j'ai Antivir (à jour) et Zone alarm sur mon PC.
Depuis plusieurs jours zone alarm n'arrête pas de me demander de télécharger une mise à jour suite à un virus... je le fais mais à chaque redémarrage ça réapparrait...
Dans le doute j'ai voulu faire un scna mbam mais là impossible de faire les mises à jour, j'en déduis qu'il y a un problème et donc un virus ou une saleté dans le pâté LOL ...
voici mon scan hijackthis.
- Code: Tout sélectionner
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:17:28, on 14/11/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18975)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\System Control Manager\MGSysCtrl.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\SHARP\Sharpdesk\SharpTray.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\PDFCreator\PDFCreator.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\SHARP\Button Manager T\btnman.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10i_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\BET\Desktop\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msi.com.tw
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: OLE (Part 1 of 5) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: DIALux 3.1 ULDBrowserHelper Class - {69AB812A-8CE4-4BF3-B49B-3B60A9F31FB2} - C:\Program Files\DIALux\DLXShellExtension.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [IndexTray] "C:\Program Files\Sharp\Sharpdesk\IndexTray.exe" /n
O4 - HKLM\..\Run: [SharpTray] "C:\Program Files\Sharp\Sharpdesk\SharpTray.exe"
O4 - HKLM\..\Run: [TypeRegChecker] "C:\Program Files\Sharp\Sharpdesk\TypeRegChecker.exe"
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: PDFCreator.lnk = C:\Program Files\PDFCreator\PDFCreator.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: PDFCreator.lnk = C:\Program Files\PDFCreator\PDFCreator.exe
O4 - Global Startup: Sharp Button Manager T.lnk = C:\Program Files\SHARP\Button Manager T\btnman.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Micro Star SCM - Unknown owner - C:\Program Files\System Control Manager\MSIService.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
--
End of file - 9226 bytes
EDIT :
et le rapport extras d'OTL
- Code: Tout sélectionner
OTL Extras logfile created on: 14/11/2010 13:44:03 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\BET\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free
7,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 231,69 Gb Total Space | 180,14 Gb Free Space | 77,75% Space Free | Partition Type: NTFS
Drive D: | 58,59 Gb Total Space | 35,95 Gb Free Space | 61,36% Space Free | Partition Type: NTFS
Computer Name: PC-DE-MUMU | User Name: BET | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Extra Registry (All) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.scr [@ = AutoCADScriptFile] -- C:\Windows\System32\notepad.exe (Microsoft Corporation)
[color=#E56717]========== Shell Spawning ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[color=#E56717]========== Security Center Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 1
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[color=#E56717]========== Firewall Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[color=#E56717]========== Authorized Applications List ==========[/color]
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{13FED2BC-4B7D-4415-80FC-8FBF6E06AB39}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{1CF98DC8-727D-419B-A3F4-DC1ED52AEFAB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{28D6759E-BD63-43CD-A6E5-7B9D2DE37691}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{2C51C697-B715-48EF-8157-71F2DC77670A}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{4D73ECAF-099E-438C-8096-6306B4DC711A}" = rport=138 | protocol=17 | dir=out | app=system |
"{54A25313-93B3-4692-AD3B-A7C3FB7EDD89}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{5816A67F-F749-4162-8440-572FCEADDC53}" = rport=445 | protocol=6 | dir=out | app=system |
"{5B03E272-8AFF-48A6-B542-E88606189DDD}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{6521D349-72DB-4FF0-A8CE-999D281FCBC3}" = lport=139 | protocol=6 | dir=in | app=system |
"{6A25508A-5390-45F3-90E3-9D8736622F8E}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{6CC6572F-155A-4587-B3C2-F8C3F0AD1866}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{6E6C684C-E8A2-4697-B82D-75D59B7E88F2}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{7EC458C0-5E1C-427C-BFCB-DFCE9A944FED}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{7ED0FC27-D2E3-4A50-981C-FDF19684FD3D}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{82CC308F-DAC8-4E51-9C7B-0693F350E160}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{94D29A13-F08B-4ABF-AB56-8D4B037E79A3}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{9726D8DC-D101-4C4E-BAFA-9D7E4245E26A}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{9B5F4314-FFDA-4599-84F9-81C7B09BFF34}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{A287FA5B-668C-4895-9AA0-9F51FA12CE00}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{A5AA9462-AB11-4E9E-A5D3-88F8555F139E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A68C5CE4-D3FD-4ED5-B788-0D9AD47572AC}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{AB6B2DDF-0047-4950-8013-BB3DCB24D2F3}" = rport=139 | protocol=6 | dir=out | app=system |
"{B4B4F1F2-933D-4BC8-BC7A-B576155D8152}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B9F62820-0B75-4728-8148-6778100D2790}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{BAAE174B-AB98-4B79-84FE-F156D56CFA2C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{C0E664FD-D9C8-40A8-826F-A771050E6E4F}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{C78E51ED-407D-41FE-9388-4B9CC55AD352}" = rport=137 | protocol=17 | dir=out | app=system |
"{C902F10E-922E-4FD0-9166-FABBA6B4B6EB}" = lport=445 | protocol=6 | dir=in | app=system |
"{CE476E64-6153-4E21-9759-E9EAC696F273}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{D3CBC2A9-0A7D-49AF-9188-3F8BFDDC52C2}" = lport=138 | protocol=17 | dir=in | app=system |
"{D4181D61-FF87-4E9F-9D64-DF0E6C31BCEF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D9B7032A-AF3F-4777-A03D-F7F9CD01D7BB}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E1431250-7332-4B55-9223-FA192CE101C2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E7A74CE1-AFE7-4937-A148-1C20A90CE8DF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F0245FB1-37DB-46D5-9EFB-246D53C26B4A}" = lport=137 | protocol=17 | dir=in | app=system |
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{006D14C3-0079-4531-97B7-54D2881071ED}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{05C85FE9-5B69-44F2-9969-B23A245FB10F}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe |
"{0A50B181-95EC-49F0-8C2C-CCE458592A6D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1D067CED-F686-489E-AEEF-D9D2C5E2D72D}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{21E97BC5-C777-4C24-A3D5-57071E55367C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{23E08FBB-E5A9-47FF-B854-7E88C60163A9}" = protocol=17 | dir=in | app=c:\users\bet\appdata\local\temp\wzse0.tmp\symnrt.exe |
"{25203E9C-2411-416B-8182-C3FBAADDBF4F}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{295E7FEE-16E9-419C-8F12-9B15EB31A147}" = protocol=6 | dir=in | app=c:\users\bet\appdata\local\temp\wzse0.tmp\symnrt.exe |
"{2BFF4F80-54CE-48F8-A9A5-9A6531B8CF62}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{2F2DA125-226F-40B4-BBE8-726A9CD30E85}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{31EC1D98-0B39-4672-9ACB-B8278E20BDE1}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{3A978D1F-759F-4991-BF4F-78AA01F08818}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{3F2E6D6B-716C-47AA-8BF4-1D63B4B37B52}" = protocol=17 | dir=in | app=c:\program files\is cool\toolbarupdate.exe |
"{51CE12B8-401A-4367-BCCF-931011FD3445}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{54662E3B-7CF0-4F02-99FA-F954AF478060}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5B22979B-34D0-45CF-A133-DC8079BE020D}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5C39FD58-D868-420B-85EB-1063C5CB08BA}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5F54310A-EA75-42E9-A2F8-2E1553828313}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{5FB0FF04-ED19-4131-87F7-A2448A5A5125}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{60DA18A1-B8F4-4903-8ED2-6B51082D0D1B}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{672BEFBF-5EE3-4E7B-BD6D-587B3498E319}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{71ED7C26-3A4D-4EFE-AFC4-04BACFD26FEE}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{728BA478-D9EE-469D-B8BC-F28A5C4BCD16}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{72E6A573-5C61-4313-854C-7223F97605B5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{7417F4D9-1C1A-4C93-B309-AE800361B63E}" = protocol=6 | dir=in | app=c:\program files\is cool\toolbarupdate.exe |
"{785333E6-011D-4B97-BB77-289EB6B5D9A4}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{7B541C41-E3AF-4F67-A09B-D523AC4EF3DF}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{81390063-0D44-425C-84B6-C9490ACFCACE}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{8309893F-0892-4EC5-BA3B-609E7BD24174}" = protocol=17 | dir=in | app=c:\program files\is cool\troubleshooter.exe |
"{8BCF424C-FB87-461E-B7C2-89C403109636}" = protocol=6 | dir=in | app=c:\program files\is cool\troubleshooter.exe |
"{8DBD77D0-83C1-443F-801A-1FED80CA51F3}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{910E20D0-F693-467B-8456-AB506E11C52B}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{934FD76E-88EF-47CB-8763-9C776748CD32}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{95184122-0F95-440C-93F6-C9D38D940F8E}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{969AC935-E8F2-4B27-BD6D-2E099F338A18}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{989BD9D2-72E5-4F97-838D-11CDDB16F206}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{9BB249B7-7351-4015-BD44-DC93FF2099C8}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{A81B2285-FAC9-41D9-9588-27B8EB7E737E}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{AA1AC924-65F0-4E24-9522-3246C0741925}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{AE5ADF7C-883F-46A8-B371-F033B71383B0}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B33C846A-200E-4BEB-A2A6-EFB45F538AF4}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{B408AA8F-B941-4EF9-B2A5-37CC05E3AA81}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B5D7089F-994F-45C4-85C5-19552B407855}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe |
"{B74A5255-E7FB-4EE4-A01D-D0E80B1243DB}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{C0017D77-F9D2-4DD7-A34F-7E16BA1E2D08}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C68A952B-01D3-4BBB-9CD4-9B154E38E9E8}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C9213BD4-D75D-4ED1-A011-9616CCBCE873}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{CE5E0312-CD0E-43E8-8459-F2F950368608}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{D05DCC2C-8020-4C82-ABF4-711F7026BB86}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{D8000B00-8948-4A1A-8383-68E69A2C0C1D}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{D8B92134-280D-49CA-9A23-4D942496AC3E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{DFD16AAA-B652-46D1-99D4-8ABB540C5FBA}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E4692498-9CC1-46FF-A85E-8A58A26DB0B5}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{EA943D58-6375-4F6D-AF6E-ADC5D15473A9}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F249253E-ABF3-4F11-B78A-911F454B7643}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{F3A54B4A-E2FC-4F06-B16D-C447C85CD1CD}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F3C7FB2E-4050-49E8-B355-E452551A41FF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{F42A5900-E98B-4E8D-95D1-3D9B04D81643}" = protocol=17 | dir=in | app=d:\nouveau dossier\game.dat |
"{F5058AEC-AE73-4CCC-9B02-D793AA0FC2F5}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{F5625E80-5773-4C86-9013-3DC2390234D1}" = protocol=6 | dir=in | app=d:\nouveau dossier\game.dat |
"{F8180F2E-67A2-4FDD-AA95-C30CAC5AE857}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F936FD1F-A22A-4E3D-8700-E892999C2D9B}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{FCF8C768-3D6A-4CA0-8981-A39A6A830811}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FF38CB03-F36B-47A9-A214-A6BF133F9253}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"TCP Query User{8703B0EC-A1CC-4D08-A0BD-694576983A22}C:\program files\filezilla ftp client\filezilla.exe" = protocol=6 | dir=in | app=c:\program files\filezilla ftp client\filezilla.exe |
"UDP Query User{7A1EB293-2759-4B91-99E4-D15BC75DBA1F}C:\program files\filezilla ftp client\filezilla.exe" = protocol=17 | dir=in | app=c:\program files\filezilla ftp client\filezilla.exe |
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{042A7DDC-7FF2-E27B-47BE-D25C7E0E1DEF}" = Catalyst Control Center Localization Dutch
"{045D0687-3515-C8CE-208D-3FF286B5E0D8}" = CCC Help Italian
"{05BB2EC5-6BEF-4DDC-9E75-BEE7B161157A}" = Macromedia Dreamweaver MX 2004
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{07690F1C-04B1-4060-9691-6748ED1826B9}" = MSI Software Install
"{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack
"{0AEF384B-610F-4309-8DA3-91834FE4E80E}" = Sharpdesk
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0BAD92F9-D979-4CAE-27F2-FE06D4D32CFC}" = CCC Help Chinese Standard
"{0E3BCDB6-6953-11D5-AB5D-525405E326F4}" = Super Point de Croix
"{143B75E1-6769-AB68-59B4-399FE8F98522}" = ATI Catalyst Install Manager
"{166C2CF2-5ED1-4FCB-856B-4417797E09F8}_is1" = Pleiades+Comfie 2.9.0.0
"{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{26FE03C2-A19B-0E16-4AC2-88DC78CA0831}" = Catalyst Control Center Localization German
"{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}" = BurnRecovery
"{294E1C2D-92F8-7394-1EEB-108EAE60AC4E}" = Catalyst Control Center Localization Chinese Traditional
"{2BC2781A-F7F6-452E-95EB-018A522F1B2C}" = PaperPort Image Printer
"{2E76B00E-6B0B-E8E5-A777-1513DE1E875B}" = CCC Help French
"{2F30E758-5788-B6BF-D1B9-39092BFC81C9}" = Catalyst Control Center Graphics Light
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.011.00
"{32BD7A1D-B563-2AFD-7668-8C38AAC18550}" = Catalyst Control Center Core Implementation
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{399938DA-CD71-A391-4915-2F31CD64D3A7}" = Catalyst Control Center Graphics Previews Vista
"{3A08B59E-A9F0-4F4D-B7E5-6875D7F13327}" = Brother MFL-Pro Suite DCP-585CW
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{3F4BDCE6-CE56-4224-88DA-218E79BC3439}" = Catalyst Control Center Localization French
"{4140F376-1975-E897-1B1E-D380B64FF612}" = Catalyst Control Center Localization Spanish
"{4874AE8E-C8E6-0452-52F5-4BE0B2F38598}" = Catalyst Control Center Graphics Full Existing
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{522B13D0-8F2E-9896-3730-E08393D428C8}" = Catalyst Control Center Localization Swedish
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{5545EEE3-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.5)
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5783F2D7-7001-040C-0002-0060B0CE6BBA}" = AutoCAD 2009 - Français
"{58C1EF85-EB74-0716-41E9-DE106B4F3A13}" = CCC Help Japanese
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5E3BD83D-7670-F137-9FD4-14B7DA509DFF}" = Catalyst Control Center Localization Italian
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{629AA535-AC3D-5E51-5DA3-647532E1F7D6}" = Skins
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79F94609-B54C-54EF-346E-B20327B82702}" = CCC Help German
"{7A8FF745-BBC5-482B-88E4-18D3178249A9}" = ScanSoft PaperPort 11
"{7BB3D57E-6FA1-47A1-8068-A405F81CE4E4}" = PCStitch Pattern Viewer
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista
"{88384295-2DCD-5AA9-7B3C-00B055ABBA8E}" = Catalyst Control Center Localization Korean
"{8856A69E-5841-4AC3-B102-AF2DF06909B9}" = ARCHIMEDES
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D3562E7-C795-4B5D-A091-6DAA3FF0DF3B}" = Macromedia HomeSite+
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_OUTLOOKR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}_OUTLOOKR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}_OUTLOOKR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_OUTLOOKR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_OUTLOOKR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}_OUTLOOKR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_OUTLOOKR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-040C-0000-0000000FF1CE}_OUTLOOKR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Gestionnaire pour appareils Windows Mobile
"{91120000-001A-0000-0000-0000000FF1CE}" = Microsoft Office Outlook 2007
"{91120000-001A-0000-0000-0000000FF1CE}_OUTLOOKR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-001A-0000-0000-0000000FF1CE}_OUTLOOKR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-004E-040C-0000-0000000FF1CE}" = Microsoft Outlook Social Connector 32 bits
"{95140000-007A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
"{A278F690-DEEF-F610-18FF-E20288077DB2}" = CCC Help Spanish
"{A3BE3F1E-2472-4211-8735-E8239BE49D9F}" = Ulead Burn.Now 4.5
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5BA14E0-7384-11D4-BAE7-00409631A2C8}" = Macromedia Extension Manager
"{A6509607-D704-E292-EA67-1003BDF843A5}" = ccc-utility
"{A6EE9884-E329-26E0-98BF-ED88032932DD}" = Catalyst Control Center Localization Japanese
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B8EE8264-238C-430A-9D5F-DB9139B09364}" = Thorn - Product Explorer
"{BF4BC371-1BCC-5474-02BE-BFAC10A829A5}" = CCC Help Chinese Traditional
"{C1E693A4-B1D5-4DCD-B68D-2087835B7184}" = ScanSoft OmniPage SE 4.0
"{C45DE671-3D15-6129-6773-D1B33D3D33B1}" = ccc-core-static
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D47194EF-0EEC-F8F5-3990-6A9A22664730}" = Catalyst Control Center Localization Portuguese
"{DC116110-084B-5DD8-4C43-01964A4F2076}" = CCC Help Portuguese
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E15FB5C6-AB04-46B7-42CC-F386213B21F8}" = CCC Help Korean
"{E267D8B9-2FFE-C187-7046-A1899232C680}" = Catalyst Control Center Localization Chinese Standard
"{E2713EE0-CD84-3432-4452-45ACE528864E}" = Catalyst Control Center InstallProxy
"{E7044E25-3038-4A76-9064-344AC038043E}" = Windows Mobile Device Center Driver Update
"{E821980A-233F-BE7F-573A-D089F274A187}" = Catalyst Control Center Graphics Full New
"{E8F2A7B1-768B-91AA-D311-A3F56B2AF2F8}" = CCC Help English
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}" = System Control Manager
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F485E43D-18B1-4B40-AF4B-EDA78E91DA80}" = Dolby Control Center
"{F64CBCB2-68C1-7E8B-F4F6-B8E79A24E164}" = CCC Help Dutch
"{F7324DC1-1705-4CD5-9102-0445D95F5FC9}" = Application Suite
"{FE4FD10F-61F7-79C5-053F-87726372FE60}" = CCC Help Swedish
"798FBF0C42497F7CA1D87E971D411C44027C35C0" = Windows Driver Package - Sonix (SNP2UVC) Image (06/11/2008 5.8.45000.1)
"7-Zip" = 7-Zip 4.64
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"AntiVir PersonalEdition Classic" = Avira AntiVir Personal - Free Antivirus
"AutoCAD 2009 - Français" = AutoCAD 2009 - Français
"CCleaner" = CCleaner
"Conceptor Désenfumage_is1" = Conceptor Désenfumage
"DIALux" = DIALux 4.7
"Enregistrement utilisateur de Canon MP180" = Enregistrement utilisateur de Canon MP180
"FileZilla Client" = FileZilla Client 3.3.4.1
"Foxit Reader" = Foxit Reader
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{0AEF384B-610F-4309-8DA3-91834FE4E80E}" = Sharpdesk
"InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}" = Ulead Burn.Now 4.5 SE
"IrfanView" = IrfanView (remove only)
"Legrand-CCTP" = Legrand-CCTP
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"OUTLOOKR" = Microsoft Office Outlook 2007 Trial
"POV-Ray for Windows v3.6" = POV-Ray for Windows v3.6.0
"Selector DFE+_is1" = Selector DFE+
"SHARP AR-208 Series MFP Driver" = SHARP AR-208/M200 Series MFP Driver
"Sharp Button Manager T" = Sharp Button Manager T
"SimSol" = SimSol
"SMSERIAL" = Motorola SM56 Data Fax Modem
"Solo2000" = Solo2000
"SWFSlide" = SWFSlide
"TopStyle Lite (Version 3.0)" = TopStyle Lite (Version 3.0)
"Transol" = Transol
"TVAfaDrv" = MSI DVB-T USB BDA Driver
"TVNXPDrv" = MSI TV Tuner Card BDA Driver
"Update Service" = Update Service
"VLC media player" = VLC media player 0.9.8a
"Windows Mobile Device Handbook" = Manuel de l'appareil Windows Mobile®
"WinLiveSuite" = Windows Live
"WinRAR archiver" = WinRAR archiver
"ZoneAlarm" = ZoneAlarm
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
[ Application Events ]
Error - 06/01/2010 13:02:35 | Computer Name = PC-de-mumu | Source = Windows Search Service | ID = 3013
Description =
Error - 06/01/2010 13:02:35 | Computer Name = PC-de-mumu | Source = Windows Search Service | ID = 3013
Description =
Error - 06/01/2010 13:02:35 | Computer Name = PC-de-mumu | Source = Windows Search Service | ID = 3013
Description =
Error - 06/01/2010 13:02:35 | Computer Name = PC-de-mumu | Source = Windows Search Service | ID = 3013
Description =
Error - 06/01/2010 13:02:35 | Computer Name = PC-de-mumu | Source = Windows Search Service | ID = 3013
Description =
Error - 06/01/2010 13:08:07 | Computer Name = PC-de-mumu | Source = Application Error | ID = 1000
Description = Application défaillante FOXITR~1.EXE, version 3.0.2008.1222, horodatage
0x4951cdf2, module défaillant unknown, version 0.0.0.0, horodatage 0x00000000,
code d’exception 0xc0000005, décalage d’erreur 0x223ccfec, ID du processus 0x11d8,
heure de début de l’application 0x01ca8ef2522b9775.
Error - 06/01/2010 18:44:04 | Computer Name = PC-de-mumu | Source = Windows Search Service | ID = 3013
Description =
Error - 06/01/2010 18:44:05 | Computer Name = PC-de-mumu | Source = Windows Search Service | ID = 3013
Description =
Error - 06/01/2010 18:44:19 | Computer Name = PC-de-mumu | Source = WinMgmt | ID = 10
Description =
Error - 07/01/2010 02:26:16 | Computer Name = PC-de-mumu | Source = WinMgmt | ID = 10
Description =
[ OSession Events ]
Error - 12/10/2010 13:05:08 | Computer Name = PC-de-mumu | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 201
seconds with 0 seconds of active time. This session ended with a crash.
Error - 18/10/2010 02:09:44 | Computer Name = PC-de-mumu | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 263
seconds with 120 seconds of active time. This session ended with a crash.
Error - 27/10/2010 01:34:59 | Computer Name = PC-de-mumu | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 870
seconds with 60 seconds of active time. This session ended with a crash.
Error - 01/11/2010 13:48:26 | Computer Name = PC-de-mumu | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 704
seconds with 60 seconds of active time. This session ended with a crash.
Error - 03/11/2010 02:22:54 | Computer Name = PC-de-mumu | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 636
seconds with 60 seconds of active time. This session ended with a crash.
Error - 04/11/2010 02:23:40 | Computer Name = PC-de-mumu | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 282
seconds with 240 seconds of active time. This session ended with a crash.
Error - 05/11/2010 02:16:33 | Computer Name = PC-de-mumu | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 229
seconds with 60 seconds of active time. This session ended with a crash.
Error - 10/11/2010 03:49:07 | Computer Name = PC-de-mumu | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 500
seconds with 300 seconds of active time. This session ended with a crash.
Error - 10/11/2010 03:57:01 | Computer Name = PC-de-mumu | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 460
seconds with 300 seconds of active time. This session ended with a crash.
Error - 14/11/2010 08:23:27 | Computer Name = PC-de-mumu | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 308
seconds with 180 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 12/11/2010 15:56:52 | Computer Name = PC-de-mumu | Source = ACPI | ID = 327693
Description = : le contrôleur embarqué n’a pas répondu dans le délai imparti. Cette
erreur peut indiquer que le matériel ou le microprogramme du contrôleur embarqué
présente une erreur ou que le BIOS accède au contrôleur embarqué de manière incorrecte.
Contactez le fabricant de votre ordinateur afin de savoir si un BIOS mis à niveau
est disponible. Dans certains cas, cette erreur peut provoquer un fonctionnement
incorrect de l’application.
Error - 12/11/2010 18:53:12 | Computer Name = PC-de-mumu | Source = ACPI | ID = 327693
Description = : le contrôleur embarqué n’a pas répondu dans le délai imparti. Cette
erreur peut indiquer que le matériel ou le microprogramme du contrôleur embarqué
présente une erreur ou que le BIOS accède au contrôleur embarqué de manière incorrecte.
Contactez le fabricant de votre ordinateur afin de savoir si un BIOS mis à niveau
est disponible. Dans certains cas, cette erreur peut provoquer un fonctionnement
incorrect de l’application.
Error - 13/11/2010 04:53:06 | Computer Name = PC-de-mumu | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 13/11/2010 05:07:47 | Computer Name = PC-de-mumu | Source = ACPI | ID = 327693
Description = : le contrôleur embarqué n’a pas répondu dans le délai imparti. Cette
erreur peut indiquer que le matériel ou le microprogramme du contrôleur embarqué
présente une erreur ou que le BIOS accède au contrôleur embarqué de manière incorrecte.
Contactez le fabricant de votre ordinateur afin de savoir si un BIOS mis à niveau
est disponible. Dans certains cas, cette erreur peut provoquer un fonctionnement
incorrect de l’application.
Error - 14/11/2010 08:07:40 | Computer Name = PC-de-mumu | Source = DCOM | ID = 10016
Description =
Error - 14/11/2010 08:09:25 | Computer Name = PC-de-mumu | Source = bowser | ID = 8003
Description =
Error - 14/11/2010 08:19:53 | Computer Name = PC-de-mumu | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 14/11/2010 08:33:22 | Computer Name = PC-de-mumu | Source = BROWSER | ID = 8032
Description =
Error - 14/11/2010 08:34:19 | Computer Name = PC-de-mumu | Source = DCOM | ID = 10010
Description =
Error - 14/11/2010 08:36:46 | Computer Name = PC-de-mumu | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
< End of report >
EDIT Skynet : messages fusionnés.
