Demande d'analyse (help ?)

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

Demande d'analyse (help ?)

Messagede Yoram » 09 Juin 2012, 20:44

Bonjour et merci par avance pour l'aide que vous pourrez m'apporter !

Les Symptômes :
- Blue screen fréquents (3/4 fois par semaine)
- Les MAJ automatiques de Windows Update ne fonctionnent plus. Quand je le lance manuellement j'ai droit au message suivant : "Windows Update ne peut pas actuellement rechercher des mises à jour car le service n'est pas en cours". Lancer le service manuellement n'a servi à rien pas plus que de reseter l'historique de windows update ou ses registres. FixIt n' a rien donné non plus. Plus de mises à jour de sécurité donc.

Autres symptômes moins probant mais bon :
- Plantage des navigateurs ultra-fréquents Chrome ou Firefox - généralement c'est flash qui plante.
- Connexion internet qui saute sans arrêt. Je pensais que ma connexion free était responsable mais au vu de tous les autres symptômes ça n'est peut-être pas ça !

Suivent les rapports Malwarebytes et OTL.
Da Machine
  • Système d'exploitation + version :
    • Win 7 Edition familliale premium 6.1
    • SP1
  • Configuration sécurité
    • Pare-feu + version
      Parefeu Windows
    • Antivirus
      Avast
    • Anti-trojans
      Emsisoft Anti-Malware
    • Anti-publicités et pop-up
      Adblock
    • Protection navigation
      Avast
  • Configuration optimisation système
    • Nettoyeur fichiers
      CCleaner
    • Nettoyeur registre
      CCleaner
Yoram
 
Messages: 5
Inscription: 09 Juin 2012, 18:26

Re: Demande d'analyse

Messagede Yoram » 09 Juin 2012, 20:46

Rapport Malwarebytes :
Malwarebytes Anti-Malware 1.61.0.1400
http://www.malwarebytes.org

Version de la base de données: v2012.06.09.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
win7 :: WIN7-PC [administrateur]

09/06/2012 20:33:01
mbam-log-2012-06-09 (20-33-01).txt

Type d'examen: Examen rapide
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 219439
Temps écoulé: 57 seconde(s)

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)

Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)

Fichier(s) détecté(s): 0
(Aucun élément nuisible détecté)

(fin)
<End>
Da Machine
  • Système d'exploitation + version :
    • Win 7 Edition familliale premium 6.1
    • SP1
  • Configuration sécurité
    • Pare-feu + version
      Parefeu Windows
    • Antivirus
      Avast
    • Anti-trojans
      Emsisoft Anti-Malware
    • Anti-publicités et pop-up
      Adblock
    • Protection navigation
      Avast
  • Configuration optimisation système
    • Nettoyeur fichiers
      CCleaner
    • Nettoyeur registre
      CCleaner
Yoram
 
Messages: 5
Inscription: 09 Juin 2012, 18:26

Re: Demande d'analyse

Messagede Yoram » 09 Juin 2012, 20:47

OTL.txt (partie 1)

OTL logfile created on: 09/06/2012 20:40:36 - Run 1
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\win7\Desktop\CURE
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

4,00 Gb Total Physical Memory | 2,59 Gb Available Physical Memory | 64,66% Memory free
8,00 Gb Paging File | 6,22 Gb Available in Paging File | 77,75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 701,78 Gb Free Space | 75,35% Space Free | Partition Type: NTFS
Drive D: | 7,72 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: WIN7-PC | User Name: win7 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/06/09 20:18:36 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\win7\Desktop\CURE\OTL.exe
PRC - [2012/05/15 12:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/05/15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/04/27 20:54:23 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/04/20 16:09:02 | 003,065,120 | ---- | M] (Emsisoft GmbH) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
PRC - [2012/03/07 02:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/03/07 02:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/01/03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/06/30 20:29:06 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2011/02/15 21:53:12 | 014,037,424 | ---- | M] (Open Text Inc.) -- C:\Program Files (x86)\FirstClass\fcc32.exe


========== Modules (No Company Name) ==========

MOD - [2012/04/27 20:54:23 | 001,952,696 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/02/09 09:40:22 | 000,873,472 | ---- | M] () -- C:\Program Files (x86)\FirstClass\CFLite.dll
MOD - [2011/02/08 11:47:46 | 001,546,752 | ---- | M] () -- C:\Program Files (x86)\FirstClass\Cairo.dll
MOD - [2011/02/08 11:40:50 | 001,611,264 | ---- | M] () -- C:\Program Files (x86)\FirstClass\libxml.dll
MOD - [2011/02/08 11:22:20 | 000,076,288 | ---- | M] () -- C:\Program Files (x86)\FirstClass\pthreads.dll
MOD - [2011/02/08 11:17:00 | 000,389,632 | ---- | M] () -- C:\Program Files (x86)\FirstClass\libcurl.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/03/07 02:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011/11/25 17:43:34 | 000,427,640 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\x64\maconfservice.exe -- (maconfservice)
SRV:64bit: - [2011/09/27 21:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe -- (LBTServ)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2012/05/15 12:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/05/15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/04/27 20:54:24 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/04/23 20:44:14 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/20 16:09:02 | 003,065,120 | ---- | M] (Emsisoft GmbH) [Auto | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2012/01/03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/12/30 18:25:58 | 003,487,128 | ---- | M] (Check Point Software Technologies) [On_Demand | Stopped] -- C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe -- (TracSrvWrapper)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/03/07 02:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/03/07 02:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/03/07 02:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/03/07 02:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/03/07 02:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/03/07 02:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/03/01 01:20:45 | 000,120,920 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2011/09/02 08:30:46 | 000,042,776 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2011/09/02 08:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011/09/02 08:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011/07/21 20:55:50 | 000,016,640 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys -- (driverhardwarev2x64)
DRV:64bit: - [2011/06/02 07:47:22 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011/06/02 07:47:22 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV:64bit: - [2011/06/02 07:47:22 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/21 07:55:02 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)
DRV:64bit: - [2010/12/21 07:55:02 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV:64bit: - [2010/12/21 07:55:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2010/12/21 07:55:02 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2009/12/30 17:25:54 | 000,161,256 | ---- | M] (Check Point Software Technologies) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vnaap.sys -- (vna_ap)
DRV:64bit: - [2009/10/13 02:15:52 | 000,061,440 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\l160x64.sys -- (AtcL001)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2005/03/29 01:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2011/11/02 11:13:26 | 000,041,728 | ---- | M] (Emsi Software GmbH) [File_System | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys -- (a2injectiondriver)
DRV - [2011/11/02 11:13:12 | 000,063,880 | ---- | M] (Emsi Software GmbH) [File_System | On_Demand | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys -- (a2acc)
DRV - [2011/05/19 14:10:34 | 000,023,208 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys -- (A2DDA)
DRV - [2011/05/18 20:13:27 | 000,024,448 | ---- | M] (FNet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\fnetthjm.sys -- (FNETTHJM)
DRV - [2010/05/05 09:40:54 | 000,014,720 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys -- (a2util)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2626555201-1322398822-2288397854-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2626555201-1322398822-2288397854-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2626555201-1322398822-2288397854-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-FR
IE - HKU\S-1-5-21-2626555201-1322398822-2288397854-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6F 69 85 BA 68 F9 CC 01 [binary data]
IE - HKU\S-1-5-21-2626555201-1322398822-2288397854-1000\..\SearchScopes,DefaultScope = {BCEA3B97-01AC-40E7-90CC-AA7AE871AA77}
IE - HKU\S-1-5-21-2626555201-1322398822-2288397854-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2626555201-1322398822-2288397854-1000\..\SearchScopes\{BCEA3B97-01AC-40E7-90CC-AA7AE871AA77}: "URL" = http://www.google.com/search?hl=en&q={searchTerms}
IE - HKU\S-1-5-21-2626555201-1322398822-2288397854-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_233.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\x64\nphardwaredetection.dll (Cybelsoft)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\win7\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\win7\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/03/23 20:52:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/04/27 20:54:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/01/20 14:56:39 | 000,000,000 | ---D | M]

[2011/04/10 23:34:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\win7\AppData\Roaming\mozilla\Extensions
[2012/05/21 21:31:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\win7\AppData\Roaming\mozilla\Firefox\Profiles\m1bp9e7j.default\extensions
[2012/02/19 03:32:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/01/07 19:35:18 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\WIN7\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\M1BP9E7J.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012/05/21 21:31:22 | 001,335,949 | ---- | M] () (No name found) -- C:\USERS\WIN7\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\M1BP9E7J.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI
[2012/04/27 20:54:24 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/02/17 17:43:49 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/06/30 20:30:14 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012/02/16 14:39:21 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-france.xml
[2012/02/16 14:39:21 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/02/16 14:39:21 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2012/02/16 14:39:21 | 000,001,154 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-france.xml
[2012/02/16 14:39:21 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-fr.xml
[2012/02/16 14:39:21 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-france.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\win7\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\win7\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\win7\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\win7\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Ma-Config.com plugin (Enabled) = C:\Program Files\ma-config.com\nphardwaredetection.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Recherche Google = C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: Gmail = C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2011/11/20 19:05:58 | 000,000,856 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [emsisoft anti-malware] c:\program files (x86)\emsisoft anti-malware\a2guard.exe (Emsisoft GmbH)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2626555201-1322398822-2288397854-1000..\Run: [MusicManager] C:\Users\win7\AppData\Local\Programs\Google\MusicManager\MusicManager.exe (Google Inc.)
O4 - HKU\S-1-5-21-2626555201-1322398822-2288397854-1001..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2626555201-1322398822-2288397854-1001..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\win7\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data]
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data]
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support-org.asus.com/common/asusTek_sys_ctrl.cab (asusTek_sysctrl Class)
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://fichiers.touslesdrivers.com/maco ... _1_1_0.cab ("Ma-Config.com control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{691DAE2C-2A5E-45B5-8A01-2AE4C0B21935}: DhcpNameServer = 212.27.40.240 212.27.40.241
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


CREATERESTOREPOINT
Restore point Set: OTL Restore Point
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2012/06/09 20:26:20 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/06/09 20:24:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2012/06/09 20:24:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2012/06/09 20:21:20 | 000,000,000 | ---D | C] -- C:\Users\win7\AppData\Roaming\Malwarebytes
[2012/06/09 20:21:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/06/09 20:21:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/06/09 20:21:05 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/06/09 20:21:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/06/09 20:18:19 | 000,000,000 | ---D | C] -- C:\Users\win7\Desktop\CURE
[2012/06/09 16:55:52 | 000,000,000 | ---D | C] -- C:\ZHP
[2012/06/09 16:55:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
[2012/06/09 16:55:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZHPDiag
[2012/06/09 16:42:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis
[2012/06/09 16:42:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2012/06/09 16:31:54 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012/06/09 12:37:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
[2012/06/09 12:37:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emsisoft Anti-Malware
[2012/06/09 12:37:35 | 000,000,000 | ---D | C] -- C:\Users\win7\Documents\Anti-Malware
[2012/06/09 12:26:18 | 000,000,000 | ---D | C] -- C:\Users\win7\Documents\Simply Super Software
[2012/06/09 12:26:17 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2012/05/25 20:48:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012/05/25 20:44:52 | 025,743,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012/05/25 20:44:52 | 025,248,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012/05/25 20:44:52 | 019,607,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012/05/25 20:44:52 | 017,551,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012/05/25 20:44:52 | 008,139,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012/05/25 20:44:52 | 008,105,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2012/05/25 20:44:52 | 005,982,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2012/05/25 20:44:52 | 002,881,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012/05/25 20:44:52 | 002,681,664 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012/05/25 20:44:52 | 002,524,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012/05/25 20:44:52 | 002,445,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012/05/25 20:44:52 | 002,368,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2012/05/25 17:00:00 | 000,000,000 | ---D | C] -- C:\Users\win7\Desktop\die antwoord - $o$ lp
[2012/05/12 00:32:23 | 000,000,000 | ---D | C] -- C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/05/11 15:16:35 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/05/11 15:16:32 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/05/11 15:16:30 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/05/11 15:16:29 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe

========== Files - Modified Within 30 Days ==========

[2012/06/09 20:42:24 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/06/09 20:24:43 | 000,001,108 | ---- | M] () -- C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2012/06/09 20:24:30 | 000,000,909 | ---- | M] () -- C:\Users\win7\Desktop\ERUNT.lnk
[2012/06/09 20:23:22 | 000,005,024 | ---- | M] () -- C:\Users\win7\Desktop\erunt-loc_fr.zip
[2012/06/09 20:21:08 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/06/09 17:01:30 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/09 17:01:30 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/09 16:26:41 | 000,001,060 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/09 16:22:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/09 16:22:07 | 3220,529,152 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/09 13:52:00 | 000,001,074 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2626555201-1322398822-2288397854-1000UA.job
[2012/06/09 13:52:00 | 000,001,022 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2626555201-1322398822-2288397854-1000Core.job
[2012/06/09 13:40:00 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/09 13:39:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/06/09 12:37:51 | 000,001,119 | ---- | M] () -- C:\Users\win7\Application Data\Microsoft\Internet Explorer\Quick Launch\Emsisoft Anti-Malware.lnk
[2012/06/09 10:35:12 | 000,000,280 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{D3BC2CF9-65E1-41C2-A8B8-88301F6BDE5F}.job
[2012/06/09 10:34:36 | 000,001,010 | ---- | M] () -- C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012/06/09 10:34:07 | 000,000,976 | ---- | M] () -- C:\Users\win7\Desktop\Dropbox.lnk
[2012/06/02 19:39:35 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/05/29 21:34:29 | 000,009,373 | ---- | M] () -- C:\Users\win7\AppData\Local\Temp8.html
[2012/05/29 21:34:07 | 000,001,955 | ---- | M] () -- C:\Users\win7\AppData\Local\Temp1.html
[2012/05/28 22:37:57 | 000,102,277 | ---- | M] () -- C:\Users\win7\Desktop\loto.jpg
[2012/05/15 12:48:00 | 025,743,168 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012/05/15 12:48:00 | 025,248,064 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012/05/15 12:48:00 | 019,607,872 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012/05/15 12:48:00 | 018,044,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012/05/15 12:48:00 | 017,551,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012/05/15 12:48:00 | 015,322,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2012/05/15 12:48:00 | 010,194,752 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2012/05/15 12:48:00 | 008,139,072 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012/05/15 12:48:00 | 008,105,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2012/05/15 12:48:00 | 005,982,528 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2012/05/15 12:48:00 | 002,881,856 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012/05/15 12:48:00 | 002,741,568 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2012/05/15 12:48:00 | 002,681,664 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012/05/15 12:48:00 | 002,524,992 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012/05/15 12:48:00 | 002,445,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012/05/15 12:48:00 | 002,368,832 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2012/05/15 12:48:00 | 001,738,048 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2012/05/15 12:48:00 | 001,468,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64.dll
[2012/05/15 12:48:00 | 000,068,928 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012/05/15 12:48:00 | 000,061,248 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012/05/15 12:48:00 | 000,014,324 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2012/05/15 11:29:46 | 002,561,856 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2012/05/15 11:29:46 | 000,118,080 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2012/05/15 11:29:46 | 000,063,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2012/05/15 11:29:25 | 003,149,632 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2012/05/15 11:28:42 | 006,151,488 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2012/05/15 02:21:50 | 000,423,744 | ---- | M] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012/05/14 23:21:18 | 007,647,658 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2012/05/14 23:21:18 | 002,684,356 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/05/14 23:21:18 | 002,400,712 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2012/05/14 23:21:18 | 002,081,232 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/05/14 23:21:18 | 000,005,194 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/05/12 00:19:03 | 000,274,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

========== Files Created - No Company Name ==========

[2012/06/09 20:42:24 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012/06/09 20:24:43 | 000,001,108 | ---- | C] () -- C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2012/06/09 20:24:30 | 000,000,909 | ---- | C] () -- C:\Users\win7\Desktop\ERUNT.lnk
[2012/06/09 20:23:21 | 000,005,024 | ---- | C] () -- C:\Users\win7\Desktop\erunt-loc_fr.zip
[2012/06/09 20:21:08 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/06/09 12:37:51 | 000,001,119 | ---- | C] () -- C:\Users\win7\Application Data\Microsoft\Internet Explorer\Quick Launch\Emsisoft Anti-Malware.lnk
[2012/06/09 10:35:12 | 000,000,280 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{D3BC2CF9-65E1-41C2-A8B8-88301F6BDE5F}.job
[2012/06/09 10:34:36 | 000,001,010 | ---- | C] () -- C:\Users\win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012/05/28 22:37:57 | 000,102,277 | ---- | C] () -- C:\Users\win7\Desktop\loto.jpg
[2012/05/25 20:21:17 | 000,009,373 | ---- | C] () -- C:\Users\win7\AppData\Local\Temp8.html
[2012/05/15 02:21:50 | 000,423,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012/04/27 16:59:03 | 000,010,683 | ---- | C] () -- C:\Users\win7\AppData\Local\Temp9.html
[2012/02/29 23:17:02 | 000,001,955 | ---- | C] () -- C:\Users\win7\AppData\Local\Temp1.html
[2012/01/13 02:45:34 | 000,007,605 | ---- | C] () -- C:\Users\win7\AppData\Local\Resmon.ResmonCfg
[2011/04/11 00:53:25 | 000,002,528 | ---- | C] () -- C:\Windows\FCIC.INI
[2011/03/02 23:57:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011/01/29 17:00:22 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011/01/29 17:00:22 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011/01/29 17:00:22 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011/01/29 17:00:22 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll

========== LOP Check ==========

[2011/04/09 20:21:25 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\AVG10
[2011/04/30 03:16:56 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\CheckPoint
[2012/06/09 16:23:11 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\Dropbox
[2011/06/02 12:14:57 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\EAC
[2011/11/19 20:00:30 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\FUJIFILM
[2011/04/17 15:49:41 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\GetRightToGo
[2012/04/21 13:52:40 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\Guitar Pro 6
[2012/03/03 20:48:53 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\Leadertech
[2011/04/17 15:50:43 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\Samsung
[2011/09/10 14:23:10 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\Spotify
[2012/03/01 01:15:37 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\SystemRequirementsLab
[2012/06/09 16:47:34 | 000,000,000 | ---D | M] -- C:\Users\win7\AppData\Roaming\uTorrent
[2012/06/09 16:29:32 | 000,032,482 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/06/09 10:35:12 | 000,000,280 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{D3BC2CF9-65E1-41C2-A8B8-88301F6BDE5F}.job

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: AGP440.SYS >
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CTFMON.EXE >
[2009/07/14 03:39:02 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=42B6A94DD747DF2B5F628A2752E62A98 -- C:\Windows\SysNative\ctfmon.exe
[2009/07/14 03:39:02 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=42B6A94DD747DF2B5F628A2752E62A98 -- C:\Windows\winsxs\amd64_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_f9257e7aaa4290ce\ctfmon.exe
[2009/07/14 03:14:16 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=4A3CDCEF8ED41B221F3DBEF5792FB52D -- C:\Windows\SysWOW64\ctfmon.exe
[2009/07/14 03:14:16 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=4A3CDCEF8ED41B221F3DBEF5792FB52D -- C:\Windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_9d06e2f6f1e51f98\ctfmon.exe

< MD5 for: EXPLORER.EXE >
[2011/02/26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/08/03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: IASTORV.SYS >
[2010/11/20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010/11/20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011/03/11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011/03/11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011/03/11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009/07/14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2009/07/14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010/11/20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010/11/20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2009/07/14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011/03/11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011/03/11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011/03/11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: USERINIT.EXE >
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WININIT.EXE >
[2009/07/14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009/07/14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
Da Machine
  • Système d'exploitation + version :
    • Win 7 Edition familliale premium 6.1
    • SP1
  • Configuration sécurité
    • Pare-feu + version
      Parefeu Windows
    • Antivirus
      Avast
    • Anti-trojans
      Emsisoft Anti-Malware
    • Anti-publicités et pop-up
      Adblock
    • Protection navigation
      Avast
  • Configuration optimisation système
    • Nettoyeur fichiers
      CCleaner
    • Nettoyeur registre
      CCleaner
Yoram
 
Messages: 5
Inscription: 09 Juin 2012, 18:26

Re: Demande d'analyse

Messagede Yoram » 09 Juin 2012, 21:09

OTL.txt (partie 2)


< MD5 for: WINLOGON.EXE >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< End of report >
<end>
Da Machine
  • Système d'exploitation + version :
    • Win 7 Edition familliale premium 6.1
    • SP1
  • Configuration sécurité
    • Pare-feu + version
      Parefeu Windows
    • Antivirus
      Avast
    • Anti-trojans
      Emsisoft Anti-Malware
    • Anti-publicités et pop-up
      Adblock
    • Protection navigation
      Avast
  • Configuration optimisation système
    • Nettoyeur fichiers
      CCleaner
    • Nettoyeur registre
      CCleaner
Yoram
 
Messages: 5
Inscription: 09 Juin 2012, 18:26

Re: Demande d'analyse

Messagede Yoram » 09 Juin 2012, 21:10

Et pour finir le Extra.txt !

OTL Extras logfile created on: 09/06/2012 20:40:36 - Run 1
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\win7\Desktop\CURE
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

4,00 Gb Total Physical Memory | 2,59 Gb Available Physical Memory | 64,66% Memory free
8,00 Gb Paging File | 6,22 Gb Available in Paging File | 77,75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 701,78 Gb Free Space | 75,35% Space Free | Partition Type: NTFS
Drive D: | 7,72 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: WIN7-PC | User Name: win7 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_USERS\S-1-5-21-2626555201-1322398822-2288397854-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1E548010-ECF4-448D-B0E7-123042B4D451}" = lport=48113 | protocol=6 | dir=in | name=maconfig_tcp |
"{22932CE2-12D5-4A11-910E-2AD725410E88}" = rport=139 | protocol=6 | dir=out | app=system |
"{29BF9018-4FF1-42CE-93EA-2351484E994E}" = lport=48113 | protocol=17 | dir=in | name=maconfig_udp |
"{3088A19B-47A9-46B5-897E-CC2588831CDF}" = lport=48113 | protocol=17 | dir=in | name=maconfig_udp |
"{3DF60484-1A58-4865-9355-CEA2B15E14A9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{46A4DDA1-5F64-4A6A-8E0E-E717B1611C4E}" = lport=138 | protocol=17 | dir=in | app=system |
"{53CDC2EE-2FD6-4DB4-B938-7A1106C07416}" = rport=137 | protocol=17 | dir=out | app=system |
"{8FD4ADAE-C83A-44E3-A3AE-AC46ED6FA886}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{A704FC8C-F803-4FF1-BD27-B1EAFAB9C1EE}" = rport=445 | protocol=6 | dir=out | app=system |
"{B30B17EB-45AF-46E0-B54E-9353C5F77302}" = lport=48113 | protocol=6 | dir=in | name=maconfig_tcp |
"{BBF996E5-9629-41E9-AB9C-F90089C97050}" = lport=445 | protocol=6 | dir=in | app=system |
"{D36832F2-C344-46A7-B18F-8554C799162F}" = lport=137 | protocol=17 | dir=in | app=system |
"{E26C7808-0858-4D35-AB08-CCD02922BE4C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E36F6BA4-FE56-4C9C-AD92-8B15EC0D4E92}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E48A9F23-4F2F-4F32-9BF9-DF0CAEF050C1}" = rport=138 | protocol=17 | dir=out | app=system |
"{F05317A8-8AEA-4EE3-B936-1DAC5EDF477F}" = lport=139 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C300D12-520A-4F26-9E53-0F7AE84252AA}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{2C6B714A-AB13-4D86-90DF-3693E0358F6C}" = dir=in | app=c:\program files (x86)\checkpoint\endpoint connect\trgui.exe |
"{2EDFE6AB-AA6D-44E1-A07F-F098496847A4}" = protocol=17 | dir=in | app=c:\program files\ma-config.com\x64\maconfservice.exe |
"{3D49BF4F-B155-410D-B24F-095DF4E85D9A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{5964F738-C178-44CF-A3F7-291655BFECE9}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{63FBFBF6-C2B8-4219-B9ED-25EF3F19E40E}" = dir=in | app=c:\program files (x86)\checkpoint\endpoint connect\trgui.exe |
"{B17A6CCE-992B-459E-A532-4B7F58F8DB00}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B9569763-31DB-4BE9-9391-1258465941DD}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{BA6192B7-C06A-4AE8-9584-C3F3F8C3F5AA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{BCFC6399-BABC-4BCD-B1C5-201837F9C70D}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{C85DC661-9AAB-4FCF-97A0-5E9EF42E7DAC}" = protocol=6 | dir=in | app=c:\program files\ma-config.com\x64\maconfservice.exe |
"{C952DB3E-6FA1-4B7A-9E75-C94A42FD4EC4}" = protocol=17 | dir=in | app=c:\users\win7\appdata\roaming\dropbox\bin\dropbox.exe |
"{DEC8B815-39B2-401B-B024-AA252CF9DF91}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{EC52D102-E666-4D44-AE07-B8AB9A77F185}" = dir=in | app=c:\program files (x86)\checkpoint\endpoint connect\tracsrvwrapper.exe |
"{F569E3CD-0618-4881-9E79-76911F7A6286}" = dir=in | app=c:\program files (x86)\checkpoint\endpoint connect\tracsrvwrapper.exe |
"{F70C5303-23A6-4970-8A9D-FD8C2946D81E}" = protocol=6 | dir=in | app=c:\users\win7\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{352ADBA5-237E-43F3-BB1B-03318F209569}C:\program files (x86)\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
"TCP Query User{48CAA172-7D76-4A2A-8F0E-7852AEF49B1B}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{7C79E9A6-074D-438B-A658-EC2D96FA1268}C:\users\win7\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\win7\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{85983A7E-1484-40BA-9387-D66FC8A0CDF1}C:\program files (x86)\soulseekns\slsk.exe" = protocol=6 | dir=in | app=c:\program files (x86)\soulseekns\slsk.exe |
"TCP Query User{89CAFF42-4A54-4B9E-9981-B01A316115AC}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{99836344-556A-4AD8-A747-91B0525F0CE7}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"TCP Query User{ABA8E100-394A-4B5E-A989-EE964A23AAC5}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{0002644E-7120-4986-B67B-69F990871010}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"UDP Query User{15D860D8-FB77-41A9-9B27-B42ECD8EE84B}C:\users\win7\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\win7\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{39A214F4-AFB7-4748-90DE-9B6122424630}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{6E5530A9-F0B3-491F-83A4-DD90F61FDABA}C:\program files (x86)\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
"UDP Query User{CEA7AC2B-8538-425D-B843-5E3489677D94}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{CEF4C086-EA43-4752-9F04-2DE0F23EC7AE}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{FA6DB61C-981B-48DB-96B2-0AA85D8F8542}C:\program files (x86)\soulseekns\slsk.exe" = protocol=17 | dir=in | app=c:\program files (x86)\soulseekns\slsk.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = Media Player Classic - Home Cinema v1.5.1.2903 x64
"{44713725-8CC8-4710-B727-DC13A3665F9C}" = Adobe Photoshop Lightroom 3.5 64-bit
"{4B5F58F7-C7D1-3CE3-9B37-B657F0852643}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{812489B5-A2A9-474B-9BE7-55410E0E1DB4}" = Ma-Config.com (64 bits)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Pilote 3D Vision 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panneau de configuration NVIDIA 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Pilote graphique 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Pilote du contrôleur 3D Vision 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Logiciel système PhysX 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Mises à jour NVIDIA 1.8.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CANONIJINBOXADDON100" = Canon Inkjet Printer Driver Add-On Module
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
"sp6" = Logitech SetPoint 6.32
"WhoCrashed_is1" = WhoCrashed 3.03

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1" = Guitar Pro 6
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2869279D-7AE2-4A13-96B8-46078BA3F75B}" = FirstClass® Client
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{30B1CCDB-209B-4E94-8311-379F2E6B6B59}" = RAW FILE CONVERTER EX powered by SILKYPIX
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1036-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Français
"{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1" = Emsisoft Anti-Malware
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{E6B43401-E818-4961-AFED-118DD8E87642}" = RAF
"{e8805c27-8088-4874-b761-1f0458abc6c7}" = Check Point Endpoint Connect
"{EFE3D683-903C-4B58-AB8F-C68C69F33758}" = System Requirements Lab for Intel
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"avast" = avast! Free Antivirus
"CDisplay_is1" = CDisplay 1.8
"ERUNT_is1" = ERUNT 1.1j
"Exact Audio Copy" = Exact Audio Copy 1.0beta2
"FinePix Genie_is1" = FUJIFILM MyFinePix Studio 2.0
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 7.0
"HijackThis" = HijackThis 2.0.2
"InstallShield_{30B1CCDB-209B-4E94-8311-379F2E6B6B59}" = RAW FILE CONVERTER EX powered by SILKYPIX
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Mozilla Firefox 12.0 (x86 fr)" = Mozilla Firefox 12.0 (x86 fr)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Picasa 3" = Picasa 3
"Soulseek2" = SoulSeek 157 NS 13e
"Spotify" = Spotify
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.1
"Winamp" = Winamp
"ZHPDiag_is1" = ZHPDiag 1.31

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2626555201-1322398822-2288397854-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"MusicManager" = Music Manager
"Winamp Detect" = Détection de l'application Winamp

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 09/06/2012 10:34:27 | Computer Name = win7-PC | Source = Application Error | ID = 1000
Description = Nom de l’application défaillante svchost.exe_wuauserv, version : 6.1.7600.16385,
horodatage : 0x4a5bc3c1 Nom du module défaillant : wuaueng.dll, version : 7.5.7601.17514,
horodatage : 0x4ce7b31a Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000003d8b8
ID
du processus défaillant : 0xa64 Heure de début de l’application défaillante : 0x01cd464cf8ceb4fb
Chemin
d’accès de l’application défaillante : C:\Windows\system32\svchost.exe Chemin d’accès
du module défaillant: c:\windows\system32\wuaueng.dll ID de rapport : 369c457a-b240-11e1-abb9-54725ba1630f

Error - 09/06/2012 10:34:28 | Computer Name = win7-PC | Source = Application Error | ID = 1000
Description = Nom de l’application défaillante svchost.exe_wuauserv, version : 6.1.7600.16385,
horodatage : 0x4a5bc3c1 Nom du module défaillant : wuaueng.dll, version : 7.5.7601.17514,
horodatage : 0x4ce7b31a Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000003d8b8
ID
du processus défaillant : 0x474 Heure de début de l’application défaillante : 0x01cd464cf97b9158
Chemin
d’accès de l’application défaillante : C:\Windows\system32\svchost.exe Chemin d’accès
du module défaillant: c:\windows\system32\wuaueng.dll ID de rapport : 374948ed-b240-11e1-abb9-54725ba1630f

Error - 09/06/2012 10:34:32 | Computer Name = win7-PC | Source = Application Error | ID = 1000
Description = Nom de l’application défaillante svchost.exe_wuauserv, version : 6.1.7600.16385,
horodatage : 0x4a5bc3c1 Nom du module défaillant : wuaueng.dll, version : 7.5.7601.17514,
horodatage : 0x4ce7b31a Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000003d8b8
ID
du processus défaillant : 0x49c Heure de début de l’application défaillante : 0x01cd464cfbea2907
Chemin
d’accès de l’application défaillante : C:\Windows\system32\svchost.exe Chemin d’accès
du module défaillant: c:\windows\system32\wuaueng.dll ID de rapport : 39d4dee9-b240-11e1-abb9-54725ba1630f

Error - 09/06/2012 10:37:19 | Computer Name = win7-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Échec de l’extraction de la liste racine tierce depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon
la vérification par rapport à l’horloge système en cours ou le tampon daté dans
le fichier signé. .

Error - 09/06/2012 10:37:19 | Computer Name = win7-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Échec de l’extraction de la liste racine tierce depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon
la vérification par rapport à l’horloge système en cours ou le tampon daté dans
le fichier signé. .

Error - 09/06/2012 10:41:03 | Computer Name = win7-PC | Source = Application Error | ID = 1000
Description = Nom de l’application défaillante svchost.exe_ProfSvc, version : 6.1.7600.16385,
horodatage : 0x4a5bc3c1 Nom du module défaillant : wuaueng.dll, version : 7.5.7601.17514,
horodatage : 0x4ce7b31a Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000003d8b8
ID
du processus défaillant : 0x6fc Heure de début de l’application défaillante : 0x01cd464cfc4dce4d
Chemin
d’accès de l’application défaillante : C:\Windows\system32\svchost.exe Chemin d’accès
du module défaillant: c:\windows\system32\wuaueng.dll ID de rapport : 2320de27-b241-11e1-abb9-54725ba1630f

Error - 09/06/2012 10:47:01 | Computer Name = win7-PC | Source = Application Error | ID = 1000
Description = Nom de l’application défaillante svchost.exe_ProfSvc, version : 6.1.7600.16385,
horodatage : 0x4a5bc3c1 Nom du module défaillant : wuaueng.dll, version : 7.5.7601.17514,
horodatage : 0x4ce7b31a Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000003d8b8
ID
du processus défaillant : 0xc10 Heure de début de l’application défaillante : 0x01cd464de5c7e317
Chemin
d’accès de l’application défaillante : C:\Windows\system32\svchost.exe Chemin d’accès
du module défaillant: c:\windows\system32\wuaueng.dll ID de rapport : f8817b2d-b241-11e1-abb9-54725ba1630f

Error - 09/06/2012 10:47:20 | Computer Name = win7-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Échec de l’extraction de la liste racine tierce depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon
la vérification par rapport à l’horloge système en cours ou le tampon daté dans
le fichier signé. .

Error - 09/06/2012 11:18:34 | Computer Name = win7-PC | Source = Application Error | ID = 1000
Description = Nom de l’application défaillante svchost.exe_ProfSvc, version : 6.1.7600.16385,
horodatage : 0x4a5bc3c1 Nom du module défaillant : wuaueng.dll, version : 7.5.7601.17514,
horodatage : 0x4ce7b31a Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000003d8b8
ID
du processus défaillant : 0xf10 Heure de début de l’application défaillante : 0x01cd464ebb24af69
Chemin
d’accès de l’application défaillante : C:\Windows\system32\svchost.exe Chemin d’accès
du module défaillant: c:\windows\system32\wuaueng.dll ID de rapport : 60d0951f-b246-11e1-abb9-54725ba1630f

Error - 09/06/2012 13:36:06 | Computer Name = win7-PC | Source = Application Error | ID = 1000
Description = Nom de l’application défaillante svchost.exe_Winmgmt, version : 6.1.7600.16385,
horodatage : 0x4a5bc3c1 Nom du module défaillant : wuaueng.dll, version : 7.5.7601.17514,
horodatage : 0x4ce7b31a Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000003d8b8
ID
du processus défaillant : 0x604 Heure de début de l’application défaillante : 0x01cd46532380dfea
Chemin
d’accès de l’application défaillante : C:\Windows\system32\svchost.exe Chemin d’accès
du module défaillant: c:\windows\system32\wuaueng.dll ID de rapport : 976848c1-b259-11e1-abb9-54725ba1630f

Error - 09/06/2012 13:36:37 | Computer Name = win7-PC | Source = Application Error | ID = 1000
Description = Nom de l’application défaillante svchost.exe_wuauserv, version : 6.1.7600.16385,
horodatage : 0x4a5bc3c1 Nom du module défaillant : wuaueng.dll, version : 7.5.7601.17514,
horodatage : 0x4ce7b31a Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000003d8b8
ID
du processus défaillant : 0x5a4 Heure de début de l’application défaillante : 0x01cd46665a0a1d7e
Chemin
d’accès de l’application défaillante : C:\Windows\system32\svchost.exe Chemin d’accès
du module défaillant: c:\windows\system32\wuaueng.dll ID de rapport : a99edfb7-b259-11e1-abb9-54725ba1630f

[ Media Center Events ]
Error - 14/06/2011 17:25:32 | Computer Name = win7-PC | Source = MCUpdate | ID = 0
Description = 23:25:32 - Erreur de connexion à Internet. 23:25:32 - Impossible
de contacter le service..

Error - 14/06/2011 17:25:41 | Computer Name = win7-PC | Source = MCUpdate | ID = 0
Description = 23:25:37 - Erreur de connexion à Internet. 23:25:37 - Impossible
de contacter le service..

Error - 02/07/2011 11:11:18 | Computer Name = win7-PC | Source = MCUpdate | ID = 0
Description = 17:11:18 - Erreur de connexion à Internet. 17:11:18 - Impossible
de contacter le service..

Error - 02/07/2011 11:11:29 | Computer Name = win7-PC | Source = MCUpdate | ID = 0
Description = 17:11:26 - Erreur de connexion à Internet. 17:11:26 - Impossible
de contacter le service..

Error - 31/07/2011 07:52:41 | Computer Name = win7-PC | Source = MCUpdate | ID = 0
Description = 13:52:41 - Erreur de connexion à Internet. 13:52:41 - Impossible
de contacter le service..

[ System Events ]
Error - 08/12/2011 19:45:11 | Computer Name = win7-PC | Source = AtcL001 | ID = 194
Description =

Error - 08/12/2011 19:45:11 | Computer Name = win7-PC | Source = AtcL001 | ID = 194
Description =

Error - 08/12/2011 19:45:12 | Computer Name = win7-PC | Source = AtcL001 | ID = 194
Description =

Error - 08/12/2011 19:45:12 | Computer Name = win7-PC | Source = AtcL001 | ID = 194
Description =

Error - 09/12/2011 13:15:37 | Computer Name = win7-PC | Source = Service Control Manager | ID = 7030
Description = Le service Check Point Endpoint Connect est marqué comme étant interactif.
Cependant, le système est configuré pour ne pas autoriser les services interactifs.
Ce service peut ne pas fonctionner correctement.

Error - 09/12/2011 16:53:25 | Computer Name = win7-PC | Source = DCOM | ID = 10005
Description =

Error - 09/12/2011 16:53:25 | Computer Name = win7-PC | Source = Service Control Manager | ID = 7038
Description = Le service upnphost n’a pas pu ouvrir de session en tant que NT AUTHORITY\LocalService
avec le mot de passe actuellement configuré en raison de l’erreur suivante : %%1352

Pour
vous assurer que le service est configuré correctement, utilisez le composant logiciel
enfichable Services dans Microsoft Management Console (MMC).

Error - 09/12/2011 16:53:25 | Computer Name = win7-PC | Source = Service Control Manager | ID = 7000
Description = Le service Hôte de périphérique UPnP n’a pas pu démarrer en raison
de l’erreur : %%1069

Error - 09/12/2011 16:53:25 | Computer Name = win7-PC | Source = Service Control Manager | ID = 7038
Description = Le service upnphost n’a pas pu ouvrir de session en tant que NT AUTHORITY\LocalService
avec le mot de passe actuellement configuré en raison de l’erreur suivante : %%1352

Pour
vous assurer que le service est configuré correctement, utilisez le composant logiciel
enfichable Services dans Microsoft Management Console (MMC).

Error - 09/12/2011 16:53:25 | Computer Name = win7-PC | Source = Service Control Manager | ID = 7000
Description = Le service Hôte de périphérique UPnP n’a pas pu démarrer en raison
de l’erreur : %%1069


< End of report >
Da Machine
  • Système d'exploitation + version :
    • Win 7 Edition familliale premium 6.1
    • SP1
  • Configuration sécurité
    • Pare-feu + version
      Parefeu Windows
    • Antivirus
      Avast
    • Anti-trojans
      Emsisoft Anti-Malware
    • Anti-publicités et pop-up
      Adblock
    • Protection navigation
      Avast
  • Configuration optimisation système
    • Nettoyeur fichiers
      CCleaner
    • Nettoyeur registre
      CCleaner
Yoram
 
Messages: 5
Inscription: 09 Juin 2012, 18:26


Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Google [Bot] et 11 invités

cron