[Réglé] antivir guard bloqué a l'arret/ rapports otl

reg35 · le 05 Aoû 2012 23:45

salut
depuis quelques temps mon antivir guard reste stoppé et impossible de le démarrer. j'ai désinstallé et réinstallé, mis a jour antivir et idem.
rien de spécial sur le fonctionnement du pc, mis a part un petit ralentissement sur Facebook.
pas de virus détecté lors du scan suite a la reinstal et mise a jour de antivir

j'ai mon cd Windows en cas de grosse guerre. :lol:

windows xp media center sp2 officiel. :wink:

rapports comme indiqué:
otl.txt
http://srewzr.1fichier.com/
extras.txt
http://vwvvbf.1fichier.com/

jeanmimigab · le 07 Aoû 2012 18:58

Hello reg,

c'est la fête au Adawares sur ton PC :lol:

Télécharge AdwCleaner ( d'Xplode ) sur ton bureau.
http://general-changelog-team.fr/telech ... adwcleaner

Lance le, clique sur [Suppression] puis patiente le temps du scan.
Une fois le scan fini, un rapport s'ouvrira. Poste moi son contenu dans ta prochaine réponse.

Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt

ensuite...
vas sur Virus Total et fais analyser ce fichier....

C:\WINDOWS\Installer\{395922BE-F362-A12E-B6FA-5FB296A05A67}\syshost.exe

poste le résultat du scanne stp

refais un scanne OTL pour que je vois l'évolution :wink:

reg35 · le 07 Aoû 2012 19:34

AdwCleaner

Code: Tout sélectionner: # AdwCleaner v1.800 - Rapport créé le 07/08/2012 à 20:02:19 # Mis à jour le 01/08/2012 par Xplode # Système d'exploitation : Microsoft Windows XP Service Pack 2 (32 bits) # Nom d'utilisateur : regis - NOM-9FC1C28E5CE # Exécuté depuis : C:\Documents and Settings\regis\Bureau\adwcleaner.exe # Option [Suppression] ***** [Services] ***** ***** [Fichiers / Dossiers] ***** Dossier Supprimé : C:\Documents and Settings\regis\Application Data\OfferBox Dossier Supprimé : C:\Documents and Settings\regis\Application Data\Toolbar4 ***** [Registre] ***** Clé Supprimée : HKCU\Software\IM Clé Supprimée : HKCU\Software\ImInstaller Clé Supprimée : HKCU\Software\Offerbox Clé Supprimée : HKLM\SOFTWARE\Canneverbe Limited\OpenCandy Clé Supprimée : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandle.1 Clé Supprimée : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandler Clé Supprimée : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject Clé Supprimée : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1 Clé Supprimée : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender Clé Supprimée : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1 Clé Supprimée : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler Clé Supprimée : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler.1 Clé Supprimée : HKLM\SOFTWARE\Classes\OfferBox.OfferBoxServer Clé Supprimée : HKLM\SOFTWARE\Classes\OfferBox.OfferBoxServer.1 Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom Clé Supprimée : HKLM\SOFTWARE\Iminent Clé Supprimée : HKLM\SOFTWARE\Offerbox Valeur Supprimée : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [offerboxffx@offerbox.com] ***** [Registre - GUID] ***** Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{6612AFDD-34AD-4B89-A236-7E6D07C3FDCD} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{ED85AEBE-F834-4088-B5D3-97EB2478A6CD} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37F4A335-D085-423E-A425-0370799166FB} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} ***** [Navigateurs] ***** -\\ Internet Explorer v7.0.5730.13 [OK] Le registre ne contient aucune entrée illégitime. -\\ Mozilla Firefox v11.0 (fr) Nom du profil : default Fichier : C:\Documents and Settings\regis\Application Data\Mozilla\Firefox\Profiles\9evlk8rl.default\prefs.js [OK] Le fichier ne contient aucune entrée illégitime. -\\ Google Chrome v5.0.375.99 Fichier : C:\Documents and Settings\regis\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences Supprimée : "name": "MyStart Search", ************************* AdwCleaner[S1].txt - [3563 octets] - [07/08/2012 20:02:19] ########## EOF - C:\AdwCleaner[S1].txt - [3691 octets] ##########

virustotal

Code: Tout sélectionner: File already analysed This file was already analysed by VirusTotal on 2012-08-07 17:55:43. Detection ratio: 0/42 You can take a look at the last analysis or analyse it again now.

https://www.virustotal.com/file/e3b0c44 ... /analysis/

OTL:

Code: Tout sélectionner: OTL logfile created on: 07/08/2012 20:17:17 - Run 2 OTL by OldTimer - Version 3.2.56.0 Folder = C:\Documents and Settings\regis\Bureau Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 1,45 Gb Available Physical Memory | 72,36% Memory free 4,85 Gb Paging File | 4,41 Gb Available in Paging File | 90,85% Paging File free Paging file location(s): C:\pagefile.sys 3069 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 31,70 Gb Total Space | 8,80 Gb Free Space | 27,75% Space Free | Partition Type: NTFS Drive D: | 63,48 Gb Total Space | 62,64 Gb Free Space | 98,67% Space Free | Partition Type: NTFS Drive E: | 63,48 Gb Total Space | 35,71 Gb Free Space | 56,26% Space Free | Partition Type: NTFS Drive F: | 69,32 Gb Total Space | 18,85 Gb Free Space | 27,19% Space Free | Partition Type: NTFS Computer Name: NOM-9FC1C28E5CE | User Name: regis | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012/08/06 00:14:57 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\regis\Bureau\OTL.exe PRC - [2012/07/09 13:43:22 | 001,061,008 | ---- | M] (Badoo) -- C:\Documents and Settings\All Users\Application Data\Badoo\Badoo Desktop\1.6.55.1183\Badoo.Desktop.exe PRC - [2011/04/21 07:53:48 | 000,136,360 | ---- | M] (Avira GmbH) -- D:\Avira\AntiVir Desktop\sched.exe PRC - [2011/04/21 07:53:33 | 000,281,768 | ---- | M] (Avira GmbH) -- D:\Avira\AntiVir Desktop\avgnt.exe PRC - [2010/12/19 13:23:03 | 001,048,576 | ---- | M] (The Chromium Authors) -- C:\Documents and Settings\regis\Local Settings\Application Data\Chromium\Application\chrome.exe PRC - [2010/11/29 12:14:58 | 000,212,992 | ---- | M] () -- C:\Program Files\EATON\PersonalSolutionPac\BIL.exe PRC - [2010/11/29 12:14:06 | 000,126,976 | ---- | M] () -- C:\Program Files\EATON\PersonalSolutionPac\RunSC.exe PRC - [2010/11/29 12:13:58 | 000,319,488 | ---- | M] () -- C:\Program Files\EATON\PersonalSolutionPac\PCtl.exe PRC - [2010/11/29 12:13:50 | 000,266,240 | ---- | M] () -- C:\Program Files\EATON\PersonalSolutionPac\CilRS232.exe PRC - [2009/11/25 15:24:14 | 004,009,592 | ---- | M] (Almico Software (www.almico.com)) -- D:\SpeedFan\speedfan.exe PRC - [2009/04/30 13:23:26 | 000,090,112 | ---- | M] () -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe PRC - [2008/09/24 18:37:56 | 001,253,376 | ---- | M] () -- C:\Program Files\EATON\PersonalSolutionPac\mgenetsystray.exe PRC - [2007/06/13 15:22:28 | 001,037,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007/05/17 23:45:33 | 000,271,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe PRC - [2001/10/08 16:21:28 | 000,053,248 | ---- | M] (Silitek Corp.) -- C:\Program Files\LexmarkX73\ACMonitor_X73.exe PRC - [2001/06/11 11:37:12 | 000,053,248 | ---- | M] (Jetsoft Development Company) -- C:\Program Files\LexmarkX73\AcBtnMgr_X73.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012/08/07 20:04:36 | 000,192,512 | ---- | M] () -- C:\Documents and Settings\regis\Local Settings\Temp\sfamcc00001.dll MOD - [2012/08/07 20:04:35 | 000,172,032 | ---- | M] () -- C:\Documents and Settings\regis\Local Settings\Temp\sfareca00001.dll MOD - [2012/07/31 14:22:52 | 000,273,920 | ---- | M] () -- C:\WINDOWS\Installer\{395922BE-F362-A12E-B6FA-5FB296A05A67}\syshost.exe MOD - [2012/04/12 00:36:18 | 008,797,344 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_228.dll MOD - [2011/07/21 15:12:31 | 000,355,688 | ---- | M] () -- D:\Avira\AntiVir Desktop\sqlite3.dll MOD - [2010/12/19 13:23:03 | 001,316,878 | ---- | M] () -- C:\Documents and Settings\regis\Local Settings\Application Data\Chromium\Application\10.0.617.0\avcodec-52.dll MOD - [2010/12/19 13:23:03 | 000,165,902 | ---- | M] () -- C:\Documents and Settings\regis\Local Settings\Application Data\Chromium\Application\10.0.617.0\avformat-52.dll MOD - [2010/12/19 13:23:03 | 000,098,830 | ---- | M] () -- C:\Documents and Settings\regis\Local Settings\Application Data\Chromium\Application\10.0.617.0\avutil-50.dll MOD - [2010/12/19 13:23:02 | 000,224,256 | ---- | M] () -- C:\Documents and Settings\regis\Local Settings\Application Data\Chromium\Application\10.0.617.0\Locales\fr.dll MOD - [2010/11/29 12:14:58 | 000,212,992 | ---- | M] () -- C:\Program Files\EATON\PersonalSolutionPac\BIL.exe MOD - [2010/11/29 12:14:06 | 000,126,976 | ---- | M] () -- C:\Program Files\EATON\PersonalSolutionPac\RunSC.exe MOD - [2010/11/29 12:13:58 | 000,319,488 | ---- | M] () -- C:\Program Files\EATON\PersonalSolutionPac\PCtl.exe MOD - [2010/11/29 12:13:50 | 000,266,240 | ---- | M] () -- C:\Program Files\EATON\PersonalSolutionPac\CilRS232.exe MOD - [2009/04/30 13:23:26 | 000,090,112 | ---- | M] () -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe MOD - [2008/09/24 18:37:56 | 001,253,376 | ---- | M] () -- C:\Program Files\EATON\PersonalSolutionPac\mgenetsystray.exe MOD - [2006/10/09 17:12:40 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll MOD - [2006/06/02 01:22:00 | 000,196,608 | ---- | M] () -- C:\WINDOWS\system32\nvapi.dll MOD - [2006/03/24 21:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll MOD - [2001/10/28 17:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll MOD - [2001/10/12 07:42:26 | 000,073,728 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\LXARPP.DLL [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\jwxnavp.dll -- (vvwermb) SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\ups2.exe -- (UPS) SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\jwxnavp.dll -- (udokwkkw) SRV - File not found [Unknown (-1) | Running] -- -- (syshost32) SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\jwxnavp.dll -- (raaod) SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\jwxnavp.dll -- (fooebi) SRV - [2012/04/12 00:36:18 | 000,253,600 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2011/11/25 17:36:00 | 000,311,928 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice) SRV - [2011/07/21 12:12:16 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Stopped] -- D:\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011/04/21 07:53:48 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- D:\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010/11/29 12:14:06 | 000,126,976 | ---- | M] () [Auto | Running] -- C:\Program Files\EATON\PersonalSolutionPac\RunSC.exe -- (EATON Service module) SRV - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess) SRV - [2009/11/13 13:31:14 | 000,092,008 | ---- | M] (TomTom) [Disabled | Stopped] -- D:\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2009/04/30 13:23:26 | 000,090,112 | ---- | M] () [Auto | Running] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service) SRV - [2007/05/17 23:45:33 | 000,271,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc) SRV - [2005/04/04 07:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2003/07/28 20:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Unknown (-1) | Unknown (-1) | Unknown] -- -- (syshost32) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | On_Demand | Stopped] -- D:\Foxconn p4m800p7mb drivers\Fxdrv.sys -- (FXDRV) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\regis\LOCALS~1\Temp\cpuz130\cpuz_x32.sys -- (cpuz130) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ALCXWDM.SYS -- (ALCXWDM) DRV - [2012/06/03 10:44:46 | 000,005,504 | ---- | M] () [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2011/07/29 13:54:56 | 000,013,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\epmntdrv.sys -- (epmntdrv) DRV - [2011/07/29 13:54:56 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\EuGdiDrv.sys -- (EuGdiDrv) DRV - [2011/07/21 12:15:21 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2011/07/21 12:15:19 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2010/06/17 15:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2010/06/17 15:27:12 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- D:\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2010/02/03 16:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2010/01/29 12:40:04 | 000,082,320 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive) DRV - [2008/11/04 10:52:38 | 000,114,472 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018mdm.sys -- (s1018mdm) DRV - [2008/11/04 10:52:38 | 000,108,328 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018mgmt.sys -- (s1018mgmt) DRV - [2008/11/04 10:52:38 | 000,086,696 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018bus.sys -- (s1018bus) DRV - [2008/11/04 10:52:38 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018nd5.sys -- (s1018nd5) DRV - [2008/11/04 10:52:38 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018mdfl.sys -- (s1018mdfl) DRV - [2008/11/04 10:52:36 | 000,109,736 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018unic.sys -- (s1018unic) DRV - [2008/11/04 10:52:36 | 000,104,616 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018obex.sys -- (s1018obex) DRV - [2008/01/09 13:28:34 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seehcri.sys -- (seehcri) DRV - [2007/05/11 04:10:50 | 000,034,704 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\blueletaudio.sys -- (BlueletAudio) DRV - [2007/05/09 02:59:40 | 000,036,496 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btcusb.sys -- (Btcsrusb) DRV - [2007/04/10 23:46:53 | 001,966,312 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VX1000.sys -- (VX1000) DRV - [2007/03/05 07:00:04 | 000,027,792 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio) DRV - [2007/03/05 06:59:04 | 000,018,320 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btnetdrv.sys -- (BT) DRV - [2007/03/05 06:56:18 | 000,035,600 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\BTHidMgr.sys -- (BTHidMgr) DRV - [2007/03/05 06:55:12 | 000,020,880 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\vbtenum.sys -- (BTHidEnum) DRV - [2007/03/05 06:53:18 | 000,044,304 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VcommMgr.sys -- (VcommMgr) DRV - [2007/03/05 06:52:18 | 000,034,448 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VComm.sys -- (VComm) DRV - [2006/11/21 23:41:18 | 000,022,416 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Program Files\IVT Corporation\BlueSoleil\device\Win2k\BTNetFilter.sys -- (BTNetFilter) DRV - [2006/11/03 10:32:30 | 004,394,496 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) DRV - [2006/10/18 21:00:00 | 000,038,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wpdusb.sys -- (WpdUsb) DRV - [2006/10/17 21:22:26 | 000,009,216 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\videX32.sys -- (videX32) DRV - [2006/10/06 17:23:00 | 000,083,968 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp) DRV - [2006/09/28 20:00:34 | 000,082,944 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WudfRd.sys -- (WudfRd) DRV - [2006/09/28 19:55:50 | 000,077,568 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\WudfPf.sys -- (WudfPf) DRV - [2006/09/24 15:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan) DRV - [2006/07/08 07:36:42 | 000,968,192 | ---- | M] (Hauppauge Computer Works inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HCW713x.sys -- (Hauppauge WinTV-HVR) DRV - [2006/06/14 11:00:45 | 000,082,944 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wdmaud.sys -- (wdmaud) DRV - [2006/03/24 21:00:00 | 000,053,376 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap) DRV - [2006/03/24 21:00:00 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm) DRV - [2006/03/24 21:00:00 | 000,034,560 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanarp.sys -- (Wanarp) DRV - [2004/08/04 13:07:44 | 000,042,240 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\VIAAGP.SYS -- (viaagp) DRV - [2004/08/04 08:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2004/08/04 07:10:22 | 000,019,328 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WSTCODEC.SYS -- (WSTCODEC) DRV - [2004/08/04 07:10:14 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE) DRV - [2002/09/16 17:14:32 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\PQNTDRV.sys -- (PQNTDrv) DRV - [2001/10/18 04:00:00 | 000,006,144 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\viaidexp.sys -- (ViaIde) DRV - [2001/08/18 07:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401) DRV - [2001/08/18 05:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC) DRV - [2001/06/28 12:26:16 | 000,018,024 | ---- | M] ( ) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\Lxarscan.sys -- (LXARScan) DRV - [1996/04/03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.iqon.ie IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.iqon.ie IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.iqon.ie IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.iqon.ie IE - HKU\S-1-5-21-3211008737-1067258641-941208951-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = IE - HKU\S-1-5-21-3211008737-1067258641-941208951-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKU\S-1-5-21-3211008737-1067258641-941208951-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://badoo.com/startpage/ IE - HKU\S-1-5-21-3211008737-1067258641-941208951-1006\..\SearchScopes,DefaultScope = {8A244612-A1F7-11E0-95C0-E71F4824019B} IE - HKU\S-1-5-21-3211008737-1067258641-941208951-1006\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\S-1-5-21-3211008737-1067258641-941208951-1006\..\SearchScopes\{8A244612-A1F7-11E0-95C0-E71F4824019B}: "URL" = http://badoo.com/startpage/?source=bsb&q={searchTerms} IE - HKU\S-1-5-21-3211008737-1067258641-941208951-1006\..\SearchScopes\{9B6103C1-F818-48a8-9683-314055BE6075}: "URL" = http://mystart.hiyo.com/mb5/?search={searchTerms}&loc=ie_search&a=18z6Ass6E6Z IE - HKU\S-1-5-21-3211008737-1067258641-941208951-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Search" FF - prefs.js..browser.search.selectedEngine: "Search" FF - prefs.js..browser.startup.homepage: "http://badoo.com/startpage/" FF - prefs.js..keyword.URL: "http://badoo.com/startpage/?source=bsb&q=" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_228.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: D:\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.50524.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/07/09 18:40:51 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/02/23 10:24:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\regis\Application Data\Mozilla\Extensions [2009/12/27 16:52:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\regis\Application Data\Mozilla\Extensions\home2@tomtom.com [2010/02/23 10:24:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\regis\Application Data\Mozilla\Extensions\mozswing@mozswing.org [2012/05/02 14:59:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\regis\Application Data\Mozilla\Firefox\Profiles\9evlk8rl.default\extensions [2011/10/12 01:21:35 | 000,002,023 | ---- | M] () -- C:\Documents and Settings\regis\Application Data\Mozilla\Firefox\Profiles\9evlk8rl.default\searchplugins\badoo.xml [2012/07/09 18:40:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2009/10/22 12:54:04 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION [2012/07/09 18:40:50 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012/03/23 02:18:57 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2012/03/23 02:18:57 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012/03/23 02:18:57 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2012/03/23 02:18:57 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2012/03/23 02:18:57 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2012/03/23 02:18:57 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: () CHR - default_search_provider: search_url = http://mystart.hiyo.com/mb5/?loc=GC_Default_Search&search={searchTerms}&a=18z6Ass6E6Z CHR - default_search_provider: suggest_url = CHR - homepage: http://www.google.com CHR - Extension: AdBlock = C:\Documents and Settings\regis\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.1.4\ CHR - Extension: Remove All Facebook Ads = C:\Documents and Settings\regis\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ldadcnnhppobkdlkaojbfkcefehmlcgg\1.0\ CHR - Extension: Window Close Protector = C:\Documents and Settings\regis\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lnpifgapnmpninomacbhdlconlpikdai\2.2\ CHR - Extension: Define your own new tab! = C:\Documents and Settings\regis\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nhjjapmfhhmcikhcfkiolockmndbbpng\3.1\ O1 HOSTS File: ([2009/10/21 11:20:11 | 000,000,837 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 rad.msn.com O1 - Hosts: 127.0.0.1 rad.live.com O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O4 - HKLM..\Run: [avgnt] D:\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [Lexmark X73 Button Manager] C:\Program Files\LexmarkX73\AcBtnMgr_X73.exe (Jetsoft Development Company) O4 - HKLM..\Run: [Lexmark X73 Button Monitor] C:\Program Files\LexmarkX73\ACMonitor_X73.exe (Silitek Corp.) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [pspNetSystray] C:\Program Files\EATON\PersonalSolutionPac\mgenetsystray.exe () O4 - HKU\S-1-5-21-3211008737-1067258641-941208951-1006..\Run: [Badoo Desktop] C:\Documents and Settings\All Users\Application Data\Badoo\Badoo Desktop\1.6.55.1183\Badoo.Desktop.exe (Badoo) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\SpeedFan.lnk = D:\SpeedFan\speedfan.exe (Almico Software (www.almico.com)) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme () O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-3211008737-1067258641-941208951-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1257431301359 (MUWebControl Class) O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://fichiers.touslesdrivers.com/maconfig/MaConfig_4_1_0_3.cab ("Ma-Config.com control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BC17F7C5-3C33-46FD-81AC-E6F351DC0EA0}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Ma page d'accueil) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\regis\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\regis\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/05/19 00:49:33 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{0f88bbc9-530d-11e1-bd7e-806d6172696f}\Shell\AutoRun\command - "" = H:\setupSNK.exe O33 - MountPoints2\{136dc572-f2f6-11de-85cb-00116763e5b4}\Shell\AutoRun\command - "" = L:\InstallTomTomHOME.exe O33 - MountPoints2\{8ac40584-6407-11df-8f47-00116763e5b4}\Shell\Auto\command - "" = C:\WINDOWS\System32\cmd.exe -- [2006/03/24 21:00:00 | 000,400,896 | ---- | M] (Microsoft Corporation) O33 - MountPoints2\{8ac40584-6407-11df-8f47-00116763e5b4}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2100/02/08 17:03:54 | 000,053,248 | ---- | C] (Silitek Corp.) -- C:\Program Files\ACMonitor_X73.exe [2012/08/06 00:14:56 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\regis\Bureau\OTL.exe [2012/08/05 23:55:40 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2012/08/05 23:55:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis [2012/08/05 23:55:17 | 000,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\regis\Bureau\HJTInstall.exe [2012/08/05 23:52:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\regis\Application Data\Avira [2012/08/05 23:41:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Avira [2012/08/05 23:40:57 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys [2012/08/05 23:40:55 | 000,138,192 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2012/08/05 23:40:55 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys [2012/08/05 23:40:55 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys [2012/08/05 23:40:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira [2012/08/05 23:35:45 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\regis\Recent [2012/07/31 20:49:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Foxit Reader 5.1 [2012/07/22 21:39:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\regis\Bureau\Les ramoneurs de menhirs [2012/07/20 21:57:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\regis\Bureau\cd9 [2012/07/20 21:57:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\regis\Bureau\cd10 [2012/07/20 21:57:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\regis\Bureau\cd8 [2012/07/20 21:57:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\regis\Bureau\cd7 [2012/07/20 21:21:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\regis\Bureau\CD6 [2012/07/20 21:21:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\regis\Bureau\CD5 [2012/07/20 21:21:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\regis\Bureau\CD4 [2012/07/20 21:20:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\regis\Bureau\CD3 [2012/07/20 21:20:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\regis\Bureau\CD2 [2012/07/20 21:20:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\regis\Bureau\CD1 [2012/07/20 20:08:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\regis\Bureau\usb max [2012/07/20 18:07:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\EASEUS Partition Master 9.1.0 Home Edition [2012/07/20 18:07:33 | 000,000,000 | ---D | C] -- C:\Program Files\EASEUS [2012/07/20 18:06:35 | 011,703,104 | ---- | C] (EASEUS ) -- C:\Documents and Settings\regis\Bureau\epm.exe [2012/07/16 19:28:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Badoo [2010/02/05 22:42:10 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\Documents and Settings\All Users\Application Data\hpe5.dll [9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012/08/07 20:18:15 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012/08/07 20:04:30 | 000,063,804 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2012/08/07 20:04:24 | 000,000,288 | ---- | M] () -- C:\WINDOWS\X73_DS.ini [2012/08/07 20:04:20 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012/08/07 20:04:10 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012/08/07 20:01:52 | 000,614,903 | ---- | M] () -- C:\Documents and Settings\regis\Bureau\adwcleaner.exe [2012/08/07 10:30:00 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012/08/06 00:21:49 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2012/08/06 00:14:57 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\regis\Bureau\OTL.exe [2012/08/05 23:55:40 | 000,001,741 | ---- | M] () -- C:\Documents and Settings\regis\Bureau\HijackThis.lnk [2012/08/05 23:55:30 | 000,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\regis\Bureau\HJTInstall.exe [2012/08/05 23:51:36 | 000,033,820 | ---- | M] () -- C:\Documents and Settings\regis\Bureau\gyytf-yhuuhgftr.JPG [2012/08/05 10:33:07 | 000,000,135 | ---- | M] () -- C:\Documents and Settings\regis\Bureau\pulshard-adsl.m3u [2012/08/05 09:38:31 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012/08/04 08:52:50 | 000,000,545 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes Anti-Malware.lnk [2012/08/02 14:06:31 | 004,737,081 | ---- | M] () -- C:\Documents and Settings\regis\Bureau\electricite.zip [2012/07/31 21:07:13 | 006,164,460 | ---- | M] () -- C:\Documents and Settings\regis\Bureau\If I Were A Boy.mp3 [2012/07/31 20:49:13 | 000,000,471 | ---- | M] () -- C:\Documents and Settings\regis\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader 5.1.lnk [2012/07/31 20:32:27 | 000,717,598 | ---- | M] () -- C:\Documents and Settings\regis\Bureau\schémas.pdf [2012/07/31 14:22:54 | 000,069,760 | ---- | M] () -- C:\WINDOWS\System32\drivers\342e5735da3a901.sys [2012/07/31 12:54:30 | 000,034,088 | ---- | M] () -- C:\Documents and Settings\regis\Bureau\CONRAD Validation de votre commande.pdf [2012/07/24 21:44:21 | 004,711,845 | ---- | M] () -- C:\Documents and Settings\regis\Bureau\Line up the star.mp3 [2012/07/24 19:37:37 | 007,472,778 | ---- | M] () -- C:\Documents and Settings\regis\Bureau\The Scientist.mp3 [2012/07/24 19:37:20 | 005,824,201 | ---- | M] () -- C:\Documents and Settings\regis\Bureau\Let Me Out.mp3 [2012/07/24 19:36:50 | 003,654,857 | ---- | M] () -- C:\Documents and Settings\regis\Bureau\Dis moi c'est quand.mp3 [2012/07/24 19:36:33 | 004,314,823 | ---- | M] () -- C:\Documents and Settings\regis\Bureau\Other side.mp3 [2012/07/24 19:35:43 | 004,929,328 | ---- | M] () -- C:\Documents and Settings\regis\Bureau\Tout va pour le mieux.mp3 [2012/07/21 02:23:06 | 004,678,617 | ---- | M] () -- C:\Documents and Settings\regis\Bureau\First Of The Year (Equinox) - Skrillex [....mp3 [2012/07/20 18:07:44 | 000,001,068 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\EASEUS Partition Master 9.1.0 Home Edition.lnk [2012/07/20 18:06:43 | 011,703,104 | ---- | M] (EASEUS ) -- C:\Documents and Settings\regis\Bureau\epm.exe [2012/07/20 17:17:04 | 000,001,623 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\CDBurnerXP.lnk [2012/07/20 12:22:31 | 000,034,640 | ---- | M] () -- C:\Documents and Settings\regis\Bureau\video-2012-07-10-22-58-32.wmv [2012/07/19 01:46:20 | 000,210,103 | ---- | M] () -- C:\Documents and Settings\regis\Bureau\MTB99ZLMDG.pdf [2012/07/14 23:29:43 | 003,966,362 | ---- | M] () -- C:\Documents and Settings\regis\Bureau\Elle - Didier Barbelivien (1).mp3 [2012/07/14 21:57:18 | 004,815,341 | ---- | M] () -- C:\Documents and Settings\regis\Bureau\Les valses de Vienne-Francois Feldman.mp3 [2012/07/14 17:28:16 | 000,124,415 | ---- | M] () -- C:\Documents and Settings\regis\Bureau\video-2012-07-10-23-19-31.wmv [2012/07/09 18:38:48 | 000,000,847 | ---- | M] () -- C:\Documents and Settings\regis\Bureau\taf.rtf [9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2100/02/23 15:35:34 | 000,000,768 | ---- | C] () -- C:\Program Files\x73_lut.dat [2100/02/23 14:35:34 | 000,000,768 | ---- | C] () -- C:\WINDOWS\x73_lut.dat [2100/02/08 16:53:34 | 000,001,437 | ---- | C] () -- C:\Program Files\gtx73.ini [2100/02/08 15:53:34 | 000,001,441 | ---- | C] () -- C:\WINDOWS\GtX73.ini [2012/08/07 20:01:52 | 000,614,903 | ---- | C] () -- C:\Documents and Settings\regis\Bureau\adwcleaner.exe [2012/08/06 00:21:49 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2012/08/05 23:55:40 | 000,001,741 | ---- | C] () -- C:\Documents and Settings\regis\Bureau\HijackThis.lnk [2012/08/05 23:51:36 | 000,033,820 | ---- | C] () -- C:\Documents and Settings\regis\Bureau\gyytf-yhuuhgftr.JPG [2012/08/05 10:33:07 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\regis\Bureau\pulshard-adsl.m3u [2012/08/03 13:14:39 | 000,036,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\disk.sys [2012/08/03 13:14:29 | 000,026,496 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBSTOR.SYS [2012/08/02 14:06:42 | 006,207,924 | ---- | C] () -- C:\Documents and Settings\regis\Bureau\electricite_MOTELEC.pdf [2012/08/02 14:06:42 | 000,223,017 | ---- | C] () -- C:\Documents and Settings\regis\Bureau\petit_memo_elec_MOTELEC.pdf [2012/08/02 14:06:06 | 004,737,081 | ---- | C] () -- C:\Documents and Settings\regis\Bureau\electricite.zip [2012/07/31 20:49:13 | 000,000,471 | ---- | C] () -- C:\Documents and Settings\regis\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader 5.1.lnk [2012/07/31 20:32:26 | 000,717,598 | ---- | C] () -- C:\Documents and Settings\regis\Bureau\schémas.pdf [2012/07/31 19:14:01 | 006,164,460 | ---- | C] () -- C:\Documents and Settings\regis\Bureau\If I Were A Boy.mp3 [2012/07/31 14:22:54 | 000,069,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\342e5735da3a901.sys [2012/07/31 12:54:30 | 000,034,088 | ---- | C] () -- C:\Documents and Settings\regis\Bureau\CONRAD Validation de votre commande.pdf [2012/07/24 19:30:22 | 004,711,845 | ---- | C] () -- C:\Documents and Settings\regis\Bureau\Line up the star.mp3 [2012/07/22 21:39:06 | 007,472,778 | ---- | C] () -- C:\Documents and Settings\regis\Bureau\The Scientist.mp3 [2012/07/22 21:38:31 | 005,824,201 | ---- | C] () -- C:\Documents and Settings\regis\Bureau\Let Me Out.mp3 [2012/07/22 21:38:00 | 003,654,857 | ---- | C] () -- C:\Documents and Settings\regis\Bureau\Dis moi c'est quand.mp3 [2012/07/22 21:37:42 | 004,314,823 | ---- | C] () -- C:\Documents and Settings\regis\Bureau\Other side.mp3 [2012/07/22 21:36:56 | 004,929,328 | ---- | C] () -- C:\Documents and Settings\regis\Bureau\Tout va pour le mieux.mp3 [2012/07/20 23:25:14 | 004,678,617 | ---- | C] () -- C:\Documents and Settings\regis\Bureau\First Of The Year (Equinox) - Skrillex [....mp3 [2012/07/20 18:07:44 | 000,001,068 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\EASEUS Partition Master 9.1.0 Home Edition.lnk [2012/07/20 18:07:43 | 002,469,760 | ---- | C] () -- C:\WINDOWS\System32\BootMan.exe [2012/07/20 18:07:43 | 000,086,408 | ---- | C] () -- C:\WINDOWS\System32\setupempdrv03.exe [2012/07/20 18:07:43 | 000,019,840 | ---- | C] () -- C:\WINDOWS\System32\EuEpmGdi.dll [2012/07/20 18:07:43 | 000,013,192 | ---- | C] () -- C:\WINDOWS\System32\epmntdrv.sys [2012/07/20 18:07:43 | 000,008,456 | ---- | C] () -- C:\WINDOWS\System32\EuGdiDrv.sys [2012/07/20 12:22:31 | 000,034,640 | ---- | C] () -- C:\Documents and Settings\regis\Bureau\video-2012-07-10-22-58-32.wmv [2012/07/19 01:46:20 | 000,210,103 | ---- | C] () -- C:\Documents and Settings\regis\Bureau\MTB99ZLMDG.pdf [2012/07/14 21:39:39 | 004,815,341 | ---- | C] () -- C:\Documents and Settings\regis\Bureau\Les valses de Vienne-Francois Feldman.mp3 [2012/07/14 21:24:06 | 003,966,362 | ---- | C] () -- C:\Documents and Settings\regis\Bureau\Elle - Didier Barbelivien (1).mp3 [2012/07/14 17:28:16 | 000,124,415 | ---- | C] () -- C:\Documents and Settings\regis\Bureau\video-2012-07-10-23-19-31.wmv [2012/07/09 18:38:48 | 000,000,847 | ---- | C] () -- C:\Documents and Settings\regis\Bureau\taf.rtf [2012/06/09 10:24:28 | 000,000,332 | ---- | C] () -- C:\WINDOWS\desctemp.dat [2012/02/14 18:06:27 | 000,000,583 | ---- | C] () -- C:\WINDOWS\QIII.INI [2011/12/12 12:15:09 | 000,021,568 | ---- | C] () -- C:\WINDOWS\System32\drivers\HPZius12.sys [2011/12/12 12:15:08 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\drivers\HPZid412.sys [2011/12/12 12:15:08 | 000,016,496 | ---- | C] () -- C:\WINDOWS\System32\drivers\HPZipr12.sys [2011/12/12 12:13:55 | 000,132,503 | ---- | C] () -- C:\WINDOWS\hpoins14.dat [2011/12/12 12:13:55 | 000,001,996 | ---- | C] () -- C:\WINDOWS\hpomdl14.dat [2011/07/04 12:02:20 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll [2011/02/01 23:12:25 | 001,302,528 | ---- | C] () -- C:\WINDOWS\System32\libmySQL.dll [2011/02/01 23:12:25 | 000,688,128 | ---- | C] ( ) -- C:\WINDOWS\System32\npgnash.dll [2011/02/01 23:12:25 | 000,270,336 | ---- | C] () -- C:\WINDOWS\System32\SDL_mixer.dll [2011/02/01 23:12:25 | 000,253,952 | ---- | C] () -- C:\WINDOWS\System32\libcurl.dll [2011/02/01 23:12:25 | 000,229,376 | ---- | C] () -- C:\WINDOWS\System32\sdl.dll [2011/02/01 23:12:25 | 000,072,192 | ---- | C] () -- C:\WINDOWS\System32\zlibwapi.dll [2011/01/03 17:08:43 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2010/11/22 12:12:59 | 000,001,321 | ---- | C] () -- C:\Documents and Settings\regis\meter000.png [2010/11/22 12:12:49 | 000,012,071 | ---- | C] () -- C:\Documents and Settings\regis\toolbars000.png [2010/11/18 19:51:02 | 000,000,458 | ---- | C] () -- C:\Documents and Settings\regis\options.xml [2010/01/01 01:09:00 | 000,001,751 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache [2009/10/20 16:07:02 | 000,046,080 | ---- | C] () -- C:\Documents and Settings\regis\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/10/20 13:02:27 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\regis\Local Settings\Application Data\fusioncache.dat [2001/07/20 11:48:06 | 000,008,116 | ---- | C] () -- C:\Program Files\OSLO3071b2.USB [2000/12/05 16:56:34 | 000,114,688 | ---- | C] () -- C:\Program Files\lxarscan.dll [2000/01/11 13:50:48 | 000,000,047 | ---- | C] () -- C:\Program Files\ACMonitor_X73.ini [color=#E56717]========== LOP Check ==========[/color] [2006/12/08 06:15:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\SampleView [2012/07/16 19:28:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Badoo [2009/12/15 21:05:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bluetooth [2010/10/04 20:49:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software [2011/01/03 17:08:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited [2011/02/23 19:59:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IM [2011/02/23 19:59:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IncrediMail [2011/12/27 15:18:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ma-config.com [2009/10/21 14:43:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus! [2011/02/23 19:59:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Photo Notifier and Animation Creator [2009/12/27 16:53:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom [2006/12/08 06:15:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\SampleView [2012/03/29 19:25:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\regis\Application Data\Audacity [2011/01/03 17:08:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\regis\Application Data\Canneverbe Limited [2006/12/08 06:15:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\regis\Application Data\SampleView [2010/02/05 13:01:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\regis\Application Data\Sony [2009/12/27 16:52:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\regis\Application Data\TomTom [2010/11/26 01:06:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\regis\Application Data\WebCam Recorder [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 88 bytes -> C:\WINDOWS\explorer.scf:SummaryInformation < End of report >

jeanmimigab · le 08 Aoû 2012 17:26

hello reg,

pour syshost je ne suis pas convaincu par VT
http://www.bleepingcomputer.com/startup ... 27058.html
http://www.sophos.com/en-us/threat-cent ... lysis.aspx

dans le doute, compresse-le en .zip pour qu'il ne soit pas exploitable...

ensuite...

* Fais un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"

:OTL
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\jwxnavp.dll -- (vvwermb)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\jwxnavp.dll -- (udokwkkw)
SRV - File not found [Unknown (-1) | Running] -- -- (syshost32)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\jwxnavp.dll -- (raaod)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\jwxnavp.dll -- (fooebi)
[9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

:Files
C:\WINDOWS\system32\jwxnavp.dll

:Commands
[emptytemp]

* Cliques sur l'icône "Correction" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un rapport va s'ouvrir
* Copie et colle le rapports dans ta réponse stp...

ensuite...
désinstalles antivir...

puis...

télécharge Avira AntiVir RegistryCleaner
Dézippes-le et lances-le, clique sur "Scan for Keys" puis à la fin du scanne "Select all" sur "Delete" pour lancer la suppression des clefs.

réinstalle Antivir et dit moi si il y a du mieux

reg35 · le 08 Aoû 2012 20:10

salut
impossible de le compresser...

bref j'ai passé a la suite...il ma demandé de redemarer pour finir le scan, chose que j'ai fait .

Code: Tout sélectionner: All processes killed ========== OTL ========== Error: No service named vvwermb was found to stop! No service named vvwermb was found to delete! File C:\WINDOWS\system32\jwxnavp.dll not found. Error: No service named udokwkkw was found to stop! No service named udokwkkw was found to delete! File C:\WINDOWS\system32\jwxnavp.dll not found. Error: No service named syshost32 was found to stop! No service named syshost32 was found to delete! Error: No service named raaod was found to stop! No service named raaod was found to delete! File C:\WINDOWS\system32\jwxnavp.dll not found. Error: No service named fooebi was found to stop! No service named fooebi was found to delete! File C:\WINDOWS\system32\jwxnavp.dll not found. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. File delete failed. C:\WINDOWS\System32\CONFIG.TMP scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\System32\OLD425.tmp scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\System32\SETBA.tmp scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\System32\SETC3.tmp scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\System32\SETC5.tmp scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\System32\SETD1.tmp scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\System32\SETE2.tmp scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\System32\SETE4.tmp scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\System32\SETF3.tmp scheduled to be deleted on reboot. Unable to locate HKLM\Software\OldTimer Tools\OTL key. File delete failed. C:\WINDOWS\~DFE76C.tmp scheduled to be deleted on reboot. ========== FILES ========== File\Folder C:\WINDOWS\system32\jwxnavp.dll not found. ========== COMMANDS ========== [EMPTYTEMP] User: Administrateur ->Temp folder emptied: 0 bytes Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. ->Temporary Internet Files folder emptied: 32902 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. ->Temporary Internet Files folder emptied: 32902 bytes User: LocalService Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. ->Temp folder emptied: 116377 bytes Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. ->Temporary Internet Files folder emptied: 1078889 bytes User: regis %systemdrive% .tmp files removed: 0 bytes Unable to locate HKLM\Software\OldTimer Tools\OTL key. %systemroot% .tmp files removed: 4096 bytes Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. %systemroot%\System32 .tmp files removed: 4307968 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Unable to locate HKLM\Software\OldTimer Tools\OTL key. Unable to locate HKLM\Software\OldTimer Tools\OTL key. Windows Temp folder emptied: 241172 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 6,00 mb OTL by OldTimer - Version 3.2.56.0 log created on 08082012_205819

antivir desinstalé, telechargé instalé mis a jour et petit scan, ok mais le guard ne demare pas... je lance un scan complet...

jeanmimigab · le 09 Aoû 2012 18:14

hello reg,

par "le guard ne demare pas" tu veux dire que le petit parapluie rouge de la zone de notification ne s'ouvre pas ?

jeanmimigab · le 09 Aoû 2012 19:53

EDIT:

essais cela stp..

Télécharge MiniToolBox (de Fabar)

Lances-le et Coches les case suivantes:

Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Devices ( Ne change pas le réglage proposé )
List Users, Partitions and Memory size

Cliques sur "Go" poste le rapport généré

reg35 · le 09 Aoû 2012 21:02

jeanmimigab a écrit:hello reg,

par "le guard ne demare pas" tu veux dire que le petit parapluie rouge de la zone de notification ne s'ouvre pas ?

oui tout a fait, enfin en cette saison je me contemple de dire que c'est un parasol... :lol:

j'execute ton deuxieme message

reg35 · le 09 Aoû 2012 21:05

Code: Tout sélectionner: MiniToolBox by Farbar Version: 23-07-2012 Ran by regis (administrator) on 09-08-2012 at 22:04:21 Microsoft Windows XP Professionnel Service Pack 2 (X86) Boot Mode: Normal *************************************************************************** ========================= IE Proxy Settings: ============================== Proxy is not enabled. No Proxy Server is set. ========================= FF Proxy Settings: ============================== ========================= Hosts content: ================================= 127.0.0.1 rad.live.com 127.0.0.1 localhost 127.0.0.1 rad.msn.com 127.0.0.1 rad.live.com ========================= IP Configuration: ================================ Realtek RTL8139/810x Family Fast Ethernet NIC = Connexion au réseau local 5 (Connected) VIA Rhine II Fast Ethernet Adapter = Connexion au réseau local 4 (Media disconnected) Bluetooth PAN Network Adapter = Connexion au réseau local 3 (Media disconnected) # ---------------------------------- # Configuration IP de l'interface # ---------------------------------- pushd interface ip # Configuration IP de l'interface pour "Connexion au r‚seau local 4" set address name="Connexion au r‚seau local 4" source=dhcp set dns name="Connexion au r‚seau local 4" source=dhcp register=PRIMARY set wins name="Connexion au r‚seau local 4" source=dhcp # Configuration IP de l'interface pour "Connexion au r‚seau local 5" set address name="Connexion au r‚seau local 5" source=dhcp set dns name="Connexion au r‚seau local 5" source=dhcp register=PRIMARY set wins name="Connexion au r‚seau local 5" source=dhcp # Configuration IP de l'interface pour "Connexion au r‚seau local 3" set address name="Connexion au r‚seau local 3" source=dhcp set dns name="Connexion au r‚seau local 3" source=dhcp register=PRIMARY set wins name="Connexion au r‚seau local 3" source=dhcp popd # Fin de la configuration IP de l'interface Configuration IP de Windows Nom de l'hôte . . . . . . . . . . : NOM-9FC1C28E5CE Suffixe DNS principal . . . . . . : Type de nœud . . . . . . . . . . : Hybride Routage IP activé . . . . . . . . : Non Proxy WINS activé . . . . . . . . : Non Liste de recherche du suffixe DNS : home Carte Ethernet Connexion au réseau local 4: Statut du média . . . . . . . . . : Média déconnecté Description . . . . . . . . . . . : VIA Rhine II Fast Ethernet Adapter Adresse physique . . . . . . . . .: 00-19-66-31-94-51 Carte Ethernet Connexion au réseau local 5: Suffixe DNS propre à la connexion : home Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC Adresse physique . . . . . . . . .: 00-17-3F-CF-2B-48 DHCP activé. . . . . . . . . . . : Oui Configuration automatique activée . . . . : Oui Adresse IP. . . . . . . . . . . . : 192.168.1.10 Masque de sous-réseau . . . . . . : 255.255.255.0 Passerelle par défaut . . . . . . : 192.168.1.1 Serveur DHCP. . . . . . . . . . . : 192.168.1.1 Serveurs DNS . . . . . . . . . . : 192.168.1.1 Bail obtenu . . . . . . . . . . . : jeudi 9 août 2012 21:26:10 Bail expirant . . . . . . . . . . : jeudi 16 août 2012 21:26:10 Carte Ethernet Connexion au réseau local 3: Statut du média . . . . . . . . . : Média déconnecté Description . . . . . . . . . . . : Bluetooth PAN Network Adapter Adresse physique . . . . . . . . .: 00-24-94-AA-C8-00 Serveur : openrg.home Address: 192.168.1.1 Nom : google.com Addresses: 173.194.34.34, 173.194.34.35, 173.194.34.36, 173.194.34.37 173.194.34.38, 173.194.34.39, 173.194.34.40, 173.194.34.41, 173.194.34.46 173.194.34.32, 173.194.34.33 Envoi d'une requˆte 'ping' sur google.com [173.194.34.34] avec 32 octets de donn‚esÿ: R‚ponse de 173.194.34.34ÿ: octets=32 temps=32 ms TTL=54 R‚ponse de 173.194.34.34ÿ: octets=32 temps=32 ms TTL=54 Statistiques Ping pour 173.194.34.34: Paquetsÿ: envoy‚s = 2, re‡us = 2, perdus = 0 (perte 0%), Dur‚e approximative des boucles en millisecondes : Minimum = 32ms, Maximum = 32ms, Moyenne = 32ms Serveur : openrg.home Address: 192.168.1.1 Nom : yahoo.com Addresses: 209.191.122.70, 72.30.38.140, 98.139.183.24 Envoi d'une requˆte 'ping' sur yahoo.com [209.191.122.70] avec 32 octets de donn‚esÿ: R‚ponse de 209.191.122.70ÿ: octets=32 temps=134 ms TTL=50 R‚ponse de 209.191.122.70ÿ: octets=32 temps=134 ms TTL=50 Statistiques Ping pour 209.191.122.70: Paquetsÿ: envoy‚s = 2, re‡us = 2, perdus = 0 (perte 0%), Dur‚e approximative des boucles en millisecondes : Minimum = 134ms, Maximum = 134ms, Moyenne = 134ms Serveur : openrg.home Address: 192.168.1.1 Nom : bleepingcomputer.com Address: 208.43.87.2 Envoi d'une requˆte 'ping' sur bleepingcomputer.com [208.43.87.2] avec 32 octets de donn‚esÿ: R‚ponse de 208.43.87.2ÿ: Impossible de joindre l'h“te de destination. R‚ponse de 208.43.87.2ÿ: Impossible de joindre l'h“te de destination. Statistiques Ping pour 208.43.87.2: Paquetsÿ: envoy‚s = 2, re‡us = 2, perdus = 0 (perte 0%), Dur‚e approximative des boucles en millisecondes : Minimum = 0ms, Maximum = 0ms, Moyenne = 0ms Envoi d'une requˆte 'ping' sur 127.0.0.1 avec 32 octets de donn‚esÿ: R‚ponse de 127.0.0.1ÿ: octets=32 temps<1ms TTL=128 R‚ponse de 127.0.0.1ÿ: octets=32 temps<1ms TTL=128 Statistiques Ping pour 127.0.0.1: Paquetsÿ: envoy‚s = 2, re‡us = 2, perdus = 0 (perte 0%), Dur‚e approximative des boucles en millisecondes : Minimum = 0ms, Maximum = 0ms, Moyenne = 0ms =========================================================================== Liste d'Interfaces 0x1 ........................... MS TCP Loopback interface 0x2 ...00 19 66 31 94 51 ...... Carte Fast Ethernet compatible VIA - Miniport d'ordonnancement de paquets 0x3 ...00 17 3f cf 2b 48 ...... Realtek RTL8139/810x Family Fast Ethernet NIC - Miniport d'ordonnancement de paquets 0x4 ...00 24 94 aa c8 00 ...... Bluetooth PAN Network Adapter - Miniport d'ordonnancement de paquets =========================================================================== =========================================================================== Itin‚raires actifsÿ: Destination r‚seau Masque r‚seau Adr. passerelle Adr. interface M‚trique 0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.10 20 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1 192.168.1.0 255.255.255.0 192.168.1.10 192.168.1.10 20 192.168.1.10 255.255.255.255 127.0.0.1 127.0.0.1 20 192.168.1.255 255.255.255.255 192.168.1.10 192.168.1.10 20 224.0.0.0 240.0.0.0 192.168.1.10 192.168.1.10 20 255.255.255.255 255.255.255.255 192.168.1.10 2 1 255.255.255.255 255.255.255.255 192.168.1.10 4 1 255.255.255.255 255.255.255.255 192.168.1.10 192.168.1.10 1 Passerelle par d‚fautÿ: 192.168.1.1 =========================================================================== Itin‚raires persistantsÿ: Aucun ========================= Winsock entries ===================================== Catalog5 01 C:\Windows\System32\mswsock.dll [247808] (Microsoft Corporation) Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation) Catalog5 03 C:\Windows\System32\mswsock.dll [247808] (Microsoft Corporation) Catalog9 01 C:\Windows\system32\mswsock.dll [247808] (Microsoft Corporation) Catalog9 02 C:\Windows\system32\mswsock.dll [247808] (Microsoft Corporation) Catalog9 03 C:\Windows\system32\mswsock.dll [247808] (Microsoft Corporation) Catalog9 04 C:\Windows\system32\rsvpsp.dll [90112] (Microsoft Corporation) Catalog9 05 C:\Windows\system32\rsvpsp.dll [90112] (Microsoft Corporation) Catalog9 06 C:\Windows\system32\mswsock.dll [247808] (Microsoft Corporation) Catalog9 07 C:\Windows\system32\mswsock.dll [247808] (Microsoft Corporation) Catalog9 08 C:\Windows\system32\mswsock.dll [247808] (Microsoft Corporation) Catalog9 09 C:\Windows\system32\mswsock.dll [247808] (Microsoft Corporation) Catalog9 10 C:\Windows\system32\mswsock.dll [247808] (Microsoft Corporation) Catalog9 11 C:\Windows\system32\mswsock.dll [247808] (Microsoft Corporation) Catalog9 12 C:\Windows\system32\mswsock.dll [247808] (Microsoft Corporation) Catalog9 13 C:\Windows\system32\mswsock.dll [247808] (Microsoft Corporation) Catalog9 14 C:\Windows\system32\mswsock.dll [247808] (Microsoft Corporation) Catalog9 15 C:\Windows\system32\mswsock.dll [247808] (Microsoft Corporation) Catalog9 16 C:\Windows\system32\mswsock.dll [247808] (Microsoft Corporation) Catalog9 17 C:\Windows\system32\mswsock.dll [247808] (Microsoft Corporation) Catalog9 18 C:\Windows\system32\mswsock.dll [247808] (Microsoft Corporation) Catalog9 19 C:\Windows\system32\mswsock.dll [247808] (Microsoft Corporation) ========================= Event log errors: =============================== Application errors: ================== Error: (08/09/2012 09:57:55 PM) (Source: Avira AntiVir) (User: AUTORITE NT)AUTORITE NT Description: An error occurred during a resource request to the Windows NT system. The resource <avgntflt> has not been allocated. This could be due to an out-of-memory error or any other system failure. Returned error code: 0xffffffff Error: (08/09/2012 09:28:50 PM) (Source: Avira AntiVir) (User: AUTORITE NT)AUTORITE NT Description: An error occurred during a resource request to the Windows NT system. The resource <avgntflt> has not been allocated. This could be due to an out-of-memory error or any other system failure. Returned error code: 0xffffffff Error: (08/09/2012 09:28:15 PM) (Source: Avira AntiVir) (User: AUTORITE NT)AUTORITE NT Description: An error occurred during a resource request to the Windows NT system. The resource <avgntflt> has not been allocated. This could be due to an out-of-memory error or any other system failure. Returned error code: 0xffffffff Error: (08/08/2012 11:45:07 PM) (Source: Avira AntiVir) (User: AUTORITE NT)AUTORITE NT Description: An error occurred during a resource request to the Windows NT system. The resource <avgntflt> has not been allocated. This could be due to an out-of-memory error or any other system failure. Returned error code: 0xffffffff Error: (08/08/2012 09:23:18 PM) (Source: Avira AntiVir) (User: AUTORITE NT)AUTORITE NT Description: An error occurred during a resource request to the Windows NT system. The resource <avgntflt> has not been allocated. This could be due to an out-of-memory error or any other system failure. Returned error code: 0xffffffff Error: (08/08/2012 09:21:55 PM) (Source: Avira AntiVir) (User: AUTORITE NT)AUTORITE NT Description: An error occurred during a resource request to the Windows NT system. The resource <avgntflt> has not been allocated. This could be due to an out-of-memory error or any other system failure. Returned error code: 0xffffffff Error: (08/08/2012 09:21:25 PM) (Source: Avira AntiVir) (User: AUTORITE NT)AUTORITE NT Description: An error occurred during a resource request to the Windows NT system. The resource <avgntflt> has not been allocated. This could be due to an out-of-memory error or any other system failure. Returned error code: 0xffffffff Error: (08/08/2012 09:20:21 PM) (Source: Avira AntiVir) (User: AUTORITE NT)AUTORITE NT Description: An error occurred during a resource request to the Windows NT system. The resource <avgntflt> has not been allocated. This could be due to an out-of-memory error or any other system failure. Returned error code: 0xffffffff Error: (08/08/2012 09:03:05 PM) (Source: Avira AntiVir) (User: AUTORITE NT)AUTORITE NT Description: An error occurred during a resource request to the Windows NT system. The resource <avgntflt> has not been allocated. This could be due to an out-of-memory error or any other system failure. Returned error code: 0xffffffff Error: (08/08/2012 07:22:06 PM) (Source: Avira AntiVir) (User: AUTORITE NT)AUTORITE NT Description: An error occurred during a resource request to the Windows NT system. The resource <avgntflt> has not been allocated. This could be due to an out-of-memory error or any other system failure. Returned error code: 0xffffffff System errors: ============= Error: (08/09/2012 09:57:49 PM) (Source: Service Control Manager) (User: ) Description: Le service avipbb n'a pas pu démarrer en raison de l'erreur : %%31 Error: (08/09/2012 09:28:44 PM) (Source: Service Control Manager) (User: ) Description: Le service avipbb n'a pas pu démarrer en raison de l'erreur : %%31 Error: (08/09/2012 09:28:08 PM) (Source: Service Control Manager) (User: ) Description: Le service avipbb n'a pas pu démarrer en raison de l'erreur : %%31 Error: (08/09/2012 09:28:08 PM) (Source: Service Control Manager) (User: ) Description: Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger : viamraid Error: (08/09/2012 09:28:08 PM) (Source: Service Control Manager) (User: ) Description: Le service Avira AntiVir Guard est en attente de démarrage. Error: (08/09/2012 09:26:35 PM) (Source: Service Control Manager) (User: ) Description: Le service Service Partage réseau du Lecteur Windows Media dépend du service Hôte de périphérique universel Plug-and-Play qui n'a pas pu démarrer en raison de l'erreur : %%0 Error: (08/09/2012 09:26:35 PM) (Source: Service Control Manager) (User: ) Description: Le service Server Helper s'est arrêté avec l'erreur : %%126 Error: (08/09/2012 09:26:35 PM) (Source: Service Control Manager) (User: ) Description: Le service Image Support s'est arrêté avec l'erreur : %%126 Error: (08/09/2012 09:26:35 PM) (Source: Service Control Manager) (User: ) Description: Le service Update Network s'est arrêté avec l'erreur : %%126 Error: (08/09/2012 09:26:35 PM) (Source: Service Control Manager) (User: ) Description: Le service Update Installer s'est arrêté avec l'erreur : %%126 Microsoft Office Sessions: ========================= Error: (08/09/2012 09:57:55 PM) (Source: Avira AntiVir)(User: AUTORITE NT)AUTORITE NT Description: avgntflt0xffffffff Error: (08/09/2012 09:28:50 PM) (Source: Avira AntiVir)(User: AUTORITE NT)AUTORITE NT Description: avgntflt0xffffffff Error: (08/09/2012 09:28:15 PM) (Source: Avira AntiVir)(User: AUTORITE NT)AUTORITE NT Description: avgntflt0xffffffff Error: (08/08/2012 11:45:07 PM) (Source: Avira AntiVir)(User: AUTORITE NT)AUTORITE NT Description: avgntflt0xffffffff Error: (08/08/2012 09:23:18 PM) (Source: Avira AntiVir)(User: AUTORITE NT)AUTORITE NT Description: avgntflt0xffffffff Error: (08/08/2012 09:21:55 PM) (Source: Avira AntiVir)(User: AUTORITE NT)AUTORITE NT Description: avgntflt0xffffffff Error: (08/08/2012 09:21:25 PM) (Source: Avira AntiVir)(User: AUTORITE NT)AUTORITE NT Description: avgntflt0xffffffff Error: (08/08/2012 09:20:21 PM) (Source: Avira AntiVir)(User: AUTORITE NT)AUTORITE NT Description: avgntflt0xffffffff Error: (08/08/2012 09:03:05 PM) (Source: Avira AntiVir)(User: AUTORITE NT)AUTORITE NT Description: avgntflt0xffffffff Error: (08/08/2012 07:22:06 PM) (Source: Avira AntiVir)(User: AUTORITE NT)AUTORITE NT Description: avgntflt0xffffffff =========================== Installed Programs ============================ 32 Bit HP CIO Components Installer (Version: 1.0.0) Adobe Flash Player 11 Plugin (Version: 11.2.202.228) Adobe Shockwave Player 11.6 (Version: 11.6.4.634) AIO_Scan (Version: 90.0.222.000) aMSN 0.97.2 Assistant de connexion Windows Live (Version: 5.000.818.5) Audacity 1.3.11 (Unicode) Avira AntiVir Personal - Free Antivirus (Version: 10.2.0.707) Badoo Desktop (Version: 1.6.55.1183) Bluesoleil2.6.0.8 Release 070517 (Version: 2.6.0.8 Release 070517) CCleaner (Version: 3.02) CDBurnerXP (Version: 4.4.1.3243) Chromium (Version: 10.0.617.0) DJ_AIO_Software_min (Version: 90.0.222.000) EASEUS Partition Master 9.1.0 Home Edition Foxit Reader 5.1 (Version: 5.1.0.1021) Google Chrome (Version: 5.0.375.99) Google Earth Plug-in (Version: 6.1.0.5001) Google Update Helper (Version: 1.3.21.115) HijackThis 2.0.2 (Version: 2.0.2) HP Deskjet All-In-One Software 9.0 (Version: 9.0) Installation Windows Live (Version: 14.0.8117.0416) Installation Windows Live (Version: 14.0.8117.416) Java Auto Updater (Version: 2.0.7.1) Java(TM) 6 Update 31 (Version: 6.0.310) LAME v3.98.3 for Audacity Lecteur Windows Media 11 Lexmark X73 Logiciel d'archivage WinRAR Ma-Config.com (Version: 5.2.018) Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300) Media Go (Version: 1.0.373) Messenger Plus! Live (Version: 4.83.0.372) Microsoft .NET Framework 1.1 (Version: 1.1.4322) Microsoft .NET Framework 1.1 Security Update (KB979906) Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729) Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729) Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729) Microsoft Application Error Reporting (Version: 12.0.6012.5000) Microsoft Choice Guard (Version: 2.0.48.0) Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1) Microsoft Internationalized Domain Names Mitigation APIs Microsoft LifeCam (Version: 1.40.164.0) Microsoft National Language Support Downlevel APIs Microsoft Office Professional Edition 2003 (Version: 11.0.7969.0) Microsoft Silverlight (Version: 4.0.50524.0) Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Windows XP Video Decoder Checkup Utility Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2) (Version: 2) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB974455) (Version: 1) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB976325) (Version: 1) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB978207) (Version: 1) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB982381) (Version: 1) Mise à jour pour Windows Internet Explorer 7 (KB976749) (Version: 1) Module de compatibilité pour Microsoft Office System 2007 (Version: 12.0.6514.5001) Mozilla Firefox 11.0 (x86 fr) (Version: 11.0) MSVCRT (Version: 14.0.1468.721) MSXML 6 Service Pack 2 (KB973686) (Version: 6.20.2003.0) nLite 1.4.9.1 (Version: 1.4.9.1) NVIDIA Drivers Outil de téléchargement Windows Live (Version: 14.0.8014.1029) OVH hubiC-browser (Version: 0.3.7) PartitionMagic (Version: 8.00.000) PDFCreator (Version: 1.2.1) PE Builder 3.1.10a Personal Solution Pac Photo Notifier and Animation Creator (Version: 1.0.0.1009) Platform (Version: 1.12) Power2Go 4.0 PowerDVD PowerQuest PartitionMagic 8.0 (Version: 8.00.000) PowerStarter QuickTime (Version: 7.55.90.70) Realtek High Definition Audio Driver (Version: 5.10.0.5319) Recuva (Version: 1.39) Scan (Version: 9.0.0.0) Segoe UI (Version: 14.0.4327.805) Sony Ericsson PC Suite 6.009.00 (Version: 6.009.00) SpeedFan (remove only) swMSM (Version: 12.0.0.1) TomTom HOME 2.7.3.1894 (Version: 2.7.3.1894) TomTom HOME Visual Studio Merge Modules (Version: 1.0.2) Toolbox (Version: 90.0.146.000) TubeMaster++ 1.9 UltraISO Premium V9.36 Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1) VIA Gestionnaire de périphériques de plate-forme (Version: 1.12) VIA Rhine-Family Fast-Ethernet Adapter VLC media player 1.0.3 (Version: 1.0.3) WebFldrs XP (Version: 9.50.7523) Windows Genuine Advantage Validation Tool (KB892130) Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2) Windows Imaging Component (Version: 3.0.0.0) Windows Internet Explorer 7 (Version: 20070813.185237) Windows Live Call (Version: 14.0.8117.0416) Windows Live Communications Platform (Version: 14.0.8117.416) Windows Live Messenger (Version: 14.0.8117.0416) Windows Media Connect Windows Media Format 11 runtime Windows Media Player 11 Windows Media Player Firefox Plugin (Version: 1.0.0.8) ========================= Devices: ================================ Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ========================= Memory info: =================================== Percentage of memory in use: 24% Total physical RAM: 2047.23 MB Available physical RAM: 1538.58 MB Total Pagefile: 4965.28 MB Available Pagefile: 4586.7 MB Total Virtual: 2047.88 MB Available Virtual: 1975.18 MB ========================= Partitions: ===================================== 2 Drive c: (windows) (Fixed) (Total:31.7 GB) (Free:8.64 GB) NTFS 3 Drive d: (logiciels j) (Fixed) (Total:63.48 GB) (Free:62.57 GB) NTFS 4 Drive e: (music/images/videos k) (Fixed) (Total:63.48 GB) (Free:35.71 GB) NTFS 5 Drive f: (bordel l) (Fixed) (Total:69.32 GB) (Free:20.63 GB) NTFS ========================= Users: ======================================== comptes d'utilisateurs de \\NOM-9FC1C28E5CE Administrateur ASPNET HelpAssistant Invit‚ regis SUPPORT_388945a0 La commande s'est termin‚e correctement. **** End of log ****

jeanmimigab · le 10 Aoû 2012 07:03

hello reg,

arf,

Je pense avoir trouvé, tu as deux installations différente d'Antivir, une sur le disque "C' et l'autre sur "D" çe qui créer des confis entre services...

services et modules et drivers lancés depuis "D"
PRC - [2011/04/21 07:53:48 | 000,136,360 | ---- | M] (Avira GmbH) -- D:\Avira\AntiVir Desktop\sched.exe
PRC - [2011/04/21 07:53:33 | 000,281,768 | ---- | M] (Avira GmbH) -- D:\Avira\AntiVir Desktop\avgnt.exe
MOD - [2011/07/21 15:12:31 | 000,355,688 | ---- | M] () -- D:\Avira\AntiVir Desktop\sqlite3.dll
SRV - [2011/07/21 12:12:16 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Stopped] -- D:\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/04/21 07:53:48 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- D:\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
DRV - [2010/06/17 15:27:12 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- D:\Avira\AntiVir Desktop\avgio.sys -- (avgio)
clef RUN >> O4 - HKLM\..\Run: [avgnt] D:\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

les autres drivers lancés depuis "C"
DRV - [2011/07/21 12:15:21 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/07/21 12:15:19 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/06/17 15:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
[2012/08/05 23:40:57 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2012/08/05 23:40:55 | 000,138,192 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2012/08/05 23:40:55 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2012/08/05 23:40:55 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys

Désinstalle à nouveaux Antivir et passe aussi à nouveau Avira registry cleanner

Minitoolbox montre bien l'erreur de chargement

Error: (08/08/2012 09:23:18 PM) (Source: Avira AntiVir) (User: AUTORITE NT)AUTORITE NT
Description: An error occurred during a resource request to the Windows NT system.
The resource <avgntflt> has not been allocated.
This could be due to an out-of-memory error or any other system failure.
Returned error code: 0xffffffff

ensuite vérifie sur le disque "D" que le dossier " D:\Avira" soit viré, sinon supprime-le manuellement...

en enfin redémarre le pc pour charger les nouvelles ruches de registre afin de repartir sur de bonnes bases...

Réinstalle Antivir en sélectionnant le disque "C" pour l'installation, si tu n'as pas de choix pour le disque,choisis installation manuelle/personnalisée (je ne sais plus comment avira appelle ça...) afin de bien choisir le répertoire "C:\progamfiles" comme cible...

dis moi ensuite ce que cela donne :wink:

reg35 · le 10 Aoû 2012 19:52

et non toujours pareil...

tampis, c'est peut etre juste un bug de chez avira, sa reviendra pitetre a la normale apres une mise a jour...

jeanmimigab · le 11 Aoû 2012 10:21

coucou,

c'est bizarre comme truc...

Si tu fais un clic-droit sur le petit parapluie et que tu choisis "realtime protection enable", est-ce que le parapluie s'ouvre ?

reg35 · le 11 Aoû 2012 10:57

salut
oui comme tu dis, bisare ce truc.
je n'ai pas "realtime protection enable" au clic droit du parapluie.

par contre, j'ai:
Antivir guard enable (grisé)
start antivir (pour ouvrir le panneau de controle d'antivir)
configure antivir
start update
help
about avira antivir personal...
avira on the internet

petite curiosité, je regarde dans about avira antivir personal pour voir les infos, et je regarde dans l'onglet version information et la il me met la version de chaque élément d'antivir dont voici le résultat:

bizarre malgré le fait que la mise a jour soit effectué il reste des éléments datant de l'année dernière, j'ai pas fait gaffe depuis quand mon parapluie reste fermé mais si sa ce trouve c'est depuis que guard a passé le 1an?

jeanmimigab · le 11 Aoû 2012 13:14

ta version d'antivir est trop ancienne (10), vérifie dans "About avira >> onglet "licence information" et vérifie que la date "Liscence valid until" soit valable

Comme d'hab, tu désinstalle Antivir, passe Avira registry cleanner, redémarre ton pc

Télécharge la version 12 dispo ici
http://www.commentcamarche.net/download ... ra-antivir
Lors de l'installation, décoches l'option "J'accepte les conditions du contrats Ask.com...".

après cela, ça devrait aller (je croise les doigts) :lol:

reg35 · le 11 Aoû 2012 19:30

c'est bien ce qu'il me semblait... bon derniere tentative...lol

puré qu'est-ce qu'on se fait chier avec un telechargement a 950ko/s... :lol:

je te redit sa dans quelques instants

echec, il veut le sp3 pour xp... bon allez hop, je dl le sp3...pas trop le choix...

oh pinaise:

la box va fumer!!!

[Réglé] antivir guard bloqué a l'arret/ rapports otl

[Réglé] antivir guard bloqué a l'arret/ rapports otl

Re: antivir guard bloqué a l'arret/ rapports otl

Re: antivir guard bloqué a l'arret/ rapports otl

Re: antivir guard bloqué a l'arret/ rapports otl

Re: antivir guard bloqué a l'arret/ rapports otl

Re: antivir guard bloqué a l'arret/ rapports otl

Re: antivir guard bloqué a l'arret/ rapports otl

Re: antivir guard bloqué a l'arret/ rapports otl

Re: antivir guard bloqué a l'arret/ rapports otl

Re: antivir guard bloqué a l'arret/ rapports otl

Re: antivir guard bloqué a l'arret/ rapports otl

Re: antivir guard bloqué a l'arret/ rapports otl

Re: antivir guard bloqué a l'arret/ rapports otl

Re: antivir guard bloqué a l'arret/ rapports otl

Re: antivir guard bloqué a l'arret/ rapports otl

Sujets similaires

Qui est en ligne