Page 3 sur 3

MessagePosté: 27 Jan 2009, 18:42
de mortier
Re-Bonsoir 2nd log
Cordialement Merci


OTListIt Extras logfile created on: 27/01/09 18:33:45 - Run 8
OTListIt2 by OldTimer - Version 1.0.4.1 Folder = C:\Documents and Settings\Armand\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yy

1023,48 Mb Total Physical Memory | 649,98 Mb Available Physical Memory | 63,51% Memory free
3,90 Gb Paging File | 3,56 Gb Available in Paging File | 91,25% Paging File free
Paging file location(s): C:\pagefile.sys 3072 4096;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 189,91 Gb Total Space | 80,76 Gb Free Space | 42,52% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MORTIER
Current User Name: Armand
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
File not found -- C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.5
[2008/04/13 19:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2006/10/18 17:33:19 | 06,737,965 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Games\Age of Empires II\EMPIRES2.EXE:*:Disabled:Age of Empires II
[2001/06/15 22:37:34 | 06,877,229 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Games\Age of Empires II\age2_x1\age2_x1.exe:*:Disabled:Age of Empires II Expansion
File not found -- C:\Program Files\BitComet\BitComet.exe:*:Disabled:BitComet - a BitTorrent Client
[2008/02/20 09:30:50 | 00,147,456 | ---- | M] (IPortent) -- C:\Program Files\Zapu\Zapu\wDivi.exe:*:Disabled:Zapu Control
[2007/11/15 20:33:43 | 05,537,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Games\Age of Empires\Empires.exe:*:Disabled:Age of Empires
[2008/04/13 19:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe:*:Disabled:@xpsp3res.dll,-20000
[2008/08/01 18:41:24 | 05,480,448 | ---- | M] (http://www.emule-project.net) -- C:\Program Files\eMule\emule.exe:*:Disabled:eMule
[2008/10/15 08:06:26 | 00,633,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Disabled:Internet Explorer
[2003/03/26 15:16:04 | 00,174,592 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\LEXPPS.EXE:*:Disabled:LEXPPS.EXE
File not found -- C:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe:*:Disabled:Media Player Classic
File not found -- C:\Program Files\MSN Messenger\msnmsgr.exe:*:Disabled:MSN Messenger 7.5
File not found -- C:\Documents and Settings\Armand\Local Settings\Temp\WZSE0.TMP\SymNRT.exe:*:Disabled:Norton Removal Tool
File not found -- C:\Program Files\Winamp Remote\bin\Orb.exe:*:Disabled:Orb
File not found -- C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Disabled:Orb Stream Client
File not found -- C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Disabled:OrbTray
[2008/04/14 03:34:13 | 01,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe:*:Disabled:Windows Messenger

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Multimedia Launcher
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 11
"{2BA00471-0328-3743-93BD-FA813353A783}" = Microsoft .NET Framework 3.0 Service Pack 1
"{315ACD04-BCEB-478B-9B1D-5431D0E6CB11}" = ASUS Enhanced Display Driver
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3A0221AD-D30B-4320-8F9B-1D0F0E6C6843}" = Kit de Connexion Alice ADSL
"{3A2AF807-9F9F-43C9-A24A-17B617238B74}" = OpenOffice.org Installer 1.0
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{523BD5B6-E904-493C-B902-1BC9B7D44DF4}" = Lexmark Photo Center
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6901DD22-527A-41EF-9059-E81FEDE9E494}" = Windows Presentation Foundation Language Pack (FRA)
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{9011040C-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional
"{9030040C-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Media Content
"{97034E1C-B178-4B5E-A1C4-203E225CC6FF}" = SanagaPlayer
"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1036-7B44-A90000000001}" = Adobe Reader 9 - Français
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B168C59D-5FCF-4EEC-B464-BFA7A8266150}" = Windows Communication Foundation Language Pack - FRA
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B84C141C-9A13-44BE-9A69-301D7B11D836}" = Windows Workflow Foundation FR Language Pack
"{B97CF5C3-0487-11D8-A36E-0050BAE317E1}" = DVD Solution
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{E3C080B0-23F5-49AF-89F8-8E8DBC89E659}" = Microsoft .NET Framework 3.0 French Language Pack
"{F196AC50-7C95-42E1-9947-BDAB18BF3C8C}" = Microsoft .NET Framework 2.0 Language Pack - FRA
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 3.13
"Ad-Aware SE Personal" = Ad-Aware SE Personal
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Age of Empires" = Microsoft Age of Empires
"Age of Empires 2.0" = Microsoft Age of Empires II
"Age of Empires II: The Conquerors Expansion 1.0" = Microsoft Age of Empires II : The Conquerors Expansion
"Agnitum Outpost Firewall Pro_is1" = Outpost Firewall Pro
"AliceSAV" = Alice Auto-diagnostic
"AntiVir PersonalEdition Classic" = Avira AntiVir Personal - Free Antivirus
"Atlas mondial Encarta 2.0" = Atlas Mondial Microsoft Encarta
"CAL" = Canon Camera Access Library
"CameraWindowDVC5" = Canon Camera Window DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"CCleaner" = CCleaner (remove only)
"CD-reef version S118 (édition 1999.4)" = CD-reef version S118 (édition 1999.4)
"CSCLIB" = Canon Camera Support Core Library
"Dicobat version 1.1" = Dicobat version 1.1
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"eMule" = eMule
"EOS Utility" = Canon Utilities EOS Utility
"foobar2000" = foobar2000
"Full Pack" = Full Pack Codecs
"Google Updater" = Outil de mise à jour Google
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InCD!UninstallKey" = InCD
"InstallShield_{523BD5B6-E904-493C-B902-1BC9B7D44DF4}" = Centre d'imagerie Lexmark
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.2.4 (Full) BETA
"Language pack for Ad-Aware SE" = Language pack for Ad-Aware SE
"Lexmark Z700-P700 Series" = Lexmark Z700-P700 Series
"Lexmark Z700-P700 Series Photo Card Reader V3.00" = Lexmark Z700-P700 Series Photo Card Reader
"MediaInfo" = MediaInfo 0.7.5.5
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - FRA" = Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA
"Microsoft .NET Framework 3.0 French Language Pack" = Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"PhotoStitch" = Canon Utilities PhotoStitch
"Picasa2" = Picasa 2
"QuicktimeAlt_is1" = QuickTime Alternative 2.7.0
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RealAlt_is1" = Real Alternative 1.9.0
"RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"Solitude for Windows" = Solitude for Windows
"Stellarium_is1" = Stellarium 0.8.2
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media 11
"Windows XP Service" = Windows XP Service Pack 3
"WinLibre_is1" = WinLibre
"WinRAR archiver" = Archiveur WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"Xvid_is1" = Xvid 1.1.3 final uninstall
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 26/01/09 05:28:17 | Computer Name = MORTIER | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 7.0.6000.16762, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 26/01/09 16:50:37 | Computer Name = MORTIER | Source = Microsoft Office 10 | ID = 1000
Description = Faulting application winword.exe, version 10.0.2627.0, faulting module
winword.exe, version 10.0.2627.0, fault address 0x0030c8d0.

Error - 26/01/09 16:51:31 | Computer Name = MORTIER | Source = Microsoft Office 10 | ID = 1000
Description = Faulting application winword.exe, version 10.0.2627.0, faulting module
winword.exe, version 10.0.2627.0, fault address 0x0030c8d0.

Error - 26/01/09 16:57:53 | Computer Name = MORTIER | Source = Microsoft Office 10 | ID = 1000
Description = Faulting application winword.exe, version 10.0.2627.0, faulting module
winword.exe, version 10.0.2627.0, fault address 0x0030c8d0.

Error - 26/01/09 16:58:14 | Computer Name = MORTIER | Source = Microsoft Office 10 | ID = 1000
Description = Faulting application winword.exe, version 10.0.2627.0, faulting module
winword.exe, version 10.0.2627.0, fault address 0x0001a6fc.

Error - 26/01/09 17:00:16 | Computer Name = MORTIER | Source = Microsoft Office 10 | ID = 1000
Description = Faulting application winword.exe, version 10.0.2627.0, faulting module
winword.exe, version 10.0.2627.0, fault address 0x0030c8d0.

Error - 26/01/09 17:05:53 | Computer Name = MORTIER | Source = Microsoft Office 10 | ID = 1000
Description = Faulting application winword.exe, version 10.0.2627.0, faulting module
winword.exe, version 10.0.2627.0, fault address 0x0001a6fc.

Error - 26/01/09 17:09:28 | Computer Name = MORTIER | Source = Microsoft Office 10 | ID = 1000
Description = Faulting application winword.exe, version 10.0.2627.0, faulting module
winword.exe, version 10.0.2627.0, fault address 0x0001a6fc.

Error - 26/01/09 17:10:26 | Computer Name = MORTIER | Source = Microsoft Office 10 | ID = 1000
Description = Faulting application winword.exe, version 10.0.2627.0, faulting module
winword.exe, version 10.0.2627.0, fault address 0x0001a6fc.

Error - 27/01/09 07:09:09 | Computer Name = MORTIER | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 7.0.6000.16762, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

[ System Events ]
Error - 26/01/09 15:43:29 | Computer Name = MORTIER | Source = Service Control Manager | ID = 7023
Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126

Error - 26/01/09 15:43:29 | Computer Name = MORTIER | Source = Service Control Manager | ID = 7023
Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126

Error - 26/01/09 15:43:29 | Computer Name = MORTIER | Source = Service Control Manager | ID = 7023
Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126

Error - 26/01/09 15:43:29 | Computer Name = MORTIER | Source = Service Control Manager | ID = 7023
Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126

Error - 26/01/09 15:43:29 | Computer Name = MORTIER | Source = Service Control Manager | ID = 7023
Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126

Error - 26/01/09 15:43:29 | Computer Name = MORTIER | Source = Service Control Manager | ID = 7023
Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126

Error - 26/01/09 15:43:29 | Computer Name = MORTIER | Source = Service Control Manager | ID = 7023
Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126

Error - 26/01/09 15:43:30 | Computer Name = MORTIER | Source = Service Control Manager | ID = 7023
Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126

Error - 26/01/09 15:43:30 | Computer Name = MORTIER | Source = Service Control Manager | ID = 7023
Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126

Error - 26/01/09 15:43:30 | Computer Name = MORTIER | Source = Service Control Manager | ID = 7023
Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126


<End>

MessagePosté: 28 Jan 2009, 01:52
de nickW
Bonsoir,

L'Observateur d'événements enregistre des tas d'erreurs d'applications (Word, IE).

Il faudrait tester la mémoire.
Voir Memtest86+: http://www.memtest.org/
Un tutoriel pour Memtest: http://netah25.developpez.com/Tutoriels/TutoMemtest86/


Il en enregistre également pour le service Gestion d'applications.
Cette erreur est dûe à un bug Microsoft pour XP Home.
Voir: http://support.microsoft.com/?scid=kb%3 ... &x=12&y=12
Il est probablement inutile de corriger.


A suivre,

MessagePosté: 30 Jan 2009, 18:10
de mortier
Bonjour,
j'ai essayé mentest sur cd, sur disquette j'ai suivi les instructions du livret préalablement imprimé rien à faire , rien ne démarre...
je pense abandonner le test de mémoire et clôturer le sujet c'est en dehors de mes compétences
quand pense tu?

2 soirées de consacrées je suis au bord du divorce

Merci encore
Cordialement

MessagePosté: 31 Jan 2009, 01:25
de nickW
Bonsoir,


As-tu modifié le BIOS pour que le démarrage se fasse en premier à partir du CD?
As-tu bien "gravé" le CD en tant qu'image ISO (et non en CD de données)?


Je peux simplement dire que les logs ne montrent plus rien d'infectieux.


Salut,

MessagePosté: 08 Fév 2009, 20:44
de mortier
Bonsoir j'étais un peu long à répondre toutes mes excuses :oops: je pense avoir suivi toutes les instructions sur Cd, disquette, je n'y arrive pas le test ne démarre pas...j'abandonne
Merci encore et à bientôt je suis les conseils du site pour éviter tout problème