ordinateur qui plante

barrenfer · le 4 mars 2010

bonjour, je suis une jeune fille désespérée

mon ordinateur plante dès que j'ouvre une chanson, une video, ou une activité trop importante sur mon bureau

j'ai fait plusieurs analyses anti-virus (avg, tuneup, spybot...), test de mémoire, et j'ai entendu parler du hijackthis

n'étant pas très calée en informatique, je vous demande votre avis !

voici le résultat de mon scan

Merci

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 10:01:04, on 04/03/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\AVG\AVG9\avgchsvx.exe

C:\Program Files\AVG\AVG9\avgrsx.exe

C:\Program Files\AVG\AVG9\avgcsrvx.exe

c:\Program Files\Hewlett-Packard\IAM\Bin\AsGHost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe

C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe

C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\PROGRA~1\AVG\AVG9\avgtray.exe

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\WINDOWS\system32\hkcmd.exe

c:\Program Files\ActivIdentity\ActivClient\acevents.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

c:\Program Files\ActivIdentity\ActivClient\accoca.exe

C:\WINDOWS\system32\agrsmsvc.exe

C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\AVG\AVG9\avgwdsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe

C:\Program Files\AVG\AVG9\avgnsx.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE

C:\WINDOWS\system32\svchost.exe

C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

C:\Program Files\AVG\AVG9\avgemc.exe

C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe

C:\WINDOWS\system32\mqsvc.exe

C:\Program Files\AVG\AVG9\avgcsrvx.exe

C:\WINDOWS\system32\mqtgsvc.exe

C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe

C:\Program Files\DAEMON Tools Lite\daemon.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\GHQ80OP3\HiJackThis[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll

O2 - BHO: Mega Manager IE Click Monitor - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll

O2 - BHO: Burn4Free Toolbar Helper - {D187A56B-A33F-4CBE-9D77-459FC0BAE012} - C:\Program Files\Burn4Free Toolbar\v3.3.0.3\Burn4Free_Toolbar.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll

O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll

O3 - Toolbar: Veoh Video Compass - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Program Files\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O3 - Toolbar: Burn4Free Toolbar - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - C:\Program Files\Burn4Free Toolbar\v3.3.0.3\Burn4Free_Toolbar.dll

O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll

O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\WINDOWS\system32\AccelerometerSt.Exe

O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

O4 - HKLM\..\Run: [accrdsub] "c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"

O4 - HKLM\..\Run: [PTHOSTTR] c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start

O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe c:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe

O4 - HKLM\..\Run: [soundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\RunOnce: [shockwave Updater] C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1150596.exe -Update -1150596 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; GTB6; .NET CLR 1.1.4322; IE7-01NET.COM-1.1; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET CLR 2.0.50727; IE7-01NET.COM-1.1)" -"http://www.miniclip.com/games/freestyle-snowboard/fr/"

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - S-1-5-18 Startup: Lanceur.lnk = C:\Program Files\Micro Application\LauncherMA.exe (User 'SYSTEM')

O4 - S-1-5-18 Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'SYSTEM')

O4 - S-1-5-18 Startup: Realmadrid.lnk = C:\Program Files\RealMadrid\Widget\Realmadrid\Realmadrid.exe (User 'SYSTEM')

O4 - .DEFAULT Startup: Lanceur.lnk = C:\Program Files\Micro Application\LauncherMA.exe (User 'Default user')

O4 - .DEFAULT Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'Default user')

O4 - .DEFAULT Startup: Realmadrid.lnk = C:\Program Files\RealMadrid\Widget\Realmadrid\Realmadrid.exe (User 'Default user')

O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe

O4 - Startup: Realmadrid.lnk = C:\Program Files\RealMadrid\Widget\Realmadrid\Realmadrid.exe

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Liens de téléchargement avec Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGam...1/GAME_UNO1.cab

O16 - DPF: {61FA0CB0-0806-46EA-B784-0F843285BA23} (TuentiFotoUploader Control) - http://estaticosak1.tuenti.com/client_apps...oader.19656.cab

O16 - DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} (ContactExtractor Class) - http://www.facebook.com/controls/contactx.dll

O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.0...oUploader55.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL

O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll

O20 - AppInit_DLLs: APSHook.dll

O20 - Winlogon Notify: ackpbsc - c:\WINDOWS\system32\ackpbsc.dll

O20 - Winlogon Notify: acunlock - c:\Program Files\ActivIdentity\ActivClient\acunlock.dll

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O20 - Winlogon Notify: OneCard - c:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll

O23 - Service: ActivClient Middleware Service (accoca) - ActivIdentity - c:\Program Files\ActivIdentity\ActivClient\accoca.exe

O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe

O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

O23 - Service: Service Google Update (gupdate1c9f3e9b8cad580) (gupdate1c9f3e9b8cad580) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe

O23 - Service: Drive Encryption Service (HpFkCryptService) - SafeBoot International - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe

O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--

End of file - 14655 bytes

pear · le 4 mars 2010

Bonjour,

Cela peut être causé par une montée en température.

Si c'est une tour, ouvrez et dépoussiérez.

Si c'est un portable dépoussiérez les ouies.

Sinon;

Prérequis:

Poste de travail->Propriétés->Avancé->Paramères->Démarrage et Récupération

Vérifier qu' Image partielle est sélectionnée sinon il n'y aura pas de minidump

Et que Redémarrerautomatiquement soit décoché, ce qui vous permetra de lire l'écran bleu

Télécharger BlueScreenView de Nirsoft

et le patch Français

Décompressez les deux dans un même dossier.

Sélectionner Exécuter en tant qu'administrateur

Cliquer ->Rechercher *.dump

Cliquez sur le dernier DUMP réalisé.

La liste du bas affiche alors la liste de tous les drivers chargés en mémoire.

Les pilotes directement impliqués dans le crash sont affichés sur fond rose.

Double-cliquez dessus pour obtenir plus de détails et notamment obtenir le nom du fichier .SYS ou .DLL du driver afin de vérifier sur Internet s'il en existe des versions plus récentes, ce qui est le but de la manoeuvre.

Développer Options->Options du panneau Inférieur,

Cochez Ecran Bleu Style XP pour voir le BSOD initial

Modifié le 4 mars 2010 par pear

barrenfer · le 4 mars 2010

merci, mais je n'ai jamais eu d'écrans bleus

l'ordi bloque tout simplement, et je dois rallumer !

barrenfer · le 4 mars 2010

en fait dès que j'ouvre une page plus lourde, il plantera....mais pas seulement avec internet, quand j'ouvre ma musique elle bloquera au bout de quelques secondes puis bloquera mon ordi et op redémarrage ....

est-ce vraiment un problème de surchauffe ?

pear · le 4 mars 2010

Au moins ça ne coûte rien de vérifier!

barrenfer · le 5 mars 2010

dans un autre forum on m'a parlé de combofix

si vous savez lire le rapport, pouvez vous m'aider ?

le voici

ComboFix 10-03-04.05 - Administrateur 05/03/2010 15:17:11.3.2 - x86

Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.3000.2155 [GMT 1:00]

Lancé depuis: c:\documents and settings\Administrateur\Mes documents\ComboFix1.exe

AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Legacy_WINSVC

((((((((((((((((((((((((((((( Fichiers créés du 2010-02-05 au 2010-03-05 ))))))))))))))))))))))))))))))))))))

.

2010-03-04 16:05 . 2010-03-04 16:05 4484 ----a-w- c:\windows\system32\drivers\cpuidlep.sys

2010-03-04 16:05 . 2010-03-04 16:05 -------- d-----w- c:\program files\CpuIdle

2010-03-04 15:58 . 2010-03-04 15:58 -------- d-----w- c:\program files\Lavalys

2010-03-04 13:38 . 2010-03-04 15:59 -------- d-----w- c:\program files\SpeedFan

2010-03-04 08:38 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe

2010-03-03 18:42 . 2010-03-03 18:43 -------- d-----w- c:\program files\Burn4Free

2010-03-01 13:26 . 2010-03-05 13:47 -------- d-----w- c:\documents and settings\Administrateur\Application Data\AIMP

2010-03-01 13:26 . 2010-03-01 13:26 -------- d-----w- c:\program files\AIMP2

2010-02-25 10:30 . 2009-03-09 08:45 151552 ----a-w- c:\windows\system32\igfxCoIn_v5043.dll

2010-02-25 10:30 . 2010-02-25 10:30 -------- d-----w- C:\Intel

2010-02-25 09:33 . 2009-11-12 09:30 29512 ----a-w- c:\windows\system32\TURegOpt.exe

2010-02-25 09:33 . 2009-11-12 09:25 30024 ----a-w- c:\windows\system32\uxtuneup.dll

2010-02-25 09:33 . 2010-02-25 09:33 -------- d-----w- c:\documents and settings\Administrateur\Application Data\TuneUp Software

2010-02-25 09:32 . 2010-02-25 09:33 -------- d-----w- c:\program files\TuneUp Utilities 2010

2010-02-25 09:32 . 2010-02-25 09:32 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software

2010-02-25 09:32 . 2010-02-25 09:32 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}

2010-02-24 18:18 . 2009-05-07 07:04 157712 ----a-w- c:\windows\system32\drivers\tmcomm.sys

2010-02-18 14:38 . 2010-02-18 14:34 3777280 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\setup.exe

2010-02-18 14:38 . 2010-02-18 14:34 1260800 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgfrw.exe

2010-02-18 14:34 . 2010-02-18 14:34 -------- d-----w- C:\$AVG

2010-02-18 14:34 . 2010-02-18 14:34 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys

2010-02-18 14:34 . 2010-02-18 14:34 12464 ----a-w- c:\windows\system32\avgrsstx.dll

2010-02-18 14:34 . 2010-02-18 14:34 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys

2010-02-18 14:34 . 2010-02-18 14:34 28424 ----a-w- c:\windows\system32\drivers\avgmfx86.sys

2010-02-18 14:34 . 2010-03-05 08:04 -------- d-----w- c:\windows\system32\drivers\Avg

2010-02-18 14:34 . 2010-02-18 14:34 -------- d-----w- c:\documents and settings\All Users\Application Data\avg9

2010-02-18 14:33 . 2010-02-18 14:55 -------- d-----w- c:\windows\SxsCaPendDel

2010-02-18 09:32 . 2010-02-18 09:32 -------- d-----w- c:\documents and settings\HelpAssistant\UserData

2010-02-18 09:32 . 2010-02-18 09:32 -------- d-----w- c:\documents and settings\HelpAssistant\Tracing

2010-02-18 09:32 . 2010-02-18 09:32 -------- d-----w- c:\documents and settings\HelpAssistant\PrivacIE

2010-02-18 09:29 . 2010-02-18 09:29 -------- d-----w- c:\documents and settings\HelpAssistant\LocalLow

2010-02-18 09:27 . 2010-02-18 09:27 -------- d-----w- c:\documents and settings\HelpAssistant\InstallAnywhere

2010-02-18 09:27 . 2010-02-18 09:27 -------- d-----w- c:\documents and settings\HelpAssistant\IETldCache

2010-02-18 09:27 . 2010-02-18 09:27 -------- d-----w- c:\documents and settings\HelpAssistant\IECompatCache

2010-02-18 09:27 . 2010-02-18 09:27 -------- d-----w- c:\documents and settings\HelpAssistant\dwhelper

2010-02-18 09:26 . 2010-02-18 09:26 99680 ----a-w- c:\documents and settings\NetworkService\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2010-02-18 08:59 . 2010-02-18 08:59 -------- d-----w- c:\windows\system32\wbem\Repository

2010-02-05 13:57 . 2010-02-05 13:57 -------- d-----w- c:\program files\Bonjour

2010-02-05 13:56 . 2010-02-05 13:56 -------- d-----w- c:\program files\Apple Software Update

2010-02-05 13:56 . 2009-08-28 18:42 40448 ----a-w- c:\windows\system32\drivers\usbaapl.sys

2010-02-05 13:56 . 2009-08-28 18:42 2065696 ----a-w- c:\windows\system32\usbaaplrc.dll

2010-02-05 13:55 . 2010-02-05 13:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple

2010-02-05 13:55 . 2010-02-05 13:57 -------- d-----w- c:\program files\Fichiers communs\Apple

2010-02-05 13:02 . 2001-08-23 16:47 5632 ----a-w- c:\windows\system32\ptpusb.dll

2010-02-05 13:02 . 2008-04-13 18:33 159232 ----a-w- c:\windows\system32\ptpusd.dll

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-03-05 10:43 . 2009-06-25 08:38 1 ----a-w- c:\documents and settings\Administrateur\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys

2010-02-24 20:23 . 2009-06-10 21:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy

2010-02-18 14:50 . 2009-06-10 21:48 -------- d-----w- c:\program files\Spybot - Search & Destroy

2010-02-18 14:34 . 2009-05-22 14:45 -------- d-----w- c:\program files\AVG

2010-02-12 22:08 . 2009-05-22 18:29 -------- d-----w- c:\program files\adslTV

2010-02-05 18:42 . 2009-06-23 20:36 -------- d-----w- c:\program files\Java

2010-02-05 18:40 . 2009-10-08 09:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer

2010-02-05 14:01 . 2009-09-28 19:25 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Apple Computer

2010-02-03 19:02 . 2009-10-22 15:25 -------- d-----w- c:\documents and settings\Administrateur\Application Data\U3

2010-02-01 09:38 . 2009-10-14 17:34 -------- d-----w- c:\documents and settings\All Users\Application Data\CanonIJPLM

2010-01-30 01:04 . 2009-06-10 22:11 -------- d-----w- c:\program files\Lavasoft

2010-01-30 01:04 . 2009-06-10 22:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft

2010-01-30 00:44 . 2009-07-09 18:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Electronic Arts

2010-01-30 00:25 . 2010-01-30 00:25 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Malwarebytes

2010-01-30 00:25 . 2010-01-30 00:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-01-30 00:25 . 2010-01-30 00:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2010-01-22 10:38 . 2009-08-14 21:43 -------- d-----w- c:\program files\Microsoft Silverlight

2010-01-19 09:42 . 2010-01-19 09:42 152576 ----a-w- c:\documents and settings\Administrateur\Application Data\Sun\Java\jre1.6.0_17\lzma.dll

2010-01-19 09:42 . 2010-01-19 09:42 79488 ----a-w- c:\documents and settings\Administrateur\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll

2010-01-15 13:28 . 2009-06-01 09:33 -------- d-----w- c:\program files\Fichiers communs\Adobe

2010-01-12 21:13 . 2010-01-12 21:13 -------- d-----w- c:\program files\Babylon

2010-01-12 21:11 . 2010-01-12 21:11 -------- d-----w- c:\program files\Pando Networks

2010-01-10 21:53 . 2010-01-10 19:49 -------- d-----w- c:\program files\uusee

2010-01-10 17:44 . 2009-09-20 16:59 -------- d-----w- c:\program files\TVAnts

2010-01-08 16:48 . 2009-09-26 12:56 -------- d-----w- c:\program files\TubeMaster++

2010-01-08 16:48 . 2009-11-14 11:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Skyline

2010-01-08 10:09 . 2009-10-12 21:22 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Skype

2010-01-08 10:08 . 2009-10-12 21:24 -------- d-----w- c:\documents and settings\Administrateur\Application Data\skypePM

2010-01-08 10:05 . 2009-12-24 19:18 664 ----a-w- c:\windows\system32\d3d9caps.dat

2010-01-07 15:07 . 2010-01-30 00:25 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-01-07 15:07 . 2010-01-30 00:25 19160 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-01-07 14:51 . 2009-06-06 09:22 -------- d-----w- c:\program files\RomStation

2009-12-31 16:50 . 2004-08-05 08:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys

2009-12-23 18:33 . 2009-12-23 18:33 53248 ----a-r- c:\documents and settings\Administrateur\Application Data\Microsoft\Installer\{C06EFB22-B5DB-46C5-9215-BCB5C19C0858}\NewShortcut1_C06EFB22B5DB46C59215BCB5C19C0858.exe

2009-12-23 18:33 . 2009-12-23 18:33 10134 ----a-r- c:\documents and settings\Administrateur\Application Data\Microsoft\Installer\{C06EFB22-B5DB-46C5-9215-BCB5C19C0858}\ARPPRODUCTICON.exe

2009-12-23 17:54 . 2009-05-22 15:05 99680 ----a-w- c:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2009-12-21 19:07 . 2004-08-05 08:00 916480 ------w- c:\windows\system32\wininet.dll

2009-12-17 07:41 . 2004-08-05 08:00 347648 ----a-w- c:\windows\system32\mspaint.exe

2009-12-14 07:09 . 2004-08-05 08:00 33280 ----a-w- c:\windows\system32\csrsrv.dll

2009-12-13 09:14 . 2009-12-13 09:15 38784 ----a-w- c:\documents and settings\Administrateur\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe

2009-12-13 08:38 . 2004-08-17 08:20 576068 ----a-w- c:\windows\system32\perfh00C.dat

2009-12-13 08:38 . 2004-08-17 08:20 112440 ----a-w- c:\windows\system32\perfc00C.dat

2009-12-09 10:08 . 2004-08-05 08:00 2147328 ------w- c:\windows\system32\ntoskrnl.exe

2009-12-09 10:08 . 2004-08-05 08:00 2025984 ------w- c:\windows\system32\ntkrnlpa.exe

2009-09-10 19:04 . 2009-09-09 09:27 56 --sh--r- c:\windows\system32\152B88E973.sys

2009-09-10 19:04 . 2009-09-09 09:17 3766 --sha-w- c:\windows\system32\KGyGaAvL.sys

.

------- Sigcheck -------

[-] 2008-04-13 . 3EFE912DD25D2586E6A0341DB0A66F69 . 979968 . . [6.00.2900.5512] . . c:\windows\explorer.exe

[-] 2008-04-13 . 3EFE912DD25D2586E6A0341DB0A66F69 . 979968 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe

[-] 2007-06-13 . 80A5400514EB32D393654768C4017E46 . 979456 . . [6.00.2900.3156] . . c:\windows\$NtServicePackUninstall$\explorer.exe

[-] 2007-06-13 . B795475444D6D57A572C14B9E1A29839 . 1037312 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe

[7] 2004-08-05 . 4C33E5B9A6197B6ED215F6CFBA0A2DAA . 1036288 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB938828$\explorer.exe

.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))

.

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-12 39408]

"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]

"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"Shockwave Updater"="c:\windows\system32\Adobe\Shockwave 11\SwHelper_1150596.exe" [2009-04-29 468408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MsmqIntCert"="mqrt.dll" [2008-04-13 177152]

"AccelerometerSysTrayApplet"="c:\windows\system32\AccelerometerSt.Exe" [2008-06-09 82224]

"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-04-18 178712]

"accrdsub"="c:\program files\ActivIdentity\ActivClient\accrdsub.exe" [2007-05-15 293168]

"PTHOSTTR"="c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2008-05-07 238984]

"CognizanceTS"="c:\progra~1\HEWLET~1\IAM\Bin\ASTSVCC.dll" [2008-05-21 24848]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-27 1040384]

"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]

"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-05-14 177456]

"Cpqset"="c:\program files\Hewlett-Packard\Default Settings\cpqset.exe" [2008-05-14 61440]

"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2009-11-08 198160]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280]

"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2008-12-11 1044480]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-03-13 141336]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-03-13 173592]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]

c:\documents and settings\HelpAssistant\Menu D‚marrer\Programmes\D‚marrage\

Lanceur.lnk - c:\program files\Micro Application\LauncherMA.exe [2009-2-10 485376]

OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-4-16 384000]

Realmadrid.lnk - c:\program files\RealMadrid\Widget\Realmadrid\Realmadrid.exe [2009-12-13 95232]

c:\documents and settings\Administrateur\Menu D‚marrer\Programmes\D‚marrage\