demande d'analyse de log svp

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

demande d'analyse de log svp

Messagede joanzo » 08 Juin 2010, 23:20

Bjr ,
Merci d'avance pour le temps passer sur mon cas.

1/ Les symptomes

Mon pc plante et redémarre de manière intempestive.

2 ou 3 fois par jour, à différents moments.


2/ Log malwarebytes

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4181

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

09/06/2010 00:06:26
mbam-log-2010-06-09 (00-06-26).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 126435
Temps écoulé: 3 minute(s), 25 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
JOANZO
joanzo
 
Messages: 39
Inscription: 25 Mai 2008, 21:15
Localisation: LILLE

Messagede joanzo » 08 Juin 2010, 23:23

OTL logfile created on: 09/06/2010 00:10:52 - Run 2
OTL by OldTimer - Version 3.1.37.3 Folder = G:\Boîte à outil de désinfection
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 71,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298,08 Gb Total Space | 112,43 Gb Free Space | 37,72% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 465,76 Gb Total Space | 295,49 Gb Free Space | 63,44% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: USER-77C60F37E3
Current User Name: user
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/04/04 07:57:52 | 000,349,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
PRC - [2010/04/01 06:57:43 | 000,555,520 | ---- | M] (OldTimer Tools) -- G:\Boîte à outil de désinfection\OTL.exe
PRC - [2010/02/18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
PRC - [2009/08/18 15:15:22 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/07/24 08:40:36 | 003,055,616 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
PRC - [2009/07/24 08:39:22 | 002,173,440 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
PRC - [2009/07/24 08:39:22 | 000,487,424 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe
PRC - [2009/07/14 07:47:38 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/07/09 12:22:18 | 000,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/05/07 16:35:00 | 000,053,544 | ---- | M] (Guillemot Corporation) -- C:\WINDOWS\system32\HerculesWiFiService.exe
PRC - [2009/05/07 16:34:50 | 000,124,200 | ---- | M] () -- C:\Program Files\Hercules\WiFiStationN\WiFiN.exe
PRC - [2009/03/02 13:08:11 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008/04/14 14:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/04 20:37:59 | 000,088,584 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Gaming Software\LWEMon.exe
PRC - [2006/12/23 19:05:20 | 000,143,360 | ---- | M] (Nero AG) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
PRC - [2006/12/23 19:04:42 | 000,905,216 | ---- | M] (Nero AG) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2006/12/23 18:54:04 | 000,262,144 | ---- | M] (Nero AG) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
PRC - [2006/11/13 15:07:02 | 001,289,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe
PRC - [2006/11/13 15:06:52 | 000,199,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\rapimgr.exe
PRC - [2004/09/29 12:14:36 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2004/04/13 07:07:18 | 000,069,632 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe


========== Modules (SafeList) ==========

MOD - [2010/04/01 06:57:43 | 000,555,520 | ---- | M] (OldTimer Tools) -- G:\Boîte à outil de désinfection\OTL.exe


========== Win32 Services (SafeList) ==========

SRV - [2009/08/18 15:15:22 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/07/24 08:39:22 | 000,487,424 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2009/07/14 07:47:38 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/07/13 19:22:09 | 000,316,816 | ---- | M] (Protection Technology) [Auto | Stopped] -- C:\WINDOWS\System32\appdrvrem01.exe -- (appdrvrem01) Application Driver Auto Removal Service (01)
SRV - [2009/07/09 12:22:18 | 000,144,712 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/05/07 16:35:00 | 000,053,544 | ---- | M] (Guillemot Corporation) [Auto | Running] -- C:\WINDOWS\system32\HerculesWiFiService.exe -- (HerculesWiFi)
SRV - [2006/12/23 18:54:04 | 000,262,144 | ---- | M] (Nero AG) [On_Demand | Running] -- C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2004/09/29 12:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - [2009/12/10 16:48:51 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/09/12 08:30:44 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/07/14 07:47:38 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/07/13 19:22:10 | 003,033,712 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\appdrv01.sys -- (appdrv01) Application Driver (01)
DRV - [2009/05/15 12:26:24 | 000,583,552 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2009/03/30 10:32:47 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/02/13 12:34:33 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009/01/25 09:53:43 | 000,142,592 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2008/12/12 16:27:46 | 000,018,432 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\LG Soft India\forteManager\bin\pii2cdriver.sys -- (LGII2CDevice)
DRV - [2008/12/12 16:27:46 | 000,014,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\LG Soft India\forteManager\bin\i2cdriver.sys -- (LGDDCDevice)
DRV - [2008/12/02 00:13:40 | 003,452,928 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008/07/25 21:09:24 | 000,845,184 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2008/07/01 05:27:44 | 000,108,800 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtenicxp.sys -- (RTLE8023xp)
DRV - [2008/05/21 01:53:36 | 000,093,696 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2008/05/13 13:44:00 | 000,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\sasenum.sys -- (SASENUM)
DRV - [2008/05/13 13:43:58 | 000,008,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2008/05/13 13:43:56 | 000,055,024 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2008/04/14 14:00:00 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/04/13 11:41:00 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\changer.sys -- (Changer)
DRV - [2008/04/13 11:40:28 | 000,034,688 | ---- | M] (Toshiba Corp.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\lbrtfdc.sys -- (lbrtfdc)
DRV - [2008/02/14 15:12:00 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\monfilt.sys -- (monfilt)
DRV - [2008/01/25 00:09:34 | 000,048,904 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2008/01/25 00:09:24 | 000,014,728 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2008/01/25 00:09:04 | 000,028,168 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2008/01/25 00:08:54 | 000,019,336 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2006/06/14 12:53:00 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbccid.sys -- (USBCCID)
DRV - [2004/08/13 12:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-725345543-1303643608-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKU\S-1-5-21-725345543-1303643608-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-725345543-1303643608-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.altavista.com/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {5B52016C-D097-4aec-BE61-9F129D8FDDBA}:2.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {e2c58150-9d72-11dd-ad8b-0800200c9a66}:1.3.1
FF - prefs.js..network.proxy.http: "localhost"
FF - prefs.js..network.proxy.http_port: 9666
FF - prefs.js..network.proxy.socks: "localhost"
FF - prefs.js..network.proxy.socks_port: 9050
FF - prefs.js..network.proxy.socks_remote_dns: true
FF - prefs.js..network.proxy.ssl: "localhost"
FF - prefs.js..network.proxy.ssl_port: 9666

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/12 11:56:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/04/28 08:05:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010/03/18 16:54:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010/04/17 11:04:16 | 000,000,000 | ---D | M]

[2009/01/22 23:30:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Mozilla\Extensions
[2010/06/08 23:01:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\eh3tpmfn.default\extensions
[2009/10/18 19:00:41 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\eh3tpmfn.default\extensions\{5B52016C-D097-4aec-BE61-9F129D8FDDBA}
[2010/01/07 19:41:37 | 000,000,000 | ---D | M] (Black Steel) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\eh3tpmfn.default\extensions\{e2c58150-9d72-11dd-ad8b-0800200c9a66}
[2009/06/27 08:13:23 | 000,002,383 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\eh3tpmfn.default\searchplugins\kartoocom.xml
[2010/06/08 23:01:03 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/28 08:05:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/03/25 02:17:44 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/03/25 02:17:44 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/03/25 02:17:44 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2010/03/25 02:17:44 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/03/25 02:17:44 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2008/04/14 14:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [SpywareTerminator] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com)
O4 - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-21-725345543-1303643608-682003330-1004..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-725345543-1303643608-682003330-1004..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\Wcescomm.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-725345543-1303643608-682003330-1004..\Run: [SpywareTerminatorUpdate] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\WiFi Station N.lnk = C:\Program Files\Hercules\WiFiStationN\WiFiN.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-725345543-1303643608-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/01/22 23:17:09 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{fef62f3f-fdf0-11de-a943-00235447d731}\Shell - "" = AutoRun
O33 - MountPoints2\{fef62f3f-fdf0-11de-a943-00235447d731}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe -- File not found
O33 - MountPoints2\{fefa188f-f147-11de-a924-00235447d731}\Shell\AutoRun\command - "" = G:\setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009/01/23 00:00:49 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

========== Files/Folders - Created Within 30 Days ==========

[2010/06/08 17:43:15 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\user\Recent
[2010/06/05 11:49:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Mes documents\NFS SHIFT
[2010/06/05 11:35:10 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2010/05/13 18:09:41 | 000,034,688 | ---- | C] (Toshiba Corp.) -- C:\WINDOWS\System32\drivers\lbrtfdc.sys
[2010/05/13 18:09:41 | 000,034,688 | ---- | C] (Toshiba Corp.) -- C:\WINDOWS\System32\dllcache\lbrtfdc.sys
[2010/05/13 18:09:26 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i2omgmt.sys
[2010/05/13 18:09:13 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\changer.sys
[2010/05/13 18:09:13 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\changer.sys
[2010/05/13 10:24:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Mes documents\KONAMI
[2010/05/13 10:07:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\KONAMI
[2010/05/11 11:39:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Bureau\maison lompret
[2009/09/11 19:04:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2009/08/16 23:01:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009/05/16 14:12:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2009/05/16 11:00:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Spyware Terminator
[2009/05/16 10:54:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2009/01/26 19:32:39 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2009/01/22 23:19:13 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/06/09 00:10:44 | 005,767,168 | ---- | M] () -- C:\Documents and Settings\user\NTUSER.DAT
[2010/06/08 23:49:37 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/06/08 23:49:34 | 000,069,112 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2010/06/08 23:49:34 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/06/08 23:23:10 | 000,000,934 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\PESEdit.com 2010 Patch.lnk
[2010/06/08 16:25:01 | 000,000,184 | -HS- | M] () -- C:\Documents and Settings\user\ntuser.ini
[2010/06/08 16:24:50 | 006,613,510 | -H-- | M] () -- C:\Documents and Settings\user\Local Settings\Application Data\IconCache.db
[2010/06/07 17:13:33 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/06/04 19:04:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/05/31 12:17:54 | 000,188,928 | ---- | M] () -- C:\Documents and Settings\user\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/13 18:08:32 | 000,000,016 | ---- | M] () -- C:\Documents and Settings\user\Application Data\qvjsge.dat
[2010/05/12 20:16:47 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/05/12 15:04:05 | 000,587,163 | ---- | M] () -- C:\Documents and Settings\user\Bureau\Romane 1mois +Anzo casting TAO 030.jpg
[2010/05/12 15:03:57 | 000,492,212 | ---- | M] () -- C:\Documents and Settings\user\Bureau\Romane avant 2 mois 002.jpg
[2010/05/12 15:03:44 | 000,508,594 | ---- | M] () -- C:\Documents and Settings\user\Bureau\Romane avant 2 mois 055.jpg
[2010/05/12 15:03:35 | 000,465,561 | ---- | M] () -- C:\Documents and Settings\user\Bureau\Romane avant 2 mois 047.jpg
[2010/05/12 15:03:25 | 000,505,863 | ---- | M] () -- C:\Documents and Settings\user\Bureau\Romane avant 2 mois 032.jpg
[2010/05/12 15:03:16 | 000,484,188 | ---- | M] () -- C:\Documents and Settings\user\Bureau\Romane avant 2 mois 007.jpg
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/06/08 23:23:10 | 000,000,934 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\PESEdit.com 2010 Patch.lnk
[2010/05/13 18:07:44 | 000,000,016 | ---- | C] () -- C:\Documents and Settings\user\Application Data\qvjsge.dat
[2010/05/12 15:03:05 | 000,587,163 | ---- | C] () -- C:\Documents and Settings\user\Bureau\Romane 1mois +Anzo casting TAO 030.jpg
[2010/05/12 15:01:19 | 000,492,212 | ---- | C] () -- C:\Documents and Settings\user\Bureau\Romane avant 2 mois 002.jpg
[2010/05/12 15:00:29 | 000,508,594 | ---- | C] () -- C:\Documents and Settings\user\Bureau\Romane avant 2 mois 055.jpg
[2010/05/12 15:00:08 | 000,465,561 | ---- | C] () -- C:\Documents and Settings\user\Bureau\Romane avant 2 mois 047.jpg
[2010/05/12 14:59:34 | 000,505,863 | ---- | C] () -- C:\Documents and Settings\user\Bureau\Romane avant 2 mois 032.jpg
[2010/05/12 14:58:44 | 000,484,188 | ---- | C] () -- C:\Documents and Settings\user\Bureau\Romane avant 2 mois 007.jpg
[2010/01/14 20:01:39 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2009/08/22 22:36:06 | 000,597,536 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2009/05/16 14:12:12 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\$_hpcst$.hpc
[2009/05/11 17:33:14 | 000,372,736 | ---- | C] () -- C:\WINDOWS\System32\hpzidi01.dll
[2009/05/11 17:33:14 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2009/05/11 17:14:09 | 000,002,442 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2009/04/22 00:19:06 | 000,172,173 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009/03/23 09:14:20 | 000,138,114 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DeviceManager.xml.rc4
[2009/02/17 17:23:44 | 000,020,270 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DeviceInstaller.xml
[2009/02/01 16:57:00 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\user\Application Data\$_hpcst$.hpc
[2009/01/26 21:43:20 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009/01/25 09:53:43 | 000,142,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2009/01/23 18:13:35 | 000,000,052 | ---- | C] () -- C:\WINDOWS\Relax.ini
[2009/01/23 17:55:00 | 000,188,928 | ---- | C] () -- C:\Documents and Settings\user\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/23 17:49:11 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/01/23 14:02:33 | 000,001,746 | ---- | C] () -- C:\WINDOWS\Language_trs.ini
[2009/01/22 23:39:45 | 000,028,707 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2009/01/22 23:39:29 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009/01/22 23:39:17 | 000,028,388 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009/01/22 23:39:17 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2009/01/22 23:30:14 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/01/22 23:30:13 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009/01/22 23:30:12 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009/01/22 23:30:12 | 000,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/01/22 23:30:12 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/01/22 23:30:12 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009/01/22 23:30:11 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008/10/07 10:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008/10/07 10:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll

========== LOP Check ==========

[2009/01/26 21:46:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2009/02/09 12:12:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2010/05/13 10:07:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\KONAMI
[2010/06/08 20:38:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
[2010/01/10 17:19:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vodafone
[2009/10/27 19:15:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/09/05 12:49:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/05/16 11:00:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Spyware Terminator
[2009/02/15 17:31:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\2K Sports
[2010/04/05 21:11:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\abgx360
[2009/01/30 20:28:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Capcom
[2009/01/26 21:47:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\DAEMON Tools
[2009/09/12 08:37:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\DAEMON Tools Lite
[2009/01/26 21:47:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\DAEMON Tools Pro
[2010/03/05 19:37:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\ImgBurn
[2009/10/06 19:12:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Leadertech
[2009/03/28 21:29:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\MSNInstaller
[2009/01/25 10:00:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\OpenOffice.org
[2009/10/17 14:06:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Pro Cycling Manager 2009
[2009/01/26 19:32:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Shareaza
[2010/06/08 15:26:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Spyware Terminator
[2009/01/24 17:44:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Thunderbird
[2010/01/10 17:20:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Vodafone

========== Purity Check ==========



========== Custom Scans ==========


<SYSTEMDRIVE>


<MD5>
[2008/04/14 14:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

<MD5>
[2008/04/14 14:00:00 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/04/13 12:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008/04/13 12:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008/04/14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\system32\DRIVERS\atapi.sys
[2008/04/14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
[2008/04/13 12:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys

<MD5>
[2008/04/14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008/04/14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll

<MD5>
[2008/04/14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008/04/14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll

<MD5>
[2008/04/14 14:00:00 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008/04/14 14:00:00 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll

<systemroot>

<systemroot>
[2008/12/01 22:52:52 | 000,425,984 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\WINDOWS\system32\ATIDEMGX.dll
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

<systemroot>

========== Alternate Data Streams ==========

@Alternate Data Stream - 16 bytes -> C:\Documents and Settings\user\Mes documents\Shareaza Downloads:Shareaza.GUID
<End>
JOANZO
joanzo
 
Messages: 39
Inscription: 25 Mai 2008, 21:15
Localisation: LILLE

Messagede joanzo » 08 Juin 2010, 23:23

OTL Extras logfile created on: 09/06/2010 00:10:52 - Run 2
OTL by OldTimer - Version 3.1.37.3 Folder = G:\Boîte à outil de désinfection
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 71,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298,08 Gb Total Space | 112,43 Gb Free Space | 37,72% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 465,76 Gb Total Space | 295,49 Gb Free Space | 63,44% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: USER-77C60F37E3
Current User Name: user
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-725345543-1303643608-682003330-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Cyanide\GameCenter\GameCenter.exe" = C:\Program Files\Cyanide\GameCenter\GameCenter.exe:*:Enabled:GameCenter -- (Cyanide)
"C:\Program Files\Micro Application\Horse Racing Manager 2\HR.exe" = C:\Program Files\Micro Application\Horse Racing Manager 2\HR.exe:*:Enabled:Horse Racing Manager 2 -- File not found
"C:\Program Files\Micro Application\Horse Racing Manager 2\AutoRun.exe" = C:\Program Files\Micro Application\Horse Racing Manager 2\AutoRun.exe:*:Enabled:Horse Racing Manager 2 - AutoRun -- File not found
"C:\Program Files\Shareaza\Shareaza.exe" = C:\Program Files\Shareaza\Shareaza.exe:*:Enabled:Shareaza -- (Shareaza Development Team)
"C:\Program Files\Capcom\MotoGP 08\Launcher.exe" = C:\Program Files\Capcom\MotoGP 08\Launcher.exe:*:Enabled:MotoGP 08 -- ()
"C:\Program Files\TVAnts\Tvants.exe" = C:\Program Files\TVAnts\Tvants.exe:*:Enabled:TVAnts -- (Zhejiang University)
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"C:\Program Files\Cyanide\Pro Cycling Manager - Season 2008\PCM.exe" = C:\Program Files\Cyanide\Pro Cycling Manager - Season 2008\PCM.exe:*:Enabled:Pro Cycling Manager - Season 2008 -- File not found
"C:\Program Files\Cyanide\Pro Cycling Manager - Season 2008\Autorun\Exe\Autorun.exe" = C:\Program Files\Cyanide\Pro Cycling Manager - Season 2008\Autorun\Exe\Autorun.exe:*:Enabled:Pro Cycling Manager - Season 2008 - AutoRun -- File not found
"C:\Program Files\TVUPlayer\TVUPlayer.exe" = C:\Program Files\TVUPlayer\TVUPlayer.exe:*:Enabled:TVU Player Component -- File not found
"C:\Program Files\Electronic Arts\EADM\Core.exe" = C:\Program Files\Electronic Arts\EADM\Core.exe:*:Disabled:EA Download Manager -- File not found
"C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe" = C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:*:Enabled:Pro Evolution Soccer 2008 -- File not found
"C:\Documents and Settings\user\Bureau\PES2008.exe" = C:\Documents and Settings\user\Bureau\PES2008.exe:*:Enabled:Pro Evolution Soccer 2008 -- File not found
"C:\Program Files\Cyanide\Pro Cycling Manager - Season 2009\PCM.exe" = C:\Program Files\Cyanide\Pro Cycling Manager - Season 2009\PCM.exe:*:Enabled:Pro Cycling Manager - Season 2009 -- (Cyanide)
"C:\Program Files\Cyanide\Pro Cycling Manager - Season 2009\Autorun\Exe\Autorun.exe" = C:\Program Files\Cyanide\Pro Cycling Manager - Season 2009\Autorun\Exe\Autorun.exe:*:Enabled:Pro Cycling Manager - Season 2009 - AutoRun -- ()
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Documents and Settings\user\Mes documents\Téléchargements\Crack\pes2010.exe" = C:\Documents and Settings\user\Mes documents\Téléchargements\Crack\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010 -- File not found
"C:\Program Files\KONAMI\Pro Evolution Soccer 2010\pes2010.exe" = C:\Program Files\KONAMI\Pro Evolution Soccer 2010\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010 -- (Konami Digital Entertainment Co., Ltd.)
"C:\Documents and Settings\user\Bureau\JOCELYN\jeu vidéo pc\pes6\www.telechargementz.org pro 6 compresser by youssinio\PES6.exe" = C:\Documents and Settings\user\Bureau\JOCELYN\jeu vidéo pc\pes6\www.telechargementz.org pro 6 compresser by youssinio\PES6.exe:*:Enabled:pes6.exe -- File not found
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" = C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator -- (Crawler.com)
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}" = Microsoft Games for Windows - LIVE Redistributable
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3}" = Destinations
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{0E2B767B-EA6A-489B-BF83-8083FE1DB661}" = Pcsx2 0.9.6
"{11202615-E557-4ECF-9B86-F59C81E52909}" = FIFA 10
"{15EE79F4-4ED1-4267-9B0F-351009325D7D}" = HP Software Update
"{1ED6E4D0-8DB0-A333-DEA6-188F957F5A43}" = Catalyst Control Center Graphics Light
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 20
"{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}" = Pro Evolution Soccer 2010
"{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}" = TrayApp
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{407E0CBD-D6BF-F243-6DE9-F1EEA525BA1C}" = Catalyst Control Center Graphics Full Existing
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D243BA7-9AC4-46D1-90E5-EEB88974F501}" = Microsoft Games for Windows - LIVE
"{54A9A9E1-8C4C-44FE-AA6B-182EA1E779FD}" = Hercules WiFi Station N
"{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}" = WebReg
"{5EC634FA-5047-38B2-A53A-15963D9BD872}" = CCC Help English
"{5F26311C-B135-4F7F-B11E-8E650F83651E}" = DeviceFunctionQFolder
"{64B20B36-AEE7-4DD4-897C-C5DA5C218F60}" = Logitech Gaming Software 5.02
"{651AFCC8-2F1A-8132-0A33-FA5F041380BA}" = Catalyst Control Center Graphics Full New
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6860B340-530D-46B3-91F8-1AE1F70F7C33}" = OpenOffice.org 3.0
"{6901DD22-527A-41EF-9059-E81FEDE9E494}" = Windows Presentation Foundation Language Pack (FRA)
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69EF33D7-3425-1409-0BE1-C4F3A6FB57A8}" = ccc-utility
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7510EF8C-99B9-8533-524E-BF41BDC04188}" = Skins
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{773040E1-3B60-6507-C387-71F8F0A03C59}" = ccc-core-static
"{79546A5F-AE7C-4693-8670-A3401B43ABD2}" = HP Deskjet 5900 series
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{92DEC792-A722-5991-2607-3EE3A4BD502B}" = Catalyst Control Center HydraVision Full
"{94056AE8-EF0F-45E4-A1B4-D754115F8A28}" = Numedia CD-DVD writing as non-admin user
"{96793032-8651-805A-67EF-E1759C1A8E3D}" = Catalyst Control Center Graphics Previews Common
"{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 3.81
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A5222E5A-13CB-4C98-9F5C-21CF6896A25C}" = HPDeskjet5900Series
"{AAB93551-3FFE-42B2-8315-96252BBC1036}" = Nero 7 Essentials
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1036-7B44-A93000000001}" = Adobe Reader 9.3.2 - Français
"{B094F70F-2CC2-5062-8534-D3830FC4B018}" = Catalyst Control Center Core Implementation
"{B168C59D-5FCF-4EEC-B464-BFA7A8266150}" = Windows Communication Foundation Language Pack - FRA
"{B84C141C-9A13-44BE-9A69-301D7B11D836}" = Windows Workflow Foundation FR Language Pack
"{B996AE66-10DB-4ac5-B151-E8B4BFBC42FC}" = BufferChm
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BDA825AD-D60B-4935-9590-B0F1AC2E0D22}" = MotoGP 08
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CA42C38C-B369-B190-AD06-76D3AC95CFAC}" = ccc-core-preinstall
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding
"{DA34FE93-5DC5-48E0-ACC8-A5389E05BB51}" = iTunes
"{DA6FAB8D-E87A-4E8E-A3D3-B7B9F479C725}" = forteManager
"{E3C080B0-23F5-49AF-89F8-8E8DBC89E659}" = Microsoft .NET Framework 3.0 French Language Pack
"{E3F90083-80D4-4b5a-87C7-E97E12F5516D}" = HPProductAssistant
"{E4D15328-8C89-484B-B9AA-F5BE9EA6D01C}" = NVIDIA PhysX v8.10.17
"{EA103B64-C0E4-4C0E-A506-751590E1653D}" = SolutionCenter
"{F196AC50-7C95-42E1-9947-BDAB18BF3C8C}" = Microsoft .NET Framework 2.0 Language Pack - FRA
"{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4}" = Status
"7-Zip" = 7-Zip 4.65
"abgx360" = abgx360 v1.0.2
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Calculatrice €uro_is1" = Calculatrice €uro 1.0
"CCleaner" = CCleaner
"ERUNT_is1" = ERUNT 1.1j
"GameCenter" = GameCenter
"HP Imaging Device Functions" = HP Imaging Device Functions 5.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.0
"Hunting Unlimited 2009" = Hunting Unlimited 2009 1.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ImgBurn" = ImgBurn
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Gestionnaire de périphériques de plate-forme
"JDownloader" = JDownloader
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.1.7
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 2.0 Language Pack - FRA" = Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA
"Microsoft .NET Framework 3.0 French Language Pack" = Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"Mozilla Thunderbird (2.0.0.24)" = Mozilla Thunderbird (2.0.0.24)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PeerGuardian_is1" = PeerGuardian 2.0
"Pro Cycling Manager 2009_is1" = Pro Cycling Manager - Season 2009 1.0.3.3
"Shareaza_is1" = Shareaza 2.4.0.0
"Spyware Terminator_is1" = Spyware Terminator
"Street Fighter IV_is1" = Street Fighter IV
"StudioLine Photo Basic" = StudioLine Photo Basic
"TVAnts 1.0" = TVAnts 1.0
"VLC media player" = VLC media player 0.9.2
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media 11
"WinRAR archiver" = Archiveur WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 04/06/2010 15:07:31 | Computer Name = USER-77C60F37E3 | Source = Application Error | ID = 1000
Description = Application défaillante pes2010.exe, version 1.3.0.0, module défaillant
pes2010.exe, version 1.3.0.0, adresse de défaillance 0x0082a0b0.

Error - 05/06/2010 05:58:07 | Computer Name = USER-77C60F37E3 | Source = Application Hang | ID = 1002
Description = Application bloquée shift.exe, version 1.0.0.0, module bloqué hungapp,
version 0.0.0.0, adresse de blocage 0x00000000.

Error - 05/06/2010 06:33:03 | Computer Name = USER-77C60F37E3 | Source = Application Error | ID = 1000
Description = Application défaillante shift.exe, version 1.0.2.0, module défaillant
unknown, version 0.0.0.0, adresse de défaillance 0x00000000.

Error - 05/06/2010 06:33:23 | Computer Name = USER-77C60F37E3 | Source = Application Hang | ID = 1002
Description = Application bloquée SHIFT.exe, version 1.0.2.0, module bloqué hungapp,
version 0.0.0.0, adresse de blocage 0x00000000.

Error - 06/06/2010 14:24:51 | Computer Name = USER-77C60F37E3 | Source = Application Error | ID = 1000
Description = Application défaillante pes2010.exe, version 1.3.0.0, module défaillant
pes2010.exe, version 1.3.0.0, adresse de défaillance 0x0082a0b0.

Error - 06/06/2010 14:32:40 | Computer Name = USER-77C60F37E3 | Source = Application Error | ID = 1000
Description = Application défaillante pes2010.exe, version 1.3.0.0, module défaillant
pes2010.exe, version 1.3.0.0, adresse de défaillance 0x0082a0b0.

Error - 07/06/2010 06:02:49 | Computer Name = USER-77C60F37E3 | Source = Application Hang | ID = 1002
Description = Application bloquée firefox.exe, version 1.9.2.3743, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 07/06/2010 07:38:06 | Computer Name = USER-77C60F37E3 | Source = Avira AntiVir | ID = 4118
Description = ERREUR D'EXCEPTION lors de l'accès à la fonction <Scan> pour le fichier
H:\DCIM\101MSDCF\DSC00680.JPG.

[ACCESS_VIOLATION Exception!! EIP = 0x1abc328] Veuillez informer Avira et transmettre
le fichier ci-dessus!

Error - 07/06/2010 09:15:10 | Computer Name = USER-77C60F37E3 | Source = ESENT | ID = 490
Description = svchost (1032) Une tentative d'ouverture du fichier "C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb"
pour accès en lecture/écriture a échoué en indiquant l'erreur système 32 (0x00000020)
: "Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un
autre processus. ". L'opération d'ouverture de fichier échouera en indiquant l'erreur
-1032 (0xfffffbf8).

Error - 08/06/2010 03:01:29 | Computer Name = USER-77C60F37E3 | Source = Avira AntiVir | ID = 4110
Description = Une erreur inconnue est survenue pendant l'initialisation du moteur
de recherche ! Code d'erreur : 0x35

[ System Events ]
Error - 07/06/2010 07:31:48 | Computer Name = USER-77C60F37E3 | Source = USBCCID | ID = 0
Description =

Error - 07/06/2010 07:31:48 | Computer Name = USER-77C60F37E3 | Source = SCardSvr | ID = 610
Description = Le lecteur de carte à puce 'Generic Smart Card Reader Interface 0'
a rejeté le contrôle d'E/S POWER : La carte à puce ne répond pas à la réinitialisation.

Error - 07/06/2010 07:33:04 | Computer Name = USER-77C60F37E3 | Source = SCardSvr | ID = 610
Description = Le lecteur de carte à puce 'Generic Smart Card Reader Interface 0'
a rejeté le contrôle d'E/S GET_STATE : Le périphérique a été supprimé.

Error - 07/06/2010 07:33:21 | Computer Name = USER-77C60F37E3 | Source = USBCCID | ID = 0
Description =

Error - 07/06/2010 07:33:21 | Computer Name = USER-77C60F37E3 | Source = SCardSvr | ID = 610
Description = Le lecteur de carte à puce 'Generic Smart Card Reader Interface 0'
a rejeté le contrôle d'E/S POWER : La carte à puce ne répond pas à la réinitialisation.

Error - 07/06/2010 07:33:21 | Computer Name = USER-77C60F37E3 | Source = USBCCID | ID = 0
Description =

Error - 07/06/2010 07:33:21 | Computer Name = USER-77C60F37E3 | Source = SCardSvr | ID = 610
Description = Le lecteur de carte à puce 'Generic Smart Card Reader Interface 0'
a rejeté le contrôle d'E/S POWER : La carte à puce ne répond pas à la réinitialisation.

Error - 07/06/2010 07:33:22 | Computer Name = USER-77C60F37E3 | Source = USBCCID | ID = 0
Description =

Error - 07/06/2010 07:33:22 | Computer Name = USER-77C60F37E3 | Source = SCardSvr | ID = 610
Description = Le lecteur de carte à puce 'Generic Smart Card Reader Interface 0'
a rejeté le contrôle d'E/S POWER : La carte à puce ne répond pas à la réinitialisation.

Error - 07/06/2010 07:33:38 | Computer Name = USER-77C60F37E3 | Source = SCardSvr | ID = 610
Description = Le lecteur de carte à puce 'Generic Smart Card Reader Interface 0'
a rejeté le contrôle d'E/S GET_STATE : Le périphérique a été supprimé.


<End>
JOANZO
joanzo
 
Messages: 39
Inscription: 25 Mai 2008, 21:15
Localisation: LILLE

Messagede nickW » 09 Juin 2010, 00:28

Bonsoir,


Pas de réponse, pas de nouvelles, dans ton dernier sujet! :twisted:


Le dossier C:\Windows\Minidump contient-il des fichiers récents?


Depuis quand n'as-tu pas dépoussiéré les ventilateurs du PC?


Pourrais-tu tester les barrettes mémoire:

Memtest+
Télécharger l'image ISO de Memtest depuis la page: http://www.memtest.org/#downiso
Cliquer sur Download - Pre-Compiled Bootable ISO (.zip)
Extraire de cette archive ZIP le fichier mt410.iso
Graver ce fichier sur un CD sous la forme: Graver une image ISO. Important: Il ne faut pas graver un CD de données!

Modifier le BIOS du PC afin que la séquence de démarrage soit: d'abord le lecteur de CD, ensuite le disque dur.
Voir: http://netah25.developpez.com/Tutoriels/TutoMemtest86/

Mettre le CD contenant l'image ISO de Memtest dans le lecteur et faire redémarrer le PC.

L'amorçage (le "boot") doit se faire sur le CD.

Laisser les tests tourner plusieurs heures.

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede joanzo » 09 Juin 2010, 17:32

Bjr,

Ok , désolé pour le dernier message : je pensais avoir clôturé....

concernant ,tes questions:

il n'y a aucun fichier dans C:\Windows\Minidump

J'ai dépoussiéré hier mes ventilos , c'est vrai qu'il y avait pas mal de poussière.
Cela faisait un an que je n'avais pas ouvert ma tour...

Je fais le MEMtest ce soir... je te tiens au courant....

Merci pour ton aide.

Slts
JOANZO
joanzo
 
Messages: 39
Inscription: 25 Mai 2008, 21:15
Localisation: LILLE

Messagede joanzo » 09 Juin 2010, 22:18

Rebsoir,

Je t'envoie ce message d'un autre PC ....
Car j'ai suivi ta procédure pour MEM test+:
Après paramétrage du BIOS le SCAN c'est bien lancé automatiquement mais cela va être difficile d'aller au bout de la procédure.
Car au bout de 1H30 , mon ordinateur a planté et a redémarré.... Et le SCAN MEM test+ est reparti à 0!!! :cry:

Je vais laisser mon pc tourné toute la nuit.... je verrai cela demain matin.

Petite question: que se passe t 'il à la fin du SCAN par MEM test+ , y at'il un log qui est fait ? Si oui , où s'enregistre t'il? Faut il que j'intervienne à la fin du scan?

Slts
JOANZO
joanzo
 
Messages: 39
Inscription: 25 Mai 2008, 21:15
Localisation: LILLE

Messagede nickW » 10 Juin 2010, 00:48

Bonsoir,

Aucun rapport n'est enregistré.

Il faut lire ce qui est affiché sur l'écran.

MemTest ne s'arrête pas de lui-même: il recommence indéfiniment les mêmes séries de tests ("passes").

Il faut faire redémarrer le PC via le bouton Reset (en ayant retiré le CD :wink:).


Salut,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede joanzo » 10 Juin 2010, 11:40

Bjr,

Après le plantage d'hier soir,
J'ai tout relancer le processus MEMTEST+ en laissant ouvert ma tour (pour éviter le cas échéant toute surchauffe et donc plantage)
Cela fait plus de 5H que ca tourne (sans plantage), le PASS est à 9 et il y a 0 Erreurs détectées.
Combien de temps dois-je laisser tourner MEMTEST+?

Slts
JOANZO
joanzo
 
Messages: 39
Inscription: 25 Mai 2008, 21:15
Localisation: LILLE

Messagede joanzo » 10 Juin 2010, 12:47

Rebjr,

En lisant le tuto MEMTEST+ que tu as joitn, il est indiqué qu'un test dure environ 4Heures.

J'ai donc tout arrêté au bout de 5H30 et aucune erreur n'est apparue.


slts
JOANZO
joanzo
 
Messages: 39
Inscription: 25 Mai 2008, 21:15
Localisation: LILLE

Messagede nickW » 11 Juin 2010, 00:36

Bonsoir,

Lorsque la tour est ouverte, ton PC subit-il toujours des redémarrages intempestifs?

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Suivante

Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 22 invités