Aller au contenu

K@rni

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    5

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par K@rni

  1. K@rni
    Voila le rapport que tu m'as demandé. J'ai de plus fait les mises a jour et suppressions que tu m'a conseillées, et je suis de plus passé sous SP3, et depuis le problème ne s'est pas remanifesté, Je te remercie énormément pour ton aide, cependant, dans l'éventualité ou cela ne serait que temporaire, il est possible que je te recontacte. Merci =) All processes killed ========== OTL ========== HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully! HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully! Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent not found. File C:\Program Files\uTorrent\uTorrent.exe not found. Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully. Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\INTRANET\ deleted successfully. Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found. Starting removal of ActiveX control {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}\ not found. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== ========== FILES ========== File\Folder C:\WINDOWS\tasks\*.job not found. File\Folder C:\*.sqm not found. ========== COMMANDS ========== [EMPTYTEMP] User: Administrateur ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes ->Flash cache emptied: 348 bytes User: All Users User: carignan ->Temp folder emptied: 147904 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->FireFox cache emptied: 48267015 bytes ->Flash cache emptied: 757 bytes User: christian.meunier ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes User: christian.meunier.ASEI ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 324700865 bytes ->Java cache emptied: 1441006 bytes ->Flash cache emptied: 1966752 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 32768 bytes User: fast ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes User: LocalService ->Temp folder emptied: 65984 bytes ->Temporary Internet Files folder emptied: 32902 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: ocealia ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 2134506 bytes %systemroot%\System32 .tmp files removed: 11610492 bytes %systemroot%\System32\dllcache .tmp files removed: 15728128 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 272818 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes RecycleBin emptied: 399736 bytes Total Files Cleaned = 388.00 mb [EMPTYFLASH] User: Administrateur ->Flash cache emptied: 0 bytes User: All Users User: carignan ->Flash cache emptied: 0 bytes User: christian.meunier User: christian.meunier.ASEI ->Flash cache emptied: 0 bytes User: Default User User: fast User: LocalService User: NetworkService User: ocealia Total Flash Files Cleaned = 0.00 mb C:\WINDOWS\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.22.3 log created on 05062011_133150 Files\Folders moved on Reboot... Registry entries deleted on Reboot...
  2. K@rni
    checkup.txt : Results of screen317's Security Check version 0.99.10 Windows XP Service Pack 2 Out of date service pack!! Internet Explorer 6 Out of date! `````````````````````````````` Antivirus/Firewall Check: avast! Free Antivirus (On Access scanning disabled!) ``````````````````````````````` Anti-malware/Other Utilities Check: CCleaner Adobe Flash Player 10.2.159.1 Adobe Reader 7.0.8 - Français Out of date Adobe Reader installed! Mozilla Firefox (x86 fr..) ```````````````````````````````` Process Check: objlist.exe by Laurent AVAST Software Avast AvastSvc.exe AVAST Software Avast avastUI.exe ``````````End of Log```````````` merci a toi @+++ PS : ne serait il pas mieux que je mette dorénavant les rapports sur Cijoint ? cela m'éviterais d'avoir a poster plusieurs messages. (mais peut être ne préfères tu pas)
  3. K@rni
    Bonjour Lance_yien Tout d'abord merci de t'occupper de mon cas =) Voici donc les rapports que tu m'as demandés : OTL.txt : OTL logfile created on: 05/05/2011 18:54:21 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = D:\Documents and Settings\carignan\Bureau Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 1 014.00 Mb Total Physical Memory | 567.00 Mb Available Physical Memory | 56.00% Memory free 2.00 Gb Paging File | 2.00 Gb Available in Paging File | 87.00% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 14.65 Gb Total Space | 3.05 Gb Free Space | 20.80% Space Free | Partition Type: NTFS Drive D: | 19.53 Gb Total Space | 2.75 Gb Free Space | 14.06% Space Free | Partition Type: NTFS Drive Y: | 3.01 Gb Total Space | 2.40 Gb Free Space | 79.54% Space Free | Partition Type: FAT32 Computer Name: FU64L01753 | User Name: carignan | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/05/05 18:52:36 | 000,580,608 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\carignan\Bureau\OTL.exe PRC - [2011/04/18 19:25:12 | 003,460,784 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2011/04/18 19:25:10 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2008/05/20 05:00:00 | 000,757,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\CCM\CcmExec.exe PRC - [2006/03/24 17:30:44 | 000,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe PRC - [2005/12/28 12:04:56 | 000,262,217 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe PRC - [2005/12/28 11:56:16 | 000,602,182 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe PRC - [2005/12/28 11:55:40 | 000,667,718 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe PRC - [2005/12/28 11:52:32 | 000,397,381 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe PRC - [2004/08/04 00:54:50 | 001,036,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2004/06/15 14:29:42 | 000,380,928 | ---- | M] (RealVNC Ltd.) -- C:\Program Files\RealVNC\VNC4\winvnc4.exe PRC - [2003/06/20 00:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE ========== Modules (SafeList) ========== MOD - [2011/05/05 18:52:36 | 000,580,608 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\carignan\Bureau\OTL.exe MOD - [2005/12/13 17:39:58 | 000,073,728 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hccutils.dll MOD - [2004/08/04 00:52:46 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - [2011/04/18 19:25:10 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2008/05/20 05:00:00 | 000,757,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\CCM\CcmExec.exe -- (CcmExec) SRV - [2008/05/20 05:00:00 | 000,249,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\CCM\TSManager.exe -- (smstsmgr) SRV - [2005/12/28 12:04:56 | 000,262,217 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER) Intel® SRV - [2004/10/22 03:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2003/07/28 21:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2003/06/20 00:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM) ========== Driver Services (SafeList) ========== DRV - [2011/04/18 19:17:46 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2011/04/18 19:17:34 | 000,307,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2011/04/18 19:16:18 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2011/04/18 19:16:06 | 000,102,488 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2011/04/18 19:13:21 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2011/04/18 19:13:02 | 000,030,680 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2011/04/18 19:12:58 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2008/05/20 05:00:00 | 000,023,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CCM\PrepDrv.sys -- (prepdrvr) DRV - [2008/04/08 18:27:04 | 000,012,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smsmdm.sys -- (smsmdd) DRV - [2007/02/15 19:00:00 | 000,026,624 | ---- | M] (DameWare) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dwvkbd.sys -- (dwvkbd) DRV - [2007/02/07 19:00:00 | 000,003,712 | ---- | M] (DameWare Development, LLC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\DamewareMini.sys -- (DwMirror) DRV - [2006/06/12 12:36:30 | 000,009,344 | ---- | M] (Hewlett Packard) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hpfxbulk.sys -- (HPFXBULK) DRV - [2006/03/24 17:34:30 | 001,156,648 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) DRV - [2005/12/28 13:22:08 | 000,013,568 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans) DRV - [2005/12/05 00:55:30 | 001,428,096 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel® DRV - [2005/08/05 11:32:16 | 000,045,312 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp) DRV - [2004/08/03 23:03:36 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx) DRV - [2001/09/28 14:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb) DRV - [2001/09/28 14:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx) DRV - [2001/08/22 08:42:58 | 000,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS -- (OMCI) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 192.168.1.4:8080 ========== FireFox ========== FF - HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/04/27 22:40:42 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/30 17:42:33 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/27 21:01:00 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\carignan\Application Data\Mozilla\Extensions [2011/04/27 21:00:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions File not found (No name found) -- [2011/04/27 22:40:42 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2011/04/30 17:42:27 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll [2010/01/01 10:00:00 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml [2010/01/01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml [2010/01/01 10:00:00 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/01/01 10:00:00 | 000,001,154 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml [2010/01/01 10:00:00 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml [2010/01/01 10:00:00 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2011/05/01 05:13:11 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [intelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation) O4 - HKLM..\Run: [intelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation) O4 - HKLM..\Run: [sigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.) O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.) O4 - Startup: D:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Run VNC Server.lnk = C:\Program Files\RealVNC\VNC4\winvnc4.exe (RealVNC Ltd.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Back = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Forward = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Stop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Refresh = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Home = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Search = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_History = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Favorites = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Media = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Folders = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Fullscreen = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Tools = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_MailNews = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Size = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Print = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Edit = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Discussions = 2 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: SpecifyDefaultButtons = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Cut = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Copy = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Paste = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Encoding = 2 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_PrintPreview = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3 O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\NPJPI150_03.dll (Sun Microsystems, Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O15 - HKCU\..Trusted Domains: INTRANET ([]http is out of zone range - 5) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab (Java Plug-in 1.5.0_03) O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab (Java Plug-in 1.5.0_03) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Ma page d'accueil) - About:Home O24 - Desktop WallPaper: D:\Documents and Settings\carignan\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: D:\Documents and Settings\carignan\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/07/27 14:12:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2011/05/02 23:27:59 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2011/05/02 23:27:59 | 000,000,000 | RHSD | M] - D:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2011/05/02 23:28:02 | 000,000,000 | RHSD | M] - Y:\Autorun.inf -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) CREATERESTOREPOINT Restore point Set: OTL Restore Point (54619756233228288) PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin ========== Files/Folders - Created Within 30 Days ========== [2011/05/05 18:52:26 | 000,580,608 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\carignan\Bureau\OTL.exe [2011/05/04 00:35:14 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\carignan\Recent [2011/05/03 19:57:47 | 000,000,000 | ---D | C] -- C:\860d442093a11917231034228ce741 [2011/05/03 19:50:52 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Démarrer\Programmes\CCleaner [2011/05/03 19:50:37 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2011/05/02 23:27:59 | 000,000,000 | RHSD | C] -- C:\Autorun.inf [2011/05/02 23:27:12 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2011/05/02 07:50:10 | 000,000,000 | ---D | C] -- C:\UsbFix [2011/05/01 05:18:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp [2011/05/01 04:59:14 | 000,000,000 | ---D | C] -- C:\cmdcons [2011/05/01 04:47:35 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2011/05/01 04:47:35 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2011/05/01 04:47:35 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2011/05/01 04:47:34 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2011/05/01 04:47:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2011/05/01 04:47:08 | 000,000,000 | ---D | C] -- C:\Qoobox [2011/04/30 17:46:35 | 000,000,000 | ---D | C] -- C:\Program Files\Valve [2011/04/30 14:07:29 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Démarrer\Programmes\WhoCrashed [2011/04/30 14:07:29 | 000,000,000 | ---D | C] -- C:\Program Files\WhoCrashed [2011/04/30 14:05:27 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage [2011/04/30 14:04:16 | 000,000,000 | ---D | C] -- C:\a7936e728f5eda994a44c10fe0cca6a6 [2011/04/30 04:59:17 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$ [2011/04/30 04:58:30 | 000,000,000 | ---D | C] -- C:\c2021086b7a8ead9e32c25 [2011/04/30 04:58:24 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$ [2011/04/30 04:57:26 | 000,000,000 | ---D | C] -- C:\d600c9efb274c0ad74c4ea55fdbd4d [2011/04/30 04:52:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic [2011/04/30 04:49:55 | 000,000,000 | ---D | C] -- C:\c894043634d94fda01 [2011/04/30 01:30:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot_bak [2011/04/29 18:34:21 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro [2011/04/29 18:34:17 | 000,000,000 | ---D | C] -- C:\rsit [2011/04/28 17:19:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles [2011/04/28 17:16:54 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0 [2011/04/28 16:47:49 | 000,000,000 | ---D | C] -- D:\Documents and Settings\carignan\Application Data\Macromedia [2011/04/28 05:11:37 | 000,000,000 | ---D | C] -- C:\dls torrents [2011/04/28 04:42:56 | 000,000,000 | ---D | C] -- D:\Documents and Settings\carignan\Mes documents\Downloads [2011/04/28 03:17:27 | 000,272,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys [2011/04/28 03:15:21 | 000,454,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys [2011/04/28 03:13:02 | 002,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe [2011/04/28 03:12:59 | 002,018,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe [2011/04/28 03:12:52 | 002,183,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe [2011/04/28 03:12:36 | 002,139,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe [2011/04/28 03:08:59 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe [2011/04/28 03:00:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall [2011/04/27 23:07:32 | 000,000,000 | ---D | C] -- D:\Documents and Settings\carignan\Application Data\TS3Client [2011/04/27 23:03:40 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Démarrer\Programmes\TeamSpeak 3 Client [2011/04/27 23:03:34 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client [2011/04/27 22:41:10 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Démarrer\Programmes\avast! Free Antivirus [2011/04/27 22:41:09 | 000,307,288 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2011/04/27 22:41:09 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2011/04/27 22:41:06 | 000,049,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2011/04/27 22:41:06 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2011/04/27 22:41:05 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys [2011/04/27 22:41:04 | 000,102,488 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2011/04/27 22:41:04 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2011/04/27 22:41:03 | 000,030,680 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2011/04/27 22:40:40 | 000,040,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr [2011/04/27 22:40:39 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe [2011/04/27 22:40:26 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\AVAST Software [2011/04/27 22:40:26 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2011/04/27 21:43:01 | 000,000,000 | ---D | C] -- D:\Documents and Settings\carignan\Application Data\vlc [2011/04/27 21:24:05 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Démarrer\Programmes\VideoLAN [2011/04/27 21:23:50 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent [2011/04/27 21:23:24 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN [2011/04/27 21:23:05 | 000,000,000 | ---D | C] -- D:\Documents and Settings\carignan\Application Data\uTorrent [2011/04/27 21:17:51 | 000,000,000 | ---D | C] -- D:\Documents and Settings\carignan\Application Data\Mumble [2011/04/27 21:17:06 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mumble [2011/04/27 21:17:02 | 000,000,000 | ---D | C] -- C:\Program Files\Mumble [2011/04/27 21:07:02 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Démarrer\Programmes\GUILD WARS [2011/04/27 21:07:02 | 000,000,000 | ---D | C] -- C:\Program Files\GUILD WARS [2011/04/27 21:01:48 | 000,000,000 | ---D | C] -- D:\Documents and Settings\carignan\Mes documents\Téléchargements [2011/04/27 21:00:54 | 000,000,000 | ---D | C] -- D:\Documents and Settings\carignan\Local Settings\Application Data\Mozilla [2011/04/27 21:00:54 | 000,000,000 | ---D | C] -- D:\Documents and Settings\carignan\Application Data\Mozilla [2011/04/27 21:00:46 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2011/04/27 20:56:44 | 000,000,000 | --SD | C] -- D:\Documents and Settings\carignan\UserData [2011/04/27 19:28:44 | 000,000,000 | ---D | C] -- D:\Documents and Settings\carignan\Bureau\fam [2011/04/27 14:41:56 | 000,000,000 | ---D | C] -- C:\oldies [2011/04/27 13:34:10 | 000,000,000 | ---D | C] -- D:\Documents and Settings\carignan\Local Settings\Application Data\WMTools Downloaded Files [2011/04/26 20:14:49 | 000,000,000 | ---D | C] -- D:\Documents and Settings\carignan\Bureau\zik [5 D:\Documents and Settings\carignan\Mes documents\*.tmp files -> D:\Documents and Settings\carignan\Mes documents\*.tmp -> ] [41 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ] [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [35 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/05/05 18:55:01 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2011/05/05 18:52:55 | 000,879,081 | ---- | M] () -- D:\Documents and Settings\carignan\Bureau\SecurityCheck.exe [2011/05/05 18:52:36 | 000,580,608 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\carignan\Bureau\OTL.exe [2011/05/05 18:40:42 | 000,372,980 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat [2011/05/05 18:40:42 | 000,316,564 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011/05/05 18:40:42 | 000,050,574 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat [2011/05/05 18:40:42 | 000,041,746 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011/05/05 18:39:39 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011/05/05 18:34:07 | 000,000,461 | ---- | M] () -- C:\WINDOWS\smscfg.ini [2011/05/05 18:33:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011/05/05 14:31:28 | 000,002,308 | ---- | M] () -- D:\Documents and Settings\carignan\Bureau\id noé.JPG [2011/05/05 13:48:22 | 000,002,451 | ---- | M] () -- D:\Documents and Settings\carignan\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2003.lnk [2011/05/03 19:50:52 | 000,000,599 | ---- | M] () -- D:\Documents and Settings\All Users\Bureau\CCleaner.lnk [2011/05/02 16:24:59 | 000,003,590 | ---- | M] () -- D:\Documents and Settings\carignan\Bureau\Sans titre.JPG [2011/05/02 16:24:14 | 000,004,807 | ---- | M] () -- D:\Documents and Settings\carignan\Bureau\Sans titre.GIF [2011/05/02 16:19:34 | 000,402,457 | ---- | M] () -- D:\Documents and Settings\carignan\Bureau\Animation29.gif [2011/05/02 06:32:26 | 000,973,894 | ---- | M] () -- D:\Documents and Settings\carignan\Bureau\pts lancier.bmp [2011/05/01 11:48:15 | 000,000,659 | ---- | M] () -- D:\Documents and Settings\carignan\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Microsoft Office Outlook.lnk [2011/05/01 05:13:11 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2011/05/01 04:59:20 | 000,000,328 | RHS- | M] () -- C:\boot.ini [2011/04/30 14:07:29 | 000,000,615 | ---- | M] () -- D:\Documents and Settings\carignan\Bureau\WhoCrashed.lnk [2011/04/30 05:03:49 | 000,000,230 | ---- | M] () -- C:\WINDOWS\System32\spupdsvc.inf [2011/04/29 18:39:33 | 000,006,531 | ---- | M] () -- D:\Documents and Settings\carignan\Bureau\carten.th.jpg [2011/04/28 17:32:22 | 000,302,032 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011/04/28 05:12:29 | 000,000,396 | ---- | M] () -- D:\Documents and Settings\carignan\Bureau\Raccourci vers dls torrents.lnk [2011/04/28 05:12:29 | 000,000,396 | ---- | M] () -- C:\Raccourci vers dls torrents.lnk [2011/04/28 05:10:20 | 000,012,288 | ---- | M] () -- D:\Documents and Settings\carignan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/04/27 23:03:41 | 000,000,720 | ---- | M] () -- D:\Documents and Settings\All Users\Bureau\TeamSpeak 3 Client.lnk [2011/04/27 22:41:10 | 000,001,584 | ---- | M] () -- D:\Documents and Settings\All Users\Bureau\avast! Free Antivirus.lnk [2011/04/27 22:41:04 | 000,003,120 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2011/04/27 21:24:05 | 000,000,638 | ---- | M] () -- D:\Documents and Settings\All Users\Bureau\VLC media player.lnk [2011/04/27 21:24:03 | 000,000,547 | ---- | M] () -- D:\Documents and Settings\carignan\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk [2011/04/27 21:24:03 | 000,000,547 | ---- | M] () -- D:\Documents and Settings\All Users\Bureau\µTorrent.lnk [2011/04/27 21:21:19 | 000,000,715 | ---- | M] () -- D:\Documents and Settings\carignan\Bureau\Raccourci vers Téléchargements.lnk [2011/04/27 21:18:55 | 000,002,391 | ---- | M] () -- D:\Documents and Settings\carignan\Mes documents\MumbleAutomaticCertificateBackup.p12 [2011/04/27 21:17:07 | 000,000,581 | ---- | M] () -- D:\Documents and Settings\All Users\Bureau\Mumble.lnk [2011/04/27 21:07:02 | 000,000,529 | ---- | M] () -- D:\Documents and Settings\All Users\Bureau\GUILD WARS.lnk [2011/04/27 21:00:55 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat [2011/04/27 21:00:50 | 000,000,629 | ---- | M] () -- D:\Documents and Settings\carignan\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2011/04/27 21:00:50 | 000,000,629 | ---- | M] () -- D:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk [2011/04/27 20:42:54 | 000,001,438 | ---- | M] () -- D:\Documents and Settings\carignan\Bureau\Bloc-notes.lnk [2011/04/27 19:28:03 | 000,000,104 | ---- | M] () -- D:\Documents and Settings\carignan\Bureau\Raccourci vers Poste de travail.lnk [2011/04/26 20:00:48 | 000,002,009 | ---- | M] () -- C:\WINDOWS\System32\AUTOEXEC.NT [2011/04/18 19:25:12 | 000,040,112 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr [2011/04/18 19:25:10 | 000,199,304 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe [2011/04/18 19:17:46 | 000,441,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys [2011/04/18 19:17:34 | 000,307,288 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2011/04/18 19:16:18 | 000,049,240 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2011/04/18 19:16:06 | 000,102,488 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2011/04/18 19:16:02 | 000,096,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2011/04/18 19:13:21 | 000,025,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2011/04/18 19:13:02 | 000,030,680 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2011/04/18 19:12:58 | 000,019,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2011/04/14 18:42:55 | 000,002,433 | ---- | M] () -- D:\Documents and Settings\carignan\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Excel 2003.lnk [5 D:\Documents and Settings\carignan\Mes documents\*.tmp files -> D:\Documents and Settings\carignan\Mes documents\*.tmp -> ] [41 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ] [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [35 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/05/05 18:55:01 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2011/05/05 18:52:46 | 000,879,081 | ---- | C] () -- D:\Documents and Settings\carignan\Bureau\SecurityCheck.exe [2011/05/05 14:31:28 | 000,002,308 | ---- | C] () -- D:\Documents and Settings\carignan\Bureau\id noé.JPG [2011/05/03 19:50:52 | 000,000,599 | ---- | C] () -- D:\Documents and Settings\All Users\Bureau\CCleaner.lnk [2011/05/02 16:24:59 | 000,003,590 | ---- | C] () -- D:\Documents and Settings\carignan\Bureau\Sans titre.JPG [2011/05/02 16:22:27 | 000,004,807 | ---- | C] () -- D:\Documents and Settings\carignan\Bureau\Sans titre.GIF [2011/05/02 16:19:30 | 000,402,457 | ---- | C] () -- D:\Documents and Settings\carignan\Bureau\Animation29.gif [2011/05/02 06:32:26 | 000,973,894 | ---- | C] () -- D:\Documents and Settings\carignan\Bureau\pts lancier.bmp [2011/05/01 11:48:15 | 000,000,659 | ---- | C] () -- D:\Documents and Settings\carignan\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Microsoft Office Outlook.lnk [2011/05/01 04:59:20 | 000,000,212 | ---- | C] () -- C:\Boot.bak [2011/05/01 04:59:19 | 000,263,488 | ---- | C] () -- C:\cmldr [2011/05/01 04:47:35 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe [2011/05/01 04:47:35 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2011/05/01 04:47:35 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe [2011/05/01 04:47:35 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2011/05/01 04:47:35 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2011/04/30 14:07:29 | 000,000,615 | ---- | C] () -- D:\Documents and Settings\carignan\Bureau\WhoCrashed.lnk [2011/04/30 05:03:49 | 000,000,230 | ---- | C] () -- C:\WINDOWS\System32\spupdsvc.inf [2011/04/29 18:39:32 | 000,006,531 | ---- | C] () -- D:\Documents and Settings\carignan\Bureau\carten.th.jpg [2011/04/28 05:12:31 | 000,000,396 | ---- | C] () -- D:\Documents and Settings\carignan\Bureau\Raccourci vers dls torrents.lnk [2011/04/28 05:12:29 | 000,000,396 | ---- | C] () -- C:\Raccourci vers dls torrents.lnk [2011/04/27 23:03:41 | 000,000,720 | ---- | C] () -- D:\Documents and Settings\All Users\Bureau\TeamSpeak 3 Client.lnk [2011/04/27 22:41:10 | 000,001,584 | ---- | C] () -- D:\Documents and Settings\All Users\Bureau\avast! Free Antivirus.lnk [2011/04/27 21:24:05 | 000,000,638 | ---- | C] () -- D:\Documents and Settings\All Users\Bureau\VLC media player.lnk [2011/04/27 21:24:03 | 000,000,547 | ---- | C] () -- D:\Documents and Settings\carignan\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk [2011/04/27 21:24:03 | 000,000,547 | ---- | C] () -- D:\Documents and Settings\All Users\Bureau\µTorrent.lnk [2011/04/27 21:21:18 | 000,000,715 | ---- | C] () -- D:\Documents and Settings\carignan\Bureau\Raccourci vers Téléchargements.lnk [2011/04/27 21:18:55 | 000,002,391 | ---- | C] () -- D:\Documents and Settings\carignan\Mes documents\MumbleAutomaticCertificateBackup.p12 [2011/04/27 21:17:07 | 000,000,581 | ---- | C] () -- D:\Documents and Settings\All Users\Bureau\Mumble.lnk [2011/04/27 21:07:02 | 000,000,529 | ---- | C] () -- D:\Documents and Settings\All Users\Bureau\GUILD WARS.lnk [2011/04/27 21:00:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2011/04/27 21:00:50 | 000,000,629 | ---- | C] () -- D:\Documents and Settings\carignan\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2011/04/27 21:00:50 | 000,000,629 | ---- | C] () -- D:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk [2011/04/27 21:00:49 | 000,000,629 | ---- | C] () -- D:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk [2011/04/27 19:28:33 | 000,001,438 | ---- | C] () -- D:\Documents and Settings\carignan\Bureau\Bloc-notes.lnk [2011/04/27 19:28:03 | 000,000,104 | ---- | C] () -- D:\Documents and Settings\carignan\Bureau\Raccourci vers Poste de travail.lnk [2011/04/26 20:10:29 | 000,000,833 | ---- | C] () -- D:\Documents and Settings\carignan\Bureau\Intel PROSet Wireless.lnk [2011/04/01 22:01:39 | 000,012,288 | ---- | C] () -- D:\Documents and Settings\carignan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/11/10 12:10:56 | 000,000,695 | ---- | C] () -- C:\WINDOWS\hpbvnstp.ini [2008/11/10 14:00:52 | 000,009,616 | ---- | C] () -- C:\WINDOWS\System32\CcmFramework.ini [2007/03/13 12:15:06 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2007/03/13 11:58:41 | 000,000,143 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini [2007/03/13 11:58:15 | 000,000,676 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini [2007/03/13 09:52:32 | 000,094,479 | ---- | C] () -- C:\WINDOWS\hppins05.dat [2007/03/13 09:52:32 | 000,000,896 | ---- | C] () -- C:\WINDOWS\hppmdl05.dat [2006/07/27 17:24:22 | 000,000,461 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2006/07/27 16:23:49 | 000,038,502 | ---- | C] () -- C:\WINDOWS\RESTORE.EXE [2006/07/27 16:23:49 | 000,036,412 | ---- | C] () -- C:\WINDOWS\BACKUP.EXE [2006/07/27 16:23:49 | 000,034,283 | ---- | C] () -- C:\WINDOWS\COMPRESS.EXE [2006/07/27 14:57:40 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2006/07/27 14:56:18 | 000,302,032 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2006/07/27 14:25:11 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2006/07/27 14:15:52 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2006/07/27 14:08:20 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2006/05/09 18:19:12 | 000,241,664 | ---- | C] () -- C:\WINDOWS\System32\hppapr04.DLL [2005/10/05 10:55:48 | 000,000,526 | ---- | C] () -- C:\WINDOWS\System32\hppapr04.DAT [2005/01/21 12:02:28 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\RMDevice.dll [2004/08/04 01:08:26 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2004/08/02 14:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2004/07/17 11:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [2004/04/02 09:26:22 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\PDFSpooler.exe [2003/09/28 16:16:32 | 000,050,688 | ---- | C] () -- C:\WINDOWS\System32\IZArcZip.dat [2003/04/01 11:58:02 | 000,005,260 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2002/09/01 17:51:44 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\IZArcRAR.dat [2002/09/01 17:51:42 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\IZArcBH.dat [2002/09/01 17:51:42 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\IZArcARJ.dat [2002/09/01 17:51:42 | 000,031,744 | ---- | C] () -- C:\WINDOWS\System32\IZArcLHA.dat [2002/09/01 17:51:42 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\IZArcACE.dat [2002/06/02 17:44:22 | 000,033,792 | ---- | C] () -- C:\WINDOWS\System32\IZArcJAR.dat [2001/10/28 17:42:30 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll [2001/09/28 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2001/09/28 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2001/09/28 14:00:00 | 000,372,980 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat [2001/09/28 14:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat [2001/09/28 14:00:00 | 000,316,564 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2001/09/28 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2001/09/28 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2001/09/28 14:00:00 | 000,050,574 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat [2001/09/28 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2001/09/28 14:00:00 | 000,041,746 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2001/09/28 14:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat [2001/09/28 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2001/09/28 14:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2001/09/28 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2001/07/06 17:30:00 | 000,003,279 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2006/07/27 14:12:10 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2007/03/13 09:45:23 | 000,000,212 | ---- | M] () -- C:\Boot.bak [2011/05/01 04:59:20 | 000,000,328 | RHS- | M] () -- C:\boot.ini [2001/09/28 14:00:00 | 000,004,952 | ---- | M] () -- C:\Bootfont.bin [2004/08/03 23:00:08 | 000,263,488 | ---- | M] () -- C:\cmldr [2011/05/01 05:18:46 | 000,013,901 | ---- | M] () -- C:\ComboFix.txt [2006/07/27 14:12:10 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2006/07/27 14:12:10 | 000,000,000 | ---- | M] () -- C:\IO.SYS [2006/07/27 14:12:10 | 000,000,000 | ---- | M] () -- C:\MSDOS.SYS [2004/08/03 22:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2004/08/03 22:59:44 | 000,251,712 | ---- | M] () -- C:\ntldr [2011/05/05 18:33:22 | 1598,029,824 | -HS- | M] () -- C:\pagefile.sys [2011/05/05 18:55:01 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2011/04/28 05:12:29 | 000,000,396 | ---- | M] () -- C:\Raccourci vers dls torrents.lnk < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [35 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > [2006/07/27 14:55:30 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav [2006/07/27 14:55:30 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav [2006/07/27 14:55:30 | 000,438,272 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav < %systemroot%\system32\drivers\*.sys /90 > [2011/04/18 19:13:02 | 000,030,680 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aavmker4.sys [2011/04/18 19:12:58 | 000,019,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011/04/18 19:16:02 | 000,096,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswmon.sys [2011/04/18 19:16:06 | 000,102,488 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswmon2.sys [2011/04/18 19:13:21 | 000,025,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswRdr.sys [2011/04/18 19:17:46 | 000,441,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswSnx.sys [2011/04/18 19:17:34 | 000,307,288 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswSP.sys [2011/04/18 19:16:18 | 000,049,240 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswTdi.sys < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-05-03 18:02:45 < End of report > Extras.txt : OTL Extras logfile created on: 05/05/2011 18:54:21 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = D:\Documents and Settings\carignan\Bureau Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 1 014.00 Mb Total Physical Memory | 567.00 Mb Available Physical Memory | 56.00% Memory free 2.00 Gb Paging File | 2.00 Gb Available in Paging File | 87.00% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 14.65 Gb Total Space | 3.05 Gb Free Space | 20.80% Space Free | Partition Type: NTFS Drive D: | 19.53 Gb Total Space | 2.75 Gb Free Space | 14.06% Space Free | Partition Type: NTFS Drive Y: | 3.01 Gb Total Space | 2.40 Gb Free Space | 79.54% Space Free | Partition Type: FAT32 Computer Name: FU64L01753 | User Name: carignan | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 1 "FirewallOverride" = 0 "AntiVirusDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 "6129:TCP" = 6129:TCP:*:Enabled:DameWare Mini Remote Control Service [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe" = C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe:*:Enabled:SMC Service "C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE" = C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE:*:Enabled:SNAC Service "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" = C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe:*:Enabled:Symantec Email [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\RealVNC\VNC4\winvnc4.exe" = C:\Program Files\RealVNC\VNC4\winvnc4.exe:*:Enabled:VNC Server for Win32 -- (RealVNC Ltd.) "C:\WINDOWS\system32\usmt\migwiz.exe" = C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Assistant Transfert de fichiers et de paramètres -- (Microsoft Corporation) "C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator 0.8.0 "{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}" = mSSO "{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{23E5032B-56CA-4C19-A72E-B50161DB82CA}" = Client de clichés instantanés "{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe "{2D91C34E-12CC-4B1B-90D5-31DAD47B6F48}" = OZ776 SCR CardBus Windows Driver "{3248F0A8-6813-11D6-A77B-00B0D0150030}" = J2SE Runtime Environment 5.0 Update 3 "{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA "{414C803A-6115-4DB6-BD4E-FD81EA6BC71C}" = Product_SF_Min_QFolder "{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}" = mHlpDell "{561D20B1-766E-4EA5-8A1D-B7357D903673}" = hppIOFiles "{63DB9CCD-2B56-4217-9A3D-507AC78320CA}" = mWMI "{6441FECE-0E73-4326-81BF-68503E897820}" = CorePLS_Min_QFolder "{69E6C13B-CF6B-47A6-B7A5-77FE82B2CB40}" = hppFonts "{721ABC3B-5F12-4332-9C0C-C11424EF666C}" = WIMGAPI "{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver "{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr "{9011040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz "{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9C9D0F85-5658-4A5E-95A9-65F7DB2916EE}" = Broadcom 440x 10/100 Integrated Controller "{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML "{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver "{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio "{AC76BA86-7AD7-1036-7B44-A70800000002}" = Adobe Reader 7.0.8 - Français "{BA464207-FFE2-4E2B-A191-9DF2597C9E1F}" = Configuration Manager Client "{E1019541-10A2-464F-A23E-A4F23DA65160}" = Mumble 1.2.3 "{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore "{EB7A2041-6A16-4BAC-8079-43B985673C2C}" = Assistant Avery 3.1 "{ECFDD6BD-E0C0-41CC-A171-E6D6AF4C0E93}" = HP Software Update "{EDAE4F43-833C-443B-8DB5-129F897DF3E8}" = hppWebRegMM "{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse "{F38D0F99-1BFC-47AB-AC36-8D9D43700CFB}" = hppManualsP2015 "{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi "{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player "avast" = avast! Free Antivirus "CCleaner" = CCleaner "CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3" = Conexant HDA D110 MDC V.92 Modem "Guild Wars" = GUILD WARS "HP LaserJet P2015" = HP LaserJet P2015 Series 1.0 "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "InstallShield_{2D91C34E-12CC-4B1B-90D5-31DAD47B6F48}" = OZ776 SCR CardBus Windows Driver "IZArc 3.4.1.6_is1" = IZArc 3.4.1.6 "Mozilla Firefox 4.0.1 (x86 fr)" = Mozilla Firefox 4.0.1 (x86 fr) "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "ProInst" = Logiciel Intel® PROSet/Wireless "RDC" = RDC "RealVNC_is1" = VNC 4.0 "TeamSpeak 3 Client" = TeamSpeak 3 Client "Usbfix" = UsbFix By TeamXscript "uTorrent" = µTorrent "VLC media player" = VLC media player 1.1.9 "WhoCrashed_is1" = WhoCrashed 3.01 "Windows Media Format Runtime" = Windows Media Format Runtime "Windows Media Player" = Lecteur Windows Media 10 ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 03/05/2011 16:22:04 | Computer Name = FU64L01753 | Source = Application Error | ID = 1000 Description = Application défaillante services.exe, version 5.1.2600.3520, module défaillant esent.dll, version 5.1.2600.2780, adresse de défaillance 0x0001baec. Error - 03/05/2011 18:33:18 | Computer Name = FU64L01753 | Source = Userenv | ID = 1085 Description = L'extension côté client Security de la stratégie de groupe n'a pas pu s'exécuter. Vérifiez si des erreurs ont été reportées plus tôt par cette extension. Error - 04/05/2011 19:19:55 | Computer Name = FU64L01753 | Source = Userenv | ID = 1085 Description = L'extension côté client Security de la stratégie de groupe n'a pas pu s'exécuter. Vérifiez si des erreurs ont été reportées plus tôt par cette extension. Error - 04/05/2011 20:49:59 | Computer Name = FU64L01753 | Source = Application Error | ID = 1000 Description = Application défaillante services.exe, version 5.1.2600.3520, module défaillant esent.dll, version 5.1.2600.2780, adresse de défaillance 0x0001baec. Error - 04/05/2011 21:46:41 | Computer Name = FU64L01753 | Source = Userenv | ID = 1085 Description = L'extension côté client Security de la stratégie de groupe n'a pas pu s'exécuter. Vérifiez si des erreurs ont été reportées plus tôt par cette extension. Error - 05/05/2011 07:45:18 | Computer Name = FU64L01753 | Source = Userenv | ID = 1085 Description = L'extension côté client Security de la stratégie de groupe n'a pas pu s'exécuter. Vérifiez si des erreurs ont été reportées plus tôt par cette extension. Error - 05/05/2011 08:30:52 | Computer Name = FU64L01753 | Source = Application Hang | ID = 1002 Description = Application bloquée firefox.exe, version 2.0.1.4120, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. Error - 05/05/2011 09:28:24 | Computer Name = FU64L01753 | Source = Userenv | ID = 1085 Description = L'extension côté client Security de la stratégie de groupe n'a pas pu s'exécuter. Vérifiez si des erreurs ont été reportées plus tôt par cette extension. Error - 05/05/2011 11:11:29 | Computer Name = FU64L01753 | Source = Userenv | ID = 1085 Description = L'extension côté client Security de la stratégie de groupe n'a pas pu s'exécuter. Vérifiez si des erreurs ont été reportées plus tôt par cette extension. Error - 05/05/2011 12:33:54 | Computer Name = FU64L01753 | Source = Userenv | ID = 1085 Description = L'extension côté client Security de la stratégie de groupe n'a pas pu s'exécuter. Vérifiez si des erreurs ont été reportées plus tôt par cette extension. [ System Events ] Error - 02/05/2011 19:48:02 | Computer Name = FU64L01753 | Source = DCOM | ID = 10016 Description = Les paramètres d'autorisation spécifiques à l'application n'accordent pas d'autorisation Locale Exécution pour l'application serveur COM avec le CLSID {7E89FF0B-F649-4F9A-A9C3-F05DFAAA3DA1} au SID AUTORITE NT\SYSTEM de l'utilisateur (S-1-5-18). Cette autorisation de sécurité peut être modifiée à l'aide de l'outil d'administration Services de composants. Error - 02/05/2011 19:48:03 | Computer Name = FU64L01753 | Source = Service Control Manager | ID = 7000 Description = Le service Pilote de port parallèle n'a pas pu démarrer en raison de l'erreur : %%1058 Error - 03/05/2011 13:49:02 | Computer Name = FU64L01753 | Source = DCOM | ID = 10016 Description = Les paramètres d'autorisation spécifiques à l'application n'accordent pas d'autorisation Locale Exécution pour l'application serveur COM avec le CLSID {7E89FF0B-F649-4F9A-A9C3-F05DFAAA3DA1} au SID AUTORITE NT\SYSTEM de l'utilisateur (S-1-5-18). Cette autorisation de sécurité peut être modifiée à l'aide de l'outil d'administration Services de composants. Error - 03/05/2011 13:49:03 | Computer Name = FU64L01753 | Source = Service Control Manager | ID = 7000 Description = Le service Pilote de port parallèle n'a pas pu démarrer en raison de l'erreur : %%1058 Error - 03/05/2011 14:04:38 | Computer Name = FU64L01753 | Source = Service Control Manager | ID = 7000 Description = Le service Pilote de port parallèle n'a pas pu démarrer en raison de l'erreur : %%1058 Error - 03/05/2011 14:33:56 | Computer Name = FU64L01753 | Source = Service Control Manager | ID = 7000 Description = Le service Pilote de port parallèle n'a pas pu démarrer en raison de l'erreur : %%1058 Error - 04/05/2011 21:46:31 | Computer Name = FU64L01753 | Source = DCOM | ID = 10016 Description = Les paramètres d'autorisation spécifiques à l'application n'accordent pas d'autorisation Locale Exécution pour l'application serveur COM avec le CLSID {7E89FF0B-F649-4F9A-A9C3-F05DFAAA3DA1} au SID AUTORITE NT\SYSTEM de l'utilisateur (S-1-5-18). Cette autorisation de sécurité peut être modifiée à l'aide de l'outil d'administration Services de composants. Error - 04/05/2011 21:46:33 | Computer Name = FU64L01753 | Source = Service Control Manager | ID = 7000 Description = Le service Pilote de port parallèle n'a pas pu démarrer en raison de l'erreur : %%1058 Error - 05/05/2011 07:45:13 | Computer Name = FU64L01753 | Source = Service Control Manager | ID = 7000 Description = Le service Pilote de port parallèle n'a pas pu démarrer en raison de l'erreur : %%1058 Error - 05/05/2011 12:33:51 | Computer Name = FU64L01753 | Source = Service Control Manager | ID = 7000 Description = Le service Pilote de port parallèle n'a pas pu démarrer en raison de l'erreur : %%1058 < End of report >
  4. K@rni
    Bonjour, Voila mon soucis : j'ai un ordinateur dell portable avec windows xp pro (sp2) cependant, environ toutes les heures/2 heures, aparrait un message d'erreur comme quoi le programme "services.exe" a planté et qu'il va envoyer un rapport d'erreur, je dis "ne pas envoyer", et la une fenètre s'ouvre en disant que le système va s'éteindre et redémarrer dans 1 minutes (compte a rebours), j'ai fait le tour des forums a propos de ce "bug", et ai trouvé quelques réponses, mais je ne sais pas vraiment quoi faire, ce n'est apparemment pas un virus car jai fait plusieurs scans avec différents logiciels (usbfix, RSIT, Whocrashed, Combofix, Systemlook, et un scan en ligne avec eset (qui n'a rien donné non plus)), mais peut être y a t'il des manips particulières a faire afin de détecter le problème. Merci d'avance pour vos futures réponses @+
  5. K@rni
    Bonjour, Voila mon soucis : j'ai un ordinateur dell portable avec windows xp pro (sp2) cependant, environ toutes les heures/2 heures, aparrait un message d'erreur comme quoi le programme "services.exe" a planté et qu'il va envoyer un rapport d'erreur, je dis "ne pas envoyer", et la une fenètre s'ouvre en disant que le système va s'éteindre et redémarrer dans 1 minutes (compte a rebours), j'ai fait le tour des forums a propos de ce "bug", et ai trouvé quelques réponses, mais je ne sais pas vraiment quoi faire, ce n'est apparemment pas un virus car jai fait plusieurs scans avec différents logiciels (usbfix, RSIT, Whocrashed, Combofix, Systemlook, et un scan en ligne avec eset (qui n'a rien donné non plus)), mais peut être y a t'il des manips particulières a faire afin de détecter le problème. Merci d'avance pour vos futures réponses @+
×
×
  • Créer...