Supprimer PUP.Optional.PlusHD.A
Résolu/Fermé
fitness77166
Messages postés
5
Date d'inscription
mercredi 19 février 2014
Statut
Membre
Dernière intervention
19 février 2014
-
Modifié par Malekal_morte- le 19/02/2014 à 11:00
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 3 mars 2014 à 17:50
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 3 mars 2014 à 17:50
A voir également:
- Supprimer PUP.Optional.PlusHD.A
- Supprimer une page word - Guide
- Supprimer compte instagram - Guide
- Impossible de supprimer un fichier - Guide
- Supprimer edge - Guide
- Supprimer pub youtube - Accueil - Streaming
9 réponses
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 658
Modifié par Malekal_morte- le 19/02/2014 à 10:59
Modifié par Malekal_morte- le 19/02/2014 à 10:59
Salut,
"Aucune action effectuée.
Sur le scan, clic droit puis cocher tout
puis bouton supprimer selection pour tout supprimer
ensuite :
Tu as installé des adwares et programmes parasites sur ton PC.
Voici la procédure à suivre pour les supprimer :
Un nettoyage AdwCleaner (environ 10/15min) :
======================================
Suis ce tutorial https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/?t=33839&start= AdwCleaner ( d'Xplode ) sur ton bureau.
Vas sur le lien, télécharge AdwCleaner comme indiqué.
Lance AdwCleaner, clique sur [Scanner].
Le scan peux durer plusieurs minutes, patienter.
Une fois le scan terminé, clique sur [Nettoyer]
Une fois le nettoyage terminé, un rapport s'ouvrira. Copie/colle le contenu du rapport dans ta prochaine réponse par un copier/coller.
Si cela ne fonctionne pas, utilise le site http://pjjoint.malekal.com pour héberger le rapport, donne le lien du rapport dans un nouveau message.
Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt
puis réinitialise tes navigateurs (5min):
==================================
Réinitialise tes navigateurs :
* Firefox : https://www.malekal.com/reparer-firefox/?t=36057&start=
* Google Chrome : https://www.malekal.com/reparer-google-chrome/?t=35837&start=
Faire un Scan OTL - Temps : Environ 40min
=============================================
OTL permet de diagnostiquer les programmes qui tournent et déceler des infections - Le programme va générer deux rapports OTL.txt et Extras.txt
Fournir les deux rapports :
Tu peux suivre les indications de cette page pour t'aider : https://www.malekal.com/tutorial-otl/
* Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
Dans le cas d'Avast!, ne pas lancer le programme dans la Sandbox (voir lien d'aide ci-dessus).
* Lance OTL
* En haut à droite de Analyse rapide, coche "tous les utilisateurs"
* Clique sur le bouton Analyse.
**** Si durant le scan - OTL ne répond pas, ne touche à rien et laisse le scan se poursuivre ****
* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer le rapport OTL.txt (et Extra.txt si présent).
Donne le ou les liens pjjoint qui pointent vers ces rapports ici dans une réponse.
Je répète : donne le lien du rapport pjjoint ici en réponse.
NE PAS COPIER/COLLER LE RAPPORT ICI - DONNER LE LIEN PJJOINT DANS UN NOUVEAU MESSAGE
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
"Aucune action effectuée.
Sur le scan, clic droit puis cocher tout
puis bouton supprimer selection pour tout supprimer
ensuite :
Tu as installé des adwares et programmes parasites sur ton PC.
Voici la procédure à suivre pour les supprimer :
Un nettoyage AdwCleaner (environ 10/15min) :
======================================
Suis ce tutorial https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/?t=33839&start= AdwCleaner ( d'Xplode ) sur ton bureau.
Vas sur le lien, télécharge AdwCleaner comme indiqué.
Lance AdwCleaner, clique sur [Scanner].
Le scan peux durer plusieurs minutes, patienter.
Une fois le scan terminé, clique sur [Nettoyer]
Une fois le nettoyage terminé, un rapport s'ouvrira. Copie/colle le contenu du rapport dans ta prochaine réponse par un copier/coller.
Si cela ne fonctionne pas, utilise le site http://pjjoint.malekal.com pour héberger le rapport, donne le lien du rapport dans un nouveau message.
Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt
puis réinitialise tes navigateurs (5min):
==================================
Réinitialise tes navigateurs :
* Firefox : https://www.malekal.com/reparer-firefox/?t=36057&start=
* Google Chrome : https://www.malekal.com/reparer-google-chrome/?t=35837&start=
Faire un Scan OTL - Temps : Environ 40min
=============================================
OTL permet de diagnostiquer les programmes qui tournent et déceler des infections - Le programme va générer deux rapports OTL.txt et Extras.txt
Fournir les deux rapports :
Tu peux suivre les indications de cette page pour t'aider : https://www.malekal.com/tutorial-otl/
* Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
Dans le cas d'Avast!, ne pas lancer le programme dans la Sandbox (voir lien d'aide ci-dessus).
* Lance OTL
* En haut à droite de Analyse rapide, coche "tous les utilisateurs"
* Clique sur le bouton Analyse.
**** Si durant le scan - OTL ne répond pas, ne touche à rien et laisse le scan se poursuivre ****
* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer le rapport OTL.txt (et Extra.txt si présent).
Donne le ou les liens pjjoint qui pointent vers ces rapports ici dans une réponse.
Je répète : donne le lien du rapport pjjoint ici en réponse.
NE PAS COPIER/COLLER LE RAPPORT ICI - DONNER LE LIEN PJJOINT DANS UN NOUVEAU MESSAGE
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
fitness77166
Messages postés
5
Date d'inscription
mercredi 19 février 2014
Statut
Membre
Dernière intervention
19 février 2014
19 févr. 2014 à 14:47
19 févr. 2014 à 14:47
Désole, j'avais omis de nettoyer avant. voici le rapport de adware
# AdwCleaner v3.019 - Rapport créé le 19/02/2014 à 14:42:52
# Mis à jour le 17/02/2014 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : Audrey - AUDREY-HP
# Exécuté depuis : C:\Users\Audrey\Downloads\adwcleaner.exe
# Option : Scanner
***** [ Services ] *****
***** [ Fichiers / Dossiers ] *****
***** [ Raccourcis ] *****
***** [ Registre ] *****
***** [ Navigateurs ] *****
-\\ Internet Explorer v11.0.9600.16518
-\\ Google Chrome v
[ Fichier : C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [15940 octets] - [19/02/2014 09:48:07]
AdwCleaner[R1].txt - [7866 octets] - [19/02/2014 11:09:37]
AdwCleaner[R2].txt - [973 octets] - [19/02/2014 12:33:57]
AdwCleaner[R3].txt - [834 octets] - [19/02/2014 14:42:52]
AdwCleaner[S0].txt - [7070 octets] - [19/02/2014 11:13:38]
########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [953 octets] ##########
# AdwCleaner v3.019 - Rapport créé le 19/02/2014 à 14:42:52
# Mis à jour le 17/02/2014 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : Audrey - AUDREY-HP
# Exécuté depuis : C:\Users\Audrey\Downloads\adwcleaner.exe
# Option : Scanner
***** [ Services ] *****
***** [ Fichiers / Dossiers ] *****
***** [ Raccourcis ] *****
***** [ Registre ] *****
***** [ Navigateurs ] *****
-\\ Internet Explorer v11.0.9600.16518
-\\ Google Chrome v
[ Fichier : C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [15940 octets] - [19/02/2014 09:48:07]
AdwCleaner[R1].txt - [7866 octets] - [19/02/2014 11:09:37]
AdwCleaner[R2].txt - [973 octets] - [19/02/2014 12:33:57]
AdwCleaner[R3].txt - [834 octets] - [19/02/2014 14:42:52]
AdwCleaner[S0].txt - [7070 octets] - [19/02/2014 11:13:38]
########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [953 octets] ##########
fitness77166
Messages postés
5
Date d'inscription
mercredi 19 février 2014
Statut
Membre
Dernière intervention
19 février 2014
19 févr. 2014 à 15:07
19 févr. 2014 à 15:07
rapport de OTL, c'est du chinois pour moi§§§§
Merci de ton aide HFT
OTL logfile created on: 19/02/2014 14:51:37 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Audrey\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy
3,75 Gb Total Physical Memory | 2,56 Gb Available Physical Memory | 68,40% Memory free
7,50 Gb Paging File | 5,78 Gb Available in Paging File | 77,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 920,36 Gb Total Space | 817,10 Gb Free Space | 88,78% Space Free | Partition Type: NTFS
Drive D: | 11,05 Gb Total Space | 1,13 Gb Free Space | 10,20% Space Free | Partition Type: NTFS
Computer Name: AUDREY-HP | User Name: Audrey | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========/color
PRC - [2014/02/19 14:50:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Audrey\Downloads\OTL.exe
PRC - [2014/02/14 03:01:55 | 003,767,096 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/02/14 03:01:54 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/12/21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2010/04/23 20:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010/02/04 05:05:54 | 000,660,136 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2600 Series\lxdnmon.exe
PRC - [2010/02/04 05:05:52 | 000,025,256 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2600 Series\lxdnmsdmon.exe
PRC - [2009/12/02 21:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2009/12/02 21:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2009/10/14 23:53:20 | 000,635,416 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2008/11/20 18:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
[color=#E56717]========== Modules (No Company Name) ==========/color
MOD - [2014/02/14 03:30:46 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll
MOD - [2014/02/14 03:30:41 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll
MOD - [2014/02/14 03:30:36 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll
MOD - [2014/02/14 03:30:33 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll
MOD - [2014/02/14 03:30:20 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014/02/14 03:30:15 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2013/12/03 10:07:03 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2010/11/13 01:54:34 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/02/04 05:05:54 | 000,660,136 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2600 Series\lxdnmon.exe
MOD - [2010/02/04 05:05:52 | 000,025,256 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2600 Series\lxdnmsdmon.exe
MOD - [2010/02/03 06:21:47 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2600 Series\app4r.monitor.core.dll
MOD - [2010/02/03 06:21:47 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2600 Series\app4r.monitor.common.dll
MOD - [2010/02/03 06:20:51 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2600 Series\app4r.devmons.mcmdevmon.dll
MOD - [2009/07/23 16:49:04 | 000,782,336 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2600 Series\lxdndrs.dll
MOD - [2009/07/23 16:48:28 | 000,380,928 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2600 Series\lxdnscw.dll
MOD - [2009/06/26 10:17:07 | 000,012,288 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2600 Series\app4r.devmons.mcmdevmon.autoplayutil.dll
MOD - [2009/05/14 10:46:40 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2600 Series\lxdncaps.dll
MOD - [2007/10/02 11:51:09 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2600 Series\lxdncnv4.dll
MOD - [2007/05/29 04:39:08 | 000,589,824 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2600 Series\lxdndatr.dll
MOD - [2007/03/26 04:39:35 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2600 Series\lxdncats.dll
[color=#E56717]========== Services (SafeList) ==========/color
SRV:[b]64bit:/b - [2014/02/14 03:01:54 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:[b]64bit:/b - [2014/02/06 11:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:/b - [2013/05/27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:[b]64bit:/b - [2010/02/02 00:17:12 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:/b - [2009/04/28 06:58:52 | 000,029,184 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxdnserv.exe -- (lxdnCATSCustConnectService)
SRV:[b]64bit:/b - [2007/11/28 11:51:42 | 001,039,872 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxdncoms.exe -- (lxdn_device)
SRV - [2014/02/05 13:01:32 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/12/21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/06/20 18:24:18 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2010/04/04 00:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/12/02 21:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2009/12/02 21:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2009/10/14 23:53:20 | 000,635,416 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/04/28 06:58:52 | 000,029,184 | ---- | M] () [Auto | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\\lxdnserv.exe -- (lxdnCATSCustConnectService)
SRV - [2007/11/28 11:12:40 | 000,589,824 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxdncoms.exe -- (lxdn_device)
[color=#E56717]========== Driver Services (SafeList) ==========/color
DRV:[b]64bit:/b - [2014/02/14 03:02:00 | 000,080,184 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:[b]64bit:/b - [2014/02/14 03:01:59 | 001,038,072 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:[b]64bit:/b - [2014/02/14 03:01:59 | 000,421,704 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:[b]64bit:/b - [2014/02/14 03:01:59 | 000,078,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:/b - [2013/12/27 15:11:22 | 000,207,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:[b]64bit:/b - [2013/12/03 10:07:05 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:[b]64bit:/b - [2013/12/03 10:07:05 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:[b]64bit:/b - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:[b]64bit:/b - [2012/08/23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:/b - [2012/08/23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:/b - [2012/05/11 06:34:14 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:[b]64bit:/b - [2012/05/11 06:34:12 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:[b]64bit:/b - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:/b - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:/b - [2010/07/08 14:18:38 | 000,694,888 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL8192su.sys -- (RTL8192su)
DRV:[b]64bit:/b - [2010/04/09 00:12:00 | 000,243,744 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:[b]64bit:/b - [2010/03/10 01:33:52 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie)
DRV:[b]64bit:/b - [2010/03/04 14:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:/b - [2010/02/02 00:55:20 | 006,366,720 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:[b]64bit:/b - [2010/02/01 23:24:00 | 000,186,880 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:/b - [2009/12/21 19:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:[b]64bit:/b - [2009/12/02 21:23:38 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:[b]64bit:/b - [2009/12/02 21:23:34 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:[b]64bit:/b - [2009/12/02 21:23:32 | 000,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:[b]64bit:/b - [2009/12/02 21:23:26 | 000,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:[b]64bit:/b - [2009/10/23 09:26:14 | 000,046,592 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:[b]64bit:/b - [2009/10/08 01:13:34 | 000,070,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:/b - [2009/10/08 01:13:34 | 000,028,728 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:/b - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:/b - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:/b - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:/b - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:/b - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:/b - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:/b - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:/b - [2007/05/14 16:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
[color=#E56717]========== Standard Registry (SafeList) ==========/color
[color=#E56717]========== Internet Explorer ==========/color
IE:[b]64bit:/b - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
IE:[b]64bit:/b - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:[b]64bit:/b - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = https://www.google.com/webhp?gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:[b]64bit:/b - HKLM\..\SearchScopes\{83475DD4-638D-44B9-B8EB-6A8D30C6EED9}: "URL" = https://fr.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE:[b]64bit:/b - HKLM\..\SearchScopes\{876B8792-1EAC-44E2-B35F-5CF241A6055D}: "URL" = https://fr.search.yahoo.com/web{searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPDTDF
IE:[b]64bit:/b - HKLM\..\SearchScopes\{8DBCCA26-318D-4D80-97BB-0985D1CD084D}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&form=CPDTDF&pc=CPDTDF&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = https://www.google.com/webhp?gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{83475DD4-638D-44B9-B8EB-6A8D30C6EED9}: "URL" = https://fr.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKLM\..\SearchScopes\{876B8792-1EAC-44E2-B35F-5CF241A6055D}: "URL" = https://fr.search.yahoo.com/web{searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPDTDF
IE - HKLM\..\SearchScopes\{8DBCCA26-318D-4D80-97BB-0985D1CD084D}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&form=CPDTDF&pc=CPDTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{acbd5593-e5ee-4c15-b48f-1823ce819dec}: "URL" = https://hp.mywebsearch.com/mywebsearch/index.html^ZU^xpt175^S05673^fr&si=CNGPgbzsuLcCFUfKtAodyyYAnQ&ptb=717EE340-C2D0-46C0-B7B1-36963BCD3C32&ind=2013052808&n=77fcbf88&psa=&st=sb&searchfor={searchTerms}
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=compaq-desktop.msn.com&ocid=HPDHP&pc=CPDTDF
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = https://www.msn.com/fr-fr?cobrand=compaq-desktop.msn.com&ocid=HPDHP&pc=CPDTDF
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=compaq-desktop.msn.com&ocid=HPDHP&pc=CPDTDF
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes\{83475DD4-638D-44B9-B8EB-6A8D30C6EED9}: "URL" = https://fr.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKU\.DEFAULT\..\SearchScopes\{876B8792-1EAC-44E2-B35F-5CF241A6055D}: "URL" = https://fr.search.yahoo.com/web{searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPDTDF
IE - HKU\.DEFAULT\..\SearchScopes\{8DBCCA26-318D-4D80-97BB-0985D1CD084D}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&form=CPDTDF&pc=CPDTDF&src=IE-SearchBox
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=compaq-desktop.msn.com&ocid=HPDHP&pc=CPDTDF
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = https://www.msn.com/fr-fr?cobrand=compaq-desktop.msn.com&ocid=HPDHP&pc=CPDTDF
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=compaq-desktop.msn.com&ocid=HPDHP&pc=CPDTDF
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\..\SearchScopes\{83475DD4-638D-44B9-B8EB-6A8D30C6EED9}: "URL" = https://fr.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKU\S-1-5-18\..\SearchScopes\{876B8792-1EAC-44E2-B35F-5CF241A6055D}: "URL" = https://fr.search.yahoo.com/web{searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPDTDF
IE - HKU\S-1-5-18\..\SearchScopes\{8DBCCA26-318D-4D80-97BB-0985D1CD084D}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&form=CPDTDF&pc=CPDTDF&src=IE-SearchBox
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2327108792-3824882524-3925735962-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=compaq-desktop.msn.com&ocid=HPDHP&pc=CPDTDF
IE - HKU\S-1-5-21-2327108792-3824882524-3925735962-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
IE - HKU\S-1-5-21-2327108792-3824882524-3925735962-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
IE - HKU\S-1-5-21-2327108792-3824882524-3925735962-1000\..\SearchScopes,DefaultScope = {acbd5593-e5ee-4c15-b48f-1823ce819dec}
IE - HKU\S-1-5-21-2327108792-3824882524-3925735962-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = https://www.google.com/webhp?gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADRA_frFR461
IE - HKU\S-1-5-21-2327108792-3824882524-3925735962-1000\..\SearchScopes\{acbd5593-e5ee-4c15-b48f-1823ce819dec}: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=tele1202&cd=2XzuyEtN2Y1L1QzuyBzz0A0C0CtD0Bzy0DtCyEzztByE0DtBtN0D0Tzu0SyBtByBtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=648652757&ir=
IE - HKU\S-1-5-21-2327108792-3824882524-3925735962-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========/color
FF:[b]64bit:/b - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll File not found
FF:[b]64bit:/b - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:/b - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.7\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013/06/26 19:21:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.7\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
[2013/06/26 19:22:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Audrey\AppData\Roaming\mozilla\Extensions
[2013/05/07 13:18:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[color=#E56717]========== Chrome ==========/color
CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: https://www.google.com/?gws_rd=ssl
CHR - Extension: No name found = C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: No name found = C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2005.45_0\
CHR - Extension: No name found = C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:/b - BHO: (Plus-HD-3.5) - {11111111-1111-1111-1111-110311711180} - C:\Program Files (x86)\Plus-HD-3.5\Plus-HD-3.5-bho64.dll File not found
O2:[b]64bit:/b - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:[b]64bit:/b - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:[b]64bit:/b - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No CLSID value found.
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:[b]64bit:/b - HKLM\..\Toolbar: (no name) - !{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O3:[b]64bit:/b - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:[b]64bit:/b - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:[b]64bit:/b - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:[b]64bit:/b - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:[b]64bit:/b - HKU\S-1-5-21-2327108792-3824882524-3925735962-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:[b]64bit:/b - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4:[b]64bit:/b - HKLM..\Run: [lxdnamon] C:\Program Files (x86)\Lexmark 2600 Series\lxdnamon.exe ()
O4:[b]64bit:/b - HKLM..\Run: [lxdnmon.exe] C:\Program Files (x86)\Lexmark 2600 Series\lxdnmon.exe ()
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [FaxCenterServer] C:\Program Files (x86)\Lexmark Fax Solutions\fm3032.exe ()
O4 - HKLM..\Run: [Magic Desktop for HP notification] C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe (Easybits)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2327108792-3824882524-3925735962-1000..\Run: [CCleaner] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13[b]64bit:/b - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5268184B-D44A-4EDF-BDE9-392884FAE59C}: DhcpNameServer = 192.168.1.254
O18:[b]64bit:/b - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:/b - Protocol\Handler\msdaipp - No CLSID value found
O18:[b]64bit:/b - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:[b]64bit:/b - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:[b]64bit:/b - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:/b - Protocol\Handler\mso-offdap - No CLSID value found
O18:[b]64bit:/b - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:[b]64bit:/b - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:/b - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18:[b]64bit:/b - Protocol\Filter\text/xml - No CLSID value found
O20:[b]64bit:/b - AppInit_DLLs: (c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll) - File not found
O20:[b]64bit:/b - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:/b - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:/b - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:/b - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:/b - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:/b - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:/b - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========/color
[2014/02/19 14:27:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
[2014/02/19 14:27:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZHPDiag
[2014/02/19 14:27:37 | 000,000,000 | ---D | C] -- C:\Users\Audrey\AppData\Roaming\ZHP
[2014/02/19 09:08:09 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/02/19 09:08:01 | 000,000,000 | ---D | C] -- C:\Users\Audrey\AppData\Roaming\Malwarebytes
[2014/02/19 09:07:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/02/19 09:07:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/02/19 09:07:57 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/02/19 09:07:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014/02/14 03:02:15 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/02/14 03:01:18 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/02/14 03:01:17 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/02/14 03:01:17 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/02/14 03:01:16 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/02/14 03:01:16 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/02/14 03:01:16 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/02/14 03:01:16 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/02/14 03:01:15 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/02/14 03:01:14 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/02/14 03:01:14 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/02/14 03:01:14 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/02/14 03:01:14 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/02/14 03:01:14 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/02/14 03:01:13 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/02/14 03:01:13 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/02/14 03:01:13 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/02/14 03:01:12 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/02/14 03:01:12 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/02/14 03:01:12 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/02/14 03:01:11 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/02/14 03:01:08 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/02/14 03:01:08 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/02/14 03:01:05 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/02/13 07:41:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014/02/13 07:41:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014/02/13 07:41:24 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2014/02/13 07:41:24 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2014/02/13 07:41:24 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2014/02/13 07:41:24 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2014/02/13 07:41:24 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2014/02/13 07:41:24 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2014/02/13 07:41:23 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2014/02/13 07:41:23 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2014/02/13 07:41:23 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2014/02/13 07:41:23 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2014/02/13 07:41:23 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2014/02/13 07:41:23 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2014/02/13 07:41:23 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2014/02/13 07:41:23 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2014/02/13 07:41:23 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2014/02/13 07:41:23 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2014/02/13 07:41:23 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2014/02/13 07:41:20 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014/02/13 07:41:19 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2014/02/05 07:36:04 | 003,544,968 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2014/01/25 15:42:17 | 000,000,000 | ---D | C] -- C:\Users\Audrey\AppData\Local\Programs
[2012/06/22 16:47:50 | 004,734,976 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\vfp9r.dll
[2012/06/22 16:47:50 | 003,907,584 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\vfp9t.dll
[2012/06/22 16:47:50 | 001,228,800 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\vfp9rfra.dll
[2012/06/22 16:47:50 | 001,187,840 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\VFP9RENU.DLL
[2004/05/04 20:53:40 | 001,645,320 | R--- | C] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\gdiplus.dll
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========/color
[2014/02/19 14:33:28 | 000,018,736 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/02/19 14:33:28 | 000,018,736 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/02/19 14:31:00 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin
[2014/02/19 14:28:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/02/19 14:27:39 | 000,001,997 | ---- | M] () -- C:\Users\Audrey\Desktop\ZHPFix.lnk
[2014/02/19 14:27:39 | 000,001,870 | ---- | M] () -- C:\Users\Audrey\Desktop\ZHPDiag.lnk
[2014/02/19 14:21:35 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/02/19 14:21:34 | 000,000,296 | ---- | M] () -- C:\Windows\tasks\Digital Sites.job
[2014/02/19 14:21:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/02/19 12:32:55 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/02/19 11:19:01 | 001,671,168 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/02/19 11:19:01 | 000,748,104 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2014/02/19 11:19:01 | 000,654,714 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/02/19 11:19:01 | 000,150,370 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2014/02/19 11:19:01 | 000,122,328 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/02/19 11:14:21 | 3019,333,632 | -HS- | M] () -- C:\hiberfil.sys
[2014/02/19 09:18:02 | 000,000,175 | ---- | M] () -- C:\Users\Audrey\AppData\Roaming\WB.CFG
[2014/02/19 09:07:59 | 000,001,119 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/02/14 03:03:58 | 001,645,300 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/02/14 03:02:24 | 000,001,972 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/02/14 03:02:00 | 000,080,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys
[2014/02/14 03:01:59 | 001,038,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014/02/14 03:01:59 | 000,421,704 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014/02/14 03:01:59 | 000,334,136 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/02/14 03:01:59 | 000,078,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/02/14 03:01:59 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/02/13 11:32:31 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForAUDREY-HP$.job
[2014/02/10 10:21:43 | 000,133,666 | ---- | M] () -- C:\Users\Audrey\Documents\Brochure_VAP_Officier.pdf
[2014/02/10 10:02:27 | 000,406,974 | ---- | M] () -- C:\Users\Audrey\Documents\2013-07-comment-devenir-officier-concours-interne.pdf
[2014/02/10 10:02:24 | 000,620,077 | ---- | M] () -- C:\Users\Audrey\Documents\2013-07-comment-devenir-officier-concours-externe.pdf
[2014/02/10 10:00:48 | 000,047,932 | ---- | M] () -- C:\Users\Audrey\Documents\2007-2013-annales-officier-int-dissertation-culture-genarale.pdf
[2014/02/10 10:00:42 | 003,732,501 | ---- | M] () -- C:\Users\Audrey\Documents\2012-annales-officier-int-note-synthese.pdf
[2014/02/10 10:00:36 | 003,375,432 | ---- | M] () -- C:\Users\Audrey\Documents\2013-annales-officier-int-note-synthese.pdf
[2014/02/10 10:00:25 | 000,118,929 | ---- | M] () -- C:\Users\Audrey\Documents\2012-etude-de-cas-vap-officier.pdf
[2014/02/10 10:00:19 | 000,107,899 | ---- | M] () -- C:\Users\Audrey\Documents\2013-etude-de-cas-vap-officier.pdf
[2014/02/10 09:59:34 | 000,054,999 | ---- | M] () -- C:\Users\Audrey\Documents\2013-annales-commissaire-vap-2006-2013.pdf
[2014/02/10 09:59:08 | 000,113,366 | ---- | M] () -- C:\Users\Audrey\Documents\2012-vap-officier1.pdf
[2014/02/10 09:58:42 | 000,300,287 | ---- | M] () -- C:\Users\Audrey\Documents\2013-officier-admis-internes.pdf
[2014/02/10 09:58:28 | 000,337,164 | ---- | M] () -- C:\Users\Audrey\Documents\2013-officier-admis-vap.pdf
[2014/02/06 12:30:12 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/02/06 12:07:39 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/02/06 12:06:47 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/02/06 11:56:03 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/02/06 11:52:11 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/02/06 11:49:03 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/02/06 11:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/02/06 11:48:11 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/02/06 11:32:49 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/02/06 11:17:15 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/02/06 11:11:37 | 005,768,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/02/06 11:01:36 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/02/06 11:00:46 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/02/06 10:57:13 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/02/06 10:52:21 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/02/06 10:50:32 | 002,041,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/02/06 10:49:22 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/02/06 10:47:22 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/02/06 10:46:27 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/02/06 10:25:43 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/02/06 10:09:30 | 001,964,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/02/06 09:40:06 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/02/06 09:34:31 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/02/05 13:01:32 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/02/05 13:01:31 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/02/05 13:01:30 | 003,544,968 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2014/01/30 14:46:40 | 000,000,005 | ---- | M] () -- C:\Users\Audrey\AppData\Roaming\WBPU-TTL.DAT
[2014/01/28 08:11:55 | 000,555,997 | ---- | M] () -- C:\Users\Audrey\Documents\50320004132043626211412511000574carrefour.pdf
[2014/01/26 18:59:22 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForAudrey.job
[2014/01/25 15:43:32 | 000,001,093 | ---- | M] () -- C:\Users\Audrey\Desktop\Video Performer.lnk
[2014/01/21 15:23:36 | 000,188,450 | ---- | M] () -- C:\Users\Audrey\Documents\recapitulatif_dossier_178929 journée de la femme ce clienteles.pdf
[2014/01/21 15:23:03 | 000,190,346 | ---- | M] () -- C:\Users\Audrey\Documents\DOSSIER_210114.032230 journée de la femme ce clienteles.pdf
[2014/01/21 15:15:34 | 000,117,255 | ---- | M] () -- C:\Users\Audrey\Documents\Ch1+NbRel.pdf
[2014/01/21 15:15:13 | 000,223,291 | ---- | M] () -- C:\Users\Audrey\Documents\Ch2+EgalPyth.pdf
[2014/01/21 15:14:49 | 000,109,187 | ---- | M] () -- C:\Users\Audrey\Documents\Ch3+EcritFract.pdf
[2014/01/21 15:14:11 | 000,198,124 | ---- | M] () -- C:\Users\Audrey\Documents\Ch4+TrRect.pdf
[2014/01/21 15:13:22 | 000,138,234 | ---- | M] () -- C:\Users\Audrey\Documents\Ch5+CalcLitt.pdf
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========/color
[2014/02/19 14:31:00 | 000,000,512 | ---- | C] () -- C:\PhysicalDisk0_MBR.bin
[2014/02/19 14:27:39 | 000,001,997 | ---- | C] () -- C:\Users\Audrey\Desktop\ZHPFix.lnk
[2014/02/19 14:27:39 | 000,001,870 | ---- | C] () -- C:\Users\Audrey\Desktop\ZHPDiag.lnk
[2014/02/19 09:07:59 | 000,001,119 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/02/14 03:00:34 | 000,000,296 | ---- | C] () -- C:\Windows\tasks\Digital Sites.job
[2014/02/10 10:21:43 | 000,133,666 | ---- | C] () -- C:\Users\Audrey\Documents\Brochure_VAP_Officier.pdf
[2014/02/10 10:02:17 | 000,406,974 | ---- | C] () -- C:\Users\Audrey\Documents\2013-07-comment-devenir-officier-concours-interne.pdf
[2014/02/10 10:02:08 | 000,620,077 | ---- | C] () -- C:\Users\Audrey\Documents\2013-07-comment-devenir-officier-concours-externe.pdf
[2014/02/10 10:00:48 | 000,047,932 | ---- | C] () -- C:\Users\Audrey\Documents\2007-2013-annales-officier-int-dissertation-culture-genarale.pdf
[2014/02/10 10:00:42 | 003,732,501 | ---- | C] () -- C:\Users\Audrey\Documents\2012-annales-officier-int-note-synthese.pdf
[2014/02/10 10:00:35 | 003,375,432 | ---- | C] () -- C:\Users\Audrey\Documents\2013-annales-officier-int-note-synthese.pdf
[2014/02/10 10:00:25 | 000,118,929 | ---- | C] () -- C:\Users\Audrey\Documents\2012-etude-de-cas-vap-officier.pdf
[2014/02/10 10:00:19 | 000,107,899 | ---- | C] () -- C:\Users\Audrey\Documents\2013-etude-de-cas-vap-officier.pdf
[2014/02/10 09:59:34 | 000,054,999 | ---- | C] () -- C:\Users\Audrey\Documents\2013-annales-commissaire-vap-2006-2013.pdf
[2014/02/10 09:59:08 | 000,113,366 | ---- | C] () -- C:\Users\Audrey\Documents\2012-vap-officier1.pdf
[2014/02/10 09:58:42 | 000,300,287 | ---- | C] () -- C:\Users\Audrey\Documents\2013-officier-admis-internes.pdf
[2014/02/10 09:58:28 | 000,337,164 | ---- | C] () -- C:\Users\Audrey\Documents\2013-officier-admis-vap.pdf
[2014/01/28 08:11:55 | 000,555,997 | ---- | C] () -- C:\Users\Audrey\Documents\50320004132043626211412511000574carrefour.pdf
[2014/01/25 15:43:32 | 000,001,093 | ---- | C] () -- C:\Users\Audrey\Desktop\Video Performer.lnk
[2014/01/21 15:23:36 | 000,188,450 | ---- | C] () -- C:\Users\Audrey\Documents\recapitulatif_dossier_178929 journée de la femme ce clienteles.pdf
[2014/01/21 15:23:03 | 000,190,346 | ---- | C] () -- C:\Users\Audrey\Documents\DOSSIER_210114.032230 journée de la femme ce clienteles.pdf
[2014/01/21 15:15:34 | 000,117,255 | ---- | C] () -- C:\Users\Audrey\Documents\Ch1+NbRel.pdf
[2014/01/21 15:15:13 | 000,223,291 | ---- | C] () -- C:\Users\Audrey\Documents\Ch2+EgalPyth.pdf
[2014/01/21 15:14:49 | 000,109,187 | ---- | C] () -- C:\Users\Audrey\Documents\Ch3+EcritFract.pdf
[2014/01/21 15:14:11 | 000,198,124 | ---- | C] () -- C:\Users\Audrey\Documents\Ch4+TrRect.pdf
[2014/01/21 15:13:22 | 000,138,234 | ---- | C] () -- C:\Users\Audrey\Documents\Ch5+CalcLitt.pdf
[2013/12/31 09:53:57 | 000,000,005 | ---- | C] () -- C:\Users\Audrey\AppData\Roaming\WBPU-Q5-TTL.DAT
[2013/09/23 06:22:10 | 000,000,175 | ---- | C] () -- C:\Users\Audrey\AppData\Roaming\WB.CFG
[2013/09/23 06:22:10 | 000,000,005 | ---- | C] () -- C:\Users\Audrey\AppData\Roaming\WBPU-TTL.DAT
[2013/06/25 21:40:43 | 000,038,449 | ---- | C] () -- C:\Users\Audrey\AppData\Roaming\Valeurs séparées par des virgules (Windows).ADR
[2012/08/03 07:42:31 | 000,000,023 | ---- | C] () -- C:\Users\Audrey\intlname.ols
[2012/02/10 11:36:57 | 000,003,584 | ---- | C] () -- C:\Users\Audrey\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/29 09:03:25 | 000,001,854 | ---- | C] () -- C:\Users\Audrey\AppData\Roaming\GhostObjGAFix.xml
[color=#E56717]========== ZeroAccess Check ==========/color
[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
< End of report >
Merci de ton aide HFT
OTL logfile created on: 19/02/2014 14:51:37 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Audrey\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy
3,75 Gb Total Physical Memory | 2,56 Gb Available Physical Memory | 68,40% Memory free
7,50 Gb Paging File | 5,78 Gb Available in Paging File | 77,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 920,36 Gb Total Space | 817,10 Gb Free Space | 88,78% Space Free | Partition Type: NTFS
Drive D: | 11,05 Gb Total Space | 1,13 Gb Free Space | 10,20% Space Free | Partition Type: NTFS
Computer Name: AUDREY-HP | User Name: Audrey | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========/color
PRC - [2014/02/19 14:50:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Audrey\Downloads\OTL.exe
PRC - [2014/02/14 03:01:55 | 003,767,096 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/02/14 03:01:54 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/12/21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2010/04/23 20:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010/02/04 05:05:54 | 000,660,136 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2600 Series\lxdnmon.exe
PRC - [2010/02/04 05:05:52 | 000,025,256 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2600 Series\lxdnmsdmon.exe
PRC - [2009/12/02 21:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2009/12/02 21:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2009/10/14 23:53:20 | 000,635,416 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2008/11/20 18:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
[color=#E56717]========== Modules (No Company Name) ==========/color
MOD - [2014/02/14 03:30:46 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll
MOD - [2014/02/14 03:30:41 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll
MOD - [2014/02/14 03:30:36 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll
MOD - [2014/02/14 03:30:33 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll
MOD - [2014/02/14 03:30:20 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014/02/14 03:30:15 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2013/12/03 10:07:03 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2010/11/13 01:54:34 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/02/04 05:05:54 | 000,660,136 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2600 Series\lxdnmon.exe
MOD - [2010/02/04 05:05:52 | 000,025,256 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2600 Series\lxdnmsdmon.exe
MOD - [2010/02/03 06:21:47 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2600 Series\app4r.monitor.core.dll
MOD - [2010/02/03 06:21:47 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2600 Series\app4r.monitor.common.dll
MOD - [2010/02/03 06:20:51 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2600 Series\app4r.devmons.mcmdevmon.dll
MOD - [2009/07/23 16:49:04 | 000,782,336 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2600 Series\lxdndrs.dll
MOD - [2009/07/23 16:48:28 | 000,380,928 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2600 Series\lxdnscw.dll
MOD - [2009/06/26 10:17:07 | 000,012,288 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2600 Series\app4r.devmons.mcmdevmon.autoplayutil.dll
MOD - [2009/05/14 10:46:40 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2600 Series\lxdncaps.dll
MOD - [2007/10/02 11:51:09 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2600 Series\lxdncnv4.dll
MOD - [2007/05/29 04:39:08 | 000,589,824 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2600 Series\lxdndatr.dll
MOD - [2007/03/26 04:39:35 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\Lexmark 2600 Series\lxdncats.dll
[color=#E56717]========== Services (SafeList) ==========/color
SRV:[b]64bit:/b - [2014/02/14 03:01:54 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:[b]64bit:/b - [2014/02/06 11:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:/b - [2013/05/27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:[b]64bit:/b - [2010/02/02 00:17:12 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:/b - [2009/04/28 06:58:52 | 000,029,184 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxdnserv.exe -- (lxdnCATSCustConnectService)
SRV:[b]64bit:/b - [2007/11/28 11:51:42 | 001,039,872 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxdncoms.exe -- (lxdn_device)
SRV - [2014/02/05 13:01:32 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/12/21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/06/20 18:24:18 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2010/04/04 00:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/12/02 21:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2009/12/02 21:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2009/10/14 23:53:20 | 000,635,416 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/04/28 06:58:52 | 000,029,184 | ---- | M] () [Auto | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\\lxdnserv.exe -- (lxdnCATSCustConnectService)
SRV - [2007/11/28 11:12:40 | 000,589,824 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxdncoms.exe -- (lxdn_device)
[color=#E56717]========== Driver Services (SafeList) ==========/color
DRV:[b]64bit:/b - [2014/02/14 03:02:00 | 000,080,184 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:[b]64bit:/b - [2014/02/14 03:01:59 | 001,038,072 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:[b]64bit:/b - [2014/02/14 03:01:59 | 000,421,704 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:[b]64bit:/b - [2014/02/14 03:01:59 | 000,078,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:/b - [2013/12/27 15:11:22 | 000,207,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:[b]64bit:/b - [2013/12/03 10:07:05 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:[b]64bit:/b - [2013/12/03 10:07:05 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:[b]64bit:/b - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:[b]64bit:/b - [2012/08/23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:/b - [2012/08/23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:/b - [2012/05/11 06:34:14 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:[b]64bit:/b - [2012/05/11 06:34:12 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:[b]64bit:/b - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:/b - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:/b - [2010/07/08 14:18:38 | 000,694,888 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL8192su.sys -- (RTL8192su)
DRV:[b]64bit:/b - [2010/04/09 00:12:00 | 000,243,744 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:[b]64bit:/b - [2010/03/10 01:33:52 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie)
DRV:[b]64bit:/b - [2010/03/04 14:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:/b - [2010/02/02 00:55:20 | 006,366,720 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:[b]64bit:/b - [2010/02/01 23:24:00 | 000,186,880 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:/b - [2009/12/21 19:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:[b]64bit:/b - [2009/12/02 21:23:38 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:[b]64bit:/b - [2009/12/02 21:23:34 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:[b]64bit:/b - [2009/12/02 21:23:32 | 000,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:[b]64bit:/b - [2009/12/02 21:23:26 | 000,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:[b]64bit:/b - [2009/10/23 09:26:14 | 000,046,592 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:[b]64bit:/b - [2009/10/08 01:13:34 | 000,070,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:/b - [2009/10/08 01:13:34 | 000,028,728 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:/b - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:/b - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:/b - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:/b - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:/b - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:/b - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:/b - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:/b - [2007/05/14 16:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
[color=#E56717]========== Standard Registry (SafeList) ==========/color
[color=#E56717]========== Internet Explorer ==========/color
IE:[b]64bit:/b - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
IE:[b]64bit:/b - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:[b]64bit:/b - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = https://www.google.com/webhp?gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:[b]64bit:/b - HKLM\..\SearchScopes\{83475DD4-638D-44B9-B8EB-6A8D30C6EED9}: "URL" = https://fr.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE:[b]64bit:/b - HKLM\..\SearchScopes\{876B8792-1EAC-44E2-B35F-5CF241A6055D}: "URL" = https://fr.search.yahoo.com/web{searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPDTDF
IE:[b]64bit:/b - HKLM\..\SearchScopes\{8DBCCA26-318D-4D80-97BB-0985D1CD084D}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&form=CPDTDF&pc=CPDTDF&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = https://www.google.com/webhp?gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{83475DD4-638D-44B9-B8EB-6A8D30C6EED9}: "URL" = https://fr.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKLM\..\SearchScopes\{876B8792-1EAC-44E2-B35F-5CF241A6055D}: "URL" = https://fr.search.yahoo.com/web{searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPDTDF
IE - HKLM\..\SearchScopes\{8DBCCA26-318D-4D80-97BB-0985D1CD084D}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&form=CPDTDF&pc=CPDTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{acbd5593-e5ee-4c15-b48f-1823ce819dec}: "URL" = https://hp.mywebsearch.com/mywebsearch/index.html^ZU^xpt175^S05673^fr&si=CNGPgbzsuLcCFUfKtAodyyYAnQ&ptb=717EE340-C2D0-46C0-B7B1-36963BCD3C32&ind=2013052808&n=77fcbf88&psa=&st=sb&searchfor={searchTerms}
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=compaq-desktop.msn.com&ocid=HPDHP&pc=CPDTDF
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = https://www.msn.com/fr-fr?cobrand=compaq-desktop.msn.com&ocid=HPDHP&pc=CPDTDF
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=compaq-desktop.msn.com&ocid=HPDHP&pc=CPDTDF
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes\{83475DD4-638D-44B9-B8EB-6A8D30C6EED9}: "URL" = https://fr.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKU\.DEFAULT\..\SearchScopes\{876B8792-1EAC-44E2-B35F-5CF241A6055D}: "URL" = https://fr.search.yahoo.com/web{searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPDTDF
IE - HKU\.DEFAULT\..\SearchScopes\{8DBCCA26-318D-4D80-97BB-0985D1CD084D}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&form=CPDTDF&pc=CPDTDF&src=IE-SearchBox
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=compaq-desktop.msn.com&ocid=HPDHP&pc=CPDTDF
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = https://www.msn.com/fr-fr?cobrand=compaq-desktop.msn.com&ocid=HPDHP&pc=CPDTDF
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=compaq-desktop.msn.com&ocid=HPDHP&pc=CPDTDF
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\..\SearchScopes\{83475DD4-638D-44B9-B8EB-6A8D30C6EED9}: "URL" = https://fr.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKU\S-1-5-18\..\SearchScopes\{876B8792-1EAC-44E2-B35F-5CF241A6055D}: "URL" = https://fr.search.yahoo.com/web{searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPDTDF
IE - HKU\S-1-5-18\..\SearchScopes\{8DBCCA26-318D-4D80-97BB-0985D1CD084D}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&form=CPDTDF&pc=CPDTDF&src=IE-SearchBox
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2327108792-3824882524-3925735962-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=compaq-desktop.msn.com&ocid=HPDHP&pc=CPDTDF
IE - HKU\S-1-5-21-2327108792-3824882524-3925735962-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
IE - HKU\S-1-5-21-2327108792-3824882524-3925735962-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
IE - HKU\S-1-5-21-2327108792-3824882524-3925735962-1000\..\SearchScopes,DefaultScope = {acbd5593-e5ee-4c15-b48f-1823ce819dec}
IE - HKU\S-1-5-21-2327108792-3824882524-3925735962-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = https://www.google.com/webhp?gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADRA_frFR461
IE - HKU\S-1-5-21-2327108792-3824882524-3925735962-1000\..\SearchScopes\{acbd5593-e5ee-4c15-b48f-1823ce819dec}: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=tele1202&cd=2XzuyEtN2Y1L1QzuyBzz0A0C0CtD0Bzy0DtCyEzztByE0DtBtN0D0Tzu0SyBtByBtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=648652757&ir=
IE - HKU\S-1-5-21-2327108792-3824882524-3925735962-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========/color
FF:[b]64bit:/b - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll File not found
FF:[b]64bit:/b - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:/b - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.7\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013/06/26 19:21:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.7\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
[2013/06/26 19:22:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Audrey\AppData\Roaming\mozilla\Extensions
[2013/05/07 13:18:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[color=#E56717]========== Chrome ==========/color
CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: https://www.google.com/?gws_rd=ssl
CHR - Extension: No name found = C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: No name found = C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2005.45_0\
CHR - Extension: No name found = C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:/b - BHO: (Plus-HD-3.5) - {11111111-1111-1111-1111-110311711180} - C:\Program Files (x86)\Plus-HD-3.5\Plus-HD-3.5-bho64.dll File not found
O2:[b]64bit:/b - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:[b]64bit:/b - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:[b]64bit:/b - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No CLSID value found.
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:[b]64bit:/b - HKLM\..\Toolbar: (no name) - !{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O3:[b]64bit:/b - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:[b]64bit:/b - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:[b]64bit:/b - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:[b]64bit:/b - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:[b]64bit:/b - HKU\S-1-5-21-2327108792-3824882524-3925735962-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:[b]64bit:/b - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4:[b]64bit:/b - HKLM..\Run: [lxdnamon] C:\Program Files (x86)\Lexmark 2600 Series\lxdnamon.exe ()
O4:[b]64bit:/b - HKLM..\Run: [lxdnmon.exe] C:\Program Files (x86)\Lexmark 2600 Series\lxdnmon.exe ()
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [FaxCenterServer] C:\Program Files (x86)\Lexmark Fax Solutions\fm3032.exe ()
O4 - HKLM..\Run: [Magic Desktop for HP notification] C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe (Easybits)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2327108792-3824882524-3925735962-1000..\Run: [CCleaner] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13[b]64bit:/b - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5268184B-D44A-4EDF-BDE9-392884FAE59C}: DhcpNameServer = 192.168.1.254
O18:[b]64bit:/b - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:/b - Protocol\Handler\msdaipp - No CLSID value found
O18:[b]64bit:/b - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:[b]64bit:/b - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:[b]64bit:/b - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:/b - Protocol\Handler\mso-offdap - No CLSID value found
O18:[b]64bit:/b - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:[b]64bit:/b - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:/b - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18:[b]64bit:/b - Protocol\Filter\text/xml - No CLSID value found
O20:[b]64bit:/b - AppInit_DLLs: (c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll) - File not found
O20:[b]64bit:/b - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:/b - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:/b - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:/b - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:/b - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:/b - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:/b - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========/color
[2014/02/19 14:27:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
[2014/02/19 14:27:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZHPDiag
[2014/02/19 14:27:37 | 000,000,000 | ---D | C] -- C:\Users\Audrey\AppData\Roaming\ZHP
[2014/02/19 09:08:09 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/02/19 09:08:01 | 000,000,000 | ---D | C] -- C:\Users\Audrey\AppData\Roaming\Malwarebytes
[2014/02/19 09:07:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/02/19 09:07:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/02/19 09:07:57 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/02/19 09:07:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014/02/14 03:02:15 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/02/14 03:01:18 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/02/14 03:01:17 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/02/14 03:01:17 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/02/14 03:01:16 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/02/14 03:01:16 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/02/14 03:01:16 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/02/14 03:01:16 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/02/14 03:01:15 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/02/14 03:01:14 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/02/14 03:01:14 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/02/14 03:01:14 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/02/14 03:01:14 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/02/14 03:01:14 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/02/14 03:01:13 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/02/14 03:01:13 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/02/14 03:01:13 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/02/14 03:01:12 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/02/14 03:01:12 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/02/14 03:01:12 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/02/14 03:01:11 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/02/14 03:01:08 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/02/14 03:01:08 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/02/14 03:01:05 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/02/13 07:41:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014/02/13 07:41:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014/02/13 07:41:24 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2014/02/13 07:41:24 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2014/02/13 07:41:24 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2014/02/13 07:41:24 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2014/02/13 07:41:24 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2014/02/13 07:41:24 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2014/02/13 07:41:23 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2014/02/13 07:41:23 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2014/02/13 07:41:23 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2014/02/13 07:41:23 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2014/02/13 07:41:23 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2014/02/13 07:41:23 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2014/02/13 07:41:23 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2014/02/13 07:41:23 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2014/02/13 07:41:23 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2014/02/13 07:41:23 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2014/02/13 07:41:23 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2014/02/13 07:41:20 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014/02/13 07:41:19 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2014/02/05 07:36:04 | 003,544,968 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2014/01/25 15:42:17 | 000,000,000 | ---D | C] -- C:\Users\Audrey\AppData\Local\Programs
[2012/06/22 16:47:50 | 004,734,976 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\vfp9r.dll
[2012/06/22 16:47:50 | 003,907,584 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\vfp9t.dll
[2012/06/22 16:47:50 | 001,228,800 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\vfp9rfra.dll
[2012/06/22 16:47:50 | 001,187,840 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\VFP9RENU.DLL
[2004/05/04 20:53:40 | 001,645,320 | R--- | C] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\gdiplus.dll
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========/color
[2014/02/19 14:33:28 | 000,018,736 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/02/19 14:33:28 | 000,018,736 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/02/19 14:31:00 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin
[2014/02/19 14:28:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/02/19 14:27:39 | 000,001,997 | ---- | M] () -- C:\Users\Audrey\Desktop\ZHPFix.lnk
[2014/02/19 14:27:39 | 000,001,870 | ---- | M] () -- C:\Users\Audrey\Desktop\ZHPDiag.lnk
[2014/02/19 14:21:35 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/02/19 14:21:34 | 000,000,296 | ---- | M] () -- C:\Windows\tasks\Digital Sites.job
[2014/02/19 14:21:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/02/19 12:32:55 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/02/19 11:19:01 | 001,671,168 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/02/19 11:19:01 | 000,748,104 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2014/02/19 11:19:01 | 000,654,714 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/02/19 11:19:01 | 000,150,370 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2014/02/19 11:19:01 | 000,122,328 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/02/19 11:14:21 | 3019,333,632 | -HS- | M] () -- C:\hiberfil.sys
[2014/02/19 09:18:02 | 000,000,175 | ---- | M] () -- C:\Users\Audrey\AppData\Roaming\WB.CFG
[2014/02/19 09:07:59 | 000,001,119 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/02/14 03:03:58 | 001,645,300 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/02/14 03:02:24 | 000,001,972 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/02/14 03:02:00 | 000,080,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys
[2014/02/14 03:01:59 | 001,038,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014/02/14 03:01:59 | 000,421,704 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014/02/14 03:01:59 | 000,334,136 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/02/14 03:01:59 | 000,078,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/02/14 03:01:59 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/02/13 11:32:31 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForAUDREY-HP$.job
[2014/02/10 10:21:43 | 000,133,666 | ---- | M] () -- C:\Users\Audrey\Documents\Brochure_VAP_Officier.pdf
[2014/02/10 10:02:27 | 000,406,974 | ---- | M] () -- C:\Users\Audrey\Documents\2013-07-comment-devenir-officier-concours-interne.pdf
[2014/02/10 10:02:24 | 000,620,077 | ---- | M] () -- C:\Users\Audrey\Documents\2013-07-comment-devenir-officier-concours-externe.pdf
[2014/02/10 10:00:48 | 000,047,932 | ---- | M] () -- C:\Users\Audrey\Documents\2007-2013-annales-officier-int-dissertation-culture-genarale.pdf
[2014/02/10 10:00:42 | 003,732,501 | ---- | M] () -- C:\Users\Audrey\Documents\2012-annales-officier-int-note-synthese.pdf
[2014/02/10 10:00:36 | 003,375,432 | ---- | M] () -- C:\Users\Audrey\Documents\2013-annales-officier-int-note-synthese.pdf
[2014/02/10 10:00:25 | 000,118,929 | ---- | M] () -- C:\Users\Audrey\Documents\2012-etude-de-cas-vap-officier.pdf
[2014/02/10 10:00:19 | 000,107,899 | ---- | M] () -- C:\Users\Audrey\Documents\2013-etude-de-cas-vap-officier.pdf
[2014/02/10 09:59:34 | 000,054,999 | ---- | M] () -- C:\Users\Audrey\Documents\2013-annales-commissaire-vap-2006-2013.pdf
[2014/02/10 09:59:08 | 000,113,366 | ---- | M] () -- C:\Users\Audrey\Documents\2012-vap-officier1.pdf
[2014/02/10 09:58:42 | 000,300,287 | ---- | M] () -- C:\Users\Audrey\Documents\2013-officier-admis-internes.pdf
[2014/02/10 09:58:28 | 000,337,164 | ---- | M] () -- C:\Users\Audrey\Documents\2013-officier-admis-vap.pdf
[2014/02/06 12:30:12 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/02/06 12:07:39 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/02/06 12:06:47 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/02/06 11:56:03 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/02/06 11:52:11 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/02/06 11:49:03 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/02/06 11:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/02/06 11:48:11 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/02/06 11:32:49 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/02/06 11:17:15 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/02/06 11:11:37 | 005,768,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/02/06 11:01:36 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/02/06 11:00:46 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/02/06 10:57:13 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/02/06 10:52:21 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/02/06 10:50:32 | 002,041,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/02/06 10:49:22 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/02/06 10:47:22 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/02/06 10:46:27 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/02/06 10:25:43 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/02/06 10:09:30 | 001,964,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/02/06 09:40:06 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/02/06 09:34:31 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/02/05 13:01:32 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/02/05 13:01:31 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/02/05 13:01:30 | 003,544,968 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2014/01/30 14:46:40 | 000,000,005 | ---- | M] () -- C:\Users\Audrey\AppData\Roaming\WBPU-TTL.DAT
[2014/01/28 08:11:55 | 000,555,997 | ---- | M] () -- C:\Users\Audrey\Documents\50320004132043626211412511000574carrefour.pdf
[2014/01/26 18:59:22 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForAudrey.job
[2014/01/25 15:43:32 | 000,001,093 | ---- | M] () -- C:\Users\Audrey\Desktop\Video Performer.lnk
[2014/01/21 15:23:36 | 000,188,450 | ---- | M] () -- C:\Users\Audrey\Documents\recapitulatif_dossier_178929 journée de la femme ce clienteles.pdf
[2014/01/21 15:23:03 | 000,190,346 | ---- | M] () -- C:\Users\Audrey\Documents\DOSSIER_210114.032230 journée de la femme ce clienteles.pdf
[2014/01/21 15:15:34 | 000,117,255 | ---- | M] () -- C:\Users\Audrey\Documents\Ch1+NbRel.pdf
[2014/01/21 15:15:13 | 000,223,291 | ---- | M] () -- C:\Users\Audrey\Documents\Ch2+EgalPyth.pdf
[2014/01/21 15:14:49 | 000,109,187 | ---- | M] () -- C:\Users\Audrey\Documents\Ch3+EcritFract.pdf
[2014/01/21 15:14:11 | 000,198,124 | ---- | M] () -- C:\Users\Audrey\Documents\Ch4+TrRect.pdf
[2014/01/21 15:13:22 | 000,138,234 | ---- | M] () -- C:\Users\Audrey\Documents\Ch5+CalcLitt.pdf
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========/color
[2014/02/19 14:31:00 | 000,000,512 | ---- | C] () -- C:\PhysicalDisk0_MBR.bin
[2014/02/19 14:27:39 | 000,001,997 | ---- | C] () -- C:\Users\Audrey\Desktop\ZHPFix.lnk
[2014/02/19 14:27:39 | 000,001,870 | ---- | C] () -- C:\Users\Audrey\Desktop\ZHPDiag.lnk
[2014/02/19 09:07:59 | 000,001,119 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/02/14 03:00:34 | 000,000,296 | ---- | C] () -- C:\Windows\tasks\Digital Sites.job
[2014/02/10 10:21:43 | 000,133,666 | ---- | C] () -- C:\Users\Audrey\Documents\Brochure_VAP_Officier.pdf
[2014/02/10 10:02:17 | 000,406,974 | ---- | C] () -- C:\Users\Audrey\Documents\2013-07-comment-devenir-officier-concours-interne.pdf
[2014/02/10 10:02:08 | 000,620,077 | ---- | C] () -- C:\Users\Audrey\Documents\2013-07-comment-devenir-officier-concours-externe.pdf
[2014/02/10 10:00:48 | 000,047,932 | ---- | C] () -- C:\Users\Audrey\Documents\2007-2013-annales-officier-int-dissertation-culture-genarale.pdf
[2014/02/10 10:00:42 | 003,732,501 | ---- | C] () -- C:\Users\Audrey\Documents\2012-annales-officier-int-note-synthese.pdf
[2014/02/10 10:00:35 | 003,375,432 | ---- | C] () -- C:\Users\Audrey\Documents\2013-annales-officier-int-note-synthese.pdf
[2014/02/10 10:00:25 | 000,118,929 | ---- | C] () -- C:\Users\Audrey\Documents\2012-etude-de-cas-vap-officier.pdf
[2014/02/10 10:00:19 | 000,107,899 | ---- | C] () -- C:\Users\Audrey\Documents\2013-etude-de-cas-vap-officier.pdf
[2014/02/10 09:59:34 | 000,054,999 | ---- | C] () -- C:\Users\Audrey\Documents\2013-annales-commissaire-vap-2006-2013.pdf
[2014/02/10 09:59:08 | 000,113,366 | ---- | C] () -- C:\Users\Audrey\Documents\2012-vap-officier1.pdf
[2014/02/10 09:58:42 | 000,300,287 | ---- | C] () -- C:\Users\Audrey\Documents\2013-officier-admis-internes.pdf
[2014/02/10 09:58:28 | 000,337,164 | ---- | C] () -- C:\Users\Audrey\Documents\2013-officier-admis-vap.pdf
[2014/01/28 08:11:55 | 000,555,997 | ---- | C] () -- C:\Users\Audrey\Documents\50320004132043626211412511000574carrefour.pdf
[2014/01/25 15:43:32 | 000,001,093 | ---- | C] () -- C:\Users\Audrey\Desktop\Video Performer.lnk
[2014/01/21 15:23:36 | 000,188,450 | ---- | C] () -- C:\Users\Audrey\Documents\recapitulatif_dossier_178929 journée de la femme ce clienteles.pdf
[2014/01/21 15:23:03 | 000,190,346 | ---- | C] () -- C:\Users\Audrey\Documents\DOSSIER_210114.032230 journée de la femme ce clienteles.pdf
[2014/01/21 15:15:34 | 000,117,255 | ---- | C] () -- C:\Users\Audrey\Documents\Ch1+NbRel.pdf
[2014/01/21 15:15:13 | 000,223,291 | ---- | C] () -- C:\Users\Audrey\Documents\Ch2+EgalPyth.pdf
[2014/01/21 15:14:49 | 000,109,187 | ---- | C] () -- C:\Users\Audrey\Documents\Ch3+EcritFract.pdf
[2014/01/21 15:14:11 | 000,198,124 | ---- | C] () -- C:\Users\Audrey\Documents\Ch4+TrRect.pdf
[2014/01/21 15:13:22 | 000,138,234 | ---- | C] () -- C:\Users\Audrey\Documents\Ch5+CalcLitt.pdf
[2013/12/31 09:53:57 | 000,000,005 | ---- | C] () -- C:\Users\Audrey\AppData\Roaming\WBPU-Q5-TTL.DAT
[2013/09/23 06:22:10 | 000,000,175 | ---- | C] () -- C:\Users\Audrey\AppData\Roaming\WB.CFG
[2013/09/23 06:22:10 | 000,000,005 | ---- | C] () -- C:\Users\Audrey\AppData\Roaming\WBPU-TTL.DAT
[2013/06/25 21:40:43 | 000,038,449 | ---- | C] () -- C:\Users\Audrey\AppData\Roaming\Valeurs séparées par des virgules (Windows).ADR
[2012/08/03 07:42:31 | 000,000,023 | ---- | C] () -- C:\Users\Audrey\intlname.ols
[2012/02/10 11:36:57 | 000,003,584 | ---- | C] () -- C:\Users\Audrey\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/29 09:03:25 | 000,001,854 | ---- | C] () -- C:\Users\Audrey\AppData\Roaming\GhostObjGAFix.xml
[color=#E56717]========== ZeroAccess Check ==========/color
[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
< End of report >
fitness77166
Messages postés
5
Date d'inscription
mercredi 19 février 2014
Statut
Membre
Dernière intervention
19 février 2014
19 févr. 2014 à 15:11
19 févr. 2014 à 15:11
Et le rapport Extra txt
OTL Extras logfile created on: 19/02/2014 14:51:37 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Audrey\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy
3,75 Gb Total Physical Memory | 2,56 Gb Available Physical Memory | 68,40% Memory free
7,50 Gb Paging File | 5,78 Gb Available in Paging File | 77,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 920,36 Gb Total Space | 817,10 Gb Free Space | 88,78% Space Free | Partition Type: NTFS
Drive D: | 11,05 Gb Total Space | 1,13 Gb Free Space | 10,20% Space Free | Partition Type: NTFS
Computer Name: AUDREY-HP | User Name: Audrey | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
[color=#E56717]========== Shell Spawning ==========[/color]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
[color=#E56717]========== Security Center Settings ==========[/color]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[color=#E56717]========== Firewall Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[color=#E56717]========== Authorized Applications List ==========[/color]
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{089B711B-72BA-4331-9097-B634826AE8A8}" = lport=137 | protocol=17 | dir=in | app=system |
"{0FAA7EB6-DD07-401F-A89C-454FB3A4EF76}" = lport=139 | protocol=6 | dir=in | app=system |
"{1D7925AF-8C6F-4B07-BD8A-A0E605AF54BA}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3FDE91DC-E147-4AD4-829D-34C6EE62979F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4DBF6DB9-793F-4709-AE5D-62FDA265F7E1}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5B1E5ED5-6AEB-4726-B377-A4CFB6BBD5DA}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5D20244E-4967-45DD-AAB2-4BFB715638C5}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6945D81D-75C1-43FF-929A-26B0BAC3017B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{761768DF-0449-4211-A1A3-07CC88F1CCEE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7D26A0E9-EB2E-43BB-9283-A6E83A7EC15E}" = rport=10243 | protocol=6 | dir=out | app=system |
"{7EA2ED0D-7D26-46F5-81E7-081C6C8C5815}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{88134BB7-5D7A-45CF-B0AA-E5209DF15C5E}" = rport=138 | protocol=17 | dir=out | app=system |
"{9558A026-D4D0-4987-9E2C-1A158F67461F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9886799E-743B-4516-9861-4550E1BABFDF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{99C33978-FE3B-4588-B542-1BB203C7DEBD}" = lport=10243 | protocol=6 | dir=in | app=system |
"{AC61E994-8184-44A8-9385-0F551E9ADD7B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AE673278-695B-4895-A0BD-A817650C0339}" = rport=139 | protocol=6 | dir=out | app=system |
"{C6FD3FAD-4F95-4B8D-8EBC-85E49E1DD4CD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D45BC84B-979A-4095-ACC5-EBE0A8351782}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E2F7EE9C-E450-4194-8712-F829F3C36BCD}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{E5A7F5E7-A997-4F03-A4CE-918B88B7F3A8}" = lport=445 | protocol=6 | dir=in | app=system |
"{EFEDC839-9E89-4ACC-BB46-28C70DA998FC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F5F7B61A-61AB-4B6C-B4EF-4D7BD4CEB716}" = lport=138 | protocol=17 | dir=in | app=system |
"{F9C0FCC1-BE3C-4F66-900C-6DFBBC2B8425}" = rport=445 | protocol=6 | dir=out | app=system |
"{FA3AC97C-6A44-4CD7-8299-5033BE15A1CB}" = rport=137 | protocol=17 | dir=out | app=system |
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D84AB80-8B29-45D0-B28C-4F79C91C7F17}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark fax solutions\faxctr.exe |
"{156AD6EB-4121-479C-B2BE-18C6EEF33631}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 2600 series\lxdnamon.exe |
"{1629C951-0BBA-4185-8BCF-1B5282DF3236}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{1EAC8BFD-DADC-417E-BCE7-CF327171E3E7}" = protocol=6 | dir=in | app=c:\windows\system32\lxdncoms.exe |
"{27944CAA-3A78-4420-969A-F5D3E6A8247F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{33DD7874-BC4B-4408-9895-A9F4E0DC953F}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3A40D1EC-D0A4-4406-AFEB-2E221D25E334}" = protocol=6 | dir=in | app=c:\windows\system32\lxdncoms.exe |
"{3D05D7FD-48AE-4476-B227-135533429A1B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{40B13AE3-7F5E-44FA-9103-685295BEA8B0}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdnpswx.exe |
"{42B5FD1B-84C0-426A-8BCA-6A6F7AF3AD5B}" = protocol=6 | dir=in | app=c:\windows\syswow64\lxdncoms.exe |
"{459BFE76-1AED-482B-9EB8-5694D58A9956}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{4708CFE0-AEEF-4E20-8E97-810BB90B7B42}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{478DB129-2809-4498-B15F-1FA6F55504CA}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 2600 series\lxdnamon.exe |
"{4EC0E289-04C3-4367-86CA-E0A9BC30AD92}" = dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdnpswx.exe |
"{585DD6B4-6A7D-4CAF-84BB-4FAA9CD2981E}" = protocol=17 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{5BA993FC-DF36-4DFF-9A31-28A3D6617F62}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5C40D8BE-B49F-4B08-BB9E-64D6E1530F9A}" = protocol=17 | dir=in | app=c:\windows\syswow64\lxdncoms.exe |
"{5C6D0CDA-08DE-4DB1-99C3-B8E451F7EAAB}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdnpswx.exe |
"{64734FB0-D26C-4DC0-92D2-9CB36BDCAF34}" = dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdntime.exe |
"{66D912B6-7D60-4354-BF09-4DE93CE34137}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{719340E3-96F3-4A87-92ED-320859EB6BCA}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 2600 series\frun.exe |
"{7F1986FA-D393-44C1-963C-7B0524689D5A}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 2600 series\lxdnamon.exe |
"{8052B38B-297A-4C14-8D4C-2C4F90510A9B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8122B19E-C07B-4D98-9EA6-9315515FE643}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{84952BA2-2ED1-46C3-9D33-40F944383AAA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{916BA88A-8866-43C8-8678-5DAF3D8D4F3B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{9510F620-A6BC-4E3B-BBBE-BA85A8AD8675}" = protocol=6 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{979299A8-0B2E-4EB2-96F3-6B8921380BD5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{AA054C44-6ADA-4D55-BD55-005CA4D83227}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AAC4CFA4-A6AB-4721-B1F1-00E892CCBD27}" = protocol=17 | dir=in | app=c:\windows\system32\lxdncoms.exe |
"{ABF8DD62-33BF-471B-8101-21FDF1413064}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdntime.exe |
"{B7392591-1F38-4055-8BAA-2FF9B3A6461B}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark fax solutions\faxctr.exe |
"{BE2EBFED-20C3-4F7E-9A47-577267CA5A41}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark fax solutions\faxctr.exe |
"{C29E2EBD-B0B9-4C80-93B9-849EC2CCD0D1}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{C3AF362F-391E-483B-90FA-BE0B87C965B6}" = dir=in | app=c:\windows\syswow64\lxdncoms.exe |
"{C4DA6551-D5B6-4CD3-8482-30F113EBC646}" = dir=in | app=c:\windows\system32\lxdncoms.exe |
"{C8B83C53-E7EF-4826-A218-BBE1C1F166B4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CA3172FC-087F-4605-B2B3-FC0B5FA7286D}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdnpswx.exe |
"{D7444792-C901-40D6-889F-B4C870034B8D}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{D7773493-F6D4-4F14-9E10-CA8D5AC6A10F}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 2600 series\frun.exe |
"{DBB95BBC-F7E3-4762-85B6-28ADAB01C328}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdnpswx.exe |
"{E0681CE1-F468-40A5-A1E3-94E338099075}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{E1AB1D66-E9B8-4B53-B77D-20A16E197453}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark fax solutions\faxctr.exe |
"{E42FEC66-137F-4F1E-9365-45DED49529F1}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E7218853-2EE2-410C-BF4F-BD2170E518E9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E72AB673-E3FE-40F6-83D6-2627FDB36859}" = protocol=6 | dir=out | app=system |
"{ECA3C8EF-4F53-4F44-8EA8-7A4C99CDB3F6}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 2600 series\lxdnmon.exe |
"{F44BC6F0-5169-4E80-8841-DFEBA3DDE334}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 2600 series\lxdnmon.exe |
"{F87C2848-7CD8-484A-AEDE-7B8375CEADFA}" = protocol=17 | dir=in | app=c:\windows\system32\lxdncoms.exe |
"{FE32A98F-D867-48FE-BE6D-FA02782337F8}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 2600 series\lxdnamon.exe |
"{FF78B812-9A88-4D47-B51E-68C3E0FEAACF}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdntime.exe |
"TCP Query User{6832DEFE-422B-48F4-94FE-31E64BD72929}C:\program files (x86)\lexmark 2600 series\lxdnmon.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 2600 series\lxdnmon.exe |
"TCP Query User{8DFC8E27-E6A9-4403-A573-1AEFBE74FD64}C:\program files (x86)\lexmark 2600 series\lxdnlscn.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 2600 series\lxdnlscn.exe |
"TCP Query User{B1B6FB5A-68BE-4B8F-9BF9-7EE25813456F}C:\program files (x86)\lexmark 2600 series\lxdnlscn.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 2600 series\lxdnlscn.exe |
"TCP Query User{B5C8CF89-5715-412D-86A7-102DFC7BC7B1}C:\program files (x86)\lexmark 2600 series\frun.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 2600 series\frun.exe |
"UDP Query User{92CA6A93-525C-4907-B80F-78F9979490AC}C:\program files (x86)\lexmark 2600 series\lxdnlscn.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 2600 series\lxdnlscn.exe |
"UDP Query User{A5EC61FA-DAF6-4D5E-9F0D-1CA52EB2A062}C:\program files (x86)\lexmark 2600 series\lxdnmon.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 2600 series\lxdnmon.exe |
"UDP Query User{B67DF27A-1FE2-42E4-819C-DCDA4A9C0A35}C:\program files (x86)\lexmark 2600 series\lxdnlscn.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 2600 series\lxdnlscn.exe |
"UDP Query User{C25415AE-1F5E-4B98-9D04-A9DDE69D3EFA}C:\program files (x86)\lexmark 2600 series\frun.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 2600 series\frun.exe |
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-006D-040C-1000-0000000FF1CE}" = Microsoft Office « Démarrer en un clic » 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036" = Microsoft .NET Framework 4.5.1 (Français)
"{948B1FD6-9F98-47EE-AABF-8697F2FD44B0}" = ccc-utility64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C22759DB-BA8B-30E7-99EE-8B47DB43AE56}" = Microsoft .NET Framework 4.5.1 (FRA)
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{D79A02E9-6713-4335-9668-AAC7474C0C0E}" = HP Vision Hardware Diagnostics
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{E50A5077-1654-BEAE-986B-7B7133DA7C48}" = ATI Catalyst Install Manager
"CCleaner" = CCleaner
"Lexmark 2600 Series" = Lexmark 2600 Series
"Lexmark Fax Solutions" = Solutions de télécopie Lexmark
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08235411-48C8-A293-8642-D9575891E7D9}" = Catalyst Control Center InstallProxy
"{08548558-3EC9-BD0B-3D09-632500268F59}" = CCC Help Portuguese
"{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Barre d'outils
"{137B2CE7-30A2-4836-0830-707F1010F517}" = CCC Help English
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{22139F5D-9405-455A-BDEB-658B1A4E4861}" = Catalyst Control Center - Branding
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{25F2A86D-E2E2-C2AD-8173-86C18632F214}" = CCC Help Chinese Traditional
"{2842077A-7895-5310-4F0C-42C83501E770}" = CCC Help Thai
"{2ACAB850-69A5-8090-08B7-D27CC6D8652C}" = CCC Help German
"{2BAD00A4-7FD1-61C5-10C3-8275723943AD}" = CCC Help Danish
"{2BF943D5-1468-589A-50E3-DD0ED6596022}" = Catalyst Control Center Graphics Full New
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34DB1D69-9FFC-7899-6F4D-22C4C15ADD54}" = CCC Help Polish
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3F310D8D-AC3B-5478-5AEA-D2EF5D7437E7}" = CCC Help Swedish
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}" = LightScribe System Software
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{53469506-A37E-4314-A9D9-38724EC23A75}" = HP Setup
"{595007B2-E139-535C-D723-4B0442FC40F5}" = CCC Help Italian
"{5A21C631-0494-7377-1E3B-99353E04F83B}" = CCC Help Japanese
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{695C04CF-CF98-FAD6-9590-6C555B2E2E79}" = CCC Help Chinese Standard
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6F277272-77D6-1E03-B8BB-B408B26C5140}" = CCC Help Czech
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7240A994-0ED4-4841-AD3B-5E5F72850F67}" = Catalyst Control Center Graphics Previews Vista
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7C66E480-E42D-3664-B207-5CE9A706BC1F}" = Catalyst Control Center Graphics Light
"{7CAAA7B2-D9EA-2416-9D63-DDBC8E669059}" = CCC Help French
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84B4C4F4-F244-6A7E-EDC6-ECD46ACAAE59}" = CCC Help Greek
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EB84BE2-1F31-4950-83D8-C211A9A08739}" = AM Usb Card Reader Driver
"{9011040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007
"{90120000-00B2-040C-0000-0000000FF1CE}" = Complément Microsoft Enregistrer en tant que PDF ou XPS pour programmes Microsoft Office 2007
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90140011-0066-040C-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Français
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB89B87C-226C-466F-A850-182A74DA7229}" = Location Immobilière V5.8
"{AC76BA86-7AD7-1036-7B44-AB0000000001}" = Adobe Reader XI (11.0.06) - Français
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AF4A82A7-F453-CE12-A942-E55FAC234387}" = ccc-core-static
"{B5B7E8FF-62F6-FA85-4C4A-83AAF816CE6E}" = CCC Help Spanish
"{B8089767-9A45-0E84-FCDE-15698650FF17}" = CCC Help Hungarian
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C9496C0E-BE4C-7800-900B-5E66B958AEC1}" = CCC Help Russian
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DE77FE3F-A33D-499A-87AD-5FC406617B40}" = HP Update
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{EB1A6595-613F-9654-E58E-0876F8B0E8F3}" = Catalyst Control Center Localization All
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EDD1E22B-249A-5ED7-BA0A-C41BAA8256ED}" = CCC Help Korean
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F252C428-A4AE-C73E-031A-C451FDD660A9}" = CCC Help Norwegian
"{F67EA3C6-38B0-675A-E2F9-8C343DE1C826}" = Catalyst Control Center Graphics Full Existing
"{F686E613-03C4-085F-188A-9E5DC1455787}" = CCC Help Turkish
"{F7F7626C-4612-BF7B-38D5-07E247973A1A}" = Catalyst Control Center Core Implementation
"{F8CA8746-F561-61D7-A496-8D4C4E1F8A57}" = CCC Help Dutch
"{FCDDC9D3-5524-9AD1-651C-467910CC1903}" = CCC Help Finnish
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"AmUStor" = AM Usb Card Reader Driver
"avast" = avast! Free Antivirus
"DVD Decrypter" = DVD Decrypter (Remove Only)
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Mozilla Thunderbird 17.0.7 (x86 fr)" = Mozilla Thunderbird 17.0.7 (x86 fr)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MusicStationNetstaller" = MusicStation
"My HP Game Console" = HP Game Console
"Office14.Click2Run" = Microsoft Office « Démarrer en un clic » 2010
"PDF Complete" = PDF Complete Special Edition
"Video Performer" = Video Performer
"VLC media player" = VLC media player 2.0.7
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live
"WinRAR archiver" = WinRAR 4.11 (32-bit)
"WT087361" = FATE
"WT087380" = John Deere Drive Green
"WT087394" = Penguins!
"WT087396" = Polar Bowler
"WT087420" = Agatha Christie - Death on the Nile
"WT087428" = Bejeweled 2 Deluxe
"WT087480" = Insaniquarium Deluxe
"WT087485" = Jewel Quest II
"WT087490" = Jewel Quest Solitaire
"WT087501" = Plants vs. Zombies
"WT087510" = Slingo Deluxe
"WT087513" = Virtual Villagers - The Secret City
"WT087533" = Zuma Deluxe
"WT087536" = Diner Dash 2 Restaurant Rescue
"ZHPDiag_is1" = ZHPDiag 2014
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
[HKEY_USERS\S-1-5-21-2327108792-3824882524-3925735962-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Video Converter Packages" = Video Converter Packages
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
[ Application Events ]
Error - 27/12/2013 16:46:51 | Computer Name = Audrey-HP | Source = Windows Search Service | ID = 3029
Description =
Error - 27/12/2013 16:46:51 | Computer Name = Audrey-HP | Source = Windows Search Service | ID = 3028
Description =
Error - 27/12/2013 16:46:51 | Computer Name = Audrey-HP | Source = Windows Search Service | ID = 3058
Description =
Error - 27/12/2013 16:46:51 | Computer Name = Audrey-HP | Source = Windows Search Service | ID = 7010
Description =
Error - 27/12/2013 16:54:42 | Computer Name = Audrey-HP | Source = CVHSVC | ID = 100
Description = Pour information uniquement. (Patch task for {90140011-0066-040C-0000-0000000FF1CE}):
DownloadLatest Failed: État HTTP 404 : l'URL requise n'existe pas sur le serveur.
Error - 29/12/2013 13:47:44 | Computer Name = Audrey-HP | Source = CVHSVC | ID = 100
Description = Pour information uniquement. (Patch task for {90140011-0066-040C-0000-0000000FF1CE}):
DownloadLatest Failed: État HTTP 404 : l'URL requise n'existe pas sur le serveur.
Error - 29/12/2013 13:56:22 | Computer Name = Audrey-HP | Source = Application Error | ID = 1000
Description = Nom de l'application défaillante IEXPLORE.EXE, version : 11.0.9600.16428,
horodatage : 0x525b664c Nom du module défaillant : jscript9.dll, version : 11.0.9600.16476,
horodatage : 0x5294589a Code d'exception : 0xc0000005 Décalage d'erreur : 0x00008be4
ID
du processus défaillant : 0x10b4 Heure de début de l'application défaillante : 0x01cf04bf3ca94198
Chemin
d'accès de l'application défaillante : C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Chemin
d'accès du module défaillant: C:\Windows\SysWOW64\jscript9.dll ID de rapport : 86c15dfc-70b2-11e3-b876-78acc0b9d148
Error - 31/12/2013 04:54:04 | Computer Name = Audrey-HP | Source = CVHSVC | ID = 100
Description = Pour information uniquement. (Patch task for {90140011-0066-040C-0000-0000000FF1CE}):
DownloadLatest Failed: État HTTP 404 : l'URL requise n'existe pas sur le serveur.
Error - 02/01/2014 04:50:14 | Computer Name = Audrey-HP | Source = Application Error | ID = 1000
Description = Nom de l'application défaillante UPDATE~1.EXE, version : 0.0.0.0,
horodatage : 0x2a425e19 Nom du module défaillant : KERNELBASE.dll, version : 6.1.7601.18229,
horodatage : 0x51fb1116 Code d'exception : 0xc0000005 Décalage d'erreur : 0x00006a59
ID
du processus défaillant : 0x1510 Heure de début de l'application défaillante : 0x01cf06cea03acfb4
Chemin
d'accès de l'application défaillante : C:\Users\Audrey\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE
Chemin
d'accès du module défaillant: C:\Windows\syswow64\KERNELBASE.dll ID de rapport :
e4fb1572-738a-11e3-b876-78acc0b9d148
Error - 02/01/2014 04:50:18 | Computer Name = Audrey-HP | Source = CVHSVC | ID = 100
Description = Pour information uniquement. (Patch task for {90140011-0066-040C-0000-0000000FF1CE}):
DownloadLatest Failed: État HTTP 404 : l'URL requise n'existe pas sur le serveur.
Error - 02/01/2014 06:37:21 | Computer Name = Audrey-HP | Source = Application Hang | ID = 1002
Description = Le programme IEXPLORE.EXE version 11.0.9600.16428 a cessé d'interagir
avec Windows et a été fermé. Pour déterminer si des informations supplémentaires
sont disponibles, consultez l'historique du problème dans le Centre de maintenance.
ID
de processus : 12a0 Heure de début : 01cf07a682af6b30 Heure de fin : 20 Chemin d'accès
de l'application : C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE ID de rapport
:
[ Hewlett-Packard Events ]
Error - 18/08/2011 03:28:23 | Computer Name = Audrey-HP | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\081118092814.xml
File not created by asset agent
Error - 18/08/2011 03:29:08 | Computer Name = Audrey-HP | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\081118092906.xml
File not created by asset agent
Error - 29/08/2011 04:03:23 | Computer Name = Audrey-HP | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\081129100315.xml
File not created by asset agent
Error - 11/09/2011 09:26:13 | Computer Name = Audrey-HP | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\091111100021.xml
File not created by asset agent
Error - 18/09/2011 10:26:28 | Computer Name = Audrey-HP | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\091118042625.xml
File not created by asset agent
[ System Events ]
Error - 15/10/2012 12:22:31 | Computer Name = Audrey-HP | Source = DCOM | ID = 10010
Description =
Error - 18/10/2012 03:38:47 | Computer Name = Audrey-HP | Source = Service Control Manager | ID = 7011
Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de
l'attente de la réponse transactionnelle du service NIS.
Error - 19/10/2012 02:50:59 | Computer Name = Audrey-HP | Source = Service Control Manager | ID = 7011
Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de
l'attente de la réponse transactionnelle du service NIS.
Error - 19/10/2012 08:24:58 | Computer Name = Audrey-HP | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Échec de l'installation : l'installation de la mise à jour suivante
a échoue avec l'erreur 0x80070643 : Definition Update for Windows Defender - KB915597
(Definition 1.139.124.0).
Error - 21/10/2012 03:11:33 | Computer Name = Audrey-HP | Source = Service Control Manager | ID = 7011
Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de
l'attente de la réponse transactionnelle du service Wlansvc.
Error - 22/10/2012 01:35:11 | Computer Name = Audrey-HP | Source = Service Control Manager | ID = 7011
Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de
l'attente de la réponse transactionnelle du service ShellHWDetection.
Error - 22/10/2012 07:40:40 | Computer Name = Audrey-HP | Source = Service Control Manager | ID = 7011
Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de
l'attente de la réponse transactionnelle du service ShellHWDetection.
Error - 25/10/2012 04:44:36 | Computer Name = Audrey-HP | Source = DCOM | ID = 10016
Description =
Error - 25/10/2012 04:44:39 | Computer Name = Audrey-HP | Source = DCOM | ID = 10016
Description =
< End of report >
OTL Extras logfile created on: 19/02/2014 14:51:37 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Audrey\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy
3,75 Gb Total Physical Memory | 2,56 Gb Available Physical Memory | 68,40% Memory free
7,50 Gb Paging File | 5,78 Gb Available in Paging File | 77,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 920,36 Gb Total Space | 817,10 Gb Free Space | 88,78% Space Free | Partition Type: NTFS
Drive D: | 11,05 Gb Total Space | 1,13 Gb Free Space | 10,20% Space Free | Partition Type: NTFS
Computer Name: AUDREY-HP | User Name: Audrey | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
[color=#E56717]========== Shell Spawning ==========[/color]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
[color=#E56717]========== Security Center Settings ==========[/color]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[color=#E56717]========== Firewall Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[color=#E56717]========== Authorized Applications List ==========[/color]
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{089B711B-72BA-4331-9097-B634826AE8A8}" = lport=137 | protocol=17 | dir=in | app=system |
"{0FAA7EB6-DD07-401F-A89C-454FB3A4EF76}" = lport=139 | protocol=6 | dir=in | app=system |
"{1D7925AF-8C6F-4B07-BD8A-A0E605AF54BA}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3FDE91DC-E147-4AD4-829D-34C6EE62979F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4DBF6DB9-793F-4709-AE5D-62FDA265F7E1}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5B1E5ED5-6AEB-4726-B377-A4CFB6BBD5DA}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5D20244E-4967-45DD-AAB2-4BFB715638C5}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6945D81D-75C1-43FF-929A-26B0BAC3017B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{761768DF-0449-4211-A1A3-07CC88F1CCEE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7D26A0E9-EB2E-43BB-9283-A6E83A7EC15E}" = rport=10243 | protocol=6 | dir=out | app=system |
"{7EA2ED0D-7D26-46F5-81E7-081C6C8C5815}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{88134BB7-5D7A-45CF-B0AA-E5209DF15C5E}" = rport=138 | protocol=17 | dir=out | app=system |
"{9558A026-D4D0-4987-9E2C-1A158F67461F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9886799E-743B-4516-9861-4550E1BABFDF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{99C33978-FE3B-4588-B542-1BB203C7DEBD}" = lport=10243 | protocol=6 | dir=in | app=system |
"{AC61E994-8184-44A8-9385-0F551E9ADD7B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AE673278-695B-4895-A0BD-A817650C0339}" = rport=139 | protocol=6 | dir=out | app=system |
"{C6FD3FAD-4F95-4B8D-8EBC-85E49E1DD4CD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D45BC84B-979A-4095-ACC5-EBE0A8351782}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E2F7EE9C-E450-4194-8712-F829F3C36BCD}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{E5A7F5E7-A997-4F03-A4CE-918B88B7F3A8}" = lport=445 | protocol=6 | dir=in | app=system |
"{EFEDC839-9E89-4ACC-BB46-28C70DA998FC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F5F7B61A-61AB-4B6C-B4EF-4D7BD4CEB716}" = lport=138 | protocol=17 | dir=in | app=system |
"{F9C0FCC1-BE3C-4F66-900C-6DFBBC2B8425}" = rport=445 | protocol=6 | dir=out | app=system |
"{FA3AC97C-6A44-4CD7-8299-5033BE15A1CB}" = rport=137 | protocol=17 | dir=out | app=system |
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D84AB80-8B29-45D0-B28C-4F79C91C7F17}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark fax solutions\faxctr.exe |
"{156AD6EB-4121-479C-B2BE-18C6EEF33631}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 2600 series\lxdnamon.exe |
"{1629C951-0BBA-4185-8BCF-1B5282DF3236}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{1EAC8BFD-DADC-417E-BCE7-CF327171E3E7}" = protocol=6 | dir=in | app=c:\windows\system32\lxdncoms.exe |
"{27944CAA-3A78-4420-969A-F5D3E6A8247F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{33DD7874-BC4B-4408-9895-A9F4E0DC953F}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3A40D1EC-D0A4-4406-AFEB-2E221D25E334}" = protocol=6 | dir=in | app=c:\windows\system32\lxdncoms.exe |
"{3D05D7FD-48AE-4476-B227-135533429A1B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{40B13AE3-7F5E-44FA-9103-685295BEA8B0}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdnpswx.exe |
"{42B5FD1B-84C0-426A-8BCA-6A6F7AF3AD5B}" = protocol=6 | dir=in | app=c:\windows\syswow64\lxdncoms.exe |
"{459BFE76-1AED-482B-9EB8-5694D58A9956}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{4708CFE0-AEEF-4E20-8E97-810BB90B7B42}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{478DB129-2809-4498-B15F-1FA6F55504CA}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 2600 series\lxdnamon.exe |
"{4EC0E289-04C3-4367-86CA-E0A9BC30AD92}" = dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdnpswx.exe |
"{585DD6B4-6A7D-4CAF-84BB-4FAA9CD2981E}" = protocol=17 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{5BA993FC-DF36-4DFF-9A31-28A3D6617F62}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5C40D8BE-B49F-4B08-BB9E-64D6E1530F9A}" = protocol=17 | dir=in | app=c:\windows\syswow64\lxdncoms.exe |
"{5C6D0CDA-08DE-4DB1-99C3-B8E451F7EAAB}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdnpswx.exe |
"{64734FB0-D26C-4DC0-92D2-9CB36BDCAF34}" = dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdntime.exe |
"{66D912B6-7D60-4354-BF09-4DE93CE34137}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{719340E3-96F3-4A87-92ED-320859EB6BCA}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 2600 series\frun.exe |
"{7F1986FA-D393-44C1-963C-7B0524689D5A}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 2600 series\lxdnamon.exe |
"{8052B38B-297A-4C14-8D4C-2C4F90510A9B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8122B19E-C07B-4D98-9EA6-9315515FE643}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{84952BA2-2ED1-46C3-9D33-40F944383AAA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{916BA88A-8866-43C8-8678-5DAF3D8D4F3B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{9510F620-A6BC-4E3B-BBBE-BA85A8AD8675}" = protocol=6 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{979299A8-0B2E-4EB2-96F3-6B8921380BD5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{AA054C44-6ADA-4D55-BD55-005CA4D83227}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AAC4CFA4-A6AB-4721-B1F1-00E892CCBD27}" = protocol=17 | dir=in | app=c:\windows\system32\lxdncoms.exe |
"{ABF8DD62-33BF-471B-8101-21FDF1413064}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdntime.exe |
"{B7392591-1F38-4055-8BAA-2FF9B3A6461B}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark fax solutions\faxctr.exe |
"{BE2EBFED-20C3-4F7E-9A47-577267CA5A41}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark fax solutions\faxctr.exe |
"{C29E2EBD-B0B9-4C80-93B9-849EC2CCD0D1}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{C3AF362F-391E-483B-90FA-BE0B87C965B6}" = dir=in | app=c:\windows\syswow64\lxdncoms.exe |
"{C4DA6551-D5B6-4CD3-8482-30F113EBC646}" = dir=in | app=c:\windows\system32\lxdncoms.exe |
"{C8B83C53-E7EF-4826-A218-BBE1C1F166B4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CA3172FC-087F-4605-B2B3-FC0B5FA7286D}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdnpswx.exe |
"{D7444792-C901-40D6-889F-B4C870034B8D}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{D7773493-F6D4-4F14-9E10-CA8D5AC6A10F}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 2600 series\frun.exe |
"{DBB95BBC-F7E3-4762-85B6-28ADAB01C328}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdnpswx.exe |
"{E0681CE1-F468-40A5-A1E3-94E338099075}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{E1AB1D66-E9B8-4B53-B77D-20A16E197453}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark fax solutions\faxctr.exe |
"{E42FEC66-137F-4F1E-9365-45DED49529F1}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E7218853-2EE2-410C-BF4F-BD2170E518E9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E72AB673-E3FE-40F6-83D6-2627FDB36859}" = protocol=6 | dir=out | app=system |
"{ECA3C8EF-4F53-4F44-8EA8-7A4C99CDB3F6}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 2600 series\lxdnmon.exe |
"{F44BC6F0-5169-4E80-8841-DFEBA3DDE334}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 2600 series\lxdnmon.exe |
"{F87C2848-7CD8-484A-AEDE-7B8375CEADFA}" = protocol=17 | dir=in | app=c:\windows\system32\lxdncoms.exe |
"{FE32A98F-D867-48FE-BE6D-FA02782337F8}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 2600 series\lxdnamon.exe |
"{FF78B812-9A88-4D47-B51E-68C3E0FEAACF}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdntime.exe |
"TCP Query User{6832DEFE-422B-48F4-94FE-31E64BD72929}C:\program files (x86)\lexmark 2600 series\lxdnmon.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 2600 series\lxdnmon.exe |
"TCP Query User{8DFC8E27-E6A9-4403-A573-1AEFBE74FD64}C:\program files (x86)\lexmark 2600 series\lxdnlscn.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 2600 series\lxdnlscn.exe |
"TCP Query User{B1B6FB5A-68BE-4B8F-9BF9-7EE25813456F}C:\program files (x86)\lexmark 2600 series\lxdnlscn.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 2600 series\lxdnlscn.exe |
"TCP Query User{B5C8CF89-5715-412D-86A7-102DFC7BC7B1}C:\program files (x86)\lexmark 2600 series\frun.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 2600 series\frun.exe |
"UDP Query User{92CA6A93-525C-4907-B80F-78F9979490AC}C:\program files (x86)\lexmark 2600 series\lxdnlscn.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 2600 series\lxdnlscn.exe |
"UDP Query User{A5EC61FA-DAF6-4D5E-9F0D-1CA52EB2A062}C:\program files (x86)\lexmark 2600 series\lxdnmon.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 2600 series\lxdnmon.exe |
"UDP Query User{B67DF27A-1FE2-42E4-819C-DCDA4A9C0A35}C:\program files (x86)\lexmark 2600 series\lxdnlscn.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 2600 series\lxdnlscn.exe |
"UDP Query User{C25415AE-1F5E-4B98-9D04-A9DDE69D3EFA}C:\program files (x86)\lexmark 2600 series\frun.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 2600 series\frun.exe |
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-006D-040C-1000-0000000FF1CE}" = Microsoft Office « Démarrer en un clic » 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036" = Microsoft .NET Framework 4.5.1 (Français)
"{948B1FD6-9F98-47EE-AABF-8697F2FD44B0}" = ccc-utility64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C22759DB-BA8B-30E7-99EE-8B47DB43AE56}" = Microsoft .NET Framework 4.5.1 (FRA)
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{D79A02E9-6713-4335-9668-AAC7474C0C0E}" = HP Vision Hardware Diagnostics
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{E50A5077-1654-BEAE-986B-7B7133DA7C48}" = ATI Catalyst Install Manager
"CCleaner" = CCleaner
"Lexmark 2600 Series" = Lexmark 2600 Series
"Lexmark Fax Solutions" = Solutions de télécopie Lexmark
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08235411-48C8-A293-8642-D9575891E7D9}" = Catalyst Control Center InstallProxy
"{08548558-3EC9-BD0B-3D09-632500268F59}" = CCC Help Portuguese
"{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Barre d'outils
"{137B2CE7-30A2-4836-0830-707F1010F517}" = CCC Help English
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{22139F5D-9405-455A-BDEB-658B1A4E4861}" = Catalyst Control Center - Branding
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{25F2A86D-E2E2-C2AD-8173-86C18632F214}" = CCC Help Chinese Traditional
"{2842077A-7895-5310-4F0C-42C83501E770}" = CCC Help Thai
"{2ACAB850-69A5-8090-08B7-D27CC6D8652C}" = CCC Help German
"{2BAD00A4-7FD1-61C5-10C3-8275723943AD}" = CCC Help Danish
"{2BF943D5-1468-589A-50E3-DD0ED6596022}" = Catalyst Control Center Graphics Full New
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34DB1D69-9FFC-7899-6F4D-22C4C15ADD54}" = CCC Help Polish
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3F310D8D-AC3B-5478-5AEA-D2EF5D7437E7}" = CCC Help Swedish
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}" = LightScribe System Software
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{53469506-A37E-4314-A9D9-38724EC23A75}" = HP Setup
"{595007B2-E139-535C-D723-4B0442FC40F5}" = CCC Help Italian
"{5A21C631-0494-7377-1E3B-99353E04F83B}" = CCC Help Japanese
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{695C04CF-CF98-FAD6-9590-6C555B2E2E79}" = CCC Help Chinese Standard
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6F277272-77D6-1E03-B8BB-B408B26C5140}" = CCC Help Czech
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7240A994-0ED4-4841-AD3B-5E5F72850F67}" = Catalyst Control Center Graphics Previews Vista
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7C66E480-E42D-3664-B207-5CE9A706BC1F}" = Catalyst Control Center Graphics Light
"{7CAAA7B2-D9EA-2416-9D63-DDBC8E669059}" = CCC Help French
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84B4C4F4-F244-6A7E-EDC6-ECD46ACAAE59}" = CCC Help Greek
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EB84BE2-1F31-4950-83D8-C211A9A08739}" = AM Usb Card Reader Driver
"{9011040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007
"{90120000-00B2-040C-0000-0000000FF1CE}" = Complément Microsoft Enregistrer en tant que PDF ou XPS pour programmes Microsoft Office 2007
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90140011-0066-040C-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Français
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB89B87C-226C-466F-A850-182A74DA7229}" = Location Immobilière V5.8
"{AC76BA86-7AD7-1036-7B44-AB0000000001}" = Adobe Reader XI (11.0.06) - Français
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AF4A82A7-F453-CE12-A942-E55FAC234387}" = ccc-core-static
"{B5B7E8FF-62F6-FA85-4C4A-83AAF816CE6E}" = CCC Help Spanish
"{B8089767-9A45-0E84-FCDE-15698650FF17}" = CCC Help Hungarian
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C9496C0E-BE4C-7800-900B-5E66B958AEC1}" = CCC Help Russian
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DE77FE3F-A33D-499A-87AD-5FC406617B40}" = HP Update
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{EB1A6595-613F-9654-E58E-0876F8B0E8F3}" = Catalyst Control Center Localization All
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EDD1E22B-249A-5ED7-BA0A-C41BAA8256ED}" = CCC Help Korean
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F252C428-A4AE-C73E-031A-C451FDD660A9}" = CCC Help Norwegian
"{F67EA3C6-38B0-675A-E2F9-8C343DE1C826}" = Catalyst Control Center Graphics Full Existing
"{F686E613-03C4-085F-188A-9E5DC1455787}" = CCC Help Turkish
"{F7F7626C-4612-BF7B-38D5-07E247973A1A}" = Catalyst Control Center Core Implementation
"{F8CA8746-F561-61D7-A496-8D4C4E1F8A57}" = CCC Help Dutch
"{FCDDC9D3-5524-9AD1-651C-467910CC1903}" = CCC Help Finnish
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"AmUStor" = AM Usb Card Reader Driver
"avast" = avast! Free Antivirus
"DVD Decrypter" = DVD Decrypter (Remove Only)
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Mozilla Thunderbird 17.0.7 (x86 fr)" = Mozilla Thunderbird 17.0.7 (x86 fr)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MusicStationNetstaller" = MusicStation
"My HP Game Console" = HP Game Console
"Office14.Click2Run" = Microsoft Office « Démarrer en un clic » 2010
"PDF Complete" = PDF Complete Special Edition
"Video Performer" = Video Performer
"VLC media player" = VLC media player 2.0.7
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live
"WinRAR archiver" = WinRAR 4.11 (32-bit)
"WT087361" = FATE
"WT087380" = John Deere Drive Green
"WT087394" = Penguins!
"WT087396" = Polar Bowler
"WT087420" = Agatha Christie - Death on the Nile
"WT087428" = Bejeweled 2 Deluxe
"WT087480" = Insaniquarium Deluxe
"WT087485" = Jewel Quest II
"WT087490" = Jewel Quest Solitaire
"WT087501" = Plants vs. Zombies
"WT087510" = Slingo Deluxe
"WT087513" = Virtual Villagers - The Secret City
"WT087533" = Zuma Deluxe
"WT087536" = Diner Dash 2 Restaurant Rescue
"ZHPDiag_is1" = ZHPDiag 2014
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
[HKEY_USERS\S-1-5-21-2327108792-3824882524-3925735962-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Video Converter Packages" = Video Converter Packages
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
[ Application Events ]
Error - 27/12/2013 16:46:51 | Computer Name = Audrey-HP | Source = Windows Search Service | ID = 3029
Description =
Error - 27/12/2013 16:46:51 | Computer Name = Audrey-HP | Source = Windows Search Service | ID = 3028
Description =
Error - 27/12/2013 16:46:51 | Computer Name = Audrey-HP | Source = Windows Search Service | ID = 3058
Description =
Error - 27/12/2013 16:46:51 | Computer Name = Audrey-HP | Source = Windows Search Service | ID = 7010
Description =
Error - 27/12/2013 16:54:42 | Computer Name = Audrey-HP | Source = CVHSVC | ID = 100
Description = Pour information uniquement. (Patch task for {90140011-0066-040C-0000-0000000FF1CE}):
DownloadLatest Failed: État HTTP 404 : l'URL requise n'existe pas sur le serveur.
Error - 29/12/2013 13:47:44 | Computer Name = Audrey-HP | Source = CVHSVC | ID = 100
Description = Pour information uniquement. (Patch task for {90140011-0066-040C-0000-0000000FF1CE}):
DownloadLatest Failed: État HTTP 404 : l'URL requise n'existe pas sur le serveur.
Error - 29/12/2013 13:56:22 | Computer Name = Audrey-HP | Source = Application Error | ID = 1000
Description = Nom de l'application défaillante IEXPLORE.EXE, version : 11.0.9600.16428,
horodatage : 0x525b664c Nom du module défaillant : jscript9.dll, version : 11.0.9600.16476,
horodatage : 0x5294589a Code d'exception : 0xc0000005 Décalage d'erreur : 0x00008be4
ID
du processus défaillant : 0x10b4 Heure de début de l'application défaillante : 0x01cf04bf3ca94198
Chemin
d'accès de l'application défaillante : C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Chemin
d'accès du module défaillant: C:\Windows\SysWOW64\jscript9.dll ID de rapport : 86c15dfc-70b2-11e3-b876-78acc0b9d148
Error - 31/12/2013 04:54:04 | Computer Name = Audrey-HP | Source = CVHSVC | ID = 100
Description = Pour information uniquement. (Patch task for {90140011-0066-040C-0000-0000000FF1CE}):
DownloadLatest Failed: État HTTP 404 : l'URL requise n'existe pas sur le serveur.
Error - 02/01/2014 04:50:14 | Computer Name = Audrey-HP | Source = Application Error | ID = 1000
Description = Nom de l'application défaillante UPDATE~1.EXE, version : 0.0.0.0,
horodatage : 0x2a425e19 Nom du module défaillant : KERNELBASE.dll, version : 6.1.7601.18229,
horodatage : 0x51fb1116 Code d'exception : 0xc0000005 Décalage d'erreur : 0x00006a59
ID
du processus défaillant : 0x1510 Heure de début de l'application défaillante : 0x01cf06cea03acfb4
Chemin
d'accès de l'application défaillante : C:\Users\Audrey\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE
Chemin
d'accès du module défaillant: C:\Windows\syswow64\KERNELBASE.dll ID de rapport :
e4fb1572-738a-11e3-b876-78acc0b9d148
Error - 02/01/2014 04:50:18 | Computer Name = Audrey-HP | Source = CVHSVC | ID = 100
Description = Pour information uniquement. (Patch task for {90140011-0066-040C-0000-0000000FF1CE}):
DownloadLatest Failed: État HTTP 404 : l'URL requise n'existe pas sur le serveur.
Error - 02/01/2014 06:37:21 | Computer Name = Audrey-HP | Source = Application Hang | ID = 1002
Description = Le programme IEXPLORE.EXE version 11.0.9600.16428 a cessé d'interagir
avec Windows et a été fermé. Pour déterminer si des informations supplémentaires
sont disponibles, consultez l'historique du problème dans le Centre de maintenance.
ID
de processus : 12a0 Heure de début : 01cf07a682af6b30 Heure de fin : 20 Chemin d'accès
de l'application : C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE ID de rapport
:
[ Hewlett-Packard Events ]
Error - 18/08/2011 03:28:23 | Computer Name = Audrey-HP | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\081118092814.xml
File not created by asset agent
Error - 18/08/2011 03:29:08 | Computer Name = Audrey-HP | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\081118092906.xml
File not created by asset agent
Error - 29/08/2011 04:03:23 | Computer Name = Audrey-HP | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\081129100315.xml
File not created by asset agent
Error - 11/09/2011 09:26:13 | Computer Name = Audrey-HP | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\091111100021.xml
File not created by asset agent
Error - 18/09/2011 10:26:28 | Computer Name = Audrey-HP | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\091118042625.xml
File not created by asset agent
[ System Events ]
Error - 15/10/2012 12:22:31 | Computer Name = Audrey-HP | Source = DCOM | ID = 10010
Description =
Error - 18/10/2012 03:38:47 | Computer Name = Audrey-HP | Source = Service Control Manager | ID = 7011
Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de
l'attente de la réponse transactionnelle du service NIS.
Error - 19/10/2012 02:50:59 | Computer Name = Audrey-HP | Source = Service Control Manager | ID = 7011
Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de
l'attente de la réponse transactionnelle du service NIS.
Error - 19/10/2012 08:24:58 | Computer Name = Audrey-HP | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Échec de l'installation : l'installation de la mise à jour suivante
a échoue avec l'erreur 0x80070643 : Definition Update for Windows Defender - KB915597
(Definition 1.139.124.0).
Error - 21/10/2012 03:11:33 | Computer Name = Audrey-HP | Source = Service Control Manager | ID = 7011
Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de
l'attente de la réponse transactionnelle du service Wlansvc.
Error - 22/10/2012 01:35:11 | Computer Name = Audrey-HP | Source = Service Control Manager | ID = 7011
Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de
l'attente de la réponse transactionnelle du service ShellHWDetection.
Error - 22/10/2012 07:40:40 | Computer Name = Audrey-HP | Source = Service Control Manager | ID = 7011
Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de
l'attente de la réponse transactionnelle du service ShellHWDetection.
Error - 25/10/2012 04:44:36 | Computer Name = Audrey-HP | Source = DCOM | ID = 10016
Description =
Error - 25/10/2012 04:44:39 | Computer Name = Audrey-HP | Source = DCOM | ID = 10016
Description =
< End of report >
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 658
19 févr. 2014 à 16:08
19 févr. 2014 à 16:08
par pjjoint, le rapport OTL.
http://pjjoint.malekal.com/files.php?id=OTL_20140219_t15e14y5c9f12
Voila le lien des Log OTL et Extra après adware
Merci à vous
Voila le lien des Log OTL et Extra après adware
Merci à vous
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 658
19 févr. 2014 à 17:17
19 févr. 2014 à 17:17
Plus de pubs ?
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 658
3 mars 2014 à 17:50
3 mars 2014 à 17:50
:)
Installe Malwarebyte's Anti-Malware : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Fais des scans réguliers avec, il est efficace.
Pour ne plus te faire avoir.
A lire - Programmes parasites / PUPs : https://www.malekal.com/adwares-pup-protection/
Installe Malwarebyte's Anti-Malware : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Fais des scans réguliers avec, il est efficace.
Pour ne plus te faire avoir.
A lire - Programmes parasites / PUPs : https://www.malekal.com/adwares-pup-protection/
19 févr. 2014 à 11:10
je te laisse faire ;)
19 févr. 2014 à 14:48