Demandes d'étude de rapports d'analyse - ordinateur très lent

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

Demandes d'étude de rapports d'analyse - ordinateur très lent

Messagede den06 » 18 Mai 2012, 23:19

Bonjour

Depuis plusieurs jours (plus d'un mois maintenant) mon ordinateur est devenu très très lent, et complètement inutilisable.
Il se met souvent à ne plus réagir pendant plusieurs minutes (3-4).
De temps en temps il dépile les quelques actions enregistrées, puis un petit temps de répits souvent très court (30 sec) puis repart dans un timeout infernal.

Il me semble que parfois, en désactivant la carte réseau et/ou le simplement le câble + plusieurs reboot et repos, qu'il résiste un peu mieux ...
C'est comme ça que j'ai difficilement réussi à installer les soft et faire la manip recommandée.
J'hésite entre une contamination et une défaillance hard d'un périphérique.

C'est dans cette configuration (demarrage sans cable, puis branchement après coup) que j'ai pu faire tourner les softs.
mais ils ne semble pas y avoir le pb en ce moments !!!
Cc'est pourquoi j'en profite pour ecrire ce Post...

C'est en cherchant sur le net que je suis tombé sur votre forum.
Je vous pose les logs récupérés en espérant que vous y trouverai quelques choses ...

Je vous en remercie d'avance
Denis.

--------------------------------------------------------------------------------
Le 1er Malwarebytes anti-malware:
--------------------------------------------------------------------------------

Malwarebytes Anti-Malware 1.61.0.1400
http://www.malwarebytes.org

Version de la base de données: v2012.05.17.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Denis :: PC [administrateur]

18/05/2012 21:47:22
mbam-log-2012-05-18 (21-47-22).txt

Type d'examen: Examen rapide
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 274705
Temps écoulé: 3 minute(s), 32 seconde(s)

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)

Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)

Fichier(s) détecté(s): 0
(Aucun élément nuisible détecté)

(fin)

--------------------------------------------------------------------------------
den06
 
Messages: 5
Inscription: 18 Mai 2012, 22:24

Re: Demandes d'étude de rapports d'analyse - ordinateur très

Messagede den06 » 18 Mai 2012, 23:22

--------------------------------------------------------------------------------
Le log de OTL : Part 1/2
--------------------------------------------------------------------------------

OTL logfile created on: 18/05/2012 23:15:02 - Run 1
OTL by OldTimer - Version 3.2.43.0 Folder = D:\PROGRAMMES\Outils Systeme\Diagnostic
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

6,00 Gb Total Physical Memory | 4,35 Gb Available Physical Memory | 72,44% Memory free
12,00 Gb Paging File | 10,48 Gb Available in Paging File | 87,37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 458,46 Gb Total Space | 326,74 Gb Free Space | 71,27% Space Free | Partition Type: NTFS
Drive D: | 458,41 Gb Total Space | 25,31 Gb Free Space | 5,52% Space Free | Partition Type: NTFS

Computer Name: PC | User Name: Denis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Processes (SafeList) ==========

PRC - [2012/05/16 13:34:30 | 000,595,456 | ---- | M] (OldTimer Tools) -- D:\PROGRAMMES\Outils Systeme\Diagnostic\OTL.exe
PRC - [2011/08/30 18:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2010/07/08 15:28:56 | 000,815,704 | ---- | M] (GlavSoft LLC.) -- C:\Program Files (x86)\TightVNC\tvnserver.exe
PRC - [2010/01/21 14:11:40 | 000,045,056 | ---- | M] (Realtek) -- C:\Program Files (x86)\BeeWi\BeeWi Wireless Monitor\RtlService.exe
PRC - [2009/08/14 21:13:08 | 000,326,192 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe
PRC - [2009/08/14 21:12:46 | 000,399,920 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe
PRC - [2009/08/14 21:12:34 | 000,113,200 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
PRC - [2009/06/17 13:44:11 | 000,085,160 | ---- | M] (Elaborate Bytes AG) -- C:\Program Files (x86)\VirtualCloneDrive\VCDDaemon.exe


========== Modules (No Company Name) ==========


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/03/26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012/03/26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2008/03/04 22:42:50 | 001,045,232 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\dldncoms.exe -- (dldn_device)
SRV - [2011/08/30 18:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2010/07/16 17:23:30 | 006,638,080 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe -- (AllShare)
SRV - [2010/07/08 15:28:56 | 000,815,704 | ---- | M] (GlavSoft LLC.) [Auto | Running] -- C:\Program Files (x86)\TightVNC\tvnserver.exe -- (tvnserver)
SRV - [2010/06/24 16:41:38 | 000,092,008 | ---- | M] (TomTom) [On_Demand | Stopped] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/21 14:11:40 | 000,045,056 | ---- | M] (Realtek) [Auto | Running] -- C:\Program Files (x86)\BeeWi\BeeWi Wireless Monitor\RtlService.exe -- (Realtek11nSU)
SRV - [2009/12/15 00:43:20 | 000,515,560 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/09/23 16:36:06 | 000,051,168 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) @C:\Program Files (x86)
SRV - [2009/08/14 21:13:08 | 000,326,192 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2009/08/14 21:12:46 | 000,399,920 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2009/08/14 21:12:34 | 000,113,200 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe -- (VMAuthdService)
SRV - [2009/07/10 09:58:22 | 000,594,600 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\dldncoms.exe -- (dldn_device)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/12/01 12:49:02 | 000,191,024 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\VMware\VMware Player\vmware-ufad.exe -- (ufad-ws60)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/03/20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/08/12 06:07:46 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/02/06 09:49:24 | 000,690,208 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtl8192su.sys -- (RTL8192su)
DRV:64bit: - [2009/12/18 00:25:17 | 000,034,472 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2009/10/26 16:54:22 | 000,032,768 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009/10/22 19:52:35 | 000,193,792 | ---- | M] (Roland Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rdwm1046.sys -- (RDID1046)
DRV:64bit: - [2009/08/14 21:14:28 | 000,076,336 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
DRV:64bit: - [2009/08/14 21:14:18 | 000,038,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
DRV:64bit: - [2009/08/14 21:14:12 | 000,030,256 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2009/08/14 21:14:08 | 000,065,072 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
DRV:64bit: - [2009/08/14 21:14:08 | 000,029,744 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd)
DRV:64bit: - [2009/08/14 14:40:04 | 000,038,960 | R--- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2009/08/14 14:40:04 | 000,037,680 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmusb.sys -- (vmusb)
DRV:64bit: - [2009/08/14 14:40:04 | 000,020,016 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2009/08/09 23:25:45 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 22:35:02 | 000,281,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1y60x64.sys -- (e1yexpress) Pilote de connexions réseau Intel(R)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007/05/09 21:50:48 | 000,050,208 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64)
DRV:64bit: - [2007/05/09 21:46:48 | 001,127,328 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LV302V64.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV:64bit: - [2007/05/09 21:46:36 | 000,016,032 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lv302a64.sys -- (lvpepf64)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008/12/01 12:46:58 | 000,032,816 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\VMware\VMware Player\vstor2-ws60.sys -- (vstor2-ws60)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\URLSearchHook: {32b29df0-2237-4370-9a29-37cebb730e9b} - C:\Program Files (x86)\FreeSoundRecorder\prxtbFree.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{6D491AE0-9F97-4EA5-8971-7F1B53E9F971}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-58257088-4078202831-3106983605-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/?ocid=OIE9HP
IE - HKU\S-1-5-21-58257088-4078202831-3106983605-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-58257088-4078202831-3106983605-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKU\S-1-5-21-58257088-4078202831-3106983605-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-58257088-4078202831-3106983605-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKU\S-1-5-21-58257088-4078202831-3106983605-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CD 1A B7 56 95 4E CA 01 [binary data]
IE - HKU\S-1-5-21-58257088-4078202831-3106983605-1000\..\URLSearchHook: {32b29df0-2237-4370-9a29-37cebb730e9b} - C:\Program Files (x86)\FreeSoundRecorder\prxtbFree.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-58257088-4078202831-3106983605-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-58257088-4078202831-3106983605-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://startsear.ch/?aff=1&q={searchTerms}
IE - HKU\S-1-5-21-58257088-4078202831-3106983605-1000\..\SearchScopes\{6D491AE0-9F97-4EA5-8971-7F1B53E9F971}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-58257088-4078202831-3106983605-1000\..\SearchScopes\{BCB3F06C-0816-4FA2-AF18-5FC3B8B56BD4}: "URL" = http://www.google.fr/search?hl=fr&q={searchTerms}+&meta=
IE - HKU\S-1-5-21-58257088-4078202831-3106983605-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.fr"
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1
FF - prefs.js..extensions.enabledItems: {01A8CA0A-4C96-465b-A49B-65C46FAD54F9}:6.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.2
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {32b29df0-2237-4370-9a29-37cebb730e9b}:3.6.0.10
FF - prefs.js..extensions.enabledItems: {EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}:2.0
FF - prefs.js..keyword.URL: "chrome://browser-region/locale/region.properties"
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_10_3_162.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.609: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.609: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.609: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.609: c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKCU\Software\MozillaPlugins\@squareclock.com/SQ3DPlayer.Production_Castorama_Internet: C:\Users\Denis\AppData\Local\SquareClock.Production_Castorama_Internet\NPSQ3D.dll (SquareClock SAS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2010/07/01 23:12:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/12/17 19:59:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011/05/20 22:01:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011/05/20 22:01:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/11/25 22:20:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/17 20:14:15 | 000,000,000 | ---D | M]

[2010/09/10 19:42:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Denis\AppData\Roaming\mozilla\Extensions
[2010/07/25 00:22:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Denis\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2012/01/22 18:25:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Denis\AppData\Roaming\mozilla\Firefox\Profiles\c7wlkzre.default\extensions
[2012/01/22 18:25:16 | 000,000,000 | ---D | M] (FreeSoundRecorder Community Toolbar) -- C:\Users\Denis\AppData\Roaming\mozilla\Firefox\Profiles\c7wlkzre.default\extensions\{32b29df0-2237-4370-9a29-37cebb730e9b}
[2011/09/29 21:09:34 | 000,000,000 | ---D | M] (DealPly) -- C:\Users\Denis\AppData\Roaming\mozilla\Firefox\Profiles\c7wlkzre.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
[2011/07/11 20:04:02 | 000,000,633 | ---- | M] () -- C:\Users\Denis\AppData\Roaming\Mozilla\Firefox\Profiles\c7wlkzre.default\searchplugins\startsear.xml
[2011/11/25 22:20:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/11/21 06:28:56 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/11/12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/11/21 03:52:51 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-france.xml
[2011/11/21 03:09:48 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/11/21 03:52:51 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2011/11/21 03:52:51 | 000,001,154 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-france.xml
[2011/11/21 03:52:51 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-fr.xml
[2011/11/21 03:52:51 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-france.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = http://www.google.fr/search?hl=fr&q={searchTerms}+&meta=
CHR - default_search_provider: suggest_url =
CHR - Extension: DivX HiQ = C:\Users\Denis\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.1.94_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Denis\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.3_0\
CHR - Extension: FreeSoundRecorder = C:\Users\Denis\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkakpihealnpggeceajhaonlmgdkaip\2.0.1.4_0\
CHR - Extension: \u003Cvideo\u003E HTML5 DivX Plus Web Player = C:\Users\Denis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.1.94_0\

O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (FreeSoundRecorder Toolbar) - {32b29df0-2237-4370-9a29-37cebb730e9b} - C:\Program Files (x86)\FreeSoundRecorder\prxtbFree.dll (Conduit Ltd.)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll (DealPly Technologies Ltd)
O2 - BHO: (IeMonitorBho Class) - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll (Megaupload Limited)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (FreeSoundRecorder Toolbar) - {32b29df0-2237-4370-9a29-37cebb730e9b} - C:\Program Files (x86)\FreeSoundRecorder\prxtbFree.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-58257088-4078202831-3106983605-1000\..\Toolbar\WebBrowser: (no name) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - No CLSID value found.
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files (x86)\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Program Files (x86)\VMware\VMware Player\x64\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Program Files (x86)\VMware\VMware Player\x64\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\VMware\VMware Player\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\VMware\VMware Player\vsocklib.dll (VMware, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} https://static.impots.gouv.fr/tdir/stat ... .2.0.1.cab (AdVerifierADPCtrl Class)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Java Plug-in 1.5.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/f ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{431C806E-8F6A-41BD-91F5-BA6197FBFBA3}: DhcpNameServer = 192.168.0.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1cae4d0e-4ffd-11e0-ba29-001f16f2ffd6}\Shell - "" = AutoRun
O33 - MountPoints2\{1cae4d0e-4ffd-11e0-ba29-001f16f2ffd6}\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{38cfd15b-8535-11df-9054-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{38cfd15b-8535-11df-9054-005056c00008}\Shell\AutoRun\command - "" = K:\AUTORUN.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 60 Days ==========

[2012/05/18 21:47:05 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{A437ECFC-3E7E-40D3-A17A-23CA89F79D71}
[2012/05/18 20:56:05 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{09820CC6-93F9-4B88-BE6A-F2DD1BBB758E}
[2012/05/18 10:27:59 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{D70A91F5-7DC5-4DBA-B847-C5463993F674}
[2012/05/18 10:27:45 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{FB087A8B-4AF6-422D-8BC8-678F66E36B8F}
[2012/05/17 19:45:01 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/05/17 19:43:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2012/05/17 19:43:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2012/05/17 19:42:58 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Roaming\Malwarebytes
[2012/05/17 19:42:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/05/17 19:42:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/05/17 19:42:45 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/05/17 19:42:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/05/17 18:33:50 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{948DF9F7-5686-4D31-8E40-616413D6E74A}
[2012/05/13 18:45:11 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{2589C498-296A-4408-AACA-868EDB189118}
[2012/05/13 13:09:30 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{593052F6-F22C-4B74-9EF4-F12D3ACCAC09}
[2012/05/13 00:25:29 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/05/12 18:56:26 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/05/12 18:56:23 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/05/12 18:56:21 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/05/12 18:56:20 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/05/12 18:46:26 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{BC70BF10-4B25-4EB6-8E1F-222D2E974B53}
[2012/05/12 18:46:13 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{FF7769AD-5252-4BC6-BAA1-F2BD13541033}
[2012/05/12 00:50:13 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Roaming\ImgBurn
[2012/05/11 23:50:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ImgBurn
[2012/05/11 21:43:13 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{82B164E6-A648-4182-8306-39384C3BBA14}
[2012/05/11 21:43:00 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{8830ABF4-0B12-4EA9-80CF-DD781F6BD9E3}
[2012/05/04 19:12:36 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{4269DA1F-03A1-4314-8457-C6DF52D704BA}
[2012/05/02 13:10:52 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{20A87B63-C516-4043-A965-64FE7E6ACC0A}
[2012/05/01 19:59:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
[2012/05/01 19:59:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BeeWi
[2012/05/01 19:59:32 | 000,690,208 | R--- | C] (Realtek Semiconductor Corporation ) -- C:\Windows\SysNative\drivers\rtl8192su.sys
[2012/05/01 19:59:26 | 000,614,400 | ---- | C] (Realtek Semiconductor Corp. ) -- C:\Windows\SysWow64\Rtlihvs.dll
[2012/05/01 19:59:26 | 000,380,928 | ---- | C] (Realtek) -- C:\Windows\RtlUI2.exe
[2012/05/01 19:59:26 | 000,188,416 | ---- | C] (Realtek Semiconductor Corp. ) -- C:\Windows\SysWow64\RTLExtUI.dll
[2012/05/01 19:59:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BeeWi
[2012/05/01 17:01:41 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{41477AAC-BF52-4D6F-8847-488729025C0A}
[2012/04/25 21:15:37 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{ED5383FF-13AB-43F2-8472-6C59753E987B}
[2012/04/22 20:46:32 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{BDC5A141-2D60-4C89-8D9A-16825108D114}
[2012/04/22 10:34:36 | 000,000,000 | ---D | C] -- C:\Users\Denis\Desktop\Les Aventures de Tintin
[2012/04/22 10:14:10 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{57828F57-FF0D-4943-B59A-3111FAF687CE}
[2012/04/15 20:41:48 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/04/15 20:40:47 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/04/15 20:02:51 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{FF86546B-AA4F-4F13-9105-58DC1F1F6EBB}
[2012/04/15 19:34:29 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/04/15 19:34:29 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/04/15 19:34:28 | 002,311,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/04/15 19:34:27 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/04/15 19:34:27 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/04/15 19:34:27 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/04/15 19:34:27 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/04/15 19:34:26 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/04/15 19:34:26 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/04/15 19:34:25 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/04/15 19:34:25 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/04/14 01:19:33 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/04/14 01:19:33 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/04/14 01:19:32 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/04/13 21:39:35 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2012/04/13 21:38:11 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2012/04/13 21:35:40 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\ElevatedDiagnostics
[2012/04/13 20:04:18 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{EB2CFF66-4E22-4E08-BA1A-F4B04EECF516}
[2012/04/13 20:04:04 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{C988C234-FE8C-43D2-9BC4-891F49D215CC}
[2012/04/13 18:49:16 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{A4316C54-50F5-4392-AD44-979881087F30}
[2012/04/13 18:47:04 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{3462C8F2-32AA-49B9-9FA6-D8D29A5F57AC}
[2012/04/13 17:08:50 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{7ABC0000-0089-4E2F-8C70-47F530B980D1}
[2012/04/08 19:20:40 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{466C51A1-5F0A-4F40-97AF-C027CCD4CAAA}
[2012/04/07 10:28:39 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{BA513185-23D6-4B57-AC02-F3F5147BEC86}
[2012/04/05 19:20:23 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{8157069E-82D3-4292-9C7A-B94C88186E52}
[2012/04/04 19:37:58 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{EF4B4D06-D728-459A-913A-B7F449C4105D}
[2012/03/23 17:31:37 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{FBDEA096-20BC-4159-B7AE-B49D243831D9}
[2012/03/23 17:31:23 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Local\{4621B689-B45F-451E-9C24-30D049887626}
[9 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[9 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 60 Days ==========

[2012/05/18 23:33:04 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/18 22:41:03 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/05/18 21:59:48 | 000,014,816 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/18 21:59:48 | 000,014,816 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/18 21:52:33 | 000,001,246 | ---- | M] () -- C:\Users\Denis\Desktop\OTL.exe - Raccourci.lnk
[2012/05/18 21:46:55 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/18 21:31:32 | 001,685,046 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/05/18 21:31:32 | 000,752,836 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2012/05/18 21:31:32 | 000,659,866 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/05/18 21:31:32 | 000,151,902 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2012/05/18 21:31:32 | 000,124,164 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/05/18 21:15:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/18 21:15:32 | 536,219,647 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/18 10:55:14 | 000,000,032 | ---- | M] () -- C:\Users\Denis\Documents\pexmodes.dat
[2012/05/17 19:43:49 | 000,000,924 | ---- | M] () -- C:\Users\Denis\Desktop\NTREGOPT.lnk
[2012/05/17 19:43:49 | 000,000,905 | ---- | M] () -- C:\Users\Denis\Desktop\ERUNT.lnk
[2012/05/17 19:42:49 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/13 11:40:55 | 005,024,112 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/05/01 20:01:12 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/05/01 20:00:59 | 001,706,500 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/05/01 19:59:45 | 000,002,158 | ---- | M] () -- C:\Users\Public\Desktop\BeeWi Wireless Monitor.lnk
[2012/04/22 10:40:14 | 051,344,757 | ---- | M] () -- C:\Users\Denis\Desktop\GUITAR PRO TABS.zip
[2012/04/22 10:37:37 | 005,378,085 | ---- | M] () -- C:\Users\Denis\Desktop\05-Knockin' On Heaven's Door (Chipmunk).mp3
[2012/04/13 21:50:35 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msclmd.dll
[2012/04/13 21:50:35 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msclmd.dll
[2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/03/31 08:05:57 | 005,559,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/03/31 06:39:37 | 003,968,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/03/31 06:39:37 | 003,913,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/03/20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys
[9 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[9 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/05/18 22:41:03 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012/05/18 21:52:33 | 000,001,246 | ---- | C] () -- C:\Users\Denis\Desktop\OTL.exe - Raccourci.lnk
[2012/05/17 19:43:49 | 000,000,924 | ---- | C] () -- C:\Users\Denis\Desktop\NTREGOPT.lnk
[2012/05/17 19:43:49 | 000,000,905 | ---- | C] () -- C:\Users\Denis\Desktop\ERUNT.lnk
[2012/05/17 19:42:49 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/13 20:27:16 | 001,685,046 | ---- | C] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/05/01 19:59:45 | 000,002,158 | ---- | C] () -- C:\Users\Public\Desktop\BeeWi Wireless Monitor.lnk
[2012/05/01 19:59:25 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2012/04/22 13:20:10 | 000,000,032 | ---- | C] () -- C:\Users\Denis\Documents\pexmodes.dat
[2012/04/22 10:37:51 | 051,344,757 | ---- | C] () -- C:\Users\Denis\Desktop\GUITAR PRO TABS.zip
[2012/04/22 10:34:48 | 005,378,085 | ---- | C] () -- C:\Users\Denis\Desktop\05-Knockin' On Heaven's Door (Chipmunk).mp3
[2011/01/23 15:27:28 | 000,647,168 | ---- | C] ( ) -- C:\Windows\SysWow64\dldnpmui.dll
[2011/01/23 15:27:28 | 000,532,480 | ---- | C] () -- C:\Windows\SysWow64\dldnutil.dll
[2011/01/23 15:27:28 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\dldninpa.dll
[2011/01/23 15:27:28 | 000,348,160 | ---- | C] () -- C:\Windows\SysWow64\DLDNinst.dll
[2011/01/23 15:27:28 | 000,339,968 | ---- | C] ( ) -- C:\Windows\SysWow64\dldniesc.dll
[2011/01/23 15:27:28 | 000,335,872 | ---- | C] () -- C:\Windows\SysWow64\dldncomx.dll
[2011/01/23 15:27:28 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\dldnjswr.dll
[2011/01/23 15:27:28 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\dldninsr.dll
[2011/01/23 15:27:28 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\dldncur.dll
[2011/01/23 15:27:27 | 001,105,920 | ---- | C] ( ) -- C:\Windows\SysWow64\dldnserv.dll
[2011/01/23 15:27:27 | 000,843,776 | ---- | C] ( ) -- C:\Windows\SysWow64\dldnusb1.dll
[2011/01/23 15:27:27 | 000,569,344 | ---- | C] ( ) -- C:\Windows\SysWow64\dldnlmpm.dll
[2011/01/23 15:27:27 | 000,320,168 | ---- | C] ( ) -- C:\Windows\SysWow64\dldnih.exe
[2011/01/23 15:27:27 | 000,176,128 | ---- | C] () -- C:\Windows\SysWow64\dldninsb.dll
[2011/01/23 15:27:27 | 000,176,128 | ---- | C] () -- C:\Windows\SysWow64\dldnins.dll
[2011/01/23 15:27:27 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\dldncub.dll
[2011/01/23 15:27:27 | 000,077,824 | ---- | C] () -- C:\Windows\SysWow64\dldncu.dll
[2011/01/23 15:27:27 | 000,053,248 | ---- | C] ( ) -- C:\Windows\SysWow64\dldnprox.dll
[2011/01/23 15:27:26 | 000,663,552 | ---- | C] ( ) -- C:\Windows\SysWow64\dldnhbn3.dll
[2011/01/23 15:27:26 | 000,594,600 | ---- | C] ( ) -- C:\Windows\SysWow64\dldncoms.exe
[2011/01/23 15:27:26 | 000,376,832 | ---- | C] ( ) -- C:\Windows\SysWow64\dldncomm.dll
[2011/01/23 15:27:25 | 000,851,968 | ---- | C] ( ) -- C:\Windows\SysWow64\dldncomc.dll
[2011/01/23 15:27:25 | 000,365,224 | ---- | C] ( ) -- C:\Windows\SysWow64\dldncfg.exe
[2011/01/08 21:44:10 | 000,017,408 | ---- | C] () -- C:\Users\Denis\AppData\Local\WebpageIcons.db
[2010/09/16 23:19:16 | 000,428,538 | ---- | C] () -- C:\Windows\Enjoy 6e Uninstaller.exe

========== LOP Check ==========

[2011/06/01 13:06:44 | 000,000,000 | ---D | M] -- C:\Users\Denis\AppData\Roaming\Cool Record Edit Pro
[2010/04/11 14:20:28 | 000,000,000 | ---D | M] -- C:\Users\Denis\AppData\Roaming\Digiarty
[2012/02/10 21:55:56 | 000,000,000 | ---D | M] -- C:\Users\Denis\AppData\Roaming\FileZilla
[2011/06/01 13:06:18 | 000,000,000 | ---D | M] -- C:\Users\Denis\AppData\Roaming\Free Sound Recorder
[2012/05/12 00:52:48 | 000,000,000 | ---D | M] -- C:\Users\Denis\AppData\Roaming\ImgBurn
[2010/12/22 18:54:58 | 000,000,000 | ---D | M] -- C:\Users\Denis\AppData\Roaming\Leadertech
[2010/12/26 19:34:29 | 000,000,000 | ---D | M] -- C:\Users\Denis\AppData\Roaming\Midgar Studio
[2011/09/10 10:02:10 | 000,000,000 | ---D | M] -- C:\Users\Denis\AppData\Roaming\TeamViewer
[2010/08/23 21:20:35 | 000,000,000 | ---D | M] -- C:\Users\Denis\AppData\Roaming\Teleca
[2010/07/25 00:22:32 | 000,000,000 | ---D | M] -- C:\Users\Denis\AppData\Roaming\TomTom
[2010/08/28 10:57:31 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Teleca
[2011/11/11 19:07:51 | 000,032,482 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

...
--------------------------------------------------------------------------------
den06
 
Messages: 5
Inscription: 18 Mai 2012, 22:24

Re: Demandes d'étude de rapports d'analyse - ordinateur très

Messagede den06 » 18 Mai 2012, 23:23

--------------------------------------------------------------------------------
Le log de OTL : Part 2/2
--------------------------------------------------------------------------------


========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: AGP440.SYS >
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CTFMON.EXE >
[2009/07/14 03:39:02 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=42B6A94DD747DF2B5F628A2752E62A98 -- C:\Windows\SysNative\ctfmon.exe
[2009/07/14 03:39:02 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=42B6A94DD747DF2B5F628A2752E62A98 -- C:\Windows\winsxs\amd64_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_f9257e7aaa4290ce\ctfmon.exe
[2009/07/14 03:14:16 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=4A3CDCEF8ED41B221F3DBEF5792FB52D -- C:\Windows\SysWOW64\ctfmon.exe
[2009/07/14 03:14:16 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=4A3CDCEF8ED41B221F3DBEF5792FB52D -- C:\Windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_9d06e2f6f1e51f98\ctfmon.exe

< MD5 for: EXPLORER.EXE >
[2011/02/26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/08/03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: IASTORV.SYS >
[2010/11/20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010/11/20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011/03/11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011/03/11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011/03/11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009/07/14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2009/07/14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010/11/20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010/11/20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2009/07/14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011/03/11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011/03/11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011/03/11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: USERINIT.EXE >
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WININIT.EXE >
[2009/07/14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009/07/14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

< MD5 for: WINLOGON.EXE >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2012/02/28 03:27:13 | 009,705,984 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< End of report >

--------------------------------------------------------------------------------
den06
 
Messages: 5
Inscription: 18 Mai 2012, 22:24

Re: Demandes d'étude de rapports d'analyse - ordinateur très

Messagede den06 » 18 Mai 2012, 23:24

--------------------------------------------------------------------------------
Le log de OTL : Extrats
--------------------------------------------------------------------------------

OTL Extras logfile created on: 18/05/2012 23:15:02 - Run 1
OTL by OldTimer - Version 3.2.43.0 Folder = D:\PROGRAMMES\Outils Systeme\Diagnostic
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

6,00 Gb Total Physical Memory | 4,35 Gb Available Physical Memory | 72,44% Memory free
12,00 Gb Paging File | 10,48 Gb Available in Paging File | 87,37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 458,46 Gb Total Space | 326,74 Gb Free Space | 71,27% Space Free | Partition Type: NTFS
Drive D: | 458,41 Gb Total Space | 25,31 Gb Free Space | 5,52% Space Free | Partition Type: NTFS

Computer Name: PC | User Name: Denis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0FE6A98B-90D2-400B-9AD4-6C8E98F2B8C2}" = lport=138 | protocol=17 | dir=in | app=system |
"{105CE89C-D352-4A4E-B233-3D6F2B31F78A}" = rport=10243 | protocol=6 | dir=out | app=system |
"{17CE784F-E9D8-436A-A9EF-E4D07CAFF8E2}" = lport=1542 | protocol=17 | dir=in | name=realtek wps udp prot |
"{1977B5F3-C396-431D-AB3E-2F68F0E5A83C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2B58496D-479B-4C34-894B-BDD9FEB4747A}" = lport=137 | protocol=17 | dir=in | app=system |
"{468086AA-2BD9-41E7-B098-B998536ECC6C}" = lport=139 | protocol=6 | dir=in | app=system |
"{4BEC94E1-5C8D-4738-AA94-1D03B50C81A8}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4C4276CF-58E4-4521-B92A-8BDDAFFA1C6E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{568C55FA-F9A7-4763-B0DE-E9159A81E864}" = lport=57724 | protocol=6 | dir=in | name=pando media booster |
"{57BB2F36-E574-4B7D-A691-407A8E7DBA1A}" = rport=138 | protocol=17 | dir=out | app=system |
"{5C415CA9-68A4-4A78-8C7B-B0065008A529}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5CAC59D3-E6F2-4E78-A2BD-AA4E85E1BB81}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{691C2937-BB3E-4AAC-AC28-936DA28C3D1B}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{70E6223C-B785-4714-A5F2-AF05C2366348}" = lport=53 | protocol=17 | dir=in | name=realtek ap udp prot |
"{74B3B5B2-7898-4158-85C5-42745C120831}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7FEBB9B9-EAF8-4CE1-BEE2-7068EA5ED675}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{8052F2FA-3222-45F6-ADC0-E7D4B6D57AFF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{8798FD34-4D2F-46B6-B98D-F6B4D0357B7E}" = lport=57724 | protocol=6 | dir=in | name=pando media booster |
"{899E3B5A-9AB4-43C8-A661-C6605CCB5CCF}" = rport=137 | protocol=17 | dir=out | app=system |
"{905F38C8-B6F7-4E41-9CB1-6E50F0DEBB37}" = lport=2869 | protocol=6 | dir=in | app=system |
"{93A649D1-640E-4D69-A3D9-AFE6A3E67AE7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{9AE6ED95-B186-4B56-9B45-1171A5758E92}" = rport=445 | protocol=6 | dir=out | app=system |
"{9B62E8BE-5354-4914-8C7C-7E7A132B4380}" = lport=57724 | protocol=17 | dir=in | name=pando media booster |
"{A00D14EB-72A4-422D-8E20-F1F5D0D01526}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A54088F3-63DC-46EF-82E2-3FE59D517259}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{B3CA78A7-1CD2-403E-B420-00CF337ECBF3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BB0EFEBE-152A-4F12-8208-9CEAA3B99966}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D23FC36E-7CC9-470E-AFC0-E897F0BC9F5F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D62EACE4-5C20-4840-9A9A-061A59F3FA08}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D9B8C6EB-9907-4592-86FB-215C6C5D1228}" = lport=57724 | protocol=17 | dir=in | name=pando media booster |
"{DE111F09-AE2E-470F-BF66-74F8A9294DDD}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E7C9401E-64FD-4518-83A0-32BD5A60789A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E85977C5-41BC-410F-AF9A-867F03301F1E}" = rport=139 | protocol=6 | dir=out | app=system |
"{EE314533-0A1A-495D-9559-60DC7D2F548E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F6F8018B-C82A-4D01-90AD-7561B1FC27EE}" = lport=445 | protocol=6 | dir=in | app=system |
"{FAF56AF0-2CAD-4BBB-A266-D509F0CDD488}" = lport=1542 | protocol=6 | dir=in | name=realtek wps tcp prot |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00515F64-C1C9-4CA7-A7CA-8FF49FC4134C}" = protocol=17 | dir=in | app=c:\program files (x86)\lastchaos\bin\nksp.exe |
"{068480CF-DEDF-4A1C-A550-35824E79B89F}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0F3233BE-E048-4B69-BA52-DDF7C73C229D}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung pc share manager\http_ss_win_pro.exe |
"{11044E61-6510-4EED-AAB0-5C7408B6C1FE}" = protocol=17 | dir=in | app=c:\program files\world of warcraft\launcher.exe |
"{14FAA846-A9CF-4D4B-A241-7B29A1FED97E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{185CE0C4-1D84-4900-8E03-B9093F27D237}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{1BF16472-3EE0-4298-893D-5FAE43C58F43}" = protocol=6 | dir=in | app=c:\program files (x86)\tightvnc\vncviewer.exe |
"{1F584ABB-5EB8-46B8-889B-C930B16717E1}" = protocol=6 | dir=in | app=c:\program files\world of warcraft\launcher.patch.exe |
"{2107D6B9-B01D-4C0A-B26E-29F375753A6D}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\dldntime.exe |
"{217F1B3D-A9EF-4F1F-959A-07ACFBE57A67}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\dldnpswx.exe |
"{2A4BD73B-8410-46C1-9FC1-7FE1718A0208}" = protocol=6 | dir=in | app=c:\program files (x86)\beewi\beewi wireless monitor\rtwlan.exe |
"{2C12EA90-E7F3-4A7B-9AF5-4EA7C75DB59B}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{300B94BF-B684-4E10-AFF3-14BA95F58EBB}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
"{34F71DA0-2020-4ED3-B09F-9890EAB32EBF}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{3636E380-935A-472A-A6B2-82865C70397E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{40589C0A-505E-4E6C-8052-1B987D6AAC5D}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung pc share manager\wiselinkpro.exe |
"{415A696D-D17D-448F-9399-C1D45ED42CEF}" = protocol=17 | dir=in | app=c:\program files (x86)\lastchaos\lc.exe |
"{429F2F18-DCE5-4F08-81DE-5E2058ED95C6}" = protocol=6 | dir=in | app=c:\program files (x86)\vmware\vmware player\vmware-authd.exe |
"{475D658C-8CC8-4348-866C-695CECA42D70}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{487E8F37-F4D9-41D7-80AB-50AF0B9A13F4}" = protocol=6 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"{498FFE84-4924-41B3-9404-D0C02E9E7554}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
"{4EFFC605-8BDE-413E-92C6-52568135FC90}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe |
"{520BC1C4-7EC6-4667-999C-66730AA0ED2F}" = protocol=17 | dir=in | app=c:\windows\syswow64\dldncoms.exe |
"{5569CB57-4738-4DD7-B963-90B8F36A773C}" = protocol=6 | dir=in | app=c:\windows\syswow64\dldncoms.exe |
"{56A8AA70-62FE-45DB-A239-CABFC845750A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5A870FE1-015E-4821-94D7-6B327F1EBBAB}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{5B8E1F4E-472A-422A-8567-A946674B8AB1}" = protocol=6 | dir=in | app=c:\program files (x86)\lastchaos\bin\nksp.exe |
"{5BFD5261-62FA-489A-AF34-AD68BA1C6E60}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5D5461F1-5656-47C4-BFF2-8A7B67F39E10}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5F8561A4-F035-4920-BFB3-C7D611F798B6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{60E139AB-70AA-4C41-89D9-89126ED62924}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{66033C2C-C985-4B35-A126-72681FA6E4DD}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{674DAFBD-4CC3-4C4D-A454-D4D9E0D6F774}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{72F8C4A7-C427-4A41-9C18-706F452B4AAD}" = protocol=6 | dir=in | app=c:\program files (x86)\adsltv\adsltv.exe |
"{730D2737-DC65-48E5-A502-12363D516B58}" = protocol=6 | dir=out | app=system |
"{74B4BA20-24E3-4E06-877C-1C5DA8CCD5D4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7596970A-3689-4FBB-8B47-3857F4356552}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
"{7706D292-A87F-4B84-9B24-406F55222688}" = protocol=6 | dir=in | app=c:\windows\system32\dldncoms.exe |
"{7D264C88-057A-4D93-B294-8BDE381B148D}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\dldnpswx.exe |
"{804E7DD2-6A3B-4813-838A-16CA31B646D1}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{893F21F6-E535-4E84-B44A-CED6528CEC6B}" = protocol=17 | dir=in | app=c:\program files (x86)\tightvnc\tvnserver.exe |
"{8DE68BBD-EEFD-4C41-8BCD-44C304C54A06}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{8EDB178D-6884-48EC-B4CB-D57F755FE1B7}" = protocol=6 | dir=in | app=c:\program files\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe |
"{9200A907-5206-4918-872F-F241B2F56839}" = protocol=17 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"{94E4E042-8EBB-4A8E-854F-D11017DE7098}" = protocol=17 | dir=in | app=c:\windows\system32\dldncoms.exe |
"{95F6C2ED-04AA-4392-8842-CE98ADC46E2F}" = protocol=6 | dir=in | app=c:\program files (x86)\lastchaos\lc.exe |
"{9613F765-8F84-4BF0-B019-173C08F67811}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{97B715DB-A3EC-422E-BC7E-71244B6CC916}" = protocol=17 | dir=in | app=c:\program files (x86)\tightvnc\vncviewer.exe |
"{9AF2C9C5-66CE-4DE3-9CF4-60123D627C0F}" = protocol=17 | dir=in | app=c:\program files\world of warcraft\launcher.patch.exe |
"{A57BC65B-EE74-4332-9A65-AEC16D055C76}" = protocol=6 | dir=in | app=c:\program files (x86)\vmware\vmware player\vmware-authd.exe |
"{A8D16339-A4A6-4DFF-8992-53CC28CAF696}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AF889D13-7B27-463A-8BC1-32AD57978ABA}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe |
"{CBD67386-1E92-46EE-AF7F-886FCC228DBF}" = protocol=17 | dir=in | app=c:\program files (x86)\vmware\vmware player\vmware-authd.exe |
"{CEFCD150-FEA3-431A-8F97-516F2AA0388D}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung pc share manager\wiselinkpro.exe |
"{CF055125-00A3-466B-8AD2-8D4F076826A8}" = protocol=17 | dir=in | app=c:\program files (x86)\adsltv\adsltv.exe |
"{D306EF04-35D4-4C81-92A4-AE0B7B3D2A47}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe |
"{D32DC776-29EA-4ADB-A97E-38BF50E687B4}" = protocol=17 | dir=in | app=c:\program files (x86)\vmware\vmware player\vmware-authd.exe |
"{D88C7435-8E7A-4798-8988-4664B886C001}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe |
"{DBD893C7-906B-410B-9C7D-CD788BD1551C}" = protocol=6 | dir=in | app=c:\program files (x86)\tightvnc\tvnserver.exe |
"{DC0B965A-33E3-42C1-B82D-DDEBE3D72DE7}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{EACA05FB-314F-493E-87DC-FDDD0E177A04}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EE6D6DC3-32A5-44D3-A59D-C6D65713EADF}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\dldntime.exe |
"{EE835064-BC69-46D4-B7BA-0D922C88C589}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F0D2739C-F637-459E-B614-371A04C3CF31}" = protocol=6 | dir=in | app=c:\program files\world of warcraft\launcher.exe |
"{F37FD936-15E4-4943-8E57-0DC9F580449F}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{F5972FDD-46BC-42FB-A660-738306993C18}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{F62155F1-E060-4E4D-977B-ED220FC4BC21}" = protocol=17 | dir=in | app=c:\program files (x86)\beewi\beewi wireless monitor\rtwlan.exe |
"{F6471EED-0BE1-40A6-B9AB-5BFFE48DBF16}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung pc share manager\http_ss_win_pro.exe |
"{F74829DD-1C0E-4AE9-9EB7-599D2D20BC7C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F7D4D950-2DA6-4E1F-B104-4E365C3235AA}" = protocol=17 | dir=in | app=c:\program files\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe |
"{F90B757F-9A3A-4161-AAA8-83B73AF8A5E1}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
"TCP Query User{0AB32F1E-06F5-4857-8D7C-088129E64BAE}C:\program files (x86)\zattoo\zattood.exe" = protocol=6 | dir=in | app=c:\program files (x86)\zattoo\zattood.exe |
"TCP Query User{230F1819-F966-4C40-B5E5-D8E33B48D5A9}C:\program files (x86)\dvico\tvixnetshare\tvixnetshare.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dvico\tvixnetshare\tvixnetshare.exe |
"TCP Query User{3CBA19F3-B952-496F-97F9-5FC9CE5826AA}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{58BA1B06-A167-458A-8FE2-0DA453BCBBB9}C:\program files (x86)\freeplayer\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\freeplayer\vlc\vlc.exe |
"TCP Query User{67BA753B-25C1-4DA2-B4C6-6D27806BE7D5}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{70404FFC-13B3-456F-91E1-94DCD3C03643}C:\program files (x86)\dvico\tvixnetshare\tvixnetshare.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dvico\tvixnetshare\tvixnetshare.exe |
"TCP Query User{7668C53C-4175-4526-A650-75590065553B}C:\program files\world of warcraft\blizzard downloader.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft\blizzard downloader.exe |
"TCP Query User{8D1EB5F9-5E52-4724-9200-9FA21760FC54}C:\program files (x86)\tvants\tvants.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tvants\tvants.exe |
"TCP Query User{B4BE7AAF-3AF4-4D2B-A5D5-3407180CDEC2}C:\program files\world of warcraft 4.0.3\launcher.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft 4.0.3\launcher.exe |
"TCP Query User{BA77720D-9AD9-4F65-99E0-20CD13AD56B9}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |
"TCP Query User{D1811865-B464-4762-AA50-37856792ABFB}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"TCP Query User{D243E783-871E-415F-A5F0-A47FFDC86746}C:\program files (x86)\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\backgrounddownloader.exe |
"TCP Query User{DF83207C-EF1B-407F-BD56-E47DBDADAC1B}C:\program files\freemi upnp media server\freemi upnp media server.exe" = protocol=6 | dir=in | app=c:\program files\freemi upnp media server\freemi upnp media server.exe |
"TCP Query User{E1A19F93-0CE1-487F-BB5E-11AF0384F0E5}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{EBEEAD86-7645-4298-A008-DF9F39C7B42C}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe |
"TCP Query User{F3413DDA-D8B3-4794-82DB-C3B077216C62}C:\program files\world of warcraft 4.0.3\blizzard downloader.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft 4.0.3\blizzard downloader.exe |
"TCP Query User{FBC26D5E-9E6A-43AD-88C1-A903C1D1EC92}C:\windows\system32\spool\drivers\x64\3\dldnpswx.exe" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\dldnpswx.exe |
"UDP Query User{08B7C7C1-3B13-4A3A-9583-0E75FC7D4DFB}C:\program files\freemi upnp media server\freemi upnp media server.exe" = protocol=17 | dir=in | app=c:\program files\freemi upnp media server\freemi upnp media server.exe |
"UDP Query User{2B847818-5594-4621-9481-0650FC36DB09}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe |
"UDP Query User{35509ABC-A40C-46B7-9DE6-73401171384E}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{3D67C9BC-D561-412C-862F-C854E0CBEAB5}C:\program files (x86)\freeplayer\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\freeplayer\vlc\vlc.exe |
"UDP Query User{60F03C15-0DAE-44AA-A89F-5164C0CDF17E}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"UDP Query User{72CB8AD2-FD88-4C86-8E73-9324227F4A68}C:\program files\world of warcraft 4.0.3\blizzard downloader.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft 4.0.3\blizzard downloader.exe |
"UDP Query User{7DC67B7B-C54E-478E-8E04-7143C34F1E17}C:\program files (x86)\dvico\tvixnetshare\tvixnetshare.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dvico\tvixnetshare\tvixnetshare.exe |
"UDP Query User{81E53843-2CFD-4AD2-9E15-8D5E62F903B3}C:\program files (x86)\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\backgrounddownloader.exe |
"UDP Query User{830F7487-C9BF-4652-B258-1963C4F80DD4}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{8C289D65-6CF1-4C42-B833-30EE0E0343F4}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{9DA4DE13-C101-46DC-864B-562BF6A106EE}C:\windows\system32\spool\drivers\x64\3\dldnpswx.exe" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\dldnpswx.exe |
"UDP Query User{ADDE8167-01E7-4204-8853-D4F0D50FF9C8}C:\program files (x86)\tvants\tvants.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tvants\tvants.exe |
"UDP Query User{B0F14EE6-1406-4944-B96A-F9FB6B607B9C}C:\program files (x86)\dvico\tvixnetshare\tvixnetshare.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dvico\tvixnetshare\tvixnetshare.exe |
"UDP Query User{D46F41E7-5208-4148-8D93-EBBC4FF2AC68}C:\program files\world of warcraft 4.0.3\launcher.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft 4.0.3\launcher.exe |
"UDP Query User{F8385F41-6E65-45DF-950C-F472033CC925}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |
"UDP Query User{FABEE4F2-38BC-425F-9417-C7E6FE0DA75D}C:\program files\world of warcraft\blizzard downloader.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft\blizzard downloader.exe |
"UDP Query User{FEEE21A5-C315-41F7-8BCE-A64EFC6509AB}C:\program files (x86)\zattoo\zattood.exe" = protocol=17 | dir=in | app=c:\program files (x86)\zattoo\zattood.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{056B9C5B-2E8D-4EBC-941C-06C78A30ABB3}" = Microsoft_VC80_ATL_x86_x64
"{138D2BE4-7981-4F34-BA23-81B6B99D0DE6}" = Microsoft_VC80_MFCLOC_x86_x64
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{32E9C1A5-0FDA-4483-987D-DBABF9CC1DD8}" = Microsoft Antimalware Service FR-FR Language Pack
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3D46855F-7B71-4CF7-A270-62E0E4F05037}" = Microsoft_VC80_CRT_x86_x64
"{47A70BC0-BB3E-468B-9E01-56CCD6F2A911}" = Microsoft_VC80_MFC_x86_x64
"{4B5F58F7-C7D1-3CE3-9B37-B657F0852643}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-040C-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (French) 2007
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client
"{A39AE3AE-9808-39D2-AB7B-FF5F0335095E}" = Microsoft .NET Framework 4 Extended FRA Language Pack
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client FR-FR Language Pack
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin 64" = Adobe Flash Player 10 Plugin 64-bit
"FreeMi UPnP Media Server" = FreeMi UPnP Media Server
"lvdrivers_12.10" = Coffret de pilotes Logitech Webcam Software
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Extended FRA
"Microsoft Security Client" = Microsoft Security Essentials
"NVIDIA Drivers" = NVIDIA Drivers

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 23
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}" = SAMSUNG PC Share Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150040}" = J2SE Runtime Environment 5.0 Update 4
"{32A3A4F4-B792-11D6-A78A-00B0D0160200}" = Java(TM) SE Development Kit 6 Update 20
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{39CEE1F2-12B6-4C50-9131-04BFCA110578}" = PowerCinema NE for Everio
"{3AFDD2C6-8663-46B5-B195-6CEB00D44768}" = adsl TV
"{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}" = Mega Manager
"{3D8F9799-CC9E-445D-A9FF-069EDDE81499}_is1" = CD-Rom Alimentaire mon cher Watson 1.0
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{582B87B4-BFA2-402F-88CA-986C67AA474A}" = ACER ICONIA 3G DRIVER INSTALL
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7FF0ACFE-4346-4D9D-B822-C69B99AAE1FC}" = Microsoft_VC80_MFCLOC_x86
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8409B1FB-9B55-452A-8CDC-4AE9D0F97FB4}" = TViX NetShare 2.11
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AE28FB8-B8AE-4B58-A5FE-77F45E462BAE}" = Microsoft_VC80_MFC_x86
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_PROR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_PROR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_PROR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_PROR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_PROR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_PROR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_PROR_{3E8EA473-ECCE-405F-A9CA-59446AEADD3A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_PROR_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_PROR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-040C-1000-0000000FF1CE}_PROR_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_PROR_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{952D88D2-3E6F-4E40-8553-8070FEFCE5CD}" = Adobe Creative Suite 5 Master Collection
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{98B8052E-1E55-41D4-9A03-E2F718825D38}" = HTC Sync
"{9C049499-055C-4a0c-A916-1D8CA1FF45EB}" = BeeWi Wireless Monitor
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A53A11EA-0095-493F-86FA-A15E8A86A405}" = VMware Player
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A890218A-2B99-4EF5-AE53-51FF4D305866}" = Micro Application - Faire-part MC
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.1 - Français
"{ADFBA869-0359-4C24-8CEF-DB0FBE90B987}" = Mega Manager
"{AF890091-2603-C1C6-DCD6-B8799D4FB464}" = Adobe Community Help
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CB07E706-5DD7-4093-83A1-1430D5B6FA75}" = Microsoft_VC80_ATL_x86
"{CC431AE0-60DC-451B-A7A9-FBBC2BE5E86F}" = LastChaosFRA
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF9CD37C-E29A-11D5-AE3D-005004B8E30C}" = Digital Photo Navigator 1.5
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D7BF3B76-EEF9-4868-9B2B-42ABF60B279A}" = Microsoft_VC80_CRT_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = French App Name
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EDE721EC-870A-11D8-9D75-000129760D75}" = PowerDirector Express
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"CloneDVD2" = CloneDVD2
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = French App Name
"conduitEngine" = Conduit Engine
"DealPly" = DealPly
"Dell V105" = Dell V105
"DivX Setup.divx.com" = Configuration DivX
"Enjoy 6e" = Enjoy 6e
"ERUNT_is1" = ERUNT 1.1j
"FileZilla Client" = FileZilla Client 3.3.4
"Free Sound Recorder_is1" = Free Sound Recorder v9.2.6
"Freeplayer" = Freeplayer
"FreeSoundRecorder Toolbar" = FreeSoundRecorder Toolbar
"GiveMeTac_is1" = GiveMeTac 1.1
"Google Chrome" = Google Chrome
"Guitar Pro 5_is1" = Guitar Pro 5.2
"ImgBurn" = ImgBurn
"ImTOO DVD Ripper Platinum 5" = ImTOO DVD Ripper Platinum 5
"InstallShield_{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}" = SAMSUNG PC Share Manager
"InstallShield_{582B87B4-BFA2-402F-88CA-986C67AA474A}" = ACER ICONIA 3G DRIVER INSTALL
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Mozilla Firefox 8.0.1 (x86 fr)" = Mozilla Firefox 8.0.1 (x86 fr)
"PROR" = Microsoft Office Professional 2007
"RealPlayer 12.0" = RealPlayer
"SopCast" = SopCast 3.3.2
"SyncBackSE_is1" = SyncBackSE
"TeamViewer 6" = TeamViewer 6
"TightVNC" = TightVNC 2.0.2
"TomTom HOME" = TomTom HOME 2.7.5.2014
"TVAnts 1.0" = TVAnts 1.0
"Veetle TV" = Veetle TV 0.9.18
"VirtualCloneDrive" = VirtualCloneDrive
"Visual CertExam Suite_is1" = Visual CertExam Suite 1.9
"VLC media player" = VLC media player 1.0.1
"WinLiveSuite" = Windows Live
"WinRAR archiver" = Logiciel d'archivage WinRAR
"World of Warcraft" = World of Warcraft
"Zattoo" = Zattoo 3.3.4 Beta
"Zattoo4" = Zattoo4 4.0.5

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-58257088-4078202831-3106983605-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"bfbc2fd85b525931" = Sienna Launcher
"f031ef6ac137efc5" = Dell Driver Download Manager
"FoxTab FLV Player" = FoxTab FLV Player
"SquareClock_Production_Castorama_Internet" = casto 3d cuisine

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/05/2012 15:47:11 | Computer Name = PC | Source = SideBySide | ID = 16842832
Description = La création du contexte d’activation a échoué pour « L:\BACKUP\PROGRAMMES\Developpement\JDK\SoftonicDownloader7563.exe ».
Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne . Une version
de composant nécessaire à l’application est en conflit avec une autre version de
composant déjà active. Les composants en conflit sont : Composant 1 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Composant
2 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error - 11/05/2012 19:59:07 | Computer Name = PC | Source = System Restore | ID = 8193
Description =

Error - 12/05/2012 15:33:31 | Computer Name = PC | Source = SideBySide | ID = 16842815
Description = La création du contexte d’activation a échoué pour « C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll ». Erreur dans le fichier
de manifeste ou de stratégie « C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll » à la ligne 3. La valeur « MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR »
de l’attribut « version » de l’élément « assemblyIdentity » n’est pas valide.

Error - 13/05/2012 06:11:41 | Computer Name = PC | Source = SideBySide | ID = 16842815
Description = La création du contexte d’activation a échoué pour « C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll ». Erreur dans le fichier
de manifeste ou de stratégie « C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll » à la ligne 3. La valeur « MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR »
de l’attribut « version » de l’élément « assemblyIdentity » n’est pas valide.

Error - 13/05/2012 08:06:45 | Computer Name = PC | Source = Application Hang | ID = 1002
Description = Le programme iexplore.exe version 9.0.8112.16421 a cessé d’interagir
avec Windows et a été fermé. Pour déterminer si des informations supplémentaires
sont disponibles, consultez l’historique du problème dans le Centre de maintenance.

ID
de processus : d94 Heure de début : 01cd30fee5b6bbb5 Heure de fin : 51 Chemin d’accès
de l’application : C:\Program Files (x86)\Internet Explorer\iexplore.exe ID de rapport
:

Error - 13/05/2012 13:13:25 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Nom de l’application défaillante RtWlan.exe, version : 700.1609.325.2010,
horodatage : 0x4bbec39c Nom du module défaillant : unknown, version : 0.0.0.0, horodatage
: 0x00000000 Code d’exception : 0x00000000 Décalage d’erreur : 0x00000000 ID du processus
défaillant : 0x448 Heure de début de l’application défaillante : 0x01cd3126f940411a
Chemin
d’accès de l’application défaillante : C:\Program Files (x86)\BeeWi\BeeWi Wireless
Monitor\RtWlan.exe Chemin d’accès du module défaillant: unknown ID de rapport : f30a90c3-9d1e-11e1-8df6-cea49abfcadb

Error - 13/05/2012 14:33:35 | Computer Name = PC | Source = Microsoft-Windows-CAPI2 | ID = 512
Description = Le service Services de chiffrement n’a pas pu initialiser l’objet
sauvegarde VSS « System Writer ». Details: Could not query the status of the EventSystem
service. System Error: Un arrêt système est en cours. .

Error - 18/05/2012 12:34:56 | Computer Name = PC | Source = Application Hang | ID = 1002
Description = Le programme firefox.exe version 8.0.1.4341 a cessé d’interagir avec
Windows et a été fermé. Pour déterminer si des informations supplémentaires sont
disponibles, consultez l’historique du problème dans le Centre de maintenance. ID
de processus : cac Heure de début : 01cd35134c88fd2d Heure de fin : 0 Chemin d’accès
de l’application : C:\Program Files (x86)\Mozilla Firefox\firefox.exe ID de rapport
: 08252b8d-a107-11e1-b626-001f16f2ffd6

Error - 18/05/2012 13:21:51 | Computer Name = PC | Source = Application Hang | ID = 1002
Description = Le programme OTL.exe version 3.2.43.0 a cessé d’interagir avec Windows
et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles,
consultez l’historique du problème dans le Centre de maintenance. ID de processus :
1368 Heure de début : 01cd35147249d0c2 Heure de fin : 15 Chemin d’accès de l’application
: D:\PROGRAMMES\Outils Systeme\Diagnostic\OTL.exe ID de rapport : d38220cc-a10d-11e1-b626-001f16f2ffd6


Error - 18/05/2012 17:09:29 | Computer Name = PC | Source = SideBySide | ID = 16842815
Description = La création du contexte d’activation a échoué pour « C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll ». Erreur dans le fichier
de manifeste ou de stratégie « C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll » à la ligne 3. La valeur « MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR »
de l’attribut « version » de l’élément « assemblyIdentity » n’est pas valide.

[ Media Center Events ]
Error - 04/02/2010 14:41:31 | Computer Name = PC | Source = MCUpdate | ID = 0
Description = 19:41:31 - Échec de la récupération de ClientUpdate (Erreur : La connexion
sous-jacente a été fermée : Une erreur inattendue s'est produite lors de la réception.)


[ System Events ]
Error - 18/05/2012 15:07:38 | Computer Name = PC | Source = Service Control Manager | ID = 7016
Description = Le service NVIDIA Display Driver Service a signalé un état actuel
32 non valide.

Error - 18/05/2012 15:17:03 | Computer Name = PC | Source = Service Control Manager | ID = 7022
Description = Le service Générateur de points de terminaison du service Audio Windows
est en attente de démarrage.

Error - 18/05/2012 15:17:40 | Computer Name = PC | Source = Service Control Manager | ID = 7001
Description = Le service Audio Windows dépend du service Générateur de points de
terminaison du service Audio Windows qui n’a pas pu démarrer en raison de l’erreur :
%%1070

Error - 18/05/2012 15:19:02 | Computer Name = PC | Source = Service Control Manager | ID = 7022
Description = Le service Fichiers hors connexion est en attente de démarrage.

Error - 18/05/2012 15:21:17 | Computer Name = PC | Source = Service Control Manager | ID = 7009
Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de
l’attente de la connexion du service Système d’événement COM+.

Error - 18/05/2012 15:21:48 | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description = Le service Système d’événement COM+ n’a pas pu démarrer en raison
de l’erreur : %%1053

Error - 18/05/2012 15:21:48 | Computer Name = PC | Source = Service Control Manager | ID = 7001
Description = Le service Service de notification d’événements système dépend du
service Système d’événement COM+ qui n’a pas pu démarrer en raison de l’erreur :
%%1053

Error - 18/05/2012 15:26:59 | Computer Name = PC | Source = Service Control Manager | ID = 7011
Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de
l’attente de la réponse transactionnelle du service ShellHWDetection.

Error - 18/05/2012 15:27:22 | Computer Name = PC | Source = Service Control Manager | ID = 7022
Description = Le service Service de transfert intelligent en arrière-plan est en
attente de démarrage.

Error - 18/05/2012 15:32:53 | Computer Name = PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 a rencontré une erreur lors de la tentative de mise à jour des
signatures. Nouvelle version des signatures : Version précédente des signatures :
1.127.154.0 Source de la mise à jour : %%859 Étape de la mise à jour : %%852 Chemin
d'accès source : http://www.microsoft.com Type de signature : %%800 Type de la mise
à jour : %%803 Utilisateur : AUTORITE NT\Système Version actuelle du moteur : Version
précédente du moteur : 1.1.8403.0 Code d'erreur : 0x8024402c Description de l'erreur :
Un problème inattendu s’est produit lors de la vérification des mises à jour. Pour
plus d’informations sur l’installation ou la résolution des problèmes de mise à
jour, voir Aide et support.


< End of report >

--------------------------------------------------------------------------------
den06
 
Messages: 5
Inscription: 18 Mai 2012, 22:24

Re: Demandes d'étude de rapports d'analyse - ordinateur très

Messagede den06 » 18 Mai 2012, 23:30

Il se peut qu'il y ait pas mal d'erreur dans l'Event Viewer due à des difficultés d'ouverture ou de fermeture de session sauvage.
C’est dur de diagnostiquer avec un ordinateur qui ne veut pas répondre.

Merci encore,
Denis.
den06
 
Messages: 5
Inscription: 18 Mai 2012, 22:24


Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 6 invités