[Résolu] Problème d'installation de Trend Micro Titanium

Questions générales (installation, utilisation etc) sur les antivirus.

Modérateur : Mods Windows

Kashart

Re: Problème d'installation de Trend Micro Titanium

par Kashart »

Et enfin la dernière partie :

4/4

Persistent Indexes 5546 Index Size 5548 Unique Keys 5550 Documents Filtered 5552 Work Items Created 5554 Work Items Deleted 5556 Clean WidSets 5558 Dirty WidSets 5560 Master Merges Now. 5562 Active Connections 5564 Queries 5566 Queries Failed 5568 Queries Succeeded 5570 L0 Indexes (Wordlists) 5572 L0 Merges (flushes) Now. 5574 L0 Merge (Flush) Speed - Average 5576 L0 Merge (Flush) - Count 5578 L0 Merge (Flush) Speed - Last 5580 Persistent Indexes L1 5582 L1 Merges Now. 5584 L1 Merge Speed - average 5586 L1 Merge - Count 5588 L1 Merge Speed - last 5590 Persistent Indexes L2 5592 L2 Merges Now. 5594 L2 Merge Speed - average 5596 L2 Merge - Count 5598 L2 Merge Speed - last 5600 Persistent Indexes L3 5602 L3 Merges Now. 5604 L3 Merge Speed - average 5606 L3 Merge - Count 5608 L3 Merge Speed - last 5610 Persistent Indexes L4 5612 L4 Merges Now. 5614 L4 Merge Speed - average 5616 L4 Merge - Count 5618 L4 Merge Speed - last 5620 Persistent Indexes L5 5622 L5 Merges Now. 5624 L5 Merge Speed - average 5626 L5 Merge - Count 5628 L5 Merge Speed - last 5630 Persistent Indexes L6 5632 L6 Merges Now. 5634 L6 Merge Speed - average 5636 L6 Merge - Count 5638 L6 Merge Speed - last 5640 Persistent Indexes L7 5642 L7 Merges Now. 5644 L7 Merge Speed - average 5646 L7 Merge - Count 5648 L7 Merge Speed - last 5650 Persistent Indexes L8 5652 L8 Merges Now. 5654 L8 Merge Speed - average 5656 L8 Merge - Count 5658 L8 Merge Speed - last 5660 ReadyBoost Cache 5662 Bytes cached 5664 Cache space used 5666 Compression Ratio 5668 Total cache size bytes 5670 Cache reads/sec 5672 Cache read bytes/sec 5674 Skipped reads/sec 5676 Skipped read bytes/sec 5678 Total reads/sec 5680 Total read bytes/sec 5908 Windows Workflow Foundation 5910 Workflows Created 5912 Workflows Created/sec 5914 Workflows Unloaded 5916 Workflows Unloaded/sec 5918 Workflows Loaded 5920 Workflows Loaded/sec 5922 Workflows Completed 5924 Workflows Completed/sec 5926 Workflows Suspended 5928 Workflows Suspended/sec 5930 Workflows Terminated 5932 Workflows Terminated/sec 5934 Workflows In Memory 5936 Workflows Aborted 5938 Workflows Aborted/sec 5940 Workflows Persisted 5942 Workflows Persisted/sec 5944 Workflows Executing 5946 Workflows Idle/sec 5948 Workflows Runnable 5950 Workflows Pending 5952 ServiceModelEndpoint 3.0.0.0 5954 Calls 5956 Calls Per Second 5958 Calls Outstanding 5960 Calls Failed 5962 Calls Failed Per Second 5964 Calls Faulted 5966 Calls Faulted Per Second 5968 Calls Duration 5970 Calls Duration Base 5972 Transactions Flowed 5974 Transactions Flowed Per Second 5976 Security Validation and Authentication Failures 5978 Security Validation and Authentication Failures Per Second 5980 Security Calls Not Authorized 5982 Security Calls Not Authorized Per Second 5984 Reliable Messaging Sessions Faulted 5986 Reliable Messaging Sessions Faulted Per Second 5988 Reliable Messaging Messages Dropped 5990 Reliable Messaging Messages Dropped Per Second 6046 ServiceModelService 3.0.0.0 6048 Calls 6050 Calls Per Second 6052 Calls Outstanding 6054 Calls Failed 6056 Calls Failed Per Second 6058 Calls Faulted 6060 Calls Faulted Per Second 6062 Calls Duration 6064 Calls Duration Base 6066 Transactions Flowed 6068 Transactions Flowed Per Second 6070 Transacted Operations Committed 6072 Transacted Operations Committed Per Second 6074 Transacted Operations Aborted 6076 Transacted Operations Aborted Per Second 6078 Transacted Operations In Doubt 6080 Transacted Operations In Doubt Per Second 6082 Security Validation and Authentication Failures 6084 Security Validation and Authentication Failures Per Second 6086 Security Calls Not Authorized 6088 Security Calls Not Authorized Per Second 6090 Instances 6092 Instances Created Per Second 6094 Reliable Messaging Sessions Faulted 6096 Reliable Messaging Sessions Faulted Per Second 6098 Reliable Messaging Messages Dropped 6100 Reliable Messaging Messages Dropped Per Second 6102 Queued Poison Messages 6104 Queued Poison Messages Per Second 6106 Queued Messages Rejected 6108 Queued Messages Rejected Per Second 6110 Queued Messages Dropped 6112 Queued Messages Dropped Per Second 6114 ServiceModelOperation 3.0.0.0 6116 Calls 6118 Calls Per Second 6120 Calls Outstanding 6122 Calls Failed 6124 Call Failed Per Second 6126 Calls Faulted 6128 Calls Faulted Per Second 6130 Calls Duration 6132 Calls Duration Base 6134 Transactions Flowed 6136 Transactions Flowed Per Second 6138 Security Validation and Authentication Failures 6140 Security Validation and Authentication Failures Per Second 6142 Security Calls Not Authorized 6144 Security Calls Not Authorized Per Second 6146 SMSvcHost 3.0.0.0 6148 Protocol Failures over net.tcp 6150 Protocol Failures over net.pipe 6152 Dispatch Failures over net.tcp 6154 Dispatch Failures over net.pipe 6156 Connections Dispatched over net.tcp 6158 Connections Dispatched over net.pipe 6160 Connections Accepted over net.tcp 6162 Connections Accepted over net.pipe 6164 Registrations Active for net.tcp 6166 Registrations Active for net.pipe 6168 Uris Registered for net.tcp 6170 Uris Registered for net.pipe 6172 Uris Unregistered for net.tcp 6174 Uris Unregistered for net.pipe 6176 MSDTC Bridge 3.0.0.0 6178 Message send failures/sec 6180 Prepare retry count/sec 6182 Commit retry count/sec 6184 Prepared retry count/sec 6186 Replay retry count/sec 6188 Faults received count/sec 6190 Faults sent count/sec 6192 Average participant prepare response time 6194 Average participant prepare response time Base 6196 Average participant commit response time 6198 Average participant commit response time Base 6622 Outlook 6624 RPCs Attempted 6626 RPCs Succeeded 6628 RPCs Failed 6630 RPCs Cancelled 6632 RPCs UI Shown 6634 RPCs Attempted - UI 6636 Time Avg (all) 6638 Time Avg (10) 6640 Time Avg (50) 6642 Time Avg (200) 6644 Time Min 6646 Time Max 6648 Count obj connection 6650 Count obj hcot table 6652 Count handle (AD) context 6654 Count handle (AD) binding 6656 Count handle (store) context 6658 Count handle (store) binding 7178 ASP.NET v1.1.4322 7180 ASP.NET Apps v1.1.4322 7182 Application Restarts 7184 Applications Running 7186 Requests Disconnected 7188 Request Execution Time 7190 Requests Rejected 7192 Requests Queued 7194 Worker Processes Running 7196 Worker Process Restarts 7198 Request Wait Time 7200 State Server Sessions Active 7202 State Server Sessions Abandoned 7204 State Server Sessions Timed Out 7206 State Server Sessions Total 7208 Requests Current 7210 Anonymous Requests 7212 Anonymous Requests/Sec 7214 Cache Total Entries 7216 Cache Total Turnover Rate 7218 Cache Total Hits 7220 Cache Total Misses 7222 Cache Total Hit Ratio 7224 Cache Total Hit Ratio Base 7226 Cache API Entries 7228 Cache API Turnover Rate 7230 Cache API Hits 7232 Cache API Misses 7234 Cache API Hit Ratio 7236 Cache API Hit Ratio Base 7238 Output Cache Entries 7240 Output Cache Turnover Rate 7242 Output Cache Hits 7244 Output Cache Misses 7246 Output Cache Hit Ratio 7248 Output Cache Hit Ratio Base 7250 Compilations Total 7252 Debugging Requests 7254 Errors During Preprocessing 7256 Errors During Compilation 7258 Errors During Execution 7260 Errors Unhandled During Execution 7262 Errors Unhandled During Execution/Sec 7264 Errors Total 7266 Errors Total/Sec 7268 Pipeline Instance Count 7270 Request Bytes In Total 7272 Request Bytes Out Total 7274 Requests Executing 7276 Requests Failed 7278 Requests Not Found 7280 Requests Not Authorized 7282 Requests In Application Queue 7284 Requests Timed Out 7286 Requests Succeeded 7288 Requests Total 7290 Requests/Sec 7292 Sessions Active 7294 Sessions Abandoned 7296 Sessions Timed Out 7298 Sessions Total 7300 Transactions Aborted 7302 Transactions Committed 7304 Transactions Pending 7306 Transactions Total 7308 Transactions/Sec 7310 Session State Server connections total 7312 Session SQL Server connections total 7314 ASP.NET State Service 7520 State Server Sessions Active 7522 State Server Sessions Abandoned 7524 State Server Sessions Timed Out 7526 State Server Sessions Total 7716 VMware 7718 Virtual Disk Transfers/sec 7720 Virtual Disk Reads/sec 7722 Virtual Disk Writes/sec 7724 Virtual Disk Bytes Transferred/sec 7726 Virtual Disk Bytes Read/sec 7728 Virtual Disk Bytes Written/sec 7730 Guest Locked Memory Bytes 7732 Guest Virtual Physical Memory Bytes 7734 Percent Guest Physical Memory Touched 7736 Network Transfers/sec 7738 Network Bytes Transferred/sec 7740 Network Transfer Errors/sec 7742 Network Packets Sent/sec 7744 Network Bytes Sent/sec 7746 Network Send Errors/sec 7748 Network Packets Received/sec 7750 Network Bytes Received/sec 7752 Network Receive Errors/sec 7942 Smart Scan Client Scanning Counters 7944 Files Scanned 7946 Malware Detected 7948 Suspicious Files Detected 7950 Location Switches 7952 Smart Scan Client Queries 7954 HTTP Requests 7956 Update Requests 7958 HTTP Query Time (Total) 7960 HTTP Query Time (Minimum) 7962 HTTP Query Time (Average) 7964 HTTP Query Time (Maximum) 7966 CRC Queries 7968 CRC Query Errors (Network) 7970 CRC Query Errors (Server) 7972 CRC Query Errors (Timeout) 7974 CRC Query Errors (Others) 7976 Unsynchronized Smart Query Filter Pattern 7978 CRC Query Time (Total) 7980 CRC Query Time (Minimum) 7982 CRC Query Time (Average) 7984 CRC Query Time (Maximum) 7986 CRC Query Volume Sent 7988 CRC Query Overhead Volume Sent 7990 CRC Query Volume Received 7992 CRC Query Overhead Volume Received 7994 CRC Query Volume 7996 TCP Connections 7998 Smart Query Filter Queries 8000 Smart Query Filter Hits 8002 Smart Query Filter False Positives 8004 CRC Cached Items 8006 CRC Cache Hits 8008 CRC Cache Hit Rate 8010 CRC Diff. Purged Count 8012 Async CRC Cached Item Purged Count 8014 Smart Query Filter Pattern (full) Downloads 8016 Smart Query Filter Pattern and CRC Diff. File (full) Volume 8018 Smart Query Filter Pattern and CRC Diff. File (full) Overhead Volume 8020 Smart Query Filter Pattern (incremental) Downloads 8022 Smart Query Filter Pattern and CRC Diff. File (incremental) Volume 8024 Smart Query Filter Pattern and CRC Diff. File (incremental) Overhead Volume 8026 Smart Query Filter Pattern Version 8028 CRC Diff. File Downloads 8030 CRC Diff. File Size 8032 Smart Query Filter Pattern (full) Volume 8034 Smart Query Filter Pattern (incremental) Volume 8036 CRC Query Queue Size 8038 Update Queue Size 8040 Event Callback Queue Size 8042 Smart Scan Mode 8232 Smart Scan Client Scanning Counters 8234 Files Scanned 8236 Malware Detected 8238 Suspicious Files Detected 8240 Location Switches 8242 Smart Scan Client Queries 8244 HTTP Requests 8246 Update Requests 8248 HTTP Query Time (Total) 8250 HTTP Query Time (Minimum) 8252 HTTP Query Time (Average) 8254 HTTP Query Time (Maximum) 8256 CRC Queries 8258 CRC Query Errors (Network) 8260 CRC Query Errors (Server) 8262 CRC Query Errors (Timeout) 8264 CRC Query Errors (Others) 8266 Unsynchronized Smart Query Filter Pattern 8268 CRC Query Time (Total) 8270 CRC Query Time (Minimum) 8272 CRC Query Time (Average) 8274 CRC Query Time (Maximum) 8276 CRC Query Volume Sent 8278 CRC Query Overhead Volume Sent 8280 CRC Query Volume Received 8282 CRC Query Overhead Volume Received 8284 CRC Query Volume 8286 TCP Connections 8288 Smart Query Filter Queries 8290 Smart Query Filter Hits 8292 Smart Query Filter False Positives 8294 CRC Cached Items 8296 CRC Cache Hits 8298 CRC Cache Hit Rate 8300 CRC Diff. Purged Count 8302 Async CRC Cached Item Purged Count 8304 Smart Query Filter Pattern (full) Downloads 8306 Smart Query Filter Pattern and CRC Diff. File (full) Volume 8308 Smart Query Filter Pattern and CRC Diff. File (full) Overhead Volume 8310 Smart Query Filter Pattern (incremental) Downloads 8312 Smart Query Filter Pattern and CRC Diff. File (incremental) Volume 8314 Smart Query Filter Pattern and CRC Diff. File (incremental) Overhead Volume 8316 Smart Query Filter Pattern Version 8318 CRC Diff. File Downloads 8320 CRC Diff. File Size 8322 Smart Query Filter Pattern (full) Volume 8324 Smart Query Filter Pattern (incremental) Volume 8326 CRC Query Queue Size 8328 Update Queue Size 8330 Event Callback Queue Size 8332 Smart Scan Mode 8334 WMI Objects 8336 HiPerf Classes 8338 HiPerf Validity 8340 MSiSCSI_ConnectionStatistics 8342 BytesReceived 8344 BytesSent 8346 PDUCommandsSent 8348 PDUResponsesReceived 8350 MSiSCSI_InitiatorInstanceStatistics 8352 SessionConnectionTimeoutErrorCount 8354 SessionDigestErrorCount 8356 SessionFailureCount 8358 SessionFormatErrorCount 8360 MSiSCSI_InitiatorLoginStatistics 8362 LoginAcceptRsps 8364 LoginAuthenticateFails 8366 LoginAuthFailRsps 8368 LoginFailures 8370 LoginNegotiateFails 8372 LoginOtherFailRsps 8374 LoginRedirectRsps 8376 LogoutNormals 8378 LogoutOtherCodes 8380 MSiSCSI_MMIPSECStats 8382 AcquireFailures 8384 AcquireHeapSize 8386 ActiveAcquire 8388 ActiveReceive 8390 AuthenticationFailures 8392 ConnectionListSize 8394 GetSPIFailures 8396 InvalidCookiesReceived 8398 InvalidPackets 8400 KeyAdditionFailures 8402 KeyAdditions 8404 KeyUpdateFailures 8406 KeyUpdates 8408 NegotiationFailures 8410 OakleyMainMode 8412 OakleyQuickMode 8414 ReceiveFailures 8416 ReceiveHeapSize 8418 SendFailures 8420 SoftAssociations 8422 TotalGetSPI 8424 MSiSCSI_NICPerformance 8426 BytesReceived 8428 BytesTransmitted 8430 PDUReceived 8432 PDUTransmitted 8434 MSiSCSI_QMIPSECStats 8436 ActiveSA 8438 ActiveTunnels 8440 AuthenticatedBytesReceived 8442 AuthenticatedBytesSent 8444 BadSPIPackets 8446 ConfidentialBytesReceived 8448 ConfidentialBytesSent 8450 KeyAdditions 8452 KeyDeletions 8454 PacketsNotAuthenticated 8456 PacketsNotDecrypted 8458 PacketsWithReplayDetection 8460 PendingKeyOperations 8462 ReKeys 8464 TransportBytesReceived 8466 TransportBytesSent 8468 TunnelBytesReceived 8470 TunnelBytesSent 8472 MSiSCSI_RequestTimeStatistics 8474 AverageProcessingTime 8476 MaximumProcessingTime 8478 MSiSCSI_SessionStatistics 8480 BytesReceived 8482 BytesSent 8484 ConnectionTimeoutErrors 8486 DigestErrors 8488 FormatErrors 8490 PDUCommandsSent 8492 PDUResponsesReceived 8494 ProcessorPerformance 8496 frequency 8498 percentage 8500 power 8502 Virtual Machines v2 8504 fMegabytesAllocated 8506 fPagesAllocated 8508 Virtual Processors v2 8510 fExternalInterrupts 8512 fHvmGuestExternalInterrupts 8514 fVmmContextSwitches 8516 fVmmCumulativeGuestTimeMicroseconds 8518 fVmmExceptions 8520 fVpProcessorInHvmMode 8826 SMSvcHost 4.0.0.0 8828 Protocol Failures over net.tcp 8830 Protocol Failures over net.pipe 8832 Dispatch Failures over net.tcp 8834 Dispatch Failures over net.pipe 8836 Connections Dispatched over net.tcp 8838 Connections Dispatched over net.pipe 8840 Connections Accepted over net.tcp 8842 Connections Accepted over net.pipe 8844 Registrations Active for net.tcp 8846 Registrations Active for net.pipe 8848 Uris Registered for net.tcp 8850 Uris Registered for net.pipe 8852 Uris Unregistered for net.tcp 8854 Uris Unregistered for net.pipe 8856 MSDTC Bridge 4.0.0.0 8858 Message send failures/sec 8860 Prepare retry count/sec 8862 Commit retry count/sec 8864 Prepared retry count/sec 8866 Replay retry count/sec 8868 Faults received count/sec 8870 Faults sent count/sec 8872 Average participant prepare response time 8874 Average participant prepare response time Base 8876 Average participant commit response time 8878 Average participant commit response time Base 8880 .NET CLR Networking 4.0.0.0 8882 Connections Established 8884 Bytes Received 8886 Bytes Sent 8888 Datagrams Received 8890 Datagrams Sent 8892 HttpWebRequests Created/Sec 8894 HttpWebRequests Average Lifetime 8896 HttpWebRequests Average Lifetime Base 8898 HttpWebRequests Queued/Sec 8900 HttpWebRequests Average Queue Time 8902 HttpWebRequests Average Queue Time Base 8904 HttpWebRequests Aborted/Sec 8906 HttpWebRequests Failed/Sec 8908 Smart Scan Client Scanning Counters 8910 Files Scanned 8912 Malware Detected 8914 Suspicious Files Detected 8916 Location Switches 8918 Smart Scan Client Queries 8920 HTTP Requests 8922 Update Requests 8924 HTTP Query Time (Total) 8926 HTTP Query Time (Minimum) 8928 HTTP Query Time (Average) 8930 HTTP Query Time (Maximum) 8932 CRC Queries 8934 CRC Query Errors (Network) 8936 CRC Query Errors (Server) 8938 CRC Query Errors (Timeout) 8940 CRC Query Errors (Others) 8942 Unsynchronized Smart Query Filter Pattern 8944 CRC Query Time (Total) 8946 CRC Query Time (Minimum) 8948 CRC Query Time (Average) 8950 CRC Query Time (Maximum) 8952 CRC Query Volume Sent 8954 CRC Query Overhead Volume Sent 8956 CRC Query Volume Received 8958 CRC Query Overhead Volume Received 8960 CRC Query Volume 8962 TCP Connections 8964 Smart Query Filter Queries 8966 Smart Query Filter Hits 8968 Smart Query Filter False Positives 8970 CRC Cached Items 8972 CRC Cache Hits 8974 CRC Cache Hit Rate 8976 CRC Diff. Purged Count 8978 Async CRC Cached Item Purged Count 8980 Smart Query Filter Pattern (full) Downloads 8982 Smart Query Filter Pattern and CRC Diff. File (full) Volume 8984 Smart Query Filter Pattern and CRC Diff. File (full) Overhead Volume 8986 Smart Query Filter Pattern (incremental) Downloads 8988 Smart Query Filter Pattern and CRC Diff. File (incremental) Volume 8990 Smart Query Filter Pattern and CRC Diff. File (incremental) Overhead Volume 8992 Smart Query Filter Pattern Version 8994 CRC Diff. File Downloads 8996 CRC Diff. File Size 8998 Smart Query Filter Pattern (full) Volume 9000 Smart Query Filter Pattern (incremental) Volume 9002 CRC Query Queue Size 9004 Update Queue Size 9006 Event Callback Queue Size 9008 Smart Scan Mode 9010 HTTP Query External Cache Count (Hit) 9012 HTTP Query External Cache Count (Miss) 9014 Check BF Update Queries 9016 WMI Objects 9018 HiPerf Classes 9020 HiPerf Validity 9022 MSiSCSI_ConnectionStatistics 9024 BytesReceived 9026 BytesSent 9028 PDUCommandsSent 9030 PDUResponsesReceived 9032 MSiSCSI_InitiatorInstanceStatistics 9034 SessionConnectionTimeoutErrorCount 9036 SessionDigestErrorCount 9038 SessionFailureCount 9040 SessionFormatErrorCount 9042 MSiSCSI_InitiatorLoginStatistics 9044 LoginAcceptRsps 9046 LoginAuthenticateFails 9048 LoginAuthFailRsps 9050 LoginFailures 9052 LoginNegotiateFails 9054 LoginOtherFailRsps 9056 LoginRedirectRsps 9058 LogoutNormals 9060 LogoutOtherCodes 9062 MSiSCSI_MMIPSECStats 9064 AcquireFailures 9066 AcquireHeapSize 9068 ActiveAcquire 9070 ActiveReceive 9072 AuthenticationFailures 9074 ConnectionListSize 9076 GetSPIFailures 9078 InvalidCookiesReceived 9080 InvalidPackets 9082 KeyAdditionFailures 9084 KeyAdditions 9086 KeyUpdateFailures 9088 KeyUpdates 9090 NegotiationFailures 9092 OakleyMainMode 9094 OakleyQuickMode 9096 ReceiveFailures 9098 ReceiveHeapSize 9100 SendFailures 9102 SoftAssociations 9104 TotalGetSPI 9106 MSiSCSI_NICPerformance 9108 BytesReceived 9110 BytesTransmitted 9112 PDUReceived 9114 PDUTransmitted 9116 MSiSCSI_QMIPSECStats 9118 ActiveSA 9120 ActiveTunnels 9122 AuthenticatedBytesReceived 9124 AuthenticatedBytesSent 9126 BadSPIPackets 9128 ConfidentialBytesReceived 9130 ConfidentialBytesSent 9132 KeyAdditions 9134 KeyDeletions 9136 PacketsNotAuthenticated 9138 PacketsNotDecrypted 9140 PacketsWithReplayDetection 9142 PendingKeyOperations 9144 ReKeys 9146 TransportBytesReceived 9148 TransportBytesSent 9150 TunnelBytesReceived 9152 TunnelBytesSent 9154 MSiSCSI_RequestTimeStatistics 9156 AverageProcessingTime 9158 MaximumProcessingTime 9160 MSiSCSI_SessionStatistics 9162 BytesReceived 9164 BytesSent 9166 ConnectionTimeoutErrors 9168 DigestErrors 9170 FormatErrors 9172 PDUCommandsSent 9174 PDUResponsesReceived 9176 ProcessorPerformance 9178 frequency 9180 percentage 9182 power 9184 Virtual Machines v2 9186 fMegabytesAllocated 9188 fPagesAllocated 9190 Virtual Processors v2 9192 fExternalInterrupts 9194 fHvmGuestExternalInterrupts 9196 fVmmContextSwitches 9198 fVmmCumulativeGuestTimeMicroseconds 9200 fVmmExceptions 9202 fVpProcessorInHvmMode 3198 Terminal Services 3200 Active Sessions 3202 Inactive Sessions 3204 Total Sessions 4454 Pacer Flow 4456 Packets dropped 4458 Packets scheduled 4460 Packets transmitted 4462 Bytes scheduled 4464 Bytes transmitted 4466 Bytes transmitted/sec 4468 Bytes scheduled/sec 4470 Packets transmitted/sec 4472 Packets scheduled/sec 4474 Packets dropped/sec 4476 Nonconforming packets scheduled 4478 Nonconforming packets scheduled/sec 4480 Average packets in shaper 4482 Max packets in shaper 4484 Average packets in sequencer 4486 Max packets in sequencer 4488 Maximum packets in netcard 4490 Average packets in netcard 4492 Nonconforming packets transmitted 4494 Nonconforming packets transmitted/sec 4496 Pacer Pipe 4498 Out of packets 4500 Flows opened 4502 Flows closed 4504 Flows rejected 4506 Flows modified 4508 Flow mods rejected 4510 Max simultaneous flows 4512 Nonconforming packets scheduled 4514 Nonconforming packets scheduled/sec 4516 Average packets in shaper 4518 Max packets in shaper 4520 Average packets in sequencer 4522 Max packets in sequencer 4524 Max packets in netcard 4526 Average packets in netcard 4528 Nonconforming packets transmitted 4530 Nonconforming packets transmitted/sec 2258 WFPv4 2260 Inbound Packets Discarded/sec 2262 Outbound Packets Discarded/sec 2264 Packets Discarded/sec 2266 Blocked Binds 2268 Inbound Connections Blocked/sec 2270 Outbound Connections Blocked/sec 2272 Inbound Connections Allowed/sec 2274 Outbound Connections Allowed/sec 2276 Inbound Connections 2278 Outbound Connections 2280 Active Inbound Connections 2282 Active Outbound Connections 2284 Allowed Classifies/sec 2318 IPsec Driver 2320 Active Security Associations 2322 Pending Security Associations 2324 Incorrect SPI Packets 2326 Incorrect SPI Packets/sec 2328 Bytes Received in Tunnel Mode/sec 2330 Bytes Sent in Tunnel Mode/sec 2332 Bytes Received in Transport Mode/sec 2334 Bytes Sent in Transport Mode/sec 2336 Offloaded Security Associations 2338 Offloaded Bytes Received/sec 2340 Offloaded Bytes Sent/sec 2342 Packets That Failed Replay Detection 2344 Packets That Failed Replay Detection/sec 2346 Packets Not Authenticated 2348 Packets Not Authenticated/sec 2350 Packets Not Decrypted 2352 Packets Not Decrypted/sec 2354 SA Rekeys 2356 Security Associations Added 2358 Packets That Failed ESP Validation 2360 Packets That Failed ESP Validation/sec 2362 Packets That Failed UDP-ESP Validation 2364 Packets That Failed UDP-ESP Validation/sec 2366 Packets Received Over Wrong SA 2368 Packets Received Over Wrong SA/sec 2370 Plaintext Packets Received 2372 Plaintext Packets Received/sec 2374 Total Inbound Packets Received 2376 Inbound Packets Received/sec 2378 Total Inbound Packets Dropped 2380 Inbound Packets Dropped/sec 2314 WFP 2316 Provider Count 2286 WFPv6 2288 Inbound Packets Discarded/sec 2290 Outbound Packets Discarded/sec 2292 Packets Discarded/sec 2294 Blocked Binds 2296 Inbound Connections Blocked/sec 2298 Outbound Connections Blocked/sec 2300 Inbound Connections Allowed/sec 2302 Outbound Connections Allowed/sec 2304 Inbound Connections 2306 Outbound Connections 2308 Active Inbound Connections 2310 Active Outbound Connections 2312 Allowed Classifies/sec 5682 Peer Name Resolution Protocol 5684 Registration 5686 Resolve 5688 Cache Entry 5690 Average bytes sent 5692 Average bytes received 5694 Estimated cloud size 5696 Stale cache entry 5698 Send failures 5700 Receive failures 5702 Solicit sent per second 5704 Solicit received per second 5706 Advertise sent per second 5708 Advertise received per second 5710 Request sent per second 5712 Request received per second 5714 Flood sent per second 5716 Flood received per second 5718 Inquire sent per second 5720 Inquire received per second 5722 Authority sent per second 5724 Authority received per second 5726 Ack sent per second 5728 Ack received per second 5730 Lookup sent per second 5732 Lookup received per second 5734 Unknown message type received 4938 Authorization Manager Applications 4940 Total number of scopes 4942 Number of Scopes loaded in memory 5790 Fax Service 5792 Total minutes sending and receiving 5794 Total pages 5796 Total faxes sent and received 5798 Total bytes 5800 Failed faxes transmissions 5802 Failed outgoing connections 5804 Minutes sending 5806 Pages sent 5808 Faxes sent 5810 Bytes sent 5812 Failed receptions 5814 Minutes receiving 5816 Received pages 5818 Received faxes 5820 Bytes received 6368 Offline Files 6370 Bytes Received 6372 Bytes Transmitted 6374 Bytes Transmitted/sec 6378 Bytes Received/sec 6382 Client Side Caching 6384 SMB BranchCache Bytes Requested 6386 SMB BranchCache Bytes Received 6388 SMB BranchCache Bytes Published 6390 SMB BranchCache Bytes Requested From Server 6392 SMB BranchCache Hashes Requested 6394 SMB BranchCache Hashes Received 6396 SMB BranchCache Hash Bytes Received 6398 Prefetch Operations Queued 6400 Prefetch Bytes Read From Cache 6402 Prefetch Bytes Read From Server 6404 Application Bytes Read From Cache 6406 Application Bytes Read From Server 6408 Application Bytes Read From Server (Not Cached) 2578 Generic IKEv1, AuthIP, and IKEv2 2580 IKEv1 Main Mode Negotiation Time 2582 AuthIP Main Mode Negotiation Time 2584 IKEv1 Quick Mode Negotiation Time 2586 AuthIP Quick Mode Negotiation Time 2588 Extended Mode Negotiation Time 2590 Packets Received/sec 2592 Invalid Packets Received/sec 2594 Successful Negotiations 2596 Successful Negotiations/sec 2598 Failed Negotiations 2600 Failed Negotiations/sec 2602 IKEv2 Main Mode Negotiation Time 2604 IKEv2 Quick Mode Negotiation Time 2606 IPsec IKEv2 IPv4 2608 Active Main Mode SAs 2610 Pending Main Mode Negotiations 2612 Main Mode Negotiations 2614 Main Mode Negotiations/sec 2616 Successful Main Mode Negotiations 2618 Successful Main Mode Negotiations/sec 2620 Failed Main Mode Negotiations 2622 Failed Main Mode Negotiations/sec 2624 Main Mode Negotiation Requests Received 2626 Main Mode Negotiation Requests Received/sec 2628 Active Quick Mode SAs 2630 Pending Quick Mode Negotiations 2632 Quick Mode Negotiations 2634 Quick Mode Negotiations/sec 2636 Successful Quick Mode Negotiations 2638 Successful Quick Mode Negotiations/sec 2640 Failed Quick Mode Negotiations 2642 Failed Quick Mode Negotiations/sec 2458 IPsec AuthIP IPv4 2460 Active Main Mode SAs 2462 Pending Main Mode Negotiations 2464 Main Mode Negotiations 2466 Main Mode Negotiations/sec 2468 Successful Main Mode Negotiations 2470 Successful Main Mode Negotiations/sec 2472 Failed Main Mode Negotiations 2474 Failed Main Mode Negotiations/sec 2476 Main Mode Negotiation Requests Received 2478 Main Mode Negotiation Requests Received/sec 2480 Main Mode SAs That Used Impersonation 2482 Main Mode SAs That Used Impersonation/sec 2484 Active Quick Mode SAs 2486 Pending Quick Mode Negotiations 2488 Quick Mode Negotiations 2490 Quick Mode Negotiations/sec 2492 Successful Quick Mode Negotiations 2494 Successful Quick Mode Negotiations/sec 2496 Failed Quick Mode Negotiations 2498 Failed Quick Mode Negotiations/sec 2500 Active Extended Mode SAs 2502 Pending Extended Mode Negotiations 2504 Extended Mode Negotiations 2506 Extended Mode Negotiations/sec 2508 Successful Extended Mode Negotiations 2510 Successful Extended Mode Negotiations/sec 2512 Failed Extended Mode Negotiations 2514 Failed Extended Mode Negotiations/sec 2516 Extended Mode SAs That Used Impersonation 2518 IPsec AuthIP IPv6 2520 Active Main Mode SAs 2522 Pending Main Mode Negotiations 2524 Main Mode Negotiations 2526 Main Mode Negotiations/sec 2528 Successful Main Mode Negotiations 2530 Successful Main Mode Negotiations/sec 2532 Failed Main Mode Negotiations 2534 Failed Main Mode Negotiations/sec 2536 Main Mode Negotiation Requests Received 2538 Main Mode Negotiation Requests Received/sec 2540 Main Mode SAs That Used Impersonation 2542 Main Mode SAs That Used Impersonation/sec 2544 Active Quick Mode SAs 2546 Pending Quick Mode Negotiations 2548 Quick Mode Negotiations 2550 Quick Mode Negotiations/sec 2552 Successful Quick Mode Negotiations 2554 Successful Quick Mode Negotiations/sec 2556 Failed Quick Mode Negotiations 2558 Failed Quick Mode Negotiations/sec 2560 Active Extended Mode SAs 2562 Pending Extended Mode Negotiations 2564 Extended Mode Negotiations 2566 Extended Mode Negotiations/sec 2568 Successful Extended Mode Negotiations 2570 Successful Extended Mode Negotiations/sec 2572 Failed Extended Mode Negotiations 2574 Failed Extended Mode Negotiations/sec 2576 Extended Mode SAs That Used Impersonation 2644 IPsec IKEv2 IPv6 2646 Active Main Mode SAs 2648 Pending Main Mode Negotiations 2650 Main Mode Negotiations 2652 Main Mode Negotiations/sec 2654 Successful Main Mode Negotiations 2656 Successful Main Mode Negotiations/sec 2658 Failed Main Mode Negotiations 2660 Failed Main Mode Negotiations/sec 2662 Main Mode Negotiation Requests Received 2664 Main Mode Negotiation Requests Received/sec 2666 Active Quick Mode SAs 2668 Pending Quick Mode Negotiations 2670 Quick Mode Negotiations 2672 Quick Mode Negotiations/sec 2674 Successful Quick Mode Negotiations 2676 Successful Quick Mode Negotiations/sec 2678 Failed Quick Mode Negotiations 2680 Failed Quick Mode Negotiations/sec 2382 IPsec IKEv1 IPv4 2384 Active Main Mode SAs 2386 Pending Main Mode Negotiations 2388 Main Mode Negotiations 2390 Main Mode Negotiations/sec 2392 Successful Main Mode Negotiations 2394 Successful Main Mode Negotiations/sec 2396 Failed Main Mode Negotiations 2398 Failed Main Mode Negotiations/sec 2400 Main Mode Negotiation Requests Received 2402 Main Mode Negotiation Requests Received/sec 2404 Active Quick Mode SAs 2406 Pending Quick Mode Negotiations 2408 Quick Mode Negotiations 2410 Quick Mode Negotiations/sec 2412 Successful Quick Mode Negotiations 2414 Successful Quick Mode Negotiations/sec 2416 Failed Quick Mode Negotiations 2418 Failed Quick Mode Negotiations/sec 2420 IPsec IKEv1 IPv6 2422 Active Main Mode SAs 2424 Pending Main Mode Negotiations 2426 Main Mode Negotiations 2428 Main Mode Negotiations/sec 2430 Successful Main Mode Negotiations 2432 Successful Main Mode Negotiations/sec 2434 Failed Main Mode Negotiations 2436 Failed Main Mode Negotiations/sec 2438 Main Mode Negotiation Requests Received 2440 Main Mode Negotiation Requests Received/sec 2442 Active Quick Mode SAs 2444 Pending Quick Mode Negotiations 2446 Quick Mode Negotiations 2448 Quick Mode Negotiations/sec 2450 Successful Quick Mode Negotiations 2452 Successful Quick Mode Negotiations/sec 2454 Failed Quick Mode Negotiations 2456 Failed Quick Mode Negotiations/sec 4716 Teredo Relay 4718 In - Teredo Relay Total Packets: Success + Error 4720 In - Teredo Relay Success Packets: Total 4722 In - Teredo Relay Success Packets: Bubbles 4724 In - Teredo Relay Success Packets: Data Packets 4726 In - Teredo Relay Error Packets: Total 4728 In - Teredo Relay Error Packets: Header Error 4730 In - Teredo Relay Error Packets: Source Error 4732 In - Teredo Relay Error Packets: Destination Error 4734 Out - Teredo Relay Total Packets: Success + Error 4736 Out - Teredo Relay Success Packets 4738 Out - Teredo Relay Success Packets: Bubbles 4740 Out - Teredo Relay Success Packets: Data Packets 4742 Out - Teredo Relay Error Packets 4744 Out - Teredo Relay Error Packets: Header Error 4746 Out - Teredo Relay Error Packets: Source Error 4748 Out - Teredo Relay Error Packets: Destination Error 4750 In - Teredo Relay Total Packets: Success + Error / sec 4752 Out - Teredo Relay Total Packets: Success + Error / sec 4754 In - Teredo Relay Success Packets: Data Packets User Mode 4756 In - Teredo Relay Success Packets: Data Packets Kernel Mode 4758 Out - Teredo Relay Success Packets: Data Packets User Mode 4760 Out - Teredo Relay Success Packets: Data Packets Kernel Mode 4762 IPHTTPS Session 4764 Packets received on this session 4766 Packets sent on this session 4768 Bytes received on this session 4770 Bytes sent on this session 4772 Errors - Transmit errors on this session 4774 Errors - Receive errors on this session 4776 Duration - Duration of the session (Seconds) 4778 IPHTTPS Global 4780 In - Total bytes received 4782 Out - Total bytes sent 4784 Drops - Neighbor resolution timeouts 4786 Errors - Authentication Errors 4788 Out - Total bytes forwarded 4790 Errors - Transmit errors on the server 4792 Errors - Receive errors on the server 4794 In - Total packets received 4796 Out - Total packets sent 4798 Sessions - Total sessions 4686 Teredo Server 4688 In - Teredo Server Total Packets: Success + Error 4690 In - Teredo Server Success Packets: Total 4692 In - Teredo Server Success Packets: Bubbles 4694 In - Teredo Server Success Packets: Echo 4696 In - Teredo Server Success Packets: RS-Primary 4698 In - Teredo Server Success Packets: RS-Secondary 4700 In - Teredo Server Error Packets: Total 4702 In - Teredo Server Error Packets: Header Error 4704 In - Teredo Server Error Packets: Source Error 4706 In - Teredo Server Error Packets: Destination Error 4708 In - Teredo Server Error Packets: Authentication Error 4710 Out - Teredo Server: RA-Primary 4712 Out - Teredo Server: RA-Secondary 4714 In - Teredo Server Total Packets: Success + Error / sec 4662 Teredo Client 4664 In - Teredo Router Advertisement 4666 In - Teredo Bubble 4668 In - Teredo Data 4670 In - Teredo Invalid 4672 Out - Teredo Router Solicitation 4674 Out - Teredo Bubble 4676 Out - Teredo Data 4678 In - Teredo Data User Mode 4680 In - Teredo Data Kernel Mode 4682 Out - Teredo Data User Mode 4684 Out - Teredo Data Kernel Mode 8522 ServiceModelService 4.0.0.0 8524 Calls 8526 Calls Per Second 8528 Calls Outstanding 8530 Calls Failed 8532 Calls Failed Per Second 8534 Calls Faulted 8536 Calls Faulted Per Second 8538 Calls Duration 8540 Security Validation and Authentication Failures 8542 Security Validation and Authentication Failures Per Second 8544 Security Calls Not Authorized 8546 Security Calls Not Authorized Per Second 8548 Instances 8550 Instances Created Per Second 8552 Reliable Messaging Sessions Faulted 8554 Reliable Messaging Sessions Faulted Per Second 8556 Reliable Messaging Messages Dropped 8558 Reliable Messaging Messages Dropped Per Second 8560 Transactions Flowed 8562 Transactions Flowed Per Second 8564 Transacted Operations Committed 8566 Transacted Operations Committed Per Second 8568 Transacted Operations Aborted 8570 Transacted Operations Aborted Per Second 8572 Transacted Operations In Doubt 8574 Transacted Operations In Doubt Per Second 8576 Queued Poison Messages 8578 Queued Poison Messages Per Second 8580 Queued Messages Rejected 8582 Queued Messages Rejected Per Second 8584 Queued Messages Dropped 8586 Queued Messages Dropped Per Second 8588 Percent Of Max Concurrent Calls 8590 Percent Of Max Concurrent Instances 8592 Percent Of Max Concurrent Sessions 8594 CallDurationBase 8596 CallsPercentMaxConcurrentCallsBase 8598 InstancesPercentMaxConcurrentInstancesBase 8600 SessionsPercentMaxConcurrentSessionsBase 8642 ServiceModelOperation 4.0.0.0 8644 Calls 8646 Calls Per Second 8648 Calls Outstanding 8650 Calls Failed 8652 Call Failed Per Second 8654 Calls Faulted 8656 Calls Faulted Per Second 8658 Calls Duration 8660 Security Validation and Authentication Failures 8662 Security Validation and Authentication Failures Per Second 8664 Security Calls Not Authorized 8666 Security Calls Not Authorized Per Second 8668 Transactions Flowed 8670 Transactions Flowed Per Second 8672 CallsDurationBase 8602 ServiceModelEndpoint 4.0.0.0 8604 Calls 8606 Calls Per Second 8608 Calls Outstanding 8610 Calls Failed 8612 Calls Failed Per Second 8614 Calls Faulted 8616 Calls Faulted Per Second 8618 Calls Duration 8620 Security Validation and Authentication Failures 8622 Security Validation and Authentication Failures Per Second 8624 Security Calls Not Authorized 8626 Security Calls Not Authorized Per Second 8628 Reliable Messaging Sessions Faulted 8630 Reliable Messaging Sessions Faulted Per Second 8632 Reliable Messaging Messages Dropped 8634 Reliable Messaging Messages Dropped Per Second 8636 Transactions Flowed 8638 Transactions Flowed Per Second 8640 CallDurationBase 2246 Power Meter 2248 Power 2250 Power Budget 4644 HTTP Service Request Queues 4646 CurrentQueueSize 4648 MaxQueueItemAge 4650 ArrivalRate 4652 RejectionRate 4654 RejectedRequests 4656 CacheHitRate 4624 HTTP Service Url Groups 4626 BytesSentRate 4628 BytesReceivedRate 4630 BytesTransferredRate 4632 CurrentConnections 4634 MaxConnections 4636 ConnectionAttempts 4638 GetRequests 4640 HeadRequests 4642 AllRequests 4610 HTTP Service 4612 CurrentUrisCached 4614 TotalUrisCached 4616 UriCacheHits 4618 UriCacheMisses 4620 UriCacheFlushes 4622 TotalFlushedUris 5262 Windows Media Player Metadata 5264 Files Scanned/Minute 5268 Monitored Folder Updates/Second 5272 Groveler Service Routine Executions/Second 5276 Library Description Updates/Second 5280 Library Description Change Notifications/Second 5284 File Scanning Thread Prioirty 5286 Directory Change Queue Length 5288 Scanning State 5290 Dirty Directory Hit Count 5292 Timestamp Directory Hit Count 5294 AFTS Execution Time (ms) 5296 URL Classification Time (ms) 5298 Property Extraction Time (ms) 5300 Art Extraction Time (ms) 5302 Reorganize Time (ms) 5304 Commit Time (ms) 5306 Normalization Time (ms) 3170 Netlogon 3172 Semaphore Waiters 3174 Semaphore Holders 3176 Semaphore Acquires 3178 Semaphore Timeouts 3180 Average Semaphore Hold Time 3182 Semaphore Hold Time Base 5854 Distributed Routing Table 5856 Registrations 5858 Searches 5860 Cache Entries 5862 Average Bytes/second Sent 5864 Average Bytes/second Received 5866 Estimated cloud size 5868 Stale Cache Entries 5870 Send Failures 5872 Receive Failures 5874 Solicit Messages Sent/second 5876 Solicit Messages Received/second 5878 Advertise Messages Sent/second 5880 Advertise Messages Received/second 5882 Request Messages Sent/second 5884 Request Messages Received/second 5886 Flood Messages Sent/second 5888 Flood Messages Received/second 5890 Inquire Messages Sent/second 5892 Inquire Messages Received/second 5894 Authority Sent/second 5896 Authority Messages Received/second 5898 Ack Messages Sent/second 5900 Ack Messages Received/second 5902 Lookup Messages Sent/second 5904 Lookup Messages Received/second 5906 Unrecognized Messages Received 3106 Per Processor Network Interface Card Activity 3108 DPCs Queued/sec 3110 Interrupts/sec 3112 Receive Indications/sec 3114 Return Packet Calls/sec 3116 Received Packets/sec 3118 Returned Packets/sec 3120 Send Request Calls/sec 3122 Send Complete Calls/sec 3124 Sent Packets/sec 3126 Sent Complete Packets/sec 3128 Build Scatter Gather List Calls/sec 3130 RSS Indirection Table Change Calls/sec 3132 Low Resource Receive Indications/sec 3134 Low Resource Received Packets/sec 3136 Tcp Offload Receive Indications/sec 3138 Tcp Offload Send Request Calls/sec 3140 Tcp Offload Receive bytes/sec 3142 Tcp Offload Send bytes/sec 3144 Per Processor Network Activity Cycles 3146 Interrupt DPC Cycles/sec 3148 Interrupt Cycles/sec 3150 NDIS Receive Indication Cycles/sec 3152 Stack Receive Indication Cycles/sec 3154 NDIS Return Packet Cycles/sec 3156 Miniport Return Packet Cycles/sec 3158 NDIS Send Cycles/sec 3160 Miniport Send Cycles/sec 3162 NDIS Send Complete Cycles/sec 3164 Build Scatter Gather Cycles/sec 3166 Miniport RSS Indirection Table Change Cycles 3168 Stack Send Complete Cycles/sec 1990 Event Tracing for Windows Session 1992 Buffer Memory Usage -- Paged Pool 1994 Buffer Memory Usage -- Non-Paged Pool 1996 Events Logged per sec 1998 Events Lost 2000 Number of Real-Time Consumers 1848 Processor Information 1850 % Processor Time 1852 % User Time 1854 % Privileged Time 1856 Interrupts/sec 1858 % DPC Time 1860 % Interrupt Time 1862 DPCs Queued/sec 1864 DPC Rate 1866 % Idle Time 1868 % C1 Time 1870 % C2 Time 1872 % C3 Time 1874 C1 Transitions/sec 1876 C2 Transitions/sec 1878 C3 Transitions/sec 1880 % Priority Time 1882 Parking Status 1884 Processor Frequency 1886 % of Maximum Frequency 1888 Processor State Flags 1976 Event Tracing for Windows 1978 Total Number of Distinct Enabled Providers 1980 Total Number of Distinct Pre-Enabled Providers 1982 Total Number of Distinct Disabled Providers 1984 Total Number of Active Sessions 1986 Total Memory Usage --- Paged Pool 1988 Total Memory Usage --- Non-Paged Pool 1890 Synchronization 1892 Spinlock Acquires/sec 1894 Spinlock Contentions/sec 1896 Spinlock Spins/sec 1898 IPI Send Broadcast Requests/sec 1900 IPI Send Routine Requests/sec 1902 IPI Send Software Interrupts/sec 1904 Exec. Resource Total Initialize/sec 1906 Exec. Resource Total Re-Initialize/sec 1908 Exec. Resource Total Delete/sec 1910 Exec. Resource Total Acquires/sec 1912 Exec. Resource Total Contentions/sec 1914 Exec. Resource Total Exclusive Releases/sec 1916 Exec. Resource Total Shared Releases/sec 1918 Exec. Resource Total Conv. Exclusive To Shared/sec 1920 Exec. Resource Attempts AcqExclLite/sec 1922 Exec. Resource Acquires AcqExclLite/sec 1924 Exec. Resource Recursive Excl. Acquires AcqExclLite/sec 1926 Exec. Resource Contention AcqExclLite/sec 1928 Exec. Resource no-Waits AcqExclLite/sec 1930 Exec. Resource Attempts AcqShrdLite/sec 1932 Exec. Resource Recursive Excl. Acquires AcqShrdLite/sec 1934 Exec. Resource Acquires AcqShrdLite/sec 1936 Exec. Resource Recursive Sh. Acquires AcqShrdLite/sec 1938 Exec. Resource Contention AcqShrdLite/sec 1940 Exec. Resource no-Waits AcqShrdLite/sec 1942 Exec. Resource Attempts AcqShrdStarveExcl/sec 1944 Exec. Resource Recursive Excl. Acquires AcqShrdStarveExcl/sec 1946 Exec. Resource Acquires AcqShrdStarveExcl/sec 1948 Exec. Resource Recursive Sh. Acquires AcqShrdStarveExcl/sec 1950 Exec. Resource Contention AcqShrdStarveExcl/sec 1952 Exec. Resource no-Waits AcqShrdStarveExcl/sec 1954 Exec. Resource Attempts AcqShrdWaitForExcl/sec 1956 Exec. Resource Recursive Excl. Acquires AcqShrdWaitForExcl/sec 1958 Exec. Resource Acquires AcqShrdWaitForExcl/sec 1960 Exec. Resource Recursive Sh. Acquires AcqShrdWaitForExcl/sec 1962 Exec. Resource Contention AcqShrdWaitForExcl/sec 1964 Exec. Resource no-Waits AcqShrdWaitForExcl/sec 1966 Exec. Resource Set Owner Pointer Exclusive/sec 1968 Exec. Resource Set Owner Pointer Shared (New Owner)/sec 1970 Exec. Resource Set Owner Pointer Shared (Existing Owner)/sec 1972 Exec. Resource Boost Excl. Owner/sec 1974 Exec. Resource Boost Shared Owners/sec 6410 BranchCache 6412 Retrieval: Bytes from server 6414 Retrieval: Bytes from cache 6416 Retrieval: Bytes served 6418 Discovery: Weighted average discovery time 6420 SMB: Bytes from cache 6422 SMB: Bytes from server 6424 BITS: Bytes from cache 6426 BITS: Bytes from server 6428 WININET: Bytes from cache 6430 WININET: Bytes from server 6432 WINHTTP: Bytes from cache 6434 WINHTTP: Bytes from server 6436 OTHER: Bytes from cache 6438 OTHER: Bytes from server 6440 Discovery: Attempted discoveries 6442 Local Cache: Cache complete file segments 6444 Local Cache: Cache partial file segments 6446 Hosted Cache: Client file segment offers made 6448 Retrieval: Average branch rate 6450 Discovery: Successful discoveries 6452 Hosted Cache: Segment offers queue size 5248 WSMan Quota Statistics 5250 Total Requests/Second 5252 User Quota Violations/Second 5254 System Quota Violations/Second 5256 Active Shells 5258 Active Operations 5260 Active Users 2174 TBS counters 2176 CurrentContexts 2178 CurrentResources"
[HKEY_USERS\S-1-5-21-1939040680-900668310-2964793939-1000\Software\ESET\ESET Security]

-=End Of File=-
SkyTech

Re: Problème d'installation de Trend Micro Titanium

par SkyTech »

Salut,

Relance HijackThis (clic droit dessus, Exécuter en tant qu'administrateur), coche toutes ces lignes en rouge et clic sur Fix checked.

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKCU\..\Run: [AlcoholAutomount] "D:\Utilitaires\Alcohol 52\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [doubleTwist] C:\Program Files (x86)\doubleTwist 2.0\DoubleTwist.DeviceHelper.exe
O4 - HKCU\..\Policies\Explorer\Run: [AI Suite] C:\Program Files (x86)\ASUS\AI Suite\AiSuite.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CtxfiReg] CTXFIREG.exe /FAIL1 (User 'Système')
O4 - HKUS\.DEFAULT\..\Run: [CtxfiReg] CTXFIREG.exe /FAIL1 (User 'Default user')


&

Télécharge OTM (de OldTimer). Sauvegarde-le sur ton Bureau.
Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :
:services
npggsvc

:reg
[-HKEY_CURRENT_USER\Software\ESET]
[-HKEY_USERS\S-1-5-21-1939040680-900668310-2964793939-1000\Software\ESET]

:commands
[purity]
[emptytemp]
[emptyFlash]
Double clique sur OTM.exe afin de le lancer.
Colle (ou Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
Clique maintenant sur le bouton MoveIt! puis ferme OTM.

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log

Poste un nouveau rapport HijackThis et réessaye d'installer Trend.
Kashart

Re: Problème d'installation de Trend Micro Titanium

par Kashart »

Arf tenace le truc, ça ne marche toujours pas. Voici les logs OTM et HijackThis

OTM :

All processes killed
========== SERVICES/DRIVERS ==========
Service npggsvc stopped successfully!
Service npggsvc deleted successfully!
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\Software\ESET\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1939040680-900668310-2964793939-1000\Software\ESET\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Ludo
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 96540 bytes
->Java cache emptied: 12438043 bytes
->FireFox cache emptied: 63562535 bytes
->Flash cache emptied: 1038 bytes

User: Public

User: Test
->Temp folder emptied: 315007 bytes
->Temporary Internet Files folder emptied: 1662147 bytes
->Flash cache emptied: 434 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 557056 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1562427 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50922 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 77,00 mb


OTM by OldTimer - Version 3.1.15.0 log created on 08242010_131018

Files moved on Reboot...
C:\Users\Ludo\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Windows\temp\vmware-Système\vmware-usbarb-Système-2556.log moved successfully.

Registry entries deleted on Reboot...


Et HijackThis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:17:17, on 24/08/2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe
C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHELP.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
E:\Software\Steam\Steam.exe
C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe
C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe
C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe
D:\Sauvegarde\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Windows\SysWOW64\CTXFISPI.EXE
C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
D:\Internet\Mozilla Firefox\firefox.exe
D:\Sécurité\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: dTPodcastBHO - {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [TurboV EVO] "C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe" -b
O4 - HKLM\..\Run: [QFan Help] "C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe"
O4 - HKLM\..\Run: [TrueImageMonitor.exe] D:\Sauvegarde\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [Steam] "e:\software\steam\steam.exe" -silent
O8 - Extra context menu item: &Envoyer à OneNote - res://D:\BUREAU~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\BUREAU~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger &Tout avec FlashGet - D:\Internet\FlashGet\FlashGet universal\ComDlls\Bhoall.htm
O8 - Extra context menu item: Télécharger avec &FlashGet - D:\Internet\FlashGet\FlashGet universal\ComDlls\Bholink.htm
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: d:\utilitaires\vmware\vmware workstation\vsocklib.dll
O10 - Unknown file in Winsock LSP: d:\utilitaires\vmware\vmware workstation\vsocklib.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: http://software.kuaiche.com
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F5CD2BA0-0881-4E16-B593-2A910BB71B24}: NameServer = 212.27.40.240,212.27.40.241
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:
O23 - Service: Service Scheduler2 Acronis (AcrSch2Svc) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Service d'état ASP.NET (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Dragon Age: Origins - Application de mise à jour (DAUpdaterSvc) - BioWare - E:\Role\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM, Inc. - C:\ASUS.SYS\config\DVMExportService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - D:\Utilitaires\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - D:\Utilitaires\VMware\VMware Workstation\vmware-ufad.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - D:\Utilitaires\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10874 bytes
SkyTech

Re: Problème d'installation de Trend Micro Titanium

par SkyTech »

Re,

Supprime :

C:\_OTM

Refait SystemLook avec :
:filefind
nod
:folderfind
nod
:regfind
nod
&

# Télécharge ZHPDiag de Nicolas Coolman.
  • Enregistre-le sur ton bureau.
  • Décompresse l'archive.
  • Double-clique sur ZHPDiag.exe Image
  • Coche les cases comme indiqué sur l'image.
    Image
  • Clique sur la loupe pour lancer le scan.
  • Clique sur le petit appareil photo pour enregistrer le rapport que tu sauvegardes sur le bureau.
    Image
  • Copie-colle le contenu de ce fichier (ZHPDiag.Txt)
Note : si le rapport est trop long, tu devras le copier-coller en deux parties et poster deux messages !
Kashart

Re: Problème d'installation de Trend Micro Titanium

par Kashart »

Ok, j'ai fait la procédure mais les rapports étant vraiment trop long pour être postés (Il m'aurait fallut plus de 10 posts), j'ai tout mis dans une archive RAR que tu peux télécharger ici : http://dl.free.fr/gsDIBUgvF
SkyTech

Re: Problème d'installation de Trend Micro Titanium

par SkyTech »

Re,

Pas grand chose...

Supprime :

C:\Program Files (x86)\Common Files\G Data

Puis :


Télécharge Random's System Information Tool (RSIT) (de random/random) et sauvegarde-le sur le Bureau.
  • Double-clique sur RSIT.exe afin de lancer RSIT.
  • Clique Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (qui sera affiché)
    ainsi que de info.txt (qui sera réduit dans la Barre des Tâches)
  • NB : Les rapports sont sauvegardés dans le dossier C:\rsit
  • Veille bien à me poster l'intégralité des rapports, vérifie qu'ils soient complets une fois que tu les as postés.
Sous Seven, clic droit sur RSIT, Propriété :

Image
Kashart

Re: Problème d'installation de Trend Micro Titanium

par Kashart »

Voici les rapports :

Le log.txt :

Logfile of random's system information tool 1.08 (written by random/random)
Run by Ludo at 2010-08-24 15:44:27
Microsoft Windows 7 Professionnel
System drive C: has 9 GB (19%) free of 50 GB
Total RAM: 4087 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:44:28, on 24/08/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe
C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHELP.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
E:\Software\Steam\Steam.exe
C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe
C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe
C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe
D:\Sauvegarde\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Windows\SysWOW64\CTXFISPI.EXE
C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
D:\Internet\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\ASUS\AI Suite\AiSuite.exe
C:\Program Files (x86)\ASUS\AASP\1.01.02\aaCenter.exe
C:\Users\Ludo\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\Ludo.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: dTPodcastBHO - {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [TurboV EVO] "C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe" -b
O4 - HKLM\..\Run: [QFan Help] "C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe"
O4 - HKLM\..\Run: [TrueImageMonitor.exe] D:\Sauvegarde\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [Steam] "e:\software\steam\steam.exe" -silent
O8 - Extra context menu item: &Envoyer à OneNote - res://D:\BUREAU~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\BUREAU~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger &Tout avec FlashGet - D:\Internet\FlashGet\FlashGet universal\ComDlls\Bhoall.htm
O8 - Extra context menu item: Télécharger avec &FlashGet - D:\Internet\FlashGet\FlashGet universal\ComDlls\Bholink.htm
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: d:\utilitaires\vmware\vmware workstation\vsocklib.dll
O10 - Unknown file in Winsock LSP: d:\utilitaires\vmware\vmware workstation\vsocklib.dll
O15 - Trusted Zone: http://software.kuaiche.com
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F5CD2BA0-0881-4E16-B593-2A910BB71B24}: NameServer = 212.27.40.240,212.27.40.241
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:
O23 - Service: Service Scheduler2 Acronis (AcrSch2Svc) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Service d'état ASP.NET (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Dragon Age: Origins - Application de mise à jour (DAUpdaterSvc) - BioWare - E:\Role\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM, Inc. - C:\ASUS.SYS\config\DVMExportService.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: hpqcxs08 - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Service HP CUE DeviceDiscovery (hpqddsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Net Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - D:\Utilitaires\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\StorSvc.dll,-100 (StorSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - D:\Utilitaires\VMware\VMware Workstation\vmware-ufad.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - D:\Utilitaires\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

--
End of file - 25036 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GlaryInitialize.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{65134FDF-F8A5-4B3D-91D9-CDF273CFD578}]
PodcastBHO Class - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll [2010-05-31 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2009-11-03 556432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-06-29 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-07-24 2245120]
"VolPanel"=C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe [2008-08-06 233576]
"TurboV EVO"=C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe [2010-01-19 9900672]
"QFan Help"=C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe [2009-11-16 604672]
"TrueImageMonitor.exe"=D:\Sauvegarde\Acronis\TrueImageHome\TrueImageMonitor.exe [2010-03-27 5140848]
"TkBellExe"=C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe [2010-07-14 202256]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=e:\software\steam\steam.exe [2010-08-24 1242448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"ForceActiveDesktopOn"=0
"NoActiveDesktopChanges"=0
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-08-24 14:37:37 ----D---- C:\rsit
2010-08-24 14:37:37 ----D---- C:\Program Files (x86)\trend micro
2010-08-24 02:13:57 ----A---- C:\Windows\ntbtlog.txt
2010-08-16 00:53:22 ----D---- C:\ProgramData\ATI
2010-08-16 00:13:30 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2010-08-16 00:13:02 ----A---- C:\Windows\SysWOW64\XAudio2_7.dll
2010-08-16 00:13:02 ----A---- C:\Windows\SysWOW64\XAPOFX1_5.dll
2010-08-16 00:13:02 ----A---- C:\Windows\SysWOW64\xactengine3_7.dll
2010-08-16 00:13:02 ----A---- C:\Windows\SysWOW64\d3dcsx_43.dll
2010-08-16 00:13:02 ----A---- C:\Windows\SysWOW64\D3DCompiler_43.dll
2010-08-16 00:13:01 ----A---- C:\Windows\SysWOW64\xactengine3_6.dll
2010-08-16 00:13:01 ----A---- C:\Windows\SysWOW64\D3DX9_43.dll
2010-08-16 00:13:01 ----A---- C:\Windows\SysWOW64\d3dx11_43.dll
2010-08-16 00:13:01 ----A---- C:\Windows\SysWOW64\d3dx10_43.dll
2010-08-15 18:22:49 ----A---- C:\Windows\SysWOW64\schannel.dll
2010-08-15 18:22:22 ----A---- C:\Windows\SysWOW64\ntkrnlpa.exe
2010-08-15 18:22:21 ----A---- C:\Windows\SysWOW64\ntoskrnl.exe
2010-08-15 18:22:15 ----A---- C:\Windows\SysWOW64\mshtml.dll
2010-08-15 18:22:14 ----A---- C:\Windows\SysWOW64\ieframe.dll
2010-08-15 18:22:13 ----A---- C:\Windows\SysWOW64\wininet.dll
2010-08-15 18:22:13 ----A---- C:\Windows\SysWOW64\urlmon.dll
2010-08-15 18:22:13 ----A---- C:\Windows\SysWOW64\mstime.dll
2010-08-15 18:22:13 ----A---- C:\Windows\SysWOW64\iepeers.dll
2010-08-15 18:22:13 ----A---- C:\Windows\SysWOW64\iedkcs32.dll
2010-08-15 18:22:12 ----A---- C:\Windows\SysWOW64\msfeedssync.exe
2010-08-15 18:22:12 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll
2010-08-15 18:22:12 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2010-08-15 18:22:12 ----A---- C:\Windows\SysWOW64\ieui.dll
2010-08-15 18:21:55 ----A---- C:\Windows\SysWOW64\rtutils.dll
2010-08-15 18:21:55 ----A---- C:\Windows\SysWOW64\iccvid.dll
2010-08-15 18:21:52 ----A---- C:\Windows\SysWOW64\msxml3.dll
2010-08-02 23:45:40 ----A---- C:\Windows\SysWOW64\shell32.dll
2010-07-29 21:53:52 ----D---- C:\ProgramData\doubleTwist Corporation
2010-07-29 21:53:52 ----D---- C:\Program Files (x86)\Common Files\doubleTwist
2010-07-29 21:53:49 ----A---- C:\Windows\SysWOW64\pthreadGC2.dll
2010-07-29 21:53:49 ----A---- C:\Windows\SysWOW64\ff_vfw.dll
2010-07-29 21:53:48 ----D---- C:\Program Files (x86)\ffdshow
2010-07-29 21:50:49 ----D---- C:\Program Files (x86)\doubleTwist 2.0

======List of files/folders modified in the last 1 months======

2010-08-24 15:44:27 ----D---- C:\Windows\Temp
2010-08-24 14:38:52 ----D---- C:\Windows\Prefetch
2010-08-24 14:37:37 ----RD---- C:\Program Files (x86)
2010-08-24 14:01:32 ----D---- C:\Windows
2010-08-24 13:19:18 ----D---- C:\Windows\System32
2010-08-24 13:19:18 ----D---- C:\Windows\inf
2010-08-24 13:11:48 ----D---- C:\ProgramData\VMware
2010-08-24 10:04:46 ----D---- C:\Users\Ludo\AppData\Roaming\Spotify
2010-08-24 02:03:03 ----D---- C:\Windows\debug
2010-08-24 00:31:35 ----AD---- C:\ProgramData\Temp
2010-08-24 00:30:52 ----D---- C:\Users\Ludo\AppData\Roaming\Auslogics
2010-08-24 00:23:58 ----SHD---- C:\Windows\Installer
2010-08-24 00:17:11 ----D---- C:\Program Files (x86)\LogMeIn
2010-08-24 00:15:03 ----HD---- C:\Config.Msi
2010-08-24 00:15:02 ----HD---- C:\ProgramData
2010-08-24 00:14:36 ----D---- C:\Users\Ludo\AppData\Roaming\GlarySoft
2010-08-24 00:10:36 ----D---- C:\Windows\Tasks
2010-08-23 18:32:46 ----SHD---- C:\System Volume Information
2010-08-23 03:34:47 ----D---- C:\Users\Ludo\AppData\Roaming\FileZilla
2010-08-20 21:31:53 ----D---- C:\Windows\SysWOW64
2010-08-20 04:59:42 ----RSD---- C:\Windows\assembly
2010-08-16 10:27:54 ----D---- C:\Windows\Microsoft.NET
2010-08-16 10:17:46 ----D---- C:\Windows\winsxs
2010-08-16 10:15:33 ----D---- C:\Windows\SysWOW64\migration
2010-08-16 10:15:33 ----D---- C:\Program Files (x86)\Internet Explorer
2010-08-16 00:13:28 ----D---- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2010-08-15 22:28:12 ----D---- C:\Users\Ludo\AppData\Roaming\runic games
2010-08-07 12:42:17 ----D---- C:\Windows\Minidump
2010-08-07 01:55:19 ----RD---- C:\Program Files
2010-08-06 02:12:26 ----D---- C:\Windows\SysWOW64\drivers
2010-07-29 21:53:52 ----D---- C:\Program Files (x86)\Common Files
2010-07-29 21:48:00 ----D---- C:\Users\Ludo\AppData\Roaming\Samsung
2010-07-29 21:47:52 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2010-07-29 21:04:02 ----A---- C:\Windows\SysWOW64\CmdLineExt03.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdxata;amdxata; C:\Windows\system32\DRIVERS\amdxata.sys []
R0 CNG;CNG; C:\Windows\System32\Drivers\cng.sys []
R0 EnumProcessesDriver;EnumProcessesDriver; C:\Windows\system32\drivers\EnumProcessesDriver.sys []
R0 fvevol;@%SystemRoot%\system32\drivers\fvevol.sys,-100; C:\Windows\System32\DRIVERS\fvevol.sys []
R0 hwpolicy;@%systemroot%\system32\drivers\hwpolicy.sys,-101; C:\Windows\System32\drivers\hwpolicy.sys []
R0 iaStor;Intel RAID Controller; C:\Windows\system32\DRIVERS\iaStor.sys []
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys []
R0 KSecPkg;KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys []
R0 pcw;Performance Counters for Windows Driver; C:\Windows\System32\drivers\pcw.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys []
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys []
R0 storflt;@%SystemRoot%\system32\vmstorfltres.dll,-1000; C:\Windows\system32\DRIVERS\vmstorfl.sys []
R0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258); C:\Windows\system32\DRIVERS\tdrpm258.sys []
R0 timounter;Acronis Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys []
R0 vdrvroot;Pilote d’énumérateur de lecteur virtuel Microsoft; C:\Windows\system32\DRIVERS\vdrvroot.sys []
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2009-08-04 13440]
R1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2009-07-06 13368]
R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\Windows\System32\drivers\discache.sys []
R1 RDPREFMP;@%systemroot%\system32\drivers\RdpRefMp.sys,-101; C:\Windows\system32\drivers\rdprefmp.sys []
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys []
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys []
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys []
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys []
R2 iPodDrv;iPodDrv; \??\C:\Windows\system32\drivers\iPodDrv.sys []
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys []
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [2008-08-11 15928]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\Windows\system32\drivers\LMIRfsDriver.sys []
R2 vmci;VMware vmci; \??\C:\Windows\system32\drivers\vmci.sys []
R2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys []
R2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys []
R2 vmx86;VMware vmx86; \??\C:\Windows\system32\drivers\vmx86.sys []
R2 vstor2-ws60;Vstor2 WS60 Virtual Storage Driver; \??\D:\Utilitaires\VMware\VMware Workstation\vstor2-ws60.sys [2009-10-12 32816]
R3 1394ohci;Contrôleur d’hôte compatible OHCI 1394; C:\Windows\system32\DRIVERS\1394ohci.sys []
R3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys []
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys []
R3 CompositeBus;Pilote de l’énumérateur de bus composite; C:\Windows\system32\DRIVERS\CompositeBus.sys []
R3 CT20XUT.SYS;CT20XUT.SYS; C:\Windows\System32\drivers\CT20XUT.SYS []
R3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys []
R3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys []
R3 CTEXFIFX.SYS;CTEXFIFX.SYS; C:\Windows\System32\drivers\CTEXFIFX.SYS []
R3 CTHWIUT.SYS;CTHWIUT.SYS; C:\Windows\System32\drivers\CTHWIUT.SYS []
R3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys []
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys []
R3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys []
R3 ha20x2k;Creative 20X HAL Driver; C:\Windows\system32\drivers\ha20x2k.sys []
R3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys []
R3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys []
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys []
R3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys []
R3 radpms;Driver for RADPMS Device; C:\Windows\system32\DRIVERS\radpms.sys []
R3 RasAgileVpn;WAN Miniport (IKEv2); C:\Windows\system32\DRIVERS\AgileVpn.sys []
R3 rdpbus;Remote Desktop Device Redirector Bus Driver; C:\Windows\system32\DRIVERS\rdpbus.sys []
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []
R3 vmkbd;VMware kbd; \??\C:\Windows\system32\drivers\VMkbd.sys []
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys []
R3 vpcbus;Service de bus hôte Virtual PC; C:\Windows\system32\DRIVERS\vpchbus.sys []
R3 vpcusb;Service du connecteur de virtualisation USB; C:\Windows\system32\DRIVERS\vpcusb.sys []
S2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys []
S3 AcpiPmi;ACPI Power Meter Driver; C:\Windows\system32\DRIVERS\acpipmi.sys []
S3 AmdPPM;AMD Processor Driver; C:\Windows\system32\DRIVERS\amdppm.sys []
S3 amdsata;amdsata; C:\Windows\system32\DRIVERS\amdsata.sys []
S3 amdsbs;amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys []
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\androidusb.sys []
S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\Windows\system32\drivers\appid.sys []
S3 b06bdrv;Broadcom NetXtreme II VBD; C:\Windows\system32\DRIVERS\bxvbda.sys []
S3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60a.sys []
S3 BthEnum;Service d'énumérateur Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys []
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\Windows\system32\DRIVERS\bthpan.sys []
S3 BTHPORT;Pilote de port Bluetooth; C:\Windows\System32\Drivers\BTHport.sys []
S3 BTHUSB;Pilote USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys []
S3 CT20XUT;CT20XUT; C:\Windows\system32\drivers\CT20XUT.SYS []
S3 CTEXFIFX;CTEXFIFX; C:\Windows\system32\drivers\CTEXFIFX.SYS []
S3 CTHWIUT;CTHWIUT; C:\Windows\system32\drivers\CTHWIUT.SYS []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys []
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys []
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys []
S3 drmkaud;Pilotes audio approuvés par Microsoft; C:\Windows\system32\drivers\drmkaud.sys []
S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD; C:\Windows\system32\DRIVERS\evbda.sys []
S3 ENTECH64;ENTECH64; \??\C:\Windows\system32\DRIVERS\ENTECH64.sys []
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\DRIVERS\errdev.sys []
S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\Windows\System32\drivers\FsDepends.sys []
S3 hcw85cir;Hauppauge Consumer Infrared Receiver; C:\Windows\system32\drivers\hcw85cir.sys []
S3 HidBatt;HID UPS Battery Driver; C:\Windows\system32\DRIVERS\HidBatt.sys []
S3 HpSAMD;HpSAMD; C:\Windows\system32\DRIVERS\HpSAMD.sys []
S3 LSI_SAS2;LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys []
S3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys []
S3 MegaSR;MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys []
S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\Windows\System32\drivers\mshidkmdf.sys []
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys []
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys []
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys []
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys []
S3 MTConfig;Microsoft Input Configuration Driver; C:\Windows\system32\DRIVERS\MTConfig.sys []
S3 NdisCap;NDIS Capture LightWeight Filter; C:\Windows\system32\DRIVERS\ndiscap.sys []
S3 NPPTNT2;NPPTNT2; \??\C:\Windows\system32\npptNT2.sys [2004-12-30 4682]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys []
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys []
S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\Windows\System32\DRIVERS\scfilter.sys []
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys []
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys []
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys []
S3 sscdserd;SAMSUNG Mobile Modem Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\sscdserd.sys []
S3 stexstor;stexstor; C:\Windows\system32\DRIVERS\stexstor.sys []
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys []
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2010-06-14 16448]
S3 UmPass;Microsoft UMPass Driver; C:\Windows\system32\DRIVERS\umpass.sys []
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgx64bus.sys []
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgx64diag.sys []
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgx64modem.sys []
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys []
S3 VBoxNetFlt;VBoxNetFlt Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 vhdmp;vhdmp; C:\Windows\system32\DRIVERS\vhdmp.sys []
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys []
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys []
S3 vmusb;VMware USB Client Driver; C:\Windows\System32\Drivers\vmusb.sys []
S3 vwifibus;@%SystemRoot%\System32\drivers\vwifibus.sys,-257; C:\Windows\System32\drivers\vwifibus.sys []
S4 LMIRfsClientNP;LMIRfsClientNP; C:\Windows\SysWOW64\drivers\LMIRfsClientNP.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Service Scheduler2 Acronis; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2010-03-27 1055288]
R2 afcdpsrv;Acronis Nonstop Backup service; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2010-06-21 2480048]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-04-16 144672]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-08-19 90112]
R2 Bonjour Service;Service Bonjour; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-04-08 345376]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2009-02-23 307200]
R2 DAUpdaterSvc;Dragon Age: Origins - Application de mise à jour; E:\Role\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-12-15 25832]
R2 DvmMDES;DeviceVM Meta Data Export Service; C:\ASUS.SYS\config\DVMExportService.exe [2009-07-17 319488]
R2 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\Windows\System32\lsass.exe []
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-04 354840]
R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [2010-06-07 120712]
R2 LogMeIn;LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [2008-08-11 57920]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [2009-04-17 247152]
R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 StarWindServiceAE;StarWind AE Service; D:\Utilitaires\Alcohol 52\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 VMAuthdService;VMware Authorization Service; D:\Utilitaires\VMware\VMware Workstation\vmware-authd.exe [2010-01-22 113200]
R2 VMnetDHCP;VMware DHCP Service; C:\Windows\system32\vmnetdhcp.exe [2010-01-22 334384]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2010-01-22 563760]
R2 VMware NAT Service;VMware NAT Service; C:\Windows\system32\vmnat.exe [2010-01-22 395824]
R3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\Windows\system32\sppsvc.exe []
S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Service d'état ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe []
S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-02-09 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2009-11-24 79360]
S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2010-04-28 660256]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2009-09-26 174424]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-09-26 4924336]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2009-07-14 20992]
S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 sppuinotify;@%SystemRoot%\system32\sppuinotify.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2009-07-16 316664]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ufad-ws60;VMware Agent Service; D:\Utilitaires\VMware\VMware Workstation\vmware-ufad.exe [2009-10-12 191024]
S3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\Windows\system32\lsass.exe []
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
S3 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------
Kashart

Re: Problème d'installation de Trend Micro Titanium

par Kashart »

Et le info.txt :

info.txt logfile of random's system information tool 1.08 2010-08-24 14:37:40

======Uninstall list======

-->"C:\Program Files (x86)\Creative Installation Information\CREATIVE_MEDIASOURCE_U\Setup.exe" /remove /l0x040c
-->"C:\Program Files (x86)\Creative Installation Information\E-CENTER_NET_CONTENT_U\Setup.exe" /remove /l0x040c
-->"C:\Program Files (x86)\Creative Installation Information\E-CENTER_PLUGIN_CDBURNER_U\Setup.exe" /remove /nolog/l0x040c
-->"C:\Program Files (x86)\Creative Installation Information\E-CENTER_PLUGIN_MINIDISC_U\Setup.exe" /remove /l0x040c
-->"C:\Program Files (x86)\Creative Installation Information\E-CENTER_PLUGIN_ONLINESTORE_U\Setup.exe" /remove /l0x040c
-->"C:\Program Files (x86)\Creative Installation Information\MEDIASOURCE_PLAYER_SKINPACK_U\Setup.exe" /remove /l0x040c
-->MsiExec /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x40c
Acronis True Image Home-->MsiExec.exe /X{67ED38A3-4882-448B-B44D-3428AB00D7D5}
Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10h_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10i_Plugin.exe -maintain plugin
Adobe Reader 9.3.4 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A93000000001}
Advertising Center-->MsiExec.exe /X{B2EC4A38-B545-4A00-8214-13FE0E915E6D}
AIMP2-->D:\Multimedia\AIMP2\Uninstall.exe
Alien Swarm-->"E:\Software\Steam\steam.exe" steam://uninstall/630
Any Video Converter 3.0.7-->"D:\Video\Any Video Converter\unins000.exe"
Apple Application Support-->MsiExec.exe /I{553255F3-78FD-40F1-A6F8-6882140265FE}
Apple Software Update-->MsiExec.exe /I{C41300B9-185D-475E-BFEC-39EF732F19B1}
ARMA 2-->"E:\Software\Steam\steam.exe" steam://uninstall/33910
Ashampoo Burning Studio 6 FREE-->"D:\Utilitaires\Ashampoo\Ashampoo Burning Studio 6\unins000.exe"
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
Auslogics Disk Defrag-->"D:\Utilitaires\Auslogics Disk Defrag\unins000.exe"
Auslogics Duplicate File Finder-->"D:\Utilitaires\Auslogics Duplicate File Finder\unins000.exe"
Auslogics Registry Cleaner-->"D:\Utilitaires\Auslogics Registry Cleaner\unins000.exe"
Auslogics System Information-->"D:\Utilitaires\Auslogics System Information\unins000.exe"
BattlEye Uninstall-->e:\software\steam\steamapps\common\arma 2\BattlEye\UnInstallBE.exe
Catalyst Control Center - Branding-->MsiExec.exe /I{87323561-58BA-4D5B-BADA-A791B69D1705}
CCleaner-->"D:\Utilitaires\CCleaner\uninst.exe"
Comptes Bancaires 6.5-->"D:\Bureautique\Comptes Bancaires\unins000.exe"
ConvertHelper 2.2-->"D:\Multimedia\ConvertHelper\unins000.exe"
Creative Software AutoUpdate-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x40c /remove
Creative Sound Blaster Properties x64 Edition-->"C:\Program Files (x86)\Creative Installation Information\SBCONTROL64\Setup.exe" /remove /l0x040c
CyberLink PhotoNow-->"C:\Program Files (x86)\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\Setup.exe" /z-uninstall
CyberLink PowerDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall
CyberLink PowerDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall
DolbyFiles-->MsiExec.exe /X{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}
doubleTwist-->C:\Program Files (x86)\doubleTwist 2.0\uninst.exe
Dragon Age: Origins-->C:\Program Files (x86)\Common Files\BioWare\Uninstall Dragon Age.exe
Express Gate-->MsiExec.exe /X{99AD9D6D-A456-49EE-8360-F22EE7AA1272}
ffdshow [rev 2527] [2008-12-19]-->"C:\Program Files (x86)\ffdshow\unins000.exe"
Futuremark SystemInfo-->"C:\Program Files (x86)\InstallShield Installation Information\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}\setup.exe" -runfromtemp -l0x0009 -removeonly
Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
Gestionnaire de banques SoundFont-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x40c /remove
Glary Utilities 2.27.0.982-->"D:\Utilitaires\Glary Utilities\unins000.exe"
HijackThis 2.0.2-->"D:\Sécurité\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HP Update-->MsiExec.exe /X{7059BDA7-E1DB-442C-B7A1-6144596720A4}
Installation Windows Live-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Java(TM) 6 Update 20-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216015FF}
JDownloader-->D:\Internet\JDownloader\uninstall.exe
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
LogMeIn-->MsiExec.exe /I{34F93E31-E1A0-421C-8E86-BCF7C4193A91}
Mafia II - Demo-->"E:\Software\Steam\steam.exe" steam://uninstall/50280
Mass Effect 2-->"C:\Program Files (x86)\Common Files\BioWare\Uninstall Mass Effect 2.exe"
Mass Effect-->"E:\Action\Mass Effect\unins000.exe"
Media Add-ons pour Acronis True Image Home 2010-->MsiExec.exe /X{9CA72668-86CC-5447-9278-A0378FE45378}
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{8FB1B528-E260-451E-9B55-E9152F94B80B}
Microsoft Games for Windows - LIVE-->MsiExec.exe /X{F97E3841-CA9D-4964-9D64-26066241D26F}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411-->MsiExec.exe /X{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Mount and Blade: Warband-->"E:\Software\Steam\steam.exe" steam://uninstall/48700
Mozilla Firefox (3.6.8)-->D:\Internet\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (3.1.2)-->D:\Internet\Mozilla Thunderbird\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Need For Speed™ World-->"E:\Arcade\Need For Speed World\unins000.exe"
Nero ControlCenter-->MsiExec.exe /X{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}
Nero Installer-->MsiExec.exe /X{E8A80433-302B-4FF1-815D-FCC8EAC482FF}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Notepad++-->D:\Utilitaires\Notepad++\uninstall.exe
NVIDIA PhysX-->MsiExec.exe /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
OpenAL-->"C:\Program Files (x86)\OpenAL\OALInst.exe" /U
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Panneau de configuration audio Creative-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x40c /remove
Portal-->"E:\Software\Steam\steam.exe" steam://uninstall/400
Prince of Persia l'Ame du Guerrier-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{EE5BC0BB-9EDA-423C-8276-48857B735D68}\setup.exe" -l0x40c
QuickTime-->MsiExec.exe /I{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}
Rapture3D 2.3.26 Game-->"C:\Program Files (x86)\BRS\unins000.exe"
RealPlayer-->C:\Program Files (x86)\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|12.0
Realtek 8136 8168 8169 Ethernet Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\Setup.exe -runfromtemp -removeonly
RealUpgrade 1.0-->MsiExec.exe /I{F4F4F84E-804F-4E9A-84D7-C34283F0088F}
redist-->MsiExec.exe /I{153C7D89-9CF4-4719-A551-C5BF45236DB5}
Revo Uninstaller 1.89-->D:\Utilitaires\Revo Uninstaller\uninst.exe
SmartSound Quicktracks Plugin-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}
Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
Spotify-->"D:\Multimedia\Spotify\uninstall.exe"
Star Wars(TM): Knights of the Old Republic (TM)-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{2A9A40C7-6670-4D5F-8F41-D12E2E08B48B}\setup.exe" -l0x40c
Starcraft-->C:\Windows\SCunin.exe C:\Windows\SCunin.dat
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
System Requirements Lab-->MsiExec.exe /I{92482FB3-C05B-41C6-89E7-75D985602A6E}
Team Fortress 2-->"E:\Software\Steam\steam.exe" steam://uninstall/440
The KMPlayer v2.9.4.1435 FR-->"D:\Multimedia\The KMPlayer\unins000.exe"
The Lord of the Rings FREE Trial -->MsiExec.exe /X{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}
tools-freebsd-->MsiExec.exe /X{003BFBBD-6C67-419E-A24D-0DCAFC3A5249}
tools-linux-->MsiExec.exe /X{D102611A-6466-4101-A51D-51069303AC65}
tools-netware-->MsiExec.exe /X{197597A7-AD33-4898-9D8E-73066818B464}
tools-solaris-->MsiExec.exe /X{AB1C87CB-1807-4CF0-B4C2-CEE14C18CDB4}
tools-windows-->MsiExec.exe /X{FFD9383C-01D5-4897-A954-43AF599AED30}
tools-winPre2k-->MsiExec.exe /X{AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D}
Torchlight Demo-->"E:\Software\Steam\steam.exe" steam://uninstall/41510
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
VIA Gestionnaire de périphériques de plate-forme-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
VMware Workstation-->C:\ProgramData\VMware\VMware Workstation\Uninstaller\uninstall.exe -x
VMware Workstation-->MsiExec.exe /I{A3FF5CB2-FB35-4658-8751-9EDE1D65B3AA}
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live Movie Maker-->MsiExec.exe /X{53B20C18-D8D4-4588-8737-9BBFE303C354}

======System event log======

Computer Name: PC_Ludo
Event Code: 1014
Message: La résolution du nom www.msftncsi.com a expiré lorsqu’aucun des serveurs DNS configurés n’a répondu.
Record Number: 48167
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20100324180809.616803-000
Event Type: Avertissement
User: AUTORITE NT\SERVICE RÉSEAU

Computer Name: PC_Ludo
Event Code: 1014
Message: La résolution du nom www.linux.fr a expiré lorsqu’aucun des serveurs DNS configurés n’a répondu.
Record Number: 48119
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20100324115825.053301-000
Event Type: Avertissement
User: AUTORITE NT\SERVICE RÉSEAU

Computer Name: PC_Ludo
Event Code: 36
Message: Les clichés instantanés du volume C: ont été annulés car le stockage du cliché instantané n’a pas pu s’agrandir en raison d’une limite utilisateur.
Record Number: 47841
Source Name: volsnap
Time Written: 20100323164536.245675-000
Event Type: Erreur
User:

Computer Name: PC_Ludo
Event Code: 4227
Message: TCP/IP n’a pas pu établir une connexion sortante car le point de terminaison local sélectionné a été récemment utilisé pour se connecter au même point de terminaison distant. Cette erreur se produit généralement lorsque les connexions sortantes sont ouvertes et fermées à un débit élevé, provoquant l’utilisation de tous les ports locaux disponibles et obligeant TCP/IP à réutiliser un port local pour une connexion sortante. Pour réduire le risque d’altération des données, la norme TCP/IP exige qu’un laps de temps minimal s’écoule entre des connexions successives d’un point de terminaison local à un point de terminaison distant.
Record Number: 46853
Source Name: Tcpip
Time Written: 20100321204459.085525-000
Event Type: Avertissement
User:

Computer Name: PC_Ludo
Event Code: 1014
Message: La résolution du nom www.zona-musical.com a expiré lorsqu’aucun des serveurs DNS configurés n’a répondu.
Record Number: 46745
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20100321105903.135199-000
Event Type: Avertissement
User: AUTORITE NT\SERVICE RÉSEAU

=====Application event log=====

Computer Name: PC_Ludo
Event Code: 80
Message: La création du contexte d’activation a échoué pour « C:\Program Files (x86)\LogMeIn\x86\LogMeInToolkit.exe ». Erreur dans le fichier de manifeste ou de stratégie « » à la ligne . Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest. Composant 2 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
Record Number: 2993
Source Name: SideBySide
Time Written: 20091215110003.000000-000
Event Type: Erreur
User:

Computer Name: PC_Ludo
Event Code: 104
Message: Unsuccessful logon attempt from IP address 80.13.89.208. Secure (SSL) Connection: Yes
Record Number: 2944
Source Name: LogMeIn
Time Written: 20091214135208.000000-000
Event Type: Avertissement
User: AUTORITE NT\Système

Computer Name: PC_Ludo
Event Code: 104
Message: Unsuccessful logon attempt from IP address 80.13.89.208. Secure (SSL) Connection: Yes
Record Number: 2943
Source Name: LogMeIn
Time Written: 20091214135158.000000-000
Event Type: Avertissement
User: AUTORITE NT\Système

Computer Name: PC_Ludo
Event Code: 3036
Message: La source de contenu <iehistory://{S-1-5-21-1939040680-900668310-2964793939-1000}/> est inaccessible.

Contexte : Application , Catalogue SystemIndex

Détails :
(HRESULT : 0x80004005) (0x80004005)

Record Number: 2925
Source Name: Microsoft-Windows-Search
Time Written: 20091214113936.000000-000
Event Type: Avertissement
User:

Computer Name: PC_Ludo
Event Code: 3036
Message: La source de contenu <iehistory://{S-1-5-21-1939040680-900668310-2964793939-1000}/> est inaccessible.

Contexte : Application , Catalogue SystemIndex

Détails :
(HRESULT : 0x80004005) (0x80004005)

Record Number: 2924
Source Name: Microsoft-Windows-Search
Time Written: 20091214113936.000000-000
Event Type: Avertissement
User:

=====Security event log=====

Computer Name: PC_Ludo
Event Code: 4624
Message: L’ouverture de session d’un compte s’est correctement déroulée.

Sujet :
ID de sécurité : S-1-0-0
Nom du compte : -
Domaine du compte : -
ID d’ouverture de session : 0x0

Type d’ouverture de session : 3

Nouvelle ouverture de session :
ID de sécurité : S-1-5-7
Nom du compte : ANONYMOUS LOGON
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x352cdd5
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Informations sur le processus :
ID du processus : 0x0
Nom du processus : -

Informations sur le réseau :
Nom de la station de travail : PORTABL_CORALIE
Adresse du réseau source : fe80::1043:d658:b041:d4cf
Port source : 61686

Informations détaillées sur l’authentification :
Processus d’ouverture de session : NtLmSsp
Package d’authentification : NTLM
Services en transit : -
Nom du package (NTLM uniquement) : NTLM V1
Longueur de la clé : 128

Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.

Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.

Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).

Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté.

Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas.

Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique.
- Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .
- Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session.
- Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.
- La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée.
Record Number: 94211
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100628211948.946137-000
Event Type: Succès de l’audit
User:

Computer Name: PC_Ludo
Event Code: 4624
Message: L’ouverture de session d’un compte s’est correctement déroulée.

Sujet :
ID de sécurité : S-1-0-0
Nom du compte : -
Domaine du compte : -
ID d’ouverture de session : 0x0

Type d’ouverture de session : 3

Nouvelle ouverture de session :
ID de sécurité : S-1-5-7
Nom du compte : ANONYMOUS LOGON
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x352cdc1
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Informations sur le processus :
ID du processus : 0x0
Nom du processus : -

Informations sur le réseau :
Nom de la station de travail : PORTABL_CORALIE
Adresse du réseau source : fe80::1043:d658:b041:d4cf
Port source : 61686

Informations détaillées sur l’authentification :
Processus d’ouverture de session : NtLmSsp
Package d’authentification : NTLM
Services en transit : -
Nom du package (NTLM uniquement) : NTLM V1
Longueur de la clé : 128

Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.

Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.

Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).

Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté.

Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas.

Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique.
- Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .
- Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session.
- Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.
- La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée.
Record Number: 94210
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100628211948.929136-000
Event Type: Succès de l’audit
User:

Computer Name: PC_Ludo
Event Code: 4624
Message: L’ouverture de session d’un compte s’est correctement déroulée.

Sujet :
ID de sécurité : S-1-0-0
Nom du compte : -
Domaine du compte : -
ID d’ouverture de session : 0x0

Type d’ouverture de session : 3

Nouvelle ouverture de session :
ID de sécurité : S-1-5-7
Nom du compte : ANONYMOUS LOGON
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x352cda8
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Informations sur le processus :
ID du processus : 0x0
Nom du processus : -

Informations sur le réseau :
Nom de la station de travail : PORTABL_CORALIE
Adresse du réseau source : fe80::1043:d658:b041:d4cf
Port source : 52531

Informations détaillées sur l’authentification :
Processus d’ouverture de session : NtLmSsp
Package d’authentification : NTLM
Services en transit : -
Nom du package (NTLM uniquement) : NTLM V1
Longueur de la clé : 128

Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.

Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.

Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).

Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté.

Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas.

Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique.
- Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .
- Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session.
- Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.
- La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée.
Record Number: 94209
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100628211948.899134-000
Event Type: Succès de l’audit
User:

Computer Name: PC_Ludo
Event Code: 4624
Message: L’ouverture de session d’un compte s’est correctement déroulée.

Sujet :
ID de sécurité : S-1-0-0
Nom du compte : -
Domaine du compte : -
ID d’ouverture de session : 0x0

Type d’ouverture de session : 3

Nouvelle ouverture de session :
ID de sécurité : S-1-5-7
Nom du compte : ANONYMOUS LOGON
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x352cd95
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Informations sur le processus :
ID du processus : 0x0
Nom du processus : -

Informations sur le réseau :
Nom de la station de travail : PORTABL_CORALIE
Adresse du réseau source : fe80::1043:d658:b041:d4cf
Port source : 61686

Informations détaillées sur l’authentification :
Processus d’ouverture de session : NtLmSsp
Package d’authentification : NTLM
Services en transit : -
Nom du package (NTLM uniquement) : NTLM V1
Longueur de la clé : 128

Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.

Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.

Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).

Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté.

Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas.

Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique.
- Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .
- Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session.
- Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.
- La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée.
Record Number: 94208
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100628211948.888133-000
Event Type: Succès de l’audit
User:

Computer Name: PC_Ludo
Event Code: 4624
Message: L’ouverture de session d’un compte s’est correctement déroulée.

Sujet :
ID de sécurité : S-1-0-0
Nom du compte : -
Domaine du compte : -
ID d’ouverture de session : 0x0

Type d’ouverture de session : 3

Nouvelle ouverture de session :
ID de sécurité : S-1-5-7
Nom du compte : ANONYMOUS LOGON
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x352cd6f
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Informations sur le processus :
ID du processus : 0x0
Nom du processus : -

Informations sur le réseau :
Nom de la station de travail : PORTABL_CORALIE
Adresse du réseau source : fe80::1043:d658:b041:d4cf
Port source : 61686

Informations détaillées sur l’authentification :
Processus d’ouverture de session : NtLmSsp
Package d’authentification : NTLM
Services en transit : -
Nom du package (NTLM uniquement) : NTLM V1
Longueur de la clé : 128

Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.

Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.

Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).

Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté.

Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas.

Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique.
- Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .
- Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session.
- Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.
- La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée.
Record Number: 94207
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100628211948.858132-000
Event Type: Succès de l’audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;;D:\Video\QuickTime\QTSystem\;C:\Program Files\Trend Micro\AMSP
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 30 Stepping 5, GenuineIntel
"PROCESSOR_REVISION"=1e05
"asl.log"=Destination=file;OnFirstLog=command,environment
"CLASSPATH"=.;C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------
SkyTech

Re: Problème d'installation de Trend Micro Titanium

par SkyTech »

Re,

Pour finir :

Télécharge DDS de sUBs sur ton bureau.
L'outil ne nécessite pas d'installation.

Lance-le en cliquant sur l'icône dds.scr
Image
Cette fenêtre DOS va apparaitre
Image

Le scan ne doit pas dépasser trois minutes.
Un premier rapport va s'ouvrir que tu enregistreras sous DDS.txt par défaut sur le bureau.
Il te sera demandé si tu veux faire le scan optionnel.
Accepte par Oui
Un nouveau rapport s'ouvre que tu enregistres sous Attach.txt sur le bureau.
Tu ne le fourniras que si nécessaire.
Poste le rapport DDS.txt
Kashart

Re: Problème d'installation de Trend Micro Titanium

par Kashart »

Salut,

alors voici le rapport DDS.txt :


DDS (Ver_10-03-17.01) - NTFSX64
Run by Ludo at 19:57:11,88 on 27/08/2010
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_20
Microsoft Windows 7 Professionnel 6.1.7600.0.1252.33.1036.18.4087.2268 [GMT 2:00]


============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
E:\Role\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
C:\ASUS.SYS\config\DVMExportService.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
C:\Program Files (x86)\LogMeIn\x64\LMIGuardian.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
D:\Utilitaires\Alcohol 52\StarWind\StarWindServiceAE.exe
C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
C:\Windows\SysWOW64\vmnat.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
D:\Utilitaires\VMware\VMware Workstation\vmware-authd.exe
C:\Windows\SysWOW64\vmnetdhcp.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe
E:\Software\Steam\Steam.exe
C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHELP.exe
C:\Windows\system32\AUDIODG.EXE
C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe
C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe
C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe
D:\Sauvegarde\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
C:\Program Files (x86)\LogMeIn\x64\LMIGuardian.exe
C:\Windows\SysWOW64\CTXFISPI.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\DllHost.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
D:\Internet\Mozilla Firefox\firefox.exe
D:\Internet\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Ludo\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.fr/
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: PodcastBHO Class: {65134fdf-f8a5-4b3d-91d9-cdf273cfd578} - c:\program files (x86)\common files\doubletwist\IEPodcastPlugin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~2\micros~1\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_BHO.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [Steam] "e:\software\steam\steam.exe" -silent
mRun: [HDAudDeck] c:\program files (x86)\via\viaudioi\vdeck\VDeck.exe -r
mRun: [VolPanel] "c:\program files (x86)\creative\volume panel\VolPanlu.exe" /r
mRun: [TurboV EVO] "c:\program files (x86)\asus\turbov evo\TurboV_EVO.exe" -b
mRun: [QFan Help] "c:\program files (x86)\asus\ai suite\qfan3\QFanHelp.exe"
mRun: [TrueImageMonitor.exe] d:\sauvegarde\acronis\trueimagehome\TrueImageMonitor.exe
mRun: [TkBellExe] "c:\program files (x86)\common files\real\update_ob\realsched.exe" -osboot
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: &Envoyer à OneNote - d:\bureau~1\micros~1\office14\ONBttnIE.dll/105
IE: E&xporter vers Microsoft Excel - d:\bureau~1\micros~1\office14\EXCEL.EXE/3000
IE: Télécharger &Tout avec FlashGet - d:\internet\flashget\flashget universal\comdlls\Bhoall.htm
IE: Télécharger avec &FlashGet - d:\internet\flashget\flashget universal\comdlls\Bholink.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files (x86)\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files (x86)\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_BHO.dll
LSP: d:\utilitaires\vmware\vmware workstation\vsocklib.dll
Trusted Zone: kuaiche.com\software
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15112/CTPID.cab
TCP: {F5CD2BA0-0881-4E16-B593-2A910BB71B24} = 212.27.40.240,212.27.40.241
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\common files\microsoft shared\office14\MSOXMLMF.DLL
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{B4F3A835-0E21-4959-BA22-42B3008E02FF}
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [IAAnotif] c:\program files (x86)\intel\intel matrix storage manager\iaanotif.exe
mRun-x64: [LogMeIn GUI] "c:\program files (x86)\logmein\x64\LogMeInSystray.exe"
mRun-x64: [Service Scheduler2 Acronis] "c:\program files (x86)\common files\acronis\schedule2\schedhlp.exe"

================= FIREFOX ===================

FF - ProfilePath - c:\users\ludo\appdata\roaming\mozilla\firefox\profiles\1sbly3nf.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr
FF - component: c:\users\ludo\appdata\roaming\mozilla\firefox\profiles\1sbly3nf.default\extensions\[email protected]\components\trayToolkit.dll
FF - component: c:\users\ludo\appdata\roaming\mozilla\firefox\profiles\1sbly3nf.default\extensions\[email protected]\components\dwmxpcom.dll
FF - plugin: c:\progra~2\micros~1\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~2\micros~1\office14\NPSPWRAP.DLL
FF - plugin: c:\program files (x86)\common files\doubletwist\NPPodcast.dll
FF - plugin: c:\program files (x86)\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\program files\divx\divx player\npDivxPlayerPlugin.dll
FF - plugin: c:\program files\microsoft silverlight\npctrl.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\users\ludo\appdata\roaming\mozilla\firefox\profiles\1sbly3nf.default\extensions\[email protected]\plugins\npRACtrl.dll
FF - plugin: c:\windows\system32\wat\npWatWeb.dll
FF - plugin: c:\windows\syswow64\macromed\flash\NPSWF32.dll
FF - plugin: d:\internet\ma-config.com\nphardwaredetection.dll
FF - plugin: d:\internet\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: d:\internet\opera\program\plugins\npdsplay.dll
FF - plugin: d:\internet\opera\program\plugins\npwmsdrm.dll
FF - plugin: d:\multimedia\itunes\mozilla plugins\npitunes.dll
FF - plugin: d:\video\quicktime\plugins\npqtplugin.dll
FF - plugin: d:\video\quicktime\plugins\npqtplugin2.dll
FF - plugin: d:\video\quicktime\plugins\npqtplugin3.dll
FF - plugin: d:\video\quicktime\plugins\npqtplugin4.dll
FF - plugin: d:\video\quicktime\plugins\npqtplugin5.dll
FF - plugin: d:\video\quicktime\plugins\npqtplugin6.dll
FF - plugin: d:\video\quicktime\plugins\npqtplugin7.dll
FF - HiddenExtension: Java Console: No Registry Reference - d:\internet\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - d:\internet\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
d:\internet\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
d:\internet\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
d:\internet\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
d:\internet\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
d:\internet\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
d:\internet\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
d:\internet\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
d:\internet\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
d:\internet\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
d:\internet\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
d:\internet\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
d:\internet\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
d:\internet\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
d:\internet\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
d:\internet\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
d:\internet\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);
d:\internet\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
d:\internet\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
d:\internet\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
d:\internet\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
d:\internet\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
d:\internet\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
d:\internet\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
d:\internet\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
d:\internet\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
d:\internet\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
d:\internet\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
d:\internet\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
d:\internet\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
d:\internet\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
d:\internet\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
d:\internet\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
d:\internet\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
d:\internet\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
d:\internet\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
d:\internet\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
d:\internet\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
d:\internet\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
d:\internet\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
d:\internet\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
d:\internet\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
d:\internet\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
d:\internet\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
d:\internet\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
d:\internet\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
d:\internet\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
d:\internet\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
d:\internet\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
d:\internet\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
d:\internet\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
d:\internet\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
d:\internet\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
d:\internet\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
d:\internet\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
d:\internet\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R0 EnumProcessesDriver;EnumProcessesDriver;c:\windows\system32\drivers\EnumProcessesDriver.sys [2010-3-24 18176]
R0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258);c:\windows\system32\drivers\tdrpm258.sys [2010-4-27 1477728]
R2 afcdpsrv;Acronis Nonstop Backup service;c:\program files (x86)\common files\acronis\cdp\afcdpsrv.exe [2010-6-21 2480048]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-7-7 203264]
R2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\asus\assysctrlservice\1.00.02\AsSysCtrlService.exe [2009-11-24 90112]
R2 DAUpdaterSvc;Dragon Age: Origins - Application de mise à jour;e:\role\dragon age\bin_ship\daupdatersvc.service.exe [2009-12-15 25832]
R2 DvmMDES;DeviceVM Meta Data Export Service;c:\asus.sys\config\DVMExportService.exe [2009-7-17 319488]
R2 iPodDrv;iPodDrv;c:\windows\system32\drivers\iPodDrv.sys [2010-3-10 14952]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\logmein\x64\rainfo.sys [2008-8-11 15928]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2009-12-14 72216]
R2 StarWindServiceAE;StarWind AE Service;d:\utilitaires\alcohol 52\starwind\StarWindServiceAE.exe [2009-12-23 370688]
R2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\common files\vmware\usb\vmware-usbarbitrator.exe [2010-1-22 563760]
R3 afcdp;afcdp;c:\windows\system32\drivers\afcdp.sys [2010-6-21 252512]
R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2010-7-7 7195648]
R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2010-7-7 265728]
R3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\system32\drivers\CT20XUT.sys [2010-5-5 202840]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\system32\drivers\CTEXFIFX.sys [2010-5-5 1417304]
R3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\system32\drivers\CTHWIUT.sys [2010-5-5 94808]
R3 radpms;Driver for RADPMS Device;c:\windows\system32\drivers\radpms.sys [2008-8-11 14944]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt64win7.sys [2010-3-4 346144]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 androidusb;ADB Interface Driver;c:\windows\system32\drivers\androidusb.sys [2010-4-29 32768]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\common files\creative labs shared\service\AL6Licensing.exe [2010-2-9 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\common files\creative labs shared\service\CTAELicensing.exe [2009-11-24 79360]
S3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.sys [2010-5-5 202840]
S3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.sys [2010-5-5 1417304]
S3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.sys [2010-5-5 94808]
S3 ENTECH64;ENTECH64;c:\windows\system32\drivers\Entech64.sys [2009-11-26 12744]
S3 ose64;Office 64 Source Engine;c:\program files\common files\microsoft shared\source engine\OSE.EXE [2009-9-26 174424]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2009-9-26 4924336]
S3 StorSvc;Service de stockage;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 TFsExDisk;TFsExDisk;c:\windows\system32\drivers\TFsExDisk.sys [2010-7-24 16448]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-11-24 1222144]
S3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\wat\WatAdminSvc.exe [2010-4-7 1255736]

=============== Created Last 30 ================

2010-08-24 12:37:37 0 d-----w- c:\program files (x86)\trend micro
2010-08-23 22:45:09 0 d-----w- c:\windows\system32\wbem\repository
2010-08-15 22:53:22 0 d-----w- c:\programdata\ATI
2010-08-15 22:13:30 0 d-----w- c:\program files (x86)\NVIDIA Corporation
2010-08-15 16:22:50 463360 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-15 16:21:55 82944 ----a-w- c:\windows\syswow64\iccvid.dll
2010-08-15 16:21:55 52224 ----a-w- c:\windows\system32\rtutils.dll
2010-08-15 16:21:55 37376 ----a-w- c:\windows\syswow64\rtutils.dll
2010-08-15 16:21:53 3122688 ----a-w- c:\windows\system32\win32k.sys
2010-08-15 16:21:52 1877504 ----a-w- c:\windows\system32\msxml3.dll
2010-08-15 16:21:52 1233920 ----a-w- c:\windows\syswow64\msxml3.dll
2010-08-02 21:45:40 12867584 ----a-w- c:\windows\syswow64\shell32.dll
2010-07-29 19:53:52 0 d-----w- c:\programdata\doubleTwist Corporation
2010-07-29 19:53:52 0 d-----w- c:\program files (x86)\common files\doubleTwist
2010-07-29 19:53:49 60273 ----a-w- c:\windows\syswow64\pthreadGC2.dll
2010-07-29 19:53:49 57344 ----a-w- c:\windows\syswow64\ff_vfw.dll
2010-07-29 19:53:48 0 d-----w- c:\program files (x86)\ffdshow
2010-07-29 19:50:49 0 d-----w- c:\program files (x86)\doubleTwist 2.0

==================== Find3M ====================

2010-08-27 17:39:42 770672 ----a-w- c:\windows\system32\perfh00C.dat
2010-08-27 17:39:42 153942 ----a-w- c:\windows\system32\perfc00C.dat
2010-07-29 19:04:02 43520 ----a-w- c:\windows\syswow64\CmdLineExt03.dll
2010-07-26 16:38:52 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_androidusb_01009.Wdf
2010-07-26 16:32:32 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_androidusb_01005.Wdf
2010-07-14 05:11:44 185920 ----a-w- c:\windows\syswow64\rmoc3260.dll
2010-07-14 05:11:41 6656 ----a-w- c:\windows\syswow64\pndx5016.dll
2010-07-14 05:11:41 5632 ----a-w- c:\windows\syswow64\pndx5032.dll
2010-07-14 05:11:28 499712 ----a-w- c:\windows\syswow64\msvcp71.dll
2010-07-14 05:11:28 348160 ----a-w- c:\windows\syswow64\msvcr71.dll
2010-07-14 05:11:28 278528 ----a-w- c:\windows\syswow64\pncrt.dll
2010-07-13 10:56:40 466520 ----a-w- c:\windows\system32\wrap_oal.dll
2010-07-13 10:56:39 445016 ----a-w- c:\windows\syswow64\wrap_oal.dll
2010-07-13 10:56:39 123480 ----a-w- c:\windows\system32\OpenAL32.dll
2010-07-13 10:56:39 109144 ----a-w- c:\windows\syswow64\OpenAL32.dll
2010-07-12 07:43:14 828912 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-07-07 02:30:08 7195648 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2010-07-07 02:16:20 20118528 ----a-w- c:\windows\system32\atio6axx.dll
2010-07-07 01:55:08 15461888 ----a-w- c:\windows\syswow64\atioglxx.dll
2010-07-07 01:54:16 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2010-07-07 01:54:08 513024 ----a-w- c:\windows\syswow64\aticfx32.dll
2010-07-07 01:53:20 594432 ----a-w- c:\windows\system32\aticfx64.dll
2010-07-07 01:51:30 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-07-07 01:51:26 462336 ----a-w- c:\windows\system32\atieclxx.exe
2010-07-07 01:50:54 203264 ----a-w- c:\windows\system32\atiesrxx.exe
2010-07-07 01:49:48 120320 ----a-w- c:\windows\system32\atitmm64.dll
2010-07-07 01:49:36 421376 ----a-w- c:\windows\system32\atipdl64.dll
2010-07-07 01:49:28 356352 ----a-w- c:\windows\syswow64\atipdlxx.dll
2010-07-07 01:49:18 278528 ----a-w- c:\windows\syswow64\Oemdspif.dll
2010-07-07 01:49:14 12288 ----a-w- c:\windows\system32\atimuixx.dll
2010-07-07 01:49:10 59392 ----a-w- c:\windows\system32\atiedu64.dll
2010-07-07 01:49:06 43520 ----a-w- c:\windows\syswow64\ati2edxx.dll
2010-07-07 01:46:26 3826688 ----a-w- c:\windows\syswow64\atidxx32.dll
2010-07-07 01:37:36 4463616 ----a-w- c:\windows\system32\atidxx64.dll
2010-07-07 01:30:12 2785792 ----a-w- c:\windows\system32\atiumd6a.dll
2010-07-07 01:29:26 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2010-07-07 01:29:24 46080 ----a-w- c:\windows\syswow64\aticalrt.dll
2010-07-07 01:29:16 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2010-07-07 01:29:14 44032 ----a-w- c:\windows\syswow64\aticalcl.dll
2010-07-07 01:29:06 5378560 ----a-w- c:\windows\system32\aticaldd64.dll
2010-07-07 01:28:20 3975680 ----a-w- c:\windows\syswow64\atiumdag.dll
2010-07-07 01:27:58 4323840 ----a-w- c:\windows\syswow64\aticaldd.dll
2010-07-07 01:24:34 55296 ----a-w- c:\windows\system32\coinst.dll
2010-07-07 01:23:14 3058688 ----a-w- c:\windows\syswow64\atiumdva.dll
2010-07-07 01:22:26 5099008 ----a-w- c:\windows\system32\atiumd64.dll
2010-07-07 01:16:06 335872 ----a-w- c:\windows\system32\atiadlxx.dll
2010-07-07 01:16:02 237568 ----a-w- c:\windows\syswow64\atiadlxy.dll
2010-07-07 01:15:54 14848 ----a-w- c:\windows\system32\atig6pxx.dll
2010-07-07 01:15:50 12800 ----a-w- c:\windows\syswow64\atiglpxx.dll
2010-07-07 01:15:50 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2010-07-07 01:15:48 18432 ----a-w- c:\windows\system32\atig6txx.dll
2010-07-07 01:15:46 16896 ----a-w- c:\windows\syswow64\atigktxx.dll
2010-07-07 01:15:42 265728 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2010-07-07 01:15:04 39424 ----a-w- c:\windows\system32\atiuxp64.dll
2010-07-07 01:14:58 30208 ----a-w- c:\windows\syswow64\atiuxpag.dll
2010-07-07 01:14:50 30208 ----a-w- c:\windows\system32\atiu9p64.dll
2010-07-07 01:14:44 22528 ----a-w- c:\windows\syswow64\atiu9pag.dll
2010-07-07 01:14:16 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2010-07-07 01:11:12 54272 ----a-w- c:\windows\system32\atimpc64.dll
2010-07-07 01:11:12 54272 ----a-w- c:\windows\system32\amdpcom64.dll
2010-07-07 01:11:06 52736 ----a-w- c:\windows\syswow64\atimpc32.dll
2010-07-07 01:11:06 52736 ----a-w- c:\windows\syswow64\amdpcom32.dll
2010-07-06 22:17:49 66576 ----a-w- c:\windows\system32\drivers\tmactmon.sys
2010-07-06 22:17:49 56336 ----a-w- c:\windows\system32\drivers\tmevtmgr.sys
2010-07-06 22:17:49 135696 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2010-07-04 17:11:28 25960 ----a-w- c:\windows\syswow64\FsExService64.Exe
2010-07-04 17:11:28 25960 ----a-w- c:\windows\system32\FsExService64.exe
2010-06-30 07:13:46 1192960 ----a-w- c:\windows\system32\wininet.dll
2010-06-30 06:25:31 978432 ----a-w- c:\windows\syswow64\wininet.dll
2010-06-30 06:25:18 1226240 ----a-w- c:\windows\syswow64\urlmon.dll
2010-06-30 06:22:45 606208 ----a-w- c:\windows\syswow64\mstime.dll
2010-06-30 06:22:34 5971456 ----a-w- c:\windows\syswow64\mshtml.dll
2010-06-30 06:22:33 64512 ----a-w- c:\windows\syswow64\msfeedsbs.dll
2010-06-30 06:21:57 48128 ----a-w- c:\windows\syswow64\jsproxy.dll
2010-06-30 06:21:47 185856 ----a-w- c:\windows\syswow64\iepeers.dll
2010-06-30 06:21:47 176640 ----a-w- c:\windows\syswow64\ieui.dll
2010-06-30 06:21:46 10985472 ----a-w- c:\windows\syswow64\ieframe.dll
2010-06-30 06:21:44 381440 ----a-w- c:\windows\syswow64\iedkcs32.dll
2010-06-30 06:19:16 12800 ----a-w- c:\windows\syswow64\msfeedssync.exe
2010-06-19 07:05:01 5507968 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-06-19 06:33:29 3955080 ----a-w- c:\windows\syswow64\ntkrnlpa.exe
2010-06-19 06:33:29 3899784 ----a-w- c:\windows\syswow64\ntoskrnl.exe
2010-06-16 06:11:10 340992 ----a-w- c:\windows\system32\schannel.dll
2010-06-16 05:48:35 224256 ----a-w- c:\windows\syswow64\schannel.dll
2010-06-15 22:28:58 2857 ----a-w- c:\windows\syswow64\atipblag.dat
2010-06-15 22:28:58 2857 ----a-w- c:\windows\system32\atipblag.dat
2010-06-11 11:12:11 65536 ----a-w- c:\windows\TADSUINS.EXE
2010-06-07 11:24:45 87456 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2010-06-07 11:24:44 80768 ----a-w- c:\windows\system32\LMIinit.dll
2010-06-07 11:24:44 33152 ----a-w- c:\windows\system32\LMIport.dll
2010-06-02 02:55:30 77656 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2010-06-02 02:55:30 74072 ----a-w- c:\windows\syswow64\XAPOFX1_5.dll
2010-06-02 02:55:30 527192 ----a-w- c:\windows\syswow64\XAudio2_7.dll
2010-06-02 02:55:30 518488 ----a-w- c:\windows\system32\XAudio2_7.dll
2010-06-02 02:55:30 239960 ----a-w- c:\windows\syswow64\xactengine3_7.dll
2010-06-02 02:55:30 176984 ----a-w- c:\windows\system32\xactengine3_7.dll
2009-07-14 15:24:01 38160 ----a-w- c:\windows\inf\perflib\040c\perfd.dat
2009-07-14 15:24:01 38160 ----a-w- c:\windows\inf\perflib\040c\perfc.dat
2009-07-14 15:24:01 344522 ----a-w- c:\windows\inf\perflib\040c\perfi.dat
2009-07-14 15:24:01 344522 ----a-w- c:\windows\inf\perflib\040c\perfh.dat
2009-06-10 20:44:08 9633792 --sha-r- c:\windows\fonts\StaticCache.dat
2010-03-28 10:00:47 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010032820100329\index.dat
2009-07-14 01:39:53 398848 --sha-w- c:\windows\winsxs\amd64_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_4d4d1f2f696639a2\WinMail.exe
2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

============= FINISH: 19:57:22,92 ===============
SkyTech

Re: Problème d'installation de Trend Micro Titanium

par SkyTech »

Salut,

Un dernier rapport comme je trouve toujours pas de trace...


* Télécharge >> OTL <<sur ton bureau.

* Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINT

* Cliques sur l'icône "Analyse" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés
Kashart

Re: Problème d'installation de Trend Micro Titanium

par Kashart »

Voici les deux rapports :

OTL.txt :

OTL logfile created on: 27/08/2010 22:11:08 - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\Ludo\Desktop
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 67,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 48,73 Gb Total Space | 10,04 Gb Free Space | 20,60% Space Free | Partition Type: NTFS
Drive D: | 29,30 Gb Total Space | 3,42 Gb Free Space | 11,68% Space Free | Partition Type: NTFS
Drive E: | 117,19 Gb Total Space | 37,80 Gb Free Space | 32,25% Space Free | Partition Type: NTFS
Drive F: | 97,66 Gb Total Space | 8,32 Gb Free Space | 8,52% Space Free | Partition Type: NTFS
Drive G: | 172,79 Gb Total Space | 49,31 Gb Free Space | 28,54% Space Free | Partition Type: NTFS
Drive H: | 87,89 Gb Total Space | 19,56 Gb Free Space | 22,25% Space Free | Partition Type: NTFS
Drive I: | 107,42 Gb Total Space | 54,35 Gb Free Space | 50,60% Space Free | Partition Type: NTFS
Drive J: | 270,45 Gb Total Space | 7,31 Gb Free Space | 2,70% Space Free | Partition Type: NTFS
Drive K: | 7,84 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: PC_LUDO
Current User Name: Ludo
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\Ludo\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
PRC - C:\Windows\SysWOW64\CTxfispi.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe ()
PRC - D:\Sauvegarde\Acronis\TrueImageHome\TrueImageMonitor.exe ()
PRC - C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.)
PRC - C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.)
PRC - D:\Utilitaires\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.)
PRC - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe (VMware, Inc.)
PRC - C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHelp.exe (ASUSTeK Computer Inc.)
PRC - D:\Utilitaires\Alcohol 52\StarWind\StarWindServiceAE.exe (StarWind Software)
PRC - C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe (ASUSTeK Computer Inc.)
PRC - C:\ASUS.SYS\config\DVMExportService.exe (DeviceVM, Inc.)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe (Creative Technology Ltd)


========== Modules (SafeList) ==========

MOD - C:\Users\Ludo\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV:64bit: - (VMware NAT Service) -- C:\Windows\SysNative\vmnat.exe File not found
SRV:64bit: - (VMnetDHCP) -- C:\Windows\SysNative\vmnetdhcp.exe File not found
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (ose64) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV:64bit: - (UmRdpService) -- C:\Windows\SysNative\umrdp.dll (Microsoft Corporation)
SRV:64bit: - (StorSvc) -- C:\Windows\SysNative\StorSvc.dll (Microsoft Corporation)
SRV:64bit: - (PeerDistSvc) -- C:\Windows\SysNative\PeerDistSvc.dll (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:64bit: - (CscService) -- C:\Windows\SysNative\cscsvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (afcdpsrv) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
SRV - (LMIMaint) -- C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe (LogMeIn, Inc.)
SRV - (Apple Mobile Device) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (AcrSch2Svc) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe ()
SRV - (clr_optimization_v4.0.30319_64) -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (Creative ALchemy AL6 Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe (Creative Labs)
SRV - (VMware NAT Service) -- C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.)
SRV - (VMnetDHCP) -- C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.)
SRV - (VMAuthdService) -- D:\Utilitaires\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.)
SRV - (VMUSBArbService) -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe (VMware, Inc.)
SRV - (StarWindServiceAE) -- D:\Utilitaires\Alcohol 52\StarWind\StarWindServiceAE.exe (StarWind Software)
SRV - (DAUpdaterSvc) -- E:\Role\Dragon Age\bin_ship\daupdatersvc.service.exe (BioWare)
SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (ufad-ws60) -- D:\Utilitaires\VMware\VMware Workstation\vmware-ufad.exe (VMware, Inc.)
SRV - (AsSysCtrlService) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe (ASUSTeK Computer Inc.)
SRV - (DvmMDES) -- C:\ASUS.SYS\config\DVMExportService.exe (DeviceVM, Inc.)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (IAANTMON) Intel(R) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (CTAudSvcService) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
SRV - (LogMeIn) -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe (LogMeIn, Inc.)


========== Driver Services (SafeList) ==========

DRV:64bit: - (NPPTNT2) -- C:\Windows\SysNative\npptNT2.sys File not found
DRV:64bit: - (eamonm) -- C:\Windows\SysNative\DRIVERS\eamonm.sys File not found
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (afcdp) -- C:\Windows\SysNative\drivers\afcdp.sys (Acronis)
DRV:64bit: - (tdrpman258) Acronis Try&Decide and Restore Points filter (build 258) -- C:\Windows\SysNative\drivers\tdrpm258.sys (Acronis)
DRV:64bit: - (timounter) -- C:\Windows\SysNative\drivers\timntr.sys (Acronis)
DRV:64bit: - (snapman) -- C:\Windows\SysNative\drivers\snapman.sys (Acronis)
DRV:64bit: - (TFsExDisk) -- C:\Windows\SysNative\drivers\TFsExDisk.sys (Teruten Inc)
DRV:64bit: - (radpms) -- C:\Windows\SysNative\drivers\radpms.sys (LogMeIn, Inc.)
DRV:64bit: - (LMIRfsClientNP) -- C:\Windows\SysNative\LMIRfsClientNP.dll (LogMeIn, Inc.)
DRV:64bit: - (ha20x2k) -- C:\Windows\SysNative\drivers\ha20x2k.sys (Creative Technology Ltd)
DRV:64bit: - (emupia) -- C:\Windows\SysNative\drivers\emupia2k.sys (Creative Technology Ltd)
DRV:64bit: - (ctsfm2k) -- C:\Windows\SysNative\drivers\ctsfm2k.sys (Creative Technology Ltd)
DRV:64bit: - (ctprxy2k) -- C:\Windows\SysNative\drivers\ctprxy2k.sys (Creative Technology Ltd)
DRV:64bit: - (ossrv) -- C:\Windows\SysNative\drivers\ctoss2k.sys (Creative Technology Ltd.)
DRV:64bit: - (ctaud2k) Creative Audio Driver (WDM) -- C:\Windows\SysNative\drivers\ctaud2k.sys (Creative Technology Ltd)
DRV:64bit: - (ctac32k) -- C:\Windows\SysNative\drivers\ctac32k.sys (Creative Technology Ltd)
DRV:64bit: - (CTEXFIFX.SYS) -- C:\Windows\SysNative\drivers\CTEXFIFX.sys (Creative Technology Ltd.)
DRV:64bit: - (CTEXFIFX) -- C:\Windows\SysNative\drivers\CTEXFIFX.sys (Creative Technology Ltd.)
DRV:64bit: - (CTHWIUT.SYS) -- C:\Windows\SysNative\drivers\CTHWIUT.sys (Creative Technology Ltd.)
DRV:64bit: - (CTHWIUT) -- C:\Windows\SysNative\drivers\CTHWIUT.sys (Creative Technology Ltd.)
DRV:64bit: - (CT20XUT.SYS) -- C:\Windows\SysNative\drivers\CT20XUT.sys (Creative Technology Ltd.)
DRV:64bit: - (CT20XUT) -- C:\Windows\SysNative\drivers\CT20XUT.sys (Creative Technology Ltd.)
DRV:64bit: - (androidusb) -- C:\Windows\SysNative\drivers\androidusb.sys (Google Inc)
DRV:64bit: - (sscdmdm) -- C:\Windows\SysNative\drivers\sscdmdm.sys (MCCI Corporation)
DRV:64bit: - (sscdserd) SAMSUNG Mobile Modem Diagnostic Serial Port (WDM) -- C:\Windows\SysNative\drivers\sscdserd.sys (MCCI Corporation)
DRV:64bit: - (sscdbus) SAMSUNG USB Composite Device driver (WDM) -- C:\Windows\SysNative\drivers\sscdbus.sys (MCCI Corporation)
DRV:64bit: - (sscdmdfl) -- C:\Windows\SysNative\drivers\sscdmdfl.sys (MCCI Corporation)
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys (Sun Microsystems, Inc.)
DRV:64bit: - (iPodDrv) -- C:\Windows\SysNative\drivers\iPodDrv.sys (Windows (R) Codename Longhorn DDK provider)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (vmx86) -- C:\Windows\SysNative\drivers\vmx86.sys (VMware, Inc.)
DRV:64bit: - (vmkbd) -- C:\Windows\SysNative\drivers\VMkbd.sys (VMware, Inc.)
DRV:64bit: - (vmci) -- C:\Windows\SysNative\drivers\vmci.sys (VMware, Inc.)
DRV:64bit: - (VMnetuserif) -- C:\Windows\SysNative\drivers\vmnetuserif.sys (VMware, Inc.)
DRV:64bit: - (hcmon) -- C:\Windows\SysNative\drivers\hcmon.sys (VMware, Inc.)
DRV:64bit: - (vmusb) -- C:\Windows\SysNative\drivers\vmusb.sys (VMware, Inc.)
DRV:64bit: - (VMnetBridge) -- C:\Windows\SysNative\drivers\vmnetbridge.sys (VMware, Inc.)
DRV:64bit: - (VMnetAdapter) -- C:\Windows\SysNative\drivers\vmnetadapter.sys (VMware, Inc.)
DRV:64bit: - (vpcvmm) -- C:\Windows\SysNative\drivers\vpcvmm.sys (Microsoft Corporation)
DRV:64bit: - (EnumProcessesDriver) -- C:\Windows\SysNative\drivers\EnumProcessesDriver.sys ()
DRV:64bit: - (vpcnfltr) -- C:\Windows\SysNative\drivers\vpcnfltr.sys (Microsoft Corporation)
DRV:64bit: - (vpcusb) -- C:\Windows\SysNative\drivers\vpcusb.sys (Microsoft Corporation)
DRV:64bit: - (vpcbus) -- C:\Windows\SysNative\drivers\vpchbus.sys (Microsoft Corporation)
DRV:64bit: - (JRAID) -- C:\Windows\SysNative\drivers\jraid.sys (JMicron Technology Corp.)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (vmbus) -- C:\Windows\SysNative\drivers\vmbus.sys (Microsoft Corporation)
DRV:64bit: - (storflt) -- C:\Windows\SysNative\drivers\vmstorfl.sys (Microsoft Corporation)
DRV:64bit: - (storvsc) -- C:\Windows\SysNative\drivers\storvsc.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (s3cap) -- C:\Windows\SysNative\drivers\vms3cap.sys (Microsoft Corporation)
DRV:64bit: - (VMBusHID) -- C:\Windows\SysNative\drivers\VMBusHID.sys (Microsoft Corporation)
DRV:64bit: - (CSC) -- C:\Windows\SysNative\drivers\csc.sys (Microsoft Corporation)
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (ENTECH64) -- C:\Windows\SysNative\drivers\Entech64.sys (EnTech Taiwan)
DRV:64bit: - (UsbDiag) -- C:\Windows\SysNative\drivers\lgx64diag.sys (LG Electronics Inc.)
DRV:64bit: - (USBModem) -- C:\Windows\SysNative\drivers\lgx64modem.sys (LG Electronics Inc.)
DRV:64bit: - (usbbus) -- C:\Windows\SysNative\drivers\lgx64bus.sys (LG Electronics Inc.)
DRV:64bit: - (LMIRfsDriver) -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys (LogMeIn, Inc.)
DRV:64bit: - (lmimirr) -- C:\Windows\SysNative\drivers\lmimirr.sys (LogMeIn, Inc.)
DRV:64bit: - (MarvinBus) -- C:\Windows\SysNative\drivers\MarvinBus64.sys (Pinnacle Systems GmbH)
DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc)
DRV - (vstor2-ws60) -- D:\Utilitaires\VMware\VMware Workstation\vstor2-ws60.sys (VMware, Inc.)
DRV - (LMIInfo) -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys (LogMeIn, Inc.)
DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D9 C9 6E 13 41 6D CA 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========


FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009/12/18 19:08:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: D:\Internet\Mozilla Firefox\components [2010/07/24 17:01:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: D:\Internet\Mozilla Firefox\plugins [2010/08/20 21:32:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.2\extensions\\Components: D:\Internet\Mozilla Thunderbird\components [2010/08/07 19:01:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.2\extensions\\Plugins: D:\Internet\Mozilla Thunderbird\plugins

[2009/11/25 02:24:10 | 000,000,000 | ---D | M] -- C:\Users\Ludo\AppData\Roaming\mozilla\Extensions
[2009/11/25 02:14:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ludo\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/08/27 20:13:03 | 000,000,000 | ---D | M] -- C:\Users\Ludo\AppData\Roaming\mozilla\Firefox\Profiles\1sbly3nf.default\extensions
[2010/01/22 08:59:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ludo\AppData\Roaming\mozilla\Firefox\Profiles\1sbly3nf.default\extensions\{07b2a769-ed19-4483-87ce-c643914c9626}
[2010/04/27 11:37:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Ludo\AppData\Roaming\mozilla\Firefox\Profiles\1sbly3nf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/01/22 08:59:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ludo\AppData\Roaming\mozilla\Firefox\Profiles\1sbly3nf.default\extensions\{359faf50-e061-11dd-ad8b-0800200c9a66}
[2010/07/08 16:19:10 | 000,000,000 | ---D | M] (New Tab Homepage) -- C:\Users\Ludo\AppData\Roaming\mozilla\Firefox\Profiles\1sbly3nf.default\extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}
[2010/07/27 18:36:27 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Ludo\AppData\Roaming\mozilla\Firefox\Profiles\1sbly3nf.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/08/27 20:13:03 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Ludo\AppData\Roaming\mozilla\Firefox\Profiles\1sbly3nf.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/08/27 20:13:03 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Users\Ludo\AppData\Roaming\mozilla\Firefox\Profiles\1sbly3nf.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010/01/22 08:59:20 | 000,000,000 | ---D | M] -- C:\Users\Ludo\AppData\Roaming\mozilla\Firefox\Profiles\1sbly3nf.default\extensions\[email protected]
[2010/05/10 23:47:19 | 000,000,000 | ---D | M] -- C:\Users\Ludo\AppData\Roaming\mozilla\Firefox\Profiles\1sbly3nf.default\extensions\[email protected]
[2010/08/17 22:36:03 | 000,000,000 | ---D | M] -- C:\Users\Ludo\AppData\Roaming\mozilla\Firefox\Profiles\1sbly3nf.default\extensions\[email protected]
[2010/06/25 19:22:11 | 000,000,000 | ---D | M] -- C:\Users\Ludo\AppData\Roaming\mozilla\Firefox\Profiles\1sbly3nf.default\extensions\[email protected]
[2010/02/02 23:25:44 | 000,000,000 | ---D | M] -- C:\Users\Ludo\AppData\Roaming\mozilla\Firefox\Profiles\1sbly3nf.default\extensions\[email protected]
[2010/01/22 08:59:27 | 000,000,000 | ---D | M] -- C:\Users\Ludo\AppData\Roaming\mozilla\Firefox\Profiles\1sbly3nf.default\extensions\[email protected]
[2010/01/22 08:59:24 | 000,000,000 | ---D | M] -- C:\Users\Ludo\AppData\Roaming\mozilla\Firefox\Profiles\1sbly3nf.default\extensions\[email protected]
[2010/04/15 22:29:28 | 000,000,000 | ---D | M] -- C:\Users\Ludo\AppData\Roaming\mozilla\Firefox\Profiles\1sbly3nf.default\extensions\[email protected]
[2010/04/15 22:29:26 | 000,000,000 | ---D | M] -- C:\Users\Ludo\AppData\Roaming\mozilla\Firefox\Profiles\1sbly3nf.default\extensions\[email protected]
[2010/05/10 23:44:40 | 000,000,000 | ---D | M] -- C:\Users\Ludo\AppData\Roaming\mozilla\Firefox\Profiles\1sbly3nf.default\extensions\[email protected]
[2010/05/10 23:45:07 | 000,000,000 | ---D | M] -- C:\Users\Ludo\AppData\Roaming\mozilla\Firefox\Profiles\1sbly3nf.default\extensions\[email protected]
[2010/05/10 23:47:19 | 000,000,000 | ---D | M] -- C:\Users\Ludo\AppData\Roaming\mozilla\Firefox\Profiles\1sbly3nf.default\extensions\[email protected]\chrome\mozapps\extensions
[2010/05/10 23:44:40 | 000,000,000 | ---D | M] -- C:\Users\Ludo\AppData\Roaming\mozilla\Firefox\Profiles\1sbly3nf.default\extensions\[email protected]\chrome\mozapps\extensions
[2009/11/25 02:24:13 | 000,000,000 | ---D | M] -- C:\Users\Ludo\AppData\Roaming\mozilla\Firefox\Profiles\5y6pb8xi.default\extensions
[2009/11/25 02:24:13 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Ludo\AppData\Roaming\mozilla\Firefox\Profiles\5y6pb8xi.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/07/21 13:30:26 | 000,000,000 | ---D | M] -- C:\Users\Ludo\AppData\Roaming\mozilla\Sunbird\Profiles\thvs2y0z.default\extensions

O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Bureautique\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (PodcastBHO Class) - {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll (doubleTwist Corporation)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O4:64bit: - HKLM..\Run: [Service Scheduler2 Acronis] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe ()
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [QFan Help] C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] D:\Sauvegarde\Acronis\TrueImageHome\TrueImageMonitor.exe ()
O4 - HKLM..\Run: [TurboV EVO] C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [Steam] e:\software\steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: &Envoyer à OneNote - D:\Bureautique\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: E&xporter vers Microsoft Excel - D:\Bureautique\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: &Envoyer à OneNote - D:\Bureautique\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - D:\Bureautique\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9:64bit: - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Bureautique\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Bureautique\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Bureautique\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Bureautique\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - D:\Utilitaires\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000012 - D:\Utilitaires\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - D:\Utilitaires\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - D:\Utilitaires\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: kuaiche.com ([software] http in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwar ... /CTPID.cab (Creative Software AutoUpdate Support Package)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/07/17 00:13:07 | 001,246,440 | R--- | M] (BioWare) - K:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2009/04/14 05:17:18 | 000,000,058 | R--- | M] () - K:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{609b7f1b-d96c-11de-811d-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{609b7f1b-d96c-11de-811d-806e6f6e6963}\Shell\AutoRun\command - "" = K:\autorun.exe -- [2009/07/17 00:13:07 | 001,246,440 | R--- | M] (BioWare)
O33 - MountPoints2\{feeb0050-1640-11df-8633-90e6ba070fd5}\Shell - "" = AutoRun
O33 - MountPoints2\{feeb0050-1640-11df-8633-90e6ba070fd5}\Shell\AutoRun\command - "" = L:\Opendisc.exe -- File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2010/08/27 22:09:24 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Ludo\Desktop\OTL.exe
[2010/08/24 14:37:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2010/08/24 14:37:37 | 000,000,000 | ---D | C] -- C:\rsit
[2010/08/24 13:47:28 | 000,000,000 | ---D | C] -- C:\Users\Ludo\Desktop\ZHPDiag
[2010/08/24 12:58:35 | 000,520,192 | ---- | C] (OldTimer Tools) -- C:\Users\Ludo\Desktop\OTM.exe
[2010/08/24 02:09:57 | 000,512,000 | ---- | C] (ESET) -- C:\Users\Ludo\Desktop\ESETUninstaller.exe
[2010/08/17 14:19:23 | 000,000,000 | ---D | C] -- C:\Users\Ludo\Documents\CAPCOM
[2010/08/16 00:53:22 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010/08/16 00:13:35 | 000,000,000 | ---D | C] -- C:\Users\Ludo\AppData\Local\2K Games
[2010/08/16 00:13:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2010/08/16 00:13:02 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2010/08/16 00:13:02 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2010/08/16 00:13:02 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2010/08/16 00:13:02 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2010/08/16 00:13:02 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2010/08/16 00:13:02 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2010/08/16 00:13:02 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2010/08/16 00:13:02 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2010/08/16 00:13:02 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2010/08/16 00:13:02 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2010/08/16 00:13:01 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2010/08/16 00:13:01 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2010/08/16 00:13:01 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2010/08/16 00:13:01 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2010/08/16 00:13:01 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2010/08/16 00:13:01 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2010/08/16 00:13:01 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2010/08/16 00:13:01 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2010/08/16 00:13:01 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2010/08/16 00:13:01 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2010/08/16 00:13:01 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2010/08/15 18:22:22 | 005,507,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010/08/15 18:22:22 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2010/08/15 18:22:21 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2010/08/15 18:22:13 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010/08/15 18:22:13 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010/08/15 18:22:12 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010/08/15 18:22:12 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010/08/15 18:22:12 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010/08/15 18:22:12 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010/08/15 18:21:55 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2010/08/15 18:21:55 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2010/08/15 18:21:55 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
[2010/07/29 22:18:27 | 000,000,000 | ---D | C] -- C:\Users\Ludo\Documents\Subscriptions
[2010/07/29 21:54:00 | 000,000,000 | ---D | C] -- C:\Users\Ludo\AppData\Local\doubleTwist Corporation
[2010/07/29 21:53:52 | 000,000,000 | ---D | C] -- C:\ProgramData\doubleTwist Corporation
[2010/07/29 21:53:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\doubleTwist
[2010/07/29 21:53:49 | 000,060,273 | ---- | C] (Open Source Software community project) -- C:\Windows\SysWow64\pthreadGC2.dll
[2010/07/29 21:53:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ffdshow
[2010/07/29 21:50:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\doubleTwist 2.0
[2010/05/05 19:59:10 | 000,060,928 | ---- | C] ( ) -- C:\Windows\SysWow64\a3d.dll
[2 C:\Users\Ludo\*.tmp files -> C:\Users\Ludo\*.tmp -> ]
[1 C:\Users\Ludo\Documents\*.tmp files -> C:\Users\Ludo\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/08/27 22:13:12 | 004,718,592 | -HS- | M] () -- C:\Users\Ludo\ntuser.dat
[2010/08/27 22:09:26 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Ludo\Desktop\OTL.exe
[2010/08/27 20:44:20 | 049,577,824 | ---- | M] () -- C:\Users\Ludo\Desktop\Galaxo_V1.6.3.4.zip
[2010/08/27 19:56:51 | 000,525,824 | ---- | M] () -- C:\Users\Ludo\Desktop\dds.scr
[2010/08/27 19:54:09 | 000,000,306 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2010/08/27 19:45:25 | 000,000,177 | -H-- | M] () -- C:\dvmexp.idx
[2010/08/27 19:42:27 | 000,020,704 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/08/27 19:42:27 | 000,020,704 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/08/27 19:39:42 | 001,714,656 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/08/27 19:39:42 | 000,770,672 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2010/08/27 19:39:42 | 000,668,678 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/08/27 19:39:42 | 000,153,942 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2010/08/27 19:39:42 | 000,127,916 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/08/27 19:35:14 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/08/27 19:35:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/08/27 19:35:04 | 3214,159,872 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/24 19:00:04 | 000,061,448 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{00000007-00000000-00000001-00001102-00000005-00311102}.rfx
[2010/08/24 19:00:04 | 000,061,448 | ---- | M] () -- C:\Windows\SysNative\BMXState-{00000007-00000000-00000001-00001102-00000005-00311102}.rfx
[2010/08/24 19:00:04 | 000,000,788 | ---- | M] () -- C:\Windows\SysNative\DVCState-{00000007-00000000-00000001-00001102-00000005-00311102}.rfx
[2010/08/24 18:59:45 | 001,345,776 | -H-- | M] () -- C:\Users\Ludo\AppData\Local\IconCache.db
[2010/08/24 14:37:25 | 000,339,991 | ---- | M] () -- C:\Users\Ludo\Desktop\RSIT.exe
[2010/08/24 13:54:10 | 000,061,534 | ---- | M] () -- C:\Users\Ludo\Desktop\Rapports Syslook-ZHP.rar
[2010/08/24 13:47:20 | 000,395,630 | ---- | M] () -- C:\Users\Ludo\Desktop\ZHPDiag.zip
[2010/08/24 12:58:26 | 000,520,192 | ---- | M] (OldTimer Tools) -- C:\Users\Ludo\Desktop\OTM.exe
[2010/08/24 04:13:59 | 000,100,908 | ---- | M] () -- C:\Users\Ludo\Desktop\SystemLook.exe
[2010/08/24 02:07:05 | 000,512,000 | ---- | M] (ESET) -- C:\Users\Ludo\Desktop\ESETUninstaller.exe
[2010/08/24 00:30:57 | 000,396,138 | ---- | M] () -- C:\Users\Ludo\Desktop\SysInfo.html
[2010/08/24 00:27:12 | 000,000,721 | ---- | M] () -- C:\Users\Ludo\Desktop\Auslogics System Information.lnk
[2010/08/24 00:26:46 | 000,000,736 | ---- | M] () -- C:\Users\Ludo\Desktop\Auslogics Duplicate File Finder.lnk
[2010/08/24 00:11:16 | 000,000,694 | ---- | M] () -- C:\Users\Ludo\Desktop\Auslogics Registry Cleaner.lnk
[2010/08/24 00:10:35 | 000,000,661 | ---- | M] () -- C:\Users\Ludo\Desktop\Glary Utilities.lnk
[2010/08/20 05:42:15 | 000,000,124 | ---- | M] () -- C:\Users\Ludo\Documents\ax_files.xml
[2010/08/16 10:17:23 | 002,427,656 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/08/07 12:46:11 | 000,147,848 | ---- | M] () -- C:\Users\Ludo\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/08/06 19:43:52 | 281,331,816 | ---- | M] () -- C:\Users\Ludo\Desktop\Registre.reg
[2010/07/29 21:53:52 | 000,002,089 | ---- | M] () -- C:\Users\Ludo\Application Data\Microsoft\Internet Explorer\Quick Launch\doubleTwist.lnk
[2010/07/29 21:04:02 | 000,043,520 | ---- | M] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2010/07/29 08:30:34 | 000,082,944 | ---- | M] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2 C:\Users\Ludo\*.tmp files -> C:\Users\Ludo\*.tmp -> ]
[1 C:\Users\Ludo\Documents\*.tmp files -> C:\Users\Ludo\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/08/27 20:13:45 | 049,577,824 | ---- | C] () -- C:\Users\Ludo\Desktop\Galaxo_V1.6.3.4.zip
[2010/08/27 19:56:42 | 000,525,824 | ---- | C] () -- C:\Users\Ludo\Desktop\dds.scr
[2010/08/24 14:37:25 | 000,339,991 | ---- | C] () -- C:\Users\Ludo\Desktop\RSIT.exe
[2010/08/24 13:54:10 | 000,061,534 | ---- | C] () -- C:\Users\Ludo\Desktop\Rapports Syslook-ZHP.rar
[2010/08/24 13:47:18 | 000,395,630 | ---- | C] () -- C:\Users\Ludo\Desktop\ZHPDiag.zip
[2010/08/24 04:14:13 | 000,100,908 | ---- | C] () -- C:\Users\Ludo\Desktop\SystemLook.exe
[2010/08/24 00:30:57 | 000,396,138 | ---- | C] () -- C:\Users\Ludo\Desktop\SysInfo.html
[2010/08/24 00:27:12 | 000,000,721 | ---- | C] () -- C:\Users\Ludo\Desktop\Auslogics System Information.lnk
[2010/08/24 00:26:46 | 000,000,736 | ---- | C] () -- C:\Users\Ludo\Desktop\Auslogics Duplicate File Finder.lnk
[2010/08/24 00:11:16 | 000,000,694 | ---- | C] () -- C:\Users\Ludo\Desktop\Auslogics Registry Cleaner.lnk
[2010/08/06 19:43:45 | 281,331,816 | ---- | C] () -- C:\Users\Ludo\Desktop\Registre.reg
[2010/07/29 21:53:52 | 000,002,089 | ---- | C] () -- C:\Users\Ludo\Application Data\Microsoft\Internet Explorer\Quick Launch\doubleTwist.lnk
[2010/07/29 21:53:49 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010/07/15 13:15:37 | 000,374,272 | ---- | C] () -- C:\Windows\mss32.dll
[2010/07/15 01:31:05 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2010/07/13 19:25:40 | 000,000,029 | ---- | C] () -- C:\Windows\sfbm.INI
[2010/06/26 18:25:09 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010/05/05 20:37:52 | 000,021,204 | ---- | C] () -- C:\Windows\SysWow64\instwdm.ini
[2010/05/05 19:56:46 | 000,002,560 | ---- | C] () -- C:\Windows\SysWow64\CtxfiRes.dll
[2010/05/01 03:26:49 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\xmltok.dll
[2010/05/01 03:26:49 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\xmlparse.dll
[2010/04/20 07:46:55 | 000,000,226 | ---- | C] () -- C:\Windows\ACTIVEJP.INI
[2010/04/02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010/03/23 19:48:09 | 000,000,036 | ---- | C] () -- C:\Users\Ludo\AppData\Local\housecall.guid.cache
[2010/03/10 22:21:34 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2010/03/02 18:03:05 | 000,327,168 | ---- | C] () -- C:\Windows\SysWow64\cutil32.dll
[2010/02/11 00:54:28 | 000,000,790 | ---- | C] () -- C:\Windows\cdplayer.ini
[2010/02/10 14:06:35 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010/02/04 14:30:28 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2010/02/04 14:30:28 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2010/01/22 14:36:06 | 000,000,175 | ---- | C] () -- C:\Users\Ludo\AppData\Roaming\default.rss
[2009/12/24 03:12:31 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\cdTextCtl.dll
[2009/12/20 11:17:22 | 000,000,092 | ---- | C] () -- C:\Users\Ludo\AppData\Local\fusioncache.dat
[2009/12/20 11:16:30 | 001,591,878 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/12/18 19:14:08 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009/11/25 15:11:01 | 000,002,553 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2009/11/24 22:52:06 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2009/11/24 22:52:06 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2009/11/24 22:51:17 | 000,003,072 | ---- | C] () -- C:\Windows\SysWow64\CTXFIFRN.DLL
[2009/11/24 22:19:22 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2009/11/24 22:19:22 | 000,013,440 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2009/11/24 22:19:03 | 000,035,717 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2009/11/24 22:03:03 | 000,007,666 | ---- | C] () -- C:\Users\Ludo\AppData\Local\resmon.resmoncfg
[2009/11/24 22:02:46 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2009/11/24 22:02:43 | 000,023,362 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/07/06 04:48:34 | 000,013,368 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsUpIO.sys
[2009/06/04 02:37:06 | 000,000,054 | ---- | C] () -- C:\Windows\SysWow64\ctzapxx.ini
[2009/05/27 10:49:00 | 000,000,285 | ---- | C] () -- C:\Windows\SysWow64\kill.ini
[2009/04/02 14:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2008/12/01 19:32:32 | 000,362,029 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
[2007/10/25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: IASTOR.SYS >
[2009/06/04 19:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2009/06/04 19:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastor.inf_amd64_neutral_c065a1006c648409\iaStor.sys
[2009/06/04 19:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver\IaStor.sys

< MD5 for: IASTORV.SYS >
[2009/07/14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009/07/14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2009/07/14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2009/07/14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< %systemroot%\*. /mp /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:3078E216
< End of report >
Kashart

Re: Problème d'installation de Trend Micro Titanium

par Kashart »

Et Extras.txt :

OTL Extras logfile created on: 27/08/2010 22:11:08 - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\Ludo\Desktop
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 67,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 48,73 Gb Total Space | 10,04 Gb Free Space | 20,60% Space Free | Partition Type: NTFS
Drive D: | 29,30 Gb Total Space | 3,42 Gb Free Space | 11,68% Space Free | Partition Type: NTFS
Drive E: | 117,19 Gb Total Space | 37,80 Gb Free Space | 32,25% Space Free | Partition Type: NTFS
Drive F: | 97,66 Gb Total Space | 8,32 Gb Free Space | 8,52% Space Free | Partition Type: NTFS
Drive G: | 172,79 Gb Total Space | 49,31 Gb Free Space | 28,54% Space Free | Partition Type: NTFS
Drive H: | 87,89 Gb Total Space | 19,56 Gb Free Space | 22,25% Space Free | Partition Type: NTFS
Drive I: | 107,42 Gb Total Space | 54,35 Gb Free Space | 50,60% Space Free | Partition Type: NTFS
Drive J: | 270,45 Gb Total Space | 7,31 Gb Free Space | 2,70% Space Free | Partition Type: NTFS
Drive K: | 7,84 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: PC_LUDO
Current User Name: Ludo
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Internet\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\Bureautique\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Bureautique\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\Bureautique\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Bureautique\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Windows XP Mode
"{20140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 (Beta)
"{20140000-0015-040C-1000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2010 (Beta)
"{20140000-0016-040C-1000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2010 (Beta)
"{20140000-0018-040C-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2010 (Beta)
"{20140000-0019-040C-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2010 (Beta)
"{20140000-001A-040C-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2010 (Beta)
"{20140000-001B-040C-1000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2010 (Beta)
"{20140000-001F-0401-1000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2010 (Beta)
"{20140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 (Beta)
"{20140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 (Beta)
"{20140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 (Beta)
"{20140000-001F-0413-1000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2010 (Beta)
"{20140000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 (Beta)
"{20140000-002C-040C-1000-0000000FF1CE}" = Microsoft Office Proofing (French) 2010 (Beta)
"{20140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010 (Beta)
"{20140000-0043-040C-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (French) 2010 (Beta)
"{20140000-0044-040C-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2010 (Beta)
"{20140000-006E-040C-1000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2010 (Beta)
"{20140000-00A1-040C-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2010 (Beta)
"{20140000-00BA-040C-1000-0000000FF1CE}" = Microsoft Office Groove MUI (French) 2010 (Beta)
"{397878FC-1B1B-EED7-04A8-3184CE494A3B}" = ATI Catalyst Install Manager
"{404BB1FF-A84F-432F-B77B-301E88E8D1C7}" = Apple Mobile Device Support
"{4B5F58F7-C7D1-3CE3-9B37-B657F0852643}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{752CCAEE-8E33-DE50-9454-B377A2205193}" = ccc-utility64
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96D5EB02-DE18-4DCD-A713-929B4461CA8D}" = iTunes
"{A00C9114-40E6-4C70-A619-7DF264B23485}" = HP Deskjet F4200 All-In-One Driver Software 13.0 Rel. 3
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C19D4D8F-4433-4F6D-9F0C-79589FD0B973}" = Bonjour
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{E6456858-8C0C-35CE-96B8-AFFCD205C9FC}" = AMD Drag and Drop Transcoding
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
"Office14.PROPLUS" = Microsoft Office Professionnel Plus 2010
"WinRAR archiver" = Logiciel d'archivage WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{003BFBBD-6C67-419E-A24D-0DCAFC3A5249}" = tools-freebsd
"{01DD9D3D-FA8A-E148-008D-5CDF1BE8911F}" = CCC Help Korean
"{02F5BD83-B529-37E3-B5DF-32ABC7EC63C4}" = ccc-core-static
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{072224C5-0C98-0902-9A71-89D4A8F3E810}" = CCC Help Thai
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{153C7D89-9CF4-4719-A551-C5BF45236DB5}" = redist
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{197597A7-AD33-4898-9D8E-73066818B464}" = tools-netware
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 20
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2A9A40C7-6670-4D5F-8F41-D12E2E08B48B}" = Star Wars(TM): Knights of the Old Republic (TM)
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{34F93E31-E1A0-421C-8E86-BCF7C4193A91}" = LogMeIn
"{363CEA5C-C9D0-45DD-9511-A461DBDEE94B}" = DJ_AIO_03_F4200_Software_Min
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{41B21B1F-950E-13FC-57C7-2AC44B196223}" = Catalyst Control Center Graphics Previews Vista
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{53B20C18-D8D4-4588-8737-9BBFE303C354}" = Windows Live Movie Maker
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{67ED38A3-4882-448B-B44D-3428AB00D7D5}" = Acronis True Image Home
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{6845255F-15CC-4DD1-94D5-D38F370118B3}_is1" = Auslogics Duplicate File Finder
"{6AA30800-F713-BB43-EDA2-1C380FE7FD63}" = Catalyst Control Center Localization All
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6F235FE4-8EC6-3FAB-1739-A434BFE76E27}" = CCC Help Chinese Standard
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{87323561-58BA-4D5B-BADA-A791B69D1705}" = Catalyst Control Center - Branding
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8D8024F1-2945-49A5-9B78-5AB7B11D7942}_is1" = Auslogics Registry Cleaner
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{92482FB3-C05B-41C6-89E7-75D985602A6E}" = System Requirements Lab
"{99AD9D6D-A456-49EE-8360-F22EE7AA1272}" = Express Gate
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9CA72668-86CC-5447-9278-A0378FE45378}" = Media Add-ons pour Acronis True Image Home 2010
"{9EEA437C-F436-755C-6B39-1840A33F45CF}" = Catalyst Control Center InstallProxy
"{A317EF8E-66FB-94B6-C4FA-96A0AED1AB2F}" = CCC Help Chinese Traditional
"{A3FF5CB2-FB35-4658-8751-9EDE1D65B3AA}" = VMware Workstation
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AB1C87CB-1807-4CF0-B4C2-CEE14C18CDB4}" = tools-solaris
"{AC76BA86-7AD7-1036-7B44-A93000000001}" = Adobe Reader 9.3.4 - Français
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D}" = tools-winPre2k
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
"{AF5A39FE-51FB-4BA3-B399-2D1F0C65D617}_is1" = Auslogics System Information
"{B131E59D-202C-43C6-84C9-68F0C37541F1}" = Galerie de photos Windows Live
"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{BCA434F2-A541-F63E-890C-F5D14E5B33D0}" = CCC Help English
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C2524280-A5CF-4458-B809-167F13FAB56D}" = F4200
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D102611A-6466-4101-A51D-51069303AC65}" = tools-linux
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.3.26 Game
"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EE5BC0BB-9EDA-423C-8276-48857B735D68}" = Prince of Persia l'Ame du Guerrier
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F538505D-D29C-6259-682C-E607D659B4B4}" = Catalyst Control Center Graphics Previews Common
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFB4E67D-DEF9-30BC-39F6-E9C1B05539F9}" = CCC Help Japanese
"{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AIMP2" = AIMP2
"Any Video Converter_is1" = Any Video Converter 3.0.7
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE
"AudioCS" = Panneau de configuration audio Creative
"BattlEye" = BattlEye Uninstall
"CCleaner" = CCleaner
"Comptes Bancaires_is1" = Comptes Bancaires 6.5
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties x64 Edition" = Creative Sound Blaster Properties x64 Edition
"doubleTwist" = doubleTwist
"ffdshow_is1" = ffdshow [rev 2527] [2008-12-19]
"Glary Utilities_is1" = Glary Utilities 2.27.0.982
"HijackThis" = HijackThis 2.0.2
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Gestionnaire de périphériques de plate-forme
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"JDownloader" = JDownloader
"Mass Effect_is1" = Mass Effect
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"Mozilla Thunderbird (3.1.2)" = Mozilla Thunderbird (3.1.2)
"Notepad++" = Notepad++
"OpenAL" = OpenAL
"RealPlayer 12.0" = RealPlayer
"Revo Uninstaller" = Revo Uninstaller 1.89
"SFBM" = Gestionnaire de banques SoundFont
"Spotify" = Spotify
"Starcraft" = Starcraft
"Steam App 33910" = ARMA 2
"Steam App 400" = Portal
"Steam App 41510" = Torchlight Demo
"Steam App 440" = Team Fortress 2
"Steam App 48700" = Mount and Blade: Warband
"Steam App 50280" = Mafia II - Demo
"Steam App 630" = Alien Swarm
"The KMPlayer FR_is1" = The KMPlayer v2.9.4.1435 FR
"VMware_Workstation" = VMware Workstation
"WinLiveSuite_Wave3" = Installation Windows Live

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FileZilla Client" = FileZilla Client 3.3.4.1

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 29/07/2010 08:15:09 | Computer Name = PC_Ludo | Source = VSS | ID = 22
Description =

Error - 29/07/2010 08:15:09 | Computer Name = PC_Ludo | Source = VSS | ID = 8193
Description =

Error - 29/07/2010 11:04:16 | Computer Name = PC_Ludo | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Échec de l’extraction de la liste racine tierce depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/m ... ootstl.cab>
avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon
la vérification par rapport à l’horloge système en cours ou le tampon daté dans
le fichier signé. .

Error - 29/07/2010 11:04:16 | Computer Name = PC_Ludo | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Échec de l’extraction de la liste racine tierce depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/m ... ootstl.cab>
avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon
la vérification par rapport à l’horloge système en cours ou le tampon daté dans
le fichier signé. .

Error - 29/07/2010 11:04:17 | Computer Name = PC_Ludo | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Échec de l’extraction de la liste racine tierce depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/m ... ootstl.cab>
avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon
la vérification par rapport à l’horloge système en cours ou le tampon daté dans
le fichier signé. .

Error - 29/07/2010 11:04:17 | Computer Name = PC_Ludo | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Échec de l’extraction de la liste racine tierce depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/m ... ootstl.cab>
avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon
la vérification par rapport à l’horloge système en cours ou le tampon daté dans
le fichier signé. .

Error - 29/07/2010 11:04:17 | Computer Name = PC_Ludo | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Échec de l’extraction de la liste racine tierce depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/m ... ootstl.cab>
avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon
la vérification par rapport à l’horloge système en cours ou le tampon daté dans
le fichier signé. .

Error - 29/07/2010 11:04:17 | Computer Name = PC_Ludo | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Échec de l’extraction de la liste racine tierce depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/m ... ootstl.cab>
avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon
la vérification par rapport à l’horloge système en cours ou le tampon daté dans
le fichier signé. .

Error - 29/07/2010 11:04:17 | Computer Name = PC_Ludo | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Échec de l’extraction de la liste racine tierce depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/m ... ootstl.cab>
avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon
la vérification par rapport à l’horloge système en cours ou le tampon daté dans
le fichier signé. .

Error - 29/07/2010 11:04:17 | Computer Name = PC_Ludo | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Échec de l’extraction de la liste racine tierce depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/m ... ootstl.cab>
avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon
la vérification par rapport à l’horloge système en cours ou le tampon daté dans
le fichier signé. .

[ System Events ]
Error - 04/04/2010 15:54:33 | Computer Name = PC_Ludo | Source = volsnap | ID = 393252
Description = Les clichés instantanés du volume C: ont été annulés car le stockage
du cliché instantané n’a pas pu s’agrandir en raison d’une limite utilisateur.

Error - 06/04/2010 18:24:42 | Computer Name = PC_Ludo | Source = srv | ID = 2017
Description = Le serveur n’a pas pu allouer de la mémoire non paginée car le serveur
a atteint la limite prévue dans la configuration pour les allocations de la réserve
non paginée.

Error - 06/04/2010 18:25:42 | Computer Name = PC_Ludo | Source = srv | ID = 2017
Description = Le serveur n’a pas pu allouer de la mémoire non paginée car le serveur
a atteint la limite prévue dans la configuration pour les allocations de la réserve
non paginée.

Error - 06/04/2010 18:26:42 | Computer Name = PC_Ludo | Source = srv | ID = 2017
Description = Le serveur n’a pas pu allouer de la mémoire non paginée car le serveur
a atteint la limite prévue dans la configuration pour les allocations de la réserve
non paginée.

Error - 08/04/2010 12:38:40 | Computer Name = PC_Ludo | Source = VDS Basic Provider | ID = 33554433
Description =

Error - 12/04/2010 08:24:33 | Computer Name = PC_Ludo | Source = volsnap | ID = 393252
Description = Les clichés instantanés du volume C: ont été annulés car le stockage
du cliché instantané n’a pas pu s’agrandir en raison d’une limite utilisateur.

Error - 14/04/2010 06:26:44 | Computer Name = PC_Ludo | Source = cdrom | ID = 262151
Description = Le périphérique \Device\CdRom1 comporte un bloc défectueux.

Error - 14/04/2010 07:11:30 | Computer Name = PC_Ludo | Source = Microsoft-Windows-Firewall | ID = 6400
Description =

Error - 15/04/2010 07:04:50 | Computer Name = PC_Ludo | Source = cdrom | ID = 262151
Description = Le périphérique \Device\CdRom1 comporte un bloc défectueux.

Error - 15/04/2010 14:23:00 | Computer Name = PC_Ludo | Source = cdrom | ID = 262151
Description = Le périphérique \Device\CdRom1 comporte un bloc défectueux.


< End of report >
SkyTech

Re: Problème d'installation de Trend Micro Titanium

par SkyTech »

Re,

Je pense que cette fois j'ai le coupable :
DRV:64bit: - (eamonm) -- C:\Windows\SysNative\DRIVERS\eamonm.sys File not found
Je me suis rendu compte qu'il apparaissait déjà dans d'autres logs :/

Désinstalle MarketResearch

---

Relance OTL.
o sous Personnalisation, copie_colle le contenu du cadre ci dessous et clic Correction, un rapport apparaitra suite à l'opération que tu conserveras sur clé usb par exemple afin d'en coller le résultat:
:otl
DRV:64bit: - (NPPTNT2) -- C:\Windows\SysNative\npptNT2.sys File not found
DRV:64bit: - (eamonm) -- C:\Windows\SysNative\DRIVERS\eamonm.sys File not found
[2010/08/24 02:09:57 | 000,512,000 | ---- | C] (ESET) -- C:\Users\Ludo\Desktop\ESETUninstaller.exe
[2010/08/24 14:37:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2010/08/24 14:37:37 | 000,000,000 | ---D | C] -- C:\rsit
[2010/08/24 13:47:28 | 000,000,000 | ---D | C] -- C:\Users\Ludo\Desktop\ZHPDiag
[2010/08/27 19:56:42 | 000,525,824 | ---- | C] () -- C:\Users\Ludo\Desktop\dds.scr
[2010/08/24 14:37:25 | 000,339,991 | ---- | C] () -- C:\Users\Ludo\Desktop\RSIT.exe
[2010/08/24 13:54:10 | 000,061,534 | ---- | C] () -- C:\Users\Ludo\Desktop\Rapports Syslook-ZHP.rar
[2010/08/24 13:47:18 | 000,395,630 | ---- | C] () -- C:\Users\Ludo\Desktop\ZHPDiag.zip
[2010/08/24 04:14:13 | 000,100,908 | ---- | C] () -- C:\Users\Ludo\Desktop\SystemLook.exe

:files
C:\WINDOWS\inf\INFCACHE.1
* redemarre le pc sous windows et poste le rapport ici
Kashart

Re: Problème d'installation de Trend Micro Titanium

par Kashart »

Je n'ai pas de programme qui se nomme MarketResearch...
  • Sujets similaires
    Réponses
    Vues
    Dernier message

Revenir à « Discussions/Aides Antivirus »