de la carte, sans succès; j'ai fais une mise à jour du pilote, sans succès. je suis sous Windows 7 voici une copie de ma configuration. Est-ce que quelqu'un peut m'aider? MErci d'avance! Version du plugin 4,1,0,2 Version de la base 16 Date de la detection 04/10/2010 17:42 Nom de la machine Patani Système d'exploitation Windows 7 Edition Intégrale (x64) (build 7600) Navigateur web par défaut: Mozilla Firefox Client e-mail par défaut: Mozilla Thunderbird Antispyware:Spybot - Search and Destroy 1.0.0.6 WinSAT Note Générale 3.3 (Processeur: 5.1, Mémoire vive: 5.1, Graphiques: 3.6, Graphiques de jeu: 3.3, Disque dur principal: 5.4 ) Carte mère SMBios version 2.5 PACKARD BELL BV PE2L Bios: Phoenix Technologies LTD PBPE2L0N.P10 04/08/2009 taille: 2048Kb Chipset Northbridge: Intel GL40 Southbridge: Intel 82801IM (ICH9-M) Processeur Intel Pentium T4200 Penryn Socket P (478) (@45 nm) 2000 Mhz ( L1I: 2 x 32 Ko, L1D: 2 x 32 Ko, L2: 1024 Ko ) Mémoire Mémoire physique totale: 4096 Mo, Type: DDR2, @332.5MHz, 5.0-5-5-15--1T DDR2 Hyundai Electronics HYMP125S64CP8-Y5 2048 Mo PC2-5300 (333 Mhz) DDR2 Hyundai Electronics HYMP125S64CP8-Y5 2048 Mo PC2-5300 (333 Mhz) Carte graphique Mobile Intel® 4 Series Express Chipset Family Périphériques IDE Hitachi HTS543232L9A300 FB4OC40C (SATA II, 298.09 Go, tampon: 6 Mo) Lecteurs CD/DVD Optiarc DVD RW AD-7580S FX04 (DVD-RAM Recorder) Disque dur Hitachi HTS543232L9A300 ATA Device Cartes PCI/AGP Stockage Intel Corporation:ICH9M/M-E 2 port SATA IDE Controller: Intel Corporation:ICH9M/M-E 2 port SATA IDE Controller: Réseau Realtek Semiconductor Co., Ltd.:RTL8101E/RTL8102E PCI Express Fast Ethernet controller: RaLink:RT2860: Affichage Intel Corporation:Mobile 4 Series Chipset Integrated Graphics Controller: Intel Corporation:Mobile 4 Series Chipset Integrated Graphics Controller: Multimedia Intel Corporation:82801I (ICH9 Family) HD Audio Controller: Ponts Intel Corporation:Mobile 4 Series Chipset Memory Controller Hub: Intel Corporation:82801I (ICH9 Family) PCI Express Port 1 Intel Corporation:82801I (ICH9 Family) PCI Express Port 2 Intel Corporation:82801 Mobile PCI Bridge Intel Corporation:ICH9M LPC Interface Controller: Bus Series Intel Corporation:82801I (ICH9 Family) USB UHCI Controller #4: Intel Corporation:82801I (ICH9 Family) USB UHCI Controller #5: Intel Corporation:82801I (ICH9 Family) USB UHCI Controller #6: Intel Corporation:82801I (ICH9 Family) USB2 EHCI Controller #2: Intel Corporation:82801I (ICH9 Family) USB UHCI Controller #1: Intel Corporation:82801I (ICH9 Family) USB UHCI Controller #2: Intel Corporation:82801I (ICH9 Family) USB UHCI Controller #3: Intel Corporation:82801I (ICH9 Family) USB2 EHCI Controller #1: Intel Corporation:82801I (ICH9 Family) SMBus Controller: Périphérique USB Logitech, Inc. V220 Cordless Optical Mouse for Notebooks (Périphérique USB composite) Logitech, Inc. V220 Cordless Optical Mouse for Notebooks (Périphérique dentrée USB) Logitech, Inc. V220 Cordless Optical Mouse for Notebooks (Périphérique dentrée USB) Chicony Electronics Co., Ltd Périphérique USB composite Chicony Electronics Co., Ltd Périphérique vidéo USB Realtek Semiconductor Corp. USB 2.0 multicard reader (Realtek USB 2.0 Card Reader) Clavier Launch Manager Souris Souris HID Synaptics PS/2 Port TouchPad Ecran Moniteur Plug-and-Play générique(SAMSUNG ) Plus d'options sur Ma‑Config.com Mettre à jour mes pilotes

Bonjour, Merci pour ton aide Monsieur le Sioux! je m'active dès que possible à la tache et je te tiens au courant!

bonjour! ma nièce étant en vacances, elle n'a pas pu faire les manip avant aujourd'hui! je poste donc le rapport malware bytes le voici: Malwarebytes' Anti-Malware 1.44 Version de la base de données: 3739 Windows 6.0.6000 Internet Explorer 7.0.6000.16982 28/02/2010 12:12:23 mbam-log-2010-02-28 (12-12-23).txt Type de recherche: Examen rapide Eléments examinés: 113205 Temps écoulé: 6 minute(s), 32 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) et puis le log de RSIT Logfile of random's system information tool 1.06 (written by random/random) Run by clara at 2010-02-28 15:44:24 Microsoft® Windows Vista™ Édition Familiale Premium System drive C: has 155 GB (66%) free of 234 GB Total RAM: 3071 MB (47% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:44:31, on 28/02/2010 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16982) Boot mode: Normal Running processes: C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Acer\Empowering Technology\SysMonitor.exe C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe C:\Windows\System32\TBMon.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Windows\ehome\ehmsas.exe C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE C:\Windows\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\iTunes\iTunes.exe C:\Windows\system32\taskeng.exe C:\Users\clara\Downloads\RSIT.exe C:\Users\clara\Downloads\RSIT.exe C:\Program Files\trend micro\clara.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.jeux.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing) R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll O1 - Hosts: ::1 localhost O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing) O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing) O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe O4 - HKLM\..\Run: [TBGuard] C:\WINDOWS\System32\TBMon.exe O4 - HKLM\..\Run: [Null Space] NullSpace O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Global Startup: Empowering Technology Launcher.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resou...NPUpldfr-fr.cab O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD42/JSCDL/jre/6u...ows-i586-jc.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: Service Google Update (gupdate1ca27c84230ffcc) (gupdate1ca27c84230ffcc) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe O23 - Service: Fournisseur de services non WDM (WuServ) - Unknown owner - C:\Windows\system32\WuServ.exe -- End of file - 10613 bytes ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\User_Feed_Synchronization-{4746BECC-45C5-4FC6-81FE-DCAAC63D1E89}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll [2008-03-25 509328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}] ShowBarObj Class - C:\Windows\system32\ActiveToolBand.dll [2007-04-25 299008] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-01-29 279664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2010-01-29 812528] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}] SweetIM Toolbar Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2008-03-27 1164600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Windows\system32\eDStoolbar.dll [2007-04-25 151552] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [] {EEE6C35B-6118-11DC-9C72-001320C79847} - SweetIM Toolbar for Internet Explorer - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2008-03-27 1164600] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-01-29 279664] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2007-12-03 1006264] "Acer Empowering Technology Monitor"=C:\Acer\Empowering Technology\SysMonitor.exe [2007-09-07 326176] "eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2007-04-25 457216] "Acer Tour"= [] "TBGuard"=C:\WINDOWS\System32\TBMon.exe [2009-11-14 90217] "Null Space"=NullSpace [] "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-01-07 1394000] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] "ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-03-03 959976] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2006-11-02 125440] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-02 201728] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-02-20 39408] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe [2007-03-01 2321600] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe [2009-09-21 305440] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe [2008-05-17 1232896] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0e481f80-5346-11de-b01d-001d926b18ca}] shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0e481f87-5346-11de-b01d-001d926b18ca}] shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\copy.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3ebf11f9-6293-11de-a8fe-001d926b18ca}] shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\copy.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5cca5875-da4c-11dd-a706-001d926b18ca}] shell\Auto\command - E:\AdobeR.exe e shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\AdobeR.exe e [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5e9a2ee6-4a61-11dd-a56c-001d926b18ca}] shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\copy.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9e3b3085-db3e-11dd-92e4-001d926b18ca}] shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a5664abb-1c34-11dd-a5ed-001d926b18ca}] shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe ======List of files/folders created in the last 1 months====== 2010-02-28 15:43:28 ----D---- C:\Program Files\trend micro 2010-02-28 15:43:26 ----D---- C:\rsit 2010-02-27 19:47:14 ----A---- C:\Windows\system32\tzres.dll 2010-02-27 19:45:47 ----A---- C:\Windows\system32\secproc_isv.dll 2010-02-27 19:45:47 ----A---- C:\Windows\system32\secproc.dll 2010-02-27 19:45:47 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe 2010-02-27 19:45:47 ----A---- C:\Windows\system32\RMActivate_ssp.exe 2010-02-27 19:45:47 ----A---- C:\Windows\system32\RMActivate_isv.exe 2010-02-27 19:45:47 ----A---- C:\Windows\system32\RMActivate.exe 2010-02-27 19:45:46 ----A---- C:\Windows\system32\secproc_ssp_isv.dll 2010-02-27 19:45:46 ----A---- C:\Windows\system32\secproc_ssp.dll 2010-02-27 19:45:46 ----A---- C:\Windows\system32\msdrm.dll 2010-02-17 11:33:57 ----D---- C:\ProgramData\FamilyFlights 2010-02-14 22:44:27 ----A---- C:\Windows\system32\vsutil_loc040c.dll 2010-02-14 22:44:23 ----A---- C:\Windows\system32\vsregexp.dll 2010-02-14 22:44:06 ----A---- C:\Windows\system32\zlcommdb.dll 2010-02-14 22:44:06 ----A---- C:\Windows\system32\zlcomm.dll 2010-02-14 22:43:58 ----A---- C:\Windows\system32\vswmi.dll 2010-02-14 22:43:53 ----A---- C:\Windows\system32\zpeng24.dll 2010-02-14 22:43:52 ----A---- C:\Windows\system32\vsxml.dll 2010-02-14 22:43:50 ----D---- C:\Program Files\Zone Labs 2010-02-14 22:43:48 ----A---- C:\Windows\system32\vspubapi.dll 2010-02-14 22:43:46 ----A---- C:\Windows\system32\vsmonapi.dll 2010-02-14 22:43:44 ----D---- C:\ProgramData\CheckPoint 2010-02-14 22:43:44 ----A---- C:\Windows\system32\vsdata.dll 2010-02-14 22:41:58 ----D---- C:\Windows\system32\ZoneLabs 2010-02-14 22:41:21 ----D---- C:\Windows\Internet Logs 2010-02-14 22:41:21 ----A---- C:\Windows\system32\vsutil.dll 2010-02-14 22:41:21 ----A---- C:\Windows\system32\vsinit.dll 2010-02-14 22:38:05 ----D---- C:\ProgramData\Avira 2010-02-14 22:38:05 ----D---- C:\Program Files\Avira 2010-02-14 22:22:19 ----D---- C:\Users\clara\AppData\Roaming\Mozilla 2010-02-14 22:22:12 ----D---- C:\Program Files\Mozilla Firefox 2010-02-14 22:21:48 ----D---- C:\Users\clara\AppData\Roaming\Malwarebytes 2010-02-14 22:21:43 ----D---- C:\ProgramData\Malwarebytes 2010-02-14 22:21:43 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-02-14 22:12:33 ----HDC---- C:\ProgramData\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6} 2010-02-14 22:12:23 ----D---- C:\ProgramData\Lavasoft 2010-02-14 22:12:23 ----D---- C:\Program Files\Lavasoft 2010-02-14 22:01:14 ----D---- C:\Program Files\CCleaner 2010-02-14 21:55:39 ----A---- C:\Windows\system32\tmp.txt 2010-02-14 21:55:37 ----A---- C:\rapport.txt 2010-02-14 21:55:15 ----A---- C:\Windows\system32\WS2Fix.exe 2010-02-14 21:55:15 ----A---- C:\Windows\system32\VCCLSID.exe 2010-02-14 21:55:15 ----A---- C:\Windows\system32\VACFix.exe 2010-02-14 21:55:15 ----A---- C:\Windows\system32\swxcacls.exe 2010-02-14 21:55:15 ----A---- C:\Windows\system32\o4Patch.exe 2010-02-14 21:55:15 ----A---- C:\Windows\system32\IEDFix.exe 2010-02-14 21:55:15 ----A---- C:\Windows\system32\IEDFix.C.exe 2010-02-14 21:55:15 ----A---- C:\Windows\system32\dumphive.exe 2010-02-14 21:55:15 ----A---- C:\Windows\system32\Agent.OMZ.Fix.exe 2010-02-14 21:55:15 ----A---- C:\Windows\system32\404Fix.exe 2010-02-14 21:55:14 ----A---- C:\Windows\system32\swsc.exe 2010-02-14 21:55:14 ----A---- C:\Windows\system32\swreg.exe 2010-02-14 21:55:14 ----A---- C:\Windows\system32\SrchSTS.exe 2010-02-14 21:55:14 ----A---- C:\Windows\system32\Process.exe 2010-02-13 14:54:20 ----D---- C:\ProgramData\Oberon Media 2010-02-13 14:54:11 ----D---- C:\Program Files\Jeux.fr 2010-02-09 23:02:56 ----A---- C:\Windows\system32\ntoskrnl.exe 2010-02-09 23:02:55 ----A---- C:\Windows\system32\ntkrnlpa.exe 2010-02-09 23:02:50 ----A---- C:\Windows\system32\tcpipcfg.dll 2010-02-09 23:02:50 ----A---- C:\Windows\system32\netiougc.exe 2010-02-09 23:02:50 ----A---- C:\Windows\system32\IKEEXT.DLL 2010-02-09 23:02:50 ----A---- C:\Windows\system32\FWPUCLNT.DLL 2010-02-09 23:02:50 ----A---- C:\Windows\system32\BFE.DLL 2010-02-09 23:02:47 ----A---- C:\Windows\system32\tsbyuv.dll 2010-02-09 23:02:47 ----A---- C:\Windows\system32\quartz.dll 2010-02-09 23:02:47 ----A---- C:\Windows\system32\msyuv.dll 2010-02-09 23:02:47 ----A---- C:\Windows\system32\msvidc32.dll 2010-02-09 23:02:47 ----A---- C:\Windows\system32\msrle32.dll 2010-02-09 23:02:47 ----A---- C:\Windows\system32\iyuv_32.dll 2010-02-09 23:02:46 ----A---- C:\Windows\system32\msvfw32.dll 2010-02-09 23:02:46 ----A---- C:\Windows\system32\mciavi32.dll 2010-02-09 23:02:46 ----A---- C:\Windows\system32\avifil32.dll 2010-02-09 23:02:46 ----A---- C:\Windows\system32\avicap32.dll ======List of files/folders modified in the last 1 months====== 2010-02-28 15:44:29 ----D---- C:\Windows\Temp 2010-02-28 15:43:28 ----RD---- C:\Program Files 2010-02-28 10:51:27 ----D---- C:\Windows\System32 2010-02-28 10:51:27 ----D---- C:\Windows\inf 2010-02-28 10:51:27 ----A---- C:\Windows\system32\PerfStringBackup.INI 2010-02-28 10:46:09 ----D---- C:\Windows\Prefetch 2010-02-28 10:43:30 ----D---- C:\Windows\system32\fr-FR 2010-02-28 10:43:28 ----RSD---- C:\Windows\Fonts 2010-02-28 10:42:59 ----D---- C:\Windows\winsxs 2010-02-28 10:42:03 ----D---- C:\Windows\system32\catroot 2010-02-28 10:41:36 ----SHD---- C:\System Volume Information 2010-02-27 19:45:24 ----D---- C:\Windows\system32\catroot2 2010-02-24 09:16:06 ----N---- C:\Windows\system32\MpSigStub.exe 2010-02-19 17:19:24 ----D---- C:\Windows\system32\LogFiles 2010-02-19 10:49:29 ----D---- C:\Program Files\Acer GameZone Online 2010-02-19 10:46:48 ----D---- C:\Program Files\Zylom Games 2010-02-19 10:46:15 ----D---- C:\Windows 2010-02-17 12:05:03 ----AD---- C:\ProgramData\TEMP 2010-02-17 11:33:57 ----HD---- C:\ProgramData 2010-02-16 11:04:55 ----SHD---- C:\Windows\Installer 2010-02-14 22:49:55 ----D---- C:\Program Files\Common Files\Symantec Shared 2010-02-14 22:46:26 ----D---- C:\Windows\system32\wbem 2010-02-14 22:46:26 ----D---- C:\Windows\system32\drivers 2010-02-14 22:46:25 ----D---- C:\Windows\system32\migration 2010-02-14 22:34:20 ----D---- C:\Windows\SoftwareDistribution 2010-02-14 22:33:01 ----D---- C:\Program Files\GamesBar 2010-02-14 22:13:49 ----D---- C:\ProgramData\Symantec 2010-02-14 22:09:59 ----D---- C:\Program Files\Acer GameZone 2010-02-14 22:06:13 ----D---- C:\Windows\Minidump 2010-02-14 22:06:13 ----D---- C:\Windows\Debug 2010-02-14 22:03:16 ----SD---- C:\ProgramData\Microsoft 2010-02-14 21:50:20 ----D---- C:\ProgramData\GamesBar 2010-02-11 23:09:46 ----D---- C:\Users\clara\AppData\Roaming\Apple Computer 2010-02-10 13:57:17 ----D---- C:\Program Files\Windows Mail 2010-02-09 22:59:27 ----D---- C:\ProgramData\Apple 2010-02-07 15:39:45 ----D---- C:\ProgramData\JollyBear 2010-02-07 15:39:40 ----D---- C:\Users\clara\AppData\Roaming\Identities 2010-02-07 15:39:39 ----D---- C:\Users\clara\AppData\Roaming\Zylom 2010-02-03 12:26:13 ----D---- C:\ProgramData\Microsoft Help 2010-02-03 12:26:12 ----RSD---- C:\Windows\assembly 2010-02-03 12:25:18 ----D---- C:\Program Files\Common Files\microsoft shared 2010-02-03 12:25:10 ----D---- C:\Program Files\Microsoft Works ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608] R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520] R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2008-03-03 279440] R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; \??\C:\Program Files\Acer Arcade Live\Acer PlayMovie\000.fcl [2007-08-31 39408] R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-11-25 56816] R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2007-07-03 15392] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600] R3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-10-17 1971928] R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2007-07-18 25624] R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2007-12-03 6144] R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-09-10 1035168] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-10-25 7625344] R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2007-07-07 12032] R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-05-17 11264] S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632] S3 LVcKap;Logitech AEC Driver; C:\Windows\system32\DRIVERS\LVcKap.sys [2007-07-19 2109592] S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\Windows\system32\DRIVERS\LVMVDrv.sys [2007-07-19 2142488] S3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2007-05-09 41888] S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192] S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888] S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016] S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V32.SYS [2007-05-09 1276832] S3 s916bus;Sony Ericsson Device 916 driver (WDM); C:\Windows\system32\DRIVERS\s916bus.sys [2007-11-02 83496] S3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s916mdfl.sys [2007-11-02 15016] S3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s916mdm.sys [2007-11-02 109992] S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-08-28 40448] S3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2006-11-02 71552] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2006-11-02 39936] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service; C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2007-06-21 269448] R2 AcerMemUsageCheckService;ePerformance Service; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [2007-04-16 28672] R2 ALaunchService;ALaunch Service; C:\Acer\ALaunch\ALaunchSvc.exe [2007-01-26 50688] R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 eDataSecurity Service;eDSService.exe; C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [2007-04-25 457512] R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-09-10 57344] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440] R2 LVCOMSer;LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [2007-07-19 186904] R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2007-07-19 137752] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-07-19 262247] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512] R2 vsmon;TrueVector Internet Monitor; C:\Windows\System32\ZoneLabs\vsmon.exe [2008-03-03 79400] R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-09-21 545568] S2 gupdate1ca27c84230ffcc;Service Google Update (gupdate1ca27c84230ffcc); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-08-28 133104] S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [2007-07-19 141848] S2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [] S2 WuServ;Fournisseur de services non WDM; C:\Windows\system32\WuServ.exe [2008-11-03 16384] S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-28 182768] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] -----------------EOF----------------- voilà! en vous remerciant de votre aide et du temps passé sur ce post! merci A +