abraracourcix63

OTS logfile created on: 19/06/2010 13:22:37 - Run 1 OTS by OldTimer - Version 3.1.31.2 Folder = C:\Users\patrick\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 6,00 Gb Total Physical Memory | 5,00 Gb Available Physical Memory | 76,00% Memory free 12,00 Gb Paging File | 10,00 Gb Available in Paging File | 87,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 458,45 Gb Total Space | 392,85 Gb Free Space | 85,69% Space Free | Partition Type: NTFS Drive D: | 458,96 Gb Total Space | 179,03 Gb Free Space | 39,01% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ABRARACOURCIX Current User Name: patrick Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 60 Days [Processes - Safe List] ots.exe -> C:\Users\patrick\Desktop\OTS.exe -> [2010/06/19 13:18:43 | 000,640,000 | ---- | M] (OldTimer Tools) avguard.exe -> C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -> [2010/06/18 19:52:00 | 000,185,089 | ---- | M] (Avira GmbH) sched.exe -> C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -> [2010/06/18 19:52:00 | 000,108,289 | ---- | M] (Avira GmbH) aawtray.exe -> C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe -> [2010/06/16 13:07:32 | 000,864,112 | ---- | M] (Lavasoft) aawservice.exe -> C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -> [2010/06/16 13:07:26 | 001,352,832 | ---- | M] (Lavasoft) pnkbstra.exe -> C:\Windows\SysWOW64\PnkBstrA.exe -> [2010/06/02 10:42:07 | 000,066,872 | ---- | M] () psi.exe -> C:\Program Files (x86)\Secunia\PSI\psi.exe -> [2010/05/28 13:04:52 | 000,911,920 | ---- | M] (Secunia) applemobiledeviceservice.exe -> C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -> [2010/04/16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) a2service.exe -> C:\Program Files (x86)\a-squared Free\a2service.exe -> [2010/04/15 08:25:20 | 001,872,320 | ---- | M] (Emsi Software GmbH) afcdpsrv.exe -> C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -> [2010/03/12 13:43:13 | 002,326,920 | ---- | M] (Acronis) schedhlp.exe -> C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe -> [2009/09/12 18:38:50 | 000,358,024 | ---- | M] (Acronis) trueimagemonitor.exe -> C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe -> [2009/09/12 18:38:16 | 005,081,912 | ---- | M] (Acronis) mwldaemon.exe -> C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe -> [2009/09/10 15:42:30 | 000,349,480 | ---- | M] (Egis Technology Inc.) greghsrw.exe -> C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -> [2009/08/28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) hotkeyutility.exe -> C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe -> [2009/08/18 09:27:26 | 000,629,280 | ---- | M] () ischedulesvc.exe -> C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -> [2009/08/13 00:04:44 | 000,062,208 | ---- | M] (NewTech Infosystems, Inc.) backupmanagertray.exe -> C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe -> [2009/08/12 23:58:28 | 000,261,888 | ---- | M] (NewTech Infosystems, Inc.) egisupdate.exe -> C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe -> [2009/08/04 07:09:34 | 000,199,464 | ---- | M] (Egis Technology Inc.) updaterservice.exe -> C:\Program Files\Acer\Acer Updater\UpdaterService.exe -> [2009/07/04 03:47:12 | 000,240,160 | ---- | M] (Acer) iaanotif.exe -> C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe -> [2009/06/05 04:03:32 | 000,186,904 | ---- | M] (Intel Corporation) iaantmon.exe -> C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -> [2009/06/05 04:03:06 | 000,354,840 | ---- | M] (Intel Corporation) avgnt.exe -> C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe -> [2009/03/02 13:08:11 | 000,209,153 | ---- | M] (Avira GmbH) sdwinsec.exe -> C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -> [2009/01/26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Modules - Safe List] ots.exe -> C:\Users\patrick\Desktop\OTS.exe -> [2010/06/19 13:18:43 | 000,640,000 | ---- | M] (OldTimer Tools) comdlg32.dll -> C:\Windows\SysWOW64\comdlg32.dll -> [2009/07/14 03:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) msscript.ocx -> C:\Windows\SysWOW64\msscript.ocx -> [2009/07/14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) comctl32.dll -> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll -> [2009/07/14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) [Win32 Services - Safe List] 64bit-(WatAdminSvc) [unknown | Stopped] -> C:\Windows\SysNative\Wat\WatAdminSvc.exe -> [2010/06/08 21:10:24 | 001,255,736 | ---- | M] (Microsoft Corporation) 64bit-(UxTuneUp) [Auto | Running] -> C:\Windows\SysNative\uxtuneup.dll -> [2010/05/07 18:01:52 | 000,036,168 | ---- | M] (TuneUp Software) 64bit-(SASCORE) [Auto | Running] -> C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -> [2010/04/28 17:23:07 | 000,120,832 | ---- | M] (SUPERAntiSpyware.com) 64bit-(WwanSvc) [On_Demand | Stopped] -> C:\Windows\SysNative\wwansvc.dll -> [2009/07/14 03:41:59 | 000,229,888 | ---- | M] (Microsoft Corporation) 64bit-(WbioSrvc) [On_Demand | Stopped] -> C:\Windows\SysNative\wbiosrvc.dll -> [2009/07/14 03:41:56 | 000,202,240 | ---- | M] (Microsoft Corporation) 64bit-(Power) [Auto | Running] -> C:\Windows\SysNative\umpo.dll -> [2009/07/14 03:41:56 | 000,163,840 | ---- | M] (Microsoft Corporation) 64bit-(Themes) [Auto | Running] -> C:\Windows\SysNative\themeservice.dll -> [2009/07/14 03:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) 64bit-(sppuinotify) [On_Demand | Stopped] -> C:\Windows\SysNative\sppuinotify.dll -> [2009/07/14 03:41:54 | 000,065,536 | ---- | M] (Microsoft Corporation) 64bit-(SensrSvc) [On_Demand | Stopped] -> C:\Windows\SysNative\sensrsvc.dll -> [2009/07/14 03:41:54 | 000,029,184 | ---- | M] (Microsoft Corporation) 64bit-(PNRPsvc) [On_Demand | Running] -> C:\Windows\SysNative\pnrpsvc.dll -> [2009/07/14 03:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) 64bit-(p2pimsvc) [On_Demand | Running] -> C:\Windows\SysNative\pnrpsvc.dll -> [2009/07/14 03:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) 64bit-(HomeGroupProvider) [On_Demand | Running] -> C:\Windows\SysNative\provsvc.dll -> [2009/07/14 03:41:53 | 000,187,904 | ---- | M] (Microsoft Corporation) 64bit-(RpcEptMapper) [unknown | Running] -> C:\Windows\SysNative\RpcEpMap.dll -> [2009/07/14 03:41:53 | 000,067,072 | ---- | M] (Microsoft Corporation) 64bit-(PNRPAutoReg) [On_Demand | Stopped] -> C:\Windows\SysNative\pnrpauto.dll -> [2009/07/14 03:41:53 | 000,025,088 | ---- | M] (Microsoft Corporation) 64bit-(WinDefend) [Auto | Running] -> C:\Program Files\Windows Defender\mpsvc.dll -> [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) 64bit-(HomeGroupListener) [On_Demand | Running] -> C:\Windows\SysNative\ListSvc.dll -> [2009/07/14 03:41:18 | 000,231,936 | ---- | M] (Microsoft Corporation) 64bit-(FontCache) [On_Demand | Stopped] -> C:\Windows\SysNative\FntCache.dll -> [2009/07/14 03:40:54 | 001,127,936 | ---- | M] (Microsoft Corporation) 64bit-(Dhcp) [Auto | Running] -> C:\Windows\SysNative\dhcpcore.dll -> [2009/07/14 03:40:28 | 000,314,368 | ---- | M] (Microsoft Corporation) 64bit-(defragsvc) [On_Demand | Stopped] -> C:\Windows\SysNative\defragsvc.dll -> [2009/07/14 03:40:28 | 000,291,328 | ---- | M] (Microsoft Corporation) 64bit-(bthserv) [On_Demand | Stopped] -> C:\Windows\SysNative\bthserv.dll -> [2009/07/14 03:40:13 | 000,083,968 | ---- | M] (Microsoft Corporation) 64bit-(BDESVC) [unknown | Stopped] -> C:\Windows\SysNative\bdesvc.dll -> [2009/07/14 03:40:10 | 000,100,864 | ---- | M] (Microsoft Corporation) 64bit-(AxInstSV) [On_Demand | Stopped] -> C:\Windows\SysNative\AxInstSv.dll -> [2009/07/14 03:40:05 | 000,114,688 | ---- | M] (Microsoft Corporation) 64bit-(AppIDSvc) [On_Demand | Stopped] -> C:\Windows\SysNative\appidsvc.dll -> [2009/07/14 03:40:01 | 000,032,256 | ---- | M] (Microsoft Corporation) 64bit-(wbengine) [On_Demand | Stopped] -> C:\Windows\SysNative\wbengine.exe -> [2009/07/14 03:39:51 | 001,503,744 | ---- | M] (Microsoft Corporation) 64bit-(sppsvc) [Auto | Stopped] -> C:\Windows\SysNative\sppsvc.exe -> [2009/07/14 03:39:28 | 003,524,608 | ---- | M] (Microsoft Corporation) 64bit-(Fax) [On_Demand | Stopped] -> C:\Windows\SysNative\FXSSVC.exe -> [2009/07/14 03:39:11 | 000,689,152 | ---- | M] (Microsoft Corporation) 64bit-(Updater Service) [Auto | Running] -> C:\Program Files\Acer\Acer Updater\UpdaterService.exe -> [2009/07/04 03:47:12 | 000,240,160 | ---- | M] (Acer) (AntiVirService) Avira AntiVir Guard [Auto | Running] -> C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -> [2010/06/18 19:52:00 | 000,185,089 | ---- | M] (Avira GmbH) (AntiVirSchedulerService) Avira AntiVir Planificateur [Auto | Running] -> C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -> [2010/06/18 19:52:00 | 000,108,289 | ---- | M] (Avira GmbH) (Lavasoft Ad-Aware Service) Lavasoft Ad-Aware Service [Auto | Running] -> C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -> [2010/06/16 13:07:26 | 001,352,832 | ---- | M] (Lavasoft) (PnkBstrA) PnkBstrA [Auto | Running] -> C:\Windows\SysWOW64\PnkBstrA.exe -> [2010/06/02 10:42:07 | 000,066,872 | ---- | M] () (TuneUp.Defrag) TuneUp Drive Defrag Service [On_Demand | Stopped] -> C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe -> [2010/05/21 21:17:07 | 000,607,048 | ---- | M] (TuneUp Software) (TuneUp.UtilitiesSvc) TuneUp Utilities Service [Auto | Running] -> C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe -> [2010/05/07 18:06:42 | 001,403,208 | ---- | M] (TuneUp Software) (UxTuneUp) TuneUp Extension de thème [Auto | Running] -> C:\Windows\SysWOW64\uxtuneup.dll -> [2010/05/07 18:01:44 | 000,030,024 | ---- | M] (TuneUp Software) (Apple Mobile Device) Apple Mobile Device [Auto | Running] -> C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -> [2010/04/16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) (a2free) a-squared Free Service [Auto | Running] -> C:\Program Files (x86)\a-squared Free\a2service.exe -> [2010/04/15 08:25:20 | 001,872,320 | ---- | M] (Emsi Software GmbH) (afcdpsrv) Acronis Nonstop Backup service [Auto | Running] -> C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -> [2010/03/12 13:43:13 | 002,326,920 | ---- | M] (Acronis) (AcrSch2Svc) Service Scheduler2 Acronis [Auto | Running] -> C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -> [2009/09/12 18:39:04 | 000,892,072 | ---- | M] (Acronis) (MWLService) MyWinLocker Service [On_Demand | Stopped] -> C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -> [2009/09/10 15:42:46 | 000,305,448 | ---- | M] () (Greg_Service) GRegService [Auto | Running] -> C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -> [2009/08/28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) (Nero BackItUp Scheduler 4.0) Nero BackItUp Scheduler 4.0 [On_Demand | Stopped] -> C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -> [2009/08/25 19:38:06 | 000,935,208 | ---- | M] (Nero AG) (NTI IScheduleSvc) NTI IScheduleSvc [Auto | Running] -> C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -> [2009/08/13 00:04:44 | 000,062,208 | ---- | M] (NewTech Infosystems, Inc.) (VSS) Cliché instantané des volumes [On_Demand | Stopped] -> C:\Windows\Vss -> [2009/07/14 05:20:14 | 000,000,000 | ---D | M] (MSDTC) Coordinateur de transactions distribuées [unknown | Stopped] -> C:\Windows\SysWOW64\Msdtc -> [2009/07/14 05:20:14 | 000,000,000 | ---D | M] (HomeGroupProvider) Fournisseur HomeGroup [On_Demand | Running] -> C:\Windows\SysWOW64\provsvc.dll -> [2009/07/14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) (Dhcp) Client DHCP [Auto | Running] -> C:\Windows\SysWOW64\dhcpcore.dll -> [2009/07/14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) (vds) Disque virtuel [On_Demand | Stopped] -> C:\Windows\SysWOW64\wbem\vds.mof -> [2009/07/13 22:30:11 | 000,061,056 | ---- | M] () (clr_optimization_v2.0.50727_64) Microsoft .NET Framework NGEN v2.0.50727_X64 [On_Demand | Stopped] -> C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -> [2009/06/10 22:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation) (IAANTMON) Intel(R) Matrix Storage Event Monitor [Auto | Running] -> C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -> [2009/06/05 04:03:06 | 000,354,840 | ---- | M] (Intel Corporation) (SBSDWSCService) SBSD Security Center Service [Auto | Running] -> C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -> [2009/01/26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) (ServiceLayer) ServiceLayer [On_Demand | Stopped] -> C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -> [2008/04/07 10:17:30 | 000,430,592 | ---- | M] (Nokia.) [Driver Services - Safe List] 64bit-(avgntflt) avgntflt [File_System | Auto | Running] -> C:\Windows\SysNative\drivers\avgntflt.sys -> [2010/06/18 19:52:00 | 000,074,880 | ---- | M] (Avira GmbH) 64bit-(Lbd) Lbd [File_System | Boot | Running] -> C:\Windows\SysNative\drivers\Lbd.sys -> [2010/06/06 10:58:16 | 000,069,152 | ---- | M] (Lavasoft AB) 64bit-(PSI) PSI [File_System | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\psi_mf.sys -> [2010/05/28 13:04:52 | 000,017,456 | ---- | M] (Secunia) 64bit-(afcdp) afcdp [File_System | On_Demand | Running] -> C:\Windows\SysNative\drivers\afcdp.sys -> [2010/03/12 13:43:13 | 000,250,400 | ---- | M] (Acronis) 64bit-(tdrpman251) Acronis Try&Decide and Restore Points filter (build 251) [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\tdrpm251.sys -> [2010/03/12 13:43:11 | 001,455,648 | ---- | M] (Acronis) 64bit-(timounter) Acronis Backup Archive Explorer [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\timntr.sys -> [2010/03/12 13:43:10 | 000,929,312 | ---- | M] (Acronis) 64bit-(snapman) Acronis Snapshots Manager [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\snapman.sys -> [2010/03/12 13:43:06 | 000,254,496 | ---- | M] (Acronis) 64bit-(SASDIFSV) SASDIFSV [Kernel | System | Running] -> C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS -> [2010/02/17 20:23:05 | 000,014,920 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) 64bit-(SASKUTIL) SASKUTIL [Kernel | System | Running] -> C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS -> [2010/02/17 20:23:05 | 000,012,360 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) 64bit-(KSecPkg) KSecPkg [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\ksecpkg.sys -> [2009/12/11 12:29:27 | 000,153,160 | ---- | M] (Microsoft Corporation) 64bit-(fvevol) Pilote de filtre de Chiffrement de lecteur Bitlocker [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\fvevol.sys -> [2009/09/26 08:20:38 | 000,223,448 | ---- | M] (Microsoft Corporation) 64bit-(e1kexpress) Intel(R) PRO/1000 PCI Express Network Connection Driver K [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\e1k62x64.sys -> [2009/09/23 11:11:04 | 000,283,824 | ---- | M] (Intel Corporation) 64bit-(USBAAPL64) Apple Mobile USB Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\usbaapl64.sys -> [2009/08/28 20:42:52 | 000,049,152 | ---- | M] (Apple, Inc.) 64bit-(JRAID) JRAID [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\jraid.sys -> [2009/07/18 07:18:48 | 000,109,480 | ---- | M] (JMicron Technology Corp.) 64bit-(amdsata) amdsata [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsata.sys -> [2009/07/14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) 64bit-(amdxata) amdxata [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\amdxata.sys -> [2009/07/14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) 64bit-(amdsbs) amdsbs [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsbs.sys -> [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) 64bit-(LSI_SAS2) LSI_SAS2 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\lsi_sas2.sys -> [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) 64bit-(hwpolicy) Hardware Policy Driver [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\hwpolicy.sys -> [2009/07/14 03:48:04 | 000,014,416 | ---- | M] (Microsoft Corporation) 64bit-(FsDepends) File System Dependency Minifilter [File_System | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\fsdepends.sys -> [2009/07/14 03:47:49 | 000,055,376 | ---- | M] (Microsoft Corporation) 64bit-(HpSAMD) HpSAMD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\HpSAMD.sys -> [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) 64bit-(WIMMount) WIMMount [File_System | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\wimmount.sys -> [2009/07/14 03:45:56 | 000,022,096 | ---- | M] (Microsoft Corporation) 64bit-(vhdmp) vhdmp [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\vhdmp.sys -> [2009/07/14 03:45:55 | 000,217,680 | ---- | M] (Microsoft Corporation) 64bit-(vdrvroot) Microsoft Virtual Drive Enumerator Driver [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\vdrvroot.sys -> [2009/07/14 03:45:55 | 000,036,432 | ---- | M] (Microsoft Corporation) 64bit-(stexstor) stexstor [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\stexstor.sys -> [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) 64bit-(rdyboost) ReadyBoost [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\rdyboost.sys -> [2009/07/14 03:45:46 | 000,214,096 | ---- | M] (Microsoft Corporation) 64bit-(pcw) Performance Counters for Windows Driver [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\pcw.sys -> [2009/07/14 03:45:45 | 000,050,768 | ---- | M] (Microsoft Corporation) 64bit-(CNG) CNG [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\cng.sys -> [2009/07/14 03:43:14 | 000,460,504 | ---- | M] (Microsoft Corporation) 64bit-(rdpbus) Remote Desktop Device Redirector Bus Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\rdpbus.sys -> [2009/07/14 02:17:46 | 000,024,064 | ---- | M] (Microsoft Corporation) 64bit-(RDPREFMP) Reflector Display Driver used to gain access to graphics data [Kernel | System | Running] -> C:\Windows\SysNative\drivers\RDPREFMP.sys -> [2009/07/14 02:16:35 | 000,008,192 | ---- | M] (Microsoft Corporation) 64bit-(RasAgileVpn) WAN Miniport (IKEv2) [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\agilevpn.sys -> [2009/07/14 02:10:24 | 000,060,416 | ---- | M] (Microsoft Corporation) 64bit-(WfpLwf) WFP Lightweight Filter [Kernel | System | Running] -> C:\Windows\SysNative\drivers\wfplwf.sys -> [2009/07/14 02:09:26 | 000,012,800 | ---- | M] (Microsoft Corporation) 64bit-(NdisCap) NDIS Capture LightWeight Filter [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\ndiscap.sys -> [2009/07/14 02:08:13 | 000,035,328 | ---- | M] (Microsoft Corporation) 64bit-(vwififlt) Virtual WiFi Filter Driver [Kernel | System | Running] -> C:\Windows\SysNative\drivers\vwififlt.sys -> [2009/07/14 02:07:22 | 000,059,904 | ---- | M] (Microsoft Corporation) 64bit-(vwifibus) Pilote de bus WiFi virtuel [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\vwifibus.sys -> [2009/07/14 02:07:21 | 000,024,576 | ---- | M] (Microsoft Corporation) 64bit-(1394ohci) Contrôleur d’hôte compatible OHCI 1394 [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\1394ohci.sys -> [2009/07/14 02:07:13 | 000,227,840 | ---- | M] (Microsoft Corporation) 64bit-(HdAudAddService) Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\HdAudio.sys -> [2009/07/14 02:07:00 | 000,350,208 | ---- | M] (Microsoft Corporation) 64bit-(BTHPORT) Pilote de port Bluetooth [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\bthport.sys -> [2009/07/14 02:06:57 | 000,551,936 | ---- | M] (Microsoft Corporation) 64bit-(BTHUSB) Pilote USB radio Bluetooth [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\BTHUSB.SYS -> [2009/07/14 02:06:52 | 000,079,360 | ---- | M] (Microsoft Corporation) 64bit-(UmPass) Microsoft UMPass Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\umpass.sys -> [2009/07/14 02:06:52 | 000,009,728 | ---- | M] (Microsoft Corporation) 64bit-(mshidkmdf) Pass-through HID to KMDF Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\mshidkmdf.sys -> [2009/07/14 02:06:24 | 000,008,192 | ---- | M] (Microsoft Corporation) 64bit-(WudfPf) User Mode Driver Frameworks Platform Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\WUDFPf.sys -> [2009/07/14 02:05:37 | 000,112,128 | ---- | M] (Microsoft Corporation) 64bit-(MTConfig) Microsoft Input Configuration Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\MTConfig.sys -> [2009/07/14 02:02:08 | 000,015,360 | ---- | M] (Microsoft Corporation) 64bit-(CompositeBus) Composite Bus Enumerator Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\CompositeBus.sys -> [2009/07/14 02:00:34 | 000,038,912 | ---- | M] (Microsoft Corporation) 64bit-(Beep) Beep [Kernel | System | Running] -> C:\Windows\SysNative\drivers\beep.sys -> [2009/07/14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) 64bit-(AppID) Pilote AppID [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\appid.sys -> [2009/07/14 01:52:39 | 000,061,440 | ---- | M] (Microsoft Corporation) 64bit-(scfilter) Pilote de filtre de classe PnP de carte à puce [Kernel | Unknown | Stopped] -> C:\Windows\SysNative\drivers\scfilter.sys -> [2009/07/14 01:50:17 | 000,029,696 | ---- | M] (Microsoft Corporation) 64bit-(discache) System Attribute Cache [Kernel | System | Running] -> C:\Windows\SysNative\drivers\discache.sys -> [2009/07/14 01:37:18 | 000,040,448 | ---- | M] (Microsoft Corporation) 64bit-(HidBatt) HID UPS Battery Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\hidbatt.sys -> [2009/07/14 01:31:06 | 000,026,624 | ---- | M] (Microsoft Corporation) 64bit-(CmBatt) Microsoft ACPI Control Method Battery Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\CmBatt.sys -> [2009/07/14 01:31:03 | 000,017,664 | ---- | M] (Microsoft Corporation) 64bit-(AcpiPmi) ACPI Power Meter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\acpipmi.sys -> [2009/07/14 01:27:17 | 000,012,288 | ---- | M] (Microsoft Corporation) 64bit-(AmdPPM) AMD Processor Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdppm.sys -> [2009/07/14 01:19:25 | 000,060,928 | ---- | M] (Microsoft Corporation) 64bit-(atikmdag) atikmdag [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\atikmdag.sys -> [2009/07/13 23:59:33 | 005,020,672 | ---- | M] (ATI Technologies Inc.) 64bit-(NVHDA) Service for NVIDIA High Definition Audio Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\nvhda64v.sys -> [2009/06/26 09:55:10 | 000,083,488 | ---- | M] (NVIDIA Corporation) 64bit-(netr28x) Ralink 802.11n Extensible Wireless Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\netr28x.sys -> [2009/06/20 00:56:08 | 000,712,704 | ---- | M] (Ralink Technology, Corp.) 64bit-(ebdrv) Broadcom NetXtreme II 10 GigE VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\evbda.sys -> [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) 64bit-(b06bdrv) Broadcom NetXtreme II VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\bxvbda.sys -> [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) 64bit-(b57nd60a) Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\b57nd60a.sys -> [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) 64bit-(hcw85cir) Hauppauge Consumer Infrared Receiver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\hcw85cir.sys -> [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) 64bit-(iaStor) Intel RAID Controller [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\iaStor.sys -> [2009/06/05 03:54:36 | 000,408,600 | ---- | M] (Intel Corporation) 64bit-(mwlPSDVDisk) mwlPSDVDisk [Kernel | System | Running] -> C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -> [2009/06/02 13:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) 64bit-(mwlPSDFilter) mwlPSDFilter [File_System | System | Running] -> C:\Windows\SysNative\drivers\mwlPSDFilter.sys -> [2009/06/02 13:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) 64bit-(mwlPSDNServ) mwlPSDNServ [Kernel | System | Running] -> C:\Windows\SysNative\drivers\mwlPSDNserv.sys -> [2009/06/02 13:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) 64bit-(GEARAspiWDM) GEAR ASPI Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\GEARAspiWDM.sys -> [2009/05/18 15:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) 64bit-(NTIDrvr) NTIDrvr [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\NTIDrvr.sys -> [2009/05/06 01:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) 64bit-(UBHelper) UBHelper [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\UBHelper.sys -> [2009/05/06 01:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) 64bit-(SCDEmu) SCDEmu [Kernel | System | Running] -> C:\Windows\SysNative\drivers\scdemu.sys -> [2009/03/15 12:32:56 | 000,085,424 | ---- | M] (PowerISO Computing, Inc.) 64bit-(sscdmdm) SAMSUNG Mobile Modem Drivers [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\sscdmdm.sys -> [2008/02/22 16:33:00 | 000,151,040 | ---- | M] (MCCI Corporation) 64bit-(sscdbus) SAMSUNG USB Composite Device driver (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\sscdbus.sys -> [2008/02/22 16:32:58 | 000,113,664 | ---- | M] (MCCI Corporation) 64bit-(sscdmdfl) SAMSUNG Mobile Modem Filter [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\sscdmdfl.sys -> [2008/02/22 16:32:58 | 000,018,944 | ---- | M] (MCCI Corporation) 64bit-(pccsmcfd) PCCS Mode Change Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\pccsmcfdx64.sys -> [2007/09/17 16:53:34 | 000,029,184 | ---- | M] (Nokia) (TuneUpUtilitiesDrv) TuneUpUtilitiesDrv [Kernel | On_Demand | Running] -> C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys -> [2009/10/14 07:24:44 | 000,011,856 | ---- | M] (TuneUp Software) (WIMMount) WIMMount [File_System | On_Demand | Stopped] -> C:\Windows\SysWOW64\drivers\wimmount.sys -> [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) (NetBIOS) NetBIOS Interface [File_System | System | Running] -> C:\Windows\SysWOW64\netbios.dll -> [2009/07/14 03:16:02 | 000,014,336 | ---- | M] (Microsoft Corporation) (mpsdrv) Pilote d’autorisation du Pare-feu Windows [Kernel | On_Demand | Running] -> C:\Windows\SysWOW64\wbem\mpsdrv.mof -> [2009/06/10 23:28:14 | 000,001,088 | ---- | M] () (Tcpip) Pilote du protocole TCP/IP [Kernel | System | Running] -> C:\Windows\SysWOW64\wbem\tcpip.mof -> [2009/06/10 23:15:18 | 000,003,066 | ---- | M] () (mwlPSDVDisk) mwlPSDVDisk [Kernel | System | Running] -> C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\mwlPSDVdisk.sys -> [2009/06/02 13:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) (mwlPSDFilter) mwlPSDFilter [File_System | System | Running] -> C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\mwlPSDFilter.sys -> [2009/06/02 13:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) (mwlPSDNServ) mwlPSDNServ [Kernel | System | Running] -> C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\mwlPSDNServ.sys -> [2009/06/02 13:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) (TFsExDisk) TFsExDisk [File_System | On_Demand | Stopped] -> C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -> [2009/04/07 10:39:44 | 000,016,392 | ---- | M] (Teruten Inc) (pfc) Padus ASPI Shell [Kernel | On_Demand | Stopped] -> C:\Windows\SysWOW64\drivers\pfc.sys -> [2003/09/19 16:45:48 | 000,021,248 | ---- | M] (Padus, Inc.) [Registry - Safe List] < 64bit-Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> [url=http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_m5810&r=17360210cn06973d58k95qg9m3y349]http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_m5810&r=17360210cn06973d58k95qg9m3y349[/url] -> HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> [url=http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_m5810&r=17360210cn06973d58k95qg9m3y349]http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_m5810&r=17360210cn06973d58k95qg9m3y349[/url] -> < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> C:\Windows\SysWOW64\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> [url=http://fr.msn.com/]MSN : Hotmail, Messenger, Bing, Actualité et Sport[/url] -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\] > -> -> HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\: Main\\"Start Page" -> [url=http://www.google.fr/]Google[/url] -> HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\: SearchURL\\"" -> -> HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\: "ProxyEnable" -> 0 -> HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\: "ProxyOverride" -> *.local -> < FireFox Settings [Prefs.js] > -> C:\Users\patrick\AppData\Roaming\Mozilla\FireFox\Profiles\pdf97g7x.default\prefs.js -> browser.search.useDBForOrder -> true -> browser.startup.homepage -> "http://www.google.fr" -> extensions.enabledItems -> {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 -> extensions.enabledItems -> {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2 -> extensions.enabledItems -> DTToolbar@toolbarnet.com:1.1.2.0185 -> < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions -> -> HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components -> C:\Program Files (x86)\Mozilla Firefox\components [C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\COMPONENTS] -> [2010/06/07 19:17:04 | 000,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins -> C:\Program Files (x86)\Mozilla Firefox\plugins [C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\PLUGINS] -> [2010/06/07 19:17:03 | 000,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions -> -> HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Components -> C:\Program Files (x86)\Mozilla Thunderbird\components [C:\PROGRAM FILES (X86)\MOZILLA THUNDERBIRD\COMPONENTS] -> [2010/06/05 13:09:10 | 000,000,000 | ---D | M] < FireFox Extensions [user Folders] > -> -> C:\Users\patrick\AppData\Roaming\mozilla\Extensions -> [2010/06/07 19:17:20 | 000,000,000 | ---D | M] No name found -> C:\Users\patrick\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} -> [2010/02/28 22:05:35 | 000,000,000 | ---D | M] -> C:\Users\patrick\AppData\Roaming\mozilla\Firefox\Profiles\6yt1wco1.default\extensions -> [2010/06/05 08:50:32 | 000,000,000 | ---D | M] -> C:\Users\patrick\AppData\Roaming\mozilla\Firefox\Profiles\pdf97g7x.default\extensions -> [2010/06/16 21:18:44 | 000,000,000 | ---D | M] Adblock Plus -> C:\Users\patrick\AppData\Roaming\mozilla\Firefox\Profiles\pdf97g7x.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} -> [2010/06/07 19:21:20 | 000,000,000 | ---D | M] -> C:\Users\patrick\AppData\Roaming\mozilla\Firefox\Profiles\pdf97g7x.default\extensions\DTToolbar@toolbarnet.com -> [2010/06/16 13:05:53 | 000,000,000 | ---D | M] < FireFox SearchPlugins [user Folders] > -> < FireFox Extensions [Program Folders] > -> -> C:\Program Files (x86)\Mozilla Firefox\extensions -> [2010/06/07 19:17:03 | 000,000,000 | ---D | M] Java Console -> C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} -> [2010/06/05 12:05:41 | 000,000,000 | ---D | M] < HOSTS File > ([2010/06/05 18:12:02 | 000,000,000 | ---- | M] - 0 lines) -> C:\Windows\SysNative\Drivers\etc\hosts -> Reset Hosts < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [spybot-S&D IE Protection] -> [2009/01/26 16:31:02 | 001,879,896 | ---- | M] (Safer Networking Limited) {9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll [Programme d'aide de l'Assistant de connexion Windows Live] -> [2009/01/22 16:41:30 | 000,408,448 | ---- | M] (Microsoft Corporation) < 64bit-Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> "Locked" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> "Locked" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < Internet Explorer ToolBars [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < Internet Explorer ToolBars [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\] > -> HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\"{30CEEEA2-3742-40E4-85DD-812BF1CBB83D}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < 64bit-Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "EPSON Stylus Photo RX520 Series" -> C:\Windows\SysNative\spool\DRIVERS\x64\3\E_FATIAGE.EXE [C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIAGE.EXE /F "C:\Windows\TEMP\E_S5CC3.tmp" /EF "HKLM"] -> [2005/04/07 05:00:00 | 000,098,304 | ---- | M] (SEIKO EPSON CORPORATION) "IAAnotif" -> C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe [C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe] -> [2009/06/05 04:03:32 | 000,186,904 | ---- | M] (Intel Corporation) "mwlDaemon" -> C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe] -> [2009/09/10 15:42:30 | 000,349,480 | ---- | M] (Egis Technology Inc.) "RtHDVCpl" -> C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe] -> [2009/06/16 12:35:18 | 007,883,296 | ---- | M] (Realtek Semiconductor) "Service Scheduler2 Acronis" -> C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe ["C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"] -> [2009/09/12 18:38:50 | 000,358,024 | ---- | M] (Acronis) "Skytel" -> C:\Program Files\Realtek\Audio\HDA\Skytel.exe [C:\Program Files\Realtek\Audio\HDA\Skytel.exe] -> [2009/06/16 12:36:10 | 001,833,504 | ---- | M] (Realtek Semiconductor Corp.) < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "avgnt" -> C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe ["C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min] -> [2009/03/02 13:08:11 | 000,209,153 | ---- | M] (Avira GmbH) "BackupManagerTray" -> C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe ["C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k] -> [2009/08/12 23:58:28 | 000,261,888 | ---- | M] (NewTech Infosystems, Inc.) "EgisTecLiveUpdate" -> C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe ["C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"] -> [2009/08/04 07:09:34 | 000,199,464 | ---- | M] (Egis Technology Inc.) "Hotkey Utility" -> C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe] -> [2009/08/18 09:27:26 | 000,629,280 | ---- | M] () "JMB36X IDE Setup" -> C:\Windows\RaidTool\xInsIDE.exe [C:\Windows\RaidTool\xInsIDE.exe] -> [2007/03/20 08:36:18 | 000,036,864 | ---- | M] () "TrueImageMonitor.exe" -> C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe] -> [2009/09/12 18:38:16 | 005,081,912 | ---- | M] (Acronis) < Run [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Sidebar" -> C:\Program Files (x86)\Windows Sidebar\Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun] -> [2009/07/14 03:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation) < RunOnce [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce -> "mctadmin" -> C:\Windows\SysWow64\mctadmin.exe [C:\Windows\System32\mctadmin.exe] -> File not found < Run [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Sidebar" -> C:\Program Files (x86)\Windows Sidebar\Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun] -> [2009/07/14 03:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation) < RunOnce [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce -> "mctadmin" -> C:\Windows\SysWow64\mctadmin.exe [C:\Windows\System32\mctadmin.exe] -> File not found < Run [HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\] > -> HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "SUPERAntiSpyware" -> C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe] -> [2010/05/18 19:26:13 | 002,942,976 | ---- | M] (SUPERAntiSpyware.com) < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoActiveDesktop" -> [1] -> File not found \\"NoActiveDesktopChanges" -> [1] -> File not found < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"ConsentPromptBehaviorAdmin" -> [5] -> File not found \\"ConsentPromptBehaviorUser" -> [3] -> File not found HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats < Internet Explorer Menu Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\MenuExt\ -> Google Sidewiki... -> C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll [res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html] -> File not found < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\MenuExt\ -> Google Sidewiki... -> C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll [res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html] -> File not found < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\] > -> HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\Software\Microsoft\Internet Explorer\MenuExt\ -> Google Sidewiki... -> C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll [res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html] -> File not found < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {219C3416-8CB2-491a-A3C7-D9FCDDC9D600}:{5F7B1267-94A9-47F5-98DB-E99415F33AEC} [HKLM] -> C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll [button: Ajout Direct] -> [2009/07/26 21:17:14 | 000,186,192 | ---- | M] (Microsoft Corporation) {219C3416-8CB2-491a-A3C7-D9FCDDC9D600}:{5F7B1267-94A9-47F5-98DB-E99415F33AEC} [HKLM] -> C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll [Menu: &Ajout Direct dans Windows Live Writer] -> [2009/07/26 21:17:14 | 000,186,192 | ---- | M] (Microsoft Corporation) {2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll [button: Send to OneNote] -> [2009/02/26 19:45:52 | 000,603,040 | ---- | M] (Microsoft Corporation) {2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll [Menu: S&end to OneNote] -> [2009/02/26 19:45:52 | 000,603,040 | ---- | M] (Microsoft Corporation) {DFB852A3-47F8-48C4-A200-58CAB36FD2A2}:{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [Menu: Spybot - Search & Destroy Configuration] -> [2009/01/26 16:31:02 | 001,879,896 | ---- | M] (Safer Networking Limited) < 64bit-Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> [url=http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s]ActiveX Controls Gallery[/url] -> < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> < 64bit-Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < 64bit-Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < 64bit-Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\] > -> HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 6869 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\] > -> HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> [url=http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab]http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab[/url] [Java Plug-in 1.6.0_20] -> {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [HKLM] -> [url=http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab]http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab[/url] [Java Plug-in 1.6.0_20] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> [url=http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab]http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab[/url] [Java Plug-in 1.6.0_20] -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> DhcpNameServer -> 192.168.1.1 -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {2FB1AC85-CD02-47E7-B89F-8C6DCDDF1F82}\\DhcpNameServer -> 192.168.1.1 (802.11n Wireless PCI Express Card LAN Adapter) -> {2FB1AC85-CD02-47E7-B89F-8C6DCDDF1F82}\\NameServer -> 91.188.60.223,8.8.8.8 (802.11n Wireless PCI Express Card LAN Adapter) -> {9709A052-9166-4307-8A65-8207AB2E70D9}\\DhcpNameServer -> 192.168.1.1 (Intel(R) 82578DC Gigabit Network Connection) -> {9709A052-9166-4307-8A65-8207AB2E70D9}\\NameServer -> 91.188.60.223,8.8.8.8 (Intel(R) 82578DC Gigabit Network Connection) -> < 64bit-Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 64bit-*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> explorer.exe -> C:\Windows\explorer.exe -> [2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> 64bit-*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> SystemPropertiesPerformance.exe -> C:\Windows\SysNative\SystemPropertiesPerformance.exe -> [2009/07/14 03:39:47 | 000,082,432 | ---- | M] (Microsoft Corporation) /pagefile -> -> File not found *MultiFile Done* -> -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> Explorer.exe -> C:\Windows\SysWow64\explorer.exe -> [2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> *VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> SystemPropertiesPerformance.exe -> C:\Windows\SysWow64\SystemPropertiesPerformance.exe -> [2009/07/14 03:14:42 | 000,081,920 | ---- | M] (Microsoft Corporation) /pagefile -> -> File not found *MultiFile Done* -> -> < 64bit-SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad -> "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found < SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad -> "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found < LSA Security Packages [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> 64bit-*LSA Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> pku2u -> C:\Windows\SysNative\pku2u.dll -> [2009/07/14 03:41:53 | 000,240,640 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> *LSA Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> pku2u -> C:\Windows\SysWow64\pku2u.dll -> [2009/07/14 03:16:12 | 000,186,880 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < Vista Active Firewall Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules -> {18359AD2-0B8C-45B0-BF5A-58F495C5B57A} -> lport=2869 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31277 | app=system | {25A43EA7-8C67-4982-8290-D91E8CE5C289} -> lport=1900 | protocol=17 | dir=in | action=allow | name=windows live messenger (ssdp-in) | app=svchost.exe | svc=ssdpsrv | {276068E7-AF64-462C-B6CB-227AC6C1C0D0} -> lport=2177 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31253 | app=%systemroot%\system32\svchost.exe | svc=qwave | {32974EC3-146A-4F04-A938-CE3B0790457A} -> lport=2869 | protocol=6 | dir=in | action=allow | name=windows live messenger (upnp-in) | app=system | {3EE9B627-BF93-48F3-944D-570354785806} -> rport=137 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28523 | app=system | {3F65A13C-9399-4318-9B08-CE77713E23AB} -> rport=445 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28515 | app=system | {6B0987B7-29F4-4442-A9A2-FAD44BF42258} -> lport=5355 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28548 | app=%systemroot%\system32\svchost.exe | svc=dnscache | {86D471BF-89D7-4CD9-96B6-3C2BA6CAA13A} -> rport=2177 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31257 | app=%systemroot%\system32\svchost.exe | svc=qwave | {8D7D87A9-05B8-49FF-8D94-CD90BB8DEAC4} -> lport=2177 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31261 | app=%systemroot%\system32\svchost.exe | svc=qwave | {93CAEE23-0757-4165-B52B-40C2A7DD20A8} -> lport=rpc-epmap | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28539 | svc=rpcss | {9928FB15-C12E-4038-9DB5-68D5313041C1} -> rport=1900 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31273 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv | {A1718E83-7D1E-4D8F-9CF0-7517FD1A331E} -> lport=138 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28527 | app=system | {AE01AB13-07CD-4497-8F5F-44561C3D4B62} -> rport=2177 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31265 | app=%systemroot%\system32\svchost.exe | svc=qwave | {B3F76739-60DF-4506-B607-762192F586DA} -> lport=139 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28503 | app=system | {D3449C76-F140-4FE1-92BC-74CDEC533C42} -> rport=138 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28531 | app=system | {D412E4EA-ECA5-476A-B99B-191C3877A8FA} -> lport=445 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28511 | app=system | {D5ACACB0-5034-46B6-BEAF-E3BF8AC4DD71} -> lport=137 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28519 | app=system | {D7A73857-663B-48E4-8EEE-0BF787DAD2C3} -> rport=10243 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31289 | app=system | {DF366AB8-9470-421C-92A9-BA7A85A1077E} -> lport=rpc | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28535 | app=%systemroot%\system32\spoolsv.exe | svc=spooler | {DFA3DB4E-A747-46A4-BBB7-4BB72496F836} -> rport=5355 | profile=public | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28550 | app=%systemroot%\system32\svchost.exe | svc=dnscache | {EB3E1131-E07C-4B6F-BC15-E59222C8C897} -> lport=10243 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31285 | app=system | {EBFAB743-D153-4B05-8352-221F0BEE53F5} -> lport=5355 | profile=public | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28548 | app=%systemroot%\system32\svchost.exe | svc=dnscache | {FBE41EA0-655D-4F51-B369-FCE7000CB56D} -> rport=5355 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28550 | app=%systemroot%\system32\svchost.exe | svc=dnscache | {FC893513-6025-466C-97B4-4A03A1725585} -> lport=1900 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31269 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv | {FF1DA44D-5488-46ED-AC67-A485D4B9BF85} -> rport=139 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28507 | app=system | < Vista Active Application Exception Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules -> {0958D5CF-7303-4555-9E81-9273E3BD2A56} -> profile=private | protocol=6 | dir=in | action=allow | name=orb stream client | app=c:\program files (x86)\orb networks\orb\bin\orbstreamerclient.exe | {0A4DE9FE-A173-4AE6-AC5A-B1C5D2F13B36} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31301 | app=%programfiles%\windows media player\wmplayer.exe | {17023B65-32FA-4962-BB0F-27A92AC5B459} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31007 | app=%programfiles%\windows media player\wmplayer.exe | {19ED6D48-8F30-4DAE-862B-FBFA30BA6345} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31023 | app=%programfiles(x86)%\windows media player\wmplayer.exe | {1C110EE1-B234-4A80-A111-57945728FACC} -> profile=private | protocol=6 | dir=in | action=allow | name=pnkbstrb | app=c:\windows\syswow64\pnkbstrb.exe | {1DFBC5D5-3D73-44CE-899B-65A45D93B195} -> profile=private | protocol=6 | dir=in | action=allow | name=itunes | app=c:\program files (x86)\itunes\itunes.exe | {1FC3D48B-4DFE-4C23-A950-8FC214DBB6D3} -> dir=in | action=allow | name=windows live messenger | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | {21698BF3-CD67-4FEE-94D8-2FB3A726EA66} -> profile=private | protocol=17 | dir=in | action=allow | name=ktf music aod server | app=c:\program files (x86)\samsung\samsung new pc studio\npsasvr.exe | {26688A3E-08A9-4DE7-ADDD-E1C31A3E27E4} -> profile=public | protocol=6 | dir=in | action=allow | name=rlvknlg.exe | app=c:\program files (x86)\relevantknowledge\rlvknlg.exe | {2D201402-82B1-4DA4-8492-C7E7A90D1094} -> dir=in | action=allow | name=acer play movie | app=c:\program files (x86)\acer arcade deluxe\playmovie\playmovie.exe | {306CA939-DE51-4A77-B32E-DD88A6B40ADC} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31297 | app=%programfiles%\windows media player\wmplayer.exe | {38725F7D-728D-4223-AD7A-BE447D71551E} -> dir=in | action=allow | name=acer homemedia | app=c:\program files (x86)\acer arcade deluxe\homemedia\homemedia.exe | {390EF0C4-02FB-4DE3-9EF9-46882873FC39} -> profile=private | protocol=17 | dir=in | action=allow | name=orbtvguide | app=c:\program files (x86)\orb networks\orb\bin\xmltv.exe | {3ABCB612-6512-453B-ADC6-A17A9BFE7F3E} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31293 | app=%programfiles%\windows media player\wmplayer.exe | {3D29D795-E30C-4D82-8875-72E47D3185D2} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31011 | app=%programfiles%\windows media player\wmplayer.exe | {426BDD87-DCF5-49D0-B0DB-46B91F58F579} -> profile=public | protocol=6 | dir=in | action=allow | name=microsoft office onenote | app=c:\program files (x86)\microsoft office\office12\onenote.exe | {43BC474D-C0BA-403D-9486-08B2C0228DE5} -> profile=private | protocol=6 | dir=in | action=allow | name=ktf music vod server | app=c:\program files (x86)\samsung\samsung new pc studio\npsvsvr.exe | {47B1E935-11DF-43F3-9406-543AEEB327A1} -> profile=private | protocol=6 | dir=in | action=allow | name=orbchannelscan | app=c:\program files (x86)\orb networks\orb\bin\orbchannelscan.exe | {4A335D86-959A-4E74-A87D-D3BF344B143D} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31025 | app=%programfiles(x86)%\windows media player\wmplayer.exe | {4C754EA4-D340-4D5B-B575-700F49F0B8BB} -> profile=private | protocol=1 | dir=in | action=allow | name=@firewallapi.dll,-28543 | {4CBF61BE-2976-4A74-9D3C-CB31C0C2EF3D} -> profile=private | protocol=17 | dir=in | action=allow | name=itunes | app=c:\program files (x86)\itunes\itunes.exe | {5026C635-B4A7-4630-954F-86AC09E2296F} -> profile=private | protocol=1 | dir=out | action=allow | name=@firewallapi.dll,-28544 | {528CCDC5-DE46-41FD-941C-04CCD5779496} -> profile=public | protocol=6 | dir=in | action=allow | name=s.t.a.l.k.e.r. - shadow of chernobyl (srv) | app=c:\program files (x86)\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\dedicated\xr_3da.exe | {5D603792-C6A7-4696-B8DE-259532379B0D} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31317 | app=%programfiles%\windows media player\wmpnetwk.exe | {5DD8EA31-06F8-40D7-AB46-3069FA3D5044} -> profile=private | protocol=17 | dir=in | action=allow | name=orbchannelscan | app=c:\program files (x86)\orb networks\orb\bin\orbchannelscan.exe | {659ED95C-F968-47CC-9F25-0E4D7624F7FF} -> profile=private | protocol=6 | dir=in | action=allow | name=service bonjour | app=c:\program files (x86)\bonjour\mdnsresponder.exe | {65D749D0-61B9-452D-B7BB-045D7ED13216} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31281 | app=system | {72C64D90-BA69-445E-9131-D121B18E4A77} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31321 | app=%systemroot%\system32\svchost.exe | svc=upnphost | {7E80573C-D38B-4AC1-BB0A-3EE5294FD622} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31024 | app=%programfiles(x86)%\windows media player\wmplayer.exe | {7F62B163-BB85-4124-8640-2D7FCBBAA254} -> profile=private | protocol=17 | dir=in | action=allow | name=ktf music vod server | app=c:\program files (x86)\samsung\samsung new pc studio\npsvsvr.exe | {870BEDC2-8875-4C31-8C9B-5461FE1C1B89} -> profile=private | protocol=6 | dir=in | action=allow | name=ktf music aod server | app=c:\program files (x86)\samsung\samsung new pc studio\npsasvr.exe | {8C1FA035-EA2C-4223-9396-A4B7107E662A} -> profile=private | protocol=6 | dir=in | action=allow | name=orbtvguide | app=c:\program files (x86)\orb networks\orb\bin\xmltv.exe | {9120C20C-2293-4094-B8DD-C6B1020ED8B8} -> profile=private | protocol=6 | dir=in | action=allow | name=orbir | app=c:\program files (x86)\orb networks\orb\bin\orbir.exe | {9166E47C-143A-4454-BF0C-0A3A53400528} -> profile=private | protocol=6 | dir=in | action=allow | name=orbtray | app=c:\program files (x86)\orb networks\orb\bin\orbtray.exe | {926A882C-701D-4941-83F1-06AB71B18B41} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31305 | app=%programfiles%\windows media player\wmpnetwk.exe | {967D5165-8E8E-4F8C-A6D3-ADE776A58F0B} -> dir=in | action=allow | name=windows live foldershare | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | {9BD2C2C2-B45E-431E-AAAB-FBAFF7C8DE16} -> profile=public | protocol=6 | dir=in | action=allow | name=s.t.a.l.k.e.r. - shadow of chernobyl (cli) | app=c:\program files (x86)\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe | {9CF45DEC-6568-4816-8975-6D9B1739AA3E} -> dir=in | action=allow | name=windows live call | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe | {A63A7C47-4FD4-4818-AA7F-9FFB075060EF} -> profile=private | protocol=17 | dir=in | action=allow | name=orb stream client | app=c:\program files (x86)\orb networks\orb\bin\orbstreamerclient.exe | {A73423F9-1229-4E87-AE16-8F21531F06FD} -> profile=domain | dir=in | action=allow | name=mcafee network agent | app=c:\program files (x86)\common files\mcafee\mna\mcnasvc.exe | {ADFF8052-23FB-4197-8613-DF526DE74E4A} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31309 | app=%programfiles%\windows media player\wmpnetwk.exe | {B028B1EE-95DB-48D5-8684-2A40F4221B9D} -> profile=private | protocol=6 | dir=in | action=allow | name=orb | app=c:\program files (x86)\orb networks\orb\bin\orb.exe | {B16568BD-7C81-4CF8-98E4-A0B9618CC4D4} -> dir=in | action=allow | name=acer play movie resident program | app=c:\program files (x86)\acer arcade deluxe\playmovie\pmvservice.exe | {B67EA0F3-7CFB-4DC6-A467-2A7BB78FB282} -> profile=private | protocol=58 | dir=out | action=allow | name=@firewallapi.dll,-28546 | {B6BC20F5-7B99-415F-82E9-8CEA1290BD06} -> profile=private | protocol=58 | dir=in | action=allow | name=@firewallapi.dll,-28545 | {B8652142-F31D-4700-BFB5-EB23423A38D9} -> profile=private | protocol=17 | dir=in | action=allow | name=pnkbstrb | app=c:\windows\syswow64\pnkbstrb.exe | {BDE2806D-EAF6-44D3-898A-072E553C72A8} -> profile=private | protocol=17 | dir=in | action=allow | name=pnkbstra | app=c:\windows\syswow64\pnkbstra.exe | {C0B26F4E-9A20-4F22-A340-5CCEAD792365} -> profile=public | protocol=17 | dir=in | action=allow | name=microsoft office onenote | app=c:\program files (x86)\microsoft office\office12\onenote.exe | {C0BA3DB3-B627-48EA-AF5F-45E2575DDEE9} -> profile=public | protocol=17 | dir=in | action=allow | name=rlvknlg.exe | app=c:\program files (x86)\relevantknowledge\rlvknlg.exe | {C540243C-FAD5-4D2D-A40D-4C70077DD75E} -> profile=private | protocol=6 | dir=in | action=allow | name=pnkbstra | app=c:\windows\syswow64\pnkbstra.exe | {C94E2486-A642-44DC-BEB9-CDFFD722C4E1} -> profile=private | protocol=17 | dir=in | action=allow | name=orbir | app=c:\program files (x86)\orb networks\orb\bin\orbir.exe | {CEC0C5F2-D26E-4044-95ED-1745C7EB7771} -> dir=in | action=allow | name=acer arcade deluxe | app=c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe | {D03F093B-7C92-4BAE-ADE0-5B32C78667B7} -> profile=private | protocol=17 | dir=in | action=allow | name=service bonjour | app=c:\program files (x86)\bonjour\mdnsresponder.exe | {DD010D42-2B61-4C48-B2BB-8FCAB0B47687} -> profile=public | protocol=17 | dir=in | action=allow | name=s.t.a.l.k.e.r. - shadow of chernobyl (srv) | app=c:\program files (x86)\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\dedicated\xr_3da.exe | {DFEE985C-AEE8-419F-BA7E-6DDFC5BE56A1} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31003 | app=%programfiles%\windows media player\wmplayer.exe | {E28C44D2-3E41-461D-BB43-D048F8C812FB} -> profile=public | protocol=17 | dir=in | action=allow | name=s.t.a.l.k.e.r. - shadow of chernobyl (cli) | app=c:\program files (x86)\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe | {E3E5985E-3339-4F41-AAC9-F9504600208D} -> profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31313 | app=%programfiles%\windows media player\wmpnetwk.exe | {F7A5B25A-788B-4A13-9D03-8B614F6F9254} -> profile=private | protocol=17 | dir=in | action=allow | name=orb | app=c:\program files (x86)\orb networks\orb\bin\orb.exe | {FF6C1EAD-5A95-45B5-BBC2-3CC966150B8B} -> profile=private | protocol=17 | dir=in | action=allow | name=orbtray | app=c:\program files (x86)\orb networks\orb\bin\orbtray.exe | TCP Query User{2E246960-EC91-4EF0-B5F5-522DCCE5717D}C:\program files (x86)\java\jre6\bin\javaw.exe -> profile=private | protocol=6 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files (x86)\java\jre6\bin\javaw.exe | TCP Query User{3E8A96FC-444F-4395-A438-B327D8EC586C}C:\program files (x86)\orb networks\orb\bin\orbtray.exe -> profile=public | protocol=6 | dir=in | action=block | name=orb | app=c:\program files (x86)\orb networks\orb\bin\orbtray.exe | TCP Query User{626C76D4-6EC3-4E24-819E-3D0DB8EB08BF}C:\program files (x86)\gigatribe\gigatribe.exe -> profile=private | protocol=6 | dir=in | action=allow | name=gigatribe | app=c:\program files (x86)\gigatribe\gigatribe.exe | TCP Query User{BB0C1DA5-EC6E-4DD7-8A80-F94CEA18469A}C:\program files (x86)\orb networks\orb\bin\orb.exe -> profile=public | protocol=6 | dir=in | action=block | name=orb application | app=c:\program files (x86)\orb networks\orb\bin\orb.exe | UDP Query User{0CBADD32-1BED-4121-B54B-4B44A6CC9F95}C:\program files (x86)\gigatribe\gigatribe.exe -> profile=private | protocol=17 | dir=in | action=allow | name=gigatribe | app=c:\program files (x86)\gigatribe\gigatribe.exe | UDP Query User{43318E42-CFC7-4672-87B8-085E8CD9780A}C:\program files (x86)\java\jre6\bin\javaw.exe -> profile=private | protocol=17 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files (x86)\java\jre6\bin\javaw.exe | UDP Query User{BBC1B8F1-87D3-4538-A624-97D2753BAF22}C:\program files (x86)\orb networks\orb\bin\orb.exe -> profile=public | protocol=17 | dir=in | action=block | name=orb application | app=c:\program files (x86)\orb networks\orb\bin\orb.exe | UDP Query User{E6D73433-E7C9-4148-8530-81D2DE1BF279}C:\program files (x86)\orb networks\orb\bin\orbtray.exe -> profile=public | protocol=17 | dir=in | action=block | name=orb | app=c:\program files (x86)\orb networks\orb\bin\orbtray.exe | < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> Pilote de CD-ROM -> "ImagePath" -> C:\Windows\SysNative\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2009/07/14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command -> 64bit-comfile [open] -> "%1" %* -> File not found 64bit-exefile [open] -> "%1" %* -> File not found comfile [open] -> "%1" %* -> exefile [open] -> "%1" %* -> < 64bit-File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ -> .com [@ = comfile] -> "%1" %* -> .exe [@ = exefile] -> "%1" %* -> < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ -> .com [@ = comfile] -> "%1" %* -> .exe [@ = exefile] -> "%1" %* -> [Registry - Additional Scans - Safe List] < 64bit-ActiveX StubPath [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\ -> {22d6f312-b0f6-11d0-94ab-0080c74c7e95} [HKLM] -> C:\Windows\SysNative\wmpdxm.dll [(default): Microsoft Windows Media Player 12.0; IsInstalled: 1] -> [2009/07/14 03:41:57 | 000,358,400 | ---- | M] (Microsoft Corporation) {2C7339CF-2B09-4501-B3F3-F3508C9228ED} [stubPath] -> %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [(default): Themes Setup; IsInstalled: 1] -> {3af36230-a269-11d1-b5bf-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Offline Browsing Pack; IsInstalled: 1] -> File not found {44BBA840-CC51-11CF-AAFA-00AA00B6015C} [stubPath] -> "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE [(default): Microsoft Windows; IsInstalled: 1] -> {44BBA855-CC51-11CF-AAFA-00AA00B6015F} [HKLM] -> Reg Error: Key error. [(default): DirectDrawEx; IsInstalled: 1] -> File not found {45ea75a0-a269-11d1-b5bf-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Help; IsInstalled: 1] -> File not found {4f645220-306d-11d2-995d-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): Microsoft Windows Script 5.6; IsInstalled: 1] -> File not found {5fd399c0-a70a-11d1-9948-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Setup Tools; IsInstalled: 1] -> File not found {630b1da0-b465-11d1-9948-00c04f98bbc9} [KeyFileName] -> Reg Error: Value error. [(default): Browsing Enhancements; IsInstalled: 1] -> File not found {6BF52A52-394A-11d3-B153-00C04F79FAA6} [stubPath] -> %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI [(default): Microsoft Windows Media Player; IsInstalled: 1] -> {6fab99d0-bab8-11d1-994a-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): MSN Site Access; IsInstalled: 1] -> File not found {7790769C-0471-11d2-AF11-00C04FA35D02} [HKLM] -> Reg Error: Key error. [(default): Address Book 7; IsInstalled: 1] -> File not found {89820200-ECBD-11cf-8B85-00AA005B4340} [stubPath] -> regsvr32.exe /s /n /i:U shell32.dll [(default): Windows Desktop Update; IsInstalled: 1] -> {89820200-ECBD-11cf-8B85-00AA005B4383} [stubPath] -> C:\Windows\System32\ie4uinit.exe -BaseSettings [(default): Web Platform Customizations; IsInstalled: 1] -> {89B4C1CD-B018-4511-B0A1-5476DBF70820} [stubPath] -> C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install [ComponentID: DOTNETFRAMEWORKS; IsInstalled: 1] -> {9381D8F2-0288-11D0-9501-00AA00B911A5} [HKLM] -> Reg Error: Key error. [(default): Dynamic HTML Data Binding; IsInstalled: 1] -> File not found {C9E9A340-D1F1-11D0-821E-444553540600} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Core Fonts; IsInstalled: 1] -> File not found {de5aed00-a4bf-11d1-9948-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): HTML Help; IsInstalled: 1] -> File not found {E92B03AB-B707-11d2-9CBD-0000F87A369E} [HKLM] -> Reg Error: Key error. [(default): Active Directory Service Interface; IsInstalled: 1] -> File not found {FEBEF00C-046D-438D-8A88-BF94A6C9E703} [HKLM] -> Reg Error: Key error. [(default): .NET Framework] -> File not found >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} [stubPath] -> %SystemRoot%\system32\unregmp2.exe /ShowWMP [(default): Microsoft Windows Media Player; IsInstalled: 0] -> >{26923b43-4d38-484f-9b9e-de460746276c} [stubPath] -> C:\Windows\System32\ie4uinit.exe -UserIconConfig [(default): Internet Explorer; IsInstalled: 1] -> >{60B49E34-C7CC-11D0-8953-00A0C90347FF} [stubPath] -> "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP [(default): Browser Customizations; IsInstalled: 1] -> < ActiveX StubPath [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608500} [KeyFileName] -> C:\Program Files (x86)\Java\jre6\bin\regutils.dll [(default): Java (Sun); IsInstalled: 1] -> [2010/04/12 18:35:02 | 000,270,336 | ---- | M] (Sun Microsystems, Inc.) {22d6f312-b0f6-11d0-94ab-0080c74c7e95} [HKLM] -> C:\Windows\SysWOW64\wmpdxm.dll [(default): Microsoft Windows Media Player 12.0; IsInstalled: 1] -> [2009/07/14 03:16:19 | 000,299,520 | ---- | M] (Microsoft Corporation) {2C7339CF-2B09-4501-B3F3-F3508C9228ED} [stubPath] -> %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [(default): Themes Setup; IsInstalled: 1] -> {3af36230-a269-11d1-b5bf-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Offline Browsing Pack; IsInstalled: 1] -> File not found {44BBA840-CC51-11CF-AAFA-00AA00B6015C} [stubPath] -> "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE [(default): Microsoft Windows; IsInstalled: 1] -> {44BBA855-CC51-11CF-AAFA-00AA00B6015F} [HKLM] -> Reg Error: Key error. [(default): DirectDrawEx; IsInstalled: 1] -> File not found {45ea75a0-a269-11d1-b5bf-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Help; IsInstalled: 1] -> File not found {4f645220-306d-11d2-995d-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): Microsoft Windows Script 5.6; IsInstalled: 1] -> File not found {5fd399c0-a70a-11d1-9948-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Setup Tools; IsInstalled: 1] -> File not found {630b1da0-b465-11d1-9948-00c04f98bbc9} [KeyFileName] -> C:\Windows\SysWOW64\msieftp.dll [(default): Browsing Enhancements; IsInstalled: 1] -> [2009/07/14 03:15:44 | 000,301,568 | ---- | M] (Microsoft Corporation) {6BF52A52-394A-11d3-B153-00C04F79FAA6} [stubPath] -> %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI [(default): Microsoft Windows Media Player; IsInstalled: 1] -> {6fab99d0-bab8-11d1-994a-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): MSN Site Access; IsInstalled: 1] -> File not found {7790769C-0471-11d2-AF11-00C04FA35D02} [HKLM] -> Reg Error: Key error. [(default): Address Book 7; IsInstalled: 1] -> File not found {7C028AF8-F614-47B3-82DA-BA94E41B1089} [HKLM] -> Reg Error: Key error. [(default): .NET Framework] -> File not found {89820200-ECBD-11cf-8B85-00AA005B4340} [stubPath] -> regsvr32.exe /s /n /i:U shell32.dll [(default): Windows Desktop Update; IsInstalled: 1] -> {89820200-ECBD-11cf-8B85-00AA005B4383} [stubPath] -> C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings [(default): Web Platform Customizations; IsInstalled: 1] -> {89B4C1CD-B018-4511-B0A1-5476DBF70820} [stubPath] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install [ComponentID: DOTNETFRAMEWORKS; IsInstalled: 1] -> {9381D8F2-0288-11D0-9501-00AA00B911A5} [HKLM] -> Reg Error: Key error. [(default): Dynamic HTML Data Binding; IsInstalled: 1] -> File not found {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} [HKLM] -> Reg Error: Key error. [(default): .NET Framework] -> File not found {C9E9A340-D1F1-11D0-821E-444553540600} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Core Fonts; IsInstalled: 1] -> File not found {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} [HKLM] -> Reg Error: Key error. [(default): .NET Framework] -> File not found {D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\Windows\SysWOW64\Macromed\Flash\Flash10h.ocx [(default): Adobe Flash Player; IsInstalled: 01 00 00 00 [binary data]] -> [2010/06/12 18:25:27 | 005,712,336 | R--- | M] (Adobe Systems, Inc.) {de5aed00-a4bf-11d1-9948-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): HTML Help; IsInstalled: 1] -> File not found {E92B03AB-B707-11d2-9CBD-0000F87A369E} [HKLM] -> Reg Error: Key error. [(default): Active Directory Service Interface; IsInstalled: 1] -> File not found >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} [stubPath] -> %SystemRoot%\system32\unregmp2.exe /ShowWMP [(default): Microsoft Windows Media Player; IsInstalled: 0] -> >{26923b43-4d38-484f-9b9e-de460746276c} [stubPath] -> C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig [(default): Internet Explorer; IsInstalled: 1] -> >{60B49E34-C7CC-11D0-8953-00A0C90347FF} [stubPath] -> "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP [(default): Browser Customizations; IsInstalled: 1] -> < ActiveX StubPath [HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\] > -> HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\ -> {2C7339CF-2B09-4501-B3F3-F3508C9228ED} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {44BBA840-CC51-11CF-AAFA-00AA00B6015C} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {6BF52A52-394A-11d3-B153-00C04F79FAA6} [HKLM] -> C:\Windows\SysWOW64\wmp.dll [HKLM: Windows Media Player] -> [2009/08/29 08:59:32 | 011,406,336 | ---- | M] (Microsoft Corporation) {89820200-ECBD-11cf-8B85-00AA005B4340} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {89820200-ECBD-11cf-8B85-00AA005B4383} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {89B4C1CD-B018-4511-B0A1-5476DBF70820} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found >{26923b43-4d38-484f-9b9e-de460746276c} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found >{60B49E34-C7CC-11D0-8953-00A0C90347FF} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found < 64bit-App Paths [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ -> 7zFM.exe -> C:\Program Files (x86)\7-Zip\7zFM.exe [C:\Program Files (x86)\7-Zip\7zFM.exe] -> [2009/02/03 09:10:08 | 000,388,096 | ---- | M] (Igor Pavlov) AcroRd32.exe -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe [C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe] -> [2010/04/04 07:57:52 | 000,349,616 | ---- | M] (Adobe Systems Incorporated) BackupManager.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found ccleaner.exe -> C:\Program Files (x86)\CCleaner\CCleaner.exe [C:\Program Files (x86)\CCleaner\ccleaner.exe] -> [2010/05/25 18:08:54 | 001,694,520 | ---- | M] (Piriform Ltd) cmmgr32.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found dvdmaker.exe -> C:\Program Files\DVD Maker\dvdmaker.exe [%ProgramFiles%\DVD Maker\dvdmaker.exe] -> [2009/07/14 03:39:08 | 002,258,432 | ---- | M] (Microsoft Corporation) ECOPY.EXE -> C:\Program Files (x86)\epson\Creativity Suite\Copy Utility\ECOPY.EXE [C:\Program Files (x86)\EPSON\Creativity Suite\Copy Utility\ECOPY.exe] -> [2004/10/08 01:00:02 | 000,716,800 | ---- | M] (SEIKO EPSON CORP.) Escfg.exe -> C:\Windows\twain_32\escndv\escfg.exe [C:\Windows\twain_32\escndv\Escfg.exe] -> [2006/10/04 01:00:00 | 000,182,424 | ---- | M] (SEIKO EPSON CORP.) Escndv.exe -> C:\Windows\twain_32\escndv\escndv.exe [C:\Windows\twain_32\escndv\Escndv.exe] -> [2006/03/08 01:00:00 | 000,118,784 | ---- | M] (SEIKO EPSON CORP.) firefox.exe -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe [C:\Program Files (x86)\Mozilla Firefox\firefox.exe] -> [2010/04/01 20:01:50 | 000,910,296 | ---- | M] (Mozilla Corporation) fsquirt.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found install.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found iTunes.exe -> C:\Program Files (x86)\iTunes\iTunes.exe [C:\Program Files (x86)\iTunes\iTunes.exe] -> [2010/04/28 15:06:24 | 010,358,568 | ---- | M] (Apple Inc.) IZArc -> C:\Program Files (x86)\IZArc\IZArc.exe [C:\Program Files (x86)\IZArc\IZArc.exe] -> [2009/11/23 11:27:36 | 002,850,304 | ---- | M] () javaws.exe -> C:\Program Files (x86)\Java\jre6\bin\javaws.exe [C:\Program Files (x86)\Java\jre6\bin\javaws.exe] -> [2010/06/05 12:05:37 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) Journal.exe -> C:\Program Files\Windows Journal\Journal.exe [%ProgramFiles%\Windows Journal\Journal.exe] -> [2009/07/14 03:39:14 | 002,164,224 | ---- | M] (Microsoft Corporation) mbam.exe -> C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe [C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe] -> [2010/04/29 15:39:32 | 001,090,952 | ---- | M] (Malwarebytes Corporation) mip.exe -> C:\Program Files\Common Files\Microsoft Shared\Ink\mip.exe [%CommonProgramFiles%\Microsoft Shared\Ink\mip.exe] -> [2009/07/14 03:39:19 | 001,547,264 | ---- | M] (Microsoft Corporation) mplayer2.exe -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe [%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe] -> [2009/08/29 08:56:10 | 000,164,864 | ---- | M] (Microsoft Corporation) MSNMSGR.EXE -> C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe] -> [2009/07/26 17:44:52 | 003,883,856 | ---- | M] (Microsoft Corporation) MsoHtmEd.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found msoxmled.exe -> C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLED.EXE [C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSOXMLED.EXE] -> [2006/10/27 06:41:50 | 000,059,152 | ---- | M] (Microsoft Corporation) msworks.exe -> c:\Program Files (x86)\Microsoft Works\MSWorks.exe [c:\Program Files (x86)\Microsoft Works\msworks.exe] -> [2007/06/20 23:03:56 | 000,644,448 | ---- | M] (Microsoft® Corporation) NewPCStudio.exe -> C:\Program Files (x86)\Samsung\Samsung New PC Studio\ [C:\Program Files (x86)\Samsung\Samsung New PC Studio\] -> [2010/05/26 16:03:42 | 000,000,000 | ---D | M] ois.exe -> C:\Program Files (x86)\Microsoft Office\Office12\OIS.EXE [C:\PROGRA~2\MICROS~1\Office12\OIS.EXE] -> [2008/11/04 02:24:48 | 000,274,808 | ---- | M] (Microsoft Corporation) OneNote.exe -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTE.EXE [C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE] -> [2009/02/26 15:24:50 | 001,001,840 | ---- | M] (Microsoft Corporation) pbrush.exe -> C:\Windows\SysNative\mspaint.exe [%SystemRoot%\System32\mspaint.exe] -> [2009/07/14 03:39:24 | 006,676,480 | ---- | M] (Microsoft Corporation) PhotoImpression.exe -> C:\Program Files (x86)\ArcSoft\PhotoImpression 5\photoimpression.exe [C:\Program Files (x86)\ArcSoft\PhotoImpression 5\PhotoImpression.exe] -> [2005/03/14 16:30:28 | 000,135,168 | ---- | M] (ArcSoft Inc.) pi.exe -> C:\Program Files (x86)\Microsoft Digital Image 10\pi.exe [C:\Program Files (x86)\Microsoft Digital Image 10\pi.exe] -> [2004/06/12 12:40:16 | 000,424,448 | ---- | M] (Microsoft Corporation) PictureViewer.exe -> C:\Program Files (x86)\QuickTime\PictureViewer.exe [C:\Program Files (x86)\QuickTime\PictureViewer.exe] -> [2010/03/17 21:53:32 | 000,557,056 | ---- | M] (Apple Inc.) PlayMovie.exe -> C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PlayMovie.mcl [C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PlayMovie.mcl] -> [2009/09/29 11:51:14 | 000,000,465 | ---- | M] () Pod.exe -> C:\Program Files (x86)\Microsoft Digital Image 10\Pod.exe [C:\Program Files (x86)\Microsoft Digital Image 10\Pod.exe] -> [2004/06/12 12:35:14 | 000,035,328 | ---- | M] (Microsoft Corporation) PowerCinema -> C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe [C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe] -> [2009/09/29 12:31:56 | 000,353,576 | ---- | M] (Acer Incorporated) powerpnt.exe -> C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE [C:\PROGRA~2\MICROS~1\Office12\POWERPNT.EXE] -> [2009/02/26 14:06:28 | 000,521,080 | ---- | M] (Microsoft Corporation) PowerShell.exe -> C:\Windows\SysNative\WindowsPowerShell\v1.0\powershell.exe [%SystemRoot%\system32\WindowsPowerShell\v1.0\PowerShell.exe] -> [2009/07/14 03:39:20 | 000,473,600 | ---- | M] (Microsoft Corporation) QuickTimePlayer.exe -> C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe [C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe] -> [2010/03/17 23:28:24 | 001,230,128 | ---- | M] (Apple Inc.) sbase.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\sbase.exe [C:\Program Files (x86)\OpenOffice.org 3\program\sbase.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org) scalc.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\scalc.exe [C:\Program Files (x86)\OpenOffice.org 3\program\scalc.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org) sdraw.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\sdraw.exe [C:\Program Files (x86)\OpenOffice.org 3\program\sdraw.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org) setup.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found simpress.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\simpress.exe [C:\Program Files (x86)\OpenOffice.org 3\program\simpress.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org) smath.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\smath.exe [C:\Program Files (x86)\OpenOffice.org 3\program\smath.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org) SnippingTool.exe -> C:\Windows\SysNative\SnippingTool.exe [%SystemRoot%\system32\SnippingTool.exe] -> [2009/07/14 03:39:41 | 000,431,104 | ---- | M] (Microsoft Corporation) soffice.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe [C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe] -> [2010/05/21 00:58:46 | 011,318,784 | ---- | M] (OpenOffice.org) SoftDMA.exe -> C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe [C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe] -> [2009/09/25 11:48:14 | 000,334,392 | ---- | M] (Acer Incorporated) swriter.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\swriter.exe [C:\Program Files (x86)\OpenOffice.org 3\program\swriter.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org) table30.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found TabTip.exe -> C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [%CommonProgramFiles%\microsoft shared\ink\TabTip.exe] -> [2009/07/14 03:39:47 | 000,224,256 | ---- | M] (Microsoft Corporation) thunderbird.exe -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe [C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe] -> [2010/03/31 07:46:49 | 011,957,424 | ---- | M] (Mozilla Messaging) unopkg.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\unopkg.exe [C:\Program Files (x86)\OpenOffice.org 3\program\unopkg.exe] -> [2010/05/20 07:01:10 | 000,010,752 | ---- | M] () wab.exe -> C:\Program Files\Windows Mail\wab.exe [%ProgramFiles%\Windows Mail\wab.exe] -> [2009/07/14 03:39:50 | 000,516,608 | ---- | M] (Microsoft Corporation) wabmig.exe -> C:\Program Files\Windows Mail\wabmig.exe [%ProgramFiles%\Windows Mail\wabmig.exe] -> [2009/07/14 03:39:50 | 000,067,584 | ---- | M] (Microsoft Corporation) WinRAR.exe -> C:\Program Files\WinRAR\WinRAR.exe [C:\Program Files\WinRAR\WinRAR.exe] -> [2010/03/15 11:26:36 | 001,090,560 | ---- | M] () Winword.exe -> C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE [C:\PROGRA~2\MICROS~1\Office12\WINWORD.EXE] -> [2010/04/09 19:05:06 | 000,408,936 | ---- | M] (Microsoft Corporation) WKSAB.EXE -> c:\Program Files (x86)\Microsoft Works\wksab.exe [c:\Program Files (x86)\Microsoft Works\WKSAB.exe] -> [2007/06/20 23:04:22 | 000,020,832 | ---- | M] (Microsoft® Corporation) wkscal.exe -> c:\Program Files (x86)\Microsoft Works\WksCal.exe [c:\PROGRA~2\MICROS~2\WksCal.exe] -> [2007/06/20 23:04:22 | 000,722,272 | ---- | M] (Microsoft® Corporation) wksdb.exe -> c:\Program Files (x86)\Microsoft Works\wksdb.exe [c:\Program Files (x86)\Microsoft Works\wksdb.exe] -> [2007/06/20 23:04:22 | 001,242,464 | ---- | M] (Microsoft® Corporation) WKSSB.EXE -> c:\Program Files (x86)\Microsoft Works\WksSb.exe [c:\Program Files (x86)\Microsoft Works\WKSSB.exe] -> [2007/06/20 23:04:22 | 001,099,104 | ---- | M] (Microsoft® Corporation) wksss.exe -> c:\Program Files (x86)\Microsoft Works\wksss.exe [c:\Program Files (x86)\Microsoft Works\wksss.exe] -> [2007/06/20 23:04:24 | 000,947,552 | ---- | M] (Microsoft® Corporation) wkswp.exe -> c:\Program Files (x86)\Microsoft Works\WksWP.exe [c:\Program Files (x86)\Microsoft Works\wkswp.exe] -> [2007/06/20 23:04:24 | 000,709,984 | ---- | M] (Microsoft® Corporation) wlmail.exe -> C:\Program Files (x86)\Windows Live\Mail\wlmail.exe [C:\Program Files (x86)\Windows Live\Mail\wlmail.exe] -> [2009/07/26 17:44:52 | 000,114,000 | ---- | M] (Microsoft Corporation) wmplayer.exe -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe [%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe] -> [2009/08/29 08:56:10 | 000,164,864 | ---- | M] (Microsoft Corporation) WORDPAD.EXE -> C:\Program Files\Windows NT\Accessories\WORDPAD.EXE ["%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"] -> [2009/07/14 03:39:57 | 004,580,352 | ---- | M] (Microsoft Corporation) WRITE.EXE -> C:\Program Files\Windows NT\Accessories\WORDPAD.EXE ["%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"] -> [2009/07/14 03:39:57 | 004,580,352 | ---- | M] (Microsoft Corporation) < App Paths [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ -> 7zFM.exe -> C:\Program Files (x86)\7-Zip\7zFM.exe [C:\Program Files (x86)\7-Zip\7zFM.exe] -> [2009/02/03 09:10:08 | 000,388,096 | ---- | M] (Igor Pavlov) AcroRd32.exe -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe [C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe] -> [2010/04/04 07:57:52 | 000,349,616 | ---- | M] (Adobe Systems Incorporated) BackupManager.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found ccleaner.exe -> C:\Program Files (x86)\CCleaner\CCleaner.exe [C:\Program Files (x86)\CCleaner\ccleaner.exe] -> [2010/05/25 18:08:54 | 001,694,520 | ---- | M] (Piriform Ltd) cmmgr32.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found dvdmaker.exe -> C:\Program Files (x86)\DVD Maker\dvdmaker.exe [%ProgramFiles%\DVD Maker\dvdmaker.exe] -> File not found ECOPY.EXE -> C:\Program Files (x86)\epson\Creativity Suite\Copy Utility\ECOPY.EXE [C:\Program Files (x86)\EPSON\Creativity Suite\Copy Utility\ECOPY.exe] -> [2004/10/08 01:00:02 | 000,716,800 | ---- | M] (SEIKO EPSON CORP.) Escfg.exe -> C:\Windows\twain_32\escndv\escfg.exe [C:\Windows\twain_32\escndv\Escfg.exe] -> [2006/10/04 01:00:00 | 000,182,424 | ---- | M] (SEIKO EPSON CORP.) Escndv.exe -> C:\Windows\twain_32\escndv\escndv.exe [C:\Windows\twain_32\escndv\Escndv.exe] -> [2006/03/08 01:00:00 | 000,118,784 | ---- | M] (SEIKO EPSON CORP.) firefox.exe -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe [C:\Program Files (x86)\Mozilla Firefox\firefox.exe] -> [2010/04/01 20:01:50 | 000,910,296 | ---- | M] (Mozilla Corporation) fsquirt.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found install.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found iTunes.exe -> C:\Program Files (x86)\iTunes\iTunes.exe [C:\Program Files (x86)\iTunes\iTunes.exe] -> [2010/04/28 15:06:24 | 010,358,568 | ---- | M] (Apple Inc.) IZArc -> C:\Program Files (x86)\IZArc\IZArc.exe [C:\Program Files (x86)\IZArc\IZArc.exe] -> [2009/11/23 11:27:36 | 002,850,304 | ---- | M] () javaws.exe -> C:\Program Files (x86)\Java\jre6\bin\javaws.exe [C:\Program Files (x86)\Java\jre6\bin\javaws.exe] -> [2010/06/05 12:05:37 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) Journal.exe -> C:\Program Files (x86)\Windows Journal\Journal.exe [%ProgramFiles%\Windows Journal\Journal.exe] -> File not found mbam.exe -> C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe [C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe] -> [2010/04/29 15:39:32 | 001,090,952 | ---- | M] (Malwarebytes Corporation) mip.exe -> C:\Program Files (x86)\Common Files\microsoft shared\ink\mip.exe [%CommonProgramFiles%\Microsoft Shared\Ink\mip.exe] -> [2009/07/14 03:14:24 | 001,221,632 | ---- | M] (Microsoft Corporation) mplayer2.exe -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe [%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe] -> [2009/08/29 08:56:10 | 000,164,864 | ---- | M] (Microsoft Corporation) MSNMSGR.EXE -> C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe] -> [2009/07/26 17:44:52 | 003,883,856 | ---- | M] (Microsoft Corporation) MsoHtmEd.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found msoxmled.exe -> C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLED.EXE [C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSOXMLED.EXE] -> [2006/10/27 06:41:50 | 000,059,152 | ---- | M] (Microsoft Corporation) msworks.exe -> c:\Program Files (x86)\Microsoft Works\MSWorks.exe [c:\Program Files (x86)\Microsoft Works\msworks.exe] -> [2007/06/20 23:03:56 | 000,644,448 | ---- | M] (Microsoft® Corporation) NewPCStudio.exe -> C:\Program Files (x86)\Samsung\Samsung New PC Studio\ [C:\Program Files (x86)\Samsung\Samsung New PC Studio\] -> [2010/05/26 16:03:42 | 000,000,000 | ---D | M] ois.exe -> C:\Program Files (x86)\Microsoft Office\Office12\OIS.EXE [C:\PROGRA~2\MICROS~1\Office12\OIS.EXE] -> [2008/11/04 02:24:48 | 000,274,808 | ---- | M] (Microsoft Corporation) OneNote.exe -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTE.EXE [C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE] -> [2009/02/26 15:24:50 | 001,001,840 | ---- | M] (Microsoft Corporation) pbrush.exe -> C:\Windows\SysWOW64\mspaint.exe [%SystemRoot%\System32\mspaint.exe] -> [2009/07/14 03:14:26 | 006,376,960 | ---- | M] (Microsoft Corporation) PhotoImpression.exe -> C:\Program Files (x86)\ArcSoft\PhotoImpression 5\photoimpression.exe [C:\Program Files (x86)\ArcSoft\PhotoImpression 5\PhotoImpression.exe] -> [2005/03/14 16:30:28 | 000,135,168 | ---- | M] (ArcSoft Inc.) pi.exe -> C:\Program Files (x86)\Microsoft Digital Image 10\pi.exe [C:\Program Files (x86)\Microsoft Digital Image 10\pi.exe] -> [2004/06/12 12:40:16 | 000,424,448 | ---- | M] (Microsoft Corporation) PictureViewer.exe -> C:\Program Files (x86)\QuickTime\PictureViewer.exe [C:\Program Files (x86)\QuickTime\PictureViewer.exe] -> [2010/03/17 21:53:32 | 000,557,056 | ---- | M] (Apple Inc.) PlayMovie.exe -> C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PlayMovie.mcl [C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PlayMovie.mcl] -> [2009/09/29 11:51:14 | 000,000,465 | ---- | M] () Pod.exe -> C:\Program Files (x86)\Microsoft Digital Image 10\Pod.exe [C:\Program Files (x86)\Microsoft Digital Image 10\Pod.exe] -> [2004/06/12 12:35:14 | 000,035,328 | ---- | M] (Microsoft Corporation) PowerCinema -> C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe [C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe] -> [2009/09/29 12:31:56 | 000,353,576 | ---- | M] (Acer Incorporated) powerpnt.exe -> C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE [C:\PROGRA~2\MICROS~1\Office12\POWERPNT.EXE] -> [2009/02/26 14:06:28 | 000,521,080 | ---- | M] (Microsoft Corporation) PowerShell.exe -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe [%SystemRoot%\system32\WindowsPowerShell\v1.0\PowerShell.exe] -> [2009/07/14 03:14:24 | 000,452,608 | ---- | M] (Microsoft Corporation) QuickTimePlayer.exe -> C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe [C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe] -> [2010/03/17 23:28:24 | 001,230,128 | ---- | M] (Apple Inc.) sbase.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\sbase.exe [C:\Program Files (x86)\OpenOffice.org 3\program\sbase.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org) scalc.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\scalc.exe [C:\Program Files (x86)\OpenOffice.org 3\program\scalc.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org) sdraw.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\sdraw.exe [C:\Program Files (x86)\OpenOffice.org 3\program\sdraw.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org) setup.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found sidebar.exe -> C:\Program Files (x86)\Windows Sidebar\sidebar.exe ["%ProgramFiles%\Windows Sidebar\sidebar.exe"] -> [2009/07/14 03:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation) simpress.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\simpress.exe [C:\Program Files (x86)\OpenOffice.org 3\program\simpress.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org) smath.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\smath.exe [C:\Program Files (x86)\OpenOffice.org 3\program\smath.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org) SnippingTool.exe -> C:\Windows\SysWow64\SnippingTool.exe [%SystemRoot%\system32\SnippingTool.exe] -> File not found soffice.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe [C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe] -> [2010/05/21 00:58:46 | 011,318,784 | ---- | M] (OpenOffice.org) SoftDMA.exe -> C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe [C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe] -> [2009/09/25 11:48:14 | 000,334,392 | ---- | M] (Acer Incorporated) swriter.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\swriter.exe [C:\Program Files (x86)\OpenOffice.org 3\program\swriter.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org) table30.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found TabTip.exe -> C:\Program Files (x86)\Common Files\microsoft shared\ink\TabTip.exe [%CommonProgramFiles%\microsoft shared\ink\TabTip.exe] -> File not found thunderbird.exe -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe [C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe] -> [2010/03/31 07:46:49 | 011,957,424 | ---- | M] (Mozilla Messaging) unopkg.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\unopkg.exe [C:\Program Files (x86)\OpenOffice.org 3\program\unopkg.exe] -> [2010/05/20 07:01:10 | 000,010,752 | ---- | M] () wab.exe -> C:\Program Files (x86)\Windows Mail\wab.exe [%ProgramFiles%\Windows Mail\wab.exe] -> [2009/07/14 03:14:44 | 000,516,096 | ---- | M] (Microsoft Corporation) wabmig.exe -> C:\Program Files (x86)\Windows Mail\wabmig.exe [%ProgramFiles%\Windows Mail\wabmig.exe] -> [2009/07/14 03:14:44 | 000,065,536 | ---- | M] (Microsoft Corporation) WinRAR.exe -> C:\Program Files\WinRAR\WinRAR.exe [C:\Program Files\WinRAR\WinRAR.exe] -> [2010/03/15 11:26:36 | 001,090,560 | ---- | M] () Winword.exe -> C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE [C:\PROGRA~2\MICROS~1\Office12\WINWORD.EXE] -> [2010/04/09 19:05:06 | 000,408,936 | ---- | M] (Microsoft Corporation) WKSAB.EXE -> c:\Program Files (x86)\Microsoft Works\wksab.exe [c:\Program Files (x86)\Microsoft Works\WKSAB.exe] -> [2007/06/20 23:04:22 | 000,020,832 | ---- | M] (Microsoft® Corporation) wkscal.exe -> c:\Program Files (x86)\Microsoft Works\WksCal.exe [c:\PROGRA~2\MICROS~2\WksCal.exe] -> [2007/06/20 23:04:22 | 000,722,272 | ---- | M] (Microsoft® Corporation) wksdb.exe -> c:\Program Files (x86)\Microsoft Works\wksdb.exe [c:\Program Files (x86)\Microsoft Works\wksdb.exe] -> [2007/06/20 23:04:22 | 001,242,464 | ---- | M] (Microsoft® Corporation) WKSSB.EXE -> c:\Program Files (x86)\Microsoft Works\WksSb.exe [c:\Program Files (x86)\Microsoft Works\WKSSB.exe] -> [2007/06/20 23:04:22 | 001,099,104 | ---- | M] (Microsoft® Corporation) wksss.exe -> c:\Program Files (x86)\Microsoft Works\wksss.exe [c:\Program Files (x86)\Microsoft Works\wksss.exe] -> [2007/06/20 23:04:24 | 000,947,552 | ---- | M] (Microsoft® Corporation) wkswp.exe -> c:\Program Files (x86)\Microsoft Works\WksWP.exe [c:\Program Files (x86)\Microsoft Works\wkswp.exe] -> [2007/06/20 23:04:24 | 000,709,984 | ---- | M] (Microsoft® Corporation) wlmail.exe -> C:\Program Files (x86)\Windows Live\Mail\wlmail.exe [C:\Program Files (x86)\Windows Live\Mail\wlmail.exe] -> [2009/07/26 17:44:52 | 000,114,000 | ---- | M] (Microsoft Corporation) wmplayer.exe -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe [%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe] -> [2009/08/29 08:56:10 | 000,164,864 | ---- | M] (Microsoft Corporation) WORDPAD.EXE -> C:\Program Files (x86)\Windows NT\Accessories\WORDPAD.EXE ["%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"] -> [2009/07/14 03:14:49 | 004,243,968 | ---- | M] (Microsoft Corporation) WRITE.EXE -> C:\Program Files (x86)\Windows NT\Accessories\WORDPAD.EXE ["%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"] -> [2009/07/14 03:14:49 | 004,243,968 | ---- | M] (Microsoft Corporation) < 64bit-Approved Shell Extensions [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved -> "{00C6D95F-329C-409a-81D7-C46C66EA7F33}" [HKLM] -> C:\Windows\SysNative\shdocvw.dll [] -> [2009/07/14 03:41:54 | 000,196,096 | ---- | M] (Microsoft Corporation) "{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKLM] -> C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll [eDS psd drag drop protection] -> [2009/09/10 15:44:06 | 000,137,512 | ---- | M] (Egis Technology Inc.) "{3BBAC0AD-8227-3462-C8EF-A36794DD8CD2}" [HKLM] -> C:\Program Files (x86)\IZArc\IZArcCM64.dll [iZArc Shell Extension] -> [2009/04/24 15:50:52 | 000,210,944 | ---- | M] () "{3D1975AF-48C6-4f8e-A182-BE0E08FA86A9}" [HKLM] -> C:\Windows\SysNative\nvshext.dll [NVIDIA Play On My TV Context Menu Extension] -> [2009/07/14 10:51:46 | 000,238,080 | ---- | M] (NVIDIA Corporation) "{42042206-2D85-11D3-8CFF-005004838597}" [HKLM] -> C:\PROGRA~1\MICROS~2\Office12\MSOHEVI.DLL [Microsoft Office HTML Icon Handler] -> [2008/10/25 17:36:06 | 000,110,968 | ---- | M] (Microsoft Corporation) "{44440D00-FF19-4AFC-B765-9A0970567D97}" [HKLM] -> C:\Windows\SysNative\uxtuneup.dll [TuneUp Theme Extension] -> [2010/05/07 18:01:52 | 000,036,168 | ---- | M] (TuneUp Software) "{45AC2688-0253-4ED8-97DE-B5370FA7D48A}" [HKLM] -> C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [shell Extension for Malware scanning] -> [2010/06/18 19:52:00 | 000,357,224 | ---- | M] (Avira GmbH) "{4838CD50-7E5D-4811-9B17-C47A85539F28}" [HKLM] -> C:\Program Files (x86)\TuneUp Utilities 2010\DseShExt-x64.dll [TuneUp Disk Space Explorer Shell Extension] -> [2010/05/07 18:02:12 | 000,024,392 | ---- | M] (TuneUp Software) "{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}" [HKLM] -> C:\Program Files (x86)\TuneUp Utilities 2010\SDShelEx-x64.dll [TuneUp Shredder Shell Extension] -> [2010/05/07 18:02:24 | 000,029,512 | ---- | M] (TuneUp Software) "{80009818-f38f-4af1-87b5-eadab9433e58}" [HKLM] -> C:\Windows\SysNative\mf.dll [MF ADTS Property Handler] -> [2009/07/14 03:41:22 | 004,062,208 | ---- | M] (Microsoft Corporation) "{85D26561-0241-4BE2-A8DF-8F921A0EF948}" [HKLM] -> C:\Program Files (x86)\a-squared Free\a2freecontmenu64.dll [a-squared Free Shell Extension x64] -> [2009/10/01 17:03:14 | 000,302,736 | ---- | M] (Emsi Software GmbH) "{967B2D40-8B7D-4127-9049-61EA0C2C6DCE}" [HKLM] -> Reg Error: Key error. [PowerISO] -> File not found "{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}" [HKLM] -> C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [Microsoft Office Metadata Handler] -> [2008/11/21 08:06:22 | 001,586,568 | ---- | M] (Microsoft Corporation) "{A70C977A-BF00-412C-90B7-034C51DA2439}" [HKLM] -> C:\Windows\SysNative\nvcpl.dll [NvCpl DesktopContext Class] -> [2010/04/03 18:42:00 | 014,828,648 | ---- | M] (NVIDIA Corporation) "{B41DB860-64E4-11D2-9906-E49FADC173CA}" [HKLM] -> C:\Program Files\WinRAR\rarext.dll [WinRAR shell extension] -> [2010/03/15 11:28:22 | 000,166,400 | ---- | M] () "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" [HKLM] -> Reg Error: Key error. [WinRAR shell extension] -> File not found {B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKU\S-1-5-21-3258892936-4116843137-97899428-1001] -> C:\Program Files\WinRAR\rarext32.dll [WinRAR shell extension] -> [2010/03/15 11:28:22 | 000,141,824 | ---- | M] () "{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}" [HKLM] -> C:\Program Files\iTunes\iTunesMiniPlayer.dll [iTunes] -> [2010/04/28 15:06:34 | 000,141,096 | ---- | M] (Apple Inc.) "{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97}" [HKLM] -> C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [Microsoft Office Thumbnail Handler] -> [2008/11/21 08:06:22 | 001,586,568 | ---- | M] (Microsoft Corporation) "{FFB699E0-306A-11d3-8BD1-00104B6F7516}" [HKLM] -> C:\Windows\SysNative\nvcpl.dll [Play on my TV helper] -> [2010/04/03 18:42:00 | 014,828,648 | ---- | M] (NVIDIA Corporation) < Approved Shell Extensions [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved -> "{087B3AE3-E237-4467-B8DB-5A38AB959AC9}" [HKLM] -> C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll [OpenOffice.org Infotip Handler] -> [2010/05/19 15:37:00 | 000,401,920 | ---- | M] (OpenOffice.org) "{23170F69-40C1-278A-1000-000100020000}" [HKLM] -> C:\Program Files (x86)\7-Zip\7-zip.dll [7-Zip Shell Extension] -> [2009/02/03 09:09:46 | 000,069,632 | ---- | M] (Igor Pavlov) "{3B092F0C-7696-40E3-A80F-68D74DA84210}" [HKLM] -> C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll [OpenOffice.org Thumbnail Viewer] -> [2010/05/19 15:37:00 | 000,401,920 | ---- | M] (OpenOffice.org) "{4838CD50-7E5D-4811-9B17-C47A85539F28}" [HKLM] -> C:\Program Files (x86)\TuneUp Utilities 2010\DseShExt-x86.dll [TuneUp Disk Space Explorer Shell Extension] -> [2010/05/07 18:02:06 | 000,026,440 | ---- | M] (TuneUp Software) "{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}" [HKLM] -> C:\Program Files (x86)\TuneUp Utilities 2010\SDShelEx-win32.dll [TuneUp Shredder Shell Extension] -> [2010/05/07 18:02:18 | 000,030,536 | ---- | M] (TuneUp Software) "{63542C48-9552-494A-84F7-73AA6A7C99C1}" [HKLM] -> C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll [OpenOffice.org Property Sheet Handler] -> [2010/05/19 15:37:00 | 000,401,920 | ---- | M] (OpenOffice.org) "{72923739-5A47-40A3-9895-25AF0DFBB9E4}" [HKLM] -> C:\Program Files (x86)\Glary Utilities\ContextHandler.dll [Glary Utilities Context Menu Shell Extension] -> [2010/05/26 10:01:22 | 000,036,152 | ---- | M] (Glarysoft Ltd) "{B41DB860-64E4-11D2-9906-E49FADC173CA}" [HKLM] -> Reg Error: Key error. [WinRAR shell extension] -> File not found "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" [HKLM] -> C:\Program Files\WinRAR\rarext32.dll [WinRAR shell extension] -> [2010/03/15 11:28:22 | 000,141,824 | ---- | M] () {B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKU\S-1-5-21-3258892936-4116843137-97899428-1001] -> C:\Program Files\WinRAR\rarext32.dll [WinRAR shell extension] -> [2010/03/15 11:28:22 | 000,141,824 | ---- | M] () "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" [HKLM] -> C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll [OpenOffice.org Column Handler] -> [2010/05/19 15:37:00 | 000,401,920 | ---- | M] (OpenOffice.org) < 64bit-Disabled MSConfig State [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state -> "services" -> 2 -> < 64bit-Drivers32 [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 -> "aux" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation) "midi" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation) "midi1" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation) "midi2" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation) "midi3" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation) "midi4" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation) "midimapper" -> C:\Windows\SysNative\midimap.dll [midimap.dll] -> [2009/07/14 03:41:23 | 000,020,480 | ---- | M] (Microsoft Corporation) "mixer" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation) "mixer1" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation) "mixer2" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation) "mixer3" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation) "mixer4" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation) "msacm.imaadpcm" -> C:\Windows\SysNative\imaadp32.acm [imaadp32.acm] -> [2009/07/14 03:38:53 | 000,022,016 | ---- | M] (Microsoft Corporation) "msacm.l3acm" -> C:\Windows\SysNative\l3codeca.acm [C:\Windows\System32\l3codeca.acm] -> [2009/07/14 03:38:53 | 000,081,408 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) "msacm.msadpcm" -> C:\Windows\SysNative\msadp32.acm [msadp32.acm] -> [2009/07/14 03:38:53 | 000,024,064 | ---- | M] (Microsoft Corporation) "msacm.msg711" -> C:\Windows\SysNative\msg711.acm [msg711.acm] -> [2009/07/14 03:38:53 | 000,014,848 | ---- | M] (Microsoft Corporation) "msacm.msgsm610" -> C:\Windows\SysNative\msgsm32.acm [msgsm32.acm] -> [2009/07/14 03:38:53 | 000,029,184 | ---- | M] (Microsoft Corporation) "vidc.i420" -> C:\Windows\SysNative\iyuv_32.dll [iyuv_32.dll] -> [2009/12/19 11:46:35 | 000,054,272 | ---- | M] (Microsoft Corporation) "vidc.iyuv" -> C:\Windows\SysNative\iyuv_32.dll [iyuv_32.dll] -> [2009/12/19 11:46:35 | 000,054,272 | ---- | M] (Microsoft Corporation) "vidc.mrle" -> C:\Windows\SysNative\msrle32.dll [msrle32.dll] -> [2009/12/19 11:47:46 | 000,016,384 | ---- | M] (Microsoft Corporation) "vidc.msvc" -> C:\Windows\SysNative\msvidc32.dll [msvidc32.dll] -> [2009/12/19 11:47:53 | 000,038,912 | ---- | M] (Microsoft Corporation) "vidc.uyvy" -> C:\Windows\SysNative\msyuv.dll [msyuv.dll] -> [2009/12/19 11:47:56 | 000,025,088 | ---- | M] (Microsoft Corporation) "vidc.yuy2" -> C:\Windows\SysNative\msyuv.dll [msyuv.dll] -> [2009/12/19 11:47:56 | 000,025,088 | ---- | M] (Microsoft Corporation) "vidc.yvu9" -> C:\Windows\SysNative\tsbyuv.dll [tsbyuv.dll] -> [2009/12/19 11:50:56 | 000,014,848 | ---- | M] (Microsoft Corporation) "vidc.yvyu" -> C:\Windows\SysNative\msyuv.dll [msyuv.dll] -> [2009/12/19 11:47:56 | 000,025,088 | ---- | M] (Microsoft Corporation) "wave" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation) "wave1" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation) "wave2" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation) "wave3" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation) "wave4" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation) "wavemapper" -> C:\Windows\SysNative\msacm32.drv [msacm32.drv] -> [2009/07/14 03:38:50 | 000,025,600 | ---- | M] (Microsoft Corporation) < Drivers32 [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 -> "msacm.l3acm" -> C:\Windows\SysWOW64\l3codeca.acm [C:\Windows\SysWOW64\l3codeca.acm] -> [2009/07/14 03:14:10 | 000,064,000 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) "msacm.siren" -> C:\Windows\SysWow64\sirenacm.dll [sirenacm.dll] -> [2009/07/26 17:44:56 | 000,048,448 | ---- | M] (Microsoft Corporation) "vidc.cvid" -> C:\Windows\SysWow64\iccvid.dll [iccvid.dll] -> [2009/07/14 03:15:26 | 000,082,944 | ---- | M] (Radius Inc.) < 64bit-Ext (PreApproved) - [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ -> {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {19916E01-B44E-4E31-94A4-4696DF46157B} [HKLM] -> C:\Windows\SysNative\icardie.dll [informationCardSigninHelper Class] -> [2009/07/14 03:41:05 | 000,084,480 | ---- | M] (Microsoft Corporation) {233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {3050F819-98B5-11CF-BB82-00AA00BDCE0B} [HKLM] -> C:\Windows\SysNative\mshtmled.dll [HtmlDlgSafeHelper Class] -> [2009/07/14 03:41:28 | 000,097,280 | ---- | M] (Microsoft Corporation) {333C7BC4-460F-11D0-BC04-0080C7055A83} [HKLM] -> C:\Windows\SysNative\tdc.ocx [Tabular Data Control] -> [2009/07/14 03:38:53 | 000,078,336 | ---- | M] (Microsoft Corporation) {3E4D4F1C-2AEE-11D1-9D3D-00C04FC30DF6} [HKLM] -> C:\Windows\SysNative\oleprn.dll [oleprn Class] -> [2009/07/14 03:41:53 | 000,129,536 | ---- | M] (Microsoft Corporation) {4063BE15-3B08-470D-A0D5-B37161CFFD69} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {435899C9-44AB-11D1-AF00-080036234103} [HKLM] -> C:\Windows\SysNative\oleprn.dll [DSPrintQueue Class] -> [2009/07/14 03:41:53 | 000,129,536 | ---- | M] (Microsoft Corporation) {4F664F91-FF01-11D0-8AED-00C04FD7B597} [HKLM] -> C:\Windows\SysNative\oleprn.dll [OleSNMP Class] -> [2009/07/14 03:41:53 | 000,129,536 | ---- | M] (Microsoft Corporation) {65303443-AD66-11D1-9D65-00C04FC30DF6} [HKLM] -> C:\Windows\SysNative\oleprn.dll [OleCvt Class] -> [2009/07/14 03:41:53 | 000,129,536 | ---- | M] (Microsoft Corporation) {6BF52A52-394A-11d3-B153-00C04F79FAA6} [HKLM] -> C:\Windows\SysNative\wmp.dll [Windows Media Player] -> [2009/08/29 09:53:27 | 014,629,376 | ---- | M] (Microsoft Corporation) {760C4B83-E211-11D2-BF3E-00805FBE84A6} [HKLM] -> C:\Windows\SysNative\msnetobj.dll [Windows Media Services DRM Storage object] -> [2009/07/14 03:41:30 | 000,325,632 | ---- | M] (Microsoft Corporation) {884e2049-217d-11da-b2a4-000e7bbb2b09} [HKLM] -> C:\Windows\SysNative\CertEnrollCtrl.exe [X509 Enrollment WebClassFactory] -> [2009/07/14 03:38:58 | 000,070,144 | ---- | M] (Microsoft Corporation) {884e2051-217d-11da-b2a4-000e7bbb2b09} [HKLM] -> C:\Windows\SysNative\CertEnroll.dll [X509 Machine Enrollment Factory] -> [2009/09/03 09:36:39 | 001,975,296 | ---- | M] (Microsoft Corporation) {88d969c0-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {88d969c1-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {88d969c2-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {88d969c3-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {88d969c4-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {88d969c5-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {8E4062D9-FE1B-4b9e-AA16-5E8EEF68F48E} [HKLM] -> C:\Windows\SysNative\RegCtrl.dll [Registration Control] -> [2009/07/14 03:41:53 | 000,049,152 | ---- | M] (Microsoft Corporation) {92337A8C-E11D-11D0-BE48-00C04FC30DF6} [HKLM] -> C:\Windows\SysNative\oleprn.dll [prturl Class] -> [2009/07/14 03:41:53 | 000,129,536 | ---- | M] (Microsoft Corporation) {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} [HKLM] -> C:\Windows\SysNative\msnetobj.dll [RMGetLicense Class] -> [2009/07/14 03:41:30 | 000,325,632 | ---- | M] (Microsoft Corporation) {C3701884-B39B-11D1-9D68-00C04FC30DF6} [HKLM] -> C:\Windows\SysNative\oleprn.dll [OleInstall Class] -> [2009/07/14 03:41:53 | 000,129,536 | ---- | M] (Microsoft Corporation) {CA8A9780-280D-11CF-A24D-444553540000} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {CFCDAA03-8BE4-11cf-B84B-0020AFBBCCFA} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {D27CDB6E-AE6D-11cf-96B8-444553540000} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {EE09B103-97E0-11CF-978F-00A02463E06F} [HKLM] -> C:\Windows\SysNative\scrrun.dll [scripting.Dictionary] -> [2009/07/14 03:41:53 | 000,202,752 | ---- | M] (Microsoft Corporation) < Ext (PreApproved) - [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ -> {02BCC737-B171-4746-94C9-0D8A0B2C0089} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\IEAWSDC.DLL [Microsoft Office Template and Media Control] -> [2008/10/25 07:18:50 | 000,172,880 | ---- | M] () {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [HKLM] -> C:\Program Files (x86)\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2010/03/17 23:28:24 | 000,800,048 | ---- | M] (Apple Inc.) {07B06095-5687-4D13-9E32-12B4259C9813} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\STSUPLD.DLL [sTSUpld UploadCtl Class] -> [2006/10/27 04:59:30 | 000,227,128 | ---- | M] (Microsoft Corporation) {166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {19916E01-B44E-4E31-94A4-4696DF46157B} [HKLM] -> C:\Windows\SysWOW64\icardie.dll [informationCardSigninHelper Class] -> [2009/07/14 03:15:26 | 000,061,952 | ---- | M] (Microsoft Corporation) {233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {3050F819-98B5-11CF-BB82-00AA00BDCE0B} [HKLM] -> C:\Windows\SysWOW64\mshtmled.dll [HtmlDlgSafeHelper Class] -> [2009/07/14 03:15:44 | 000,067,072 | ---- | M] (Microsoft Corporation) {333C7BC4-460F-11D0-BC04-0080C7055A83} [HKLM] -> C:\Windows\SysWOW64\tdc.ocx [Tabular Data Control] -> [2009/07/14 03:14:10 | 000,066,560 | ---- | M] (Microsoft Corporation) {3E4D4F1C-2AEE-11D1-9D3D-00C04FC30DF6} [HKLM] -> C:\Windows\SysWOW64\oleprn.dll [oleprn Class] -> [2009/07/14 03:16:12 | 000,107,008 | ---- | M] (Microsoft Corporation) {3E8FD258-0359-4476-AAF4-7C5F65E9B46E} [HKLM] -> C:\Program Files (x86)\Common Files\Oberon Media\Odyssey\2.0.0.29\Odyssey.dll [OdysseyActiveX Class] -> [2007/07/04 13:17:40 | 000,206,120 | ---- | M] (Oberon Media) {3FD37ABB-F90A-4DE5-AA38-179629E64C2F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSSUPP.DLL [sharePoint Spreadsheet Launcher] -> [2009/03/06 05:23:08 | 000,140,168 | ---- | M] (Microsoft Corporation) {4063BE15-3B08-470D-A0D5-B37161CFFD69} [HKLM] -> C:\Program Files (x86)\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2010/03/17 23:28:24 | 000,800,048 | ---- | M] (Apple Inc.) {435899C9-44AB-11D1-AF00-080036234103} [HKLM] -> C:\Windows\SysWOW64\oleprn.dll [DSPrintQueue Class] -> [2009/07/14 03:16:12 | 000,107,008 | ---- | M] (Microsoft Corporation) {4F07F79F-087F-42cf-8B36-7A88D06088E9} [HKLM] -> C:\Program Files (x86)\Windows Live\Messenger\msgsc.14.0.8089.0726.dll [Reg Error: Value error.] -> [2009/07/26 17:44:56 | 000,221,520 | ---- | M] (Microsoft Corporation) {4F664F91-FF01-11D0-8AED-00C04FD7B597} [HKLM] -> C:\Windows\SysWOW64\oleprn.dll [OleSNMP Class] -> [2009/07/14 03:16:12 | 000,107,008 | ---- | M] (Microsoft Corporation) {5852F5ED-8BF4-11D4-A245-0080C6F74284} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\wsdetect.dll [isInstalled Class] -> [2010/06/05 12:05:37 | 000,108,320 | ---- | M] (Sun Microsystems, Inc.) {62B4D041-4667-40B6-BB50-4BC0A5043A73} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSSUPP.DLL [sharePoint Export Database Launcher] -> [2009/03/06 05:23:08 | 000,140,168 | ---- | M] (Microsoft Corporation) {65303443-AD66-11D1-9D65-00C04FC30DF6} [HKLM] -> C:\Windows\SysWOW64\oleprn.dll [OleCvt Class] -> [2009/07/14 03:16:12 | 000,107,008 | ---- | M] (Microsoft Corporation) {65BCBEE4-7728-41A0-97BE-14E1CAE36AAE} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\STSLIST.DLL [Microsoft Office List 12.0] -> [2009/03/06 04:01:06 | 002,335,648 | ---- | M] (Microsoft Corporation) {6BF52A52-394A-11d3-B153-00C04F79FAA6} [HKLM] -> C:\Windows\SysWOW64\wmp.dll [Windows Media Player] -> [2009/08/29 08:59:32 | 011,406,336 | ---- | M] (Microsoft Corporation) {760C4B83-E211-11D2-BF3E-00805FBE84A6} [HKLM] -> C:\Windows\SysWOW64\msnetobj.dll [Windows Media Services DRM Storage object] -> [2009/07/14 03:15:46 | 000,265,216 | ---- | M] (Microsoft Corporation) {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {884e2049-217d-11da-b2a4-000e7bbb2b09} [HKLM] -> C:\Windows\SysWOW64\CertEnrollCtrl.exe [X509 Enrollment WebClassFactory] -> [2009/07/14 03:14:13 | 000,067,072 | ---- | M] (Microsoft Corporation) {884e2051-217d-11da-b2a4-000e7bbb2b09} [HKLM] -> C:\Windows\SysWOW64\CertEnroll.dll [X509 Machine Enrollment Factory] -> [2009/09/03 09:04:15 | 001,320,960 | ---- | M] (Microsoft Corporation) {88d969c0-f192-11d4-a65f-0040963251e5} [HKLM] -> C:\Windows\SysWOW64\msxml4.dll [xml DOM Document 4.0] -> [2009/07/21 01:05:40 | 001,348,432 | ---- | M] (Microsoft Corporation) {88d969c1-f192-11d4-a65f-0040963251e5} [HKLM] -> C:\Windows\SysWOW64\msxml4.dll [Free Threaded XML DOM Document 4.0] -> [2009/07/21 01:05:40 | 001,348,432 | ---- | M] (Microsoft Corporation) {88d969c2-f192-11d4-a65f-0040963251e5} [HKLM] -> C:\Windows\SysWOW64\msxml4.dll [xml Schema Cache 4.0] -> [2009/07/21 01:05:40 | 001,348,432 | ---- | M] (Microsoft Corporation) {88d969c3-f192-11d4-a65f-0040963251e5} [HKLM] -> C:\Windows\SysWOW64\msxml4.dll [XSL Template 4.0] -> [2009/07/21 01:05:40 | 001,348,432 | ---- | M] (Microsoft Corporation) {88d969c4-f192-11d4-a65f-0040963251e5} [HKLM] -> C:\Windows\SysWOW64\msxml4.dll [xml Data Source Object 4.0] -> [2009/07/21 01:05:40 | 001,348,432 | ---- | M] (Microsoft Corporation) {88d969c5-f192-11d4-a65f-0040963251e5} [HKLM] -> C:\Windows\SysWOW64\msxml4.dll [xml HTTP 4.0] -> [2009/07/21 01:05:40 | 001,348,432 | ---- | M] (Microsoft Corporation) {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_20] -> [2010/06/05 12:05:37 | 000,108,320 | ---- | M] () {8E4062D9-FE1B-4b9e-AA16-5E8EEF68F48E} [HKLM] -> C:\Windows\SysWOW64\RegCtrl.dll [Registration Control] -> [2009/07/14 03:16:13 | 000,041,472 | ---- | M] (Microsoft Corporation) {9203C2CB-1DC1-482D-967E-597AFF270F0D} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSSUPP.DLL [sharePoint OpenDocuments Class] -> [2009/03/06 05:23:08 | 000,140,168 | ---- | M] (Microsoft Corporation) {92337A8C-E11D-11D0-BE48-00C04FC30DF6} [HKLM] -> C:\Windows\SysWOW64\oleprn.dll [prturl Class] -> [2009/07/14 03:16:12 | 000,107,008 | ---- | M] (Microsoft Corporation) {9F9C4924-C3F3-4459-A396-9E9E0D8B83D1} [HKLM] -> Reg Error: Key error. [sharePoint OpenDocuments Class] -> File not found {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} [HKLM] -> C:\Windows\SysWOW64\msnetobj.dll [RMGetLicense Class] -> [2009/07/14 03:15:46 | 000,265,216 | ---- | M] (Microsoft Corporation) {BDEADE3E-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWSClientEventSubscription Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADE3F-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWSClientMiscApis Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADE40-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWSClientCommentThread Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADE42-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWSClientComment Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADE43-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWSBrowserUI Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADE98-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWS Post Data] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADE9E-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [sharePoint Spreadsheet Launcher] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEB3-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [Web Discussions] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEB4-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [Web Discussions] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEB5-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [Web Discussions] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEB7-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWSDiscussionServers Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEB8-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWSClientCollaboration Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEDA-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OSE.Discussion] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEDB-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OSE.Discussions] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEDC-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OSE.DiscussionServer] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEDD-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OSE.DiscussionServers] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEDE-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OSE Global Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEE0-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWSDiscussionBar Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEF2-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> Reg Error: Key error. [sharePoint OpenDocuments Class] -> File not found {BDEADEF4-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> Reg Error: Key error. [sharePoint Stssync Handler] -> File not found {BDEADEF5-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSSUPP.DLL [sharePoint Stssync Handler] -> [2009/03/06 05:23:08 | 000,140,168 | ---- | M] (Microsoft Corporation) {C2828995-4A83-4100-A212-3024BA117356} [HKLM] -> C:\Program Files (x86)\Windows Live SkyDrive\Microsoft.Live.Folders.RichUpload.3.dll [Outil de téléchargement Windows Live] -> [2008/10/29 12:46:56 | 000,245,112 | ---- | M] (Microsoft Corporation) {C3701884-B39B-11D1-9D68-00C04FC30DF6} [HKLM] -> C:\Windows\SysWOW64\oleprn.dll [OleInstall Class] -> [2009/07/14 03:16:12 | 000,107,008 | ---- | M] (Microsoft Corporation) {C9712B19-838B-45A5-ABF2-9A315DDDED50} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\AUTHZAX.DLL [Microsoft Office 12 Authorization Control] -> [2008/10/25 07:18:46 | 000,054,152 | ---- | M] (Microsoft Corporation) {CA8A9780-280D-11CF-A24D-444553540000} [HKLM] -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll [Adobe PDF Reader] -> [2010/04/04 01:22:06 | 000,660,912 | ---- | M] (Adobe Systems, Inc.) {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_20] -> [2010/06/05 12:05:37 | 000,108,320 | ---- | M] () {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_20] -> [2010/06/05 12:05:37 | 000,108,320 | ---- | M] () {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_20] -> [2010/06/05 12:05:37 | 000,108,320 | ---- | M] () {CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA} [HKLM] -> C:\Windows\SysWOW64\deployJava1.dll [Deployment Toolkit] -> [2010/06/05 12:05:37 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) {CAFEEFAC-DEC7-0000-0001-ABCDEFFEDCBA} [HKLM] -> C:\Windows\SysWOW64\deployJava1.dll [Deployment Toolkit] -> [2010/06/05 12:05:37 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBC} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {CB927D12-4FF7-4A9E-A169-56E4B8A75598} [HKLM] -> C:\Program Files (x86)\QuickTime\QTPlugin.ocx [behavior Object] -> [2010/03/17 23:28:24 | 000,800,048 | ---- | M] (Apple Inc.) {CDEC13B2-0B3C-400E-B909-E27EE89C6799} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\STSUPLD.DLL [sTSUpld CopyCtl Class] -> [2006/10/27 04:59:30 | 000,227,128 | ---- | M] (Microsoft Corporation) {CFCDAA03-8BE4-11cf-B84B-0020AFBBCCFA} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {D2517915-48CE-4286-970F-921E881B8C5C} [HKLM] -> C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll [Contrôle de l'Assistant de connexion Windows Live] -> [2009/01/22 16:41:30 | 000,408,448 | ---- | M] (Microsoft Corporation) {D27CDB6E-AE6D-11cf-96B8-444553540000} [HKLM] -> C:\Windows\SysWOW64\Macromed\Flash\Flash10h.ocx [shockwave Flash Object] -> [2010/06/12 18:25:27 | 005,712,336 | R--- | M] (Adobe Systems, Inc.) {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} [HKLM] -> C:\Program Files (x86)\iTunes\ITDetector.ocx [iTunesDetector Class] -> [2010/04/28 15:06:20 | 000,111,912 | ---- | M] (Apple Inc.) {DFEAF541-F3E1-4c24-ACAC-99C30715084A} [HKLM] -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50524.0\npctrl.dll [Microsoft Silverlight] -> [2010/05/23 23:30:20 | 001,013,760 | ---- | M] ( Microsoft Corporation) {E13AAC70-70AE-4988-808C-B267F2C20E79} [HKLM] -> C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [Reg Error: Value error.] -> [2009/07/26 17:44:52 | 003,883,856 | ---- | M] (Microsoft Corporation) {E1771B7F-98BE-407F-BA67-AA16ADA5D0C5} [HKLM] -> C:\Program Files (x86)\Windows Live\Messenger\msgsc.14.0.8089.0726.dll [Reg Error: Value error.] -> [2009/07/26 17:44:56 | 000,221,520 | ---- | M] (Microsoft Corporation) {E543A17A-F212-49C0-B63D-BF09B460250E} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\oisctrl.dll [OISClientLauncher Class] -> [2009/03/06 05:23:50 | 000,022,432 | ---- | M] (Microsoft Corporation) {E7339A62-0E31-4A5E-BA3D-F2FEDFBF8BE5} [HKLM] -> C:\Program Files (x86)\Common Files\microsoft shared\Portal\PortalConnectCore.dll [PersonalSite Class] -> [2008/10/26 06:42:16 | 000,482,656 | ---- | M] () {E9DA06F1-632C-462F-98B3-AF74B47DA727} [HKLM] -> C:\Program Files (x86)\Google\Update\1.2.183.29\npGoogleOneClick8.dll [Google Update Plugin] -> [2010/06/16 18:55:20 | 000,219,800 | ---- | M] (Google Inc.) {EE09B103-97E0-11CF-978F-00A02463E06F} [HKLM] -> C:\Windows\SysWOW64\scrrun.dll [scripting.Dictionary] -> [2009/07/14 03:16:13 | 000,163,840 | ---- | M] (Microsoft Corporation) {F06608C7-1874-4EEA-B3B2-DF99EBB144B8} [HKLM] -> C:\Program Files (x86)\Windows Live\Messenger\msgsc.14.0.8089.0726.dll [Reg Error: Value error.] -> [2009/07/26 17:44:56 | 000,221,520 | ---- | M] (Microsoft Corporation) {F9152AEC-3462-4632-8087-EEE3C3CDDA24} [HKLM] -> C:\Program Files (x86)\Google\Google Earth\plugin\ie\5.2.0.5932\plugin_ax.dll [GEPluginCoClass Object] -> [2010/05/06 08:36:43 | 005,102,064 | ---- | M] (Google) < Ext (Settings) - [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\ -> {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {27B4851A-3207-45A2-B947-BE8AFE6163AB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [spybot-S&D IE Protection] -> [2009/01/26 16:31:02 | 001,879,896 | ---- | M] (Safer Networking Limited) {7DB2D5A0-7241-4E79-B68D-6309F01C5231} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll [Programme d'aide de l'Assistant de connexion Windows Live] -> [2009/01/22 16:41:30 | 000,408,448 | ---- | M] (Microsoft Corporation) {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {B164E929-A1B6-4A06-B104-2CD0E90A88FF} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {BF00E119-21A3-4FD1-B178-3B8537E75C92} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\Windows\SysWOW64\Macromed\Flash\Flash10h.ocx [shockwave Flash Object] -> [2010/06/12 18:25:27 | 005,712,336 | R--- | M] (Adobe Systems, Inc.) {F0DA78E9-6B60-42FB-BC26-EF2CFB8C8FF3} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < Ext (Stats) - [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\ -> {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {219C3416-8CB2-491A-A3C7-D9FCDDC9D600} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {2670000A-7350-4F3C-8081-5663EE0C6C49} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {27B4851A-3207-45A2-B947-BE8AFE6163AB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {4063BE15-3B08-470D-A0D5-B37161CFFD69} [HKLM] -> C:\Program Files (x86)\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2010/03/17 23:28:24 | 000,800,048 | ---- | M] (Apple Inc.) {53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [spybot-S&D IE Protection] -> [2009/01/26 16:31:02 | 001,879,896 | ---- | M] (Safer Networking Limited) {5C255C8A-E604-49B4-9D64-90988571CECB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found 64bit-{6BF52A52-394A-11D3-B153-00C04F79FAA6} [HKLM] -> C:\Windows\SysNative\wmp.dll [Windows Media Player] -> [2009/08/29 09:53:27 | 014,629,376 | ---- | M] (Microsoft Corporation) {6BF52A52-394A-11D3-B153-00C04F79FAA6} [HKLM] -> C:\Windows\SysWOW64\wmp.dll [Windows Media Player] -> [2009/08/29 08:59:32 | 011,406,336 | ---- | M] (Microsoft Corporation) {7DB2D5A0-7241-4E79-B68D-6309F01C5231} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll [Programme d'aide de l'Assistant de connexion Windows Live] -> [2009/01/22 16:41:30 | 000,408,448 | ---- | M] (Microsoft Corporation) {92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {AA58ED58-01DD-4D91-8333-CF10577473F7} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {B164E929-A1B6-4A06-B104-2CD0E90A88FF} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {BF00E119-21A3-4FD1-B178-3B8537E75C92} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\Windows\SysWOW64\Macromed\Flash\Flash10h.ocx [shockwave Flash Object] -> [2010/06/12 18:25:27 | 005,712,336 | R--- | M] (Adobe Systems, Inc.) {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {DFEAF541-F3E1-4C24-ACAC-99C30715084A} [HKLM] -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50524.0\npctrl.dll [Microsoft Silverlight] -> [2010/05/23 23:30:20 | 001,013,760 | ---- | M] ( Microsoft Corporation) {F0DA78E9-6B60-42FB-BC26-EF2CFB8C8FF3} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < 64bit-File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ -> .bat [@ = batfile] -> "%1" %* -> .cmd [@ = cmdfile] -> "%1" %* -> .com [@ = comfile] -> "%1" %* -> .exe [@ = exefile] -> "%1" %* -> .pif [@ = piffile] -> "%1" %* -> .scr [@ = scrfile] -> "%1" /S -> < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ -> .bat [@ = batfile] -> "%1" %* -> .cmd [@ = cmdfile] -> "%1" %* -> .com [@ = comfile] -> "%1" %* -> .cpl [@ = cplfile] -> C:\Windows\SysWow64\control.exe -> [2009/07/14 03:14:15 | 000,113,152 | ---- | M] (Microsoft Corporation) .exe [@ = exefile] -> "%1" %* -> .pif [@ = piffile] -> "%1" %* -> .scr [@ = scrfile] -> "%1" /S -> < File Associations - Select to Repair > -> HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\SOFTWARE\Classes\<extension>\ -> .html [@ = FirefoxHTML] -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe -> [2010/04/01 20:01:50 | 000,910,296 | ---- | M] (Mozilla Corporation) < 64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> -> *netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs -> Ias -> C:\Windows\SysNative\ias -> [2009/07/14 05:20:14 | 000,000,000 | ---D | M] Irmon -> C:\Windows\SysNative\irmon.dll -> [2009/07/14 03:41:11 | 000,023,552 | ---- | M] (Microsoft Corporation) UxTuneUp -> C:\Windows\SysNative\uxtuneup.dll -> [2010/05/07 18:01:52 | 000,036,168 | ---- | M] (TuneUp Software) Wmi -> C:\Windows\SysNative\wmi.dll -> [2009/07/14 03:33:56 | 000,005,120 | ---- | M] (Microsoft Corporation) Themes -> C:\Windows\SysNative\themeservice.dll -> [2009/07/14 03:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) BDESVC -> C:\Windows\SysNative\bdesvc.dll -> [2009/07/14 03:40:10 | 000,100,864 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> -> *netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs -> Ias -> C:\Windows\SysWOW64\ias.dll -> [2009/07/14 03:15:26 | 000,019,456 | ---- | M] (Microsoft Corporation) Wmi -> C:\Windows\SysWOW64\wmi.dll -> [2009/07/14 03:11:09 | 000,005,120 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < 64bit-Protocol Filters [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ -> text/xml:{807563E5-5146-11D5-A672-00B0D022E945} [HKLM] -> C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL[Microsoft Office InfoPath XML Mime Filter] -> [2008/10/25 17:34:10 | 000,108,920 | ---- | M] (Microsoft Corporation) < 64bit-Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> dssrequest:{5513F07E-936B-4E52-9B00-067394E91CC5} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found livecall:{828030A1-22C1-4009-854F-8E305202313F} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found ms-help:{314111c7-a502-11d2-bbca-00c04f8ec294} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found ms-itss:{0A9007C0-4076-11D3-8789-0000F8105754} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found msnim:{828030A1-22C1-4009-854F-8E305202313F} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found sacore:{5513F07E-936B-4E52-9B00-067394E91CC5} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found wlmailhtml:{03C514A3-1EFB-4856-9F99-10D7BE1653C0} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> dssrequest:{5513F07E-936B-4E52-9B00-067394E91CC5} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found livecall:{828030A1-22C1-4009-854F-8E305202313F} [HKLM] -> C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll[Reg Error: Value error.] -> [2009/07/26 17:44:54 | 000,061,264 | ---- | M] (Microsoft Corporation) msnim:{828030A1-22C1-4009-854F-8E305202313F} [HKLM] -> C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll[Reg Error: Value error.] -> [2009/07/26 17:44:54 | 000,061,264 | ---- | M] (Microsoft Corporation) sacore:{5513F07E-936B-4E52-9B00-067394E91CC5} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found wlmailhtml:{03C514A3-1EFB-4856-9F99-10D7BE1653C0} [HKLM] -> C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll[Windows Live Mail HTML Asynchronous Pluggable Protocol Handler] -> [2009/07/26 17:44:48 | 000,789,824 | ---- | M] (Microsoft Corporation) < 64bit-SafeBoot-Minimal Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ -> {36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers {4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive {4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive {4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller {4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc {4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard {4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse {4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters {4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter {4D36E97D-E325-11CE-BFC1-08002BE10318} -> System {4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive {533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} -> IEEE 1394 Bus host controllers {71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices {D48179BE-EC20-11D1-B6B8-00C04FA372A7} -> SBP2 IEEE 1394 Devices {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} -> SecurityDevices AppMgmt -> Service Base -> Driver Group Boot Bus Extender -> Driver Group Boot file system -> Driver Group File system -> Driver Group Filter -> Driver Group HelpSvc -> Service Lavasoft Ad-Aware Service -> 32bit -> File not found MCODS -> NTDS -> 32bit -> File not found PCI Configuration -> Driver Group PNP Filter -> Driver Group Power -> C:\Windows\SysNative\umpo.dll -> [2009/07/14 03:41:56 | 000,163,840 | ---- | M] (Microsoft Corporation) Primary disk -> Driver Group RpcEptMapper -> C:\Windows\SysNative\RpcEpMap.dll -> [2009/07/14 03:41:53 | 000,067,072 | ---- | M] (Microsoft Corporation) sacsvr -> Service SASCORE -> C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -> [2010/04/28 17:23:07 | 000,120,832 | ---- | M] (SUPERAntiSpyware.com) SCSI Class -> Driver Group System Bus Extender -> Driver Group TrustedInstaller -> 32bit -> File not found vmms -> Service WinDefend -> C:\Program Files\Windows Defender\mpsvc.dll -> [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) WudfPf -> C:\Windows\SysNative\drivers\WUDFPf.sys -> [2009/07/14 02:05:37 | 000,112,128 | ---- | M] (Microsoft Corporation) < SafeBoot-Minimal Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ -> {36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers {4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive {4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive {4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller {4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc {4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard {4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse {4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters {4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter {4D36E97D-E325-11CE-BFC1-08002BE10318} -> System {4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive {533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} -> IEEE 1394 Bus host controllers {71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices {D48179BE-EC20-11D1-B6B8-00C04FA372A7} -> SBP2 IEEE 1394 Devices {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} -> SecurityDevices AppInfo -> 64bit -> File not found AppMgmt -> Service Base -> Driver Group Boot Bus Extender -> Driver Group Boot file system -> Driver Group DcomLaunch -> 64bit -> File not found EFS -> 64bit -> File not found EventLog -> 64bit -> File not found File system -> Driver Group Filter -> Driver Group HelpSvc -> Service Lavasoft Ad-Aware Service -> C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -> [2010/06/16 13:07:26 | 001,352,832 | ---- | M] (Lavasoft) MCODS -> NTDS -> 64bit -> File not found PCI Configuration -> Driver Group PlugPlay -> 64bit -> File not found PNP Filter -> Driver Group Power -> 64bit -> File not found Primary disk -> Driver Group ProfSvc -> 64bit -> File not found RpcEptMapper -> 64bit -> File not found RpcSs -> 64bit -> File not found sacsvr -> Service SASCORE -> 64bit -> File not found SCSI Class -> Driver Group sermouse.sys -> 64bit -> File not found SWPRV -> 64bit -> File not found System Bus Extender -> Driver Group TabletInputService -> 64bit -> File not found TBS -> 64bit -> File not found VDS -> C:\Windows\SysWOW64\wbem\vds.mof -> [2009/07/13 22:30:11 | 000,061,056 | ---- | M] () vga.sys -> 64bit -> File not found vgasave.sys -> 64bit -> File not found vmms -> Service volmgr.sys -> 64bit -> File not found volmgrx.sys -> 64bit -> File not found WinDefend -> 64bit -> File not found WinMgmt -> 64bit -> File not found WudfPf -> 64bit -> File not found WudfRd -> 64bit -> File not found WudfSvc -> 64bit -> File not found < 64bit-SafeBoot-Network Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ -> {36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers {4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive {4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive {4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller {4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc {4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard {4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse {4D36E972-E325-11CE-BFC1-08002BE10318} -> Net {4D36E973-E325-11CE-BFC1-08002BE10318} -> NetClient {4D36E974-E325-11CE-BFC1-08002BE10318} -> NetService {4D36E975-E325-11CE-BFC1-08002BE10318} -> NetTrans {4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters {4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter {4D36E97D-E325-11CE-BFC1-08002BE10318} -> System {4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive {50DD5230-BA8A-11D1-BF5D-0000F805F530} -> Smart card readers {533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} -> IEEE 1394 Bus host controllers {71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices {D48179BE-EC20-11D1-B6B8-00C04FA372A7} -> SBP2 IEEE 1394 Devices {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} -> SecurityDevices AppMgmt -> Service Base -> Driver Group Boot Bus Extender -> Driver Group Boot file system -> Driver Group Dhcp -> C:\Windows\SysNative\dhcpcore.dll -> [2009/07/14 03:40:28 | 000,314,368 | ---- | M] (Microsoft Corporation) File system -> Driver Group Filter -> Driver Group HelpSvc -> Service Lavasoft Ad-Aware Service -> 32bit -> File not found Messenger -> Service NDIS Wrapper -> Driver Group ndiscap -> C:\Windows\SysNative\drivers\ndiscap.sys -> [2009/07/14 02:08:13 | 000,035,328 | ---- | M] (Microsoft Corporation) NetBIOSGroup -> Driver Group NetDDEGroup -> Driver Group Network -> Driver Group NetworkProvider -> Driver Group NTDS -> 32bit -> File not found PCI Configuration -> Driver Group PNP Filter -> Driver Group PNP_TDI -> Driver Group Power -> C:\Windows\SysNative\umpo.dll -> [2009/07/14 03:41:56 | 000,163,840 | ---- | M] (Microsoft Corporation) Primary disk -> Driver Group rdsessmgr -> Service RpcEptMapper -> C:\Windows\SysNative\RpcEpMap.dll -> [2009/07/14 03:41:53 | 000,067,072 | ---- | M] (Microsoft Corporation) sacsvr -> Service SASCORE -> C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -> [2010/04/28 17:23:07 | 000,120,832 | ---- | M] (SUPERAntiSpyware.com) SCSI Class -> Driver Group Streams Drivers -> Driver Group System Bus Extender -> Driver Group TDI -> Driver Group TrustedInstaller -> 32bit -> File not found vmms -> Service WinDefend -> C:\Program Files\Windows Defender\mpsvc.dll -> [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) WudfPf -> C:\Windows\SysNative\drivers\WUDFPf.sys -> [2009/07/14 02:05:37 | 000,112,128 | ---- | M] (Microsoft Corporation) WudfUsbccidDriver -> Driver < SafeBoot-Network Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ -> {36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers {4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive {4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive {4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller {4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc {4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard {4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse {4D36E972-E325-11CE-BFC1-08002BE10318} -> Net {4D36E973-E325-11CE-BFC1-08002BE10318} -> NetClient {4D36E974-E325-11CE-BFC1-08002BE10318} -> NetService {4D36E975-E325-11CE-BFC1-08002BE10318} -> NetTrans {4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters {4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter {4D36E97D-E325-11CE-BFC1-08002BE10318} -> System {4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive {50DD5230-BA8A-11D1-BF5D-0000F805F530} -> Smart card readers {533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} -> IEEE 1394 Bus host controllers {71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices {D48179BE-EC20-11D1-B6B8-00C04FA372A7} -> SBP2 IEEE 1394 Devices {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} -> SecurityDevices AFD -> 64bit -> File not found AppInfo -> 64bit -> File not found AppMgmt -> Service Base -> Driver Group BFE -> 64bit -> File not found Boot Bus Extender -> Driver Group Boot file system -> Driver Group bowser -> 64bit -> File not found Browser -> 64bit -> File not found DcomLaunch -> 64bit -> File not found dfsc -> 64bit -> File not found Dhcp -> C:\Windows\SysWOW64\dhcpcore.dll -> [2009/07/14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) DnsCache -> 64bit -> File not found Dot3Svc -> 64bit -> File not found Eaphost -> 64bit -> File not found EFS -> 64bit -> File not found EventLog -> 64bit -> File not found File system -> Driver Group Filter -> Driver Group HelpSvc -> Service IKEEXT -> 64bit -> File not found ipnat.sys -> 64bit -> File not found LanmanServer -> 64bit -> File not found LanmanWorkstation -> 64bit -> File not found Lavasoft Ad-Aware Service -> C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -> [2010/06/16 13:07:26 | 001,352,832 | ---- | M] (Lavasoft) LmHosts -> 64bit -> File not found Messenger -> Service MPSDrv -> C:\Windows\SysWOW64\wbem\mpsdrv.mof -> [2009/06/10 23:28:14 | 000,001,088 | ---- | M] () MPSSvc -> 64bit -> File not found mrxsmb -> 64bit -> File not found mrxsmb10 -> 64bit -> File not found mrxsmb20 -> 64bit -> File not found NativeWifiP -> 64bit -> File not found NDIS -> 64bit -> File not found NDIS Wrapper -> Driver Group ndiscap -> 64bit -> File not found Ndisuio -> 64bit -> File not found NetBIOS -> C:\Windows\SysWOW64\netbios.dll -> [2009/07/14 03:16:02 | 000,014,336 | ---- | M] (Microsoft Corporation) NetBIOSGroup -> Driver Group NetBT -> 64bit -> File not found NetDDEGroup -> Driver Group NetMan -> 64bit -> File not found Network -> Driver Group NetworkProvider -> Driver Group NlaSvc -> 64bit -> File not found Nsi -> 64bit -> File not found nsiproxy.sys -> 64bit -> File not found NTDS -> 64bit -> File not found PCI Configuration -> Driver Group PlugPlay -> 64bit -> File not found PNP Filter -> Driver Group PNP_TDI -> Driver Group PolicyAgent -> 64bit -> File not found Power -> 64bit -> File not found Primary disk -> Driver Group ProfSvc -> 64bit -> File not found rdbss -> 64bit -> File not found rdpencdd.sys -> 64bit -> File not found rdsessmgr -> Service RpcEptMapper -> 64bit -> File not found RpcSs -> 64bit -> File not found sacsvr -> Service SASCORE -> 64bit -> File not found SCardSvr -> 64bit -> File not found SCSI Class -> Driver Group sermouse.sys -> 64bit -> File not found SharedAccess -> 64bit -> File not found Streams Drivers -> Driver Group SWPRV -> 64bit -> File not found System Bus Extender -> Driver Group TabletInputService -> 64bit -> File not found TBS -> 64bit -> File not found Tcpip -> C:\Windows\SysWOW64\wbem\tcpip.mof -> [2009/06/10 23:15:18 | 000,003,066 | ---- | M] () TDI -> Driver Group VaultSvc -> 64bit -> File not found VDS -> C:\Windows\SysWOW64\wbem\vds.mof -> [2009/07/13 22:30:11 | 000,061,056 | ---- | M] () vga.sys -> 64bit -> File not found vgasave.sys -> 64bit -> File not found vmms -> Service volmgr.sys -> 64bit -> File not found volmgrx.sys -> 64bit -> File not found WinDefend -> 64bit -> File not found WinMgmt -> 64bit -> File not found Wlansvc -> 64bit -> File not found WudfPf -> 64bit -> File not found WudfRd -> 64bit -> File not found WudfSvc -> 64bit -> File not found WudfUsbccidDriver -> Driver < 64bit-Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center -> 64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center \\"cval" -> [1] -> File not found 64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> -> 64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\ -> -> 64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc \Svc\\"VistaSp1" -> [28 4D B2 76 41 04 CA 01 [binary data]] -> File not found \Svc\\"AntiVirusOverride" -> [0] -> File not found \Svc\\"AntiSpywareOverride" -> [0] -> File not found \Svc\\"FirewallOverride" -> [0] -> File not found 64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol\ -> -> < Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile \\"DisableNotifications" -> [0] -> File not found \\"EnableFirewall" -> [1] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging\ -> -> < Session Manager Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager -> *BootExecute* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\\BootExecute -> autocheck autochk * -> -> File not found lsdelete -> -> File not found *MultiFile Done* -> -> "ExcludeFromKnownDlls" -> [binary data] -> 64bit-*ObjectDirectories* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\\ObjectDirectories -> \Windows -> \Windows -> [2010/06/19 07:54:43 | 000,000,000 | ---D | M] \RPC Control -> -> File not found *MultiFile Done* -> -> *ObjectDirectories* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\\ObjectDirectories -> \Windows -> \Windows -> [2010/06/19 07:54:43 | 000,000,000 | ---D | M] \RPC Control -> -> File not found *MultiFile Done* -> -> < Session Manager Environment Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment -> 64bit-"ComSpec" -> C:\Windows\SysNative\cmd.exe -> [2009/07/14 03:39:01 | 000,344,576 | ---- | M] (Microsoft Corporation) "ComSpec" -> C:\Windows\SysWOW64\cmd.exe -> [2009/07/14 03:14:15 | 000,301,568 | ---- | M] (Microsoft Corporation) "TEMP" -> C:\Windows\Temp -> [2010/06/19 13:19:45 | 000,000,000 | ---D | M] "TMP" -> C:\Windows\Temp -> [2010/06/19 13:19:45 | 000,000,000 | ---D | M] "windir" -> C:\Windows -> [2010/06/19 07:54:43 | 000,000,000 | ---D | M] 64bit-*Path* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common -> [2010/04/26 07:38:45 | 000,000,000 | ---D | M] C:\Program Files (x86)\PC Connectivity Solution\ -> C:\Program Files (x86)\PC Connectivity Solution\ -> [2010/03/09 12:56:37 | 000,000,000 | ---D | M] %SystemRoot%\system32 -> C:\Windows\SysNative -> File not found %SystemRoot% -> C:\Windows -> [2010/06/19 07:54:43 | 000,000,000 | ---D | M] %SystemRoot%\System32\Wbem -> C:\Windows\SysNative\wbem -> [2010/06/16 13:06:44 | 000,000,000 | ---D | M] %SYSTEMROOT%\System32\WindowsPowerShell\v1.0\ -> C:\Windows\SysNative\WindowsPowerShell\v1.0\ -> [2009/12/23 13:27:35 | 000,000,000 | ---D | M] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86 -> C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86 -> [2009/10/13 00:44:38 | 000,000,000 | ---D | M] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64 -> C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64 -> [2009/10/13 00:44:38 | 000,000,000 | ---D | M] C:\Program Files (x86)\Common Files\Acronis\SnapAPI\ -> C:\Program Files (x86)\Common Files\Acronis\SnapAPI\ -> [2010/03/12 13:43:04 | 000,000,000 | ---D | M] C:\Program Files (x86)\QuickTime\QTSystem\ -> C:\Program Files (x86)\QuickTime\QTSystem\ -> [2010/06/05 13:09:06 | 000,000,000 | ---D | M] *MultiFile Done* -> -> *Path* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common -> [2010/04/26 07:38:45 | 000,000,000 | ---D | M] C:\Program Files (x86)\PC Connectivity Solution\ -> C:\Program Files (x86)\PC Connectivity Solution\ -> [2010/03/09 12:56:37 | 000,000,000 | ---D | M] %SystemRoot%\system32 -> C:\Windows\SysWOW64 -> [2010/06/18 19:26:27 | 000,000,000 | ---D | M] %SystemRoot% -> C:\Windows -> [2010/06/19 07:54:43 | 000,000,000 | ---D | M] %SystemRoot%\System32\Wbem -> C:\Windows\SysWOW64\wbem -> [2009/12/23 13:27:37 | 000,000,000 | ---D | M] %SYSTEMROOT%\System32\WindowsPowerShell\v1.0\ -> C:\Windows\SysWow64\WindowsPowerShell\v1.0\ -> [2009/12/23 13:27:38 | 000,000,000 | ---D | M] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86 -> C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86 -> [2009/10/13 00:44:38 | 000,000,000 | ---D | M] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64 -> C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64 -> [2009/10/13 00:44:38 | 000,000,000 | ---D | M] C:\Program Files (x86)\Common Files\Acronis\SnapAPI\ -> C:\Program Files (x86)\Common Files\Acronis\SnapAPI\ -> [2010/03/12 13:43:04 | 000,000,000 | ---D | M] C:\Program Files (x86)\QuickTime\QTSystem\ -> C:\Program Files (x86)\QuickTime\QTSystem\ -> [2010/06/05 13:09:06 | 000,000,000 | ---D | M] *MultiFile Done* -> -> *PATHEXT* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\\PATHEXT -> .COM -> -> File not found .EXE -> -> File not found .BAT -> -> File not found .CMD -> -> File not found .VBS -> -> File not found .VBE -> -> File not found .JS -> -> File not found .JSE -> -> File not found .WSF -> -> File not found .WSH -> -> File not found .MSC -> -> File not found *MultiFile Done* -> -> < Session Manager FileRenameOperations Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\FileRenameOperations -> < Session Manager KnownDlls Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDlls -> 64bit-"advapi32" -> C:\Windows\SysNative\advapi32.dll -> [2009/07/14 03:40:01 | 000,877,056 | ---- | M] (Microsoft Corporation) 64bit-"clbcatq" -> C:\Windows\SysNative\clbcatq.dll -> [2009/07/14 03:40:15 | 000,607,744 | ---- | M] (Microsoft Corporation) 64bit-"COMDLG32" -> C:\Windows\SysNative\comdlg32.dll -> [2009/07/14 03:40:22 | 000,595,456 | ---- | M] (Microsoft Corporation) 64bit-"DifxApi" -> C:\Windows\SysNative\difxapi.dll -> [2009/07/14 03:40:30 | 000,504,320 | ---- | M] (Microsoft Corporation) 64bit-"DllDirectory" -> C:\Windows\SysNative -> File not found 64bit-"DllDirectory32" -> C:\Windows\SysWOW64 -> [2010/06/18 19:26:27 | 000,000,000 | ---D | M] 64bit-"gdi32" -> C:\Windows\SysNative\gdi32.dll -> [2009/07/14 03:40:56 | 000,404,480 | ---- | M] (Microsoft Corporation) 64bit-"IERTUTIL" -> C:\Windows\SysNative\iertutil.dll -> [2009/07/14 03:41:06 | 002,440,704 | ---- | M] (Microsoft Corporation) 64bit-"IMAGEHLP" -> C:\Windows\SysNative\imagehlp.dll -> [2009/07/14 03:41:08 | 000,076,288 | ---- | M] (Microsoft Corporation) 64bit-"IMM32" -> C:\Windows\SysNative\imm32.dll -> [2009/07/14 03:41:09 | 000,167,424 | ---- | M] (Microsoft Corporation) 64bit-"kernel32" -> C:\Windows\SysNative\kernel32.dll -> [2009/07/14 03:41:13 | 001,162,240 | ---- | M] (Microsoft Corporation) 64bit-"LPK" -> C:\Windows\SysNative\lpk.dll -> [2009/07/14 03:41:19 | 000,041,984 | ---- | M] (Microsoft Corporation) 64bit-"MSCTF" -> C:\Windows\SysNative\msctf.dll -> [2009/07/14 03:41:28 | 001,067,008 | ---- | M] (Microsoft Corporation) 64bit-"MSVCRT" -> C:\Windows\SysNative\msvcrt.dll -> [2009/07/14 03:41:32 | 000,634,880 | ---- | M] (Microsoft Corporation) 64bit-"NORMALIZ" -> C:\Windows\SysNative\normaliz.dll -> [2009/07/14 03:31:40 | 000,002,560 | ---- | M] (Microsoft Corporation) 64bit-"NSI" -> C:\Windows\SysNative\nsi.dll -> [2009/07/14 03:41:53 | 000,013,824 | ---- | M] (Microsoft Corporation) 64bit-"ole32" -> C:\Windows\SysNative\ole32.dll -> [2009/07/14 03:41:53 | 002,084,352 | ---- | M] (Microsoft Corporation) 64bit-"OLEAUT32" -> C:\Windows\SysNative\oleaut32.dll -> [2009/07/14 03:41:53 | 000,861,184 | ---- | M] (Microsoft Corporation) 64bit-"PSAPI" -> C:\Windows\SysNative\psapi.dll -> [2009/07/14 03:41:53 | 000,009,216 | ---- | M] (Microsoft Corporation) 64bit-"rpcrt4" -> C:\Windows\SysNative\rpcrt4.dll -> [2009/07/14 03:41:53 | 001,221,632 | ---- | M] (Microsoft Corporation) 64bit-"sechost" -> C:\Windows\SysNative\sechost.dll -> [2009/07/14 03:41:53 | 000,113,664 | ---- | M] (Microsoft Corporation) 64bit-"Setupapi" -> C:\Windows\SysNative\setupapi.dll -> [2009/07/14 03:41:54 | 001,899,520 | ---- | M] (Microsoft Corporation) 64bit-"SHELL32" -> C:\Windows\SysNative\shell32.dll -> [2010/02/18 10:07:44 | 014,163,456 | ---- | M] (Microsoft Corporation) 64bit-"SHLWAPI" -> C:\Windows\SysNative\shlwapi.dll -> [2009/07/14 03:41:54 | 000,449,536 | ---- | M] (Microsoft Corporation) 64bit-"URLMON" -> C:\Windows\SysNative\urlmon.dll -> [2010/05/06 15:02:38 | 001,493,504 | ---- | M] (Microsoft Corporation) 64bit-"user32" -> C:\Windows\SysNative\user32.dll -> [2009/07/14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) 64bit-"USP10" -> C:\Windows\SysNative\usp10.dll -> [2009/07/14 03:41:56 | 000,801,280 | ---- | M] (Microsoft Corporation) 64bit-"WININET" -> C:\Windows\SysNative\wininet.dll -> [2010/05/21 07:52:30 | 001,192,960 | ---- | M] (Microsoft Corporation) 64bit-"WLDAP32" -> C:\Windows\SysNative\Wldap32.dll -> [2009/07/14 03:41:56 | 000,311,808 | ---- | M] (Microsoft Corporation) 64bit-"WS2_32" -> C:\Windows\SysNative\ws2_32.dll -> [2009/07/14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) "advapi32" -> C:\Windows\SysWow64\advapi32.dll -> [2009/07/14 03:14:53 | 000,640,000 | ---- | M] (Microsoft Corporation) "clbcatq" -> C:\Windows\SysWow64\clbcatq.dll -> [2009/07/14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) "COMDLG32" -> C:\Windows\SysWow64\comdlg32.dll -> [2009/07/14 03:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) "DifxApi" -> C:\Windows\SysWow64\difxapi.dll -> [2009/07/14 03:15:11 | 000,315,904 | ---- | M] (Microsoft Corporation) "DllDirectory" -> C:\Windows\SysWOW64 -> [2010/06/18 19:26:27 | 000,000,000 | ---D | M] "DllDirectory32" -> C:\Windows\SysWOW64 -> [2010/06/18 19:26:27 | 000,000,000 | ---D | M] "gdi32" -> C:\Windows\SysWow64\gdi32.dll -> [2009/07/14 03:11:21 | 000,310,784 | ---- | M] (Microsoft Corporation) "IERTUTIL" -> C:\Windows\SysWow64\iertutil.dll -> [2009/07/14 03:15:28 | 002,058,240 | ---- | M] (Microsoft Corporation) "IMAGEHLP" -> C:\Windows\SysWow64\imagehlp.dll -> [2009/07/14 03:15:31 | 000,154,624 | ---- | M] (Microsoft Corporation) "IMM32" -> C:\Windows\SysWow64\imm32.dll -> [2009/07/14 03:11:21 | 000,119,808 | ---- | M] (Microsoft Corporation) "kernel32" -> C:\Windows\SysWow64\kernel32.dll -> [2009/07/14 03:11:23 | 000,836,608 | ---- | M] (Microsoft Corporation) "LPK" -> C:\Windows\SysWow64\lpk.dll -> [2009/07/14 03:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) "MSCTF" -> C:\Windows\SysWow64\msctf.dll -> [2009/07/14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) "MSVCRT" -> C:\Windows\SysWow64\msvcrt.dll -> [2009/07/14 03:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) "NORMALIZ" -> C:\Windows\SysWow64\normaliz.dll -> [2009/07/14 03:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) "NSI" -> C:\Windows\SysWow64\nsi.dll -> [2009/07/14 03:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) "ole32" -> C:\Windows\SysWow64\ole32.dll -> [2009/07/14 03:16:12 | 001,412,608 | ---- | M] (Microsoft Corporation) "OLEAUT32" -> C:\Windows\SysWow64\oleaut32.dll -> [2009/07/14 03:16:12 | 000,571,904 | ---- | M] (Microsoft Corporation) "PSAPI" -> C:\Windows\SysWow64\psapi.dll -> [2009/07/14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) "rpcrt4" -> C:\Windows\SysWow64\rpcrt4.dll -> [2009/07/14 03:11:23 | 000,662,528 | ---- | M] (Microsoft Corporation) "sechost" -> C:\Windows\SysWow64\sechost.dll -> [2009/07/14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) "Setupapi" -> C:\Windows\SysWow64\setupapi.dll -> [2009/07/14 03:16:14 | 001,668,608 | ---- | M] (Microsoft Corporation) "SHELL32" -> C:\Windows\SysWow64\shell32.dll -> [2010/02/18 09:34:01 | 012,867,072 | ---- | M] (Microsoft Corporation) "SHLWAPI" -> C:\Windows\SysWow64\shlwapi.dll -> [2009/07/14 03:16:14 | 000,350,208 | ---- | M] (Microsoft Corporation) "URLMON" -> C:\Windows\SysWow64\urlmon.dll -> [2010/05/06 14:42:05 | 001,225,216 | ---- | M] (Microsoft Corporation) "user32" -> C:\Windows\SysWow64\user32.dll -> [2009/07/14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) "USP10" -> C:\Windows\SysWow64\usp10.dll -> [2009/07/14 03:16:17 | 000,627,200 | ---- | M] (Microsoft Corporation) "WININET" -> C:\Windows\SysWow64\wininet.dll -> [2010/05/21 07:18:06 | 000,977,920 | ---- | M] (Microsoft Corporation) "WLDAP32" -> C:\Windows\SysWow64\Wldap32.dll -> [2009/07/14 03:16:19 | 000,268,800 | ---- | M] (Microsoft Corporation) "WS2_32" -> C:\Windows\SysWow64\ws2_32.dll -> [2009/07/14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command -> 64bit-batfile [open] -> "%1" %* -> File not found 64bit-cmdfile [open] -> "%1" %* -> File not found 64bit-comfile [open] -> "%1" %* -> File not found 64bit-exefile [open] -> "%1" %* -> File not found 64bit-htmlfile [edit] -> "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 -> [2008/11/10 11:50:30 | 000,068,472 | ---- | M] (Microsoft Corporation) 64bit-htmlfile [print] -> "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 -> [2008/11/10 11:50:30 | 000,068,472 | ---- | M] (Microsoft Corporation) 64bit-inffile [install] -> %SystemRoot%\System32\InfDefaultInstall.exe "%1" -> [2009/07/14 03:39:13 | 000,010,240 | ---- | M] (Microsoft Corporation) 64bit-InternetShortcut [print] -> "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" -> [2010/05/06 14:41:53 | 005,970,944 | ---- | M] (Microsoft Corporation) 64bit-piffile [open] -> "%1" %* -> File not found 64bit-scrfile [config] -> "%1" -> File not found 64bit-scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l -> [2009/07/14 03:38:51 | 000,130,048 | ---- | M] (Microsoft Corporation) 64bit-scrfile [open] -> "%1" /S -> File not found 64bit-Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 -> File not found 64bit-Directory [AddToPlaylistVLC] -> "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" -> [2010/01/31 00:27:38 | 000,141,061 | ---- | M] () 64bit-Directory [cmd] -> cmd.exe /s /k pushd "%V" -> [2009/07/14 03:39:01 | 000,344,576 | ---- | M] (Microsoft Corporation) 64bit-Directory [find] -> %SystemRoot%\Explorer.exe -> [2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) 64bit-Directory [OneNote.Open] -> C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" -> [2009/02/26 15:24:50 | 001,001,840 | ---- | M] (Microsoft Corporation) 64bit-Directory [PlayWithVLC] -> "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" -> [2010/01/31 00:27:38 | 000,141,061 | ---- | M] () 64bit-Folder [open] -> %SystemRoot%\Explorer.exe -> [2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) 64bit-Drive [find] -> %SystemRoot%\Explorer.exe -> [2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) batfile [open] -> "%1" %* -> cmdfile [open] -> "%1" %* -> comfile [open] -> "%1" %* -> cplfile [cplopen] -> %SystemRoot%\System32\control.exe "%1",%* -> [2009/07/14 03:14:15 | 000,113,152 | ---- | M] (Microsoft Corporation) exefile [open] -> "%1" %* -> htmlfile [edit] -> "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 -> [2008/11/10 11:50:30 | 000,068,472 | ---- | M] (Microsoft Corporation) htmlfile [print] -> "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 -> [2008/11/10 11:50:30 | 000,068,472 | ---- | M] (Microsoft Corporation) inffile [install] -> %SystemRoot%\System32\InfDefaultInstall.exe "%1" -> [2009/07/14 03:14:21 | 000,009,216 | ---- | M] (Microsoft Corporation) InternetShortcut [print] -> "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" -> [2010/05/06 14:41:53 | 005,970,944 | ---- | M] (Microsoft Corporation) piffile [open] -> "%1" %* -> scrfile [config] -> "%1" -> scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l -> [2009/07/14 03:14:08 | 000,128,000 | ---- | M] (Microsoft Corporation) scrfile [open] -> "%1" /S -> Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 -> Directory [AddToPlaylistVLC] -> "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" -> [2010/01/31 00:27:38 | 000,141,061 | ---- | M] () Directory [cmd] -> cmd.exe /s /k pushd "%V" -> [2009/07/14 03:14:15 | 000,301,568 | ---- | M] (Microsoft Corporation) Directory [find] -> %SystemRoot%\Explorer.exe -> [2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) Directory [OneNote.Open] -> C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" -> [2009/02/26 15:24:50 | 001,001,840 | ---- | M] (Microsoft Corporation) Directory [PlayWithVLC] -> "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" -> [2010/01/31 00:27:38 | 000,141,061 | ---- | M] () Folder [open] -> %SystemRoot%\Explorer.exe -> [2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) Drive [find] -> %SystemRoot%\Explorer.exe -> [2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) < Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ -> 64bit-NameSpace_Catalog5\Catalog_Entries\000000000007 [mdnsNSP] -> C:\Program Files (x86)\Bonjour\mdnsNSP.dll -> [2010/04/08 13:20:00 | 000,152,864 | ---- | M] (Apple Inc.) NameSpace_Catalog5\Catalog_Entries\000000000007 [mdnsNSP] -> C:\Program Files (x86)\Bonjour\mdnsNSP.dll -> [2010/04/08 13:20:00 | 000,152,864 | ---- | M] (Apple Inc.) < Default Protocols [HKEY_LOCAL_MACHINE\] - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> ldap -> 4 = Restricted sites (Not a Default Protocol) -> news -> 4 = Restricted sites (Not a Default Protocol) -> nntp -> 4 = Restricted sites (Not a Default Protocol) -> oecmd -> 4 = Restricted sites (Not a Default Protocol) -> snews -> 4 = Restricted sites (Not a Default Protocol) -> < Default Protocols [HKEY_USERS\S-1-5-19\] - Select to Repair > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> @ivt -> @ivt protocol not assigned -> file -> file protocol not assigned -> ftp -> ftp protocol not assigned -> http -> http protocol not assigned -> https -> https protocol not assigned -> shell -> shell protocol not assigned -> < Default Protocols [HKEY_USERS\S-1-5-20\] - Select to Repair > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> @ivt -> @ivt protocol not assigned -> file -> file protocol not assigned -> ftp -> ftp protocol not assigned -> http -> http protocol not assigned -> https -> https protocol not assigned -> shell -> shell protocol not assigned -> < 64bit-Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> {071c9b48-7c32-4621-a0ac-3f809523288f} -> Microsoft Visual C++ 2005 Redistributable (x64) {350AA351-21FA-3270-8B7A-835434E766AD} -> Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 {3D3E663D-4E7E-4577-A560-7ECDDD45548A} -> PVSonyDll {404BB1FF-A84F-432F-B77B-301E88E8D1C7} -> Apple Mobile Device Support {47DEB25D-4FA2-4894-8A0D-FE944C47326E} -> Microsoft Baseline Security Analyzer 2.1 {8220EEFE-38CD-377E-8595-13398D740ACE} -> Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 {90120000-002A-0000-1000-0000000FF1CE} -> Microsoft Office Office 64-bit Components 2007 {90120000-002A-0409-1000-0000000FF1CE} -> Microsoft Office Shared 64-bit MUI (English) 2007 {90120000-002A-040C-1000-0000000FF1CE} -> Microsoft Office Shared 64-bit MUI (French) 2007 {90120000-0116-0409-1000-0000000FF1CE} -> Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E} -> Intel® Matrix Storage Manager {95120000-00B9-0409-1000-0000000FF1CE} -> Microsoft Application Error Reporting {96D5EB02-DE18-4DCD-A713-929B4461CA8D} -> iTunes {B6E3757B-5E77-3915-866A-CCFC4B8D194C} -> Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 {C19D4D8F-4433-4F6D-9F0C-79589FD0B973} -> Bonjour {CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA} -> SUPERAntiSpyware {EE936C7A-EA40-31D5-9B65-8E3E089C3828} -> Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 BC15EA930074932BB2C4B4493C9FD4EA95087D1A -> Package de pilotes Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0) EPSON Printer and Utilities -> EPSON Logiciel imprimante LockHunter_is1 -> LockHunter version 1.0 beta 3, 64 bit edition NVIDIA Display Control Panel -> NVIDIA Display Control Panel NVIDIA Drivers -> NVIDIA Drivers SAMSUNG Mobile Composite Device -> SAMSUNG Mobile Composite Device Software SAMSUNG Mobile Modem -> SAMSUNG Mobile Modem Driver Set Samsung Mobile Modem Device -> Samsung Mobile Modem Device Software Samsung Mobile phone USB driver -> Samsung Mobile phone USB driver Software Samsung Mobile phone USB driver Drive -> Samsung Mobile phone USB driver Drive Software SAMSUNG Mobile USB Modem -> SAMSUNG Mobile USB Modem Software SAMSUNG Mobile USB Modem 1.0 -> SAMSUNG Mobile USB Modem 1.0 Software SAMSUNG USB Mobile Device -> SAMSUNG USB Mobile Device Software WinRAR archiver -> Logiciel d'archivage WinRAR < Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> {0214A441-A4AB-43A8-8DEF-2F73C5364673} -> Microsoft Works {0638268c-b727-4f78-a92b-a4f68176e670} -> Nero 9 Essentials {0E3C6700-B0FB-4508-A4B0-51EF626D6D60}_is1 -> Mah Jong Adventures {15D967B5-A4BE-42AE-9E84-64CD062B25AA} -> eSobi v2 {1F1C2DFC-2D24-3E06-BCB8-725134ADF989} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 {20400dbd-e6db-45b8-9b6b-1dd7033818ec} -> Nero InfoTool Help {205C6BDD-7B73-42DE-8505-9A093F35A238} -> Outil de téléchargement Windows Live {2075CB0A-D26F-4DAA-B424-5079296B43BA} -> Windows Live FolderShare {22B775E7-6C42-4FC5-8E10-9A5E3257BD94} -> MSVCRT {2348b586-c9ae-46ce-936c-a68e9426e214} -> Nero StartSmart Help {2637C347-9DAD-11D6-9EA2-00055D0CA761} -> Acer Arcade Deluxe {266517E6-D866-439D-919C-B8B1A52E6080} -> OpenOffice.org 3.2 {26A24AE4-039D-4CA4-87B4-2F83216020FF} -> Java(TM) 6 Update 20 {287ECFA4-719A-2143-A09B-D6A12DE54E40} -> Acrobat.com {28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD} -> QuickTime {30075A70-B5D2-440B-AFA3-FB2021740121} -> Backup Manager Advance {338F08AB-C262-42C7-B000-34DE1A475273} -> Ad-Aware Email Scanner for Outlook {33cf58f5-48d8-4575-83d6-96f574e4d83a} -> Nero DriveSpeed {3A1B5D40-41E9-43FA-8C7B-A8667F5586EF} -> JMicron JMB36X Driver {3B4E636E-9D65-4D67-BA61-189800823F52} -> Windows Live Communications Platform {3F262ADC-5AD2-48E5-A586-44315E04A9E9} -> Microsoft Album photo 10 {42756145-9997-4D28-809B-8756BFD00109} -> Microsoft Photo Pro 10 {4634B21A-CC07-4396-890C-2B8168661FEA} -> Windows Live Writer {46ABBC54-1872-4AA3-95E2-F2C063A63F31} -> Installation Windows Live {4A03706F-666A-4037-7777-5F2748764D10} -> Java Auto Updater {4D43D635-6FDA-4fa5-AA9B-23CF73D058EA} -> Nero StartSmart OEM {527BBE2F-1FED-3D8B-91CB-4DB0F838E69E} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 {53B20C18-D8D4-4588-8737-9BBFE303C354} -> Windows Live Movie Maker {54194F60-988C-4D03-B922-C2B00EFDA39A} -> NVIDIA PhysX {553255F3-78FD-40F1-A6F8-6882140265FE} -> Apple Application Support {56C049BE-79E9-4502-BEA7-9754A3E60F9B} -> neroxml {595a3116-40bb-4e0f-a2e8-d7951da56270} -> NeroExpress {5DD76286-9BE7-4894-A990-E905E91AC818} -> Windows Live Mail {67EDD823-135A-4D59-87BD-950616D6E857} -> EPSON Copy Utility 3 {68301905-2DEA-41CE-A4D4-E8B443B099BA} -> MyWinLocker {7299052b-02a4-4627-81f2-1818da5d550d} -> Microsoft Visual C++ 2005 Redistributable {770F1BEC-2871-4E70-B837-FB8525FFA3B1} -> Windows Live Messenger {7748ac8c-18e3-43bb-959b-088faea16fb2} -> Nero StartSmart {7B0A8F0E-3672-4DA5-9540-A8D0171C38D8} -> TuneUp Utilities Language Pack (fr-FR) {7E84FAC8-C518-40F9-9807-7455301D6D25} -> SamsungConnectivityCableDriver {7F811A54-5A09-4579-90E1-C93498E230D9} -> Acer eRecovery Management {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593} -> Chicken Invaders 2 {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697} -> Granny In Paradise {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477} -> Merriam Websters Spell Jam {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477} -> Amazonia {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767} -> Alice Greenfingers {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380} -> Heroes of Hellas {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110} -> Dream Day First Home {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100} -> Dairy Dash {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115208410} -> First Class Flurry {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173} -> Farm Frenzy 2 {82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} -> Windows Live Call {83202942-84b3-4c50-8622-b8c0aa2d2885} -> Nero Express Help {837b34e3-7c30-493c-8f6a-2b0f04e2912c} -> Microsoft Visual C++ 2005 Redistributable {869200db-287a-4dc0-b02b-2b6787fbcd4c} -> Nero DiscSpeed {89661B04-C646-4412-B6D3-5E19F02F1F37} -> EAX4 Unified Redist {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} -> Microsoft Silverlight {8C676E78-9169-43FB-9A56-415DF6DE50EE} -> Tetris 5000 {8DD0F820-3656-4AB3-A7F4-005CAA2D0897}_is1 -> RDesc 2.31 {8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1 -> Acer GameZone Console {90120000-0015-040C-0000-0000000FF1CE} -> Microsoft Office Access MUI (French) 2007 {90120000-0015-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-0016-0409-0000-0000000FF1CE} -> Microsoft Office Excel MUI (English) 2007 {90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> 2007 Microsoft Office Suite Service Pack 2 (SP2) {90120000-0016-040C-0000-0000000FF1CE} -> Microsoft Office Excel MUI (French) 2007 {90120000-0016-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-0017-040C-0000-0000000FF1CE} -> Microsoft Office SharePoint Designer MUI (French) 2007 {90120000-0017-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CCDA3DD6-E33D-4D75-B7C9-FF585580CE83} -> Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2) {90120000-0018-0409-0000-0000000FF1CE} -> Microsoft Office PowerPoint MUI (English) 2007 {90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> 2007 Microsoft Office Suite Service Pack 2 (SP2) {90120000-0018-040C-0000-0000000FF1CE} -> Microsoft Office PowerPoint MUI (French) 2007 {90120000-0018-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-0019-040C-0000-0000000FF1CE} -> Microsoft Office Publisher MUI (French) 2007 {90120000-0019-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-001A-040C-0000-0000000FF1CE} -> Microsoft Office Outlook MUI (French) 2007 {90120000-001A-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-001B-0409-0000-0000000FF1CE} -> Microsoft Office Word MUI (English) 2007 {90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> 2007 Microsoft Office Suite Service Pack 2 (SP2) {90120000-001B-040C-0000-0000000FF1CE} -> Microsoft Office Word MUI (French) 2007 {90120000-001B-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-001F-0401-0000-0000000FF1CE} -> Microsoft Office Proof (Arabic) 2007 {90120000-001F-0401-0000-0000000FF1CE}_OMUI.fr-fr_{14809F99-C601-4D4A-9391-F1E8FAA964C5} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) {90120000-001F-0407-0000-0000000FF1CE} -> Microsoft Office Proof (German) 2007 {90120000-001F-0407-0000-0000000FF1CE}_OMUI.fr-fr_{A0516415-ED61-419A-981D-93596DA74165} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) {90120000-001F-0409-0000-0000000FF1CE} -> Microsoft Office Proof (English) 2007 {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045} -> 2007 Microsoft Office Suite Service Pack 2 (SP2) {90120000-001F-040C-0000-0000000FF1CE} -> Microsoft Office Proof (French) 2007 {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787} -> 2007 Microsoft Office Suite Service Pack 2 (SP2) {90120000-001F-0413-0000-0000000FF1CE} -> Microsoft Office Proof (Dutch) 2007 {90120000-001F-0413-0000-0000000FF1CE}_OMUI.fr-fr_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) {90120000-001F-0C0A-0000-0000000FF1CE} -> Microsoft Office Proof (Spanish) 2007 {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9} -> 2007 Microsoft Office Suite Service Pack 2 (SP2) {90120000-0020-040C-0000-0000000FF1CE} -> Module de compatibilité pour Microsoft Office System 2007 {90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192} -> 2007 Microsoft Office Suite Service Pack 2 (SP2) {90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E} -> 2007 Microsoft Office Suite Service Pack 2 (SP2) {90120000-002A-040C-1000-0000000FF1CE}_OMUI.fr-fr_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-002C-0409-0000-0000000FF1CE} -> Microsoft Office Proofing (English) 2007 {90120000-002C-040C-0000-0000000FF1CE} -> Microsoft Office Proofing (French) 2007 {90120000-0044-040C-0000-0000000FF1CE} -> Microsoft Office InfoPath MUI (French) 2007 {90120000-0044-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-006E-0409-0000-0000000FF1CE} -> Microsoft Office Shared MUI (English) 2007 {90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E} -> 2007 Microsoft Office Suite Service Pack 2 (SP2) {90120000-006E-040C-0000-0000000FF1CE} -> Microsoft Office Shared MUI (French) 2007 {90120000-006E-040C-0000-0000000FF1CE}_OMUI.fr-fr_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-00A1-0409-0000-0000000FF1CE} -> Microsoft Office OneNote MUI (English) 2007 {90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> 2007 Microsoft Office Suite Service Pack 2 (SP2) {90120000-00A1-040C-0000-0000000FF1CE} -> Microsoft Office OneNote MUI (French) 2007 {90120000-00A1-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-00BA-040C-0000-0000000FF1CE} -> Microsoft Office Groove MUI (French) 2007 {90120000-00BA-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-0100-040C-0000-0000000FF1CE} -> Microsoft Office O MUI (French) 2007 {90120000-0100-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-0101-040C-0000-0000000FF1CE} -> Microsoft Office X MUI (French) 2007 {90120000-0101-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-0115-0409-0000-0000000FF1CE} -> Microsoft Office Shared Setup Metadata MUI (English) 2007 {90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E} -> 2007 Microsoft Office Suite Service Pack 2 (SP2) {90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E} -> 2007 Microsoft Office Suite Service Pack 2 (SP2) {91120000-002F-0000-0000-0000000FF1CE} -> Microsoft Office Home and Student 2007 {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} -> Microsoft Office 2007 Service Pack 2 (SP2) {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF} -> Security Update for Microsoft Office system 2007 (972581) {95120000-00AF-040C-0000-0000000FF1CE} -> Microsoft Office PowerPoint Viewer 2007 (French) {97C82B44-D408-4F14-9252-47FC1636D23E}_is1 -> IZArc 4.1 {9A25302D-30C0-39D9-BD6F-21E6EC160475} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 {9F7FC79B-3059-4264-9450-39EB368E3225} -> Microsoft Digital Image Library 9 - Blocker {A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D} -> ImagXpress {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} -> Google Update Helper {AC599724-5755-48C1-ABE7-ABB857652930} -> PC Connectivity Solution {AC76BA86-7AD7-1033-7B44-A93000000001} -> Adobe Reader 9.3.2 {AF7E85DC-317C-47F5-810E-B82EE093A612} -> Samsung New PC Studio USB Driver Installer {B131E59D-202C-43C6-84C9-68F0C37541F1} -> Galerie de photos Windows Live {B194272D-1F92-46DF-99EB-8D5CE91CB4EC} -> Adobe AIR {b2ec4a38-b545-4a00-8214-13fe0e915e6d} -> Advertising Center {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 -> Spybot - Search & Destroy {bd5ca0da-71ad-43da-b19e-6eee0c9adc9a} -> Nero ControlCenter {C2F1F96A-057E-5819-B52E-FEA1D1D2933B} -> Acronis True Image Home {C41300B9-185D-475E-BFEC-39EF732F19B1} -> Apple Software Update {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} -> Microsoft .NET Framework 1.1 {cc019e3f-59d2-4486-8d4b-878105b62a71} -> Nero DiscSpeed Help {D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} -> TuneUp Utilities {D433ABC3-0CD8-4BB0-B6A9-84501B4B47B7} -> ArcSoft PhotoImpression 5 {dba84796-8503-4ff0-af57-1747dd9a166d} -> Nero Online Upgrade {DCE8CD14-FBF5-4464-B9A4-E18E473546C7} -> Assistant de connexion Windows Live {DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF} -> Ad-Aware {DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1 -> Auslogics Disk Defrag {E2DFE069-083E-4631-9B6C-43C48E991DE5} -> Junk Mail filter update {E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 {E50AE784-FABE-46DA-A1F8-7B6B56DCB22E} -> Microsoft Office Suite Activation Assistant {e5c7d048-f9b4-4219-b323-8bdb01a2563d} -> Nero DriveSpeed Help {e8a80433-302b-4ff1-815d-fcc8eac482ff} -> Nero Installer {EE171732-BEB4-4576-887D-CB62727F01CA} -> Acer Updater {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} -> Microsoft SQL Server 2005 Compact Edition [ENU] {F0E12BBA-AD66-4022-A453-A1C8A0C4D570} -> Microsoft Choice Guard {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} -> Realtek High Definition Audio Driver {F193FC0E-9E18-40FC-A974-509A1BDD240A} -> Samsung New PC Studio {F19D07BC-6240-49D3-BA5C-59B015DF8916} -> EPSON Easy Photo Print {F333A33D-125C-32A2-8DCE-5C5D14231E27} -> Visual C++ 2008 x86 Runtime - (v9.0.30729) {F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01 -> Visual C++ 2008 x86 Runtime - v9.0.30729.01 {f4041dce-3fe1-4e18-8a9e-9de65231ee36} -> Nero ControlCenter {F7B0939E-58DF-11DF-B3A6-005056806466} -> Google Earth {fbcdfd61-7dcf-4e71-9226-873ba0053139} -> Nero InfoTool 7-Zip -> 7-Zip 4.65 Acer Registration -> Acer Registration Acer Screensaver -> Acer ScreenSaver Acer Welcome Center -> Welcome Center Ad-Aware -> Ad-Aware Adobe AIR -> Adobe AIR Adobe Flash Player ActiveX -> Adobe Flash Player 10 ActiveX Adobe Flash Player Plugin -> Adobe Flash Player 10 Plugin a-squared Free_is1 -> a-squared Free 4.5 Audacity_is1 -> Audacity 1.2.6 Avira AntiVir Desktop -> Avira AntiVir Personal - Free Antivirus AVS DVD Copy_is1 -> AVS DVD Copy version 4.1.1 AVS Update Manager_is1 -> AVS Update Manager 1.0 AVS4YOU Software Navigator_is1 -> AVS4YOU Software Navigator 1.3 CCleaner -> CCleaner EPSON Printer and Utilities -> EPSON Logiciel imprimante EPSON Scanner -> EPSON Scan Glary Utilities_is1 -> Glary Utilities 2.23.0.923 HOMESTUDENTR -> Microsoft Office Home and Student 2007 Hotkey Utility -> Hotkey Utility Identity Card -> Identity Card InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA} -> eSobi v2 InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761} -> Acer Arcade Deluxe InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121} -> Acer Backup Manager InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612} -> Samsung New PC Studio USB Driver Installer InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A} -> Samsung New PC Studio KC Softwares IDPhotoStudio_is1 -> KC Softwares IDPhotoStudio Malwarebytes' Anti-Malware_is1 -> Malwarebytes' Anti-Malware Mozilla Firefox (3.6.3) -> Mozilla Firefox (3.6.3) Mozilla Thunderbird (3.0.4) -> Mozilla Thunderbird (3.0.4) OMUI.fr-fr -> Microsoft Office Language Pack 2007 - French/Français Orb -> Orb PictureItSuite_v10 -> Microsoft Photo Pro Suite 10 PowerISO -> PowerISO PunkBusterSvc -> PunkBuster Services Pure Pinball 2.0 REDUX -> Pure Pinball 2.0 REDUX RAR Repair Tool_is1 -> RAR Repair Tool v.4.0.1 S.T.A.L.K.E.R. - Shadow of Chernobyl_is1 -> S.T.A.L.K.E.R. - Shadow of Chernobyl Secunia PSI -> Secunia PSI ShalSoft.GigaTribe_is1 -> GigaTribe 3.01.001 TuneUp Utilities -> TuneUp Utilities VLC media player -> VLC media player 1.0.5 WBFS Manager 3.0 -> WBFS Manager 3.0 WinLiveSuite_Wave3 -> Installation Windows Live WinRAR archiver -> Logiciel d'archivage WinRAR < Uninstall List [HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\] > -> HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> Capturino V2.11 -> Capturino V2.11 Vietcong 2 -> Vietcong 2 < EventViewer Logs - Last 10 Errors > -> Event Information -> Description Application [ Error ] 05/06/2010 02:22:14 Computer Name = abraracourcix | Source = SideBySide | ID = 16842787 -> Description = La création du contexte d’activation a échoué pour « c:\program files (x86)\windows live\photo gallery\MovieMaker.Exe ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL » à la ligne 8. L’identité de composant trouvé dans le manifeste ne correspond pas à celle du composant demandé. La référence est WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". La définition est WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Utilisez sxstrace.exe pour un diagnostic détaillé. Application [ Error ] 05/06/2010 05:07:23 Computer Name = abraracourcix | Source = Application Error | ID = 1000 -> Description = Nom de l’application défaillante Game_full.exe, version : 0.0.0.0, horodatage : 0x41a19ee4 Nom du module défaillant : cgD3D9.dll, version : 1.1.307.700, horodatage : 0x3f09c46c Code d’exception : 0xc0000005 Décalage d’erreur : 0x000059e9 ID du processus défaillant : 0x1658 Heure de début de l’application défaillante : 0x01cb048e1bbec824 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Tetris 5000\Game_full.exe Chemin d’accès du module défaillant: C:\Program Files (x86)\Tetris 5000\cgD3D9.dll ID de rapport : c05b8002-7081-11df-a0b8-90fba62d1373 Application [ Error ] 05/06/2010 07:45:31 Computer Name = abraracourcix | Source = MsiInstaller | ID = 10005 -> Description = Application [ Error ] 06/06/2010 04:10:59 Computer Name = abraracourcix | Source = SideBySide | ID = 16842815 -> Description = La création du contexte d’activation a échoué pour « c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll » à la ligne 3. La valeur « MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR » de l’attribut « version » de l’élément « assemblyIdentity » n’est pas valide. Application [ Error ] 06/06/2010 04:12:30 Computer Name = abraracourcix | Source = SideBySide | ID = 16842787 -> Description = La création du contexte d’activation a échoué pour « c:\program files (x86)\windows live\photo gallery\MovieMaker.Exe ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL » à la ligne 8. L’identité de composant trouvé dans le manifeste ne correspond pas à celle du composant demandé. La référence est WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". La définition est WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Utilisez sxstrace.exe pour un diagnostic détaillé. Application [ Error ] 06/06/2010 15:12:04 Computer Name = abraracourcix | Source = Application Error | ID = 1000 -> Description = Nom de l’application défaillante Game_full.exe, version : 0.0.0.0, horodatage : 0x41a19ee4 Nom du module défaillant : cgD3D9.dll, version : 1.1.307.700, horodatage : 0x3f09c46c Code d’exception : 0xc0000005 Décalage d’erreur : 0x000059e9 ID du processus défaillant : 0xfbc Heure de début de l’application défaillante : 0x01cb05a8b4730c2a Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Tetris 5000\Game_full.exe Chemin d’accès du module défaillant: C:\Program Files (x86)\Tetris 5000\cgD3D9.dll ID de rapport : 63f19d8c-719f-11df-bd2a-90fba62d1373 Application [ Error ] 07/06/2010 01:14:26 Computer Name = abraracourcix | Source = SideBySide | ID = 16842815 -> Description = La création du contexte d’activation a échoué pour « c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll » à la ligne 3. La valeur « MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR » de l’attribut « version » de l’élément « assemblyIdentity » n’est pas valide. Application [ Error ] 07/06/2010 01:15:09 Computer Name = abraracourcix | Source = SideBySide | ID = 16842787 -> Description = La création du contexte d’activation a échoué pour « c:\program files (x86)\windows live\photo gallery\MovieMaker.Exe ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL » à la ligne 8. L’identité de composant trouvé dans le manifeste ne correspond pas à celle du composant demandé. La référence est WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". La définition est WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Utilisez sxstrace.exe pour un diagnostic détaillé. Application [ Error ] 07/06/2010 18:31:01 Computer Name = abraracourcix | Source = SideBySide | ID = 16842815 -> Description = La création du contexte d’activation a échoué pour « c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll » à la ligne 3. La valeur « MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR » de l’attribut « version » de l’élément « assemblyIdentity » n’est pas valide. Application [ Error ] 07/06/2010 18:31:44 Computer Name = abraracourcix | Source = SideBySide | ID = 16842787 -> Description = La création du contexte d’activation a échoué pour « c:\program files (x86)\windows live\photo gallery\MovieMaker.Exe ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL » à la ligne 8. L’identité de composant trouvé dans le manifeste ne correspond pas à celle du composant demandé. La référence est WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". La définition est WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Utilisez sxstrace.exe pour un diagnostic détaillé. Media Center [ Error ] 04/03/2010 08:01:52 Computer Name = abraracourcix | Source = MCUpdate | ID = 0 -> Description = 13:01:52 - Erreur de connexion à Internet. 13:01:52 - Impossible de contacter le service.. Media Center [ Error ] 04/03/2010 08:02:00 Computer Name = abraracourcix | Source = MCUpdate | ID = 0 -> Description = 13:01:58 - Erreur de connexion à Internet. 13:01:58 - Impossible de contacter le service.. Media Center [ Error ] 04/03/2010 09:02:33 Computer Name = abraracourcix | Source = MCUpdate | ID = 0 -> Description = 14:02:33 - Erreur de connexion à Internet. 14:02:33 - Impossible de contacter le service.. Media Center [ Error ] 04/03/2010 09:02:38 Computer Name = abraracourcix | Source = MCUpdate | ID = 0 -> Description = 14:02:38 - Erreur de connexion à Internet. 14:02:38 - Impossible de contacter le service.. Media Center [ Error ] 04/03/2010 10:03:10 Computer Name = abraracourcix | Source = MCUpdate | ID = 0 -> Description = 15:03:10 - Erreur de connexion à Internet. 15:03:10 - Impossible de contacter le service.. Media Center [ Error ] 04/03/2010 10:03:16 Computer Name = abraracourcix | Source = MCUpdate | ID = 0 -> Description = 15:03:15 - Erreur de connexion à Internet. 15:03:15 - Impossible de contacter le service.. Media Center [ Error ] 04/03/2010 11:05:46 Computer Name = abraracourcix | Source = MCUpdate | ID = 0 -> Description = 16:05:46 - Erreur de connexion à Internet. 16:05:46 - Impossible de contacter le service.. Media Center [ Error ] 04/03/2010 11:05:52 Computer Name = abraracourcix | Source = MCUpdate | ID = 0 -> Description = 16:05:51 - Erreur de connexion à Internet. 16:05:51 - Impossible de contacter le service.. System [ Error ] 15/06/2010 06:36:10 Computer Name = abraracourcix | Source = Service Control Manager | ID = 7001 -> Description = Le service Explorateur d’ordinateurs dépend du service Serveur qui n’a pas pu démarrer en raison de l’erreur : %%1068 System [ Error ] 15/06/2010 06:36:10 Computer Name = abraracourcix | Source = Service Control Manager | ID = 7001 -> Description = Le service Explorateur d’ordinateurs dépend du service Serveur qui n’a pas pu démarrer en raison de l’erreur : %%1068 System [ Error ] 15/06/2010 06:36:10 Computer Name = abraracourcix | Source = Service Control Manager | ID = 7001 -> Description = Le service Explorateur d’ordinateurs dépend du service Serveur qui n’a pas pu démarrer en raison de l’erreur : %%1068 System [ Error ] 15/06/2010 06:36:10 Computer Name = abraracourcix | Source = Service Control Manager | ID = 7001 -> Description = Le service Explorateur d’ordinateurs dépend du service Serveur qui n’a pas pu démarrer en raison de l’erreur : %%1068 System [ Error ] 15/06/2010 06:36:10 Computer Name = abraracourcix | Source = Service Control Manager | ID = 7001 -> Description = Le service Explorateur d’ordinateurs dépend du service Serveur qui n’a pas pu démarrer en raison de l’erreur : %%1068 System [ Error ] 15/06/2010 06:36:22 Computer Name = abraracourcix | Source = Service Control Manager | ID = 7001 -> Description = Le service Explorateur d’ordinateurs dépend du service Serveur qui n’a pas pu démarrer en raison de l’erreur : %%1068 System [ Error ] 15/06/2010 06:36:22 Computer Name = abraracourcix | Source = Service Control Manager | ID = 7001 -> Description = Le service Explorateur d’ordinateurs dépend du service Serveur qui n’a pas pu démarrer en raison de l’erreur : %%1068 System [ Error ] 15/06/2010 06:36:22 Computer Name = abraracourcix | Source = Service Control Manager | ID = 7001 -> Description = Le service Explorateur d’ordinateurs dépend du service Serveur qui n’a pas pu démarrer en raison de l’erreur : %%1068 System [ Error ] 15/06/2010 06:38:29 Computer Name = abraracourcix | Source = Application Popup | ID = 1060 -> Description = Le chargement de \SystemRoot\SysWow64\drivers\pfc.sys a été bloqué en raison d’une incompatibilité avec ce système. Contactez l’éditeur de votre logiciel pour obtenir une version compatible du pilote. System [ Error ] 15/06/2010 15:01:41 Computer Name = abraracourcix | Source = RasSstp | ID = 1 -> Description = [Files/Folders - Created Within 60 Days] OTS.exe -> C:\Users\patrick\Desktop\OTS.exe -> [2010/06/19 13:19:32 | 000,640,000 | ---- | C] (OldTimer Tools) avgntflt.sys -> C:\Windows\SysNative\drivers\avgntflt.sys -> [2010/06/18 19:39:17 | 000,074,880 | ---- | C] (Avira GmbH) ssmdrv.sys -> C:\Windows\SysWow64\drivers\ssmdrv.sys -> [2010/06/18 19:39:17 | 000,028,376 | ---- | C] (Avira GmbH) Avira -> C:\ProgramData\Avira -> [2010/06/18 19:39:16 | 000,000,000 | ---D | C] Avira -> C:\Program Files (x86)\Avira -> [2010/06/18 19:39:16 | 000,000,000 | ---D | C] Ad-Remover -> C:\Program Files (x86)\Ad-Remover -> [2010/06/18 12:35:16 | 000,000,000 | ---D | C] Rar Repair Tool -> C:\Program Files (x86)\Rar Repair Tool -> [2010/06/16 20:22:37 | 000,000,000 | ---D | C] DAEMON Tools Lite -> C:\Users\patrick\AppData\Roaming\DAEMON Tools Lite -> [2010/06/16 12:52:26 | 000,000,000 | ---D | C] DAEMON Tools Lite -> C:\ProgramData\DAEMON Tools Lite -> [2010/06/16 12:52:24 | 000,000,000 | ---D | C] WinRAR -> C:\Program Files (x86)\WinRAR -> [2010/06/14 11:47:14 | 000,000,000 | ---D | C] 7-Zip -> C:\Program Files (x86)\7-Zip -> [2010/06/13 21:10:16 | 000,000,000 | ---D | C] JRE -> C:\Program Files (x86)\JRE -> [2010/06/12 22:29:03 | 000,000,000 | ---D | C] _OTM -> C:\_OTM -> [2010/06/12 07:50:12 | 000,000,000 | ---D | C] Minidump -> C:\Windows\Minidump -> [2010/06/12 07:37:20 | 000,000,000 | ---D | C] OTM.exe -> C:\Users\patrick\Desktop\OTM.exe -> [2010/06/12 07:33:37 | 000,518,656 | ---- | C] (OldTimer Tools) mstime.dll -> C:\Windows\SysNative\mstime.dll -> [2010/06/10 15:23:49 | 001,026,048 | ---- | C] (Microsoft Corporation) wininet.dll -> C:\Windows\SysNative\wininet.dll -> [2010/06/10 15:23:48 | 001,192,960 | ---- | C] (Microsoft Corporation) wininet.dll -> C:\Windows\SysWow64\wininet.dll -> [2010/06/10 15:23:48 | 000,977,920 | ---- | C] (Microsoft Corporation) mstime.dll -> C:\Windows\SysWow64\mstime.dll -> [2010/06/10 15:23:48 | 000,606,208 | ---- | C] (Microsoft Corporation) iedkcs32.dll -> C:\Windows\SysNative\iedkcs32.dll -> [2010/06/10 15:23:48 | 000,445,952 | ---- | C] (Microsoft Corporation) iedkcs32.dll -> C:\Windows\SysWow64\iedkcs32.dll -> [2010/06/10 15:23:48 | 000,381,440 | ---- | C] (Microsoft Corporation) msfeedsbs.dll -> C:\Windows\SysNative\msfeedsbs.dll -> [2010/06/10 15:23:48 | 000,082,944 | ---- | C] (Microsoft Corporation) msfeedsbs.dll -> C:\Windows\SysWow64\msfeedsbs.dll -> [2010/06/10 15:23:48 | 000,064,512 | ---- | C] (Microsoft Corporation) jsproxy.dll -> C:\Windows\SysNative\jsproxy.dll -> [2010/06/10 15:23:47 | 000,064,512 | ---- | C] (Microsoft Corporation) jsproxy.dll -> C:\Windows\SysWow64\jsproxy.dll -> [2010/06/10 15:23:47 | 000,048,128 | ---- | C] (Microsoft Corporation) asycfilt.dll -> C:\Windows\SysNative\asycfilt.dll -> [2010/06/10 11:05:50 | 000,084,992 | ---- | C] (Microsoft Corporation) asycfilt.dll -> C:\Windows\SysWow64\asycfilt.dll -> [2010/06/10 11:05:50 | 000,067,584 | ---- | C] (Microsoft Corporation) atmfd.dll -> C:\Windows\SysNative\atmfd.dll -> [2010/06/10 09:43:21 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) atmfd.dll -> C:\Windows\SysWow64\atmfd.dll -> [2010/06/10 09:43:20 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) atmlib.dll -> C:\Windows\SysNative\atmlib.dll -> [2010/06/10 09:43:20 | 000,046,080 | ---- | C] (Adobe Systems) atmlib.dll -> C:\Windows\SysWow64\atmlib.dll -> [2010/06/10 09:43:20 | 000,034,304 | ---- | C] (Adobe Systems) Wat -> C:\Windows\SysWow64\Wat -> [2010/06/08 21:10:25 | 000,000,000 | ---D | C] Wat -> C:\Windows\SysNative\Wat -> [2010/06/08 21:10:25 | 000,000,000 | ---D | C] trend micro -> C:\Program Files (x86)\trend micro -> [2010/06/08 12:26:42 | 000,000,000 | ---D | C] rsit -> C:\rsit -> [2010/06/08 12:26:42 | 000,000,000 | ---D | C] Lbd.sys -> C:\Windows\SysNative\drivers\Lbd.sys -> [2010/06/06 11:15:35 | 000,069,152 | ---- | C] (Lavasoft AB) THQ -> C:\Program Files (x86)\THQ -> [2010/06/05 16:00:16 | 000,000,000 | ---D | C] STALKER-SHOC -> C:\Users\Public\Documents\STALKER-SHOC -> [2010/06/05 16:00:16 | 000,000,000 | ---D | C] iTunes -> C:\Program Files\iTunes -> [2010/06/05 14:24:08 | 000,000,000 | ---D | C] iTunes -> C:\Program Files (x86)\iTunes -> [2010/06/05 14:24:08 | 000,000,000 | ---D | C] iPod -> C:\Program Files\iPod -> [2010/06/05 14:24:08 | 000,000,000 | ---D | C] {93E26451-CD9A-43A5-A2FA-C42392EA4001} -> C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} -> [2010/06/05 14:24:08 | 000,000,000 | ---D | C] Apple Software Update -> C:\Program Files (x86)\Apple Software Update -> [2010/06/05 14:23:29 | 000,000,000 | ---D | C] Bonjour -> C:\Program Files\Bonjour -> [2010/06/05 14:23:03 | 000,000,000 | ---D | C] Bonjour -> C:\Program Files (x86)\Bonjour -> [2010/06/05 14:23:03 | 000,000,000 | ---D | C] QuickTime -> C:\Program Files (x86)\QuickTime -> [2010/06/05 13:09:00 | 000,000,000 | ---D | C] Sun -> C:\ProgramData\Sun -> [2010/06/05 12:05:53 | 000,000,000 | ---D | C] Java -> C:\Program Files (x86)\Common Files\Java -> [2010/06/05 12:05:53 | 000,000,000 | ---D | C] deployJava1.dll -> C:\Windows\SysWow64\deployJava1.dll -> [2010/06/05 12:05:40 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) javaws.exe -> C:\Windows\SysWow64\javaws.exe -> [2010/06/05 12:05:40 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) javaw.exe -> C:\Windows\SysWow64\javaw.exe -> [2010/06/05 12:05:40 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) java.exe -> C:\Windows\SysWow64\java.exe -> [2010/06/05 12:05:40 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) SUPERAntiSpyware.com -> C:\Users\patrick\AppData\Roaming\SUPERAntiSpyware.com -> [2010/06/05 11:56:06 | 000,000,000 | ---D | C] SUPERAntiSpyware.com -> C:\ProgramData\SUPERAntiSpyware.com -> [2010/06/05 11:56:06 | 000,000,000 | ---D | C] SASCORE -> C:\ProgramData\SASCORE -> [2010/06/05 11:56:05 | 000,000,000 | ---D | C] SUPERAntiSpyware -> C:\Program Files\SUPERAntiSpyware -> [2010/06/05 11:56:03 | 000,000,000 | ---D | C] Secunia -> C:\Program Files (x86)\Secunia -> [2010/06/05 11:48:10 | 000,000,000 | ---D | C] Tetris 5000 -> C:\Program Files (x86)\Tetris 5000 -> [2010/06/05 11:04:23 | 000,000,000 | ---D | C] Steam -> C:\Program Files (x86)\Steam -> [2010/06/04 21:33:15 | 000,000,000 | ---D | C] SecurityScans -> C:\Users\patrick\SecurityScans -> [2010/06/04 18:21:30 | 000,000,000 | ---D | C] NortonInstaller -> C:\ProgramData\NortonInstaller -> [2010/06/04 18:20:57 | 000,000,000 | ---D | C] Microsoft Baseline Security Analyzer 2 -> C:\Program Files\Microsoft Baseline Security Analyzer 2 -> [2010/06/04 18:20:44 | 000,000,000 | ---D | C] Norton -> C:\ProgramData\Norton -> [2010/06/04 18:09:20 | 000,000,000 | ---D | C] NPE -> C:\Users\patrick\AppData\Local\NPE -> [2010/06/04 18:09:18 | 000,000,000 | ---D | C] unvise32.exe -> C:\Windows\unvise32.exe -> [2010/06/02 10:56:43 | 000,086,016 | ---- | C] (MindVision Software) Pure Pinball 2.0 REDUX -> C:\Program Files (x86)\Pure Pinball 2.0 REDUX -> [2010/06/02 10:56:00 | 000,000,000 | ---D | C] URTTEMP -> C:\Windows\SysWow64\URTTEMP -> [2010/06/02 10:50:06 | 000,000,000 | ---D | C] SecuROM -> C:\Users\patrick\AppData\Roaming\SecuROM -> [2010/06/02 10:45:08 | 000,000,000 | RH-D | C] LockHunter -> C:\Users\patrick\AppData\Roaming\LockHunter -> [2010/06/01 20:25:34 | 000,000,000 | ---D | C] psi_mf.sys -> C:\Windows\SysNative\drivers\psi_mf.sys -> [2010/05/28 13:04:52 | 000,017,456 | ---- | C] (Secunia) CmdLineExt_x64.dll -> C:\Windows\SysWow64\CmdLineExt_x64.dll -> [2010/05/26 17:23:00 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) My Games -> C:\Users\patrick\Documents\My Games -> [2010/05/26 09:35:53 | 000,000,000 | ---D | C] RDesc -> C:\RDesc -> [2010/05/24 15:12:10 | 000,000,000 | ---D | C] Downloads -> C:\Downloads -> [2010/05/20 17:27:16 | 000,000,000 | ---D | C] zoug -> C:\Users\patrick\AppData\Local\zoug -> [2010/05/12 16:20:16 | 000,000,000 | ---D | C] Malwarebytes -> C:\Users\patrick\AppData\Roaming\Malwarebytes -> [2010/05/02 11:22:22 | 000,000,000 | ---D | C] mbamswissarmy.sys -> C:\Windows\SysWow64\drivers\mbamswissarmy.sys -> [2010/05/02 11:22:17 | 000,038,224 | ---- | C] (Malwarebytes Corporation) mbam.sys -> C:\Windows\SysNative\drivers\mbam.sys -> [2010/05/02 11:22:16 | 000,024,664 | ---- | C] (Malwarebytes Corporation) Malwarebytes' Anti-Malware -> C:\Program Files (x86)\Malwarebytes' Anti-Malware -> [2010/05/02 11:22:16 | 000,000,000 | ---D | C] Malwarebytes -> C:\ProgramData\Malwarebytes -> [2010/05/02 11:22:16 | 000,000,000 | ---D | C] TURegOpt.exe -> C:\Windows\SysNative\TURegOpt.exe -> [2010/04/30 17:34:08 | 000,034,632 | ---- | C] (TuneUp Software) uxtuneup.dll -> C:\Windows\SysNative\uxtuneup.dll -> [2010/04/30 17:34:07 | 000,036,168 | ---- | C] (TuneUp Software) uxtuneup.dll -> C:\Windows\SysWow64\uxtuneup.dll -> [2010/04/30 17:34:07 | 000,030,024 | ---- | C] (TuneUp Software) authuitu.dll -> C:\Windows\SysNative\authuitu.dll -> [2010/04/30 17:34:07 | 000,025,928 | ---- | C] (TuneUp Software) authuitu.dll -> C:\Windows\SysWow64\authuitu.dll -> [2010/04/30 17:34:07 | 000,021,320 | ---- | C] (TuneUp Software) TuneUp Software -> C:\Users\patrick\AppData\Roaming\TuneUp Software -> [2010/04/30 17:33:53 | 000,000,000 | ---D | C] TuneUp Utilities 2010 -> C:\Program Files (x86)\TuneUp Utilities 2010 -> [2010/04/30 17:33:44 | 000,000,000 | ---D | C] TuneUp Software -> C:\ProgramData\TuneUp Software -> [2010/04/30 17:33:15 | 000,000,000 | ---D | C] {D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} -> C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} -> [2010/04/30 17:33:08 | 000,000,000 | -HSD | C] BVRP Software -> C:\ProgramData\BVRP Software -> [2010/04/30 14:46:05 | 000,000,000 | ---D | C] lsasrv.dll -> C:\Windows\SysNative\lsasrv.dll -> [2010/04/30 08:16:44 | 001,446,912 | ---- | C] (Microsoft Corporation) ksecpkg.sys -> C:\Windows\SysNative\drivers\ksecpkg.sys -> [2010/04/30 08:16:44 | 000,153,160 | ---- | C] (Microsoft Corporation) fvevol.sys -> C:\Windows\SysNative\drivers\fvevol.sys -> [2010/04/30 08:16:11 | 000,223,448 | ---- | C] (Microsoft Corporation) SecuROM -> C:\ProgramData\SecuROM -> [2010/04/27 13:15:21 | 000,000,000 | -HSD | C] 4A Games -> C:\Users\patrick\AppData\Local\4A Games -> [2010/04/26 12:57:33 | 000,000,000 | ---D | C] XAudio2_6.dll -> C:\Windows\SysNative\XAudio2_6.dll -> [2010/04/26 12:57:06 | 000,530,776 | ---- | C] (Microsoft Corporation) XAudio2_6.dll -> C:\Windows\SysWow64\XAudio2_6.dll -> [2010/04/26 12:57:06 | 000,528,216 | ---- | C] (Microsoft Corporation) xactengine3_6.dll -> C:\Windows\SysWow64\xactengine3_6.dll -> [2010/04/26 12:57:06 | 000,238,936 | ---- | C] (Microsoft Corporation) xactengine3_6.dll -> C:\Windows\SysNative\xactengine3_6.dll -> [2010/04/26 12:57:06 | 000,176,984 | ---- | C] (Microsoft Corporation) XAPOFX1_4.dll -> C:\Windows\SysNative\XAPOFX1_4.dll -> [2010/04/26 12:57:06 | 000,078,680 | ---- | C] (Microsoft Corporation) XAPOFX1_4.dll -> C:\Windows\SysWow64\XAPOFX1_4.dll -> [2010/04/26 12:57:06 | 000,074,072 | ---- | C] (Microsoft Corporation) X3DAudio1_7.dll -> C:\Windows\SysNative\X3DAudio1_7.dll -> [2010/04/26 12:57:06 | 000,024,920 | ---- | C] (Microsoft Corporation) NVIDIA Corporation -> C:\Program Files (x86)\NVIDIA Corporation -> [2010/04/26 07:38:45 | 000,000,000 | ---D | C] Wise Installation Wizard -> C:\Program Files (x86)\Common Files\Wise Installation Wizard -> [2010/04/26 07:38:26 | 000,000,000 | ---D | C] NVIDIA -> C:\Users\patrick\AppData\Roaming\NVIDIA -> [2010/04/25 23:11:27 | 000,000,000 | ---D | C] NVIDIA Corporation -> C:\Program Files\NVIDIA Corporation -> [2010/04/25 21:52:16 | 000,000,000 | ---D | C] X3DAudio1_7.dll -> C:\Windows\SysWow64\X3DAudio1_7.dll -> [2010/04/25 21:04:04 | 000,022,360 | ---- | C] (Microsoft Corporation) a-squared Free -> C:\Users\patrick\Documents\a-squared Free -> [2010/04/25 17:41:27 | 000,000,000 | ---D | C] a-squared Free -> C:\Program Files (x86)\a-squared Free -> [2010/04/25 17:41:27 | 000,000,000 | ---D | C] BVRP Software -> C:\Users\Public\Documents\BVRP Software -> [2010/04/25 09:46:41 | 000,000,000 | ---D | C] _Backup.RC -> C:\_Backup.RC -> [2010/04/25 09:44:39 | 000,000,000 | RHSD | C] _Backup -> C:\_Backup -> [2010/04/25 09:44:37 | 000,000,000 | -H-D | C] Avanquest -> C:\Users\patrick\AppData\Roaming\Avanquest -> [2010/04/25 09:42:28 | 000,000,000 | ---D | C] Avanquest -> C:\ProgramData\Avanquest -> [2010/04/25 09:42:28 | 000,000,000 | ---D | C] AntiVirus -> C:\Program Files (x86)\Common Files\AntiVirus -> [2010/04/25 09:42:26 | 000,000,000 | ---D | C] [Files/Folders - Modified Within 60 Days] 7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> [2010/06/19 13:22:12 | 000,009,920 | -H-- | M] () 7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> [2010/06/19 13:22:12 | 000,009,920 | -H-- | M] () OTS.exe -> C:\Users\patrick\Desktop\OTS.exe -> [2010/06/19 13:18:43 | 000,640,000 | ---- | M] (OldTimer Tools) Ad-Aware Update (Weekly).job -> C:\Windows\tasks\Ad-Aware Update (Weekly).job -> [2010/06/19 13:15:39 | 000,000,396 | ---- | M] () Ikeext.etl -> C:\Windows\SysNative\Ikeext.etl -> [2010/06/19 13:15:02 | 000,065,536 | ---- | M] () GoogleUpdateTaskMachineCore.job -> C:\Windows\tasks\GoogleUpdateTaskMachineCore.job -> [2010/06/19 13:15:01 | 000,001,064 | ---- | M] () GlaryInitialize.job -> C:\Windows\tasks\GlaryInitialize.job -> [2010/06/19 13:15:01 | 000,000,328 | ---- | M] () SA.DAT -> C:\Windows\tasks\SA.DAT -> [2010/06/19 13:14:55 | 000,000,006 | -H-- | M] () bootstat.dat -> C:\Windows\bootstat.dat -> [2010/06/19 13:14:50 | 000,067,584 | --S- | M] () hiberfil.sys -> C:\hiberfil.sys -> [2010/06/19 13:14:48 | 529,854,463 | -HS- | M] () ntuser.dat -> C:\Users\patrick\ntuser.dat -> [2010/06/19 13:14:03 | 006,029,312 | -HS- | M] () IconCache.db -> C:\Users\patrick\AppData\Local\IconCache.db -> [2010/06/19 13:13:57 | 002,724,564 | -H-- | M] () GoogleUpdateTaskMachineUA.job -> C:\Windows\tasks\GoogleUpdateTaskMachineUA.job -> [2010/06/19 13:00:01 | 000,001,068 | ---- | M] () PerfStringBackup.INI -> C:\Windows\SysNative\PerfStringBackup.INI -> [2010/06/19 08:41:52 | 001,553,042 | ---- | M] () perfh00C.dat -> C:\Windows\SysNative\perfh00C.dat -> [2010/06/19 08:41:52 | 000,704,618 | ---- | M] () perfh009.dat -> C:\Windows\SysNative\perfh009.dat -> [2010/06/19 08:41:52 | 000,615,760 | ---- | M] () perfc00C.dat -> C:\Windows\SysNative\perfc00C.dat -> [2010/06/19 08:41:52 | 000,132,340 | ---- | M] () perfc009.dat -> C:\Windows\SysNative\perfc009.dat -> [2010/06/19 08:41:52 | 000,107,396 | ---- | M] () cc_20100618_224007.reg -> C:\Users\patrick\Documents\cc_20100618_224007.reg -> [2010/06/18 22:40:09 | 000,002,522 | ---- | M] () avgntflt.sys -> C:\Windows\SysNative\drivers\avgntflt.sys -> [2010/06/18 19:52:00 | 000,074,880 | ---- | M] (Avira GmbH) base registre.reg -> C:\Users\patrick\Documents\base registre.reg -> [2010/06/17 19:06:01 | 000,000,294 | ---- | M] () EPISMF00.SWB -> C:\Windows\EPISMF00.SWB -> [2010/06/17 07:38:53 | 000,016,574 | ---- | M] () ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/16 13:55:19 | 000,524,288 | -HS- | M] () ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/16 13:55:19 | 000,524,288 | -HS- | M] () ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TM.blf -> [2010/06/16 13:55:19 | 000,065,536 | -HS- | M] () 5h9xvjf9i.lnk -> C:\Users\patrick\Desktop\5h9xvjf9i.lnk -> [2010/06/16 13:13:53 | 000,001,197 | ---- | M] () GDIPFONTCACHEV1.DAT -> C:\Users\patrick\AppData\Local\GDIPFONTCACHEV1.DAT -> [2010/06/14 08:52:14 | 000,107,496 | ---- | M] () FNTCACHE.DAT -> C:\Windows\SysNative\FNTCACHE.DAT -> [2010/06/14 08:12:03 | 000,411,000 | ---- | M] () cc_20100613_085115.reg -> C:\Users\patrick\Documents\cc_20100613_085115.reg -> [2010/06/13 08:51:17 | 000,001,192 | ---- | M] () OTM.exe -> C:\Users\patrick\Desktop\OTM.exe -> [2010/06/12 06:39:21 | 000,518,656 | ---- | M] (OldTimer Tools) MegaManager.INI -> C:\Windows\MegaManager.INI -> [2010/06/08 19:39:53 | 000,000,050 | ---- | M] () RSIT.exe -> C:\Users\patrick\Desktop\RSIT.exe -> [2010/06/08 12:26:15 | 000,824,681 | ---- | M] () bookmarks-2010-06-07.json -> C:\Users\patrick\Documents\bookmarks-2010-06-07.json -> [2010/06/07 19:31:37 | 000,101,194 | ---- | M] () Mozilla Firefox.lnk -> C:\Users\Public\Desktop\Mozilla Firefox.lnk -> [2010/06/07 19:17:05 | 000,001,946 | ---- | M] () Lbd.sys -> C:\Windows\SysNative\drivers\Lbd.sys -> [2010/06/06 10:58:16 | 000,069,152 | ---- | M] (Lavasoft AB) hosts -> C:\Windows\SysNative\drivers\etc\hosts -> [2010/06/05 18:12:02 | 000,000,000 | ---- | M] () RDesc.lnk -> C:\Users\Public\Desktop\RDesc.lnk -> [2010/06/05 14:33:03 | 000,000,551 | ---- | M] () iTunes.lnk -> C:\Users\Public\Desktop\iTunes.lnk -> [2010/06/05 14:24:18 | 000,002,429 | ---- | M] () deployJava1.dll -> C:\Windows\SysWow64\deployJava1.dll -> [2010/06/05 12:05:37 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) javaws.exe -> C:\Windows\SysWow64\javaws.exe -> [2010/06/05 12:05:37 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) javaw.exe -> C:\Windows\SysWow64\javaw.exe -> [2010/06/05 12:05:37 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) java.exe -> C:\Windows\SysWow64\java.exe -> [2010/06/05 12:05:37 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/05 09:00:35 | 000,524,288 | -HS- | M] () ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/05 09:00:35 | 000,524,288 | -HS- | M] () ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TM.blf -> [2010/06/05 09:00:35 | 000,065,536 | -HS- | M] () ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/04 16:53:44 | 000,524,288 | -HS- | M] () ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/04 16:53:44 | 000,524,288 | -HS- | M] () ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TM.blf -> [2010/06/04 16:53:44 | 000,065,536 | -HS- | M] () ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/04 16:33:33 | 000,524,288 | -HS- | M] () ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/04 16:33:33 | 000,524,288 | -HS- | M] () ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TM.blf -> [2010/06/04 16:33:33 | 000,065,536 | -HS- | M] () ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/04 16:28:40 | 000,524,288 | -HS- | M] () ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/04 16:28:40 | 000,524,288 | -HS- | M] () ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TM.blf -> [2010/06/04 16:28:40 | 000,065,536 | -HS- | M] () housecall.guid.cache -> C:\Users\patrick\AppData\Local\housecall.guid.cache -> [2010/06/04 13:40:11 | 000,000,036 | ---- | M] () ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/04 13:08:08 | 000,524,288 | -HS- | M] () ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/04 13:08:08 | 000,524,288 | -HS- | M] () ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TM.blf -> [2010/06/04 13:08:08 | 000,065,536 | -HS- | M] () PerfStringBackup.INI -> C:\Windows\SysWow64\PerfStringBackup.INI -> [2010/06/02 10:50:21 | 001,578,582 | ---- | M] () PnkBstrB.exe -> C:\Windows\SysWow64\PnkBstrB.exe -> [2010/06/02 10:42:14 | 000,103,736 | ---- | M] () pbsvc.exe -> C:\Windows\SysWow64\pbsvc.exe -> [2010/06/02 10:42:07 | 000,669,184 | ---- | M] () PnkBstrA.exe -> C:\Windows\SysWow64\PnkBstrA.exe -> [2010/06/02 10:42:07 | 000,066,872 | ---- | M] () ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/01 20:17:42 | 000,524,288 | -HS- | M] () ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/01 20:17:42 | 000,524,288 | -HS- | M] () ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TM.blf -> [2010/06/01 20:17:42 | 000,065,536 | -HS- | M] () ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/01 17:10:23 | 000,524,288 | -HS- | M] () ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/01 17:10:23 | 000,524,288 | -HS- | M] () ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TM.blf -> [2010/06/01 17:10:23 | 000,065,536 | -HS- | M] () ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/05/31 10:31:42 | 000,524,288 | -HS- | M] () ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/05/31 10:31:42 | 000,524,288 | -HS- | M] () ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TM.blf -> [2010/05/31 10:31:42 | 000,065,536 | -HS- | M] () psi_mf.sys -> C:\Windows\SysNative\drivers\psi_mf.sys -> [2010/05/28 13:04:52 | 000,017,456 | ---- | M] (Secunia) atmlib.dll -> C:\Windows\SysWow64\atmlib.dll -> [2010/05/27 09:24:13 | 000,034,304 | ---- | M] (Adobe Systems) atmlib.dll -> C:\Windows\SysNative\atmlib.dll -> [2010/05/27 08:34:09 | 000,046,080 | ---- | M] (Adobe Systems) atmfd.dll -> C:\Windows\SysNative\atmfd.dll -> [2010/05/27 06:11:32 | 000,366,080 | ---- | M] (Adobe Systems Incorporated) atmfd.dll -> C:\Windows\SysWow64\atmfd.dll -> [2010/05/27 05:49:37 | 000,293,888 | ---- | M] (Adobe Systems Incorporated) ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/05/26 23:28:55 | 000,524,288 | -HS- | M] () ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/05/26 23:28:55 | 000,524,288 | -HS- | M] () ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TM.blf -> [2010/05/26 23:28:55 | 000,065,536 | -HS- | M] () CmdLineExt_x64.dll -> C:\Windows\SysWow64\CmdLineExt_x64.dll -> [2010/05/26 17:23:00 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) ealregsnapshot1.reg -> C:\Windows\SysWow64\ealregsnapshot1.reg -> [2010/05/26 17:08:24 | 000,000,662 | ---- | M] () wininet.dll -> C:\Windows\SysNative\wininet.dll -> [2010/05/21 07:52:30 | 001,192,960 | ---- | M] (Microsoft Corporation) jsproxy.dll -> C:\Windows\SysNative\jsproxy.dll -> [2010/05/21 07:47:27 | 000,064,512 | ---- | M] (Microsoft Corporation) wininet.dll -> C:\Windows\SysWow64\wininet.dll -> [2010/05/21 07:18:06 | 000,977,920 | ---- | M] (Microsoft Corporation) jsproxy.dll -> C:\Windows\SysWow64\jsproxy.dll -> [2010/05/21 07:14:50 | 000,048,128 | ---- | M] (Microsoft Corporation) config.nt -> C:\Windows\SysWow64\config.nt -> [2010/05/08 09:15:01 | 000,000,000 | ---- | M] () TURegOpt.exe -> C:\Windows\SysNative\TURegOpt.exe -> [2010/05/07 18:07:32 | 000,034,632 | ---- | M] (TuneUp Software) authuitu.dll -> C:\Windows\SysNative\authuitu.dll -> [2010/05/07 18:02:00 | 000,025,928 | ---- | M] (TuneUp Software) authuitu.dll -> C:\Windows\SysWow64\authuitu.dll -> [2010/05/07 18:01:56 | 000,021,320 | ---- | M] (TuneUp Software) uxtuneup.dll -> C:\Windows\SysNative\uxtuneup.dll -> [2010/05/07 18:01:52 | 000,036,168 | ---- | M] (TuneUp Software) uxtuneup.dll -> C:\Windows\SysWow64\uxtuneup.dll -> [2010/05/07 18:01:44 | 000,030,024 | ---- | M] (TuneUp Software) mstime.dll -> C:\Windows\SysNative\mstime.dll -> [2010/05/06 15:00:06 | 001,026,048 | ---- | M] (Microsoft Corporation) msfeedsbs.dll -> C:\Windows\SysNative\msfeedsbs.dll -> [2010/05/06 14:59:55 | 000,082,944 | ---- | M] (Microsoft Corporation) iedkcs32.dll -> C:\Windows\SysNative\iedkcs32.dll -> [2010/05/06 14:58:57 | 000,445,952 | ---- | M] (Microsoft Corporation) mstime.dll -> C:\Windows\SysWow64\mstime.dll -> [2010/05/06 14:41:55 | 000,606,208 | ---- | M] (Microsoft Corporation) msfeedsbs.dll -> C:\Windows\SysWow64\msfeedsbs.dll -> [2010/05/06 14:41:53 | 000,064,512 | ---- | M] (Microsoft Corporation) iedkcs32.dll -> C:\Windows\SysWow64\iedkcs32.dll -> [2010/05/06 14:41:49 | 000,381,440 | ---- | M] (Microsoft Corporation) lsdelete.exe -> C:\Windows\SysNative\lsdelete.exe -> [2010/05/01 08:43:22 | 000,015,880 | ---- | M] () ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/04/30 17:40:38 | 000,524,288 | -HS- | M] () ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/04/30 17:40:38 | 000,524,288 | -HS- | M] () ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TM.blf -> [2010/04/30 17:40:38 | 000,065,536 | -HS- | M] () mbamswissarmy.sys -> C:\Windows\SysWow64\drivers\mbamswissarmy.sys -> [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) mbam.sys -> C:\Windows\SysNative\drivers\mbam.sys -> [2010/04/29 15:39:28 | 000,024,664 | ---- | M] (Malwarebytes Corporation) ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/04/24 22:06:43 | 000,524,288 | -HS- | M] () ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/04/24 22:06:43 | 000,524,288 | -HS- | M] () ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TM.blf -> [2010/04/24 22:06:43 | 000,065,536 | -HS- | M] () [Files - No Company Name] Ad-Aware Update (Weekly).job -> C:\Windows\tasks\Ad-Aware Update (Weekly).job -> [2010/06/19 13:15:39 | 000,000,396 | ---- | C] () cc_20100618_224007.reg -> C:\Users\patrick\Documents\cc_20100618_224007.reg -> [2010/06/18 22:40:08 | 000,002,522 | ---- | C] () base registre.reg -> C:\Users\patrick\Documents\base registre.reg -> [2010/06/17 19:06:01 | 000,000,294 | ---- | C] () 5h9xvjf9i.lnk -> C:\Users\patrick\Desktop\5h9xvjf9i.lnk -> [2010/06/16 13:13:53 | 000,001,197 | ---- | C] () ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/16 13:06:52 | 000,524,288 | -HS- | C] () ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/16 13:06:52 | 000,524,288 | -HS- | C] () ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TM.blf -> [2010/06/16 13:06:52 | 000,065,536 | -HS- | C] () IconCache.db -> C:\Users\patrick\AppData\Local\IconCache.db -> [2010/06/16 07:53:04 | 002,724,564 | -H-- | C] () cc_20100613_085115.reg -> C:\Users\patrick\Documents\cc_20100613_085115.reg -> [2010/06/13 08:51:16 | 000,001,192 | ---- | C] () RSIT.exe -> C:\Users\patrick\Desktop\RSIT.exe -> [2010/06/08 12:26:33 | 000,824,681 | ---- | C] () bookmarks-2010-06-07.json -> C:\Users\patrick\Documents\bookmarks-2010-06-07.json -> [2010/06/07 19:29:19 | 000,101,194 | ---- | C] () Mozilla Firefox.lnk -> C:\Users\Public\Desktop\Mozilla Firefox.lnk -> [2010/06/07 19:17:05 | 000,001,946 | ---- | C] () iTunes.lnk -> C:\Users\Public\Desktop\iTunes.lnk -> [2010/06/05 14:24:18 | 000,002,429 | ---- | C] () ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/05 08:53:58 | 000,524,288 | -HS- | C] () ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/05 08:53:58 | 000,524,288 | -HS- | C] () ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TM.blf -> [2010/06/05 08:53:58 | 000,065,536 | -HS- | C] () ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/04 16:36:36 | 000,524,288 | -HS- | C] () ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/04 16:36:36 | 000,524,288 | -HS- | C] () ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TM.blf -> [2010/06/04 16:36:36 | 000,065,536 | -HS- | C] () ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/04 16:30:29 | 000,524,288 | -HS- | C] () ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/04 16:30:29 | 000,524,288 | -HS- | C] () ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TM.blf -> [2010/06/04 16:30:28 | 000,065,536 | -HS- | C] () ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/04 16:11:26 | 000,524,288 | -HS- | C] () ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/04 16:11:26 | 000,524,288 | -HS- | C] () ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TM.blf -> [2010/06/04 16:11:26 | 000,065,536 | -HS- | C] () housecall.guid.cache -> C:\Users\patrick\AppData\Local\housecall.guid.cache -> [2010/06/04 13:40:11 | 000,000,036 | ---- | C] () ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/04 07:54:42 | 000,524,288 | -HS- | C] () ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/04 07:54:42 | 000,524,288 | -HS- | C] () ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TM.blf -> [2010/06/04 07:54:42 | 000,065,536 | -HS- | C] () PerfStringBackup.INI -> C:\Windows\SysWow64\PerfStringBackup.INI -> [2010/06/02 10:50:19 | 001,578,582 | ---- | C] () PnkBstrB.exe -> C:\Windows\SysWow64\PnkBstrB.exe -> [2010/06/02 10:42:10 | 000,103,736 | ---- | C] () pbsvc.exe -> C:\Windows\SysWow64\pbsvc.exe -> [2010/06/02 10:42:07 | 000,669,184 | ---- | C] () PnkBstrA.exe -> C:\Windows\SysWow64\PnkBstrA.exe -> [2010/06/02 10:42:07 | 000,066,872 | ---- | C] () ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/01 17:21:22 | 000,524,288 | -HS- | C] () ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/01 17:21:22 | 000,524,288 | -HS- | C] () ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TM.blf -> [2010/06/01 17:21:21 | 000,065,536 | -HS- | C] () ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/05/31 10:57:24 | 000,524,288 | -HS- | C] () ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/05/31 10:57:24 | 000,524,288 | -HS- | C] () ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TM.blf -> [2010/05/31 10:57:24 | 000,065,536 | -HS- | C] () ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/05/31 10:29:05 | 000,524,288 | -HS- | C] () ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/05/31 10:29:05 | 000,524,288 | -HS- | C] () ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TM.blf -> [2010/05/31 10:29:05 | 000,065,536 | -HS- | C] () RDesc.lnk -> C:\Users\Public\Desktop\RDesc.lnk -> [2010/05/28 17:01:51 | 000,000,551 | ---- | C] () EPISMF00.SWB -> C:\Windows\EPISMF00.SWB -> [2010/05/26 17:14:27 | 000,016,574 | ---- | C] () ealregsnapshot1.reg -> C:\Windows\SysWow64\ealregsnapshot1.reg -> [2010/05/26 17:08:24 | 000,000,662 | ---- | C] () ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/05/26 14:43:11 | 000,524,288 | -HS- | C] () ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/05/26 14:43:09 | 000,524,288 | -HS- | C] () ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TM.blf -> [2010/05/26 14:43:09 | 000,065,536 | -HS- | C] () logo.bmp -> C:\logo.bmp -> [2010/05/22 12:55:01 | 000,009,296 | ---- | C] () MegaManager.INI -> C:\Windows\MegaManager.INI -> [2010/05/20 17:08:49 | 000,000,050 | ---- | C] () ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/04/30 08:06:52 | 000,524,288 | -HS- | C] () ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/04/30 08:06:52 | 000,524,288 | -HS- | C] () ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TM.blf -> [2010/04/30 08:06:52 | 000,065,536 | -HS- | C] () ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/04/24 21:58:34 | 000,524,288 | -HS- | C] () ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/04/24 21:58:34 | 000,524,288 | -HS- | C] () ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TM.blf -> [2010/04/24 21:58:34 | 000,065,536 | -HS- | C] () game.ini -> C:\Windows\game.ini -> [2010/04/13 09:23:38 | 000,000,331 | ---- | C] () PICSDK.ini -> C:\Windows\SysWow64\PICSDK.ini -> [2010/02/28 21:30:24 | 000,000,099 | ---- | C] () CDE RX520FI.ini -> C:\Windows\CDE RX520FI.ini -> [2010/02/28 20:52:09 | 000,000,027 | ---- | C] () GlobalUserInterface.CompositeFont -> C:\Windows\Fonts\GlobalUserInterface.CompositeFont -> [2009/07/14 07:32:39 | 000,043,318 | ---- | C] () GlobalSerif.CompositeFont -> C:\Windows\Fonts\GlobalSerif.CompositeFont -> [2009/07/14 07:32:39 | 000,029,779 | ---- | C] () GlobalSansSerif.CompositeFont -> C:\Windows\Fonts\GlobalSansSerif.CompositeFont -> [2009/07/14 07:32:39 | 000,026,489 | ---- | C] () GlobalMonospace.CompositeFont -> C:\Windows\Fonts\GlobalMonospace.CompositeFont -> [2009/07/14 07:32:39 | 000,026,040 | ---- | C] () BWContextHandler.dll -> C:\Windows\SysWow64\BWContextHandler.dll -> [2009/07/14 01:42:10 | 000,064,000 | ---- | C] () msjetoledb40.dll -> C:\Windows\SysWow64\msjetoledb40.dll -> [2009/07/13 23:03:59 | 000,364,544 | ---- | C] () StarOpen.sys -> C:\Windows\SysWow64\drivers\StarOpen.sys -> [2007/10/25 18:26:10 | 000,005,632 | ---- | C] () EPSPTDV.DLL -> C:\Windows\SysWow64\EPSPTDV.DLL -> [2005/02/25 07:15:00 | 000,159,744 | ---- | C] () [File - Lop Check] Acronis -> C:\Users\patrick\AppData\Roaming\Acronis -> [2010/03/12 14:43:01 | 000,000,000 | ---D | M] Auslogics -> C:\Users\patrick\AppData\Roaming\Auslogics -> [2010/03/01 19:31:06 | 000,000,000 | ---D | M] Avanquest -> C:\Users\patrick\AppData\Roaming\Avanquest -> [2010/04/25 09:58:58 | 000,000,000 | ---D | M] Capturino -> C:\Users\patrick\AppData\Roaming\Capturino -> [2010/03/17 17:54:53 | 000,000,000 | ---D | M] DAEMON Tools Lite -> C:\Users\patrick\AppData\Roaming\DAEMON Tools Lite -> [2010/06/16 12:56:05 | 000,000,000 | ---D | M] GlarySoft -> C:\Users\patrick\AppData\Roaming\GlarySoft -> [2010/03/12 13:38:08 | 000,000,000 | ---D | M] KC Softwares -> C:\Users\patrick\AppData\Roaming\KC Softwares -> [2010/03/03 21:40:01 | 000,000,000 | ---D | M] LockHunter -> C:\Users\patrick\AppData\Roaming\LockHunter -> [2010/06/01 20:25:35 | 000,000,000 | ---D | M] OpenOffice.org -> C:\Users\patrick\AppData\Roaming\OpenOffice.org -> [2010/03/04 18:50:46 | 000,000,000 | ---D | M] PC Suite -> C:\Users\patrick\AppData\Roaming\PC Suite -> [2010/03/02 14:11:07 | 000,000,000 | ---D | M] PowerCinema -> C:\Users\patrick\AppData\Roaming\PowerCinema -> [2010/06/01 17:20:25 | 000,000,000 | ---D | M] Samsung -> C:\Users\patrick\AppData\Roaming\Samsung -> [2010/03/09 12:56:48 | 000,000,000 | ---D | M] SoftDMA -> C:\Users\patrick\AppData\Roaming\SoftDMA -> [2010/02/28 18:46:47 | 000,000,000 | ---D | M] system32 -> C:\Users\patrick\AppData\Roaming\system32 -> [2010/04/30 17:42:19 | 000,000,000 | RHSD | M] Thunderbird -> C:\Users\patrick\AppData\Roaming\Thunderbird -> [2010/02/28 22:05:33 | 000,000,000 | ---D | M] TuneUp Software -> C:\Users\patrick\AppData\Roaming\TuneUp Software -> [2010/04/30 17:33:53 | 000,000,000 | ---D | M] URSoft -> C:\Users\patrick\AppData\Roaming\URSoft -> [2010/02/28 21:55:06 | 000,000,000 | ---D | M] Ad-Aware Update (Weekly).job -> C:\Windows\Tasks\Ad-Aware Update (Weekly).job -> [2010/06/19 13:15:39 | 000,000,396 | ---- | M] () GlaryInitialize.job -> C:\Windows\Tasks\GlaryInitialize.job -> [2010/06/19 13:15:01 | 000,000,328 | ---- | M] () SCHEDLGU.TXT -> C:\Windows\Tasks\SCHEDLGU.TXT -> [2010/06/04 16:54:40 | 000,032,566 | ---- | M] () [File - Purity Scan] [Alternate Data Streams] @Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:B3D74A13 @Alternate Data Stream - 180 bytes -> C:\ProgramData\Temp:1CE11B51 < End of report > OTS logfile created on: 19/06/2010 13:22:37 - Run 1 OTS by OldTimer - Version 3.1.31.2 Folder = C:\Users\patrick\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 6,00 Gb Total Physical Memory | 5,00 Gb Available Physical Memory | 76,00% Memory free 12,00 Gb Paging File | 10,00 Gb Available in Paging File | 87,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 458,45 Gb Total Space | 392,85 Gb Free Space | 85,69% Space Free | Partition Type: NTFS Drive D: | 458,96 Gb Total Space | 179,03 Gb Free Space | 39,01% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ABRARACOURCIX Current User Name: patrick Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 60 Days [Processes - Safe List] ots.exe -> C:\Users\patrick\Desktop\OTS.exe -> [2010/06/19 13:18:43 | 000,640,000 | ---- | M] (OldTimer Tools) avguard.exe -> C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -> [2010/06/18 19:52:00 | 000,185,089 | ---- | M] (Avira GmbH) sched.exe -> C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -> [2010/06/18 19:52:00 | 000,108,289 | ---- | M] (Avira GmbH) aawtray.exe -> C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe -> [2010/06/16 13:07:32 | 000,864,112 | ---- | M] (Lavasoft) aawservice.exe -> C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -> [2010/06/16 13:07:26 | 001,352,832 | ---- | M] (Lavasoft) pnkbstra.exe -> C:\Windows\SysWOW64\PnkBstrA.exe -> [2010/06/02 10:42:07 | 000,066,872 | ---- | M] () psi.exe -> C:\Program Files (x86)\Secunia\PSI\psi.exe -> [2010/05/28 13:04:52 | 000,911,920 | ---- | M] (Secunia) applemobiledeviceservice.exe -> C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -> [2010/04/16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) a2service.exe -> C:\Program Files (x86)\a-squared Free\a2service.exe -> [2010/04/15 08:25:20 | 001,872,320 | ---- | M] (Emsi Software GmbH) afcdpsrv.exe -> C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -> [2010/03/12 13:43:13 | 002,326,920 | ---- | M] (Acronis) schedhlp.exe -> C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe -> [2009/09/12 18:38:50 | 000,358,024 | ---- | M] (Acronis) trueimagemonitor.exe -> C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe -> [2009/09/12 18:38:16 | 005,081,912 | ---- | M] (Acronis) mwldaemon.exe -> C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe -> [2009/09/10 15:42:30 | 000,349,480 | ---- | M] (Egis Technology Inc.) greghsrw.exe -> C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -> [2009/08/28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) hotkeyutility.exe -> C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe -> [2009/08/18 09:27:26 | 000,629,280 | ---- | M] () ischedulesvc.exe -> C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -> [2009/08/13 00:04:44 | 000,062,208 | ---- | M] (NewTech Infosystems, Inc.) backupmanagertray.exe -> C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe -> [2009/08/12 23:58:28 | 000,261,888 | ---- | M] (NewTech Infosystems, Inc.) egisupdate.exe -> C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe -> [2009/08/04 07:09:34 | 000,199,464 | ---- | M] (Egis Technology Inc.) updaterservice.exe -> C:\Program Files\Acer\Acer Updater\UpdaterService.exe -> [2009/07/04 03:47:12 | 000,240,160 | ---- | M] (Acer) iaanotif.exe -> C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe -> [2009/06/05 04:03:32 | 000,186,904 | ---- | M] (Intel Corporation) iaantmon.exe -> C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -> [2009/06/05 04:03:06 | 000,354,840 | ---- | M] (Intel Corporation) avgnt.exe -> C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe -> [2009/03/02 13:08:11 | 000,209,153 | ---- | M] (Avira GmbH) sdwinsec.exe -> C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -> [2009/01/26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Modules - Safe List] ots.exe -> C:\Users\patrick\Desktop\OTS.exe -> [2010/06/19 13:18:43 | 000,640,000 | ---- | M] (OldTimer Tools) comdlg32.dll -> C:\Windows\SysWOW64\comdlg32.dll -> [2009/07/14 03:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) msscript.ocx -> C:\Windows\SysWOW64\msscript.ocx -> [2009/07/14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) comctl32.dll -> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll -> [2009/07/14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) [Win32 Services - Safe List] 64bit-(WatAdminSvc) [unknown | Stopped] -> C:\Windows\SysNative\Wat\WatAdminSvc.exe -> [2010/06/08 21:10:24 | 001,255,736 | ---- | M] (Microsoft Corporation) 64bit-(UxTuneUp) [Auto | Running] -> C:\Windows\SysNative\uxtuneup.dll -> [2010/05/07 18:01:52 | 000,036,168 | ---- | M] (TuneUp Software) 64bit-(SASCORE) [Auto | Running] -> C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -> [2010/04/28 17:23:07 | 000,120,832 | ---- | M] (SUPERAntiSpyware.com) 64bit-(WwanSvc) [On_Demand | Stopped] -> C:\Windows\SysNative\wwansvc.dll -> [2009/07/14 03:41:59 | 000,229,888 | ---- | M] (Microsoft Corporation) 64bit-(WbioSrvc) [On_Demand | Stopped] -> C:\Windows\SysNative\wbiosrvc.dll -> [2009/07/14 03:41:56 | 000,202,240 | ---- | M] (Microsoft Corporation) 64bit-(Power) [Auto | Running] -> C:\Windows\SysNative\umpo.dll -> [2009/07/14 03:41:56 | 000,163,840 | ---- | M] (Microsoft Corporation) 64bit-(Themes) [Auto | Running] -> C:\Windows\SysNative\themeservice.dll -> [2009/07/14 03:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) 64bit-(sppuinotify) [On_Demand | Stopped] -> C:\Windows\SysNative\sppuinotify.dll -> [2009/07/14 03:41:54 | 000,065,536 | ---- | M] (Microsoft Corporation) 64bit-(SensrSvc) [On_Demand | Stopped] -> C:\Windows\SysNative\sensrsvc.dll -> [2009/07/14 03:41:54 | 000,029,184 | ---- | M] (Microsoft Corporation) 64bit-(PNRPsvc) [On_Demand | Running] -> C:\Windows\SysNative\pnrpsvc.dll -> [2009/07/14 03:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) 64bit-(p2pimsvc) [On_Demand | Running] -> C:\Windows\SysNative\pnrpsvc.dll -> [2009/07/14 03:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) 64bit-(HomeGroupProvider) [On_Demand | Running] -> C:\Windows\SysNative\provsvc.dll -> [2009/07/14 03:41:53 | 000,187,904 | ---- | M] (Microsoft Corporation) 64bit-(RpcEptMapper) [unknown | Running] -> C:\Windows\SysNative\RpcEpMap.dll -> [2009/07/14 03:41:53 | 000,067,072 | ---- | M] (Microsoft Corporation) 64bit-(PNRPAutoReg) [On_Demand | Stopped] -> C:\Windows\SysNative\pnrpauto.dll -> [2009/07/14 03:41:53 | 000,025,088 | ---- | M] (Microsoft Corporation) 64bit-(WinDefend) [Auto | Running] -> C:\Program Files\Windows Defender\mpsvc.dll -> [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) 64bit-(HomeGroupListener) [On_Demand | Running] -> C:\Windows\SysNative\ListSvc.dll -> [2009/07/14 03:41:18 | 000,231,936 | ---- | M] (Microsoft Corporation) 64bit-(FontCache) [On_Demand | Stopped] -> C:\Windows\SysNative\FntCache.dll -> [2009/07/14 03:40:54 | 001,127,936 | ---- | M] (Microsoft Corporation) 64bit-(Dhcp) [Auto | Running] -> C:\Windows\SysNative\dhcpcore.dll -> [2009/07/14 03:40:28 | 000,314,368 | ---- | M] (Microsoft Corporation) 64bit-(defragsvc) [On_Demand | Stopped] -> C:\Windows\SysNative\defragsvc.dll -> [2009/07/14 03:40:28 | 000,291,328 | ---- | M] (Microsoft Corporation) 64bit-(bthserv) [On_Demand | Stopped] -> C:\Windows\SysNative\bthserv.dll -> [2009/07/14 03:40:13 | 000,083,968 | ---- | M] (Microsoft Corporation) 64bit-(BDESVC) [unknown | Stopped] -> C:\Windows\SysNative\bdesvc.dll -> [2009/07/14 03:40:10 | 000,100,864 | ---- | M] (Microsoft Corporation) 64bit-(AxInstSV) [On_Demand | Stopped] -> C:\Windows\SysNative\AxInstSv.dll -> [2009/07/14 03:40:05 | 000,114,688 | ---- | M] (Microsoft Corporation) 64bit-(AppIDSvc) [On_Demand | Stopped] -> C:\Windows\SysNative\appidsvc.dll -> [2009/07/14 03:40:01 | 000,032,256 | ---- | M] (Microsoft Corporation) 64bit-(wbengine) [On_Demand | Stopped] -> C:\Windows\SysNative\wbengine.exe -> [2009/07/14 03:39:51 | 001,503,744 | ---- | M] (Microsoft Corporation) 64bit-(sppsvc) [Auto | Stopped] -> C:\Windows\SysNative\sppsvc.exe -> [2009/07/14 03:39:28 | 003,524,608 | ---- | M] (Microsoft Corporation) 64bit-(Fax) [On_Demand | Stopped] -> C:\Windows\SysNative\FXSSVC.exe -> [2009/07/14 03:39:11 | 000,689,152 | ---- | M] (Microsoft Corporation) 64bit-(Updater Service) [Auto | Running] -> C:\Program Files\Acer\Acer Updater\UpdaterService.exe -> [2009/07/04 03:47:12 | 000,240,160 | ---- | M] (Acer) (AntiVirService) Avira AntiVir Guard [Auto | Running] -> C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -> [2010/06/18 19:52:00 | 000,185,089 | ---- | M] (Avira GmbH) (AntiVirSchedulerService) Avira AntiVir Planificateur [Auto | Running] -> C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -> [2010/06/18 19:52:00 | 000,108,289 | ---- | M] (Avira GmbH) (Lavasoft Ad-Aware Service) Lavasoft Ad-Aware Service [Auto | Running] -> C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -> [2010/06/16 13:07:26 | 001,352,832 | ---- | M] (Lavasoft) (PnkBstrA) PnkBstrA [Auto | Running] -> C:\Windows\SysWOW64\PnkBstrA.exe -> [2010/06/02 10:42:07 | 000,066,872 | ---- | M] () (TuneUp.Defrag) TuneUp Drive Defrag Service [On_Demand | Stopped] -> C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe -> [2010/05/21 21:17:07 | 000,607,048 | ---- | M] (TuneUp Software) (TuneUp.UtilitiesSvc) TuneUp Utilities Service [Auto | Running] -> C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe -> [2010/05/07 18:06:42 | 001,403,208 | ---- | M] (TuneUp Software) (UxTuneUp) TuneUp Extension de thème [Auto | Running] -> C:\Windows\SysWOW64\uxtuneup.dll -> [2010/05/07 18:01:44 | 000,030,024 | ---- | M] (TuneUp Software) (Apple Mobile Device) Apple Mobile Device [Auto | Running] -> C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -> [2010/04/16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) (a2free) a-squared Free Service [Auto | Running] -> C:\Program Files (x86)\a-squared Free\a2service.exe -> [2010/04/15 08:25:20 | 001,872,320 | ---- | M] (Emsi Software GmbH) (afcdpsrv) Acronis Nonstop Backup service [Auto | Running] -> C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -> [2010/03/12 13:43:13 | 002,326,920 | ---- | M] (Acronis) (AcrSch2Svc) Service Scheduler2 Acronis [Auto | Running] -> C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -> [2009/09/12 18:39:04 | 000,892,072 | ---- | M] (Acronis) (MWLService) MyWinLocker Service [On_Demand | Stopped] -> C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -> [2009/09/10 15:42:46 | 000,305,448 | ---- | M] () (Greg_Service) GRegService [Auto | Running] -> C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -> [2009/08/28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) (Nero BackItUp Scheduler 4.0) Nero BackItUp Scheduler 4.0 [On_Demand | Stopped] -> C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -> [2009/08/25 19:38:06 | 000,935,208 | ---- | M] (Nero AG) (NTI IScheduleSvc) NTI IScheduleSvc [Auto | Running] -> C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -> [2009/08/13 00:04:44 | 000,062,208 | ---- | M] (NewTech Infosystems, Inc.) (VSS) Cliché instantané des volumes [On_Demand | Stopped] -> C:\Windows\Vss -> [2009/07/14 05:20:14 | 000,000,000 | ---D | M] (MSDTC) Coordinateur de transactions distribuées [unknown | Stopped] -> C:\Windows\SysWOW64\Msdtc -> [2009/07/14 05:20:14 | 000,000,000 | ---D | M] (HomeGroupProvider) Fournisseur HomeGroup [On_Demand | Running] -> C:\Windows\SysWOW64\provsvc.dll -> [2009/07/14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) (Dhcp) Client DHCP [Auto | Running] -> C:\Windows\SysWOW64\dhcpcore.dll -> [2009/07/14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) (vds) Disque virtuel [On_Demand | Stopped] -> C:\Windows\SysWOW64\wbem\vds.mof -> [2009/07/13 22:30:11 | 000,061,056 | ---- | M] () (clr_optimization_v2.0.50727_64) Microsoft .NET Framework NGEN v2.0.50727_X64 [On_Demand | Stopped] -> C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -> [2009/06/10 22:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation) (IAANTMON) Intel(R) Matrix Storage Event Monitor [Auto | Running] -> C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -> [2009/06/05 04:03:06 | 000,354,840 | ---- | M] (Intel Corporation) (SBSDWSCService) SBSD Security Center Service [Auto | Running] -> C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -> [2009/01/26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) (ServiceLayer) ServiceLayer [On_Demand | Stopped] -> C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -> [2008/04/07 10:17:30 | 000,430,592 | ---- | M] (Nokia.) [Driver Services - Safe List] 64bit-(avgntflt) avgntflt [File_System | Auto | Running] -> C:\Windows\SysNative\drivers\avgntflt.sys -> [2010/06/18 19:52:00 | 000,074,880 | ---- | M] (Avira GmbH) 64bit-(Lbd) Lbd [File_System | Boot | Running] -> C:\Windows\SysNative\drivers\Lbd.sys -> [2010/06/06 10:58:16 | 000,069,152 | ---- | M] (Lavasoft AB) 64bit-(PSI) PSI [File_System | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\psi_mf.sys -> [2010/05/28 13:04:52 | 000,017,456 | ---- | M] (Secunia) 64bit-(afcdp) afcdp [File_System | On_Demand | Running] -> C:\Windows\SysNative\drivers\afcdp.sys -> [2010/03/12 13:43:13 | 000,250,400 | ---- | M] (Acronis) 64bit-(tdrpman251) Acronis Try&Decide and Restore Points filter (build 251) [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\tdrpm251.sys -> [2010/03/12 13:43:11 | 001,455,648 | ---- | M] (Acronis) 64bit-(timounter) Acronis Backup Archive Explorer [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\timntr.sys -> [2010/03/12 13:43:10 | 000,929,312 | ---- | M] (Acronis) 64bit-(snapman) Acronis Snapshots Manager [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\snapman.sys -> [2010/03/12 13:43:06 | 000,254,496 | ---- | M] (Acronis) 64bit-(SASDIFSV) SASDIFSV [Kernel | System | Running] -> C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS -> [2010/02/17 20:23:05 | 000,014,920 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) 64bit-(SASKUTIL) SASKUTIL [Kernel | System | Running] -> C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS -> [2010/02/17 20:23:05 | 000,012,360 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) 64bit-(KSecPkg) KSecPkg [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\ksecpkg.sys -> [2009/12/11 12:29:27 | 000,153,160 | ---- | M] (Microsoft Corporation) 64bit-(fvevol) Pilote de filtre de Chiffrement de lecteur Bitlocker [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\fvevol.sys -> [2009/09/26 08:20:38 | 000,223,448 | ---- | M] (Microsoft Corporation) 64bit-(e1kexpress) Intel(R) PRO/1000 PCI Express Network Connection Driver K [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\e1k62x64.sys -> [2009/09/23 11:11:04 | 000,283,824 | ---- | M] (Intel Corporation) 64bit-(USBAAPL64) Apple Mobile USB Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\usbaapl64.sys -> [2009/08/28 20:42:52 | 000,049,152 | ---- | M] (Apple, Inc.) 64bit-(JRAID) JRAID [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\jraid.sys -> [2009/07/18 07:18:48 | 000,109,480 | ---- | M] (JMicron Technology Corp.) 64bit-(amdsata) amdsata [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsata.sys -> [2009/07/14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) 64bit-(amdxata) amdxata [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\amdxata.sys -> [2009/07/14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) 64bit-(amdsbs) amdsbs [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsbs.sys -> [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) 64bit-(LSI_SAS2) LSI_SAS2 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\lsi_sas2.sys -> [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) 64bit-(hwpolicy) Hardware Policy Driver [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\hwpolicy.sys -> [2009/07/14 03:48:04 | 000,014,416 | ---- | M] (Microsoft Corporation) 64bit-(FsDepends) File System Dependency Minifilter [File_System | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\fsdepends.sys -> [2009/07/14 03:47:49 | 000,055,376 | ---- | M] (Microsoft Corporation) 64bit-(HpSAMD) HpSAMD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\HpSAMD.sys -> [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) 64bit-(WIMMount) WIMMount [File_System | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\wimmount.sys -> [2009/07/14 03:45:56 | 000,022,096 | ---- | M] (Microsoft Corporation) 64bit-(vhdmp) vhdmp [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\vhdmp.sys -> [2009/07/14 03:45:55 | 000,217,680 | ---- | M] (Microsoft Corporation) 64bit-(vdrvroot) Microsoft Virtual Drive Enumerator Driver [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\vdrvroot.sys -> [2009/07/14 03:45:55 | 000,036,432 | ---- | M] (Microsoft Corporation) 64bit-(stexstor) stexstor [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\stexstor.sys -> [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) 64bit-(rdyboost) ReadyBoost [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\rdyboost.sys -> [2009/07/14 03:45:46 | 000,214,096 | ---- | M] (Microsoft Corporation) 64bit-(pcw) Performance Counters for Windows Driver [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\pcw.sys -> [2009/07/14 03:45:45 | 000,050,768 | ---- | M] (Microsoft Corporation) 64bit-(CNG) CNG [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\cng.sys -> [2009/07/14 03:43:14 | 000,460,504 | ---- | M] (Microsoft Corporation) 64bit-(rdpbus) Remote Desktop Device Redirector Bus Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\rdpbus.sys -> [2009/07/14 02:17:46 | 000,024,064 | ---- | M] (Microsoft Corporation) 64bit-(RDPREFMP) Reflector Display Driver used to gain access to graphics data [Kernel | System | Running] -> C:\Windows\SysNative\drivers\RDPREFMP.sys -> [2009/07/14 02:16:35 | 000,008,192 | ---- | M] (Microsoft Corporation) 64bit-(RasAgileVpn) WAN Miniport (IKEv2) [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\agilevpn.sys -> [2009/07/14 02:10:24 | 000,060,416 | ---- | M] (Microsoft Corporation) 64bit-(WfpLwf) WFP Lightweight Filter [Kernel | System | Running] -> C:\Windows\SysNative\drivers\wfplwf.sys -> [2009/07/14 02:09:26 | 000,012,800 | ---- | M] (Microsoft Corporation) 64bit-(NdisCap) NDIS Capture LightWeight Filter [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\ndiscap.sys -> [2009/07/14 02:08:13 | 000,035,328 | ---- | M] (Microsoft Corporation) 64bit-(vwififlt) Virtual WiFi Filter Driver [Kernel | System | Running] -> C:\Windows\SysNative\drivers\vwififlt.sys -> [2009/07/14 02:07:22 | 000,059,904 | ---- | M] (Microsoft Corporation) 64bit-(vwifibus) Pilote de bus WiFi virtuel [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\vwifibus.sys -> [2009/07/14 02:07:21 | 000,024,576 | ---- | M] (Microsoft Corporation) 64bit-(1394ohci) Contrôleur d’hôte compatible OHCI 1394 [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\1394ohci.sys -> [2009/07/14 02:07:13 | 000,227,840 | ---- | M] (Microsoft Corporation) 64bit-(HdAudAddService) Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\HdAudio.sys -> [2009/07/14 02:07:00 | 000,350,208 | ---- | M] (Microsoft Corporation) 64bit-(BTHPORT) Pilote de port Bluetooth [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\bthport.sys -> [2009/07/14 02:06:57 | 000,551,936 | ---- | M] (Microsoft Corporation) 64bit-(BTHUSB) Pilote USB radio Bluetooth [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\BTHUSB.SYS -> [2009/07/14 02:06:52 | 000,079,360 | ---- | M] (Microsoft Corporation) 64bit-(UmPass) Microsoft UMPass Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\umpass.sys -> [2009/07/14 02:06:52 | 000,009,728 | ---- | M] (Microsoft Corporation) 64bit-(mshidkmdf) Pass-through HID to KMDF Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\mshidkmdf.sys -> [2009/07/14 02:06:24 | 000,008,192 | ---- | M] (Microsoft Corporation) 64bit-(WudfPf) User Mode Driver Frameworks Platform Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\WUDFPf.sys -> [2009/07/14 02:05:37 | 000,112,128 | ---- | M] (Microsoft Corporation) 64bit-(MTConfig) Microsoft Input Configuration Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\MTConfig.sys -> [2009/07/14 02:02:08 | 000,015,360 | ---- | M] (Microsoft Corporation) 64bit-(CompositeBus) Composite Bus Enumerator Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\CompositeBus.sys -> [2009/07/14 02:00:34 | 000,038,912 | ---- | M] (Microsoft Corporation) 64bit-(Beep) Beep [Kernel | System | Running] -> C:\Windows\SysNative\drivers\beep.sys -> [2009/07/14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) 64bit-(AppID) Pilote AppID [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\appid.sys -> [2009/07/14 01:52:39 | 000,061,440 | ---- | M] (Microsoft Corporation) 64bit-(scfilter) Pilote de filtre de classe PnP de carte à puce [Kernel | Unknown | Stopped] -> C:\Windows\SysNative\drivers\scfilter.sys -> [2009/07/14 01:50:17 | 000,029,696 | ---- | M] (Microsoft Corporation) 64bit-(discache) System Attribute Cache [Kernel | System | Running] -> C:\Windows\SysNative\drivers\discache.sys -> [2009/07/14 01:37:18 | 000,040,448 | ---- | M] (Microsoft Corporation) 64bit-(HidBatt) HID UPS Battery Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\hidbatt.sys -> [2009/07/14 01:31:06 | 000,026,624 | ---- | M] (Microsoft Corporation) 64bit-(CmBatt) Microsoft ACPI Control Method Battery Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\CmBatt.sys -> [2009/07/14 01:31:03 | 000,017,664 | ---- | M] (Microsoft Corporation) 64bit-(AcpiPmi) ACPI Power Meter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\acpipmi.sys -> [2009/07/14 01:27:17 | 000,012,288 | ---- | M] (Microsoft Corporation) 64bit-(AmdPPM) AMD Processor Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdppm.sys -> [2009/07/14 01:19:25 | 000,060,928 | ---- | M] (Microsoft Corporation) 64bit-(atikmdag) atikmdag [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\atikmdag.sys -> [2009/07/13 23:59:33 | 005,020,672 | ---- | M] (ATI Technologies Inc.) 64bit-(NVHDA) Service for NVIDIA High Definition Audio Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\nvhda64v.sys -> [2009/06/26 09:55:10 | 000,083,488 | ---- | M] (NVIDIA Corporation) 64bit-(netr28x) Ralink 802.11n Extensible Wireless Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\netr28x.sys -> [2009/06/20 00:56:08 | 000,712,704 | ---- | M] (Ralink Technology, Corp.) 64bit-(ebdrv) Broadcom NetXtreme II 10 GigE VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\evbda.sys -> [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) 64bit-(b06bdrv) Broadcom NetXtreme II VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\bxvbda.sys -> [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) 64bit-(b57nd60a) Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\b57nd60a.sys -> [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) 64bit-(hcw85cir) Hauppauge Consumer Infrared Receiver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\hcw85cir.sys -> [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) 64bit-(iaStor) Intel RAID Controller [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\iaStor.sys -> [2009/06/05 03:54:36 | 000,408,600 | ---- | M] (Intel Corporation) 64bit-(mwlPSDVDisk) mwlPSDVDisk [Kernel | System | Running] -> C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -> [2009/06/02 13:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) 64bit-(mwlPSDFilter) mwlPSDFilter [File_System | System | Running] -> C:\Windows\SysNative\drivers\mwlPSDFilter.sys -> [2009/06/02 13:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) 64bit-(mwlPSDNServ) mwlPSDNServ [Kernel | System | Running] -> C:\Windows\SysNative\drivers\mwlPSDNserv.sys -> [2009/06/02 13:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) 64bit-(GEARAspiWDM) GEAR ASPI Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\GEARAspiWDM.sys -> [2009/05/18 15:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) 64bit-(NTIDrvr) NTIDrvr [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\NTIDrvr.sys -> [2009/05/06 01:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) 64bit-(UBHelper) UBHelper [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\UBHelper.sys -> [2009/05/06 01:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) 64bit-(SCDEmu) SCDEmu [Kernel | System | Running] -> C:\Windows\SysNative\drivers\scdemu.sys -> [2009/03/15 12:32:56 | 000,085,424 | ---- | M] (PowerISO Computing, Inc.) 64bit-(sscdmdm) SAMSUNG Mobile Modem Drivers [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\sscdmdm.sys -> [2008/02/22 16:33:00 | 000,151,040 | ---- | M] (MCCI Corporation) 64bit-(sscdbus) SAMSUNG USB Composite Device driver (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\sscdbus.sys -> [2008/02/22 16:32:58 | 000,113,664 | ---- | M] (MCCI Corporation) 64bit-(sscdmdfl) SAMSUNG Mobile Modem Filter [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\sscdmdfl.sys -> [2008/02/22 16:32:58 | 000,018,944 | ---- | M] (MCCI Corporation) 64bit-(pccsmcfd) PCCS Mode Change Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\pccsmcfdx64.sys -> [2007/09/17 16:53:34 | 000,029,184 | ---- | M] (Nokia) (TuneUpUtilitiesDrv) TuneUpUtilitiesDrv [Kernel | On_Demand | Running] -> C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys -> [2009/10/14 07:24:44 | 000,011,856 | ---- | M] (TuneUp Software) (WIMMount) WIMMount [File_System | On_Demand | Stopped] -> C:\Windows\SysWOW64\drivers\wimmount.sys -> [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) (NetBIOS) NetBIOS Interface [File_System | System | Running] -> C:\Windows\SysWOW64\netbios.dll -> [2009/07/14 03:16:02 | 000,014,336 | ---- | M] (Microsoft Corporation) (mpsdrv) Pilote d’autorisation du Pare-feu Windows [Kernel | On_Demand | Running] -> C:\Windows\SysWOW64\wbem\mpsdrv.mof -> [2009/06/10 23:28:14 | 000,001,088 | ---- | M] () (Tcpip) Pilote du protocole TCP/IP [Kernel | System | Running] -> C:\Windows\SysWOW64\wbem\tcpip.mof -> [2009/06/10 23:15:18 | 000,003,066 | ---- | M] () (mwlPSDVDisk) mwlPSDVDisk [Kernel | System | Running] -> C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\mwlPSDVdisk.sys -> [2009/06/02 13:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) (mwlPSDFilter) mwlPSDFilter [File_System | System | Running] -> C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\mwlPSDFilter.sys -> [2009/06/02 13:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) (mwlPSDNServ) mwlPSDNServ [Kernel | System | Running] -> C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\mwlPSDNServ.sys -> [2009/06/02 13:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) (TFsExDisk) TFsExDisk [File_System | On_Demand | Stopped] -> C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -> [2009/04/07 10:39:44 | 000,016,392 | ---- | M] (Teruten Inc) (pfc) Padus ASPI Shell [Kernel | On_Demand | Stopped] -> C:\Windows\SysWOW64\drivers\pfc.sys -> [2003/09/19 16:45:48 | 000,021,248 | ---- | M] (Padus, Inc.) [Registry - Safe List] < 64bit-Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> [url=http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_m5810&r=17360210cn06973d58k95qg9m3y349]http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_m5810&r=17360210cn06973d58k95qg9m3y349[/url] -> HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> [url=http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_m5810&r=17360210cn06973d58k95qg9m3y349]http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_m5810&r=17360210cn06973d58k95qg9m3y349[/url] -> < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> C:\Windows\SysWOW64\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> [url=http://fr.msn.com/]MSN : Hotmail, Messenger, Bing, Actualité et Sport[/url] -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\] > -> -> HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\: Main\\"Start Page" -> [url=http://www.google.fr/]Google[/url] -> HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\: SearchURL\\"" -> -> HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\: "ProxyEnable" -> 0 -> HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\: "ProxyOverride" -> *.local -> < FireFox Settings [Prefs.js] > -> C:\Users\patrick\AppData\Roaming\Mozilla\FireFox\Profiles\pdf97g7x.default\prefs.js -> browser.search.useDBForOrder -> true -> browser.startup.homepage -> "http://www.google.fr" -> extensions.enabledItems -> {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 -> extensions.enabledItems -> {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2 -> extensions.enabledItems -> DTToolbar@toolbarnet.com:1.1.2.0185 -> < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions -> -> HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components -> C:\Program Files (x86)\Mozilla Firefox\components [C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\COMPONENTS] -> [2010/06/07 19:17:04 | 000,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins -> C:\Program Files (x86)\Mozilla Firefox\plugins [C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\PLUGINS] -> [2010/06/07 19:17:03 | 000,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions -> -> HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Components -> C:\Program Files (x86)\Mozilla Thunderbird\components [C:\PROGRAM FILES (X86)\MOZILLA THUNDERBIRD\COMPONENTS] -> [2010/06/05 13:09:10 | 000,000,000 | ---D | M] < FireFox Extensions [user Folders] > -> -> C:\Users\patrick\AppData\Roaming\mozilla\Extensions -> [2010/06/07 19:17:20 | 000,000,000 | ---D | M] No name found -> C:\Users\patrick\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} -> [2010/02/28 22:05:35 | 000,000,000 | ---D | M] -> C:\Users\patrick\AppData\Roaming\mozilla\Firefox\Profiles\6yt1wco1.default\extensions -> [2010/06/05 08:50:32 | 000,000,000 | ---D | M] -> C:\Users\patrick\AppData\Roaming\mozilla\Firefox\Profiles\pdf97g7x.default\extensions -> [2010/06/16 21:18:44 | 000,000,000 | ---D | M] Adblock Plus -> C:\Users\patrick\AppData\Roaming\mozilla\Firefox\Profiles\pdf97g7x.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} -> [2010/06/07 19:21:20 | 000,000,000 | ---D | M] -> C:\Users\patrick\AppData\Roaming\mozilla\Firefox\Profiles\pdf97g7x.default\extensions\DTToolbar@toolbarnet.com -> [2010/06/16 13:05:53 | 000,000,000 | ---D | M] < FireFox SearchPlugins [user Folders] > -> < FireFox Extensions [Program Folders] > -> -> C:\Program Files (x86)\Mozilla Firefox\extensions -> [2010/06/07 19:17:03 | 000,000,000 | ---D | M] Java Console -> C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} -> [2010/06/05 12:05:41 | 000,000,000 | ---D | M] < HOSTS File > ([2010/06/05 18:12:02 | 000,000,000 | ---- | M] - 0 lines) -> C:\Windows\SysNative\Drivers\etc\hosts -> Reset Hosts < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [spybot-S&D IE Protection] -> [2009/01/26 16:31:02 | 001,879,896 | ---- | M] (Safer Networking Limited) {9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll [Programme d'aide de l'Assistant de connexion Windows Live] -> [2009/01/22 16:41:30 | 000,408,448 | ---- | M] (Microsoft Corporation) < 64bit-Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> "Locked" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> "Locked" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < Internet Explorer ToolBars [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < Internet Explorer ToolBars [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\] > -> HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\"{30CEEEA2-3742-40E4-85DD-812BF1CBB83D}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < 64bit-Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "EPSON Stylus Photo RX520 Series" -> C:\Windows\SysNative\spool\DRIVERS\x64\3\E_FATIAGE.EXE [C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIAGE.EXE /F "C:\Windows\TEMP\E_S5CC3.tmp" /EF "HKLM"] -> [2005/04/07 05:00:00 | 000,098,304 | ---- | M] (SEIKO EPSON CORPORATION) "IAAnotif" -> C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe [C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe] -> [2009/06/05 04:03:32 | 000,186,904 | ---- | M] (Intel Corporation) "mwlDaemon" -> C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe] -> [2009/09/10 15:42:30 | 000,349,480 | ---- | M] (Egis Technology Inc.) "RtHDVCpl" -> C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe] -> [2009/06/16 12:35:18 | 007,883,296 | ---- | M] (Realtek Semiconductor) "Service Scheduler2 Acronis" -> C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe ["C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"] -> [2009/09/12 18:38:50 | 000,358,024 | ---- | M] (Acronis) "Skytel" -> C:\Program Files\Realtek\Audio\HDA\Skytel.exe [C:\Program Files\Realtek\Audio\HDA\Skytel.exe] -> [2009/06/16 12:36:10 | 001,833,504 | ---- | M] (Realtek Semiconductor Corp.) < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "avgnt" -> C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe ["C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min] -> [2009/03/02 13:08:11 | 000,209,153 | ---- | M] (Avira GmbH) "BackupManagerTray" -> C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe ["C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k] -> [2009/08/12 23:58:28 | 000,261,888 | ---- | M] (NewTech Infosystems, Inc.) "EgisTecLiveUpdate" -> C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe ["C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"] -> [2009/08/04 07:09:34 | 000,199,464 | ---- | M] (Egis Technology Inc.) "Hotkey Utility" -> C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe] -> [2009/08/18 09:27:26 | 000,629,280 | ---- | M] () "JMB36X IDE Setup" -> C:\Windows\RaidTool\xInsIDE.exe [C:\Windows\RaidTool\xInsIDE.exe] -> [2007/03/20 08:36:18 | 000,036,864 | ---- | M] () "TrueImageMonitor.exe" -> C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe] -> [2009/09/12 18:38:16 | 005,081,912 | ---- | M] (Acronis) < Run [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Sidebar" -> C:\Program Files (x86)\Windows Sidebar\Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun] -> [2009/07/14 03:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation) < RunOnce [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce -> "mctadmin" -> C:\Windows\SysWow64\mctadmin.exe [C:\Windows\System32\mctadmin.exe] -> File not found < Run [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Sidebar" -> C:\Program Files (x86)\Windows Sidebar\Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun] -> [2009/07/14 03:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation) < RunOnce [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce -> "mctadmin" -> C:\Windows\SysWow64\mctadmin.exe [C:\Windows\System32\mctadmin.exe] -> File not found < Run [HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\] > -> HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "SUPERAntiSpyware" -> C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe] -> [2010/05/18 19:26:13 | 002,942,976 | ---- | M] (SUPERAntiSpyware.com) < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoActiveDesktop" -> [1] -> File not found \\"NoActiveDesktopChanges" -> [1] -> File not found < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"ConsentPromptBehaviorAdmin" -> [5] -> File not found \\"ConsentPromptBehaviorUser" -> [3] -> File not found HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats < Internet Explorer Menu Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\MenuExt\ -> Google Sidewiki... -> C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll [res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html] -> File not found < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\MenuExt\ -> Google Sidewiki... -> C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll [res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html] -> File not found < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\] > -> HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\Software\Microsoft\Internet Explorer\MenuExt\ -> Google Sidewiki... -> C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll [res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html] -> File not found < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {219C3416-8CB2-491a-A3C7-D9FCDDC9D600}:{5F7B1267-94A9-47F5-98DB-E99415F33AEC} [HKLM] -> C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll [button: Ajout Direct] -> [2009/07/26 21:17:14 | 000,186,192 | ---- | M] (Microsoft Corporation) {219C3416-8CB2-491a-A3C7-D9FCDDC9D600}:{5F7B1267-94A9-47F5-98DB-E99415F33AEC} [HKLM] -> C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll [Menu: &Ajout Direct dans Windows Live Writer] -> [2009/07/26 21:17:14 | 000,186,192 | ---- | M] (Microsoft Corporation) {2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll [button: Send to OneNote] -> [2009/02/26 19:45:52 | 000,603,040 | ---- | M] (Microsoft Corporation) {2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll [Menu: S&end to OneNote] -> [2009/02/26 19:45:52 | 000,603,040 | ---- | M] (Microsoft Corporation) {DFB852A3-47F8-48C4-A200-58CAB36FD2A2}:{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [Menu: Spybot - Search & Destroy Configuration] -> [2009/01/26 16:31:02 | 001,879,896 | ---- | M] (Safer Networking Limited) < 64bit-Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> [url=http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s]ActiveX Controls Gallery[/url] -> < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> < 64bit-Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < 64bit-Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < 64bit-Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\] > -> HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 6869 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\] > -> HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> [url=http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab]http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab[/url] [Java Plug-in 1.6.0_20] -> {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [HKLM] -> [url=http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab]http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab[/url] [Java Plug-in 1.6.0_20] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> [url=http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab]http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab[/url] [Java Plug-in 1.6.0_20] -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> DhcpNameServer -> 192.168.1.1 -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {2FB1AC85-CD02-47E7-B89F-8C6DCDDF1F82}\\DhcpNameServer -> 192.168.1.1 (802.11n Wireless PCI Express Card LAN Adapter) -> {2FB1AC85-CD02-47E7-B89F-8C6DCDDF1F82}\\NameServer -> 91.188.60.223,8.8.8.8 (802.11n Wireless PCI Express Card LAN Adapter) -> {9709A052-9166-4307-8A65-8207AB2E70D9}\\DhcpNameServer -> 192.168.1.1 (Intel(R) 82578DC Gigabit Network Connection) -> {9709A052-9166-4307-8A65-8207AB2E70D9}\\NameServer -> 91.188.60.223,8.8.8.8 (Intel(R) 82578DC Gigabit Network Connection) -> < 64bit-Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 64bit-*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> explorer.exe -> C:\Windows\explorer.exe -> [2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> 64bit-*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> SystemPropertiesPerformance.exe -> C:\Windows\SysNative\SystemPropertiesPerformance.exe -> [2009/07/14 03:39:47 | 000,082,432 | ---- | M] (Microsoft Corporation) /pagefile -> -> File not found *MultiFile Done* -> -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> Explorer.exe -> C:\Windows\SysWow64\explorer.exe -> [2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> *VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> SystemPropertiesPerformance.exe -> C:\Windows\SysWow64\SystemPropertiesPerformance.exe -> [2009/07/14 03:14:42 | 000,081,920 | ---- | M] (Microsoft Corporation) /pagefile -> -> File not found *MultiFile Done* -> -> < 64bit-SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad -> "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found < SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad -> "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found < LSA Security Packages [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> 64bit-*LSA Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> pku2u -> C:\Windows\SysNative\pku2u.dll -> [2009/07/14 03:41:53 | 000,240,640 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> *LSA Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> pku2u -> C:\Windows\SysWow64\pku2u.dll -> [2009/07/14 03:16:12 | 000,186,880 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < Vista Active Firewall Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules -> {18359AD2-0B8C-45B0-BF5A-58F495C5B57A} -> lport=2869 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31277 | app=system | {25A43EA7-8C67-4982-8290-D91E8CE5C289} -> lport=1900 | protocol=17 | dir=in | action=allow | name=windows live messenger (ssdp-in) | app=svchost.exe | svc=ssdpsrv | {276068E7-AF64-462C-B6CB-227AC6C1C0D0} -> lport=2177 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31253 | app=%systemroot%\system32\svchost.exe | svc=qwave | {32974EC3-146A-4F04-A938-CE3B0790457A} -> lport=2869 | protocol=6 | dir=in | action=allow | name=windows live messenger (upnp-in) | app=system | {3EE9B627-BF93-48F3-944D-570354785806} -> rport=137 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28523 | app=system | {3F65A13C-9399-4318-9B08-CE77713E23AB} -> rport=445 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28515 | app=system | {6B0987B7-29F4-4442-A9A2-FAD44BF42258} -> lport=5355 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28548 | app=%systemroot%\system32\svchost.exe | svc=dnscache | {86D471BF-89D7-4CD9-96B6-3C2BA6CAA13A} -> rport=2177 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31257 | app=%systemroot%\system32\svchost.exe | svc=qwave | {8D7D87A9-05B8-49FF-8D94-CD90BB8DEAC4} -> lport=2177 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31261 | app=%systemroot%\system32\svchost.exe | svc=qwave | {93CAEE23-0757-4165-B52B-40C2A7DD20A8} -> lport=rpc-epmap | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28539 | svc=rpcss | {9928FB15-C12E-4038-9DB5-68D5313041C1} -> rport=1900 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31273 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv | {A1718E83-7D1E-4D8F-9CF0-7517FD1A331E} -> lport=138 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28527 | app=system | {AE01AB13-07CD-4497-8F5F-44561C3D4B62} -> rport=2177 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31265 | app=%systemroot%\system32\svchost.exe | svc=qwave | {B3F76739-60DF-4506-B607-762192F586DA} -> lport=139 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28503 | app=system | {D3449C76-F140-4FE1-92BC-74CDEC533C42} -> rport=138 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28531 | app=system | {D412E4EA-ECA5-476A-B99B-191C3877A8FA} -> lport=445 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28511 | app=system | {D5ACACB0-5034-46B6-BEAF-E3BF8AC4DD71} -> lport=137 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28519 | app=system | {D7A73857-663B-48E4-8EEE-0BF787DAD2C3} -> rport=10243 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31289 | app=system | {DF366AB8-9470-421C-92A9-BA7A85A1077E} -> lport=rpc | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28535 | app=%systemroot%\system32\spoolsv.exe | svc=spooler | {DFA3DB4E-A747-46A4-BBB7-4BB72496F836} -> rport=5355 | profile=public | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28550 | app=%systemroot%\system32\svchost.exe | svc=dnscache | {EB3E1131-E07C-4B6F-BC15-E59222C8C897} -> lport=10243 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31285 | app=system | {EBFAB743-D153-4B05-8352-221F0BEE53F5} -> lport=5355 | profile=public | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28548 | app=%systemroot%\system32\svchost.exe | svc=dnscache | {FBE41EA0-655D-4F51-B369-FCE7000CB56D} -> rport=5355 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28550 | app=%systemroot%\system32\svchost.exe | svc=dnscache | {FC893513-6025-466C-97B4-4A03A1725585} -> lport=1900 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31269 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv | {FF1DA44D-5488-46ED-AC67-A485D4B9BF85} -> rport=139 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28507 | app=system | < Vista Active Application Exception Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules -> {0958D5CF-7303-4555-9E81-9273E3BD2A56} -> profile=private | protocol=6 | dir=in | action=allow | name=orb stream client | app=c:\program files (x86)\orb networks\orb\bin\orbstreamerclient.exe | {0A4DE9FE-A173-4AE6-AC5A-B1C5D2F13B36} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31301 | app=%programfiles%\windows media player\wmplayer.exe | {17023B65-32FA-4962-BB0F-27A92AC5B459} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31007 | app=%programfiles%\windows media player\wmplayer.exe | {19ED6D48-8F30-4DAE-862B-FBFA30BA6345} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31023 | app=%programfiles(x86)%\windows media player\wmplayer.exe | {1C110EE1-B234-4A80-A111-57945728FACC} -> profile=private | protocol=6 | dir=in | action=allow | name=pnkbstrb | app=c:\windows\syswow64\pnkbstrb.exe | {1DFBC5D5-3D73-44CE-899B-65A45D93B195} -> profile=private | protocol=6 | dir=in | action=allow | name=itunes | app=c:\program files (x86)\itunes\itunes.exe | {1FC3D48B-4DFE-4C23-A950-8FC214DBB6D3} -> dir=in | action=allow | name=windows live messenger | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | {21698BF3-CD67-4FEE-94D8-2FB3A726EA66} -> profile=private | protocol=17 | dir=in | action=allow | name=ktf music aod server | app=c:\program files (x86)\samsung\samsung new pc studio\npsasvr.exe | {26688A3E-08A9-4DE7-ADDD-E1C31A3E27E4} -> profile=public | protocol=6 | dir=in | action=allow | name=rlvknlg.exe | app=c:\program files (x86)\relevantknowledge\rlvknlg.exe | {2D201402-82B1-4DA4-8492-C7E7A90D1094} -> dir=in | action=allow | name=acer play movie | app=c:\program files (x86)\acer arcade deluxe\playmovie\playmovie.exe | {306CA939-DE51-4A77-B32E-DD88A6B40ADC} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31297 | app=%programfiles%\windows media player\wmplayer.exe | {38725F7D-728D-4223-AD7A-BE447D71551E} -> dir=in | action=allow | name=acer homemedia | app=c:\program files (x86)\acer arcade deluxe\homemedia\homemedia.exe | {390EF0C4-02FB-4DE3-9EF9-46882873FC39} -> profile=private | protocol=17 | dir=in | action=allow | name=orbtvguide | app=c:\program files (x86)\orb networks\orb\bin\xmltv.exe | {3ABCB612-6512-453B-ADC6-A17A9BFE7F3E} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31293 | app=%programfiles%\windows media player\wmplayer.exe | {3D29D795-E30C-4D82-8875-72E47D3185D2} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31011 | app=%programfiles%\windows media player\wmplayer.exe | {426BDD87-DCF5-49D0-B0DB-46B91F58F579} -> profile=public | protocol=6 | dir=in | action=allow | name=microsoft office onenote | app=c:\program files (x86)\microsoft office\office12\onenote.exe | {43BC474D-C0BA-403D-9486-08B2C0228DE5} -> profile=private | protocol=6 | dir=in | action=allow | name=ktf music vod server | app=c:\program files (x86)\samsung\samsung new pc studio\npsvsvr.exe | {47B1E935-11DF-43F3-9406-543AEEB327A1} -> profile=private | protocol=6 | dir=in | action=allow | name=orbchannelscan | app=c:\program files (x86)\orb networks\orb\bin\orbchannelscan.exe | {4A335D86-959A-4E74-A87D-D3BF344B143D} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31025 | app=%programfiles(x86)%\windows media player\wmplayer.exe | {4C754EA4-D340-4D5B-B575-700F49F0B8BB} -> profile=private | protocol=1 | dir=in | action=allow | name=@firewallapi.dll,-28543 | {4CBF61BE-2976-4A74-9D3C-CB31C0C2EF3D} -> profile=private | protocol=17 | dir=in | action=allow | name=itunes | app=c:\program files (x86)\itunes\itunes.exe | {5026C635-B4A7-4630-954F-86AC09E2296F} -> profile=private | protocol=1 | dir=out | action=allow | name=@firewallapi.dll,-28544 | {528CCDC5-DE46-41FD-941C-04CCD5779496} -> profile=public | protocol=6 | dir=in | action=allow | name=s.t.a.l.k.e.r. - shadow of chernobyl (srv) | app=c:\program files (x86)\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\dedicated\xr_3da.exe | {5D603792-C6A7-4696-B8DE-259532379B0D} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31317 | app=%programfiles%\windows media player\wmpnetwk.exe | {5DD8EA31-06F8-40D7-AB46-3069FA3D5044} -> profile=private | protocol=17 | dir=in | action=allow | name=orbchannelscan | app=c:\program files (x86)\orb networks\orb\bin\orbchannelscan.exe | {659ED95C-F968-47CC-9F25-0E4D7624F7FF} -> profile=private | protocol=6 | dir=in | action=allow | name=service bonjour | app=c:\program files (x86)\bonjour\mdnsresponder.exe | {65D749D0-61B9-452D-B7BB-045D7ED13216} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31281 | app=system | {72C64D90-BA69-445E-9131-D121B18E4A77} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31321 | app=%systemroot%\system32\svchost.exe | svc=upnphost | {7E80573C-D38B-4AC1-BB0A-3EE5294FD622} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31024 | app=%programfiles(x86)%\windows media player\wmplayer.exe | {7F62B163-BB85-4124-8640-2D7FCBBAA254} -> profile=private | protocol=17 | dir=in | action=allow | name=ktf music vod server | app=c:\program files (x86)\samsung\samsung new pc studio\npsvsvr.exe | {870BEDC2-8875-4C31-8C9B-5461FE1C1B89} -> profile=private | protocol=6 | dir=in | action=allow | name=ktf music aod server | app=c:\program files (x86)\samsung\samsung new pc studio\npsasvr.exe | {8C1FA035-EA2C-4223-9396-A4B7107E662A} -> profile=private | protocol=6 | dir=in | action=allow | name=orbtvguide | app=c:\program files (x86)\orb networks\orb\bin\xmltv.exe | {9120C20C-2293-4094-B8DD-C6B1020ED8B8} -> profile=private | protocol=6 | dir=in | action=allow | name=orbir | app=c:\program files (x86)\orb networks\orb\bin\orbir.exe | {9166E47C-143A-4454-BF0C-0A3A53400528} -> profile=private | protocol=6 | dir=in | action=allow | name=orbtray | app=c:\program files (x86)\orb networks\orb\bin\orbtray.exe | {926A882C-701D-4941-83F1-06AB71B18B41} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31305 | app=%programfiles%\windows media player\wmpnetwk.exe | {967D5165-8E8E-4F8C-A6D3-ADE776A58F0B} -> dir=in | action=allow | name=windows live foldershare | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | {9BD2C2C2-B45E-431E-AAAB-FBAFF7C8DE16} -> profile=public | protocol=6 | dir=in | action=allow | name=s.t.a.l.k.e.r. - shadow of chernobyl (cli) | app=c:\program files (x86)\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe | {9CF45DEC-6568-4816-8975-6D9B1739AA3E} -> dir=in | action=allow | name=windows live call | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe | {A63A7C47-4FD4-4818-AA7F-9FFB075060EF} -> profile=private | protocol=17 | dir=in | action=allow | name=orb stream client | app=c:\program files (x86)\orb networks\orb\bin\orbstreamerclient.exe | {A73423F9-1229-4E87-AE16-8F21531F06FD} -> profile=domain | dir=in | action=allow | name=mcafee network agent | app=c:\program files (x86)\common files\mcafee\mna\mcnasvc.exe | {ADFF8052-23FB-4197-8613-DF526DE74E4A} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31309 | app=%programfiles%\windows media player\wmpnetwk.exe | {B028B1EE-95DB-48D5-8684-2A40F4221B9D} -> profile=private | protocol=6 | dir=in | action=allow | name=orb | app=c:\program files (x86)\orb networks\orb\bin\orb.exe | {B16568BD-7C81-4CF8-98E4-A0B9618CC4D4} -> dir=in | action=allow | name=acer play movie resident program | app=c:\program files (x86)\acer arcade deluxe\playmovie\pmvservice.exe | {B67EA0F3-7CFB-4DC6-A467-2A7BB78FB282} -> profile=private | protocol=58 | dir=out | action=allow | name=@firewallapi.dll,-28546 | {B6BC20F5-7B99-415F-82E9-8CEA1290BD06} -> profile=private | protocol=58 | dir=in | action=allow | name=@firewallapi.dll,-28545 | {B8652142-F31D-4700-BFB5-EB23423A38D9} -> profile=private | protocol=17 | dir=in | action=allow | name=pnkbstrb | app=c:\windows\syswow64\pnkbstrb.exe | {BDE2806D-EAF6-44D3-898A-072E553C72A8} -> profile=private | protocol=17 | dir=in | action=allow | name=pnkbstra | app=c:\windows\syswow64\pnkbstra.exe | {C0B26F4E-9A20-4F22-A340-5CCEAD792365} -> profile=public | protocol=17 | dir=in | action=allow | name=microsoft office onenote | app=c:\program files (x86)\microsoft office\office12\onenote.exe | {C0BA3DB3-B627-48EA-AF5F-45E2575DDEE9} -> profile=public | protocol=17 | dir=in | action=allow | name=rlvknlg.exe | app=c:\program files (x86)\relevantknowledge\rlvknlg.exe | {C540243C-FAD5-4D2D-A40D-4C70077DD75E} -> profile=private | protocol=6 | dir=in | action=allow | name=pnkbstra | app=c:\windows\syswow64\pnkbstra.exe | {C94E2486-A642-44DC-BEB9-CDFFD722C4E1} -> profile=private | protocol=17 | dir=in | action=allow | name=orbir | app=c:\program files (x86)\orb networks\orb\bin\orbir.exe | {CEC0C5F2-D26E-4044-95ED-1745C7EB7771} -> dir=in | action=allow | name=acer arcade deluxe | app=c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe | {D03F093B-7C92-4BAE-ADE0-5B32C78667B7} -> profile=private | protocol=17 | dir=in | action=allow | name=service bonjour | app=c:\program files (x86)\bonjour\mdnsresponder.exe | {DD010D42-2B61-4C48-B2BB-8FCAB0B47687} -> profile=public | protocol=17 | dir=in | action=allow | name=s.t.a.l.k.e.r. - shadow of chernobyl (srv) | app=c:\program files (x86)\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\dedicated\xr_3da.exe | {DFEE985C-AEE8-419F-BA7E-6DDFC5BE56A1} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31003 | app=%programfiles%\windows media player\wmplayer.exe | {E28C44D2-3E41-461D-BB43-D048F8C812FB} -> profile=public | protocol=17 | dir=in | action=allow | name=s.t.a.l.k.e.r. - shadow of chernobyl (cli) | app=c:\program files (x86)\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe | {E3E5985E-3339-4F41-AAC9-F9504600208D} -> profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31313 | app=%programfiles%\windows media player\wmpnetwk.exe | {F7A5B25A-788B-4A13-9D03-8B614F6F9254} -> profile=private | protocol=17 | dir=in | action=allow | name=orb | app=c:\program files (x86)\orb networks\orb\bin\orb.exe | {FF6C1EAD-5A95-45B5-BBC2-3CC966150B8B} -> profile=private | protocol=17 | dir=in | action=allow | name=orbtray | app=c:\program files (x86)\orb networks\orb\bin\orbtray.exe | TCP Query User{2E246960-EC91-4EF0-B5F5-522DCCE5717D}C:\program files (x86)\java\jre6\bin\javaw.exe -> profile=private | protocol=6 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files (x86)\java\jre6\bin\javaw.exe | TCP Query User{3E8A96FC-444F-4395-A438-B327D8EC586C}C:\program files (x86)\orb networks\orb\bin\orbtray.exe -> profile=public | protocol=6 | dir=in | action=block | name=orb | app=c:\program files (x86)\orb networks\orb\bin\orbtray.exe | TCP Query User{626C76D4-6EC3-4E24-819E-3D0DB8EB08BF}C:\program files (x86)\gigatribe\gigatribe.exe -> profile=private | protocol=6 | dir=in | action=allow | name=gigatribe | app=c:\program files (x86)\gigatribe\gigatribe.exe | TCP Query User{BB0C1DA5-EC6E-4DD7-8A80-F94CEA18469A}C:\program files (x86)\orb networks\orb\bin\orb.exe -> profile=public | protocol=6 | dir=in | action=block | name=orb application | app=c:\program files (x86)\orb networks\orb\bin\orb.exe | UDP Query User{0CBADD32-1BED-4121-B54B-4B44A6CC9F95}C:\program files (x86)\gigatribe\gigatribe.exe -> profile=private | protocol=17 | dir=in | action=allow | name=gigatribe | app=c:\program files (x86)\gigatribe\gigatribe.exe | UDP Query User{43318E42-CFC7-4672-87B8-085E8CD9780A}C:\program files (x86)\java\jre6\bin\javaw.exe -> profile=private | protocol=17 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files (x86)\java\jre6\bin\javaw.exe | UDP Query User{BBC1B8F1-87D3-4538-A624-97D2753BAF22}C:\program files (x86)\orb networks\orb\bin\orb.exe -> profile=public | protocol=17 | dir=in | action=block | name=orb application | app=c:\program files (x86)\orb networks\orb\bin\orb.exe | UDP Query User{E6D73433-E7C9-4148-8530-81D2DE1BF279}C:\program files (x86)\orb networks\orb\bin\orbtray.exe -> profile=public | protocol=17 | dir=in | action=block | name=orb | app=c:\program files (x86)\orb networks\orb\bin\orbtray.exe | < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> Pilote de CD-ROM -> "ImagePath" -> C:\Windows\SysNative\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2009/07/14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command -> 64bit-comfile [open] -> "%1" %* -> File not found 64bit-exefile [open] -> "%1" %* -> File not found comfile [open] -> "%1" %* -> exefile [open] -> "%1" %* -> < 64bit-File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ -> .com [@ = comfile] -> "%1" %* -> .exe [@ = exefile] -> "%1" %* -> < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ -> .com [@ = comfile] -> "%1" %* -> .exe [@ = exefile] -> "%1" %* -> [Registry - Additional Scans - Safe List] < 64bit-ActiveX StubPath [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\ -> {22d6f312-b0f6-11d0-94ab-0080c74c7e95} [HKLM] -> C:\Windows\SysNative\wmpdxm.dll [(default): Microsoft Windows Media Player 12.0; IsInstalled: 1] -> [2009/07/14 03:41:57 | 000,358,400 | ---- | M] (Microsoft Corporation) {2C7339CF-2B09-4501-B3F3-F3508C9228ED} [stubPath] -> %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [(default): Themes Setup; IsInstalled: 1] -> {3af36230-a269-11d1-b5bf-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Offline Browsing Pack; IsInstalled: 1] -> File not found {44BBA840-CC51-11CF-AAFA-00AA00B6015C} [stubPath] -> "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE [(default): Microsoft Windows; IsInstalled: 1] -> {44BBA855-CC51-11CF-AAFA-00AA00B6015F} [HKLM] -> Reg Error: Key error. [(default): DirectDrawEx; IsInstalled: 1] -> File not found {45ea75a0-a269-11d1-b5bf-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Help; IsInstalled: 1] -> File not found {4f645220-306d-11d2-995d-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): Microsoft Windows Script 5.6; IsInstalled: 1] -> File not found {5fd399c0-a70a-11d1-9948-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Setup Tools; IsInstalled: 1] -> File not found {630b1da0-b465-11d1-9948-00c04f98bbc9} [KeyFileName] -> Reg Error: Value error. [(default): Browsing Enhancements; IsInstalled: 1] -> File not found {6BF52A52-394A-11d3-B153-00C04F79FAA6} [stubPath] -> %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI [(default): Microsoft Windows Media Player; IsInstalled: 1] -> {6fab99d0-bab8-11d1-994a-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): MSN Site Access; IsInstalled: 1] -> File not found {7790769C-0471-11d2-AF11-00C04FA35D02} [HKLM] -> Reg Error: Key error. [(default): Address Book 7; IsInstalled: 1] -> File not found {89820200-ECBD-11cf-8B85-00AA005B4340} [stubPath] -> regsvr32.exe /s /n /i:U shell32.dll [(default): Windows Desktop Update; IsInstalled: 1] -> {89820200-ECBD-11cf-8B85-00AA005B4383} [stubPath] -> C:\Windows\System32\ie4uinit.exe -BaseSettings [(default): Web Platform Customizations; IsInstalled: 1] -> {89B4C1CD-B018-4511-B0A1-5476DBF70820} [stubPath] -> C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install [ComponentID: DOTNETFRAMEWORKS; IsInstalled: 1] -> {9381D8F2-0288-11D0-9501-00AA00B911A5} [HKLM] -> Reg Error: Key error. [(default): Dynamic HTML Data Binding; IsInstalled: 1] -> File not found {C9E9A340-D1F1-11D0-821E-444553540600} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Core Fonts; IsInstalled: 1] -> File not found {de5aed00-a4bf-11d1-9948-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): HTML Help; IsInstalled: 1] -> File not found {E92B03AB-B707-11d2-9CBD-0000F87A369E} [HKLM] -> Reg Error: Key error. [(default): Active Directory Service Interface; IsInstalled: 1] -> File not found {FEBEF00C-046D-438D-8A88-BF94A6C9E703} [HKLM] -> Reg Error: Key error. [(default): .NET Framework] -> File not found >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} [stubPath] -> %SystemRoot%\system32\unregmp2.exe /ShowWMP [(default): Microsoft Windows Media Player; IsInstalled: 0] -> >{26923b43-4d38-484f-9b9e-de460746276c} [stubPath] -> C:\Windows\System32\ie4uinit.exe -UserIconConfig [(default): Internet Explorer; IsInstalled: 1] -> >{60B49E34-C7CC-11D0-8953-00A0C90347FF} [stubPath] -> "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP [(default): Browser Customizations; IsInstalled: 1] -> < ActiveX StubPath [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608500} [KeyFileName] -> C:\Program Files (x86)\Java\jre6\bin\regutils.dll [(default): Java (Sun); IsInstalled: 1] -> [2010/04/12 18:35:02 | 000,270,336 | ---- | M] (Sun Microsystems, Inc.) {22d6f312-b0f6-11d0-94ab-0080c74c7e95} [HKLM] -> C:\Windows\SysWOW64\wmpdxm.dll [(default): Microsoft Windows Media Player 12.0; IsInstalled: 1] -> [2009/07/14 03:16:19 | 000,299,520 | ---- | M] (Microsoft Corporation) {2C7339CF-2B09-4501-B3F3-F3508C9228ED} [stubPath] -> %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [(default): Themes Setup; IsInstalled: 1] -> {3af36230-a269-11d1-b5bf-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Offline Browsing Pack; IsInstalled: 1] -> File not found {44BBA840-CC51-11CF-AAFA-00AA00B6015C} [stubPath] -> "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE [(default): Microsoft Windows; IsInstalled: 1] -> {44BBA855-CC51-11CF-AAFA-00AA00B6015F} [HKLM] -> Reg Error: Key error. [(default): DirectDrawEx; IsInstalled: 1] -> File not found {45ea75a0-a269-11d1-b5bf-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Help; IsInstalled: 1] -> File not found {4f645220-306d-11d2-995d-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): Microsoft Windows Script 5.6; IsInstalled: 1] -> File not found {5fd399c0-a70a-11d1-9948-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Setup Tools; IsInstalled: 1] -> File not found {630b1da0-b465-11d1-9948-00c04f98bbc9} [KeyFileName] -> C:\Windows\SysWOW64\msieftp.dll [(default): Browsing Enhancements; IsInstalled: 1] -> [2009/07/14 03:15:44 | 000,301,568 | ---- | M] (Microsoft Corporation) {6BF52A52-394A-11d3-B153-00C04F79FAA6} [stubPath] -> %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI [(default): Microsoft Windows Media Player; IsInstalled: 1] -> {6fab99d0-bab8-11d1-994a-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): MSN Site Access; IsInstalled: 1] -> File not found {7790769C-0471-11d2-AF11-00C04FA35D02} [HKLM] -> Reg Error: Key error. [(default): Address Book 7; IsInstalled: 1] -> File not found {7C028AF8-F614-47B3-82DA-BA94E41B1089} [HKLM] -> Reg Error: Key error. [(default): .NET Framework] -> File not found {89820200-ECBD-11cf-8B85-00AA005B4340} [stubPath] -> regsvr32.exe /s /n /i:U shell32.dll [(default): Windows Desktop Update; IsInstalled: 1] -> {89820200-ECBD-11cf-8B85-00AA005B4383} [stubPath] -> C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings [(default): Web Platform Customizations; IsInstalled: 1] -> {89B4C1CD-B018-4511-B0A1-5476DBF70820} [stubPath] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install [ComponentID: DOTNETFRAMEWORKS; IsInstalled: 1] -> {9381D8F2-0288-11D0-9501-00AA00B911A5} [HKLM] -> Reg Error: Key error. [(default): Dynamic HTML Data Binding; IsInstalled: 1] -> File not found {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} [HKLM] -> Reg Error: Key error. [(default): .NET Framework] -> File not found {C9E9A340-D1F1-11D0-821E-444553540600} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Core Fonts; IsInstalled: 1] -> File not found {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} [HKLM] -> Reg Error: Key error. [(default): .NET Framework] -> File not found {D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\Windows\SysWOW64\Macromed\Flash\Flash10h.ocx [(default): Adobe Flash Player; IsInstalled: 01 00 00 00 [binary data]] -> [2010/06/12 18:25:27 | 005,712,336 | R--- | M] (Adobe Systems, Inc.) {de5aed00-a4bf-11d1-9948-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): HTML Help; IsInstalled: 1] -> File not found {E92B03AB-B707-11d2-9CBD-0000F87A369E} [HKLM] -> Reg Error: Key error. [(default): Active Directory Service Interface; IsInstalled: 1] -> File not found >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} [stubPath] -> %SystemRoot%\system32\unregmp2.exe /ShowWMP [(default): Microsoft Windows Media Player; IsInstalled: 0] -> >{26923b43-4d38-484f-9b9e-de460746276c} [stubPath] -> C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig [(default): Internet Explorer; IsInstalled: 1] -> >{60B49E34-C7CC-11D0-8953-00A0C90347FF} [stubPath] -> "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP [(default): Browser Customizations; IsInstalled: 1] -> < ActiveX StubPath [HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\] > -> HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\ -> {2C7339CF-2B09-4501-B3F3-F3508C9228ED} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {44BBA840-CC51-11CF-AAFA-00AA00B6015C} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {6BF52A52-394A-11d3-B153-00C04F79FAA6} [HKLM] -> C:\Windows\SysWOW64\wmp.dll [HKLM: Windows Media Player] -> [2009/08/29 08:59:32 | 011,406,336 | ---- | M] (Microsoft Corporation) {89820200-ECBD-11cf-8B85-00AA005B4340} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {89820200-ECBD-11cf-8B85-00AA005B4383} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {89B4C1CD-B018-4511-B0A1-5476DBF70820} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found >{26923b43-4d38-484f-9b9e-de460746276c} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found >{60B49E34-C7CC-11D0-8953-00A0C90347FF} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found < 64bit-App Paths [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ -> 7zFM.exe -> C:\Program Files (x86)\7-Zip\7zFM.exe [C:\Program Files (x86)\7-Zip\7zFM.exe] -> [2009/02/03 09:10:08 | 000,388,096 | ---- | M] (Igor Pavlov) AcroRd32.exe -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe [C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe] -> [2010/04/04 07:57:52 | 000,349,616 | ---- | M] (Adobe Systems Incorporated) BackupManager.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found ccleaner.exe -> C:\Program Files (x86)\CCleaner\CCleaner.exe [C:\Program Files (x86)\CCleaner\ccleaner.exe] -> [2010/05/25 18:08:54 | 001,694,520 | ---- | M] (Piriform Ltd) cmmgr32.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found dvdmaker.exe -> C:\Program Files\DVD Maker\dvdmaker.exe [%ProgramFiles%\DVD Maker\dvdmaker.exe] -> [2009/07/14 03:39:08 | 002,258,432 | ---- | M] (Microsoft Corporation) ECOPY.EXE -> C:\Program Files (x86)\epson\Creativity Suite\Copy Utility\ECOPY.EXE [C:\Program Files (x86)\EPSON\Creativity Suite\Copy Utility\ECOPY.exe] -> [2004/10/08 01:00:02 | 000,716,800 | ---- | M] (SEIKO EPSON CORP.) Escfg.exe -> C:\Windows\twain_32\escndv\escfg.exe [C:\Windows\twain_32\escndv\Escfg.exe] -> [2006/10/04 01:00:00 | 000,182,424 | ---- | M] (SEIKO EPSON CORP.) Escndv.exe -> C:\Windows\twain_32\escndv\escndv.exe [C:\Windows\twain_32\escndv\Escndv.exe] -> [2006/03/08 01:00:00 | 000,118,784 | ---- | M] (SEIKO EPSON CORP.) firefox.exe -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe [C:\Program Files (x86)\Mozilla Firefox\firefox.exe] -> [2010/04/01 20:01:50 | 000,910,296 | ---- | M] (Mozilla Corporation) fsquirt.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found install.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found iTunes.exe -> C:\Program Files (x86)\iTunes\iTunes.exe [C:\Program Files (x86)\iTunes\iTunes.exe] -> [2010/04/28 15:06:24 | 010,358,568 | ---- | M] (Apple Inc.) IZArc -> C:\Program Files (x86)\IZArc\IZArc.exe [C:\Program Files (x86)\IZArc\IZArc.exe] -> [2009/11/23 11:27:36 | 002,850,304 | ---- | M] () javaws.exe -> C:\Program Files (x86)\Java\jre6\bin\javaws.exe [C:\Program Files (x86)\Java\jre6\bin\javaws.exe] -> [2010/06/05 12:05:37 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) Journal.exe -> C:\Program Files\Windows Journal\Journal.exe [%ProgramFiles%\Windows Journal\Journal.exe] -> [2009/07/14 03:39:14 | 002,164,224 | ---- | M] (Microsoft Corporation) mbam.exe -> C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe [C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe] -> [2010/04/29 15:39:32 | 001,090,952 | ---- | M] (Malwarebytes Corporation) mip.exe -> C:\Program Files\Common Files\Microsoft Shared\Ink\mip.exe [%CommonProgramFiles%\Microsoft Shared\Ink\mip.exe] -> [2009/07/14 03:39:19 | 001,547,264 | ---- | M] (Microsoft Corporation) mplayer2.exe -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe [%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe] -> [2009/08/29 08:56:10 | 000,164,864 | ---- | M] (Microsoft Corporation) MSNMSGR.EXE -> C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe] -> [2009/07/26 17:44:52 | 003,883,856 | ---- | M] (Microsoft Corporation) MsoHtmEd.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found msoxmled.exe -> C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLED.EXE [C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSOXMLED.EXE] -> [2006/10/27 06:41:50 | 000,059,152 | ---- | M] (Microsoft Corporation) msworks.exe -> c:\Program Files (x86)\Microsoft Works\MSWorks.exe [c:\Program Files (x86)\Microsoft Works\msworks.exe] -> [2007/06/20 23:03:56 | 000,644,448 | ---- | M] (Microsoft® Corporation) NewPCStudio.exe -> C:\Program Files (x86)\Samsung\Samsung New PC Studio\ [C:\Program Files (x86)\Samsung\Samsung New PC Studio\] -> [2010/05/26 16:03:42 | 000,000,000 | ---D | M] ois.exe -> C:\Program Files (x86)\Microsoft Office\Office12\OIS.EXE [C:\PROGRA~2\MICROS~1\Office12\OIS.EXE] -> [2008/11/04 02:24:48 | 000,274,808 | ---- | M] (Microsoft Corporation) OneNote.exe -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTE.EXE [C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE] -> [2009/02/26 15:24:50 | 001,001,840 | ---- | M] (Microsoft Corporation) pbrush.exe -> C:\Windows\SysNative\mspaint.exe [%SystemRoot%\System32\mspaint.exe] -> [2009/07/14 03:39:24 | 006,676,480 | ---- | M] (Microsoft Corporation) PhotoImpression.exe -> C:\Program Files (x86)\ArcSoft\PhotoImpression 5\photoimpression.exe [C:\Program Files (x86)\ArcSoft\PhotoImpression 5\PhotoImpression.exe] -> [2005/03/14 16:30:28 | 000,135,168 | ---- | M] (ArcSoft Inc.) pi.exe -> C:\Program Files (x86)\Microsoft Digital Image 10\pi.exe [C:\Program Files (x86)\Microsoft Digital Image 10\pi.exe] -> [2004/06/12 12:40:16 | 000,424,448 | ---- | M] (Microsoft Corporation) PictureViewer.exe -> C:\Program Files (x86)\QuickTime\PictureViewer.exe [C:\Program Files (x86)\QuickTime\PictureViewer.exe] -> [2010/03/17 21:53:32 | 000,557,056 | ---- | M] (Apple Inc.) PlayMovie.exe -> C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PlayMovie.mcl [C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PlayMovie.mcl] -> [2009/09/29 11:51:14 | 000,000,465 | ---- | M] () Pod.exe -> C:\Program Files (x86)\Microsoft Digital Image 10\Pod.exe [C:\Program Files (x86)\Microsoft Digital Image 10\Pod.exe] -> [2004/06/12 12:35:14 | 000,035,328 | ---- | M] (Microsoft Corporation) PowerCinema -> C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe [C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe] -> [2009/09/29 12:31:56 | 000,353,576 | ---- | M] (Acer Incorporated) powerpnt.exe -> C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE [C:\PROGRA~2\MICROS~1\Office12\POWERPNT.EXE] -> [2009/02/26 14:06:28 | 000,521,080 | ---- | M] (Microsoft Corporation) PowerShell.exe -> C:\Windows\SysNative\WindowsPowerShell\v1.0\powershell.exe [%SystemRoot%\system32\WindowsPowerShell\v1.0\PowerShell.exe] -> [2009/07/14 03:39:20 | 000,473,600 | ---- | M] (Microsoft Corporation) QuickTimePlayer.exe -> C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe [C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe] -> [2010/03/17 23:28:24 | 001,230,128 | ---- | M] (Apple Inc.) sbase.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\sbase.exe [C:\Program Files (x86)\OpenOffice.org 3\program\sbase.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org) scalc.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\scalc.exe [C:\Program Files (x86)\OpenOffice.org 3\program\scalc.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org) sdraw.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\sdraw.exe [C:\Program Files (x86)\OpenOffice.org 3\program\sdraw.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org) setup.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found simpress.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\simpress.exe [C:\Program Files (x86)\OpenOffice.org 3\program\simpress.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org) smath.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\smath.exe [C:\Program Files (x86)\OpenOffice.org 3\program\smath.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org) SnippingTool.exe -> C:\Windows\SysNative\SnippingTool.exe [%SystemRoot%\system32\SnippingTool.exe] -> [2009/07/14 03:39:41 | 000,431,104 | ---- | M] (Microsoft Corporation) soffice.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe [C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe] -> [2010/05/21 00:58:46 | 011,318,784 | ---- | M] (OpenOffice.org) SoftDMA.exe -> C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe [C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe] -> [2009/09/25 11:48:14 | 000,334,392 | ---- | M] (Acer Incorporated) swriter.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\swriter.exe [C:\Program Files (x86)\OpenOffice.org 3\program\swriter.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org) table30.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found TabTip.exe -> C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [%CommonProgramFiles%\microsoft shared\ink\TabTip.exe] -> [2009/07/14 03:39:47 | 000,224,256 | ---- | M] (Microsoft Corporation) thunderbird.exe -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe [C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe] -> [2010/03/31 07:46:49 | 011,957,424 | ---- | M] (Mozilla Messaging) unopkg.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\unopkg.exe [C:\Program Files (x86)\OpenOffice.org 3\program\unopkg.exe] -> [2010/05/20 07:01:10 | 000,010,752 | ---- | M] () wab.exe -> C:\Program Files\Windows Mail\wab.exe [%ProgramFiles%\Windows Mail\wab.exe] -> [2009/07/14 03:39:50 | 000,516,608 | ---- | M] (Microsoft Corporation) wabmig.exe -> C:\Program Files\Windows Mail\wabmig.exe [%ProgramFiles%\Windows Mail\wabmig.exe] -> [2009/07/14 03:39:50 | 000,067,584 | ---- | M] (Microsoft Corporation) WinRAR.exe -> C:\Program Files\WinRAR\WinRAR.exe [C:\Program Files\WinRAR\WinRAR.exe] -> [2010/03/15 11:26:36 | 001,090,560 | ---- | M] () Winword.exe -> C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE [C:\PROGRA~2\MICROS~1\Office12\WINWORD.EXE] -> [2010/04/09 19:05:06 | 000,408,936 | ---- | M] (Microsoft Corporation) WKSAB.EXE -> c:\Program Files (x86)\Microsoft Works\wksab.exe [c:\Program Files (x86)\Microsoft Works\WKSAB.exe] -> [2007/06/20 23:04:22 | 000,020,832 | ---- | M] (Microsoft® Corporation) wkscal.exe -> c:\Program Files (x86)\Microsoft Works\WksCal.exe [c:\PROGRA~2\MICROS~2\WksCal.exe] -> [2007/06/20 23:04:22 | 000,722,272 | ---- | M] (Microsoft® Corporation) wksdb.exe -> c:\Program Files (x86)\Microsoft Works\wksdb.exe [c:\Program Files (x86)\Microsoft Works\wksdb.exe] -> [2007/06/20 23:04:22 | 001,242,464 | ---- | M] (Microsoft® Corporation) WKSSB.EXE -> c:\Program Files (x86)\Microsoft Works\WksSb.exe [c:\Program Files (x86)\Microsoft Works\WKSSB.exe] -> [2007/06/20 23:04:22 | 001,099,104 | ---- | M] (Microsoft® Corporation) wksss.exe -> c:\Program Files (x86)\Microsoft Works\wksss.exe [c:\Program Files (x86)\Microsoft Works\wksss.exe] -> [2007/06/20 23:04:24 | 000,947,552 | ---- | M] (Microsoft® Corporation) wkswp.exe -> c:\Program Files (x86)\Microsoft Works\WksWP.exe [c:\Program Files (x86)\Microsoft Works\wkswp.exe] -> [2007/06/20 23:04:24 | 000,709,984 | ---- | M] (Microsoft® Corporation) wlmail.exe -> C:\Program Files (x86)\Windows Live\Mail\wlmail.exe [C:\Program Files (x86)\Windows Live\Mail\wlmail.exe] -> [2009/07/26 17:44:52 | 000,114,000 | ---- | M] (Microsoft Corporation) wmplayer.exe -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe [%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe] -> [2009/08/29 08:56:10 | 000,164,864 | ---- | M] (Microsoft Corporation) WORDPAD.EXE -> C:\Program Files\Windows NT\Accessories\WORDPAD.EXE ["%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"] -> [2009/07/14 03:39:57 | 004,580,352 | ---- | M] (Microsoft Corporation) WRITE.EXE -> C:\Program Files\Windows NT\Accessories\WORDPAD.EXE ["%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"] -> [2009/07/14 03:39:57 | 004,580,352 | ---- | M] (Microsoft Corporation) < App Paths [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ -> 7zFM.exe -> C:\Program Files (x86)\7-Zip\7zFM.exe [C:\Program Files (x86)\7-Zip\7zFM.exe] -> [2009/02/03 09:10:08 | 000,388,096 | ---- | M] (Igor Pavlov) AcroRd32.exe -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe [C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe] -> [2010/04/04 07:57:52 | 000,349,616 | ---- | M] (Adobe Systems Incorporated) BackupManager.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found ccleaner.exe -> C:\Program Files (x86)\CCleaner\CCleaner.exe [C:\Program Files (x86)\CCleaner\ccleaner.exe] -> [2010/05/25 18:08:54 | 001,694,520 | ---- | M] (Piriform Ltd) cmmgr32.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found dvdmaker.exe -> C:\Program Files (x86)\DVD Maker\dvdmaker.exe [%ProgramFiles%\DVD Maker\dvdmaker.exe] -> File not found ECOPY.EXE -> C:\Program Files (x86)\epson\Creativity Suite\Copy Utility\ECOPY.EXE [C:\Program Files (x86)\EPSON\Creativity Suite\Copy Utility\ECOPY.exe] -> [2004/10/08 01:00:02 | 000,716,800 | ---- | M] (SEIKO EPSON CORP.) Escfg.exe -> C:\Windows\twain_32\escndv\escfg.exe [C:\Windows\twain_32\escndv\Escfg.exe] -> [2006/10/04 01:00:00 | 000,182,424 | ---- | M] (SEIKO EPSON CORP.) Escndv.exe -> C:\Windows\twain_32\escndv\escndv.exe [C:\Windows\twain_32\escndv\Escndv.exe] -> [2006/03/08 01:00:00 | 000,118,784 | ---- | M] (SEIKO EPSON CORP.) firefox.exe -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe [C:\Program Files (x86)\Mozilla Firefox\firefox.exe] -> [2010/04/01 20:01:50 | 000,910,296 | ---- | M] (Mozilla Corporation) fsquirt.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found install.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found iTunes.exe -> C:\Program Files (x86)\iTunes\iTunes.exe [C:\Program Files (x86)\iTunes\iTunes.exe] -> [2010/04/28 15:06:24 | 010,358,568 | ---- | M] (Apple Inc.) IZArc -> C:\Program Files (x86)\IZArc\IZArc.exe [C:\Program Files (x86)\IZArc\IZArc.exe] -> [2009/11/23 11:27:36 | 002,850,304 | ---- | M] () javaws.exe -> C:\Program Files (x86)\Java\jre6\bin\javaws.exe [C:\Program Files (x86)\Java\jre6\bin\javaws.exe] -> [2010/06/05 12:05:37 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) Journal.exe -> C:\Program Files (x86)\Windows Journal\Journal.exe [%ProgramFiles%\Windows Journal\Journal.exe] -> File not found mbam.exe -> C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe [C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe] -> [2010/04/29 15:39:32 | 001,090,952 | ---- | M] (Malwarebytes Corporation) mip.exe -> C:\Program Files (x86)\Common Files\microsoft shared\ink\mip.exe [%CommonProgramFiles%\Microsoft Shared\Ink\mip.exe] -> [2009/07/14 03:14:24 | 001,221,632 | ---- | M] (Microsoft Corporation) mplayer2.exe -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe [%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe] -> [2009/08/29 08:56:10 | 000,164,864 | ---- | M] (Microsoft Corporation) MSNMSGR.EXE -> C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe] -> [2009/07/26 17:44:52 | 003,883,856 | ---- | M] (Microsoft Corporation) MsoHtmEd.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found msoxmled.exe -> C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLED.EXE [C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSOXMLED.EXE] -> [2006/10/27 06:41:50 | 000,059,152 | ---- | M] (Microsoft Corporation) msworks.exe -> c:\Program Files (x86)\Microsoft Works\MSWorks.exe [c:\Program Files (x86)\Microsoft Works\msworks.exe] -> [2007/06/20 23:03:56 | 000,644,448 | ---- | M] (Microsoft® Corporation) NewPCStudio.exe -> C:\Program Files (x86)\Samsung\Samsung New PC Studio\ [C:\Program Files (x86)\Samsung\Samsung New PC Studio\] -> [2010/05/26 16:03:42 | 000,000,000 | ---D | M] ois.exe -> C:\Program Files (x86)\Microsoft Office\Office12\OIS.EXE [C:\PROGRA~2\MICROS~1\Office12\OIS.EXE] -> [2008/11/04 02:24:48 | 000,274,808 | ---- | M] (Microsoft Corporation) OneNote.exe -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTE.EXE [C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE] -> [2009/02/26 15:24:50 | 001,001,840 | ---- | M] (Microsoft Corporation) pbrush.exe -> C:\Windows\SysWOW64\mspaint.exe [%SystemRoot%\System32\mspaint.exe] -> [2009/07/14 03:14:26 | 006,376,960 | ---- | M] (Microsoft Corporation) PhotoImpression.exe -> C:\Program Files (x86)\ArcSoft\PhotoImpression 5\photoimpression.exe [C:\Program Files (x86)\ArcSoft\PhotoImpression 5\PhotoImpression.exe] -> [2005/03/14 16:30:28 | 000,135,168 | ---- | M] (ArcSoft Inc.) pi.exe -> C:\Program Files (x86)\Microsoft Digital Image 10\pi.exe [C:\Program Files (x86)\Microsoft Digital Image 10\pi.exe] -> [2004/06/12 12:40:16 | 000,424,448 | ---- | M] (Microsoft Corporation) PictureViewer.exe -> C:\Program Files (x86)\QuickTime\PictureViewer.exe [C:\Program Files (x86)\QuickTime\PictureViewer.exe] -> [2010/03/17 21:53:32 | 000,557,056 | ---- | M] (Apple Inc.) PlayMovie.exe -> C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PlayMovie.mcl [C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PlayMovie.mcl] -> [2009/09/29 11:51:14 | 000,000,465 | ---- | M] () Pod.exe -> C:\Program Files (x86)\Microsoft Digital Image 10\Pod.exe [C:\Program Files (x86)\Microsoft Digital Image 10\Pod.exe] -> [2004/06/12 12:35:14 | 000,035,328 | ---- | M] (Microsoft Corporation) PowerCinema -> C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe [C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe] -> [2009/09/29 12:31:56 | 000,353,576 | ---- | M] (Acer Incorporated) powerpnt.exe -> C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE [C:\PROGRA~2\MICROS~1\Office12\POWERPNT.EXE] -> [2009/02/26 14:06:28 | 000,521,080 | ---- | M] (Microsoft Corporation) PowerShell.exe -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe [%SystemRoot%\system32\WindowsPowerShell\v1.0\PowerShell.exe] -> [2009/07/14 03:14:24 | 000,452,608 | ---- | M] (Microsoft Corporation) QuickTimePlayer.exe -> C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe [C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe] -> [2010/03/17 23:28:24 | 001,230,128 | ---- | M] (Apple Inc.) sbase.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\sbase.exe [C:\Program Files (x86)\OpenOffice.org 3\program\sbase.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org) scalc.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\scalc.exe [C:\Program Files (x86)\OpenOffice.org 3\program\scalc.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org) sdraw.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\sdraw.exe [C:\Program Files (x86)\OpenOffice.org 3\program\sdraw.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org) setup.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found sidebar.exe -> C:\Program Files (x86)\Windows Sidebar\sidebar.exe ["%ProgramFiles%\Windows Sidebar\sidebar.exe"] -> [2009/07/14 03:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation) simpress.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\simpress.exe [C:\Program Files (x86)\OpenOffice.org 3\program\simpress.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org) smath.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\smath.exe [C:\Program Files (x86)\OpenOffice.org 3\program\smath.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org) SnippingTool.exe -> C:\Windows\SysWow64\SnippingTool.exe [%SystemRoot%\system32\SnippingTool.exe] -> File not found soffice.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe [C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe] -> [2010/05/21 00:58:46 | 011,318,784 | ---- | M] (OpenOffice.org) SoftDMA.exe -> C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe [C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe] -> [2009/09/25 11:48:14 | 000,334,392 | ---- | M] (Acer Incorporated) swriter.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\swriter.exe [C:\Program Files (x86)\OpenOffice.org 3\program\swriter.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org) table30.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found TabTip.exe -> C:\Program Files (x86)\Common Files\microsoft shared\ink\TabTip.exe [%CommonProgramFiles%\microsoft shared\ink\TabTip.exe] -> File not found thunderbird.exe -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe [C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe] -> [2010/03/31 07:46:49 | 011,957,424 | ---- | M] (Mozilla Messaging) unopkg.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\unopkg.exe [C:\Program Files (x86)\OpenOffice.org 3\program\unopkg.exe] -> [2010/05/20 07:01:10 | 000,010,752 | ---- | M] () wab.exe -> C:\Program Files (x86)\Windows Mail\wab.exe [%ProgramFiles%\Windows Mail\wab.exe] -> [2009/07/14 03:14:44 | 000,516,096 | ---- | M] (Microsoft Corporation) wabmig.exe -> C:\Program Files (x86)\Windows Mail\wabmig.exe [%ProgramFiles%\Windows Mail\wabmig.exe] -> [2009/07/14 03:14:44 | 000,065,536 | ---- | M] (Microsoft Corporation) WinRAR.exe -> C:\Program Files\WinRAR\WinRAR.exe [C:\Program Files\WinRAR\WinRAR.exe] -> [2010/03/15 11:26:36 | 001,090,560 | ---- | M] () Winword.exe -> C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE [C:\PROGRA~2\MICROS~1\Office12\WINWORD.EXE] -> [2010/04/09 19:05:06 | 000,408,936 | ---- | M] (Microsoft Corporation) WKSAB.EXE -> c:\Program Files (x86)\Microsoft Works\wksab.exe [c:\Program Files (x86)\Microsoft Works\WKSAB.exe] -> [2007/06/20 23:04:22 | 000,020,832 | ---- | M] (Microsoft® Corporation) wkscal.exe -> c:\Program Files (x86)\Microsoft Works\WksCal.exe [c:\PROGRA~2\MICROS~2\WksCal.exe] -> [2007/06/20 23:04:22 | 000,722,272 | ---- | M] (Microsoft® Corporation) wksdb.exe -> c:\Program Files (x86)\Microsoft Works\wksdb.exe [c:\Program Files (x86)\Microsoft Works\wksdb.exe] -> [2007/06/20 23:04:22 | 001,242,464 | ---- | M] (Microsoft® Corporation) WKSSB.EXE -> c:\Program Files (x86)\Microsoft Works\WksSb.exe [c:\Program Files (x86)\Microsoft Works\WKSSB.exe] -> [2007/06/20 23:04:22 | 001,099,104 | ---- | M] (Microsoft® Corporation) wksss.exe -> c:\Program Files (x86)\Microsoft Works\wksss.exe [c:\Program Files (x86)\Microsoft Works\wksss.exe] -> [2007/06/20 23:04:24 | 000,947,552 | ---- | M] (Microsoft® Corporation) wkswp.exe -> c:\Program Files (x86)\Microsoft Works\WksWP.exe [c:\Program Files (x86)\Microsoft Works\wkswp.exe] -> [2007/06/20 23:04:24 | 000,709,984 | ---- | M] (Microsoft® Corporation) wlmail.exe -> C:\Program Files (x86)\Windows Live\Mail\wlmail.exe [C:\Program Files (x86)\Windows Live\Mail\wlmail.exe] -> [2009/07/26 17:44:52 | 000,114,000 | ---- | M] (Microsoft Corporation) wmplayer.exe -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe [%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe] -> [2009/08/29 08:56:10 | 000,164,864 | ---- | M] (Microsoft Corporation) WORDPAD.EXE -> C:\Program Files (x86)\Windows NT\Accessories\WORDPAD.EXE ["%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"] -> [2009/07/14 03:14:49 | 004,243,968 | ---- | M] (Microsoft Corporation) WRITE.EXE -> C:\Program Files (x86)\Windows NT\Accessories\WORDPAD.EXE ["%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"] -> [2009/07/14 03:14:49 | 004,243,968 | ---- | M] (Microsoft Corporation) < 64bit-Approved Shell Extensions [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved -> "{00C6D95F-329C-409a-81D7-C46C66EA7F33}" [HKLM] -> C:\Windows\SysNative\shdocvw.dll [] -> [2009/07/14 03:41:54 | 000,196,096 | ---- | M] (Microsoft Corporation) "{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKLM] -> C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll [eDS psd drag drop protection] -> [2009/09/10 15:44:06 | 000,137,512 | ---- | M] (Egis Technology Inc.) "{3BBAC0AD-8227-3462-C8EF-A36794DD8CD2}" [HKLM] -> C:\Program Files (x86)\IZArc\IZArcCM64.dll [iZArc Shell Extension] -> [2009/04/24 15:50:52 | 000,210,944 | ---- | M] () "{3D1975AF-48C6-4f8e-A182-BE0E08FA86A9}" [HKLM] -> C:\Windows\SysNative\nvshext.dll [NVIDIA Play On My TV Context Menu Extension] -> [2009/07/14 10:51:46 | 000,238,080 | ---- | M] (NVIDIA Corporation) "{42042206-2D85-11D3-8CFF-005004838597}" [HKLM] -> C:\PROGRA~1\MICROS~2\Office12\MSOHEVI.DLL [Microsoft Office HTML Icon Handler] -> [2008/10/25 17:36:06 | 000,110,968 | ---- | M] (Microsoft Corporation) "{44440D00-FF19-4AFC-B765-9A0970567D97}" [HKLM] -> C:\Windows\SysNative\uxtuneup.dll [TuneUp Theme Extension] -> [2010/05/07 18:01:52 | 000,036,168 | ---- | M] (TuneUp Software) "{45AC2688-0253-4ED8-97DE-B5370FA7D48A}" [HKLM] -> C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [shell Extension for Malware scanning] -> [2010/06/18 19:52:00 | 000,357,224 | ---- | M] (Avira GmbH) "{4838CD50-7E5D-4811-9B17-C47A85539F28}" [HKLM] -> C:\Program Files (x86)\TuneUp Utilities 2010\DseShExt-x64.dll [TuneUp Disk Space Explorer Shell Extension] -> [2010/05/07 18:02:12 | 000,024,392 | ---- | M] (TuneUp Software) "{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}" [HKLM] -> C:\Program Files (x86)\TuneUp Utilities 2010\SDShelEx-x64.dll [TuneUp Shredder Shell Extension] -> [2010/05/07 18:02:24 | 000,029,512 | ---- | M] (TuneUp Software) "{80009818-f38f-4af1-87b5-eadab9433e58}" [HKLM] -> C:\Windows\SysNative\mf.dll [MF ADTS Property Handler] -> [2009/07/14 03:41:22 | 004,062,208 | ---- | M] (Microsoft Corporation) "{85D26561-0241-4BE2-A8DF-8F921A0EF948}" [HKLM] -> C:\Program Files (x86)\a-squared Free\a2freecontmenu64.dll [a-squared Free Shell Extension x64] -> [2009/10/01 17:03:14 | 000,302,736 | ---- | M] (Emsi Software GmbH) "{967B2D40-8B7D-4127-9049-61EA0C2C6DCE}" [HKLM] -> Reg Error: Key error. [PowerISO] -> File not found "{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}" [HKLM] -> C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [Microsoft Office Metadata Handler] -> [2008/11/21 08:06:22 | 001,586,568 | ---- | M] (Microsoft Corporation) "{A70C977A-BF00-412C-90B7-034C51DA2439}" [HKLM] -> C:\Windows\SysNative\nvcpl.dll [NvCpl DesktopContext Class] -> [2010/04/03 18:42:00 | 014,828,648 | ---- | M] (NVIDIA Corporation) "{B41DB860-64E4-11D2-9906-E49FADC173CA}" [HKLM] -> C:\Program Files\WinRAR\rarext.dll [WinRAR shell extension] -> [2010/03/15 11:28:22 | 000,166,400 | ---- | M] () "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" [HKLM] -> Reg Error: Key error. [WinRAR shell extension] -> File not found {B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKU\S-1-5-21-3258892936-4116843137-97899428-1001] -> C:\Program Files\WinRAR\rarext32.dll [WinRAR shell extension] -> [2010/03/15 11:28:22 | 000,141,824 | ---- | M] () "{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}" [HKLM] -> C:\Program Files\iTunes\iTunesMiniPlayer.dll [iTunes] -> [2010/04/28 15:06:34 | 000,141,096 | ---- | M] (Apple Inc.) "{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97}" [HKLM] -> C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [Microsoft Office Thumbnail Handler] -> [2008/11/21 08:06:22 | 001,586,568 | ---- | M] (Microsoft Corporation) "{FFB699E0-306A-11d3-8BD1-00104B6F7516}" [HKLM] -> C:\Windows\SysNative\nvcpl.dll [Play on my TV helper] -> [2010/04/03 18:42:00 | 014,828,648 | ---- | M] (NVIDIA Corporation) < Approved Shell Extensions [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved -> "{087B3AE3-E237-4467-B8DB-5A38AB959AC9}" [HKLM] -> C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll [OpenOffice.org Infotip Handler] -> [2010/05/19 15:37:00 | 000,401,920 | ---- | M] (OpenOffice.org) "{23170F69-40C1-278A-1000-000100020000}" [HKLM] -> C:\Program Files (x86)\7-Zip\7-zip.dll [7-Zip Shell Extension] -> [2009/02/03 09:09:46 | 000,069,632 | ---- | M] (Igor Pavlov) "{3B092F0C-7696-40E3-A80F-68D74DA84210}" [HKLM] -> C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll [OpenOffice.org Thumbnail Viewer] -> [2010/05/19 15:37:00 | 000,401,920 | ---- | M] (OpenOffice.org) "{4838CD50-7E5D-4811-9B17-C47A85539F28}" [HKLM] -> C:\Program Files (x86)\TuneUp Utilities 2010\DseShExt-x86.dll [TuneUp Disk Space Explorer Shell Extension] -> [2010/05/07 18:02:06 | 000,026,440 | ---- | M] (TuneUp Software) "{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}" [HKLM] -> C:\Program Files (x86)\TuneUp Utilities 2010\SDShelEx-win32.dll [TuneUp Shredder Shell Extension] -> [2010/05/07 18:02:18 | 000,030,536 | ---- | M] (TuneUp Software) "{63542C48-9552-494A-84F7-73AA6A7C99C1}" [HKLM] -> C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll [OpenOffice.org Property Sheet Handler] -> [2010/05/19 15:37:00 | 000,401,920 | ---- | M] (OpenOffice.org) "{72923739-5A47-40A3-9895-25AF0DFBB9E4}" [HKLM] -> C:\Program Files (x86)\Glary Utilities\ContextHandler.dll [Glary Utilities Context Menu Shell Extension] -> [2010/05/26 10:01:22 | 000,036,152 | ---- | M] (Glarysoft Ltd) "{B41DB860-64E4-11D2-9906-E49FADC173CA}" [HKLM] -> Reg Error: Key error. [WinRAR shell extension] -> File not found "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" [HKLM] -> C:\Program Files\WinRAR\rarext32.dll [WinRAR shell extension] -> [2010/03/15 11:28:22 | 000,141,824 | ---- | M] () {B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKU\S-1-5-21-3258892936-4116843137-97899428-1001] -> C:\Program Files\WinRAR\rarext32.dll [WinRAR shell extension] -> [2010/03/15 11:28:22 | 000,141,824 | ---- | M] () "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" [HKLM] -> C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll [OpenOffice.org Column Handler] -> [2010/05/19 15:37:00 | 000,401,920 | ---- | M] (OpenOffice.org) < 64bit-Disabled MSConfig State [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state -> "services" -> 2 -> < 64bit-Drivers32 [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 -> "aux" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation) "midi" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation) "midi1" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation) "midi2" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation) "midi3" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation) "midi4" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation) "midimapper" -> C:\Windows\SysNative\midimap.dll [midimap.dll] -> [2009/07/14 03:41:23 | 000,020,480 | ---- | M] (Microsoft Corporation) "mixer" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation) "mixer1" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation) "mixer2" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation) "mixer3" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation) "mixer4" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation) "msacm.imaadpcm" -> C:\Windows\SysNative\imaadp32.acm [imaadp32.acm] -> [2009/07/14 03:38:53 | 000,022,016 | ---- | M] (Microsoft Corporation) "msacm.l3acm" -> C:\Windows\SysNative\l3codeca.acm [C:\Windows\System32\l3codeca.acm] -> [2009/07/14 03:38:53 | 000,081,408 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) "msacm.msadpcm" -> C:\Windows\SysNative\msadp32.acm [msadp32.acm] -> [2009/07/14 03:38:53 | 000,024,064 | ---- | M] (Microsoft Corporation) "msacm.msg711" -> C:\Windows\SysNative\msg711.acm [msg711.acm] -> [2009/07/14 03:38:53 | 000,014,848 | ---- | M] (Microsoft Corporation) "msacm.msgsm610" -> C:\Windows\SysNative\msgsm32.acm [msgsm32.acm] -> [2009/07/14 03:38:53 | 000,029,184 | ---- | M] (Microsoft Corporation) "vidc.i420" -> C:\Windows\SysNative\iyuv_32.dll [iyuv_32.dll] -> [2009/12/19 11:46:35 | 000,054,272 | ---- | M] (Microsoft Corporation) "vidc.iyuv" -> C:\Windows\SysNative\iyuv_32.dll [iyuv_32.dll] -> [2009/12/19 11:46:35 | 000,054,272 | ---- | M] (Microsoft Corporation) "vidc.mrle" -> C:\Windows\SysNative\msrle32.dll [msrle32.dll] -> [2009/12/19 11:47:46 | 000,016,384 | ---- | M] (Microsoft Corporation) "vidc.msvc" -> C:\Windows\SysNative\msvidc32.dll [msvidc32.dll] -> [2009/12/19 11:47:53 | 000,038,912 | ---- | M] (Microsoft Corporation) "vidc.uyvy" -> C:\Windows\SysNative\msyuv.dll [msyuv.dll] -> [2009/12/19 11:47:56 | 000,025,088 | ---- | M] (Microsoft Corporation) "vidc.yuy2" -> C:\Windows\SysNative\msyuv.dll [msyuv.dll] -> [2009/12/19 11:47:56 | 000,025,088 | ---- | M] (Microsoft Corporation) "vidc.yvu9" -> C:\Windows\SysNative\tsbyuv.dll [tsbyuv.dll] -> [2009/12/19 11:50:56 | 000,014,848 | ---- | M] (Microsoft Corporation) "vidc.yvyu" -> C:\Windows\SysNative\msyuv.dll [msyuv.dll] -> [2009/12/19 11:47:56 | 000,025,088 | ---- | M] (Microsoft Corporation) "wave" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation) "wave1" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation) "wave2" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation) "wave3" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation) "wave4" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation) "wavemapper" -> C:\Windows\SysNative\msacm32.drv [msacm32.drv] -> [2009/07/14 03:38:50 | 000,025,600 | ---- | M] (Microsoft Corporation) < Drivers32 [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 -> "msacm.l3acm" -> C:\Windows\SysWOW64\l3codeca.acm [C:\Windows\SysWOW64\l3codeca.acm] -> [2009/07/14 03:14:10 | 000,064,000 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) "msacm.siren" -> C:\Windows\SysWow64\sirenacm.dll [sirenacm.dll] -> [2009/07/26 17:44:56 | 000,048,448 | ---- | M] (Microsoft Corporation) "vidc.cvid" -> C:\Windows\SysWow64\iccvid.dll [iccvid.dll] -> [2009/07/14 03:15:26 | 000,082,944 | ---- | M] (Radius Inc.) < 64bit-Ext (PreApproved) - [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ -> {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {19916E01-B44E-4E31-94A4-4696DF46157B} [HKLM] -> C:\Windows\SysNative\icardie.dll [informationCardSigninHelper Class] -> [2009/07/14 03:41:05 | 000,084,480 | ---- | M] (Microsoft Corporation) {233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {3050F819-98B5-11CF-BB82-00AA00BDCE0B} [HKLM] -> C:\Windows\SysNative\mshtmled.dll [HtmlDlgSafeHelper Class] -> [2009/07/14 03:41:28 | 000,097,280 | ---- | M] (Microsoft Corporation) {333C7BC4-460F-11D0-BC04-0080C7055A83} [HKLM] -> C:\Windows\SysNative\tdc.ocx [Tabular Data Control] -> [2009/07/14 03:38:53 | 000,078,336 | ---- | M] (Microsoft Corporation) {3E4D4F1C-2AEE-11D1-9D3D-00C04FC30DF6} [HKLM] -> C:\Windows\SysNative\oleprn.dll [oleprn Class] -> [2009/07/14 03:41:53 | 000,129,536 | ---- | M] (Microsoft Corporation) {4063BE15-3B08-470D-A0D5-B37161CFFD69} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {435899C9-44AB-11D1-AF00-080036234103} [HKLM] -> C:\Windows\SysNative\oleprn.dll [DSPrintQueue Class] -> [2009/07/14 03:41:53 | 000,129,536 | ---- | M] (Microsoft Corporation) {4F664F91-FF01-11D0-8AED-00C04FD7B597} [HKLM] -> C:\Windows\SysNative\oleprn.dll [OleSNMP Class] -> [2009/07/14 03:41:53 | 000,129,536 | ---- | M] (Microsoft Corporation) {65303443-AD66-11D1-9D65-00C04FC30DF6} [HKLM] -> C:\Windows\SysNative\oleprn.dll [OleCvt Class] -> [2009/07/14 03:41:53 | 000,129,536 | ---- | M] (Microsoft Corporation) {6BF52A52-394A-11d3-B153-00C04F79FAA6} [HKLM] -> C:\Windows\SysNative\wmp.dll [Windows Media Player] -> [2009/08/29 09:53:27 | 014,629,376 | ---- | M] (Microsoft Corporation) {760C4B83-E211-11D2-BF3E-00805FBE84A6} [HKLM] -> C:\Windows\SysNative\msnetobj.dll [Windows Media Services DRM Storage object] -> [2009/07/14 03:41:30 | 000,325,632 | ---- | M] (Microsoft Corporation) {884e2049-217d-11da-b2a4-000e7bbb2b09} [HKLM] -> C:\Windows\SysNative\CertEnrollCtrl.exe [X509 Enrollment WebClassFactory] -> [2009/07/14 03:38:58 | 000,070,144 | ---- | M] (Microsoft Corporation) {884e2051-217d-11da-b2a4-000e7bbb2b09} [HKLM] -> C:\Windows\SysNative\CertEnroll.dll [X509 Machine Enrollment Factory] -> [2009/09/03 09:36:39 | 001,975,296 | ---- | M] (Microsoft Corporation) {88d969c0-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {88d969c1-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {88d969c2-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {88d969c3-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {88d969c4-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {88d969c5-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {8E4062D9-FE1B-4b9e-AA16-5E8EEF68F48E} [HKLM] -> C:\Windows\SysNative\RegCtrl.dll [Registration Control] -> [2009/07/14 03:41:53 | 000,049,152 | ---- | M] (Microsoft Corporation) {92337A8C-E11D-11D0-BE48-00C04FC30DF6} [HKLM] -> C:\Windows\SysNative\oleprn.dll [prturl Class] -> [2009/07/14 03:41:53 | 000,129,536 | ---- | M] (Microsoft Corporation) {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} [HKLM] -> C:\Windows\SysNative\msnetobj.dll [RMGetLicense Class] -> [2009/07/14 03:41:30 | 000,325,632 | ---- | M] (Microsoft Corporation) {C3701884-B39B-11D1-9D68-00C04FC30DF6} [HKLM] -> C:\Windows\SysNative\oleprn.dll [OleInstall Class] -> [2009/07/14 03:41:53 | 000,129,536 | ---- | M] (Microsoft Corporation) {CA8A9780-280D-11CF-A24D-444553540000} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {CFCDAA03-8BE4-11cf-B84B-0020AFBBCCFA} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {D27CDB6E-AE6D-11cf-96B8-444553540000} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {EE09B103-97E0-11CF-978F-00A02463E06F} [HKLM] -> C:\Windows\SysNative\scrrun.dll [scripting.Dictionary] -> [2009/07/14 03:41:53 | 000,202,752 | ---- | M] (Microsoft Corporation) < Ext (PreApproved) - [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ -> {02BCC737-B171-4746-94C9-0D8A0B2C0089} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\IEAWSDC.DLL [Microsoft Office Template and Media Control] -> [2008/10/25 07:18:50 | 000,172,880 | ---- | M] () {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [HKLM] -> C:\Program Files (x86)\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2010/03/17 23:28:24 | 000,800,048 | ---- | M] (Apple Inc.) {07B06095-5687-4D13-9E32-12B4259C9813} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\STSUPLD.DLL [sTSUpld UploadCtl Class] -> [2006/10/27 04:59:30 | 000,227,128 | ---- | M] (Microsoft Corporation) {166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {19916E01-B44E-4E31-94A4-4696DF46157B} [HKLM] -> C:\Windows\SysWOW64\icardie.dll [informationCardSigninHelper Class] -> [2009/07/14 03:15:26 | 000,061,952 | ---- | M] (Microsoft Corporation) {233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {3050F819-98B5-11CF-BB82-00AA00BDCE0B} [HKLM] -> C:\Windows\SysWOW64\mshtmled.dll [HtmlDlgSafeHelper Class] -> [2009/07/14 03:15:44 | 000,067,072 | ---- | M] (Microsoft Corporation) {333C7BC4-460F-11D0-BC04-0080C7055A83} [HKLM] -> C:\Windows\SysWOW64\tdc.ocx [Tabular Data Control] -> [2009/07/14 03:14:10 | 000,066,560 | ---- | M] (Microsoft Corporation) {3E4D4F1C-2AEE-11D1-9D3D-00C04FC30DF6} [HKLM] -> C:\Windows\SysWOW64\oleprn.dll [oleprn Class] -> [2009/07/14 03:16:12 | 000,107,008 | ---- | M] (Microsoft Corporation) {3E8FD258-0359-4476-AAF4-7C5F65E9B46E} [HKLM] -> C:\Program Files (x86)\Common Files\Oberon Media\Odyssey\2.0.0.29\Odyssey.dll [OdysseyActiveX Class] -> [2007/07/04 13:17:40 | 000,206,120 | ---- | M] (Oberon Media) {3FD37ABB-F90A-4DE5-AA38-179629E64C2F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSSUPP.DLL [sharePoint Spreadsheet Launcher] -> [2009/03/06 05:23:08 | 000,140,168 | ---- | M] (Microsoft Corporation) {4063BE15-3B08-470D-A0D5-B37161CFFD69} [HKLM] -> C:\Program Files (x86)\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2010/03/17 23:28:24 | 000,800,048 | ---- | M] (Apple Inc.) {435899C9-44AB-11D1-AF00-080036234103} [HKLM] -> C:\Windows\SysWOW64\oleprn.dll [DSPrintQueue Class] -> [2009/07/14 03:16:12 | 000,107,008 | ---- | M] (Microsoft Corporation) {4F07F79F-087F-42cf-8B36-7A88D06088E9} [HKLM] -> C:\Program Files (x86)\Windows Live\Messenger\msgsc.14.0.8089.0726.dll [Reg Error: Value error.] -> [2009/07/26 17:44:56 | 000,221,520 | ---- | M] (Microsoft Corporation) {4F664F91-FF01-11D0-8AED-00C04FD7B597} [HKLM] -> C:\Windows\SysWOW64\oleprn.dll [OleSNMP Class] -> [2009/07/14 03:16:12 | 000,107,008 | ---- | M] (Microsoft Corporation) {5852F5ED-8BF4-11D4-A245-0080C6F74284} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\wsdetect.dll [isInstalled Class] -> [2010/06/05 12:05:37 | 000,108,320 | ---- | M] (Sun Microsystems, Inc.) {62B4D041-4667-40B6-BB50-4BC0A5043A73} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSSUPP.DLL [sharePoint Export Database Launcher] -> [2009/03/06 05:23:08 | 000,140,168 | ---- | M] (Microsoft Corporation) {65303443-AD66-11D1-9D65-00C04FC30DF6} [HKLM] -> C:\Windows\SysWOW64\oleprn.dll [OleCvt Class] -> [2009/07/14 03:16:12 | 000,107,008 | ---- | M] (Microsoft Corporation) {65BCBEE4-7728-41A0-97BE-14E1CAE36AAE} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\STSLIST.DLL [Microsoft Office List 12.0] -> [2009/03/06 04:01:06 | 002,335,648 | ---- | M] (Microsoft Corporation) {6BF52A52-394A-11d3-B153-00C04F79FAA6} [HKLM] -> C:\Windows\SysWOW64\wmp.dll [Windows Media Player] -> [2009/08/29 08:59:32 | 011,406,336 | ---- | M] (Microsoft Corporation) {760C4B83-E211-11D2-BF3E-00805FBE84A6} [HKLM] -> C:\Windows\SysWOW64\msnetobj.dll [Windows Media Services DRM Storage object] -> [2009/07/14 03:15:46 | 000,265,216 | ---- | M] (Microsoft Corporation) {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {884e2049-217d-11da-b2a4-000e7bbb2b09} [HKLM] -> C:\Windows\SysWOW64\CertEnrollCtrl.exe [X509 Enrollment WebClassFactory] -> [2009/07/14 03:14:13 | 000,067,072 | ---- | M] (Microsoft Corporation) {884e2051-217d-11da-b2a4-000e7bbb2b09} [HKLM] -> C:\Windows\SysWOW64\CertEnroll.dll [X509 Machine Enrollment Factory] -> [2009/09/03 09:04:15 | 001,320,960 | ---- | M] (Microsoft Corporation) {88d969c0-f192-11d4-a65f-0040963251e5} [HKLM] -> C:\Windows\SysWOW64\msxml4.dll [xml DOM Document 4.0] -> [2009/07/21 01:05:40 | 001,348,432 | ---- | M] (Microsoft Corporation) {88d969c1-f192-11d4-a65f-0040963251e5} [HKLM] -> C:\Windows\SysWOW64\msxml4.dll [Free Threaded XML DOM Document 4.0] -> [2009/07/21 01:05:40 | 001,348,432 | ---- | M] (Microsoft Corporation) {88d969c2-f192-11d4-a65f-0040963251e5} [HKLM] -> C:\Windows\SysWOW64\msxml4.dll [xml Schema Cache 4.0] -> [2009/07/21 01:05:40 | 001,348,432 | ---- | M] (Microsoft Corporation) {88d969c3-f192-11d4-a65f-0040963251e5} [HKLM] -> C:\Windows\SysWOW64\msxml4.dll [XSL Template 4.0] -> [2009/07/21 01:05:40 | 001,348,432 | ---- | M] (Microsoft Corporation) {88d969c4-f192-11d4-a65f-0040963251e5} [HKLM] -> C:\Windows\SysWOW64\msxml4.dll [xml Data Source Object 4.0] -> [2009/07/21 01:05:40 | 001,348,432 | ---- | M] (Microsoft Corporation) {88d969c5-f192-11d4-a65f-0040963251e5} [HKLM] -> C:\Windows\SysWOW64\msxml4.dll [xml HTTP 4.0] -> [2009/07/21 01:05:40 | 001,348,432 | ---- | M] (Microsoft Corporation) {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_20] -> [2010/06/05 12:05:37 | 000,108,320 | ---- | M] () {8E4062D9-FE1B-4b9e-AA16-5E8EEF68F48E} [HKLM] -> C:\Windows\SysWOW64\RegCtrl.dll [Registration Control] -> [2009/07/14 03:16:13 | 000,041,472 | ---- | M] (Microsoft Corporation) {9203C2CB-1DC1-482D-967E-597AFF270F0D} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSSUPP.DLL [sharePoint OpenDocuments Class] -> [2009/03/06 05:23:08 | 000,140,168 | ---- | M] (Microsoft Corporation) {92337A8C-E11D-11D0-BE48-00C04FC30DF6} [HKLM] -> C:\Windows\SysWOW64\oleprn.dll [prturl Class] -> [2009/07/14 03:16:12 | 000,107,008 | ---- | M] (Microsoft Corporation) {9F9C4924-C3F3-4459-A396-9E9E0D8B83D1} [HKLM] -> Reg Error: Key error. [sharePoint OpenDocuments Class] -> File not found {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} [HKLM] -> C:\Windows\SysWOW64\msnetobj.dll [RMGetLicense Class] -> [2009/07/14 03:15:46 | 000,265,216 | ---- | M] (Microsoft Corporation) {BDEADE3E-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWSClientEventSubscription Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADE3F-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWSClientMiscApis Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADE40-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWSClientCommentThread Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADE42-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWSClientComment Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADE43-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWSBrowserUI Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADE98-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWS Post Data] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADE9E-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [sharePoint Spreadsheet Launcher] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEB3-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [Web Discussions] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEB4-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [Web Discussions] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEB5-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [Web Discussions] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEB7-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWSDiscussionServers Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEB8-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWSClientCollaboration Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEDA-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OSE.Discussion] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEDB-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OSE.Discussions] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEDC-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OSE.DiscussionServer] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEDD-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OSE.DiscussionServers] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEDE-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OSE Global Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEE0-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWSDiscussionBar Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEF2-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> Reg Error: Key error. [sharePoint OpenDocuments Class] -> File not found {BDEADEF4-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> Reg Error: Key error. [sharePoint Stssync Handler] -> File not found {BDEADEF5-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSSUPP.DLL [sharePoint Stssync Handler] -> [2009/03/06 05:23:08 | 000,140,168 | ---- | M] (Microsoft Corporation) {C2828995-4A83-4100-A212-3024BA117356} [HKLM] -> C:\Program Files (x86)\Windows Live SkyDrive\Microsoft.Live.Folders.RichUpload.3.dll [Outil de téléchargement Windows Live] -> [2008/10/29 12:46:56 | 000,245,112 | ---- | M] (Microsoft Corporation) {C3701884-B39B-11D1-9D68-00C04FC30DF6} [HKLM] -> C:\Windows\SysWOW64\oleprn.dll [OleInstall Class] -> [2009/07/14 03:16:12 | 000,107,008 | ---- | M] (Microsoft Corporation) {C9712B19-838B-45A5-ABF2-9A315DDDED50} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\AUTHZAX.DLL [Microsoft Office 12 Authorization Control] -> [2008/10/25 07:18:46 | 000,054,152 | ---- | M] (Microsoft Corporation) {CA8A9780-280D-11CF-A24D-444553540000} [HKLM] -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll [Adobe PDF Reader] -> [2010/04/04 01:22:06 | 000,660,912 | ---- | M] (Adobe Systems, Inc.) {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_20] -> [2010/06/05 12:05:37 | 000,108,320 | ---- | M] () {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_20] -> [2010/06/05 12:05:37 | 000,108,320 | ---- | M] () {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_20] -> [2010/06/05 12:05:37 | 000,108,320 | ---- | M] () {CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA} [HKLM] -> C:\Windows\SysWOW64\deployJava1.dll [Deployment Toolkit] -> [2010/06/05 12:05:37 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) {CAFEEFAC-DEC7-0000-0001-ABCDEFFEDCBA} [HKLM] -> C:\Windows\SysWOW64\deployJava1.dll [Deployment Toolkit] -> [2010/06/05 12:05:37 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBC} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {CB927D12-4FF7-4A9E-A169-56E4B8A75598} [HKLM] -> C:\Program Files (x86)\QuickTime\QTPlugin.ocx [behavior Object] -> [2010/03/17 23:28:24 | 000,800,048 | ---- | M] (Apple Inc.) {CDEC13B2-0B3C-400E-B909-E27EE89C6799} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\STSUPLD.DLL [sTSUpld CopyCtl Class] -> [2006/10/27 04:59:30 | 000,227,128 | ---- | M] (Microsoft Corporation) {CFCDAA03-8BE4-11cf-B84B-0020AFBBCCFA} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {D2517915-48CE-4286-970F-921E881B8C5C} [HKLM] -> C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll [Contrôle de l'Assistant de connexion Windows Live] -> [2009/01/22 16:41:30 | 000,408,448 | ---- | M] (Microsoft Corporation) {D27CDB6E-AE6D-11cf-96B8-444553540000} [HKLM] -> C:\Windows\SysWOW64\Macromed\Flash\Flash10h.ocx [shockwave Flash Object] -> [2010/06/12 18:25:27 | 005,712,336 | R--- | M] (Adobe Systems, Inc.) {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} [HKLM] -> C:\Program Files (x86)\iTunes\ITDetector.ocx [iTunesDetector Class] -> [2010/04/28 15:06:20 | 000,111,912 | ---- | M] (Apple Inc.) {DFEAF541-F3E1-4c24-ACAC-99C30715084A} [HKLM] -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50524.0\npctrl.dll [Microsoft Silverlight] -> [2010/05/23 23:30:20 | 001,013,760 | ---- | M] ( Microsoft Corporation) {E13AAC70-70AE-4988-808C-B267F2C20E79} [HKLM] -> C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [Reg Error: Value error.] -> [2009/07/26 17:44:52 | 003,883,856 | ---- | M] (Microsoft Corporation) {E1771B7F-98BE-407F-BA67-AA16ADA5D0C5} [HKLM] -> C:\Program Files (x86)\Windows Live\Messenger\msgsc.14.0.8089.0726.dll [Reg Error: Value error.] -> [2009/07/26 17:44:56 | 000,221,520 | ---- | M] (Microsoft Corporation) {E543A17A-F212-49C0-B63D-BF09B460250E} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\oisctrl.dll [OISClientLauncher Class] -> [2009/03/06 05:23:50 | 000,022,432 | ---- | M] (Microsoft Corporation) {E7339A62-0E31-4A5E-BA3D-F2FEDFBF8BE5} [HKLM] -> C:\Program Files (x86)\Common Files\microsoft shared\Portal\PortalConnectCore.dll [PersonalSite Class] -> [2008/10/26 06:42:16 | 000,482,656 | ---- | M] () {E9DA06F1-632C-462F-98B3-AF74B47DA727} [HKLM] -> C:\Program Files (x86)\Google\Update\1.2.183.29\npGoogleOneClick8.dll [Google Update Plugin] -> [2010/06/16 18:55:20 | 000,219,800 | ---- | M] (Google Inc.) {EE09B103-97E0-11CF-978F-00A02463E06F} [HKLM] -> C:\Windows\SysWOW64\scrrun.dll [scripting.Dictionary] -> [2009/07/14 03:16:13 | 000,163,840 | ---- | M] (Microsoft Corporation) {F06608C7-1874-4EEA-B3B2-DF99EBB144B8} [HKLM] -> C:\Program Files (x86)\Windows Live\Messenger\msgsc.14.0.8089.0726.dll [Reg Error: Value error.] -> [2009/07/26 17:44:56 | 000,221,520 | ---- | M] (Microsoft Corporation) {F9152AEC-3462-4632-8087-EEE3C3CDDA24} [HKLM] -> C:\Program Files (x86)\Google\Google Earth\plugin\ie\5.2.0.5932\plugin_ax.dll [GEPluginCoClass Object] -> [2010/05/06 08:36:43 | 005,102,064 | ---- | M] (Google) < Ext (Settings) - [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\ -> {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {27B4851A-3207-45A2-B947-BE8AFE6163AB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [spybot-S&D IE Protection] -> [2009/01/26 16:31:02 | 001,879,896 | ---- | M] (Safer Networking Limited) {7DB2D5A0-7241-4E79-B68D-6309F01C5231} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll [Programme d'aide de l'Assistant de connexion Windows Live] -> [2009/01/22 16:41:30 | 000,408,448 | ---- | M] (Microsoft Corporation) {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {B164E929-A1B6-4A06-B104-2CD0E90A88FF} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {BF00E119-21A3-4FD1-B178-3B8537E75C92} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\Windows\SysWOW64\Macromed\Flash\Flash10h.ocx [shockwave Flash Object] -> [2010/06/12 18:25:27 | 005,712,336 | R--- | M] (Adobe Systems, Inc.) {F0DA78E9-6B60-42FB-BC26-EF2CFB8C8FF3} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < Ext (Stats) - [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\ -> {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {219C3416-8CB2-491A-A3C7-D9FCDDC9D600} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {2670000A-7350-4F3C-8081-5663EE0C6C49} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {27B4851A-3207-45A2-B947-BE8AFE6163AB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {4063BE15-3B08-470D-A0D5-B37161CFFD69} [HKLM] -> C:\Program Files (x86)\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2010/03/17 23:28:24 | 000,800,048 | ---- | M] (Apple Inc.) {53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [spybot-S&D IE Protection] -> [2009/01/26 16:31:02 | 001,879,896 | ---- | M] (Safer Networking Limited) {5C255C8A-E604-49B4-9D64-90988571CECB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found 64bit-{6BF52A52-394A-11D3-B153-00C04F79FAA6} [HKLM] -> C:\Windows\SysNative\wmp.dll [Windows Media Player] -> [2009/08/29 09:53:27 | 014,629,376 | ---- | M] (Microsoft Corporation) {6BF52A52-394A-11D3-B153-00C04F79FAA6} [HKLM] -> C:\Windows\SysWOW64\wmp.dll [Windows Media Player] -> [2009/08/29 08:59:32 | 011,406,336 | ---- | M] (Microsoft Corporation) {7DB2D5A0-7241-4E79-B68D-6309F01C5231} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll [Programme d'aide de l'Assistant de connexion Windows Live] -> [2009/01/22 16:41:30 | 000,408,448 | ---- | M] (Microsoft Corporation) {92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {AA58ED58-01DD-4D91-8333-CF10577473F7} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {B164E929-A1B6-4A06-B104-2CD0E90A88FF} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {BF00E119-21A3-4FD1-B178-3B8537E75C92} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\Windows\SysWOW64\Macromed\Flash\Flash10h.ocx [shockwave Flash Object] -> [2010/06/12 18:25:27 | 005,712,336 | R--- | M] (Adobe Systems, Inc.) {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {DFEAF541-F3E1-4C24-ACAC-99C30715084A} [HKLM] -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50524.0\npctrl.dll [Microsoft Silverlight] -> [2010/05/23 23:30:20 | 001,013,760 | ---- | M] ( Microsoft Corporation) {F0DA78E9-6B60-42FB-BC26-EF2CFB8C8FF3} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < 64bit-File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ -> .bat [@ = batfile] -> "%1" %* -> .cmd [@ = cmdfile] -> "%1" %* -> .com [@ = comfile] -> "%1" %* -> .exe [@ = exefile] -> "%1" %* -> .pif [@ = piffile] -> "%1" %* -> .scr [@ = scrfile] -> "%1" /S -> < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ -> .bat [@ = batfile] -> "%1" %* -> .cmd [@ = cmdfile] -> "%1" %* -> .com [@ = comfile] -> "%1" %* -> .cpl [@ = cplfile] -> C:\Windows\SysWow64\control.exe -> [2009/07/14 03:14:15 | 000,113,152 | ---- | M] (Microsoft Corporation) .exe [@ = exefile] -> "%1" %* -> .pif [@ = piffile] -> "%1" %* -> .scr [@ = scrfile] -> "%1" /S -> < File Associations - Select to Repair > -> HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\SOFTWARE\Classes\<extension>\ -> .html [@ = FirefoxHTML] -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe -> [2010/04/01 20:01:50 | 000,910,296 | ---- | M] (Mozilla Corporation) < 64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> -> *netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs -> Ias -> C:\Windows\SysNative\ias -> [2009/07/14 05:20:14 | 000,000,000 | ---D | M] Irmon -> C:\Windows\SysNative\irmon.dll -> [2009/07/14 03:41:11 | 000,023,552 | ---- | M] (Microsoft Corporation) UxTuneUp -> C:\Windows\SysNative\uxtuneup.dll -> [2010/05/07 18:01:52 | 000,036,168 | ---- | M] (TuneUp Software) Wmi -> C:\Windows\SysNative\wmi.dll -> [2009/07/14 03:33:56 | 000,005,120 | ---- | M] (Microsoft Corporation) Themes -> C:\Windows\SysNative\themeservice.dll -> [2009/07/14 03:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) BDESVC -> C:\Windows\SysNative\bdesvc.dll -> [2009/07/14 03:40:10 | 000,100,864 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> -> *netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs -> Ias -> C:\Windows\SysWOW64\ias.dll -> [2009/07/14 03:15:26 | 000,019,456 | ---- | M] (Microsoft Corporation) Wmi -> C:\Windows\SysWOW64\wmi.dll -> [2009/07/14 03:11:09 | 000,005,120 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < 64bit-Protocol Filters [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ -> text/xml:{807563E5-5146-11D5-A672-00B0D022E945} [HKLM] -> C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL[Microsoft Office InfoPath XML Mime Filter] -> [2008/10/25 17:34:10 | 000,108,920 | ---- | M] (Microsoft Corporation) < 64bit-Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> dssrequest:{5513F07E-936B-4E52-9B00-067394E91CC5} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found livecall:{828030A1-22C1-4009-854F-8E305202313F} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found ms-help:{314111c7-a502-11d2-bbca-00c04f8ec294} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found ms-itss:{0A9007C0-4076-11D3-8789-0000F8105754} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found msnim:{828030A1-22C1-4009-854F-8E305202313F} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found sacore:{5513F07E-936B-4E52-9B00-067394E91CC5} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found wlmailhtml:{03C514A3-1EFB-4856-9F99-10D7BE1653C0} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> dssrequest:{5513F07E-936B-4E52-9B00-067394E91CC5} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found livecall:{828030A1-22C1-4009-854F-8E305202313F} [HKLM] -> C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll[Reg Error: Value error.] -> [2009/07/26 17:44:54 | 000,061,264 | ---- | M] (Microsoft Corporation) msnim:{828030A1-22C1-4009-854F-8E305202313F} [HKLM] -> C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll[Reg Error: Value error.] -> [2009/07/26 17:44:54 | 000,061,264 | ---- | M] (Microsoft Corporation) sacore:{5513F07E-936B-4E52-9B00-067394E91CC5} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found wlmailhtml:{03C514A3-1EFB-4856-9F99-10D7BE1653C0} [HKLM] -> C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll[Windows Live Mail HTML Asynchronous Pluggable Protocol Handler] -> [2009/07/26 17:44:48 | 000,789,824 | ---- | M] (Microsoft Corporation) < 64bit-SafeBoot-Minimal Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ -> {36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers {4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive {4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive {4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller {4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc {4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard {4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse {4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters {4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter {4D36E97D-E325-11CE-BFC1-08002BE10318} -> System {4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive {533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} -> IEEE 1394 Bus host controllers {71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices {D48179BE-EC20-11D1-B6B8-00C04FA372A7} -> SBP2 IEEE 1394 Devices {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} -> SecurityDevices AppMgmt -> Service Base -> Driver Group Boot Bus Extender -> Driver Group Boot file system -> Driver Group File system -> Driver Group Filter -> Driver Group HelpSvc -> Service Lavasoft Ad-Aware Service -> 32bit -> File not found MCODS -> NTDS -> 32bit -> File not found PCI Configuration -> Driver Group PNP Filter -> Driver Group Power -> C:\Windows\SysNative\umpo.dll -> [2009/07/14 03:41:56 | 000,163,840 | ---- | M] (Microsoft Corporation) Primary disk -> Driver Group RpcEptMapper -> C:\Windows\SysNative\RpcEpMap.dll -> [2009/07/14 03:41:53 | 000,067,072 | ---- | M] (Microsoft Corporation) sacsvr -> Service SASCORE -> C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -> [2010/04/28 17:23:07 | 000,120,832 | ---- | M] (SUPERAntiSpyware.com) SCSI Class -> Driver Group System Bus Extender -> Driver Group TrustedInstaller -> 32bit -> File not found vmms -> Service WinDefend -> C:\Program Files\Windows Defender\mpsvc.dll -> [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) WudfPf -> C:\Windows\SysNative\drivers\WUDFPf.sys -> [2009/07/14 02:05:37 | 000,112,128 | ---- | M] (Microsoft Corporation) < SafeBoot-Minimal Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ -> {36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers {4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive {4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive {4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller {4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc {4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard {4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse {4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters {4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter {4D36E97D-E325-11CE-BFC1-08002BE10318} -> System {4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive {533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} -> IEEE 1394 Bus host controllers {71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices {D48179BE-EC20-11D1-B6B8-00C04FA372A7} -> SBP2 IEEE 1394 Devices {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} -> SecurityDevices AppInfo -> 64bit -> File not found AppMgmt -> Service Base -> Driver Group Boot Bus Extender -> Driver Group Boot file system -> Driver Group DcomLaunch -> 64bit -> File not found EFS -> 64bit -> File not found EventLog -> 64bit -> File not found File system -> Driver Group Filter -> Driver Group HelpSvc -> Service Lavasoft Ad-Aware Service -> C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -> [2010/06/16 13:07:26 | 001,352,832 | ---- | M] (Lavasoft) MCODS -> NTDS -> 64bit -> File not found PCI Configuration -> Driver Group PlugPlay -> 64bit -> File not found PNP Filter -> Driver Group Power -> 64bit -> File not found Primary disk -> Driver Group ProfSvc -> 64bit -> File not found RpcEptMapper -> 64bit -> File not found RpcSs -> 64bit -> File not found sacsvr -> Service SASCORE -> 64bit -> File not found SCSI Class -> Driver Group sermouse.sys -> 64bit -> File not found SWPRV -> 64bit -> File not found System Bus Extender -> Driver Group TabletInputService -> 64bit -> File not found TBS -> 64bit -> File not found VDS -> C:\Windows\SysWOW64\wbem\vds.mof -> [2009/07/13 22:30:11 | 000,061,056 | ---- | M] () vga.sys -> 64bit -> File not found vgasave.sys -> 64bit -> File not found vmms -> Service volmgr.sys -> 64bit -> File not found volmgrx.sys -> 64bit -> File not found WinDefend -> 64bit -> File not found WinMgmt -> 64bit -> File not found WudfPf -> 64bit -> File not found WudfRd -> 64bit -> File not found WudfSvc -> 64bit -> File not found < 64bit-SafeBoot-Network Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ -> {36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers {4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive {4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive {4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller {4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc {4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard {4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse {4D36E972-E325-11CE-BFC1-08002BE10318} -> Net {4D36E973-E325-11CE-BFC1-08002BE10318} -> NetClient {4D36E974-E325-11CE-BFC1-08002BE10318} -> NetService {4D36E975-E325-11CE-BFC1-08002BE10318} -> NetTrans {4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters {4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter {4D36E97D-E325-11CE-BFC1-08002BE10318} -> System {4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive {50DD5230-BA8A-11D1-BF5D-0000F805F530} -> Smart card readers {533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} -> IEEE 1394 Bus host controllers {71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices {D48179BE-EC20-11D1-B6B8-00C04FA372A7} -> SBP2 IEEE 1394 Devices {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} -> SecurityDevices AppMgmt -> Service Base -> Driver Group Boot Bus Extender -> Driver Group Boot file system -> Driver Group Dhcp -> C:\Windows\SysNative\dhcpcore.dll -> [2009/07/14 03:40:28 | 000,314,368 | ---- | M] (Microsoft Corporation) File system -> Driver Group Filter -> Driver Group HelpSvc -> Service Lavasoft Ad-Aware Service -> 32bit -> File not found Messenger -> Service NDIS Wrapper -> Driver Group ndiscap -> C:\Windows\SysNative\drivers\ndiscap.sys -> [2009/07/14 02:08:13 | 000,035,328 | ---- | M] (Microsoft Corporation) NetBIOSGroup -> Driver Group NetDDEGroup -> Driver Group Network -> Driver Group NetworkProvider -> Driver Group NTDS -> 32bit -> File not found PCI Configuration -> Driver Group PNP Filter -> Driver Group PNP_TDI -> Driver Group Power -> C:\Windows\SysNative\umpo.dll -> [2009/07/14 03:41:56 | 000,163,840 | ---- | M] (Microsoft Corporation) Primary disk -> Driver Group rdsessmgr -> Service RpcEptMapper -> C:\Windows\SysNative\RpcEpMap.dll -> [2009/07/14 03:41:53 | 000,067,072 | ---- | M] (Microsoft Corporation) sacsvr -> Service SASCORE -> C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -> [2010/04/28 17:23:07 | 000,120,832 | ---- | M] (SUPERAntiSpyware.com) SCSI Class -> Driver Group Streams Drivers -> Driver Group System Bus Extender -> Driver Group TDI -> Driver Group TrustedInstaller -> 32bit -> File not found vmms -> Service WinDefend -> C:\Program Files\Windows Defender\mpsvc.dll -> [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) WudfPf -> C:\Windows\SysNative\drivers\WUDFPf.sys -> [2009/07/14 02:05:37 | 000,112,128 | ---- | M] (Microsoft Corporation) WudfUsbccidDriver -> Driver < SafeBoot-Network Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ -> {36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers {4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive {4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive {4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller {4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc {4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard {4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse {4D36E972-E325-11CE-BFC1-08002BE10318} -> Net {4D36E973-E325-11CE-BFC1-08002BE10318} -> NetClient {4D36E974-E325-11CE-BFC1-08002BE10318} -> NetService {4D36E975-E325-11CE-BFC1-08002BE10318} -> NetTrans {4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters {4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter {4D36E97D-E325-11CE-BFC1-08002BE10318} -> System {4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive {50DD5230-BA8A-11D1-BF5D-0000F805F530} -> Smart card readers {533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} -> IEEE 1394 Bus host controllers {71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices {D48179BE-EC20-11D1-B6B8-00C04FA372A7} -> SBP2 IEEE 1394 Devices {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} -> SecurityDevices AFD -> 64bit -> File not found AppInfo -> 64bit -> File not found AppMgmt -> Service Base -> Driver Group BFE -> 64bit -> File not found Boot Bus Extender -> Driver Group Boot file system -> Driver Group bowser -> 64bit -> File not found Browser -> 64bit -> File not found DcomLaunch -> 64bit -> File not found dfsc -> 64bit -> File not found Dhcp -> C:\Windows\SysWOW64\dhcpcore.dll -> [2009/07/14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) DnsCache -> 64bit -> File not found Dot3Svc -> 64bit -> File not found Eaphost -> 64bit -> File not found EFS -> 64bit -> File not found EventLog -> 64bit -> File not found File system -> Driver Group Filter -> Driver Group HelpSvc -> Service IKEEXT -> 64bit -> File not found ipnat.sys -> 64bit -> File not found LanmanServer -> 64bit -> File not found LanmanWorkstation -> 64bit -> File not found Lavasoft Ad-Aware Service -> C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -> [2010/06/16 13:07:26 | 001,352,832 | ---- | M] (Lavasoft) LmHosts -> 64bit -> File not found Messenger -> Service MPSDrv -> C:\Windows\SysWOW64\wbem\mpsdrv.mof -> [2009/06/10 23:28:14 | 000,001,088 | ---- | M] () MPSSvc -> 64bit -> File not found mrxsmb -> 64bit -> File not found mrxsmb10 -> 64bit -> File not found mrxsmb20 -> 64bit -> File not found NativeWifiP -> 64bit -> File not found NDIS -> 64bit -> File not found NDIS Wrapper -> Driver Group ndiscap -> 64bit -> File not found Ndisuio -> 64bit -> File not found NetBIOS -> C:\Windows\SysWOW64\netbios.dll -> [2009/07/14 03:16:02 | 000,014,336 | ---- | M] (Microsoft Corporation) NetBIOSGroup -> Driver Group NetBT -> 64bit -> File not found NetDDEGroup -> Driver Group NetMan -> 64bit -> File not found Network -> Driver Group NetworkProvider -> Driver Group NlaSvc -> 64bit -> File not found Nsi -> 64bit -> File not found nsiproxy.sys -> 64bit -> File not found NTDS -> 64bit -> File not found PCI Configuration -> Driver Group PlugPlay -> 64bit -> File not found PNP Filter -> Driver Group PNP_TDI -> Driver Group PolicyAgent -> 64bit -> File not found Power -> 64bit -> File not found Primary disk -> Driver Group ProfSvc -> 64bit -> File not found rdbss -> 64bit -> File not found rdpencdd.sys -> 64bit -> File not found rdsessmgr -> Service RpcEptMapper -> 64bit -> File not found RpcSs -> 64bit -> File not found sacsvr -> Service SASCORE -> 64bit -> File not found SCardSvr -> 64bit -> File not found SCSI Class -> Driver Group sermouse.sys -> 64bit -> File not found SharedAccess -> 64bit -> File not found Streams Drivers -> Driver Group SWPRV -> 64bit -> File not found System Bus Extender -> Driver Group TabletInputService -> 64bit -> File not found TBS -> 64bit -> File not found Tcpip -> C:\Windows\SysWOW64\wbem\tcpip.mof -> [2009/06/10 23:15:18 | 000,003,066 | ---- | M] () TDI -> Driver Group VaultSvc -> 64bit -> File not found VDS -> C:\Windows\SysWOW64\wbem\vds.mof -> [2009/07/13 22:30:11 | 000,061,056 | ---- | M] () vga.sys -> 64bit -> File not found vgasave.sys -> 64bit -> File not found vmms -> Service volmgr.sys -> 64bit -> File not found volmgrx.sys -> 64bit -> File not found WinDefend -> 64bit -> File not found WinMgmt -> 64bit -> File not found Wlansvc -> 64bit -> File not found WudfPf -> 64bit -> File not found WudfRd -> 64bit -> File not found WudfSvc -> 64bit -> File not found WudfUsbccidDriver -> Driver < 64bit-Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center -> 64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center \\"cval" -> [1] -> File not found 64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> -> 64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\ -> -> 64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc \Svc\\"VistaSp1" -> [28 4D B2 76 41 04 CA 01 [binary data]] -> File not found \Svc\\"AntiVirusOverride" -> [0] -> File not found \Svc\\"AntiSpywareOverride" -> [0] -> File not found \Svc\\"FirewallOverride" -> [0] -> File not found 64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol\ -> -> < Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile \\"DisableNotifications" -> [0] -> File not found \\"EnableFirewall" -> [1] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging\ -> -> < Session Manager Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager -> *BootExecute* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\\BootExecute -> autocheck autochk * -> -> File not found lsdelete -> -> File not found *MultiFile Done* -> -> "ExcludeFromKnownDlls" -> [binary data] -> 64bit-*ObjectDirectories* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\\ObjectDirectories -> \Windows -> \Windows -> [2010/06/19 07:54:43 | 000,000,000 | ---D | M] \RPC Control -> -> File not found *MultiFile Done* -> -> *ObjectDirectories* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\\ObjectDirectories -> \Windows -> \Windows -> [2010/06/19 07:54:43 | 000,000,000 | ---D | M] \RPC Control -> -> File not found *MultiFile Done* -> -> < Session Manager Environment Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment -> 64bit-"ComSpec" -> C:\Windows\SysNative\cmd.exe -> [2009/07/14 03:39:01 | 000,344,576 | ---- | M] (Microsoft Corporation) "ComSpec" -> C:\Windows\SysWOW64\cmd.exe -> [2009/07/14 03:14:15 | 000,301,568 | ---- | M] (Microsoft Corporation) "TEMP" -> C:\Windows\Temp -> [2010/06/19 13:19:45 | 000,000,000 | ---D | M] "TMP" -> C:\Windows\Temp -> [2010/06/19 13:19:45 | 000,000,000 | ---D | M] "windir" -> C:\Windows -> [2010/06/19 07:54:43 | 000,000,000 | ---D | M] 64bit-*Path* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common -> [2010/04/26 07:38:45 | 000,000,000 | ---D | M] C:\Program Files (x86)\PC Connectivity Solution\ -> C:\Program Files (x86)\PC Connectivity Solution\ -> [2010/03/09 12:56:37 | 000,000,000 | ---D | M] %SystemRoot%\system32 -> C:\Windows\SysNative -> File not found %SystemRoot% -> C:\Windows -> [2010/06/19 07:54:43 | 000,000,000 | ---D | M] %SystemRoot%\System32\Wbem -> C:\Windows\SysNative\wbem -> [2010/06/16 13:06:44 | 000,000,000 | ---D | M] %SYSTEMROOT%\System32\WindowsPowerShell\v1.0\ -> C:\Windows\SysNative\WindowsPowerShell\v1.0\ -> [2009/12/23 13:27:35 | 000,000,000 | ---D | M] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86 -> C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86 -> [2009/10/13 00:44:38 | 000,000,000 | ---D | M] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64 -> C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64 -> [2009/10/13 00:44:38 | 000,000,000 | ---D | M] C:\Program Files (x86)\Common Files\Acronis\SnapAPI\ -> C:\Program Files (x86)\Common Files\Acronis\SnapAPI\ -> [2010/03/12 13:43:04 | 000,000,000 | ---D | M] C:\Program Files (x86)\QuickTime\QTSystem\ -> C:\Program Files (x86)\QuickTime\QTSystem\ -> [2010/06/05 13:09:06 | 000,000,000 | ---D | M] *MultiFile Done* -> -> *Path* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common -> [2010/04/26 07:38:45 | 000,000,000 | ---D | M] C:\Program Files (x86)\PC Connectivity Solution\ -> C:\Program Files (x86)\PC Connectivity Solution\ -> [2010/03/09 12:56:37 | 000,000,000 | ---D | M] %SystemRoot%\system32 -> C:\Windows\SysWOW64 -> [2010/06/18 19:26:27 | 000,000,000 | ---D | M] %SystemRoot% -> C:\Windows -> [2010/06/19 07:54:43 | 000,000,000 | ---D | M] %SystemRoot%\System32\Wbem -> C:\Windows\SysWOW64\wbem -> [2009/12/23 13:27:37 | 000,000,000 | ---D | M] %SYSTEMROOT%\System32\WindowsPowerShell\v1.0\ -> C:\Windows\SysWow64\WindowsPowerShell\v1.0\ -> [2009/12/23 13:27:38 | 000,000,000 | ---D | M] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86 -> C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86 -> [2009/10/13 00:44:38 | 000,000,000 | ---D | M] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64 -> C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64 -> [2009/10/13 00:44:38 | 000,000,000 | ---D | M] C:\Program Files (x86)\Common Files\Acronis\SnapAPI\ -> C:\Program Files (x86)\Common Files\Acronis\SnapAPI\ -> [2010/03/12 13:43:04 | 000,000,000 | ---D | M] C:\Program Files (x86)\QuickTime\QTSystem\ -> C:\Program Files (x86)\QuickTime\QTSystem\ -> [2010/06/05 13:09:06 | 000,000,000 | ---D | M] *MultiFile Done* -> -> *PATHEXT* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\\PATHEXT -> .COM -> -> File not found .EXE -> -> File not found .BAT -> -> File not found .CMD -> -> File not found .VBS -> -> File not found .VBE -> -> File not found .JS -> -> File not found .JSE -> -> File not found .WSF -> -> File not found .WSH -> -> File not found .MSC -> -> File not found *MultiFile Done* -> -> < Session Manager FileRenameOperations Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\FileRenameOperations -> < Session Manager KnownDlls Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDlls -> 64bit-"advapi32" -> C:\Windows\SysNative\advapi32.dll -> [2009/07/14 03:40:01 | 000,877,056 | ---- | M] (Microsoft Corporation) 64bit-"clbcatq" -> C:\Windows\SysNative\clbcatq.dll -> [2009/07/14 03:40:15 | 000,607,744 | ---- | M] (Microsoft Corporation) 64bit-"COMDLG32" -> C:\Windows\SysNative\comdlg32.dll -> [2009/07/14 03:40:22 | 000,595,456 | ---- | M] (Microsoft Corporation) 64bit-"DifxApi" -> C:\Windows\SysNative\difxapi.dll -> [2009/07/14 03:40:30 | 000,504,320 | ---- | M] (Microsoft Corporation) 64bit-"DllDirectory" -> C:\Windows\SysNative -> File not found 64bit-"DllDirectory32" -> C:\Windows\SysWOW64 -> [2010/06/18 19:26:27 | 000,000,000 | ---D | M] 64bit-"gdi32" -> C:\Windows\SysNative\gdi32.dll -> [2009/07/14 03:40:56 | 000,404,480 | ---- | M] (Microsoft Corporation) 64bit-"IERTUTIL" -> C:\Windows\SysNative\iertutil.dll -> [2009/07/14 03:41:06 | 002,440,704 | ---- | M] (Microsoft Corporation) 64bit-"IMAGEHLP" -> C:\Windows\SysNative\imagehlp.dll -> [2009/07/14 03:41:08 | 000,076,288 | ---- | M] (Microsoft Corporation) 64bit-"IMM32" -> C:\Windows\SysNative\imm32.dll -> [2009/07/14 03:41:09 | 000,167,424 | ---- | M] (Microsoft Corporation) 64bit-"kernel32" -> C:\Windows\SysNative\kernel32.dll -> [2009/07/14 03:41:13 | 001,162,240 | ---- | M] (Microsoft Corporation) 64bit-"LPK" -> C:\Windows\SysNative\lpk.dll -> [2009/07/14 03:41:19 | 000,041,984 | ---- | M] (Microsoft Corporation) 64bit-"MSCTF" -> C:\Windows\SysNative\msctf.dll -> [2009/07/14 03:41:28 | 001,067,008 | ---- | M] (Microsoft Corporation) 64bit-"MSVCRT" -> C:\Windows\SysNative\msvcrt.dll -> [2009/07/14 03:41:32 | 000,634,880 | ---- | M] (Microsoft Corporation) 64bit-"NORMALIZ" -> C:\Windows\SysNative\normaliz.dll -> [2009/07/14 03:31:40 | 000,002,560 | ---- | M] (Microsoft Corporation) 64bit-"NSI" -> C:\Windows\SysNative\nsi.dll -> [2009/07/14 03:41:53 | 000,013,824 | ---- | M] (Microsoft Corporation) 64bit-"ole32" -> C:\Windows\SysNative\ole32.dll -> [2009/07/14 03:41:53 | 002,084,352 | ---- | M] (Microsoft Corporation) 64bit-"OLEAUT32" -> C:\Windows\SysNative\oleaut32.dll -> [2009/07/14 03:41:53 | 000,861,184 | ---- | M] (Microsoft Corporation) 64bit-"PSAPI" -> C:\Windows\SysNative\psapi.dll -> [2009/07/14 03:41:53 | 000,009,216 | ---- | M] (Microsoft Corporation) 64bit-"rpcrt4" -> C:\Windows\SysNative\rpcrt4.dll -> [2009/07/14 03:41:53 | 001,221,632 | ---- | M] (Microsoft Corporation) 64bit-"sechost" -> C:\Windows\SysNative\sechost.dll -> [2009/07/14 03:41:53 | 000,113,664 | ---- | M] (Microsoft Corporation) 64bit-"Setupapi" -> C:\Windows\SysNative\setupapi.dll -> [2009/07/14 03:41:54 | 001,899,520 | ---- | M] (Microsoft Corporation) 64bit-"SHELL32" -> C:\Windows\SysNative\shell32.dll -> [2010/02/18 10:07:44 | 014,163,456 | ---- | M] (Microsoft Corporation) 64bit-"SHLWAPI" -> C:\Windows\SysNative\shlwapi.dll -> [2009/07/14 03:41:54 | 000,449,536 | ---- | M] (Microsoft Corporation) 64bit-"URLMON" -> C:\Windows\SysNative\urlmon.dll -> [2010/05/06 15:02:38 | 001,493,504 | ---- | M] (Microsoft Corporation) 64bit-"user32" -> C:\Windows\SysNative\user32.dll -> [2009/07/14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) 64bit-"USP10" -> C:\Windows\SysNative\usp10.dll -> [2009/07/14 03:41:56 | 000,801,280 | ---- | M] (Microsoft Corporation) 64bit-"WININET" -> C:\Windows\SysNative\wininet.dll -> [2010/05/21 07:52:30 | 001,192,960 | ---- | M] (Microsoft Corporation) 64bit-"WLDAP32" -> C:\Windows\SysNative\Wldap32.dll -> [2009/07/14 03:41:56 | 000,311,808 | ---- | M] (Microsoft Corporation) 64bit-"WS2_32" -> C:\Windows\SysNative\ws2_32.dll -> [2009/07/14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) "advapi32" -> C:\Windows\SysWow64\advapi32.dll -> [2009/07/14 03:14:53 | 000,640,000 | ---- | M] (Microsoft Corporation) "clbcatq" -> C:\Windows\SysWow64\clbcatq.dll -> [2009/07/14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) "COMDLG32" -> C:\Windows\SysWow64\comdlg32.dll -> [2009/07/14 03:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) "DifxApi" -> C:\Windows\SysWow64\difxapi.dll -> [2009/07/14 03:15:11 | 000,315,904 | ---- | M] (Microsoft Corporation) "DllDirectory" -> C:\Windows\SysWOW64 -> [2010/06/18 19:26:27 | 000,000,000 | ---D | M] "DllDirectory32" -> C:\Windows\SysWOW64 -> [2010/06/18 19:26:27 | 000,000,000 | ---D | M] "gdi32" -> C:\Windows\SysWow64\gdi32.dll -> [2009/07/14 03:11:21 | 000,310,784 | ---- | M] (Microsoft Corporation) "IERTUTIL" -> C:\Windows\SysWow64\iertutil.dll -> [2009/07/14 03:15:28 | 002,058,240 | ---- | M] (Microsoft Corporation) "IMAGEHLP" -> C:\Windows\SysWow64\imagehlp.dll -> [2009/07/14 03:15:31 | 000,154,624 | ---- | M] (Microsoft Corporation) "IMM32" -> C:\Windows\SysWow64\imm32.dll -> [2009/07/14 03:11:21 | 000,119,808 | ---- | M] (Microsoft Corporation) "kernel32" -> C:\Windows\SysWow64\kernel32.dll -> [2009/07/14 03:11:23 | 000,836,608 | ---- | M] (Microsoft Corporation) "LPK" -> C:\Windows\SysWow64\lpk.dll -> [2009/07/14 03:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) "MSCTF" -> C:\Windows\SysWow64\msctf.dll -> [2009/07/14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) "MSVCRT" -> C:\Windows\SysWow64\msvcrt.dll -> [2009/07/14 03:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) "NORMALIZ" -> C:\Windows\SysWow64\normaliz.dll -> [2009/07/14 03:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) "NSI" -> C:\Windows\SysWow64\nsi.dll -> [2009/07/14 03:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) "ole32" -> C:\Windows\SysWow64\ole32.dll -> [2009/07/14 03:16:12 | 001,412,608 | ---- | M] (Microsoft Corporation) "OLEAUT32" -> C:\Windows\SysWow64\oleaut32.dll -> [2009/07/14 03:16:12 | 000,571,904 | ---- | M] (Microsoft Corporation) "PSAPI" -> C:\Windows\SysWow64\psapi.dll -> [2009/07/14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) "rpcrt4" -> C:\Windows\SysWow64\rpcrt4.dll -> [2009/07/14 03:11:23 | 000,662,528 | ---- | M] (Microsoft Corporation) "sechost" -> C:\Windows\SysWow64\sechost.dll -> [2009/07/14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) "Setupapi" -> C:\Windows\SysWow64\setupapi.dll -> [2009/07/14 03:16:14 | 001,668,608 | ---- | M] (Microsoft Corporation) "SHELL32" -> C:\Windows\SysWow64\shell32.dll -> [2010/02/18 09:34:01 | 012,867,072 | ---- | M] (Microsoft Corporation) "SHLWAPI" -> C:\Windows\SysWow64\shlwapi.dll -> [2009/07/14 03:16:14 | 000,350,208 | ---- | M] (Microsoft Corporation) "URLMON" -> C:\Windows\SysWow64\urlmon.dll -> [2010/05/06 14:42:05 | 001,225,216 | ---- | M] (Microsoft Corporation) "user32" -> C:\Windows\SysWow64\user32.dll -> [2009/07/14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) "USP10" -> C:\Windows\SysWow64\usp10.dll -> [2009/07/14 03:16:17 | 000,627,200 | ---- | M] (Microsoft Corporation) "WININET" -> C:\Windows\SysWow64\wininet.dll -> [2010/05/21 07:18:06 | 000,977,920 | ---- | M] (Microsoft Corporation) "WLDAP32" -> C:\Windows\SysWow64\Wldap32.dll -> [2009/07/14 03:16:19 | 000,268,800 | ---- | M] (Microsoft Corporation) "WS2_32" -> C:\Windows\SysWow64\ws2_32.dll -> [2009/07/14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command -> 64bit-batfile [open] -> "%1" %* -> File not found 64bit-cmdfile [open] -> "%1" %* -> File not found 64bit-comfile [open] -> "%1" %* -> File not found 64bit-exefile [open] -> "%1" %* -> File not found 64bit-htmlfile [edit] -> "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 -> [2008/11/10 11:50:30 | 000,068,472 | ---- | M] (Microsoft Corporation) 64bit-htmlfile [print] -> "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 -> [2008/11/10 11:50:30 | 000,068,472 | ---- | M] (Microsoft Corporation) 64bit-inffile [install] -> %SystemRoot%\System32\InfDefaultInstall.exe "%1" -> [2009/07/14 03:39:13 | 000,010,240 | ---- | M] (Microsoft Corporation) 64bit-InternetShortcut [print] -> "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" -> [2010/05/06 14:41:53 | 005,970,944 | ---- | M] (Microsoft Corporation) 64bit-piffile [open] -> "%1" %* -> File not found 64bit-scrfile [config] -> "%1" -> File not found 64bit-scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l -> [2009/07/14 03:38:51 | 000,130,048 | ---- | M] (Microsoft Corporation) 64bit-scrfile [open] -> "%1" /S -> File not found 64bit-Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 -> File not found 64bit-Directory [AddToPlaylistVLC] -> "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" -> [2010/01/31 00:27:38 | 000,141,061 | ---- | M] () 64bit-Directory [cmd] -> cmd.exe /s /k pushd "%V" -> [2009/07/14 03:39:01 | 000,344,576 | ---- | M] (Microsoft Corporation) 64bit-Directory [find] -> %SystemRoot%\Explorer.exe -> [2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) 64bit-Directory [OneNote.Open] -> C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" -> [2009/02/26 15:24:50 | 001,001,840 | ---- | M] (Microsoft Corporation) 64bit-Directory [PlayWithVLC] -> "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" -> [2010/01/31 00:27:38 | 000,141,061 | ---- | M] () 64bit-Folder [open] -> %SystemRoot%\Explorer.exe -> [2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) 64bit-Drive [find] -> %SystemRoot%\Explorer.exe -> [2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) batfile [open] -> "%1" %* -> cmdfile [open] -> "%1" %* -> comfile [open] -> "%1" %* -> cplfile [cplopen] -> %SystemRoot%\System32\control.exe "%1",%* -> [2009/07/14 03:14:15 | 000,113,152 | ---- | M] (Microsoft Corporation) exefile [open] -> "%1" %* -> htmlfile [edit] -> "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 -> [2008/11/10 11:50:30 | 000,068,472 | ---- | M] (Microsoft Corporation) htmlfile [print] -> "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 -> [2008/11/10 11:50:30 | 000,068,472 | ---- | M] (Microsoft Corporation) inffile [install] -> %SystemRoot%\System32\InfDefaultInstall.exe "%1" -> [2009/07/14 03:14:21 | 000,009,216 | ---- | M] (Microsoft Corporation) InternetShortcut [print] -> "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" -> [2010/05/06 14:41:53 | 005,970,944 | ---- | M] (Microsoft Corporation) piffile [open] -> "%1" %* -> scrfile [config] -> "%1" -> scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l -> [2009/07/14 03:14:08 | 000,128,000 | ---- | M] (Microsoft Corporation) scrfile [open] -> "%1" /S -> Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 -> Directory [AddToPlaylistVLC] -> "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" -> [2010/01/31 00:27:38 | 000,141,061 | ---- | M] () Directory [cmd] -> cmd.exe /s /k pushd "%V" -> [2009/07/14 03:14:15 | 000,301,568 | ---- | M] (Microsoft Corporation) Directory [find] -> %SystemRoot%\Explorer.exe -> [2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) Directory [OneNote.Open] -> C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" -> [2009/02/26 15:24:50 | 001,001,840 | ---- | M] (Microsoft Corporation) Directory [PlayWithVLC] -> "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" -> [2010/01/31 00:27:38 | 000,141,061 | ---- | M] () Folder [open] -> %SystemRoot%\Explorer.exe -> [2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) Drive [find] -> %SystemRoot%\Explorer.exe -> [2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) < Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ -> 64bit-NameSpace_Catalog5\Catalog_Entries\000000000007 [mdnsNSP] -> C:\Program Files (x86)\Bonjour\mdnsNSP.dll -> [2010/04/08 13:20:00 | 000,152,864 | ---- | M] (Apple Inc.) NameSpace_Catalog5\Catalog_Entries\000000000007 [mdnsNSP] -> C:\Program Files (x86)\Bonjour\mdnsNSP.dll -> [2010/04/08 13:20:00 | 000,152,864 | ---- | M] (Apple Inc.) < Default Protocols [HKEY_LOCAL_MACHINE\] - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> ldap -> 4 = Restricted sites (Not a Default Protocol) -> news -> 4 = Restricted sites (Not a Default Protocol) -> nntp -> 4 = Restricted sites (Not a Default Protocol) -> oecmd -> 4 = Restricted sites (Not a Default Protocol) -> snews -> 4 = Restricted sites (Not a Default Protocol) -> < Default Protocols [HKEY_USERS\S-1-5-19\] - Select to Repair > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> @ivt -> @ivt protocol not assigned -> file -> file protocol not assigned -> ftp -> ftp protocol not assigned -> http -> http protocol not assigned -> https -> https protocol not assigned -> shell -> shell protocol not assigned -> < Default Protocols [HKEY_USERS\S-1-5-20\] - Select to Repair > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> @ivt -> @ivt protocol not assigned -> file -> file protocol not assigned -> ftp -> ftp protocol not assigned -> http -> http protocol not assigned -> https -> https protocol not assigned -> shell -> shell protocol not assigned -> < 64bit-Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> {071c9b48-7c32-4621-a0ac-3f809523288f} -> Microsoft Visual C++ 2005 Redistributable (x64) {350AA351-21FA-3270-8B7A-835434E766AD} -> Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 {3D3E663D-4E7E-4577-A560-7ECDDD45548A} -> PVSonyDll {404BB1FF-A84F-432F-B77B-301E88E8D1C7} -> Apple Mobile Device Support {47DEB25D-4FA2-4894-8A0D-FE944C47326E} -> Microsoft Baseline Security Analyzer 2.1 {8220EEFE-38CD-377E-8595-13398D740ACE} -> Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 {90120000-002A-0000-1000-0000000FF1CE} -> Microsoft Office Office 64-bit Components 2007 {90120000-002A-0409-1000-0000000FF1CE} -> Microsoft Office Shared 64-bit MUI (English) 2007 {90120000-002A-040C-1000-0000000FF1CE} -> Microsoft Office Shared 64-bit MUI (French) 2007 {90120000-0116-0409-1000-0000000FF1CE} -> Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E} -> Intel® Matrix Storage Manager {95120000-00B9-0409-1000-0000000FF1CE} -> Microsoft Application Error Reporting {96D5EB02-DE18-4DCD-A713-929B4461CA8D} -> iTunes {B6E3757B-5E77-3915-866A-CCFC4B8D194C} -> Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 {C19D4D8F-4433-4F6D-9F0C-79589FD0B973} -> Bonjour {CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA} -> SUPERAntiSpyware {EE936C7A-EA40-31D5-9B65-8E3E089C3828} -> Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 BC15EA930074932BB2C4B4493C9FD4EA95087D1A -> Package de pilotes Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0) EPSON Printer and Utilities -> EPSON Logiciel imprimante LockHunter_is1 -> LockHunter version 1.0 beta 3, 64 bit edition NVIDIA Display Control Panel -> NVIDIA Display Control Panel NVIDIA Drivers -> NVIDIA Drivers SAMSUNG Mobile Composite Device -> SAMSUNG Mobile Composite Device Software SAMSUNG Mobile Modem -> SAMSUNG Mobile Modem Driver Set Samsung Mobile Modem Device -> Samsung Mobile Modem Device Software Samsung Mobile phone USB driver -> Samsung Mobile phone USB driver Software Samsung Mobile phone USB driver Drive -> Samsung Mobile phone USB driver Drive Software SAMSUNG Mobile USB Modem -> SAMSUNG Mobile USB Modem Software SAMSUNG Mobile USB Modem 1.0 -> SAMSUNG Mobile USB Modem 1.0 Software SAMSUNG USB Mobile Device -> SAMSUNG USB Mobile Device Software WinRAR archiver -> Logiciel d'archivage WinRAR < Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> {0214A441-A4AB-43A8-8DEF-2F73C5364673} -> Microsoft Works {0638268c-b727-4f78-a92b-a4f68176e670} -> Nero 9 Essentials {0E3C6700-B0FB-4508-A4B0-51EF626D6D60}_is1 -> Mah Jong Adventures {15D967B5-A4BE-42AE-9E84-64CD062B25AA} -> eSobi v2 {1F1C2DFC-2D24-3E06-BCB8-725134ADF989} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 {20400dbd-e6db-45b8-9b6b-1dd7033818ec} -> Nero InfoTool Help {205C6BDD-7B73-42DE-8505-9A093F35A238} -> Outil de téléchargement Windows Live {2075CB0A-D26F-4DAA-B424-5079296B43BA} -> Windows Live FolderShare {22B775E7-6C42-4FC5-8E10-9A5E3257BD94} -> MSVCRT {2348b586-c9ae-46ce-936c-a68e9426e214} -> Nero StartSmart Help {2637C347-9DAD-11D6-9EA2-00055D0CA761} -> Acer Arcade Deluxe {266517E6-D866-439D-919C-B8B1A52E6080} -> OpenOffice.org 3.2 {26A24AE4-039D-4CA4-87B4-2F83216020FF} -> Java(TM) 6 Update 20 {287ECFA4-719A-2143-A09B-D6A12DE54E40} -> Acrobat.com {28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD} -> QuickTime {30075A70-B5D2-440B-AFA3-FB2021740121} -> Backup Manager Advance {338F08AB-C262-42C7-B000-34DE1A475273} -> Ad-Aware Email Scanner for Outlook {33cf58f5-48d8-4575-83d6-96f574e4d83a} -> Nero DriveSpeed {3A1B5D40-41E9-43FA-8C7B-A8667F5586EF} -> JMicron JMB36X Driver {3B4E636E-9D65-4D67-BA61-189800823F52} -> Windows Live Communications Platform {3F262ADC-5AD2-48E5-A586-44315E04A9E9} -> Microsoft Album photo 10 {42756145-9997-4D28-809B-8756BFD00109} -> Microsoft Photo Pro 10 {4634B21A-CC07-4396-890C-2B8168661FEA} -> Windows Live Writer {46ABBC54-1872-4AA3-95E2-F2C063A63F31} -> Installation Windows Live {4A03706F-666A-4037-7777-5F2748764D10} -> Java Auto Updater {4D43D635-6FDA-4fa5-AA9B-23CF73D058EA} -> Nero StartSmart OEM {527BBE2F-1FED-3D8B-91CB-4DB0F838E69E} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 {53B20C18-D8D4-4588-8737-9BBFE303C354} -> Windows Live Movie Maker {54194F60-988C-4D03-B922-C2B00EFDA39A} -> NVIDIA PhysX {553255F3-78FD-40F1-A6F8-6882140265FE} -> Apple Application Support {56C049BE-79E9-4502-BEA7-9754A3E60F9B} -> neroxml {595a3116-40bb-4e0f-a2e8-d7951da56270} -> NeroExpress {5DD76286-9BE7-4894-A990-E905E91AC818} -> Windows Live Mail {67EDD823-135A-4D59-87BD-950616D6E857} -> EPSON Copy Utility 3 {68301905-2DEA-41CE-A4D4-E8B443B099BA} -> MyWinLocker {7299052b-02a4-4627-81f2-1818da5d550d} -> Microsoft Visual C++ 2005 Redistributable {770F1BEC-2871-4E70-B837-FB8525FFA3B1} -> Windows Live Messenger {7748ac8c-18e3-43bb-959b-088faea16fb2} -> Nero StartSmart {7B0A8F0E-3672-4DA5-9540-A8D0171C38D8} -> TuneUp Utilities Language Pack (fr-FR) {7E84FAC8-C518-40F9-9807-7455301D6D25} -> SamsungConnectivityCableDriver {7F811A54-5A09-4579-90E1-C93498E230D9} -> Acer eRecovery Management {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593} -> Chicken Invaders 2 {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697} -> Granny In Paradise {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477} -> Merriam Websters Spell Jam {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477} -> Amazonia {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767} -> Alice Greenfingers {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380} -> Heroes of Hellas {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110} -> Dream Day First Home {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100} -> Dairy Dash {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115208410} -> First Class Flurry {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173} -> Farm Frenzy 2 {82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} -> Windows Live Call {83202942-84b3-4c50-8622-b8c0aa2d2885} -> Nero Express Help {837b34e3-7c30-493c-8f6a-2b0f04e2912c} -> Microsoft Visual C++ 2005 Redistributable {869200db-287a-4dc0-b02b-2b6787fbcd4c} -> Nero DiscSpeed {89661B04-C646-4412-B6D3-5E19F02F1F37} -> EAX4 Unified Redist {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} -> Microsoft Silverlight {8C676E78-9169-43FB-9A56-415DF6DE50EE} -> Tetris 5000 {8DD0F820-3656-4AB3-A7F4-005CAA2D0897}_is1 -> RDesc 2.31 {8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1 -> Acer GameZone Console {90120000-0015-040C-0000-0000000FF1CE} -> Microsoft Office Access MUI (French) 2007 {90120000-0015-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-0016-0409-0000-0000000FF1CE} -> Microsoft Office Excel MUI (English) 2007 {90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> 2007 Microsoft Office Suite Service Pack 2 (SP2) {90120000-0016-040C-0000-0000000FF1CE} -> Microsoft Office Excel MUI (French) 2007 {90120000-0016-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-0017-040C-0000-0000000FF1CE} -> Microsoft Office SharePoint Designer MUI (French) 2007 {90120000-0017-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CCDA3DD6-E33D-4D75-B7C9-FF585580CE83} -> Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2) {90120000-0018-0409-0000-0000000FF1CE} -> Microsoft Office PowerPoint MUI (English) 2007 {90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> 2007 Microsoft Office Suite Service Pack 2 (SP2) {90120000-0018-040C-0000-0000000FF1CE} -> Microsoft Office PowerPoint MUI (French) 2007 {90120000-0018-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-0019-040C-0000-0000000FF1CE} -> Microsoft Office Publisher MUI (French) 2007 {90120000-0019-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-001A-040C-0000-0000000FF1CE} -> Microsoft Office Outlook MUI (French) 2007 {90120000-001A-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-001B-0409-0000-0000000FF1CE} -> Microsoft Office Word MUI (English) 2007 {90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> 2007 Microsoft Office Suite Service Pack 2 (SP2) {90120000-001B-040C-0000-0000000FF1CE} -> Microsoft Office Word MUI (French) 2007 {90120000-001B-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-001F-0401-0000-0000000FF1CE} -> Microsoft Office Proof (Arabic) 2007 {90120000-001F-0401-0000-0000000FF1CE}_OMUI.fr-fr_{14809F99-C601-4D4A-9391-F1E8FAA964C5} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) {90120000-001F-0407-0000-0000000FF1CE} -> Microsoft Office Proof (German) 2007 {90120000-001F-0407-0000-0000000FF1CE}_OMUI.fr-fr_{A0516415-ED61-419A-981D-93596DA74165} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) {90120000-001F-0409-0000-0000000FF1CE} -> Microsoft Office Proof (English) 2007 {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045} -> 2007 Microsoft Office Suite Service Pack 2 (SP2) {90120000-001F-040C-0000-0000000FF1CE} -> Microsoft Office Proof (French) 2007 {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787} -> 2007 Microsoft Office Suite Service Pack 2 (SP2) {90120000-001F-0413-0000-0000000FF1CE} -> Microsoft Office Proof (Dutch) 2007 {90120000-001F-0413-0000-0000000FF1CE}_OMUI.fr-fr_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) {90120000-001F-0C0A-0000-0000000FF1CE} -> Microsoft Office Proof (Spanish) 2007 {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9} -> 2007 Microsoft Office Suite Service Pack 2 (SP2) {90120000-0020-040C-0000-0000000FF1CE} -> Module de compatibilité pour Microsoft Office System 2007 {90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192} -> 2007 Microsoft Office Suite Service Pack 2 (SP2) {90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E} -> 2007 Microsoft Office Suite Service Pack 2 (SP2) {90120000-002A-040C-1000-0000000FF1CE}_OMUI.fr-fr_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-002C-0409-0000-0000000FF1CE} -> Microsoft Office Proofing (English) 2007 {90120000-002C-040C-0000-0000000FF1CE} -> Microsoft Office Proofing (French) 2007 {90120000-0044-040C-0000-0000000FF1CE} -> Microsoft Office InfoPath MUI (French) 2007 {90120000-0044-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-006E-0409-0000-0000000FF1CE} -> Microsoft Office Shared MUI (English) 2007 {90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E} -> 2007 Microsoft Office Suite Service Pack 2 (SP2) {90120000-006E-040C-0000-0000000FF1CE} -> Microsoft Office Shared MUI (French) 2007 {90120000-006E-040C-0000-0000000FF1CE}_OMUI.fr-fr_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-00A1-0409-0000-0000000FF1CE} -> Microsoft Office OneNote MUI (English) 2007 {90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> 2007 Microsoft Office Suite Service Pack 2 (SP2) {90120000-00A1-040C-0000-0000000FF1CE} -> Microsoft Office OneNote MUI (French) 2007 {90120000-00A1-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-00BA-040C-0000-0000000FF1CE} -> Microsoft Office Groove MUI (French) 2007 {90120000-00BA-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-0100-040C-0000-0000000FF1CE} -> Microsoft Office O MUI (French) 2007 {90120000-0100-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-0101-040C-0000-0000000FF1CE} -> Microsoft Office X MUI (French) 2007 {90120000-0101-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-0115-0409-0000-0000000FF1CE} -> Microsoft Office Shared Setup Metadata MUI (English) 2007 {90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E} -> 2007 Microsoft Office Suite Service Pack 2 (SP2) {90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E} -> 2007 Microsoft Office Suite Service Pack 2 (SP2) {91120000-002F-0000-0000-0000000FF1CE} -> Microsoft Office Home and Student 2007 {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} -> Microsoft Office 2007 Service Pack 2 (SP2) {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF} -> Security Update for Microsoft Office system 2007 (972581) {95120000-00AF-040C-0000-0000000FF1CE} -> Microsoft Office PowerPoint Viewer 2007 (French) {97C82B44-D408-4F14-9252-47FC1636D23E}_is1 -> IZArc 4.1 {9A25302D-30C0-39D9-BD6F-21E6EC160475} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 {9F7FC79B-3059-4264-9450-39EB368E3225} -> Microsoft Digital Image Library 9 - Blocker {A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D} -> ImagXpress {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} -> Google Update Helper {AC599724-5755-48C1-ABE7-ABB857652930} -> PC Connectivity Solution {AC76BA86-7AD7-1033-7B44-A93000000001} -> Adobe Reader 9.3.2 {AF7E85DC-317C-47F5-810E-B82EE093A612} -> Samsung New PC Studio USB Driver Installer {B131E59D-202C-43C6-84C9-68F0C37541F1} -> Galerie de photos Windows Live {B194272D-1F92-46DF-99EB-8D5CE91CB4EC} -> Adobe AIR {b2ec4a38-b545-4a00-8214-13fe0e915e6d} -> Advertising Center {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 -> Spybot - Search & Destroy {bd5ca0da-71ad-43da-b19e-6eee0c9adc9a} -> Nero ControlCenter {C2F1F96A-057E-5819-B52E-FEA1D1D2933B} -> Acronis True Image Home {C41300B9-185D-475E-BFEC-39EF732F19B1} -> Apple Software Update {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} -> Microsoft .NET Framework 1.1 {cc019e3f-59d2-4486-8d4b-878105b62a71} -> Nero DiscSpeed Help {D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} -> TuneUp Utilities {D433ABC3-0CD8-4BB0-B6A9-84501B4B47B7} -> ArcSoft PhotoImpression 5 {dba84796-8503-4ff0-af57-1747dd9a166d} -> Nero Online Upgrade {DCE8CD14-FBF5-4464-B9A4-E18E473546C7} -> Assistant de connexion Windows Live {DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF} -> Ad-Aware {DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1 -> Auslogics Disk Defrag {E2DFE069-083E-4631-9B6C-43C48E991DE5} -> Junk Mail filter update {E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 {E50AE784-FABE-46DA-A1F8-7B6B56DCB22E} -> Microsoft Office Suite Activation Assistant {e5c7d048-f9b4-4219-b323-8bdb01a2563d} -> Nero DriveSpeed Help {e8a80433-302b-4ff1-815d-fcc8eac482ff} -> Nero Installer {EE171732-BEB4-4576-887D-CB62727F01CA} -> Acer Updater {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} -> Microsoft SQL Server 2005 Compact Edition [ENU] {F0E12BBA-AD66-4022-A453-A1C8A0C4D570} -> Microsoft Choice Guard {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} -> Realtek High Definition Audio Driver {F193FC0E-9E18-40FC-A974-509A1BDD240A} -> Samsung New PC Studio {F19D07BC-6240-49D3-BA5C-59B015DF8916} -> EPSON Easy Photo Print {F333A33D-125C-32A2-8DCE-5C5D14231E27} -> Visual C++ 2008 x86 Runtime - (v9.0.30729) {F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01 -> Visual C++ 2008 x86 Runtime - v9.0.30729.01 {f4041dce-3fe1-4e18-8a9e-9de65231ee36} -> Nero ControlCenter {F7B0939E-58DF-11DF-B3A6-005056806466} -> Google Earth {fbcdfd61-7dcf-4e71-9226-873ba0053139} -> Nero InfoTool 7-Zip -> 7-Zip 4.65 Acer Registration -> Acer Registration Acer Screensaver -> Acer ScreenSaver Acer Welcome Center -> Welcome Center Ad-Aware -> Ad-Aware Adobe AIR -> Adobe AIR Adobe Flash Player ActiveX -> Adobe Flash Player 10 ActiveX Adobe Flash Player Plugin -> Adobe Flash Player 10 Plugin a-squared Free_is1 -> a-squared Free 4.5 Audacity_is1 -> Audacity 1.2.6 Avira AntiVir Desktop -> Avira AntiVir Personal - Free Antivirus AVS DVD Copy_is1 -> AVS DVD Copy version 4.1.1 AVS Update Manager_is1 -> AVS Update Manager 1.0 AVS4YOU Software Navigator_is1 -> AVS4YOU Software Navigator 1.3 CCleaner -> CCleaner EPSON Printer and Utilities -> EPSON Logiciel imprimante EPSON Scanner -> EPSON Scan Glary Utilities_is1 -> Glary Utilities 2.23.0.923 HOMESTUDENTR -> Microsoft Office Home and Student 2007 Hotkey Utility -> Hotkey Utility Identity Card -> Identity Card InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA} -> eSobi v2 InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761} -> Acer Arcade Deluxe InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121} -> Acer Backup Manager InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612} -> Samsung New PC Studio USB Driver Installer InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A} -> Samsung New PC Studio KC Softwares IDPhotoStudio_is1 -> KC Softwares IDPhotoStudio Malwarebytes' Anti-Malware_is1 -> Malwarebytes' Anti-Malware Mozilla Firefox (3.6.3) -> Mozilla Firefox (3.6.3) Mozilla Thunderbird (3.0.4) -> Mozilla Thunderbird (3.0.4) OMUI.fr-fr -> Microsoft Office Language Pack 2007 - French/Français Orb -> Orb PictureItSuite_v10 -> Microsoft Photo Pro Suite 10 PowerISO -> PowerISO PunkBusterSvc -> PunkBuster Services Pure Pinball 2.0 REDUX -> Pure Pinball 2.0 REDUX RAR Repair Tool_is1 -> RAR Repair Tool v.4.0.1 S.T.A.L.K.E.R. - Shadow of Chernobyl_is1 -> S.T.A.L.K.E.R. - Shadow of Chernobyl Secunia PSI -> Secunia PSI ShalSoft.GigaTribe_is1 -> GigaTribe 3.01.001 TuneUp Utilities -> TuneUp Utilities VLC media player -> VLC media player 1.0.5 WBFS Manager 3.0 -> WBFS Manager 3.0 WinLiveSuite_Wave3 -> Installation Windows Live WinRAR archiver -> Logiciel d'archivage WinRAR < Uninstall List [HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\] > -> HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> Capturino V2.11 -> Capturino V2.11 Vietcong 2 -> Vietcong 2 < EventViewer Logs - Last 10 Errors > -> Event Information -> Description Application [ Error ] 05/06/2010 02:22:14 Computer Name = abraracourcix | Source = SideBySide | ID = 16842787 -> Description = La création du contexte d’activation a échoué pour « c:\program files (x86)\windows live\photo gallery\MovieMaker.Exe ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL » à la ligne 8. L’identité de composant trouvé dans le manifeste ne correspond pas à celle du composant demandé. La référence est WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". La définition est WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Utilisez sxstrace.exe pour un diagnostic détaillé. Application [ Error ] 05/06/2010 05:07:23 Computer Name = abraracourcix | Source = Application Error | ID = 1000 -> Description = Nom de l’application défaillante Game_full.exe, version : 0.0.0.0, horodatage : 0x41a19ee4 Nom du module défaillant : cgD3D9.dll, version : 1.1.307.700, horodatage : 0x3f09c46c Code d’exception : 0xc0000005 Décalage d’erreur : 0x000059e9 ID du processus défaillant : 0x1658 Heure de début de l’application défaillante : 0x01cb048e1bbec824 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Tetris 5000\Game_full.exe Chemin d’accès du module défaillant: C:\Program Files (x86)\Tetris 5000\cgD3D9.dll ID de rapport : c05b8002-7081-11df-a0b8-90fba62d1373 Application [ Error ] 05/06/2010 07:45:31 Computer Name = abraracourcix | Source = MsiInstaller | ID = 10005 -> Description = Application [ Error ] 06/06/2010 04:10:59 Computer Name = abraracourcix | Source = SideBySide | ID = 16842815 -> Description = La création du contexte d’activation a échoué pour « c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll » à la ligne 3. La valeur « MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR » de l’attribut « version » de l’élément « assemblyIdentity » n’est pas valide. Application [ Error ] 06/06/2010 04:12:30 Computer Name = abraracourcix | Source = SideBySide | ID = 16842787 -> Description = La création du contexte d’activation a échoué pour « c:\program files (x86)\windows live\photo gallery\MovieMaker.Exe ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL » à la ligne 8. L’identité de composant trouvé dans le manifeste ne correspond pas à celle du composant demandé. La référence est WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". La définition est WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Utilisez sxstrace.exe pour un diagnostic détaillé. Application [ Error ] 06/06/2010 15:12:04 Computer Name = abraracourcix | Source = Application Error | ID = 1000 -> Description = Nom de l’application défaillante Game_full.exe, version : 0.0.0.0, horodatage : 0x41a19ee4 Nom du module défaillant : cgD3D9.dll, version : 1.1.307.700, horodatage : 0x3f09c46c Code d’exception : 0xc0000005 Décalage d’erreur : 0x000059e9 ID du processus défaillant : 0xfbc Heure de début de l’application défaillante : 0x01cb05a8b4730c2a Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Tetris 5000\Game_full.exe Chemin d’accès du module défaillant: C:\Program Files (x86)\Tetris 5000\cgD3D9.dll ID de rapport : 63f19d8c-719f-11df-bd2a-90fba62d1373 Application [ Error ] 07/06/2010 01:14:26 Computer Name = abraracourcix | Source = SideBySide | ID = 16842815 -> Description = La création du contexte d’activation a échoué pour « c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll » à la ligne 3. La valeur « MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR » de l’attribut « version » de l’élément « assemblyIdentity » n’est pas valide. Application [ Error ] 07/06/2010 01:15:09 Computer Name = abraracourcix | Source = SideBySide | ID = 16842787 -> Description = La création du contexte d’activation a échoué pour « c:\program files (x86)\windows live\photo gallery\MovieMaker.Exe ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL » à la ligne 8. L’identité de composant trouvé dans le manifeste ne correspond pas à celle du composant demandé. La référence est WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". La définition est WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Utilisez sxstrace.exe pour un diagnostic détaillé. Application [ Error ] 07/06/2010 18:31:01 Computer Name = abraracourcix | Source = SideBySide | ID = 16842815 -> Description = La création du contexte d’activation a échoué pour « c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll » à la ligne 3. La valeur « MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR » de l’attribut « version » de l’élément « assemblyIdentity » n’est pas valide. Application [ Error ] 07/06/2010 18:31:44 Computer Name = abraracourcix | Source = SideBySide | ID = 16842787 -> Description = La création du contexte d’activation a échoué pour « c:\program files (x86)\windows live\photo gallery\MovieMaker.Exe ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL » à la ligne 8. L’identité de composant trouvé dans le manifeste ne correspond pas à celle du composant demandé. La référence est WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". La définition est WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Utilisez sxstrace.exe pour un diagnostic détaillé. Media Center [ Error ] 04/03/2010 08:01:52 Computer Name = abraracourcix | Source = MCUpdate | ID = 0 -> Description = 13:01:52 - Erreur de connexion à Internet. 13:01:52 - Impossible de contacter le service.. Media Center [ Error ] 04/03/2010 08:02:00 Computer Name = abraracourcix | Source = MCUpdate | ID = 0 -> Description = 13:01:58 - Erreur de connexion à Internet. 13:01:58 - Impossible de contacter le service.. Media Center [ Error ] 04/03/2010 09:02:33 Computer Name = abraracourcix | Source = MCUpdate | ID = 0 -> Description = 14:02:33 - Erreur de connexion à Internet. 14:02:33 - Impossible de contacter le service.. Media Center [ Error ] 04/03/2010 09:02:38 Computer Name = abraracourcix | Source = MCUpdate | ID = 0 -> Description = 14:02:38 - Erreur de connexion à Internet. 14:02:38 - Impossible de contacter le service.. Media Center [ Error ] 04/03/2010 10:03:10 Computer Name = abraracourcix | Source = MCUpdate | ID = 0 -> Description = 15:03:10 - Erreur de connexion à Internet. 15:03:10 - Impossible de contacter le service.. Media Center [ Error ] 04/03/2010 10:03:16 Computer Name = abraracourcix | Source = MCUpdate | ID = 0 -> Description = 15:03:15 - Erreur de connexion à Internet. 15:03:15 - Impossible de contacter le service.. Media Center [ Error ] 04/03/2010 11:05:46 Computer Name = abraracourcix | Source = MCUpdate | ID = 0 -> Description = 16:05:46 - Erreur de connexion à Internet. 16:05:46 - Impossible de contacter le service.. Media Center [ Error ] 04/03/2010 11:05:52 Computer Name = abraracourcix | Source = MCUpdate | ID = 0 -> Description = 16:05:51 - Erreur de connexion à Internet. 16:05:51 - Impossible de contacter le service.. System [ Error ] 15/06/2010 06:36:10 Computer Name = abraracourcix | Source = Service Control Manager | ID = 7001 -> Description = Le service Explorateur d’ordinateurs dépend du service Serveur qui n’a pas pu démarrer en raison de l’erreur : %%1068 System [ Error ] 15/06/2010 06:36:10 Computer Name = abraracourcix | Source = Service Control Manager | ID = 7001 -> Description = Le service Explorateur d’ordinateurs dépend du service Serveur qui n’a pas pu démarrer en raison de l’erreur : %%1068 System [ Error ] 15/06/2010 06:36:10 Computer Name = abraracourcix | Source = Service Control Manager | ID = 7001 -> Description = Le service Explorateur d’ordinateurs dépend du service Serveur qui n’a pas pu démarrer en raison de l’erreur : %%1068 System [ Error ] 15/06/2010 06:36:10 Computer Name = abraracourcix | Source = Service Control Manager | ID = 7001 -> Description = Le service Explorateur d’ordinateurs dépend du service Serveur qui n’a pas pu démarrer en raison de l’erreur : %%1068 System [ Error ] 15/06/2010 06:36:10 Computer Name = abraracourcix | Source = Service Control Manager | ID = 7001 -> Description = Le service Explorateur d’ordinateurs dépend du service Serveur qui n’a pas pu démarrer en raison de l’erreur : %%1068 System [ Error ] 15/06/2010 06:36:22 Computer Name = abraracourcix | Source = Service Control Manager | ID = 7001 -> Description = Le service Explorateur d’ordinateurs dépend du service Serveur qui n’a pas pu démarrer en raison de l’erreur : %%1068 System [ Error ] 15/06/2010 06:36:22 Computer Name = abraracourcix | Source = Service Control Manager | ID = 7001 -> Description = Le service Explorateur d’ordinateurs dépend du service Serveur qui n’a pas pu démarrer en raison de l’erreur : %%1068 System [ Error ] 15/06/2010 06:36:22 Computer Name = abraracourcix | Source = Service Control Manager | ID = 7001 -> Description = Le service Explorateur d’ordinateurs dépend du service Serveur qui n’a pas pu démarrer en raison de l’erreur : %%1068 System [ Error ] 15/06/2010 06:38:29 Computer Name = abraracourcix | Source = Application Popup | ID = 1060 -> Description = Le chargement de \SystemRoot\SysWow64\drivers\pfc.sys a été bloqué en raison d’une incompatibilité avec ce système. Contactez l’éditeur de votre logiciel pour obtenir une version compatible du pilote. System [ Error ] 15/06/2010 15:01:41 Computer Name = abraracourcix | Source = RasSstp | ID = 1 -> Description = [Files/Folders - Created Within 60 Days] OTS.exe -> C:\Users\patrick\Desktop\OTS.exe -> [2010/06/19 13:19:32 | 000,640,000 | ---- | C] (OldTimer Tools) avgntflt.sys -> C:\Windows\SysNative\drivers\avgntflt.sys -> [2010/06/18 19:39:17 | 000,074,880 | ---- | C] (Avira GmbH) ssmdrv.sys -> C:\Windows\SysWow64\drivers\ssmdrv.sys -> [2010/06/18 19:39:17 | 000,028,376 | ---- | C] (Avira GmbH) Avira -> C:\ProgramData\Avira -> [2010/06/18 19:39:16 | 000,000,000 | ---D | C] Avira -> C:\Program Files (x86)\Avira -> [2010/06/18 19:39:16 | 000,000,000 | ---D | C] Ad-Remover -> C:\Program Files (x86)\Ad-Remover -> [2010/06/18 12:35:16 | 000,000,000 | ---D | C] Rar Repair Tool -> C:\Program Files (x86)\Rar Repair Tool -> [2010/06/16 20:22:37 | 000,000,000 | ---D | C] DAEMON Tools Lite -> C:\Users\patrick\AppData\Roaming\DAEMON Tools Lite -> [2010/06/16 12:52:26 | 000,000,000 | ---D | C] DAEMON Tools Lite -> C:\ProgramData\DAEMON Tools Lite -> [2010/06/16 12:52:24 | 000,000,000 | ---D | C] WinRAR -> C:\Program Files (x86)\WinRAR -> [2010/06/14 11:47:14 | 000,000,000 | ---D | C] 7-Zip -> C:\Program Files (x86)\7-Zip -> [2010/06/13 21:10:16 | 000,000,000 | ---D | C] JRE -> C:\Program Files (x86)\JRE -> [2010/06/12 22:29:03 | 000,000,000 | ---D | C] _OTM -> C:\_OTM -> [2010/06/12 07:50:12 | 000,000,000 | ---D | C] Minidump -> C:\Windows\Minidump -> [2010/06/12 07:37:20 | 000,000,000 | ---D | C] OTM.exe -> C:\Users\patrick\Desktop\OTM.exe -> [2010/06/12 07:33:37 | 000,518,656 | ---- | C] (OldTimer Tools) mstime.dll -> C:\Windows\SysNative\mstime.dll -> [2010/06/10 15:23:49 | 001,026,048 | ---- | C] (Microsoft Corporation) wininet.dll -> C:\Windows\SysNative\wininet.dll -> [2010/06/10 15:23:48 | 001,192,960 | ---- | C] (Microsoft Corporation) wininet.dll -> C:\Windows\SysWow64\wininet.dll -> [2010/06/10 15:23:48 | 000,977,920 | ---- | C] (Microsoft Corporation) mstime.dll -> C:\Windows\SysWow64\mstime.dll -> [2010/06/10 15:23:48 | 000,606,208 | ---- | C] (Microsoft Corporation) iedkcs32.dll -> C:\Windows\SysNative\iedkcs32.dll -> [2010/06/10 15:23:48 | 000,445,952 | ---- | C] (Microsoft Corporation) iedkcs32.dll -> C:\Windows\SysWow64\iedkcs32.dll -> [2010/06/10 15:23:48 | 000,381,440 | ---- | C] (Microsoft Corporation) msfeedsbs.dll -> C:\Windows\SysNative\msfeedsbs.dll -> [2010/06/10 15:23:48 | 000,082,944 | ---- | C] (Microsoft Corporation) msfeedsbs.dll -> C:\Windows\SysWow64\msfeedsbs.dll -> [2010/06/10 15:23:48 | 000,064,512 | ---- | C] (Microsoft Corporation) jsproxy.dll -> C:\Windows\SysNative\jsproxy.dll -> [2010/06/10 15:23:47 | 000,064,512 | ---- | C] (Microsoft Corporation) jsproxy.dll -> C:\Windows\SysWow64\jsproxy.dll -> [2010/06/10 15:23:47 | 000,048,128 | ---- | C] (Microsoft Corporation) asycfilt.dll -> C:\Windows\SysNative\asycfilt.dll -> [2010/06/10 11:05:50 | 000,084,992 | ---- | C] (Microsoft Corporation) asycfilt.dll -> C:\Windows\SysWow64\asycfilt.dll -> [2010/06/10 11:05:50 | 000,067,584 | ---- | C] (Microsoft Corporation) atmfd.dll -> C:\Windows\SysNative\atmfd.dll -> [2010/06/10 09:43:21 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) atmfd.dll -> C:\Windows\SysWow64\atmfd.dll -> [2010/06/10 09:43:20 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) atmlib.dll -> C:\Windows\SysNative\atmlib.dll -> [2010/06/10 09:43:20 | 000,046,080 | ---- | C] (Adobe Systems) atmlib.dll -> C:\Windows\SysWow64\atmlib.dll -> [2010/06/10 09:43:20 | 000,034,304 | ---- | C] (Adobe Systems) Wat -> C:\Windows\SysWow64\Wat -> [2010/06/08 21:10:25 | 000,000,000 | ---D | C] Wat -> C:\Windows\SysNative\Wat -> [2010/06/08 21:10:25 | 000,000,000 | ---D | C] trend micro -> C:\Program Files (x86)\trend micro -> [2010/06/08 12:26:42 | 000,000,000 | ---D | C] rsit -> C:\rsit -> [2010/06/08 12:26:42 | 000,000,000 | ---D | C] Lbd.sys -> C:\Windows\SysNative\drivers\Lbd.sys -> [2010/06/06 11:15:35 | 000,069,152 | ---- | C] (Lavasoft AB) THQ -> C:\Program Files (x86)\THQ -> [2010/06/05 16:00:16 | 000,000,000 | ---D | C] STALKER-SHOC -> C:\Users\Public\Documents\STALKER-SHOC -> [2010/06/05 16:00:16 | 000,000,000 | ---D | C] iTunes -> C:\Program Files\iTunes -> [2010/06/05 14:24:08 | 000,000,000 | ---D | C] iTunes -> C:\Program Files (x86)\iTunes -> [2010/06/05 14:24:08 | 000,000,000 | ---D | C] iPod -> C:\Program Files\iPod -> [2010/06/05 14:24:08 | 000,000,000 | ---D | C] {93E26451-CD9A-43A5-A2FA-C42392EA4001} -> C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} -> [2010/06/05 14:24:08 | 000,000,000 | ---D | C] Apple Software Update -> C:\Program Files (x86)\Apple Software Update -> [2010/06/05 14:23:29 | 000,000,000 | ---D | C] Bonjour -> C:\Program Files\Bonjour -> [2010/06/05 14:23:03 | 000,000,000 | ---D | C] Bonjour -> C:\Program Files (x86)\Bonjour -> [2010/06/05 14:23:03 | 000,000,000 | ---D | C] QuickTime -> C:\Program Files (x86)\QuickTime -> [2010/06/05 13:09:00 | 000,000,000 | ---D | C] Sun -> C:\ProgramData\Sun -> [2010/06/05 12:05:53 | 000,000,000 | ---D | C] Java -> C:\Program Files (x86)\Common Files\Java -> [2010/06/05 12:05:53 | 000,000,000 | ---D | C] deployJava1.dll -> C:\Windows\SysWow64\deployJava1.dll -> [2010/06/05 12:05:40 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) javaws.exe -> C:\Windows\SysWow64\javaws.exe -> [2010/06/05 12:05:40 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) javaw.exe -> C:\Windows\SysWow64\javaw.exe -> [2010/06/05 12:05:40 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) java.exe -> C:\Windows\SysWow64\java.exe -> [2010/06/05 12:05:40 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) SUPERAntiSpyware.com -> C:\Users\patrick\AppData\Roaming\SUPERAntiSpyware.com -> [2010/06/05 11:56:06 | 000,000,000 | ---D | C] SUPERAntiSpyware.com -> C:\ProgramData\SUPERAntiSpyware.com -> [2010/06/05 11:56:06 | 000,000,000 | ---D | C] SASCORE -> C:\ProgramData\SASCORE -> [2010/06/05 11:56:05 | 000,000,000 | ---D | C] SUPERAntiSpyware -> C:\Program Files\SUPERAntiSpyware -> [2010/06/05 11:56:03 | 000,000,000 | ---D | C] Secunia -> C:\Program Files (x86)\Secunia -> [2010/06/05 11:48:10 | 000,000,000 | ---D | C] Tetris 5000 -> C:\Program Files (x86)\Tetris 5000 -> [2010/06/05 11:04:23 | 000,000,000 | ---D | C] Steam -> C:\Program Files (x86)\Steam -> [2010/06/04 21:33:15 | 000,000,000 | ---D | C] SecurityScans -> C:\Users\patrick\SecurityScans -> [2010/06/04 18:21:30 | 000,000,000 | ---D | C] NortonInstaller -> C:\ProgramData\NortonInstaller -> [2010/06/04 18:20:57 | 000,000,000 | ---D | C] Microsoft Baseline Security Analyzer 2 -> C:\Program Files\Microsoft Baseline Security Analyzer 2 -> [2010/06/04 18:20:44 | 000,000,000 | ---D | C] Norton -> C:\ProgramData\Norton -> [2010/06/04 18:09:20 | 000,000,000 | ---D | C] NPE -> C:\Users\patrick\AppData\Local\NPE -> [2010/06/04 18:09:18 | 000,000,000 | ---D | C] unvise32.exe -> C:\Windows\unvise32.exe -> [2010/06/02 10:56:43 | 000,086,016 | ---- | C] (MindVision Software) Pure Pinball 2.0 REDUX -> C:\Program Files (x86)\Pure Pinball 2.0 REDUX -> [2010/06/02 10:56:00 | 000,000,000 | ---D | C] URTTEMP -> C:\Windows\SysWow64\URTTEMP -> [2010/06/02 10:50:06 | 000,000,000 | ---D | C] SecuROM -> C:\Users\patrick\AppData\Roaming\SecuROM -> [2010/06/02 10:45:08 | 000,000,000 | RH-D | C] LockHunter -> C:\Users\patrick\AppData\Roaming\LockHunter -> [2010/06/01 20:25:34 | 000,000,000 | ---D | C] psi_mf.sys -> C:\Windows\SysNative\drivers\psi_mf.sys -> [2010/05/28 13:04:52 | 000,017,456 | ---- | C] (Secunia) CmdLineExt_x64.dll -> C:\Windows\SysWow64\CmdLineExt_x64.dll -> [2010/05/26 17:23:00 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) My Games -> C:\Users\patrick\Documents\My Games -> [2010/05/26 09:35:53 | 000,000,000 | ---D | C] RDesc -> C:\RDesc -> [2010/05/24 15:12:10 | 000,000,000 | ---D | C] Downloads -> C:\Downloads -> [2010/05/20 17:27:16 | 000,000,000 | ---D | C] zoug -> C:\Users\patrick\AppData\Local\zoug -> [2010/05/12 16:20:16 | 000,000,000 | ---D | C] Malwarebytes -> C:\Users\patrick\AppData\Roaming\Malwarebytes -> [2010/05/02 11:22:22 | 000,000,000 | ---D | C] mbamswissarmy.sys -> C:\Windows\SysWow64\drivers\mbamswissarmy.sys -> [2010/05/02 11:22:17 | 000,038,224 | ---- | C] (Malwarebytes Corporation) mbam.sys -> C:\Windows\SysNative\drivers\mbam.sys -> [2010/05/02 11:22:16 | 000,024,664 | ---- | C] (Malwarebytes Corporation) Malwarebytes' Anti-Malware -> C:\Program Files (x86)\Malwarebytes' Anti-Malware -> [2010/05/02 11:22:16 | 000,000,000 | ---D | C] Malwarebytes -> C:\ProgramData\Malwarebytes -> [2010/05/02 11:22:16 | 000,000,000 | ---D | C] TURegOpt.exe -> C:\Windows\SysNative\TURegOpt.exe -> [2010/04/30 17:34:08 | 000,034,632 | ---- | C] (TuneUp Software) uxtuneup.dll -> C:\Windows\SysNative\uxtuneup.dll -> [2010/04/30 17:34:07 | 000,036,168 | ---- | C] (TuneUp Software) uxtuneup.dll -> C:\Windows\SysWow64\uxtuneup.dll -> [2010/04/30 17:34:07 | 000,030,024 | ---- | C] (TuneUp Software) authuitu.dll -> C:\Windows\SysNative\authuitu.dll -> [2010/04/30 17:34:07 | 000,025,928 | ---- | C] (TuneUp Software) authuitu.dll -> C:\Windows\SysWow64\authuitu.dll -> [2010/04/30 17:34:07 | 000,021,320 | ---- | C] (TuneUp Software) TuneUp Software -> C:\Users\patrick\AppData\Roaming\TuneUp Software -> [2010/04/30 17:33:53 | 000,000,000 | ---D | C] TuneUp Utilities 2010 -> C:\Program Files (x86)\TuneUp Utilities 2010 -> [2010/04/30 17:33:44 | 000,000,000 | ---D | C] TuneUp Software -> C:\ProgramData\TuneUp Software -> [2010/04/30 17:33:15 | 000,000,000 | ---D | C] {D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} -> C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} -> [2010/04/30 17:33:08 | 000,000,000 | -HSD | C] BVRP Software -> C:\ProgramData\BVRP Software -> [2010/04/30 14:46:05 | 000,000,000 | ---D | C] lsasrv.dll -> C:\Windows\SysNative\lsasrv.dll -> [2010/04/30 08:16:44 | 001,446,912 | ---- | C] (Microsoft Corporation) ksecpkg.sys -> C:\Windows\SysNative\drivers\ksecpkg.sys -> [2010/04/30 08:16:44 | 000,153,160 | ---- | C] (Microsoft Corporation) fvevol.sys -> C:\Windows\SysNative\drivers\fvevol.sys -> [2010/04/30 08:16:11 | 000,223,448 | ---- | C] (Microsoft Corporation) SecuROM -> C:\ProgramData\SecuROM -> [2010/04/27 13:15:21 | 000,000,000 | -HSD | C] 4A Games -> C:\Users\patrick\AppData\Local\4A Games -> [2010/04/26 12:57:33 | 000,000,000 | ---D | C] XAudio2_6.dll -> C:\Windows\SysNative\XAudio2_6.dll -> [2010/04/26 12:57:06 | 000,530,776 | ---- | C] (Microsoft Corporation) XAudio2_6.dll -> C:\Windows\SysWow64\XAudio2_6.dll -> [2010/04/26 12:57:06 | 000,528,216 | ---- | C] (Microsoft Corporation) xactengine3_6.dll -> C:\Windows\SysWow64\xactengine3_6.dll -> [2010/04/26 12:57:06 | 000,238,936 | ---- | C] (Microsoft Corporation) xactengine3_6.dll -> C:\Windows\SysNative\xactengine3_6.dll -> [2010/04/26 12:57:06 | 000,176,984 | ---- | C] (Microsoft Corporation) XAPOFX1_4.dll -> C:\Windows\SysNative\XAPOFX1_4.dll -> [2010/04/26 12:57:06 | 000,078,680 | ---- | C] (Microsoft Corporation) XAPOFX1_4.dll -> C:\Windows\SysWow64\XAPOFX1_4.dll -> [2010/04/26 12:57:06 | 000,074,072 | ---- | C] (Microsoft Corporation) X3DAudio1_7.dll -> C:\Windows\SysNative\X3DAudio1_7.dll -> [2010/04/26 12:57:06 | 000,024,920 | ---- | C] (Microsoft Corporation) NVIDIA Corporation -> C:\Program Files (x86)\NVIDIA Corporation -> [2010/04/26 07:38:45 | 000,000,000 | ---D | C] Wise Installation Wizard -> C:\Program Files (x86)\Common Files\Wise Installation Wizard -> [2010/04/26 07:38:26 | 000,000,000 | ---D | C] NVIDIA -> C:\Users\patrick\AppData\Roaming\NVIDIA -> [2010/04/25 23:11:27 | 000,000,000 | ---D | C] NVIDIA Corporation -> C:\Program Files\NVIDIA Corporation -> [2010/04/25 21:52:16 | 000,000,000 | ---D | C] X3DAudio1_7.dll -> C:\Windows\SysWow64\X3DAudio1_7.dll -> [2010/04/25 21:04:04 | 000,022,360 | ---- | C] (Microsoft Corporation) a-squared Free -> C:\Users\patrick\Documents\a-squared Free -> [2010/04/25 17:41:27 | 000,000,000 | ---D | C] a-squared Free -> C:\Program Files (x86)\a-squared Free -> [2010/04/25 17:41:27 | 000,000,000 | ---D | C] BVRP Software -> C:\Users\Public\Documents\BVRP Software -> [2010/04/25 09:46:41 | 000,000,000 | ---D | C] _Backup.RC -> C:\_Backup.RC -> [2010/04/25 09:44:39 | 000,000,000 | RHSD | C] _Backup -> C:\_Backup -> [2010/04/25 09:44:37 | 000,000,000 | -H-D | C] Avanquest -> C:\Users\patrick\AppData\Roaming\Avanquest -> [2010/04/25 09:42:28 | 000,000,000 | ---D | C] Avanquest -> C:\ProgramData\Avanquest -> [2010/04/25 09:42:28 | 000,000,000 | ---D | C] AntiVirus -> C:\Program Files (x86)\Common Files\AntiVirus -> [2010/04/25 09:42:26 | 000,000,000 | ---D | C] [Files/Folders - Modified Within 60 Days] 7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> [2010/06/19 13:22:12 | 000,009,920 | -H-- | M] () 7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> [2010/06/19 13:22:12 | 000,009,920 | -H-- | M] () OTS.exe -> C:\Users\patrick\Desktop\OTS.exe -> [2010/06/19 13:18:43 | 000,640,000 | ---- | M] (OldTimer Tools) Ad-Aware Update (Weekly).job -> C:\Windows\tasks\Ad-Aware Update (Weekly).job -> [2010/06/19 13:15:39 | 000,000,396 | ---- | M] () Ikeext.etl -> C:\Windows\SysNative\Ikeext.etl -> [2010/06/19 13:15:02 | 000,065,536 | ---- | M] () GoogleUpdateTaskMachineCore.job -> C:\Windows\tasks\GoogleUpdateTaskMachineCore.job -> [2010/06/19 13:15:01 | 000,001,064 | ---- | M] () GlaryInitialize.job -> C:\Windows\tasks\GlaryInitialize.job -> [2010/06/19 13:15:01 | 000,000,328 | ---- | M] () SA.DAT -> C:\Windows\tasks\SA.DAT -> [2010/06/19 13:14:55 | 000,000,006 | -H-- | M] () bootstat.dat -> C:\Windows\bootstat.dat -> [2010/06/19 13:14:50 | 000,067,584 | --S- | M] () hiberfil.sys -> C:\hiberfil.sys -> [2010/06/19 13:14:48 | 529,854,463 | -HS- | M] () ntuser.dat -> C:\Users\patrick\ntuser.dat -> [2010/06/19 13:14:03 | 006,029,312 | -HS- | M] () IconCache.db -> C:\Users\patrick\AppData\Local\IconCache.db -> [2010/06/19 13:13:57 | 002,724,564 | -H-- | M] () GoogleUpdateTaskMachineUA.job -> C:\Windows\tasks\GoogleUpdateTaskMachineUA.job -> [2010/06/19 13:00:01 | 000,001,068 | ---- | M] () PerfStringBackup.INI -> C:\Windows\SysNative\PerfStringBackup.INI -> [2010/06/19 08:41:52 | 001,553,042 | ---- | M] () perfh00C.dat -> C:\Windows\SysNative\perfh00C.dat -> [2010/06/19 08:41:52 | 000,704,618 | ---- | M] () perfh009.dat -> C:\Windows\SysNative\perfh009.dat -> [2010/06/19 08:41:52 | 000,615,760 | ---- | M] () perfc00C.dat -> C:\Windows\SysNative\perfc00C.dat -> [2010/06/19 08:41:52 | 000,132,340 | ---- | M] () perfc009.dat -> C:\Windows\SysNative\perfc009.dat -> [2010/06/19 08:41:52 | 000,107,396 | ---- | M] () cc_20100618_224007.reg -> C:\Users\patrick\Documents\cc_20100618_224007.reg -> [2010/06/18 22:40:09 | 000,002,522 | ---- | M] () avgntflt.sys -> C:\Windows\SysNative\drivers\avgntflt.sys -> [2010/06/18 19:52:00 | 000,074,880 | ---- | M] (Avira GmbH) base registre.reg -> C:\Users\patrick\Documents\base registre.reg -> [2010/06/17 19:06:01 | 000,000,294 | ---- | M] () EPISMF00.SWB -> C:\Windows\EPISMF00.SWB -> [2010/06/17 07:38:53 | 000,016,574 | ---- | M] () ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/16 13:55:19 | 000,524,288 | -HS- | M] () ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/16 13:55:19 | 000,524,288 | -HS- | M] () ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TM.blf -> [2010/06/16 13:55:19 | 000,065,536 | -HS- | M] () 5h9xvjf9i.lnk -> C:\Users\patrick\Desktop\5h9xvjf9i.lnk -> [2010/06/16 13:13:53 | 000,001,197 | ---- | M] () GDIPFONTCACHEV1.DAT -> C:\Users\patrick\AppData\Local\GDIPFONTCACHEV1.DAT -> [2010/06/14 08:52:14 | 000,107,496 | ---- | M] () FNTCACHE.DAT -> C:\Windows\SysNative\FNTCACHE.DAT -> [2010/06/14 08:12:03 | 000,411,000 | ---- | M] () cc_20100613_085115.reg -> C:\Users\patrick\Documents\cc_20100613_085115.reg -> [2010/06/13 08:51:17 | 000,001,192 | ---- | M] () OTM.exe -> C:\Users\patrick\Desktop\OTM.exe -> [2010/06/12 06:39:21 | 000,518,656 | ---- | M] (OldTimer Tools) MegaManager.INI -> C:\Windows\MegaManager.INI -> [2010/06/08 19:39:53 | 000,000,050 | ---- | M] () RSIT.exe -> C:\Users\patrick\Desktop\RSIT.exe -> [2010/06/08 12:26:15 | 000,824,681 | ---- | M] () bookmarks-2010-06-07.json -> C:\Users\patrick\Documents\bookmarks-2010-06-07.json -> [2010/06/07 19:31:37 | 000,101,194 | ---- | M] () Mozilla Firefox.lnk -> C:\Users\Public\Desktop\Mozilla Firefox.lnk -> [2010/06/07 19:17:05 | 000,001,946 | ---- | M] () Lbd.sys -> C:\Windows\SysNative\drivers\Lbd.sys -> [2010/06/06 10:58:16 | 000,069,152 | ---- | M] (Lavasoft AB) hosts -> C:\Windows\SysNative\drivers\etc\hosts -> [2010/06/05 18:12:02 | 000,000,000 | ---- | M] () RDesc.lnk -> C:\Users\Public\Desktop\RDesc.lnk -> [2010/06/05 14:33:03 | 000,000,551 | ---- | M] () iTunes.lnk -> C:\Users\Public\Desktop\iTunes.lnk -> [2010/06/05 14:24:18 | 000,002,429 | ---- | M] () deployJava1.dll -> C:\Windows\SysWow64\deployJava1.dll -> [2010/06/05 12:05:37 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) javaws.exe -> C:\Windows\SysWow64\javaws.exe -> [2010/06/05 12:05:37 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) javaw.exe -> C:\Windows\SysWow64\javaw.exe -> [2010/06/05 12:05:37 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) java.exe -> C:\Windows\SysWow64\java.exe -> [2010/06/05 12:05:37 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/05 09:00:35 | 000,524,288 | -HS- | M] () ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/05 09:00:35 | 000,524,288 | -HS- | M] () ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TM.blf -> [2010/06/05 09:00:35 | 000,065,536 | -HS- | M] () ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/04 16:53:44 | 000,524,288 | -HS- | M] () ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/04 16:53:44 | 000,524,288 | -HS- | M] () ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TM.blf -> [2010/06/04 16:53:44 | 000,065,536 | -HS- | M] () ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/04 16:33:33 | 000,524,288 | -HS- | M] () ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/04 16:33:33 | 000,524,288 | -HS- | M] () ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TM.blf -> [2010/06/04 16:33:33 | 000,065,536 | -HS- | M] () ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/04 16:28:40 | 000,524,288 | -HS- | M] () ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/04 16:28:40 | 000,524,288 | -HS- | M] () ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TM.blf -> [2010/06/04 16:28:40 | 000,065,536 | -HS- | M] () housecall.guid.cache -> C:\Users\patrick\AppData\Local\housecall.guid.cache -> [2010/06/04 13:40:11 | 000,000,036 | ---- | M] () ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/04 13:08:08 | 000,524,288 | -HS- | M] () ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/04 13:08:08 | 000,524,288 | -HS- | M] () ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TM.blf -> [2010/06/04 13:08:08 | 000,065,536 | -HS- | M] () PerfStringBackup.INI -> C:\Windows\SysWow64\PerfStringBackup.INI -> [2010/06/02 10:50:21 | 001,578,582 | ---- | M] () PnkBstrB.exe -> C:\Windows\SysWow64\PnkBstrB.exe -> [2010/06/02 10:42:14 | 000,103,736 | ---- | M] () pbsvc.exe -> C:\Windows\SysWow64\pbsvc.exe -> [2010/06/02 10:42:07 | 000,669,184 | ---- | M] () PnkBstrA.exe -> C:\Windows\SysWow64\PnkBstrA.exe -> [2010/06/02 10:42:07 | 000,066,872 | ---- | M] () ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/01 20:17:42 | 000,524,288 | -HS- | M] () ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/01 20:17:42 | 000,524,288 | -HS- | M] () ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TM.blf -> [2010/06/01 20:17:42 | 000,065,536 | -HS- | M] () ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/01 17:10:23 | 000,524,288 | -HS- | M] () ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/01 17:10:23 | 000,524,288 | -HS- | M] () ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TM.blf -> [2010/06/01 17:10:23 | 000,065,536 | -HS- | M] () ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/05/31 10:31:42 | 000,524,288 | -HS- | M] () ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/05/31 10:31:42 | 000,524,288 | -HS- | M] () ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TM.blf -> [2010/05/31 10:31:42 | 000,065,536 | -HS- | M] () psi_mf.sys -> C:\Windows\SysNative\drivers\psi_mf.sys -> [2010/05/28 13:04:52 | 000,017,456 | ---- | M] (Secunia) atmlib.dll -> C:\Windows\SysWow64\atmlib.dll -> [2010/05/27 09:24:13 | 000,034,304 | ---- | M] (Adobe Systems) atmlib.dll -> C:\Windows\SysNative\atmlib.dll -> [2010/05/27 08:34:09 | 000,046,080 | ---- | M] (Adobe Systems) atmfd.dll -> C:\Windows\SysNative\atmfd.dll -> [2010/05/27 06:11:32 | 000,366,080 | ---- | M] (Adobe Systems Incorporated) atmfd.dll -> C:\Windows\SysWow64\atmfd.dll -> [2010/05/27 05:49:37 | 000,293,888 | ---- | M] (Adobe Systems Incorporated) ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/05/26 23:28:55 | 000,524,288 | -HS- | M] () ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/05/26 23:28:55 | 000,524,288 | -HS- | M] () ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TM.blf -> [2010/05/26 23:28:55 | 000,065,536 | -HS- | M] () CmdLineExt_x64.dll -> C:\Windows\SysWow64\CmdLineExt_x64.dll -> [2010/05/26 17:23:00 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) ealregsnapshot1.reg -> C:\Windows\SysWow64\ealregsnapshot1.reg -> [2010/05/26 17:08:24 | 000,000,662 | ---- | M] () wininet.dll -> C:\Windows\SysNative\wininet.dll -> [2010/05/21 07:52:30 | 001,192,960 | ---- | M] (Microsoft Corporation) jsproxy.dll -> C:\Windows\SysNative\jsproxy.dll -> [2010/05/21 07:47:27 | 000,064,512 | ---- | M] (Microsoft Corporation) wininet.dll -> C:\Windows\SysWow64\wininet.dll -> [2010/05/21 07:18:06 | 000,977,920 | ---- | M] (Microsoft Corporation) jsproxy.dll -> C:\Windows\SysWow64\jsproxy.dll -> [2010/05/21 07:14:50 | 000,048,128 | ---- | M] (Microsoft Corporation) config.nt -> C:\Windows\SysWow64\config.nt -> [2010/05/08 09:15:01 | 000,000,000 | ---- | M] () TURegOpt.exe -> C:\Windows\SysNative\TURegOpt.exe -> [2010/05/07 18:07:32 | 000,034,632 | ---- | M] (TuneUp Software) authuitu.dll -> C:\Windows\SysNative\authuitu.dll -> [2010/05/07 18:02:00 | 000,025,928 | ---- | M] (TuneUp Software) authuitu.dll -> C:\Windows\SysWow64\authuitu.dll -> [2010/05/07 18:01:56 | 000,021,320 | ---- | M] (TuneUp Software) uxtuneup.dll -> C:\Windows\SysNative\uxtuneup.dll -> [2010/05/07 18:01:52 | 000,036,168 | ---- | M] (TuneUp Software) uxtuneup.dll -> C:\Windows\SysWow64\uxtuneup.dll -> [2010/05/07 18:01:44 | 000,030,024 | ---- | M] (TuneUp Software) mstime.dll -> C:\Windows\SysNative\mstime.dll -> [2010/05/06 15:00:06 | 001,026,048 | ---- | M] (Microsoft Corporation) msfeedsbs.dll -> C:\Windows\SysNative\msfeedsbs.dll -> [2010/05/06 14:59:55 | 000,082,944 | ---- | M] (Microsoft Corporation) iedkcs32.dll -> C:\Windows\SysNative\iedkcs32.dll -> [2010/05/06 14:58:57 | 000,445,952 | ---- | M] (Microsoft Corporation) mstime.dll -> C:\Windows\SysWow64\mstime.dll -> [2010/05/06 14:41:55 | 000,606,208 | ---- | M] (Microsoft Corporation) msfeedsbs.dll -> C:\Windows\SysWow64\msfeedsbs.dll -> [2010/05/06 14:41:53 | 000,064,512 | ---- | M] (Microsoft Corporation) iedkcs32.dll -> C:\Windows\SysWow64\iedkcs32.dll -> [2010/05/06 14:41:49 | 000,381,440 | ---- | M] (Microsoft Corporation) lsdelete.exe -> C:\Windows\SysNative\lsdelete.exe -> [2010/05/01 08:43:22 | 000,015,880 | ---- | M] () ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/04/30 17:40:38 | 000,524,288 | -HS- | M] () ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/04/30 17:40:38 | 000,524,288 | -HS- | M] () ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TM.blf -> [2010/04/30 17:40:38 | 000,065,536 | -HS- | M] () mbamswissarmy.sys -> C:\Windows\SysWow64\drivers\mbamswissarmy.sys -> [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) mbam.sys -> C:\Windows\SysNative\drivers\mbam.sys -> [2010/04/29 15:39:28 | 000,024,664 | ---- | M] (Malwarebytes Corporation) ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/04/24 22:06:43 | 000,524,288 | -HS- | M] () ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/04/24 22:06:43 | 000,524,288 | -HS- | M] () ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TM.blf -> [2010/04/24 22:06:43 | 000,065,536 | -HS- | M] () [Files - No Company Name] Ad-Aware Update (Weekly).job -> C:\Windows\tasks\Ad-Aware Update (Weekly).job -> [2010/06/19 13:15:39 | 000,000,396 | ---- | C] () cc_20100618_224007.reg -> C:\Users\patrick\Documents\cc_20100618_224007.reg -> [2010/06/18 22:40:08 | 000,002,522 | ---- | C] () base registre.reg -> C:\Users\patrick\Documents\base registre.reg -> [2010/06/17 19:06:01 | 000,000,294 | ---- | C] () 5h9xvjf9i.lnk -> C:\Users\patrick\Desktop\5h9xvjf9i.lnk -> [2010/06/16 13:13:53 | 000,001,197 | ---- | C] () ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/16 13:06:52 | 000,524,288 | -HS- | C] () ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/16 13:06:52 | 000,524,288 | -HS- | C] () ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TM.blf -> [2010/06/16 13:06:52 | 000,065,536 | -HS- | C] () IconCache.db -> C:\Users\patrick\AppData\Local\IconCache.db -> [2010/06/16 07:53:04 | 002,724,564 | -H-- | C] () cc_20100613_085115.reg -> C:\Users\patrick\Documents\cc_20100613_085115.reg -> [2010/06/13 08:51:16 | 000,001,192 | ---- | C] () RSIT.exe -> C:\Users\patrick\Desktop\RSIT.exe -> [2010/06/08 12:26:33 | 000,824,681 | ---- | C] () bookmarks-2010-06-07.json -> C:\Users\patrick\Documents\bookmarks-2010-06-07.json -> [2010/06/07 19:29:19 | 000,101,194 | ---- | C] () Mozilla Firefox.lnk -> C:\Users\Public\Desktop\Mozilla Firefox.lnk -> [2010/06/07 19:17:05 | 000,001,946 | ---- | C] () iTunes.lnk -> C:\Users\Public\Desktop\iTunes.lnk -> [2010/06/05 14:24:18 | 000,002,429 | ---- | C] () ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/05 08:53:58 | 000,524,288 | -HS- | C] () ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/05 08:53:58 | 000,524,288 | -HS- | C] () ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TM.blf -> [2010/06/05 08:53:58 | 000,065,536 | -HS- | C] () ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/04 16:36:36 | 000,524,288 | -HS- | C] () ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/04 16:36:36 | 000,524,288 | -HS- | C] () ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TM.blf -> [2010/06/04 16:36:36 | 000,065,536 | -HS- | C] () ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/04 16:30:29 | 000,524,288 | -HS- | C] () ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/04 16:30:29 | 000,524,288 | -HS- | C] () ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TM.blf -> [2010/06/04 16:30:28 | 000,065,536 | -HS- | C] () ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/04 16:11:26 | 000,524,288 | -HS- | C] () ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/04 16:11:26 | 000,524,288 | -HS- | C] () ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TM.blf -> [2010/06/04 16:11:26 | 000,065,536 | -HS- | C] () housecall.guid.cache -> C:\Users\patrick\AppData\Local\housecall.guid.cache -> [2010/06/04 13:40:11 | 000,000,036 | ---- | C] () ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/04 07:54:42 | 000,524,288 | -HS- | C] () ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/04 07:54:42 | 000,524,288 | -HS- | C] () ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TM.blf -> [2010/06/04 07:54:42 | 000,065,536 | -HS- | C] () PerfStringBackup.INI -> C:\Windows\SysWow64\PerfStringBackup.INI -> [2010/06/02 10:50:19 | 001,578,582 | ---- | C] () PnkBstrB.exe -> C:\Windows\SysWow64\PnkBstrB.exe -> [2010/06/02 10:42:10 | 000,103,736 | ---- | C] () pbsvc.exe -> C:\Windows\SysWow64\pbsvc.exe -> [2010/06/02 10:42:07 | 000,669,184 | ---- | C] () PnkBstrA.exe -> C:\Windows\SysWow64\PnkBstrA.exe -> [2010/06/02 10:42:07 | 000,066,872 | ---- | C] () ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/01 17:21:22 | 000,524,288 | -HS- | C] () ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/01 17:21:22 | 000,524,288 | -HS- | C] () ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TM.blf -> [2010/06/01 17:21:21 | 000,065,536 | -HS- | C] () ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/05/31 10:57:24 | 000,524,288 | -HS- | C] () ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/05/31 10:57:24 | 000,524,288 | -HS- | C] () ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TM.blf -> [2010/05/31 10:57:24 | 000,065,536 | -HS- | C] () ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/05/31 10:29:05 | 000,524,288 | -HS- | C] () ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/05/31 10:29:05 | 000,524,288 | -HS- | C] () ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TM.blf -> [2010/05/31 10:29:05 | 000,065,536 | -HS- | C] () RDesc.lnk -> C:\Users\Public\Desktop\RDesc.lnk -> [2010/05/28 17:01:51 | 000,000,551 | ---- | C] () EPISMF00.SWB -> C:\Windows\EPISMF00.SWB -> [2010/05/26 17:14:27 | 000,016,574 | ---- | C] () ealregsnapshot1.reg -> C:\Windows\SysWow64\ealregsnapshot1.reg -> [2010/05/26 17:08:24 | 000,000,662 | ---- | C] () ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/05/26 14:43:11 | 000,524,288 | -HS- | C] () ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/05/26 14:43:09 | 000,524,288 | -HS- | C] () ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TM.blf -> [2010/05/26 14:43:09 | 000,065,536 | -HS- | C] () logo.bmp -> C:\logo.bmp -> [2010/05/22 12:55:01 | 000,009,296 | ---- | C] () MegaManager.INI -> C:\Windows\MegaManager.INI -> [2010/05/20 17:08:49 | 000,000,050 | ---- | C] () ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/04/30 08:06:52 | 000,524,288 | -HS- | C] () ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/04/30 08:06:52 | 000,524,288 | -HS- | C] () ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TM.blf -> [2010/04/30 08:06:52 | 000,065,536 | -HS- | C] () ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/04/24 21:58:34 | 000,524,288 | -HS- | C] () ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/04/24 21:58:34 | 000,524,288 | -HS- | C] () ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TM.blf -> [2010/04/24 21:58:34 | 000,065,536 | -HS- | C] () game.ini -> C:\Windows\game.ini -> [2010/04/13 09:23:38 | 000,000,331 | ---- | C] () PICSDK.ini -> C:\Windows\SysWow64\PICSDK.ini -> [2010/02/28 21:30:24 | 000,000,099 | ---- | C] () CDE RX520FI.ini -> C:\Windows\CDE RX520FI.ini -> [2010/02/28 20:52:09 | 000,000,027 | ---- | C] () GlobalUserInterface.CompositeFont -> C:\Windows\Fonts\GlobalUserInterface.CompositeFont -> [2009/07/14 07:32:39 | 000,043,318 | ---- | C] () GlobalSerif.CompositeFont -> C:\Windows\Fonts\GlobalSerif.CompositeFont -> [2009/07/14 07:32:39 | 000,029,779 | ---- | C] () GlobalSansSerif.CompositeFont -> C:\Windows\Fonts\GlobalSansSerif.CompositeFont -> [2009/07/14 07:32:39 | 000,026,489 | ---- | C] () GlobalMonospace.CompositeFont -> C:\Windows\Fonts\GlobalMonospace.CompositeFont -> [2009/07/14 07:32:39 | 000,026,040 | ---- | C] () BWContextHandler.dll -> C:\Windows\SysWow64\BWContextHandler.dll -> [2009/07/14 01:42:10 | 000,064,000 | ---- | C] () msjetoledb40.dll -> C:\Windows\SysWow64\msjetoledb40.dll -> [2009/07/13 23:03:59 | 000,364,544 | ---- | C] () StarOpen.sys -> C:\Windows\SysWow64\drivers\StarOpen.sys -> [2007/10/25 18:26:10 | 000,005,632 | ---- | C] () EPSPTDV.DLL -> C:\Windows\SysWow64\EPSPTDV.DLL -> [2005/02/25 07:15:00 | 000,159,744 | ---- | C] () [File - Lop Check] Acronis -> C:\Users\patrick\AppData\Roaming\Acronis -> [2010/03/12 14:43:01 | 000,000,000 | ---D | M] Auslogics -> C:\Users\patrick\AppData\Roaming\Auslogics -> [2010/03/01 19:31:06 | 000,000,000 | ---D | M] Avanquest -> C:\Users\patrick\AppData\Roaming\Avanquest -> [2010/04/25 09:58:58 | 000,000,000 | ---D | M] Capturino -> C:\Users\patrick\AppData\Roaming\Capturino -> [2010/03/17 17:54:53 | 000,000,000 | ---D | M] DAEMON Tools Lite -> C:\Users\patrick\AppData\Roaming\DAEMON Tools Lite -> [2010/06/16 12:56:05 | 000,000,000 | ---D | M] GlarySoft -> C:\Users\patrick\AppData\Roaming\GlarySoft -> [2010/03/12 13:38:08 | 000,000,000 | ---D | M] KC Softwares -> C:\Users\patrick\AppData\Roaming\KC Softwares -> [2010/03/03 21:40:01 | 000,000,000 | ---D | M] LockHunter -> C:\Users\patrick\AppData\Roaming\LockHunter -> [2010/06/01 20:25:35 | 000,000,000 | ---D | M] OpenOffice.org -> C:\Users\patrick\AppData\Roaming\OpenOffice.org -> [2010/03/04 18:50:46 | 000,000,000 | ---D | M] PC Suite -> C:\Users\patrick\AppData\Roaming\PC Suite -> [2010/03/02 14:11:07 | 000,000,000 | ---D | M] PowerCinema -> C:\Users\patrick\AppData\Roaming\PowerCinema -> [2010/06/01 17:20:25 | 000,000,000 | ---D | M] Samsung -> C:\Users\patrick\AppData\Roaming\Samsung -> [2010/03/09 12:56:48 | 000,000,000 | ---D | M] SoftDMA -> C:\Users\patrick\AppData\Roaming\SoftDMA -> [2010/02/28 18:46:47 | 000,000,000 | ---D | M] system32 -> C:\Users\patrick\AppData\Roaming\system32 -> [2010/04/30 17:42:19 | 000,000,000 | RHSD | M] Thunderbird -> C:\Users\patrick\AppData\Roaming\Thunderbird -> [2010/02/28 22:05:33 | 000,000,000 | ---D | M] TuneUp Software -> C:\Users\patrick\AppData\Roaming\TuneUp Software -> [2010/04/30 17:33:53 | 000,000,000 | ---D | M] URSoft -> C:\Users\patrick\AppData\Roaming\URSoft -> [2010/02/28 21:55:06 | 000,000,000 | ---D | M] Ad-Aware Update (Weekly).job -> C:\Windows\Tasks\Ad-Aware Update (Weekly).job -> [2010/06/19 13:15:39 | 000,000,396 | ---- | M] () GlaryInitialize.job -> C:\Windows\Tasks\GlaryInitialize.job -> [2010/06/19 13:15:01 | 000,000,328 | ---- | M] () SCHEDLGU.TXT -> C:\Windows\Tasks\SCHEDLGU.TXT -> [2010/06/04 16:54:40 | 000,032,566 | ---- | M] () [File - Purity Scan] [Alternate Data Streams] @Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:B3D74A13 @Alternate Data Stream - 180 bytes -> C:\ProgramData\Temp:1CE11B51 < End of report >

Bonjour Thanos Pour la création de moteur de recherche je tombe sur une fenêtre pour internet explorer 8 je n'ai pas comme sur ta photo le logo de VISTA / XP Que faire?

Bonjour, j'ai supprimé les entrées Iso sans succès. Cordialement

Bonsoir, Des anciennes archives ne s'ouvrent plus avec n'importe lequel des décompresseurs. Certaines autres qui ne sont pas des ISO s'ouvrent???????????????? Mystère Merci pour l'aide

Même avec Daemon ça ne fonctionne pas

Thanos, la commande ipconfig / flushdns même en mode administrateur n'affiche pas la commande dns affichée. Avec GMER après quelques minutes fin du scan et affichage GMER hasn't found any system modification. Le log est vide????? Merci

Bonjour Je n'arrive pas à ouvrir une archive ISO sous winrar - izarc ou 7 zip. On me dit qu'il n'y a pas d'archive ou que l'archive est endommagée ou format inconnu. Je suis sûr que l'archive est bonne. Comment y remédier Merci à vous

Désolé Thanos j'ai fait nouveau sujet au lieu de répondre voici mon log. Par contre, aucune fenêtre m'a indiqué que le dNS était vidé et j'ai toujours les lignes 17 et 18 Logfile of random's system information tool 1.07 (written by random/random) Run by patrick at 2010-06-16 07:48:24 Microsoft Windows 7 Édition Familiale Premium Service Pack 2 System drive C: has 400 GB (85%) free of 469 GB Total RAM: 6135 MB (72% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 07:48:45, on 16/06/2010 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files (x86)\Secunia\PSI\psi.exe C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\patrick\Desktop\RSIT.exe C:\Program Files (x86)\trend micro\patrick.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&a...d58k95qg9m3y349 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&a...d58k95qg9m3y349 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&a...d58k95qg9m3y349 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{2FB1AC85-CD02-47E7-B89F-8C6DCDDF1F82}: NameServer = 91.188.60.223,8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\..\{9709A052-9166-4307-8A65-8207AB2E70D9}: NameServer = 91.188.60.223,8.8.8.8 O17 - HKLM\System\CS1\Services\Tcpip\..\{2FB1AC85-CD02-47E7-B89F-8C6DCDDF1F82}: NameServer = 91.188.60.223,8.8.8.8 O17 - HKLM\System\CS2\Services\Tcpip\..\{2FB1AC85-CD02-47E7-B89F-8C6DCDDF1F82}: NameServer = 91.188.60.223,8.8.8.8 O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file) O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file) O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files (x86)\a-squared Free\a2service.exe O23 - Service: Service Scheduler2 Acronis (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Service d'état ASP.NET (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SAS Core Service (SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: @C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\uxtuneup.dll,-4096 (UxTuneUp) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe -- End of file - 25020 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Ad-Aware Update (Weekly).job C:\Windows\tasks\GlaryInitialize.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~2\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-06-05 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] Locked [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2007-03-20 36864] "BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2009-08-12 261888] "Hotkey Utility"=C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [2009-08-18 629280] "EgisTecLiveUpdate"=C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04 199464] "avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-05-06 2815192] "TrueImageMonitor.exe"=C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2009-09-12 5081912] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2010-05-18 2942976] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SASCORE] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SASCORE] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"= "NoActiveDesktopChanges"= "ForceActiveDesktopOn"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2010-06-15 12:35:30 ----A---- C:\Windows\ntbtlog.txt 2010-06-14 11:47:14 ----D---- C:\Program Files (x86)\WinRAR 2010-06-13 21:10:16 ----D---- C:\Program Files (x86)\7-Zip 2010-06-12 22:29:03 ----D---- C:\Program Files (x86)\JRE 2010-06-12 07:50:12 ----D---- C:\_OTM 2010-06-12 07:37:20 ----D---- C:\Windows\Minidump 2010-06-10 15:23:50 ----A---- C:\Windows\SysWOW64\mshtml.dll 2010-06-10 15:23:49 ----A---- C:\Windows\SysWOW64\ieframe.dll 2010-06-10 15:23:48 ----A---- C:\Windows\SysWOW64\wininet.dll 2010-06-10 15:23:48 ----A---- C:\Windows\SysWOW64\urlmon.dll 2010-06-10 15:23:48 ----A---- C:\Windows\SysWOW64\mstime.dll 2010-06-10 15:23:48 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll 2010-06-10 15:23:48 ----A---- C:\Windows\SysWOW64\iedkcs32.dll 2010-06-10 15:23:47 ----A---- C:\Windows\SysWOW64\jsproxy.dll 2010-06-10 11:05:50 ----A---- C:\Windows\SysWOW64\asycfilt.dll 2010-06-10 09:43:20 ----A---- C:\Windows\SysWOW64\atmlib.dll 2010-06-10 09:43:20 ----A---- C:\Windows\SysWOW64\atmfd.dll 2010-06-08 21:10:25 ----D---- C:\Windows\SysWOW64\Wat 2010-06-08 12:26:42 ----D---- C:\rsit 2010-06-08 12:26:42 ----D---- C:\Program Files (x86)\trend micro 2010-06-05 16:00:16 ----D---- C:\Program Files (x86)\THQ 2010-06-05 14:24:08 ----D---- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} 2010-06-05 14:24:08 ----D---- C:\Program Files (x86)\iTunes 2010-06-05 14:23:29 ----D---- C:\Program Files (x86)\Apple Software Update 2010-06-05 14:23:03 ----D---- C:\Program Files (x86)\Bonjour 2010-06-05 13:09:00 ----D---- C:\Program Files (x86)\QuickTime 2010-06-05 12:05:53 ----D---- C:\ProgramData\Sun 2010-06-05 12:05:53 ----D---- C:\Program Files (x86)\Common Files\Java 2010-06-05 12:05:40 ----A---- C:\Windows\SysWOW64\javaws.exe 2010-06-05 12:05:40 ----A---- C:\Windows\SysWOW64\javaw.exe 2010-06-05 12:05:40 ----A---- C:\Windows\SysWOW64\java.exe 2010-06-05 12:05:40 ----A---- C:\Windows\SysWOW64\deployJava1.dll 2010-06-05 11:56:06 ----D---- C:\Users\patrick\AppData\Roaming\SUPERAntiSpyware.com 2010-06-05 11:56:06 ----D---- C:\ProgramData\SUPERAntiSpyware.com 2010-06-05 11:56:05 ----D---- C:\ProgramData\SASCORE 2010-06-05 11:48:10 ----D---- C:\Program Files (x86)\Secunia 2010-06-05 11:04:23 ----D---- C:\Program Files (x86)\Tetris 5000 2010-06-04 21:33:15 ----D---- C:\Program Files (x86)\Steam 2010-06-04 18:20:57 ----D---- C:\ProgramData\NortonInstaller 2010-06-04 18:09:20 ----D---- C:\ProgramData\Norton 2010-06-02 12:39:46 ----D---- C:\Program Files (x86)\DreamCatcher 2010-06-02 10:56:43 ----A---- C:\Windows\unvise32.exe 2010-06-02 10:56:00 ----D---- C:\Program Files (x86)\Pure Pinball 2.0 REDUX 2010-06-02 10:50:19 ----A---- C:\Windows\SysWOW64\PerfStringBackup.INI 2010-06-02 10:50:06 ----D---- C:\Windows\SysWOW64\URTTEMP 2010-06-02 10:45:08 ----RHD---- C:\Users\patrick\AppData\Roaming\SecuROM 2010-06-02 10:42:10 ----A---- C:\Windows\SysWOW64\PnkBstrB.exe 2010-06-02 10:42:07 ----A---- C:\Windows\SysWOW64\PnkBstrA.exe 2010-06-02 10:42:07 ----A---- C:\Windows\SysWOW64\pbsvc.exe 2010-06-01 20:25:34 ----D---- C:\Users\patrick\AppData\Roaming\LockHunter 2010-05-26 17:23:00 ----A---- C:\Windows\SysWOW64\CmdLineExt_x64.dll 2010-05-26 14:52:49 ----A---- C:\Windows\SysWOW64\tzres.dll 2010-05-24 15:12:10 ----D---- C:\RDesc 2010-05-20 17:27:16 ----D---- C:\Downloads 2010-05-20 17:08:49 ----A---- C:\Windows\MegaManager.INI ======List of files/folders modified in the last 1 months====== 2010-06-16 07:48:43 ----D---- C:\Windows\Prefetch 2010-06-16 07:48:33 ----D---- C:\Windows\Temp 2010-06-16 07:39:41 ----D---- C:\Windows\System32 2010-06-16 07:39:41 ----D---- C:\Windows\inf 2010-06-16 07:38:54 ----D---- C:\Windows\SysWOW64\drivers 2010-06-16 07:38:54 ----D---- C:\Windows\SysWOW64 2010-06-16 06:58:54 ----RD---- C:\Program Files (x86) 2010-06-16 06:19:43 ----D---- C:\Windows\tracing 2010-06-15 12:43:16 ----D---- C:\Windows\Tasks 2010-06-15 12:35:30 ----D---- C:\Windows 2010-06-15 07:51:03 ----D---- C:\Users\patrick\AppData\Roaming\vlc 2010-06-15 07:50:16 ----D---- C:\Users\patrick\AppData\Roaming\dvdcss 2010-06-15 04:54:52 ----SHD---- C:\Windows\Installer 2010-06-15 02:23:40 ----SHD---- C:\System Volume Information 2010-06-14 11:02:35 ----D---- C:\Program Files (x86)\Glary Utilities 2010-06-13 08:50:53 ----D---- C:\Windows\debug 2010-06-13 08:50:08 ----D---- C:\Program Files (x86)\CCleaner 2010-06-12 22:37:52 ----D---- C:\Program Files (x86)\Adobe 2010-06-12 22:37:51 ----D---- C:\Program Files (x86)\Common Files\Adobe AIR 2010-06-12 22:29:28 ----D---- C:\Program Files (x86)\OpenOffice.org 3 2010-06-12 22:29:18 ----RSD---- C:\Windows\assembly 2010-06-12 22:29:06 ----RSD---- C:\Windows\Fonts 2010-06-12 22:28:07 ----D---- C:\Windows\winsxs 2010-06-11 03:28:51 ----D---- C:\Windows\Microsoft.NET 2010-06-11 03:18:29 ----D---- C:\Windows\SysWOW64\migration 2010-06-11 03:18:29 ----D---- C:\Program Files (x86)\Internet Explorer 2010-06-11 03:01:57 ----D---- C:\ProgramData\Microsoft Help 2010-06-08 19:40:21 ----HD---- C:\Program Files (x86)\InstallShield Installation Information 2010-06-08 19:38:37 ----D---- C:\Program Files (x86)\Google 2010-06-08 19:37:00 ----D---- C:\ProgramData\Google 2010-06-07 19:17:04 ----D---- C:\Program Files (x86)\Mozilla Firefox 2010-06-05 23:13:16 ----D---- C:\Users\patrick\AppData\Roaming\Apple Computer 2010-06-05 23:12:46 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2010-06-05 14:25:15 ----D---- C:\Program Files (x86)\Mozilla Thunderbird 2010-06-05 14:24:08 ----RD---- C:\Program Files 2010-06-05 14:24:08 ----HD---- C:\ProgramData 2010-06-05 14:24:08 ----D---- C:\Program Files (x86)\Common Files\Apple 2010-06-05 13:27:45 ----D---- C:\ProgramData\Adobe 2010-06-05 13:27:45 ----D---- C:\Program Files (x86)\Common Files\Adobe 2010-06-05 13:26:44 ----D---- C:\Users\patrick\AppData\Roaming\Adobe 2010-06-05 12:05:53 ----D---- C:\Program Files (x86)\Common Files 2010-06-05 09:07:19 ----D---- C:\Windows\registration 2010-06-05 09:07:14 ----D---- C:\Windows\AppCompat 2010-06-04 16:46:39 ----D---- C:\ProgramData\Spybot - Search & Destroy 2010-06-04 16:35:17 ----SD---- C:\ProgramData\Microsoft 2010-06-04 13:07:45 ----D---- C:\Users\patrick\AppData\Roaming\Macromedia 2010-06-01 17:20:25 ----D---- C:\Users\patrick\AppData\Roaming\PowerCinema 2010-05-31 20:56:19 ----SD---- C:\Users\patrick\AppData\Roaming\Microsoft 2010-05-28 15:05:04 ----D---- C:\Windows\LiveKernelReports 2010-05-27 10:29:01 ----D---- C:\Windows\rescache 2010-05-26 23:29:20 ----D---- C:\Windows\SysWOW64\fr-FR 2010-05-26 14:52:04 ----AD---- C:\ProgramData\Temp 2010-05-21 21:17:07 ----D---- C:\Program Files (x86)\TuneUp Utilities 2010 2010-05-21 10:42:57 ----D---- C:\Program Files (x86)\Mah Jong Adventures 2010-05-21 08:43:08 ----D---- C:\Windows\Logs 2010-05-21 07:40:46 ----D---- C:\tempocapt ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 aswRdr;aswRdr; C:\Windows\SysWOW64\drivers\aswRdr.sys [] R1 aswSP;aswSP; C:\Windows\SysWOW64\drivers\aswSP.sys [] R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys [] R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\Windows\System32\drivers\discache.sys [] R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [] R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [] R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [] R1 RDPREFMP;@%systemroot%\system32\drivers\RdpRefMp.sys,-101; C:\Windows\system32\drivers\rdprefmp.sys [] R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920] R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360] R1 SCDEmu;SCDEmu; C:\Windows\SysWOW64\drivers\SCDEmu.sys [] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [] R1 WfpLwf;WFP Lightweight Filter; C:\Windows\system32\DRIVERS\wfplwf.sys [] R2 aswFsBlk;aswFsBlk; C:\Windows\SysWOW64\drivers\aswFsBlk.sys [] R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [] R3 1394ohci;Contrôleur d’hôte compatible OHCI 1394; C:\Windows\system32\DRIVERS\1394ohci.sys [] R3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [] R3 CompositeBus;Composite Bus Enumerator Driver; C:\Windows\system32\DRIVERS\CompositeBus.sys [] R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K; C:\Windows\system32\DRIVERS\e1k62x64.sys [] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [] R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys [] R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [] R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [] R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [] R3 RasAgileVpn;WAN Miniport (IKEv2); C:\Windows\system32\DRIVERS\AgileVpn.sys [] R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [2009-10-14 11856] R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [] R3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [] R3 vwifibus;Pilote de bus WiFi virtuel; C:\Windows\system32\DRIVERS\vwifibus.sys [] R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [] R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [] R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [] S3 AcpiPmi;ACPI Power Meter Driver; C:\Windows\system32\DRIVERS\acpipmi.sys [] S3 AmdPPM;AMD Processor Driver; C:\Windows\system32\DRIVERS\amdppm.sys [] S3 amdsata;amdsata; C:\Windows\system32\DRIVERS\amdsata.sys [] S3 amdsbs;amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys [] S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\Windows\system32\drivers\appid.sys [] S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [] S3 b06bdrv;Broadcom NetXtreme II VBD; C:\Windows\system32\DRIVERS\bxvbda.sys [] S3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60a.sys [] S3 BTHPORT;Pilote de port Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [] S3 BTHUSB;Pilote USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [] S3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [] S3 drmkaud;Microsoft Trusted Audio Drivers; C:\Windows\system32\drivers\drmkaud.sys [] S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD; C:\Windows\system32\DRIVERS\evbda.sys [] S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\DRIVERS\errdev.sys [] S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\Windows\System32\drivers\FsDepends.sys [] S3 hcw85cir;Hauppauge Consumer Infrared Receiver; C:\Windows\system32\drivers\hcw85cir.sys [] S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [] S3 HidBatt;HID UPS Battery Driver; C:\Windows\system32\DRIVERS\HidBatt.sys [] S3 HpSAMD;HpSAMD; C:\Windows\system32\DRIVERS\HpSAMD.sys [] S3 LSI_SAS2;LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys [] S3 MegaSR;MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys [] S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\Windows\System32\drivers\mshidkmdf.sys [] S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [] S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [] S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [] S3 MTConfig;Microsoft Input Configuration Driver; C:\Windows\system32\DRIVERS\MTConfig.sys [] S3 NdisCap;NDIS Capture LightWeight Filter; C:\Windows\system32\DRIVERS\ndiscap.sys [] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [] S3 pfc;Padus ASPI Shell; C:\Windows\system32\drivers\pfc.sys [2003-09-19 21248] S3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf.sys [] S3 rdpbus;Remote Desktop Device Redirector Bus Driver; C:\Windows\system32\DRIVERS\rdpbus.sys [] S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\Windows\System32\DRIVERS\scfilter.sys [] S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [] S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [] S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [] S3 stexstor;stexstor; C:\Windows\system32\DRIVERS\stexstor.sys [] S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2009-04-07 16392] S3 UmPass;Microsoft UMPass Driver; C:\Windows\system32\DRIVERS\umpass.sys [] S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [] S3 vhdmp;vhdmp; C:\Windows\system32\DRIVERS\vhdmp.sys [] S3 WIMMount;WIMMount; C:\Windows\system32\drivers\wimmount.sys [2009-07-14 19008] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 a2free;a-squared Free Service; C:\Program Files (x86)\a-squared Free\a2service.exe [2010-04-15 1872320] R2 AcrSch2Svc;Service Scheduler2 Acronis; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2009-09-12 892072] R2 afcdpsrv;Acronis Nonstop Backup service; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2010-03-12 2326920] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-04-16 144672] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384] R2 Bonjour Service;Service Bonjour; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-04-08 345376] R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496] R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-06-06 1352320] R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-08-13 62208] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [] R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-06-02 66872] R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992] R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\Windows\system32\svchost.exe [2009-07-14 20992] R2 SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2010-04-28 120832] R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [2010-05-07 1403208] R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160] R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384] R3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992] R3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992] R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592] S2 gupdate;Service Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-03-13 135664] S2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\Windows\system32\sppsvc.exe [] S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 aspnet_state;Service d'état ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [] S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-06-10 89920] S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\Windows\System32\lsass.exe [] S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [] S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2010-04-28 660256] S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-10 305448] S3 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-08-25 935208] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2009-07-14 20992] S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 sppuinotify;@%SystemRoot%\system32\sppuinotify.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 TuneUp.Defrag;@C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-05-21 607048] S3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\Windows\system32\lsass.exe [] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [] S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [] S3 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 WwanSvc;@%SystemRoot%\System32\wwansvc.dll,-257; C:\Windows\system32\svchost.exe [2009-07-14 20992] S4 TeamViewer5;TeamViewer 5; C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe -service [] -----------------EOF-----------------

Je transmets le nouveau Log RSIT mais les lignes de commande 17 et 18 que j'ai cliquées dans hijackthis sont toujours présentes????? Merci pour l'analyse Thanos Logfile of random's system information tool 1.07 (written by random/random) Run by patrick at 2010-06-12 12:34:28 Microsoft Windows 7 Édition Familiale Premium Service Pack 2 System drive C: has 400 GB (85%) free of 469 GB Total RAM: 6135 MB (72% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:35:09, on 12/06/2010 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files (x86)\Secunia\PSI\psi.exe C:\Users\patrick\Desktop\RSIT.exe C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files (x86)\trend micro\patrick.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&a...d58k95qg9m3y349 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&a...d58k95qg9m3y349 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&a...d58k95qg9m3y349 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{2FB1AC85-CD02-47E7-B89F-8C6DCDDF1F82}: NameServer = 91.188.60.223,8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\..\{9709A052-9166-4307-8A65-8207AB2E70D9}: NameServer = 91.188.60.223,8.8.8.8 O17 - HKLM\System\CS1\Services\Tcpip\..\{2FB1AC85-CD02-47E7-B89F-8C6DCDDF1F82}: NameServer = 91.188.60.223,8.8.8.8 O17 - HKLM\System\CS2\Services\Tcpip\..\{2FB1AC85-CD02-47E7-B89F-8C6DCDDF1F82}: NameServer = 91.188.60.223,8.8.8.8 O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file) O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file) O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files (x86)\a-squared Free\a2service.exe O23 - Service: Service Scheduler2 Acronis (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Service d'état ASP.NET (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SAS Core Service (SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: @C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\uxtuneup.dll,-4096 (UxTuneUp) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe -- End of file - 24968 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Ad-Aware Update (Weekly).job C:\Windows\tasks\GlaryInitialize.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~2\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-06-05 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] Locked [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2007-03-20 36864] "BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2009-08-12 261888] "Hotkey Utility"=C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [2009-08-18 629280] "EgisTecLiveUpdate"=C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04 199464] "avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-05-06 2815192] "TrueImageMonitor.exe"=C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2009-09-12 5081912] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2010-05-18 2942976] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SASCORE] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SASCORE] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"= "NoActiveDesktopChanges"= "ForceActiveDesktopOn"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2010-06-12 07:50:12 ----D---- C:\_OTM 2010-06-12 07:37:20 ----D---- C:\Windows\Minidump 2010-06-10 15:23:50 ----A---- C:\Windows\SysWOW64\mshtml.dll 2010-06-10 15:23:49 ----A---- C:\Windows\SysWOW64\ieframe.dll 2010-06-10 15:23:48 ----A---- C:\Windows\SysWOW64\wininet.dll 2010-06-10 15:23:48 ----A---- C:\Windows\SysWOW64\urlmon.dll 2010-06-10 15:23:48 ----A---- C:\Windows\SysWOW64\mstime.dll 2010-06-10 15:23:48 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll 2010-06-10 15:23:48 ----A---- C:\Windows\SysWOW64\iedkcs32.dll 2010-06-10 15:23:47 ----A---- C:\Windows\SysWOW64\jsproxy.dll 2010-06-10 11:05:50 ----A---- C:\Windows\SysWOW64\asycfilt.dll 2010-06-10 09:43:20 ----A---- C:\Windows\SysWOW64\atmlib.dll 2010-06-10 09:43:20 ----A---- C:\Windows\SysWOW64\atmfd.dll 2010-06-08 21:10:25 ----D---- C:\Windows\SysWOW64\Wat 2010-06-08 19:49:57 ----A---- C:\Windows\ntbtlog.txt 2010-06-08 12:26:42 ----D---- C:\rsit 2010-06-08 12:26:42 ----D---- C:\Program Files (x86)\trend micro 2010-06-05 16:00:16 ----D---- C:\Program Files (x86)\THQ 2010-06-05 14:24:08 ----D---- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} 2010-06-05 14:24:08 ----D---- C:\Program Files (x86)\iTunes 2010-06-05 14:23:29 ----D---- C:\Program Files (x86)\Apple Software Update 2010-06-05 14:23:03 ----D---- C:\Program Files (x86)\Bonjour 2010-06-05 13:09:00 ----D---- C:\Program Files (x86)\QuickTime 2010-06-05 12:05:53 ----D---- C:\ProgramData\Sun 2010-06-05 12:05:53 ----D---- C:\Program Files (x86)\Common Files\Java 2010-06-05 12:05:40 ----A---- C:\Windows\SysWOW64\javaws.exe 2010-06-05 12:05:40 ----A---- C:\Windows\SysWOW64\javaw.exe 2010-06-05 12:05:40 ----A---- C:\Windows\SysWOW64\java.exe 2010-06-05 12:05:40 ----A---- C:\Windows\SysWOW64\deployJava1.dll 2010-06-05 11:56:06 ----D---- C:\Users\patrick\AppData\Roaming\SUPERAntiSpyware.com 2010-06-05 11:56:06 ----D---- C:\ProgramData\SUPERAntiSpyware.com 2010-06-05 11:56:05 ----D---- C:\ProgramData\SASCORE 2010-06-05 11:48:10 ----D---- C:\Program Files (x86)\Secunia 2010-06-05 11:04:23 ----D---- C:\Program Files (x86)\Tetris 5000 2010-06-04 21:33:15 ----D---- C:\Program Files (x86)\Steam 2010-06-04 18:20:57 ----D---- C:\ProgramData\NortonInstaller 2010-06-04 18:09:20 ----D---- C:\ProgramData\Norton 2010-06-02 12:39:46 ----D---- C:\Program Files (x86)\DreamCatcher 2010-06-02 10:56:43 ----A---- C:\Windows\unvise32.exe 2010-06-02 10:56:00 ----D---- C:\Program Files (x86)\Pure Pinball 2.0 REDUX 2010-06-02 10:50:19 ----A---- C:\Windows\SysWOW64\PerfStringBackup.INI 2010-06-02 10:50:06 ----D---- C:\Windows\SysWOW64\URTTEMP 2010-06-02 10:45:08 ----RHD---- C:\Users\patrick\AppData\Roaming\SecuROM 2010-06-02 10:42:10 ----A---- C:\Windows\SysWOW64\PnkBstrB.exe 2010-06-02 10:42:07 ----A---- C:\Windows\SysWOW64\PnkBstrA.exe 2010-06-02 10:42:07 ----A---- C:\Windows\SysWOW64\pbsvc.exe 2010-06-01 20:25:34 ----D---- C:\Users\patrick\AppData\Roaming\LockHunter 2010-05-26 17:23:00 ----A---- C:\Windows\SysWOW64\CmdLineExt_x64.dll 2010-05-26 14:52:49 ----A---- C:\Windows\SysWOW64\tzres.dll 2010-05-24 15:12:10 ----D---- C:\RDesc 2010-05-20 17:27:16 ----D---- C:\Downloads 2010-05-20 17:08:49 ----A---- C:\Windows\MegaManager.INI ======List of files/folders modified in the last 1 months====== 2010-06-12 12:35:05 ----D---- C:\Windows\Prefetch 2010-06-12 12:34:58 ----D---- C:\Windows\Temp 2010-06-12 12:34:33 ----D---- C:\Windows\Tasks 2010-06-12 09:42:34 ----D---- C:\Windows\tracing 2010-06-12 09:07:11 ----D---- C:\Windows\System32 2010-06-12 09:07:11 ----D---- C:\Windows\inf 2010-06-12 09:05:59 ----D---- C:\Windows\SysWOW64\drivers 2010-06-12 09:05:59 ----D---- C:\Windows\SysWOW64 2010-06-12 07:37:20 ----D---- C:\Windows 2010-06-11 20:45:46 ----D---- C:\Users\patrick\AppData\Roaming\vlc 2010-06-11 20:45:30 ----D---- C:\Users\patrick\AppData\Roaming\dvdcss 2010-06-11 15:15:09 ----SHD---- C:\System Volume Information 2010-06-11 03:28:51 ----D---- C:\Windows\Microsoft.NET 2010-06-11 03:28:48 ----RSD---- C:\Windows\assembly 2010-06-11 03:20:13 ----D---- C:\Windows\winsxs 2010-06-11 03:18:29 ----D---- C:\Windows\SysWOW64\migration 2010-06-11 03:18:29 ----D---- C:\Program Files (x86)\Internet Explorer 2010-06-11 03:02:09 ----D---- C:\Windows\debug 2010-06-11 03:01:59 ----SHD---- C:\Windows\Installer 2010-06-11 03:01:57 ----D---- C:\ProgramData\Microsoft Help 2010-06-08 19:40:21 ----RD---- C:\Program Files (x86) 2010-06-08 19:40:21 ----HD---- C:\Program Files (x86)\InstallShield Installation Information 2010-06-08 19:38:37 ----D---- C:\Program Files (x86)\Google 2010-06-08 19:37:00 ----D---- C:\ProgramData\Google 2010-06-07 19:17:04 ----D---- C:\Program Files (x86)\Mozilla Firefox 2010-06-05 23:13:16 ----D---- C:\Users\patrick\AppData\Roaming\Apple Computer 2010-06-05 23:12:46 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2010-06-05 14:25:15 ----D---- C:\Program Files (x86)\Mozilla Thunderbird 2010-06-05 14:24:08 ----RD---- C:\Program Files 2010-06-05 14:24:08 ----HD---- C:\ProgramData 2010-06-05 14:24:08 ----D---- C:\Program Files (x86)\Common Files\Apple 2010-06-05 13:27:45 ----D---- C:\ProgramData\Adobe 2010-06-05 13:27:45 ----D---- C:\Program Files (x86)\Common Files\Adobe 2010-06-05 13:26:44 ----D---- C:\Users\patrick\AppData\Roaming\Adobe 2010-06-05 13:26:41 ----D---- C:\Program Files (x86)\Common Files\Adobe AIR 2010-06-05 13:07:22 ----D---- C:\Program Files (x86)\Adobe 2010-06-05 12:05:53 ----D---- C:\Program Files (x86)\Common Files 2010-06-05 09:07:21 ----D---- C:\Program Files (x86)\Glary Utilities 2010-06-05 09:07:19 ----D---- C:\Windows\registration 2010-06-05 09:07:14 ----D---- C:\Windows\AppCompat 2010-06-04 16:46:39 ----D---- C:\ProgramData\Spybot - Search & Destroy 2010-06-04 16:35:17 ----SD---- C:\ProgramData\Microsoft 2010-06-04 13:07:45 ----D---- C:\Users\patrick\AppData\Roaming\Macromedia 2010-06-01 17:20:25 ----D---- C:\Users\patrick\AppData\Roaming\PowerCinema 2010-05-31 20:56:19 ----SD---- C:\Users\patrick\AppData\Roaming\Microsoft 2010-05-28 15:05:04 ----D---- C:\Windows\LiveKernelReports 2010-05-27 10:29:01 ----D---- C:\Windows\rescache 2010-05-26 23:29:20 ----D---- C:\Windows\SysWOW64\fr-FR 2010-05-26 14:52:04 ----AD---- C:\ProgramData\Temp 2010-05-21 21:17:07 ----D---- C:\Program Files (x86)\TuneUp Utilities 2010 2010-05-21 10:42:57 ----D---- C:\Program Files (x86)\Mah Jong Adventures 2010-05-21 08:43:08 ----D---- C:\Windows\Logs 2010-05-21 07:40:46 ----D---- C:\tempocapt 2010-05-13 03:01:59 ----D---- C:\Program Files (x86)\Windows Mail ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 aswRdr;aswRdr; C:\Windows\SysWOW64\drivers\aswRdr.sys [] R1 aswSP;aswSP; C:\Windows\SysWOW64\drivers\aswSP.sys [] R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys [] R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\Windows\System32\drivers\discache.sys [] R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [] R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [] R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [] R1 RDPREFMP;@%systemroot%\system32\drivers\RdpRefMp.sys,-101; C:\Windows\system32\drivers\rdprefmp.sys [] R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920] R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360] R1 SCDEmu;SCDEmu; C:\Windows\SysWOW64\drivers\SCDEmu.sys [] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [] R1 WfpLwf;WFP Lightweight Filter; C:\Windows\system32\DRIVERS\wfplwf.sys [] R2 aswFsBlk;aswFsBlk; C:\Windows\SysWOW64\drivers\aswFsBlk.sys [] R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [] R3 1394ohci;Contrôleur d’hôte compatible OHCI 1394; C:\Windows\system32\DRIVERS\1394ohci.sys [] R3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [] R3 CompositeBus;Composite Bus Enumerator Driver; C:\Windows\system32\DRIVERS\CompositeBus.sys [] R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K; C:\Windows\system32\DRIVERS\e1k62x64.sys [] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [] R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys [] R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [] R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [] R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [] R3 RasAgileVpn;WAN Miniport (IKEv2); C:\Windows\system32\DRIVERS\AgileVpn.sys [] R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [2009-10-14 11856] R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [] R3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [] R3 vwifibus;Pilote de bus WiFi virtuel; C:\Windows\system32\DRIVERS\vwifibus.sys [] R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [] R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [] R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [] S3 AcpiPmi;ACPI Power Meter Driver; C:\Windows\system32\DRIVERS\acpipmi.sys [] S3 AmdPPM;AMD Processor Driver; C:\Windows\system32\DRIVERS\amdppm.sys [] S3 amdsata;amdsata; C:\Windows\system32\DRIVERS\amdsata.sys [] S3 amdsbs;amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys [] S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\Windows\system32\drivers\appid.sys [] S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [] S3 b06bdrv;Broadcom NetXtreme II VBD; C:\Windows\system32\DRIVERS\bxvbda.sys [] S3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60a.sys [] S3 BTHPORT;Pilote de port Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [] S3 BTHUSB;Pilote USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [] S3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [] S3 drmkaud;Microsoft Trusted Audio Drivers; C:\Windows\system32\drivers\drmkaud.sys [] S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD; C:\Windows\system32\DRIVERS\evbda.sys [] S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\DRIVERS\errdev.sys [] S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\Windows\System32\drivers\FsDepends.sys [] S3 hcw85cir;Hauppauge Consumer Infrared Receiver; C:\Windows\system32\drivers\hcw85cir.sys [] S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [] S3 HidBatt;HID UPS Battery Driver; C:\Windows\system32\DRIVERS\HidBatt.sys [] S3 HpSAMD;HpSAMD; C:\Windows\system32\DRIVERS\HpSAMD.sys [] S3 LSI_SAS2;LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys [] S3 MegaSR;MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys [] S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\Windows\System32\drivers\mshidkmdf.sys [] S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [] S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [] S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [] S3 MTConfig;Microsoft Input Configuration Driver; C:\Windows\system32\DRIVERS\MTConfig.sys [] S3 NdisCap;NDIS Capture LightWeight Filter; C:\Windows\system32\DRIVERS\ndiscap.sys [] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [] S3 pfc;Padus ASPI Shell; C:\Windows\system32\drivers\pfc.sys [2003-09-19 21248] S3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf.sys [] S3 rdpbus;Remote Desktop Device Redirector Bus Driver; C:\Windows\system32\DRIVERS\rdpbus.sys [] S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\Windows\System32\DRIVERS\scfilter.sys [] S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [] S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [] S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [] S3 stexstor;stexstor; C:\Windows\system32\DRIVERS\stexstor.sys [] S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2009-04-07 16392] S3 UmPass;Microsoft UMPass Driver; C:\Windows\system32\DRIVERS\umpass.sys [] S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [] S3 vhdmp;vhdmp; C:\Windows\system32\DRIVERS\vhdmp.sys [] S3 WIMMount;WIMMount; C:\Windows\system32\drivers\wimmount.sys [2009-07-14 19008] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 a2free;a-squared Free Service; C:\Program Files (x86)\a-squared Free\a2service.exe [2010-04-15 1872320] R2 AcrSch2Svc;Service Scheduler2 Acronis; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2009-09-12 892072] R2 afcdpsrv;Acronis Nonstop Backup service; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2010-03-12 2326920] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-04-16 144672] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384] R2 Bonjour Service;Service Bonjour; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-04-08 345376] R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496] R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-06-06 1352320] R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-08-13 62208] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [] R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-06-02 66872] R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992] R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\Windows\system32\svchost.exe [2009-07-14 20992] R2 SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2010-04-28 120832] R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [2010-05-07 1403208] R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160] R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384] R3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992] R3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992] S2 gupdate;Service Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-03-13 135664] S2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\Windows\system32\sppsvc.exe [] S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 aspnet_state;Service d'état ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [] S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-06-10 89920] S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\Windows\System32\lsass.exe [] S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [] S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2010-04-28 660256] S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-10 305448] S3 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-08-25 935208] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2009-07-14 20992] S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592] S3 sppuinotify;@%SystemRoot%\system32\sppuinotify.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 TuneUp.Defrag;@C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-05-21 607048] S3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\Windows\system32\lsass.exe [] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [] S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [] S3 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 WwanSvc;@%SystemRoot%\System32\wwansvc.dll,-257; C:\Windows\system32\svchost.exe [2009-07-14 20992] S4 TeamViewer5;TeamViewer 5; C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe -service [] -----------------EOF-----------------

Pour Thanos je ne sais pas si tu t'y arriveras à l'ouvrir http://www.files-save.com/fr/download-e369...5281c5000f.html

Bonjour Thanos Après trois tentatives je t'envoie le log de OTM En début d'après-midi, je t'enverrai le fichier OTM - peux tu me dire comment on envoie un message privé, je ne suis pas un pro des forums?? merci Bonne journée et encore merci pour ton aide précieuse Abra All processes killed Error: Unable to interpret <:first> in the current context! ========== FILES ========== File/Folder C:\Windows\system32\d3dlib.exe not found. ========== REGISTRY ========== Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DXlibrary not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33103 bytes ->Flash cache emptied: 41620 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: patrick ->Temp folder emptied: 1443417 bytes ->Temporary Internet Files folder emptied: 39303858 bytes ->Java cache emptied: 12124138 bytes ->FireFox cache emptied: 37427932 bytes ->Flash cache emptied: 42916 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 429401 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50607 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 87,00 mb OTM by OldTimer - Version 3.1.12.2 log created on 06122010_090016 Files moved on Reboot... C:\Users\patrick\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot. Registry entries deleted on Reboot...

Voilà le bon log Virustotal a-squared 5.0.0.26 2010.06.11 - AhnLab-V3 2010.06.11.00 2010.06.11 - AntiVir 8.2.2.6 2010.06.11 - Antiy-AVL 2.0.3.7 2010.06.11 - Authentium 5.2.0.5 2010.06.11 W32/Worm.AZHW Avast 4.8.1351.0 2010.06.11 - Avast5 5.0.332.0 2010.06.11 - AVG 9.0.0.787 2010.06.11 - BitDefender 7.2 2010.06.11 - CAT-QuickHeal 10.00 2010.06.11 - ClamAV 0.96.0.3-git 2010.06.11 - Comodo 5059 2010.06.11 Packed.Win32.Klone.~KC DrWeb 5.0.2.03300 2010.06.11 - eSafe 7.0.17.0 2010.06.10 - eTrust-Vet 36.1.7628 2010.06.11 - F-Prot 4.6.0.103 2010.06.11 W32/Worm.AZHW F-Secure 9.0.15370.0 2010.06.11 - Fortinet 4.1.133.0 2010.06.10 - GData 21 2010.06.11 - Ikarus T3.1.1.84.0 2010.06.11 - Jiangmin 13.0.900 2010.06.11 - Kaspersky 7.0.0.125 2010.06.11 - McAfee 5.400.0.1158 2010.06.11 - McAfee-GW-Edition 2010.1 2010.06.11 Heuristic.BehavesLike.Win32.PasswordStealer.H Microsoft 1.5802 2010.06.11 - NOD32 5189 2010.06.11 - Norman 6.04.12 2010.06.11 - nProtect 2010-06-11.01 2010.06.11 - Panda 10.0.2.7 2010.06.10 - PCTools 7.0.3.5 2010.06.11 - Prevx 3.0 2010.06.11 - Rising 22.51.04.04 2010.06.11 - Sophos 4.54.0 2010.06.11 - Sunbelt 6434 2010.06.11 - Symantec 20101.1.0.89 2010.06.11 - TheHacker 6.5.2.0.297 2010.06.11 - TrendMicro 9.120.0.1004 2010.06.11 - TrendMicro-HouseCall 9.120.0.1004 2010.06.11 - VBA32 3.12.12.5 2010.06.11 Trojan-Downloader.Autoit.gen ViRobot 2010.6.11.3881 2010.06.11 - VirusBuster 5.0.27.0 2010.06.11 - Information additionnelle File size: 494813 bytes MD5...: 781b1f02d9baa7e7f0f70226e3fe72a6 SHA1..: 14add186373846cd10d09bf5b77c9841e23bf9e9 SHA256: 4abcf2a36c5791a7f56a6299fcaadd6391c361ae24946885663d2233d2adfb05 ssdeep: 6144:7wJ8c24eMY8YtcFFWDVN1nJmrlLOQWeA9knyfkJKOqb/XbTzY:7jcxeMzYt cFERJmrbWeAynyfumjbI PEiD..: - PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x54d5d timedatestamp.....: 0x482d38ba (Fri May 16 07:33:14 2008) machinetype.......: 0x14c (I386) ( 4 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x65f77 0x66000 6.69 6959f52695d2cb18a828d77441758bbd .rdata 0x67000 0xe534 0xe600 5.02 ab49e666881dbe6e9d1fe6986c755f00 .data 0x76000 0x16ad8 0x2a00 3.89 3fece893ddc33aedc5ae3e6d7cac9d66 .rsrc 0x8d000 0x3fb 0x400 5.19 c910203b0dc2714f601ff497b5b81c89 ( 13 imports ) > WSOCK32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, - > VERSION.dll: GetFileVersionInfoSizeW, GetFileVersionInfoW, VerQueryValueW > WINMM.dll: waveOutSetVolume, mciSendStringW, timeGetTime > COMCTL32.dll: ImageList_DragMove, ImageList_EndDrag, ImageList_DragLeave, ImageList_DragEnter, ImageList_BeginDrag, ImageList_SetDragCursorImage, ImageList_Destroy, ImageList_ReplaceIcon, ImageList_Create, InitCommonControlsEx, ImageList_Remove > MPR.dll: WNetUseConnectionW, WNetGetConnectionW, WNetAddConnection2W, WNetCancelConnection2W > KERNEL32.dll: UnmapViewOfFile, OpenProcess, CreateFileMappingW, MapViewOfFile, WriteProcessMemory, ReadProcessMemory, CreateFileW, ReadFile, SetFilePointer, SetFileTime, FindResourceW, LoadResource, GetFileAttributesW, LockResource, FindFirstFileW, SizeofResource, FindClose, EnumResourceNamesW, DeleteFileW, FindNextFileW, lstrcmpiW, MoveFileW, OutputDebugStringW, CopyFileW, CreateDirectoryW, RemoveDirectoryW, TerminateProcess, SetSystemPowerState, GetLocalTime, MultiByteToWideChar, WideCharToMultiByte, CompareStringW, InterlockedIncrement, InterlockedDecrement, WriteFile, CreatePipe, GetStdHandle, InterlockedExchange, EnterCriticalSection, TerminateThread, LeaveCriticalSection, DeleteCriticalSection, GetTempPathW, GetTempFileNameW, VirtualFree, FormatMessageW, GetExitCodeProcess, GetDriveTypeW, QueryPerformanceFrequency, GetVolumeInformationW, SetVolumeLabelW, DeviceIoControl, SetErrorMode, GetPrivateProfileStringW, WritePrivateProfileStringW, GetPrivateProfileSectionW, SetFileAttributesW, WritePrivateProfileSectionW, GetShortPathNameW, GetPrivateProfileSectionNamesW, FileTimeToLocalFileTime, FileTimeToSystemTime, SystemTimeToFileTime, LocalFileTimeToFileTime, GetEnvironmentVariableW, GetFileSize, SetEnvironmentVariableW, GlobalFree, GlobalLock, GlobalUnlock, GlobalAlloc, SetProcessWorkingSetSize, GlobalMemoryStatus, Beep, GetComputerNameW, GetWindowsDirectoryW, GetSystemDirectoryW, GetCurrentProcessId, GetCurrentThread, CreateProcessW, SetPriorityClass, VirtualAlloc, LoadLibraryExW, GetModuleHandleA, GetCPInfo, GetACP, GetOEMCP, IsValidCodePage, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, SetLastError, UnhandledExceptionFilter, SetUnhandledExceptionFilter, RaiseException, GetModuleFileNameA, HeapSize, HeapReAlloc, HeapDestroy, HeapCreate, RtlUnwind, QueryPerformanceCounter, GetModuleHandleW, GetSystemInfo, GetVersionExW, GetCurrentThreadId, Sleep, WaitForSingleObject, CreateThread, DuplicateHandle, GetLastError, HeapAlloc, GetProcessHeap, HeapFree, CloseHandle, GetCurrentProcess, LoadLibraryA, GetModuleFileNameW, GetFullPathNameW, SetCurrentDirectoryW, GetConsoleCP, GetConsoleMode, SetHandleCount, GetCurrentDirectoryW, FreeLibrary, InitializeCriticalSection, GetProcAddress, LoadLibraryW, GetStartupInfoW, GetVersionExA, ExitProcess, ExitThread, GetSystemTimeAsFileTime, GetFileType, GetStartupInfoA, SetStdHandle, ResumeThread, FlushFileBuffers, LCMapStringA, LCMapStringW, GetTimeZoneInformation, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, GetCommandLineA, GetCommandLineW, GetTickCount, GetStringTypeA, GetStringTypeW, GetLocaleInfoA, WriteConsoleA, GetConsoleOutputCP, WriteConsoleW, CreateFileA, SetEndOfFile, CompareStringA, GetDiskFreeSpaceW, SetEnvironmentVariableA > USER32.dll: SetWindowLongW, FlashWindow, GetActiveWindow, InflateRect, CharNextW, DrawFocusRect, wsprintfW, DrawTextW, RedrawWindow, FrameRect, DrawFrameControl, FillRect, DrawMenuBar, PtInRect, DestroyMenu, SetMenu, DestroyAcceleratorTable, CreateAcceleratorTableW, GetWindowTextLengthW, SetCursor, GetWindowDC, TranslateAcceleratorW, GetSystemMetrics, IsDialogMessageW, CreateMenu, IsDlgButtonChecked, GetSysColor, DefDlgProcW, ReleaseCapture, SetCapture, SetActiveWindow, FindWindowExW, EnumThreadWindows, LoadImageW, CreateIconFromResourceEx, mouse_event, SetMenuDefaultItem, InsertMenuItemW, IsMenu, TrackPopupMenuEx, GetCursorPos, DeleteMenu, CheckMenuRadioItem, GetMenuItemID, GetMenuItemCount, IsZoomed, GetMenuItemInfoW, SetForegroundWindow, IsIconic, FindWindowW, SystemParametersInfoW, GetAsyncKeyState, SetKeyboardState, GetKeyboardState, GetKeyState, DispatchMessageW, GetDC, GetKeyboardLayoutNameA, LoadStringW, DialogBoxParamW, MessageBeep, EndDialog, SendDlgItemMessageW, GetDlgItem, SetWindowTextW, DestroyWindow, GetMenu, GetClientRect, CopyRect, EndPaint, BeginPaint, EnumWindows, GetDesktopWindow, IsWindow, IsWindowEnabled, IsWindowVisible, EnableWindow, InvalidateRect, GetWindowLongW, GetWindowThreadProcessId, AttachThreadInput, SendMessageTimeoutW, GetFocus, GetWindowTextW, ScreenToClient, EnumChildWindows, CharUpperBuffW, GetClassNameW, GetParent, GetDlgCtrlID, SendMessageW, MapVirtualKeyW, GetCaretPos, GetSubMenu, GetMenuStringW, IsCharUpperW, IsCharLowerW, IsCharAlphaNumericW, IsCharAlphaW, GetKeyboardLayoutNameW, ClientToScreen, RegisterHotKey, ReleaseDC, SetMenuItemInfoW, GetCursor, PostMessageW, GetWindowRect, MessageBoxW, GetForegroundWindow, DefWindowProcW, MoveWindow, SetFocus, PostQuitMessage, KillTimer, CreatePopupMenu, MessageBoxA, RegisterWindowMessageW, DestroyIcon, SetTimer, ShowWindow, CreateWindowExW, RegisterClassExW, LoadIconW, LoadCursorW, GetSysColorBrush, TranslateMessage, PeekMessageW, WindowFromPoint, SetClipboardData, EmptyClipboard, CountClipboardFormats, SetWindowPos, CopyImage, CloseClipboard, GetClipboardData, IsClipboardFormatAvailable, OpenClipboard, AdjustWindowRectEx, SetRect, CharLowerBuffW, GetMessageW, VkKeyScanA, LockWindowUpdate, UnregisterHotKey, keybd_event, ExitWindowsEx, CharUpperW > GDI32.dll: LineTo, AngleArc, MoveToEx, Ellipse, PolyDraw, BeginPath, SetTextColor, GetObjectW, SetBkMode, RoundRect, SetBkColor, CloseFigure, SetPixel, EndPath, StrokePath, StrokeAndFillPath, ExtCreatePen, PolyBezierTo, SetViewportOrgEx, Rectangle, CreatePen, CreateSolidBrush, CreateCompatibleBitmap, GetPixel, DeleteDC, GetDIBits, BitBlt, SelectObject, CreateDIBSection, CreateCompatibleDC, CreateFontW, GetDeviceCaps, GetTextFaceW, GetStockObject, CreateDCW, GetTextExtentPoint32W, DeleteObject > comdlg32.dll: GetSaveFileNameW, GetOpenFileNameW > ADVAPI32.dll: RegEnumValueW, RegDeleteValueW, RegDeleteKeyW, RegSetValueExW, RegCreateKeyExW, GetUserNameW, RegConnectRegistryW, RegEnumKeyExW, AdjustTokenPrivileges, LookupPrivilegeValueW, OpenProcessToken, CloseServiceHandle, UnlockServiceDatabase, LockServiceDatabase, OpenSCManagerW, RegCloseKey, RegQueryValueExW, RegOpenKeyExW > SHELL32.dll: DragQueryPoint, ShellExecuteExW, DragQueryFileW, SHBrowseForFolderW, SHFileOperationW, SHGetPathFromIDListW, SHGetDesktopFolder, SHGetMalloc, ExtractIconExW, Shell_NotifyIconW, ShellExecuteW, DragFinish > ole32.dll: OleSetMenuDescriptor, MkParseDisplayName, OleSetContainedObject, CoInitialize, CoUninitialize, CoCreateInstance, CreateStreamOnHGlobal, CoTaskMemAlloc, CoTaskMemFree, IIDFromString, StringFromIID, CLSIDFromString, OleInitialize, CreateBindCtx, CLSIDFromProgID, CoInitializeSecurity, CoCreateInstanceEx, CoSetProxyBlanket, StringFromCLSID, OleUninitialize > OLEAUT32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, - ( 0 exports ) RDS...: NSRL Reference Data Set - pdfid.: - sigcheck: publisher....: n/a copyright....: n/a product......: n/a description..: n/a original name: n/a internal name: n/a file version.: n/a comments.....: n/a signers......: - signing date.: - verified.....: Unsigned trid..: Windows Screen Saver (39.4%) Win32 Executable Generic (25.6%) Win32 Dynamic Link Library (generic) (22.8%) Generic Win/DOS Executable (6.0%) DOS Executable Generic (6.0%)

Thanos, je t'envoie le log virustotal. Il tourne encore depuis 5 heures est-ce normal? AVG 9.0.0.787 2010.06.10 - ClamAV 0.96.0.3-git 2010.06.11 - DrWeb 5.0.2.03300 2010.06.11 - eSafe 7.0.17.0 2010.06.10 - F-Secure 9.0.15370.0 2010.06.11 - Fortinet 4.1.133.0 2010.06.10 - GData 21 2010.06.11 - McAfee-GW-Edition 2010.1 2010.06.10 Heuristic.BehavesLike.Win32.PasswordStealer.H Microsoft 1.5802 2010.06.10 - Norman 6.04.12 2010.06.10 - nProtect 2010-06-10.01 2010.06.10 - PCTools 7.0.3.5 2010.06.11 - Sophos 4.54.0 2010.06.11 - Sunbelt 6433 2010.06.11 - TheHacker 6.5.2.0.297 2010.06.11 - VBA32 3.12.12.5 2010.06.10 Trojan-Downloader.Autoit.gen Information additionnelle File size: 494813 bytes MD5...: 781b1f02d9baa7e7f0f70226e3fe72a6 SHA1..: 14add186373846cd10d09bf5b77c9841e23bf9e9 SHA256: 4abcf2a36c5791a7f56a6299fcaadd6391c361ae24946885663d2233d2adfb05 ssdeep: 6144:7wJ8c24eMY8YtcFFWDVN1nJmrlLOQWeA9knyfkJKOqb/XbTzY:7jcxeMzYt cFERJmrbWeAynyfumjbI PEiD..: - PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x54d5d timedatestamp.....: 0x482d38ba (Fri May 16 07:33:14 2008) machinetype.......: 0x14c (I386) ( 4 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x65f77 0x66000 6.69 6959f52695d2cb18a828d77441758bbd .rdata 0x67000 0xe534 0xe600 5.02 ab49e666881dbe6e9d1fe6986c755f00 .data 0x76000 0x16ad8 0x2a00 3.89 3fece893ddc33aedc5ae3e6d7cac9d66 .rsrc 0x8d000 0x3fb 0x400 5.19 c910203b0dc2714f601ff497b5b81c89 ( 13 imports ) > WSOCK32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, - > VERSION.dll: GetFileVersionInfoSizeW, GetFileVersionInfoW, VerQueryValueW > WINMM.dll: waveOutSetVolume, mciSendStringW, timeGetTime > COMCTL32.dll: ImageList_DragMove, ImageList_EndDrag, ImageList_DragLeave, ImageList_DragEnter, ImageList_BeginDrag, ImageList_SetDragCursorImage, ImageList_Destroy, ImageList_ReplaceIcon, ImageList_Create, InitCommonControlsEx, ImageList_Remove > MPR.dll: WNetUseConnectionW, WNetGetConnectionW, WNetAddConnection2W, WNetCancelConnection2W > KERNEL32.dll: UnmapViewOfFile, OpenProcess, CreateFileMappingW, MapViewOfFile, WriteProcessMemory, ReadProcessMemory, CreateFileW, ReadFile, SetFilePointer, SetFileTime, FindResourceW, LoadResource, GetFileAttributesW, LockResource, FindFirstFileW, SizeofResource, FindClose, EnumResourceNamesW, DeleteFileW, FindNextFileW, lstrcmpiW, MoveFileW, OutputDebugStringW, CopyFileW, CreateDirectoryW, RemoveDirectoryW, TerminateProcess, SetSystemPowerState, GetLocalTime, MultiByteToWideChar, WideCharToMultiByte, CompareStringW, InterlockedIncrement, InterlockedDecrement, WriteFile, CreatePipe, GetStdHandle, InterlockedExchange, EnterCriticalSection, TerminateThread, LeaveCriticalSection, DeleteCriticalSection, GetTempPathW, GetTempFileNameW, VirtualFree, FormatMessageW, GetExitCodeProcess, GetDriveTypeW, QueryPerformanceFrequency, GetVolumeInformationW, SetVolumeLabelW, DeviceIoControl, SetErrorMode, GetPrivateProfileStringW, WritePrivateProfileStringW, GetPrivateProfileSectionW, SetFileAttributesW, WritePrivateProfileSectionW, GetShortPathNameW, GetPrivateProfileSectionNamesW, FileTimeToLocalFileTime, FileTimeToSystemTime, SystemTimeToFileTime, LocalFileTimeToFileTime, GetEnvironmentVariableW, GetFileSize, SetEnvironmentVariableW, GlobalFree, GlobalLock, GlobalUnlock, GlobalAlloc, SetProcessWorkingSetSize, GlobalMemoryStatus, Beep, GetComputerNameW, GetWindowsDirectoryW, GetSystemDirectoryW, GetCurrentProcessId, GetCurrentThread, CreateProcessW, SetPriorityClass, VirtualAlloc, LoadLibraryExW, GetModuleHandleA, GetCPInfo, GetACP, GetOEMCP, IsValidCodePage, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, SetLastError, UnhandledExceptionFilter, SetUnhandledExceptionFilter, RaiseException, GetModuleFileNameA, HeapSize, HeapReAlloc, HeapDestroy, HeapCreate, RtlUnwind, QueryPerformanceCounter, GetModuleHandleW, GetSystemInfo, GetVersionExW, GetCurrentThreadId, Sleep, WaitForSingleObject, CreateThread, DuplicateHandle, GetLastError, HeapAlloc, GetProcessHeap, HeapFree, CloseHandle, GetCurrentProcess, LoadLibraryA, GetModuleFileNameW, GetFullPathNameW, SetCurrentDirectoryW, GetConsoleCP, GetConsoleMode, SetHandleCount, GetCurrentDirectoryW, FreeLibrary, InitializeCriticalSection, GetProcAddress, LoadLibraryW, GetStartupInfoW, GetVersionExA, ExitProcess, ExitThread, GetSystemTimeAsFileTime, GetFileType, GetStartupInfoA, SetStdHandle, ResumeThread, FlushFileBuffers, LCMapStringA, LCMapStringW, GetTimeZoneInformation, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, GetCommandLineA, GetCommandLineW, GetTickCount, GetStringTypeA, GetStringTypeW, GetLocaleInfoA, WriteConsoleA, GetConsoleOutputCP, WriteConsoleW, CreateFileA, SetEndOfFile, CompareStringA, GetDiskFreeSpaceW, SetEnvironmentVariableA > USER32.dll: SetWindowLongW, FlashWindow, GetActiveWindow, InflateRect, CharNextW, DrawFocusRect, wsprintfW, DrawTextW, RedrawWindow, FrameRect, DrawFrameControl, FillRect, DrawMenuBar, PtInRect, DestroyMenu, SetMenu, DestroyAcceleratorTable, CreateAcceleratorTableW, GetWindowTextLengthW, SetCursor, GetWindowDC, TranslateAcceleratorW, GetSystemMetrics, IsDialogMessageW, CreateMenu, IsDlgButtonChecked, GetSysColor, DefDlgProcW, ReleaseCapture, SetCapture, SetActiveWindow, FindWindowExW, EnumThreadWindows, LoadImageW, CreateIconFromResourceEx, mouse_event, SetMenuDefaultItem, InsertMenuItemW, IsMenu, TrackPopupMenuEx, GetCursorPos, DeleteMenu, CheckMenuRadioItem, GetMenuItemID, GetMenuItemCount, IsZoomed, GetMenuItemInfoW, SetForegroundWindow, IsIconic, FindWindowW, SystemParametersInfoW, GetAsyncKeyState, SetKeyboardState, GetKeyboardState, GetKeyState, DispatchMessageW, GetDC, GetKeyboardLayoutNameA, LoadStringW, DialogBoxParamW, MessageBeep, EndDialog, SendDlgItemMessageW, GetDlgItem, SetWindowTextW, DestroyWindow, GetMenu, GetClientRect, CopyRect, EndPaint, BeginPaint, EnumWindows, GetDesktopWindow, IsWindow, IsWindowEnabled, IsWindowVisible, EnableWindow, InvalidateRect, GetWindowLongW, GetWindowThreadProcessId, AttachThreadInput, SendMessageTimeoutW, GetFocus, GetWindowTextW, ScreenToClient, EnumChildWindows, CharUpperBuffW, GetClassNameW, GetParent, GetDlgCtrlID, SendMessageW, MapVirtualKeyW, GetCaretPos, GetSubMenu, GetMenuStringW, IsCharUpperW, IsCharLowerW, IsCharAlphaNumericW, IsCharAlphaW, GetKeyboardLayoutNameW, ClientToScreen, RegisterHotKey, ReleaseDC, SetMenuItemInfoW, GetCursor, PostMessageW, GetWindowRect, MessageBoxW, GetForegroundWindow, DefWindowProcW, MoveWindow, SetFocus, PostQuitMessage, KillTimer, CreatePopupMenu, MessageBoxA, RegisterWindowMessageW, DestroyIcon, SetTimer, ShowWindow, CreateWindowExW, RegisterClassExW, LoadIconW, LoadCursorW, GetSysColorBrush, TranslateMessage, PeekMessageW, WindowFromPoint, SetClipboardData, EmptyClipboard, CountClipboardFormats, SetWindowPos, CopyImage, CloseClipboard, GetClipboardData, IsClipboardFormatAvailable, OpenClipboard, AdjustWindowRectEx, SetRect, CharLowerBuffW, GetMessageW, VkKeyScanA, LockWindowUpdate, UnregisterHotKey, keybd_event, ExitWindowsEx, CharUpperW > GDI32.dll: LineTo, AngleArc, MoveToEx, Ellipse, PolyDraw, BeginPath, SetTextColor, GetObjectW, SetBkMode, RoundRect, SetBkColor, CloseFigure, SetPixel, EndPath, StrokePath, StrokeAndFillPath, ExtCreatePen, PolyBezierTo, SetViewportOrgEx, Rectangle, CreatePen, CreateSolidBrush, CreateCompatibleBitmap, GetPixel, DeleteDC, GetDIBits, BitBlt, SelectObject, CreateDIBSection, CreateCompatibleDC, CreateFontW, GetDeviceCaps, GetTextFaceW, GetStockObject, CreateDCW, GetTextExtentPoint32W, DeleteObject > comdlg32.dll: GetSaveFileNameW, GetOpenFileNameW > ADVAPI32.dll: RegEnumValueW, RegDeleteValueW, RegDeleteKeyW, RegSetValueExW, RegCreateKeyExW, GetUserNameW, RegConnectRegistryW, RegEnumKeyExW, AdjustTokenPrivileges, LookupPrivilegeValueW, OpenProcessToken, CloseServiceHandle, UnlockServiceDatabase, LockServiceDatabase, OpenSCManagerW, RegCloseKey, RegQueryValueExW, RegOpenKeyExW > SHELL32.dll: DragQueryPoint, ShellExecuteExW, DragQueryFileW, SHBrowseForFolderW, SHFileOperationW, SHGetPathFromIDListW, SHGetDesktopFolder, SHGetMalloc, ExtractIconExW, Shell_NotifyIconW, ShellExecuteW, DragFinish > ole32.dll: OleSetMenuDescriptor, MkParseDisplayName, OleSetContainedObject, CoInitialize, CoUninitialize, CoCreateInstance, CreateStreamOnHGlobal, CoTaskMemAlloc, CoTaskMemFree, IIDFromString, StringFromIID, CLSIDFromString, OleInitialize, CreateBindCtx, CLSIDFromProgID, CoInitializeSecurity, CoCreateInstanceEx, CoSetProxyBlanket, StringFromCLSID, OleUninitialize > OLEAUT32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, - ( 0 exports ) RDS...: NSRL Reference Data Set - pdfid.: - trid..: Windows Screen Saver (39.4%) Win32 Executable Generic (25.6%) Win32 Dynamic Link Library (generic) (22.8%) Generic Win/DOS Executable (6.0%) DOS Executable Generic (6.0%)

Bonsoir Thanos Je ne trouve pas la ligne de commande windows system32 drivers discache.sys - Il n'y a rien de ressemblant Oui j'ai lancé fix checked et j'ai constaté aussi le maintien de ces deux lignes Bonne soirée

Bonjour Thanos Comme convenu j'ai effectué les deux opérations demandées. De façon aléatoire quand je quitte et que je relance mon navigateur j'obtiens ma page perso et dès fois non....... enfin mystère!!!!! Voici les deux logs Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 4185 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 10/06/2010 14:34:34 mbam-log-2010-06-10 (14-34-34).txt Type d'examen: Examen complet (C:\|D:\|) Elément(s) analysé(s): 253292 Temps écoulé: 24 minute(s), 54 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) Logfile of random's system information tool 1.07 (written by random/random) Run by patrick at 2010-06-10 14:38:39 Microsoft Windows 7 Édition Familiale Premium Service Pack 2 System drive C: has 399 GB (85%) free of 469 GB Total RAM: 6135 MB (63% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:39:04, on 10/06/2010 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files (x86)\Secunia\PSI\psi.exe C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe C:\Users\patrick\Desktop\RSIT.exe C:\Program Files (x86)\trend micro\patrick.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&a...d58k95qg9m3y349 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&a...d58k95qg9m3y349 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&a...d58k95qg9m3y349 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [DXlibrary] C:\Windows\system32\d3dlib.exe O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{2FB1AC85-CD02-47E7-B89F-8C6DCDDF1F82}: NameServer = 91.188.60.223,8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\..\{9709A052-9166-4307-8A65-8207AB2E70D9}: NameServer = 91.188.60.223,8.8.8.8 O17 - HKLM\System\CS1\Services\Tcpip\..\{2FB1AC85-CD02-47E7-B89F-8C6DCDDF1F82}: NameServer = 91.188.60.223,8.8.8.8 O17 - HKLM\System\CS2\Services\Tcpip\..\{2FB1AC85-CD02-47E7-B89F-8C6DCDDF1F82}: NameServer = 91.188.60.223,8.8.8.8 O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file) O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file) O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files (x86)\a-squared Free\a2service.exe O23 - Service: Service Scheduler2 Acronis (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Service d'état ASP.NET (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SAS Core Service (SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: @C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\uxtuneup.dll,-4096 (UxTuneUp) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe -- End of file - 25030 bytes ======Scheduled tasks folder====== C:\Windows\tasks\GlaryInitialize.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~2\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-06-05 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] Locked [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2007-03-20 36864] "BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2009-08-12 261888] "Hotkey Utility"=C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [2009-08-18 629280] "EgisTecLiveUpdate"=C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04 199464] "avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-05-06 2815192] "TrueImageMonitor.exe"=C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2009-09-12 5081912] "DXlibrary"=C:\Windows\system32\d3dlib.exe [2008-08-01 494813] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2010-05-18 2942976] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SASCORE] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SASCORE] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"= "NoActiveDesktopChanges"= "ForceActiveDesktopOn"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2010-06-08 21:10:25 ----D---- C:\Windows\SysWOW64\Wat 2010-06-08 19:49:57 ----A---- C:\Windows\ntbtlog.txt 2010-06-08 12:26:42 ----D---- C:\rsit 2010-06-08 12:26:42 ----D---- C:\Program Files (x86)\trend micro 2010-06-05 16:00:16 ----D---- C:\Program Files (x86)\THQ 2010-06-05 14:24:08 ----D---- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} 2010-06-05 14:24:08 ----D---- C:\Program Files (x86)\iTunes 2010-06-05 14:23:29 ----D---- C:\Program Files (x86)\Apple Software Update 2010-06-05 14:23:03 ----D---- C:\Program Files (x86)\Bonjour 2010-06-05 13:09:00 ----D---- C:\Program Files (x86)\QuickTime 2010-06-05 12:05:53 ----D---- C:\ProgramData\Sun 2010-06-05 12:05:53 ----D---- C:\Program Files (x86)\Common Files\Java 2010-06-05 12:05:40 ----A---- C:\Windows\SysWOW64\javaws.exe 2010-06-05 12:05:40 ----A---- C:\Windows\SysWOW64\javaw.exe 2010-06-05 12:05:40 ----A---- C:\Windows\SysWOW64\java.exe 2010-06-05 12:05:40 ----A---- C:\Windows\SysWOW64\deployJava1.dll 2010-06-05 11:56:06 ----D---- C:\Users\patrick\AppData\Roaming\SUPERAntiSpyware.com 2010-06-05 11:56:06 ----D---- C:\ProgramData\SUPERAntiSpyware.com 2010-06-05 11:56:05 ----D---- C:\ProgramData\SASCORE 2010-06-05 11:48:10 ----D---- C:\Program Files (x86)\Secunia 2010-06-05 11:04:23 ----D---- C:\Program Files (x86)\Tetris 5000 2010-06-04 21:33:15 ----D---- C:\Program Files (x86)\Steam 2010-06-04 18:20:57 ----D---- C:\ProgramData\NortonInstaller 2010-06-04 18:09:20 ----D---- C:\ProgramData\Norton 2010-06-02 12:39:46 ----D---- C:\Program Files (x86)\DreamCatcher 2010-06-02 10:56:43 ----A---- C:\Windows\unvise32.exe 2010-06-02 10:56:00 ----D---- C:\Program Files (x86)\Pure Pinball 2.0 REDUX 2010-06-02 10:50:19 ----A---- C:\Windows\SysWOW64\PerfStringBackup.INI 2010-06-02 10:50:06 ----D---- C:\Windows\SysWOW64\URTTEMP 2010-06-02 10:45:08 ----RHD---- C:\Users\patrick\AppData\Roaming\SecuROM 2010-06-02 10:42:10 ----A---- C:\Windows\SysWOW64\PnkBstrB.exe 2010-06-02 10:42:07 ----A---- C:\Windows\SysWOW64\PnkBstrA.exe 2010-06-02 10:42:07 ----A---- C:\Windows\SysWOW64\pbsvc.exe 2010-06-01 20:25:34 ----D---- C:\Users\patrick\AppData\Roaming\LockHunter 2010-05-26 17:23:00 ----A---- C:\Windows\SysWOW64\CmdLineExt_x64.dll 2010-05-26 14:52:49 ----A---- C:\Windows\SysWOW64\tzres.dll 2010-05-24 15:12:10 ----D---- C:\RDesc 2010-05-20 17:27:16 ----D---- C:\Downloads 2010-05-20 17:08:49 ----A---- C:\Windows\MegaManager.INI 2010-05-12 07:49:33 ----A---- C:\Windows\SysWOW64\inetcomm.dll ======List of files/folders modified in the last 1 months====== 2010-06-10 14:39:00 ----D---- C:\Windows\Prefetch 2010-06-10 14:38:50 ----D---- C:\Windows\Temp 2010-06-10 14:27:54 ----D---- C:\Windows\tracing 2010-06-10 11:00:27 ----D---- C:\Windows\winsxs 2010-06-10 09:09:14 ----D---- C:\Windows\Tasks 2010-06-09 11:04:10 ----D---- C:\Users\patrick\AppData\Roaming\vlc 2010-06-09 11:03:13 ----D---- C:\Users\patrick\AppData\Roaming\dvdcss 2010-06-08 21:10:25 ----D---- C:\Windows\SysWOW64 2010-06-08 21:10:25 ----D---- C:\Windows\System32 2010-06-08 21:10:17 ----SHD---- C:\System Volume Information 2010-06-08 19:54:32 ----D---- C:\Windows\inf 2010-06-08 19:49:57 ----D---- C:\Windows 2010-06-08 19:40:21 ----RD---- C:\Program Files (x86) 2010-06-08 19:40:21 ----HD---- C:\Program Files (x86)\InstallShield Installation Information 2010-06-08 19:40:20 ----SHD---- C:\Windows\Installer 2010-06-08 19:38:37 ----D---- C:\Program Files (x86)\Google 2010-06-08 19:37:00 ----D---- C:\ProgramData\Google 2010-06-07 19:17:04 ----D---- C:\Program Files (x86)\Mozilla Firefox 2010-06-06 17:34:26 ----D---- C:\Windows\debug 2010-06-05 23:13:16 ----D---- C:\Users\patrick\AppData\Roaming\Apple Computer 2010-06-05 23:12:46 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2010-06-05 16:08:29 ----RSD---- C:\Windows\assembly 2010-06-05 14:25:15 ----D---- C:\Program Files (x86)\Mozilla Thunderbird 2010-06-05 14:24:08 ----RD---- C:\Program Files 2010-06-05 14:24:08 ----HD---- C:\ProgramData 2010-06-05 14:24:08 ----D---- C:\Program Files (x86)\Common Files\Apple 2010-06-05 13:27:45 ----D---- C:\ProgramData\Adobe 2010-06-05 13:27:45 ----D---- C:\Program Files (x86)\Common Files\Adobe 2010-06-05 13:26:44 ----D---- C:\Users\patrick\AppData\Roaming\Adobe 2010-06-05 13:26:41 ----D---- C:\Program Files (x86)\Common Files\Adobe AIR 2010-06-05 13:07:22 ----D---- C:\Program Files (x86)\Adobe 2010-06-05 12:05:53 ----D---- C:\Program Files (x86)\Common Files 2010-06-05 09:07:21 ----D---- C:\Program Files (x86)\Glary Utilities 2010-06-05 09:07:19 ----D---- C:\Windows\registration 2010-06-05 09:07:14 ----D---- C:\Windows\AppCompat 2010-06-04 16:46:39 ----D---- C:\ProgramData\Spybot - Search & Destroy 2010-06-04 16:35:17 ----SD---- C:\ProgramData\Microsoft 2010-06-04 13:07:45 ----D---- C:\Users\patrick\AppData\Roaming\Macromedia 2010-06-02 10:50:06 ----D---- C:\Program Files (x86)\Internet Explorer 2010-06-01 17:20:26 ----D---- C:\Windows\SysWOW64\drivers 2010-06-01 17:20:25 ----D---- C:\Users\patrick\AppData\Roaming\PowerCinema 2010-05-31 20:56:19 ----SD---- C:\Users\patrick\AppData\Roaming\Microsoft 2010-05-28 15:05:04 ----D---- C:\Windows\LiveKernelReports 2010-05-27 10:29:01 ----D---- C:\Windows\rescache 2010-05-26 23:29:20 ----D---- C:\Windows\SysWOW64\fr-FR 2010-05-26 14:52:04 ----AD---- C:\ProgramData\Temp 2010-05-21 21:17:07 ----D---- C:\Program Files (x86)\TuneUp Utilities 2010 2010-05-21 10:42:57 ----D---- C:\Program Files (x86)\Mah Jong Adventures 2010-05-21 08:43:08 ----D---- C:\Windows\Logs 2010-05-21 07:40:46 ----D---- C:\tempocapt 2010-05-13 03:01:59 ----D---- C:\Program Files (x86)\Windows Mail 2010-05-13 03:00:42 ----D---- C:\ProgramData\Microsoft Help 2010-05-12 14:56:59 ----D---- C:\Program Files (x86)\a-squared Free ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 aswRdr;aswRdr; C:\Windows\SysWOW64\drivers\aswRdr.sys [] R1 aswSP;aswSP; C:\Windows\SysWOW64\drivers\aswSP.sys [] R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys [] R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\Windows\System32\drivers\discache.sys [] R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [] R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [] R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [] R1 RDPREFMP;@%systemroot%\system32\drivers\RdpRefMp.sys,-101; C:\Windows\system32\drivers\rdprefmp.sys [] R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920] R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360] R1 SCDEmu;SCDEmu; C:\Windows\SysWOW64\drivers\SCDEmu.sys [] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [] R1 WfpLwf;WFP Lightweight Filter; C:\Windows\system32\DRIVERS\wfplwf.sys [] R2 aswFsBlk;aswFsBlk; C:\Windows\SysWOW64\drivers\aswFsBlk.sys [] R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [] R3 1394ohci;Contrôleur d’hôte compatible OHCI 1394; C:\Windows\system32\DRIVERS\1394ohci.sys [] R3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [] R3 CompositeBus;Composite Bus Enumerator Driver; C:\Windows\system32\DRIVERS\CompositeBus.sys [] R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K; C:\Windows\system32\DRIVERS\e1k62x64.sys [] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [] R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys [] R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [] R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [] R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [] R3 RasAgileVpn;WAN Miniport (IKEv2); C:\Windows\system32\DRIVERS\AgileVpn.sys [] R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [2009-10-14 11856] R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [] R3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [] R3 vwifibus;Pilote de bus WiFi virtuel; C:\Windows\system32\DRIVERS\vwifibus.sys [] R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [] R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [] R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [] S3 AcpiPmi;ACPI Power Meter Driver; C:\Windows\system32\DRIVERS\acpipmi.sys [] S3 AmdPPM;AMD Processor Driver; C:\Windows\system32\DRIVERS\amdppm.sys [] S3 amdsata;amdsata; C:\Windows\system32\DRIVERS\amdsata.sys [] S3 amdsbs;amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys [] S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\Windows\system32\drivers\appid.sys [] S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [] S3 b06bdrv;Broadcom NetXtreme II VBD; C:\Windows\system32\DRIVERS\bxvbda.sys [] S3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60a.sys [] S3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [] S3 drmkaud;Microsoft Trusted Audio Drivers; C:\Windows\system32\drivers\drmkaud.sys [] S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD; C:\Windows\system32\DRIVERS\evbda.sys [] S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\DRIVERS\errdev.sys [] S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\Windows\System32\drivers\FsDepends.sys [] S3 hcw85cir;Hauppauge Consumer Infrared Receiver; C:\Windows\system32\drivers\hcw85cir.sys [] S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [] S3 HidBatt;HID UPS Battery Driver; C:\Windows\system32\DRIVERS\HidBatt.sys [] S3 HpSAMD;HpSAMD; C:\Windows\system32\DRIVERS\HpSAMD.sys [] S3 LSI_SAS2;LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys [] S3 MegaSR;MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys [] S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\Windows\System32\drivers\mshidkmdf.sys [] S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [] S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [] S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [] S3 MTConfig;Microsoft Input Configuration Driver; C:\Windows\system32\DRIVERS\MTConfig.sys [] S3 NdisCap;NDIS Capture LightWeight Filter; C:\Windows\system32\DRIVERS\ndiscap.sys [] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [] S3 pfc;Padus ASPI Shell; C:\Windows\system32\drivers\pfc.sys [2003-09-19 21248] S3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf.sys [] S3 rdpbus;Remote Desktop Device Redirector Bus Driver; C:\Windows\system32\DRIVERS\rdpbus.sys [] S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\Windows\System32\DRIVERS\scfilter.sys [] S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [] S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [] S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [] S3 stexstor;stexstor; C:\Windows\system32\DRIVERS\stexstor.sys [] S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2009-04-07 16392] S3 UmPass;Microsoft UMPass Driver; C:\Windows\system32\DRIVERS\umpass.sys [] S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [] S3 vhdmp;vhdmp; C:\Windows\system32\DRIVERS\vhdmp.sys [] S3 WIMMount;WIMMount; C:\Windows\system32\drivers\wimmount.sys [2009-07-14 19008] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 a2free;a-squared Free Service; C:\Program Files (x86)\a-squared Free\a2service.exe [2010-04-15 1872320] R2 AcrSch2Svc;Service Scheduler2 Acronis; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2009-09-12 892072] R2 afcdpsrv;Acronis Nonstop Backup service; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2010-03-12 2326920] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-04-16 144672] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384] R2 Bonjour Service;Service Bonjour; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-04-08 345376] R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496] R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-06-06 1352320] R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-08-13 62208] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [] R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-06-02 66872] R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992] R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\Windows\system32\svchost.exe [2009-07-14 20992] R2 SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2010-04-28 120832] R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [2010-05-07 1403208] R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160] R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384] R3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992] R3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992] S2 gupdate;Service Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-03-13 135664] S2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\Windows\system32\sppsvc.exe [] S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 aspnet_state;Service d'état ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [] S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-06-10 89920] S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\Windows\System32\lsass.exe [] S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [] S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2010-04-28 660256] S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-10 305448] S3 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-08-25 935208] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2009-07-14 20992] S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592] S3 sppuinotify;@%SystemRoot%\system32\sppuinotify.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 TuneUp.Defrag;@C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-05-21 607048] S3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\Windows\system32\lsass.exe [] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [] S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [] S3 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 WwanSvc;@%SystemRoot%\System32\wwansvc.dll,-257; C:\Windows\system32\svchost.exe [2009-07-14 20992] S4 TeamViewer5;TeamViewer 5; C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe -service [] -----------------EOF-----------------

Bonjour Pour la DNS c'est normal car en fait quelques fois je passe par une connexion VPN pour pouvoir ouvrir google normalement et faire des recherches normales. Par contre je ne trouve pas dans le compte d'utilisateur la ligne activer ou désactiver le contrôle des comptes d'utilisateurs Merci faut il refaire un log quelconque???

Suite du log RSIT info.txt logfile of random's system information tool 1.06 2010-06-09 11:03:28 ======Uninstall list====== -->MsiExec /X{54194F60-988C-4D03-B922-C2B00EFDA39A} -->MsiExec.exe /X{4B45B12B-CD31-4235-9D44-03A368510635} -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A450831D-25F6-4F42-9662-D000B25E0D82}\Setup.exe" -uninstall -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{AA4BF92B-2AAF-11DA-9D78-000129760D75}\Setup.exe" -uninstall 2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E} 2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E} 2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E} 2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045} 2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787} 2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9} 2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {E64BA721-2310-4B55-BE5A-2925F9706192} 2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0409-1000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E} 2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E} 2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E} 2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E} 2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0116-0409-1000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E} Acer Arcade Deluxe-->"C:\Program Files (x86)\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.exe" /z-uninstall Acer Arcade Deluxe-->"C:\Program Files (x86)\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.exe" /z-uninstall Acer Backup Manager-->C:\Program Files (x86)\InstallShield Installation Information\{30075A70-B5D2-440B-AFA3-FB2021740121}\setup.exe -runfromtemp -l0x0409 Acer eRecovery Management-->"C:\Program Files (x86)\InstallShield Installation Information\{7F811A54-5A09-4579-90E1-C93498E230D9}\setup.exe" -runfromtemp -l0x40c -removeonly Acer GameZone Console-->"C:\Program Files (x86)\Acer GameZone\GameConsole\unins000.exe" Acer Registration-->C:\Program Files (x86)\Acer\Registration\Uninstall.exe Acer ScreenSaver-->C:\Program Files (x86)\Acer\Screensaver\Uninstall.exe Acer Updater-->"C:\Program Files (x86)\InstallShield Installation Information\{EE171732-BEB4-4576-887D-CB62727F01CA}\setup.exe" -runfromtemp -l0x40c -removeonly Acrobat.com-->MsiExec.exe /X{287ECFA4-719A-2143-A09B-D6A12DE54E40} Acronis True Image Home-->MsiExec.exe /X{C2F1F96A-057E-5819-B52E-FEA1D1D2933B} Ad-Aware Email Scanner for Outlook-->MsiExec.exe /I{338F08AB-C262-42C7-B000-34DE1A475273} Ad-Aware-->"C:\ProgramData\{52AC600B-5800-407E-99FF-83CD0669760B}\Ad-AwareInstaller.exe" REMOVE=TRUE MODIFY=FALSE Ad-Aware-->C:\ProgramData\{52AC600B-5800-407E-99FF-83CD0669760B}\Ad-AwareInstaller.exe Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723} Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe Adobe Reader 9.3.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A93000000001} Advertising Center-->MsiExec.exe /X{b2ec4a38-b545-4a00-8214-13fe0e915e6d} Alice Greenfingers-->"C:\Program Files (x86)\Acer GameZone\Alice Greenfingers\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Alice Greenfingers\install.log" Amazonia-->"C:\Program Files (x86)\Acer GameZone\Amazonia\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Amazonia\install.log" Apple Application Support-->MsiExec.exe /I{553255F3-78FD-40F1-A6F8-6882140265FE} Apple Software Update-->MsiExec.exe /I{C41300B9-185D-475E-BFEC-39EF732F19B1} ArcSoft PhotoImpression 5-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{D433ABC3-0CD8-4BB0-B6A9-84501B4B47B7}\SETUP.EXE" -l0x40c a-squared Free 4.5-->"C:\Program Files (x86)\a-squared Free\unins000.exe" Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7} Audacity 1.2.6-->"C:\Program Files (x86)\Audacity\unins000.exe" Auslogics Disk Defrag-->"C:\Program Files (x86)\Auslogics\Auslogics Disk Defrag\unins000.exe" avast! Free Antivirus-->C:\Program Files\Alwil Software\Avast5\aswRunDll.exe "C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll" RunSetup AVS DVD Copy version 4.1.1-->"C:\Program Files (x86)\AVS4YOU\AVSDVDCopy\unins000.exe" AVS Update Manager 1.0-->"C:\Program Files (x86)\AVS4YOU\AVSUpdateManager\unins000.exe" AVS4YOU Software Navigator 1.3-->"C:\Program Files (x86)\AVS4YOU\AVSSoftwareNavigator\unins000.exe" Backup Manager Advance-->C:\Program Files (x86)\InstallShield Installation Information\{30075A70-B5D2-440B-AFA3-FB2021740121}\setup.exe -runfromtemp -l0x0409 CCleaner-->"C:\Program Files (x86)\CCleaner\uninst.exe" Chicken Invaders 2-->"C:\Program Files (x86)\Acer GameZone\Chicken Invaders 2\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Chicken Invaders 2\install.log" Dairy Dash-->"C:\Program Files (x86)\Acer GameZone\Dairy Dash\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Dairy Dash\install.log" Dream Day First Home-->"C:\Program Files (x86)\Acer GameZone\Dream Day First Home\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Dream Day First Home\install.log" EAX4 Unified Redist-->MsiExec.exe /X{89661B04-C646-4412-B6D3-5E19F02F1F37} EPSON Copy Utility 3-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\SETUP.EXE" -l0x40c -UnInstall EPSON Easy Photo Print-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F19D07BC-6240-49D3-BA5C-59B015DF8916}\SETUP.EXE" -l0x40c UNINST EPSON Logiciel imprimante-->C:\Windows\system32\spool\DRIVERS\x64\EPUPDATE.EXE /r EPSON Scan-->C:\Program Files (x86)\epson\escndv\setup\setup.exe /r eSobi v2-->C:\Program Files (x86)\InstallShield Installation Information\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}\setup.exe -runfromtemp -l0x0409 Farm Frenzy 2-->"C:\Program Files (x86)\Acer GameZone\Farm Frenzy 2\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Farm Frenzy 2\install.log" First Class Flurry-->"C:\Program Files (x86)\Acer GameZone\First Class Flurry\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\First Class Flurry\install.log" Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1} GigaTribe 3.01.001-->"C:\Program Files (x86)\GigaTribe\unins000.exe" Glary Utilities 2.21.0.863-->"C:\Program Files (x86)\Glary Utilities\unins000.exe" Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Google Earth-->MsiExec.exe /X{F7B0939E-58DF-11DF-B3A6-005056806466} Granny In Paradise-->"C:\Program Files (x86)\Acer GameZone\Granny In Paradise\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Granny In Paradise\install.log" Heroes of Hellas-->"C:\Program Files (x86)\Acer GameZone\Heroes of Hellas\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Heroes of Hellas\install.log" Hotkey Utility-->C:\Program Files (x86)\Acer\Hotkey Utility\Uninstall.exe Identity Card-->C:\Program Files (x86)\Acer\Identity Card\Uninstall.exe Installation Windows Live-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31} IZArc 4.1-->"C:\Program Files (x86)\IZArc\unins000.exe" Java 6 Update 20-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216020FF} JMicron JMB36X Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}\setup.exe" -l0x9 -removeonly Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5} KC Softwares IDPhotoStudio-->"C:\Program Files (x86)\KC Softwares\IDPhotoStudio\unins000.exe" Mah Jong Adventures-->"C:\Program Files (x86)\Mah Jong Adventures\unins000.exe" Malwarebytes' Anti-Malware-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe" Merriam Websters Spell Jam-->"C:\Program Files (x86)\Acer GameZone\Merriam Websters Spell Jam\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Merriam Websters Spell Jam\install.log" Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-040C-1000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0100-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0101-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE} Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE} Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE} Microsoft Office Groove MUI (French) 2007-->MsiExec.exe /X{90120000-00BA-040C-0000-0000000FF1CE} Microsoft Office Home and Student 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE} Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE} Microsoft Office Language Pack 2007 - French/Français-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall OMUI.FR-FR /dll OSETUP.DLL Microsoft Office O MUI (French) 2007-->MsiExec.exe /X{90120000-0100-040C-0000-0000000FF1CE} Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE} Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE} Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE} Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE} Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE} Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB} Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE} Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE} Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE} Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE} Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0017-040C-0000-0000000FF1CE} /uninstall {CCDA3DD6-E33D-4D75-B7C9-FF585580CE83} Microsoft Office SharePoint Designer MUI (French) 2007-->MsiExec.exe /X{90120000-0017-040C-0000-0000000FF1CE} Microsoft Office Suite Activation Assistant-->MsiExec.exe /X{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E} Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE} Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE} Microsoft Office X MUI (French) 2007-->MsiExec.exe /X{90120000-0101-040C-0000-0000000FF1CE} Microsoft Photo Pro Suite 10-->"C:\Program Files (x86)\Common Files\Microsoft Shared\Picture It!\RmvSuite.exe" ADDREMOVE=1 SKU=SUITE Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729-->MsiExec.exe /X{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E} Microsoft Works-->MsiExec.exe /I{0214A441-A4AB-43A8-8DEF-2F73C5364673} Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C} Mise à jour Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {51EFB347-1F3D-4BAC-8B79-F056B904FE21} Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3} Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223} Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE} Mozilla Firefox (3.6.3)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe Mozilla Thunderbird (3.0.4)-->C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} MyWinLocker-->MsiExec.exe /X{68301905-2DEA-41CE-A4D4-E8B443B099BA} Nero 9 Essentials-->C:\Program Files (x86)\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="2M02-K0A3-UK97-9A6U-37MT-4M7M-WM53-645A-K1L9-P288-2P9U-AZ0M-1E68-AE4Z-0000" Nero ControlCenter-->MsiExec.exe /X{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a} Nero ControlCenter-->MsiExec.exe /X{f4041dce-3fe1-4e18-8a9e-9de65231ee36} Nero DiscSpeed Help-->MsiExec.exe /X{cc019e3f-59d2-4486-8d4b-878105b62a71} Nero DiscSpeed-->MsiExec.exe /X{869200db-287a-4dc0-b02b-2b6787fbcd4c} Nero DriveSpeed Help-->MsiExec.exe /X{e5c7d048-f9b4-4219-b323-8bdb01a2563d} Nero DriveSpeed-->MsiExec.exe /X{33cf58f5-48d8-4575-83d6-96f574e4d83a} Nero Express Help-->MsiExec.exe /X{83202942-84b3-4c50-8622-b8c0aa2d2885} Nero InfoTool Help-->MsiExec.exe /X{20400dbd-e6db-45b8-9b6b-1dd7033818ec} Nero InfoTool-->MsiExec.exe /X{fbcdfd61-7dcf-4e71-9226-873ba0053139} Nero Installer-->MsiExec.exe /X{e8a80433-302b-4ff1-815d-fcc8eac482ff} Nero Online Upgrade-->MsiExec.exe /X{dba84796-8503-4ff0-af57-1747dd9a166d} Nero StartSmart Help-->MsiExec.exe /X{2348b586-c9ae-46ce-936c-a68e9426e214} Nero StartSmart OEM-->MsiExec.exe /X{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA} Nero StartSmart-->MsiExec.exe /X{7748ac8c-18e3-43bb-959b-088faea16fb2} NeroExpress-->MsiExec.exe /X{595a3116-40bb-4e0f-a2e8-d7951da56270} neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} NVIDIA PhysX-->MsiExec.exe /X{54194F60-988C-4D03-B922-C2B00EFDA39A} OpenOffice.org 3.2-->MsiExec.exe /I{97B3824E-B2D2-4C49-A860-BCA56F10B040} Orb-->"C:\Program Files (x86)\Orb Networks\Orb\uninstall.exe" Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} PC Connectivity Solution-->MsiExec.exe /I{AC599724-5755-48C1-ABE7-ABB857652930} PowerISO-->"C:\Program Files (x86)\PowerISO\uninstall.exe" PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u Pure Pinball 2.0 REDUX-->C:\Windows\unvise32.exe C:\Program Files (x86)\Pure Pinball 2.0 REDUX\uninstal.log QuickTime-->MsiExec.exe /I{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD} RDesc 2.31-->"C:\RDesc\unins000.exe" Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -removeonly S.T.A.L.K.E.R. - Shadow of Chernobyl-->"C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\unins000.exe" Samsung New PC Studio USB Driver Installer-->"C:\Program Files (x86)\InstallShield Installation Information\{AF7E85DC-317C-47F5-810E-B82EE093A612}\setup.exe" -runfromtemp -l0x040c -removeonly Samsung New PC Studio USB Driver Installer-->MsiExec.exe /I{AF7E85DC-317C-47F5-810E-B82EE093A612} Samsung New PC Studio-->"C:\Program Files (x86)\InstallShield Installation Information\{F193FC0E-9E18-40FC-A974-509A1BDD240A}\setup.exe" -runfromtemp -l0x040c -removeonly Samsung New PC Studio-->MsiExec.exe /X{F193FC0E-9E18-40FC-A974-509A1BDD240A} SamsungConnectivityCableDriver-->MsiExec.exe /X{7E84FAC8-C518-40F9-9807-7455301D6D25} Secunia PSI-->"C:\Program Files (x86)\Secunia\PSI\uninstall.exe" Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08} Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A} Security Update for 2007 Microsoft Office System (KB978380)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {667A88D1-0369-4070-A62A-70672D68A9BF} Security Update for Microsoft Office Excel 2007 (KB978382)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6DE3DABF-0203-426B-B330-7287D1003E86} Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D} Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF} Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C} Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC} Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D} Spybot - Search & Destroy-->"C:\Program Files (x86)\Spybot - Search & Destroy\unins000.exe" Tetris 5000-->MsiExec.exe /I{8C676E78-9169-43FB-9A56-415DF6DE50EE} TuneUp Utilities-->C:\Program Files (x86)\TuneUp Utilities 2010\TUInstallHelper.exe --Trigger-Uninstall Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D} Update for 2007 Microsoft Office System (KB981715)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {661B3F32-FFE4-4606-AE3A-DFA11DCC0D79} Update for Microsoft Office 2007 Help for Common Features (KB963673)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42} Update for Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9} Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7} Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF} Update for Microsoft Office OneNote 2007 Help (KB963670)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2744EF05-38E1-4D5D-B333-E021EDAEA245} Update for Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876} Update for Microsoft Office Script Editor Help (KB963671)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C} Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331} Update for Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726} Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27} Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\Windows\SysWOW64\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT="" VLC media player 1.0.5-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe WBFS Manager 3.0-->C:\Program Files\WBFS\WBFS Manager 3.0\uninstall.exe Welcome Center-->C:\Program Files (x86)\Acer\Welcome Center\Uninstall.exe Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA} Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818} Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1} Windows Live Movie Maker-->MsiExec.exe /X{53B20C18-D8D4-4588-8737-9BBFE303C354} Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA} ======Security center information====== AS: Spybot - Search and Destroy (disabled) (outdated) AS: SUPERAntiSpyware (disabled) ======System event log====== Computer Name: abraracourcix Event Code: 51 Message: Une erreur a été détectée sur le périphérique \Device\CdRom0 lors d'une opération de pagination. Record Number: 2458 Source Name: cdrom Time Written: 20100228174319.625629-000 Event Type: Avertissement User: Computer Name: abraracourcix Event Code: 1014 Message: La résolution du nom dns.msftncsi.com a expiré lorsqu’aucun des serveurs DNS configurés n’a répondu. Record Number: 2347 Source Name: Microsoft-Windows-DNS-Client Time Written: 20100228155018.502239-000 Event Type: Avertissement User: AUTORITE NT\SERVICE RÉSEAU Computer Name: abraracourcix Event Code: 27 Message: Intel® 82578DC Gigabit Network Connection . Le lien a été déconnecté. Record Number: 2251 Source Name: e1kexpress Time Written: 20100228154640.586442-000 Event Type: Avertissement User: Computer Name: abraracourcix Event Code: 27 Message: Intel® 82578DC Gigabit Network Connection . Le lien a été déconnecté. Record Number: 2220 Source Name: e1kexpress Time Written: 20091223030451.588040-000 Event Type: Avertissement User: Computer Name: abraracourcix Event Code: 4001 Message: Le Service d’autoconfiguration WLAN s’est arrêté correctement. Record Number: 2208 Source Name: Microsoft-Windows-WLAN-AutoConfig Time Written: 20091223030406.595753-000 Event Type: Avertissement User: AUTORITE NT\Système =====Application event log===== Computer Name: WIN-HRBF1LE7GTT Event Code: 33 Message: La création du contexte d’activation a échoué pour « c:\Windows\Installer\{0214A441-A4AB-43A8-8DEF-2F73C5364673}\wksdb.exe ». Assembly dépendant msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. Record Number: 1237 Source Name: SideBySide Time Written: 20091223030357.000000-000 Event Type: Erreur User: Computer Name: WIN-HRBF1LE7GTT Event Code: 33 Message: La création du contexte d’activation a échoué pour « c:\Windows\Installer\{0214A441-A4AB-43A8-8DEF-2F73C5364673}\WksWP.exe ». Assembly dépendant msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. Record Number: 1236 Source Name: SideBySide Time Written: 20091223030357.000000-000 Event Type: Erreur User: Computer Name: WIN-HRBF1LE7GTT Event Code: 33 Message: La création du contexte d’activation a échoué pour « c:\Windows\Installer\{0214A441-A4AB-43A8-8DEF-2F73C5364673}\wksss.exe ». Assembly dépendant msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. Record Number: 1235 Source Name: SideBySide Time Written: 20091223030357.000000-000 Event Type: Erreur User: Computer Name: WIN-HRBF1LE7GTT Event Code: 33 Message: La création du contexte d’activation a échoué pour « c:\Windows\Installer\{0214A441-A4AB-43A8-8DEF-2F73C5364673}\WksCal.exe ». Assembly dépendant msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. Record Number: 1234 Source Name: SideBySide Time Written: 20091223030357.000000-000 Event Type: Erreur User: Computer Name: WIN-HRBF1LE7GTT Event Code: 33 Message: La création du contexte d’activation a échoué pour « c:\Windows\Installer\{0214A441-A4AB-43A8-8DEF-2F73C5364673}\wksdb.exe ». Assembly dépendant msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. Record Number: 1233 Source Name: SideBySide Time Written: 20091223030357.000000-000 Event Type: Erreur User: =====Security event log===== Computer Name: WIN-HRBF1LE7GTT Event Code: 4624 Message: L’ouverture de session d’un compte s’est correctement déroulée. Sujet : ID de sécurité : S-1-5-18 Nom du compte : WIN-HRBF1LE7GTT$ Domaine du compte : WORKGROUP ID d’ouverture de session : 0x3e7 Type d’ouverture de session : 5 Nouvelle ouverture de session : ID de sécurité : S-1-5-18 Nom du compte : Système Domaine du compte : AUTORITE NT ID d’ouverture de session : 0x3e7 GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000} Informations sur le processus : ID du processus : 0x240 Nom du processus : C:\Windows\System32\services.exe Informations sur le réseau : Nom de la station de travail : Adresse du réseau source : - Port source : - Informations détaillées sur l’authentification : Processus d’ouverture de session : Advapi Package d’authentification : Negotiate Services en transit : - Nom du package (NTLM uniquement) : - Longueur de la clé : 0 Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée. Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe. Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau). Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté. Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas. Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique. - Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC . - Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session. - Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM. - La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée. Record Number: 611 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20091223030359.330140-000 Event Type: Succès de l’audit User: Computer Name: WIN-HRBF1LE7GTT Event Code: 4738 Message: Un compte d’utilisateur a été modifié. Sujet : ID de sécurité : S-1-5-21-3258892936-4116843137-97899428-500 Nom du compte : Administrator Domaine du compte : WIN-HRBF1LE7GTT ID d’ouverture de session : 0x2f9df Compte cible : ID de sécurité : S-1-5-21-3258892936-4116843137-97899428-500 Nom du compte : Administrator Domaine du compte : WIN-HRBF1LE7GTT Attributs modifiés : Nom du compte SAM : - Nom complet : - Nom principal de l’utilisateur : - Répertoire de base : - Lecteur de base : - Chemin d’accès au script : - Chemin d’accès au profil : - Stations de travail utilisateurs : - Dernière modification du mot de passe le : - Le compte expire le : - ID de groupe principal : - Délégué autorisé : - Ancienne valeur UAC : 0x211 Nouvelle valeur UAC : 0x211 Contrôle du compte d’utilisateur : - Paramètres utilisateur : - Historique SID : - Horaire d’accès : - Informations supplémentaires : Privilèges: - Record Number: 610 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20091223030358.035338-000 Event Type: Succès de l’audit User: Computer Name: WIN-HRBF1LE7GTT Event Code: 4672 Message: Privilèges spéciaux attribués à la nouvelle ouverture de session. Sujet : ID de sécurité : S-1-5-18 Nom du compte : Système Domaine du compte : AUTORITE NT ID d’ouverture de session : 0x3e7 Privilèges : SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 609 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20091223030354.930932-000 Event Type: Succès de l’audit User: Computer Name: WIN-HRBF1LE7GTT Event Code: 4624 Message: L’ouverture de session d’un compte s’est correctement déroulée. Sujet : ID de sécurité : S-1-5-18 Nom du compte : WIN-HRBF1LE7GTT$ Domaine du compte : WORKGROUP ID d’ouverture de session : 0x3e7 Type d’ouverture de session : 5 Nouvelle ouverture de session : ID de sécurité : S-1-5-18 Nom du compte : Système Domaine du compte : AUTORITE NT ID d’ouverture de session : 0x3e7 GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000} Informations sur le processus : ID du processus : 0x240 Nom du processus : C:\Windows\System32\services.exe Informations sur le réseau : Nom de la station de travail : Adresse du réseau source : - Port source : - Informations détaillées sur l’authentification : Processus d’ouverture de session : Advapi Package d’authentification : Negotiate Services en transit : - Nom du package (NTLM uniquement) : - Longueur de la clé : 0 Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée. Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe. Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau). Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté. Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas. Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique. - Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC . - Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session. - Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM. - La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée. Record Number: 608 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20091223030354.930932-000 Event Type: Succès de l’audit User: Computer Name: WIN-HRBF1LE7GTT Event Code: 1102 Message: Le journal d’audit a été effacé. Objet : ID de sécurité : S-1-5-21-3258892936-4116843137-97899428-500 Nom de compte : Administrator Nom de domaine : WIN-HRBF1LE7GTT ID de connexion : 0x2f9df Record Number: 607 Source Name: Microsoft-Windows-Eventlog Time Written: 20091223030355.726534-000 Event Type: Succès de l’audit User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86;C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\;C:\Program Files (x86)\QuickTime\QTSystem\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=AMD64 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ "NUMBER_OF_PROCESSORS"=4 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 37 Stepping 2, GenuineIntel "PROCESSOR_REVISION"=2502 "CLASSPATH"=.;C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip "asl.log"=Destination=file;OnFirstLog=command,environment -----------------EOF----------------- Bon courage dans ta quête pour m'aider à comprendre mon problème

A l'intention de Thanos Je suis arrivé à faire un log avec RSIT, le voici Logfile of random's system information tool 1.07 (written by random/random) Run by patrick at 2010-06-09 11:00:52 Microsoft Windows 7 Édition Familiale Premium Service Pack 2 System drive C: has 399 GB (85%) free of 469 GB Total RAM: 6135 MB (73% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:03:26, on 09/06/2010 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files (x86)\Secunia\PSI\psi.exe C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe C:\RDesc\RDesc.exe C:\Users\patrick\Desktop\RSIT.exe C:\Program Files (x86)\VideoLAN\VLC\vlc.exe C:\Program Files (x86)\trend micro\patrick.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&a...d58k95qg9m3y349 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&a...d58k95qg9m3y349 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&a...d58k95qg9m3y349 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [DXlibrary] C:\Windows\system32\d3dlib.exe O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{2FB1AC85-CD02-47E7-B89F-8C6DCDDF1F82}: NameServer = 91.188.60.223,8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\..\{62700F03-02EE-4818-8A0C-C0A5435BD171}: NameServer = 208.67.222.222 8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\..\{9709A052-9166-4307-8A65-8207AB2E70D9}: NameServer = 91.188.60.223,8.8.8.8 O17 - HKLM\System\CS1\Services\Tcpip\..\{2FB1AC85-CD02-47E7-B89F-8C6DCDDF1F82}: NameServer = 91.188.60.223,8.8.8.8 O17 - HKLM\System\CS2\Services\Tcpip\..\{2FB1AC85-CD02-47E7-B89F-8C6DCDDF1F82}: NameServer = 91.188.60.223,8.8.8.8 O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file) O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file) O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files (x86)\a-squared Free\a2service.exe O23 - Service: Service Scheduler2 Acronis (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Service d'état ASP.NET (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SAS Core Service (SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: @C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\uxtuneup.dll,-4096 (UxTuneUp) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe -- End of file - 25117 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Ad-Aware Update (Weekly).job C:\Windows\tasks\GlaryInitialize.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~2\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-06-05 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] Locked [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2007-03-20 36864] "BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2009-08-12 261888] "Hotkey Utility"=C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [2009-08-18 629280] "EgisTecLiveUpdate"=C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04 199464] "avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-05-06 2815192] "TrueImageMonitor.exe"=C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2009-09-12 5081912] "DXlibrary"=C:\Windows\system32\d3dlib.exe [2008-08-01 494813] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2010-05-18 2942976] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SASCORE] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SASCORE] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"= "NoActiveDesktopChanges"= "ForceActiveDesktopOn"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2010-06-08 21:10:25 ----D---- C:\Windows\SysWOW64\Wat 2010-06-08 19:49:57 ----A---- C:\Windows\ntbtlog.txt 2010-06-08 12:26:42 ----D---- C:\rsit 2010-06-08 12:26:42 ----D---- C:\Program Files (x86)\trend micro 2010-06-05 16:00:16 ----D---- C:\Program Files (x86)\THQ 2010-06-05 14:24:08 ----D---- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} 2010-06-05 14:24:08 ----D---- C:\Program Files (x86)\iTunes 2010-06-05 14:23:29 ----D---- C:\Program Files (x86)\Apple Software Update 2010-06-05 14:23:03 ----D---- C:\Program Files (x86)\Bonjour 2010-06-05 13:09:00 ----D---- C:\Program Files (x86)\QuickTime 2010-06-05 12:05:53 ----D---- C:\ProgramData\Sun 2010-06-05 12:05:53 ----D---- C:\Program Files (x86)\Common Files\Java 2010-06-05 12:05:40 ----A---- C:\Windows\SysWOW64\javaws.exe 2010-06-05 12:05:40 ----A---- C:\Windows\SysWOW64\javaw.exe 2010-06-05 12:05:40 ----A---- C:\Windows\SysWOW64\java.exe 2010-06-05 12:05:40 ----A---- C:\Windows\SysWOW64\deployJava1.dll 2010-06-05 11:56:06 ----D---- C:\Users\patrick\AppData\Roaming\SUPERAntiSpyware.com 2010-06-05 11:56:06 ----D---- C:\ProgramData\SUPERAntiSpyware.com 2010-06-05 11:56:05 ----D---- C:\ProgramData\SASCORE 2010-06-05 11:48:10 ----D---- C:\Program Files (x86)\Secunia 2010-06-05 11:04:23 ----D---- C:\Program Files (x86)\Tetris 5000 2010-06-04 21:33:15 ----D---- C:\Program Files (x86)\Steam 2010-06-04 18:20:57 ----D---- C:\ProgramData\NortonInstaller 2010-06-04 18:09:20 ----D---- C:\ProgramData\Norton 2010-06-02 12:39:46 ----D---- C:\Program Files (x86)\DreamCatcher 2010-06-02 10:56:43 ----A---- C:\Windows\unvise32.exe 2010-06-02 10:56:00 ----D---- C:\Program Files (x86)\Pure Pinball 2.0 REDUX 2010-06-02 10:50:19 ----A---- C:\Windows\SysWOW64\PerfStringBackup.INI 2010-06-02 10:50:06 ----D---- C:\Windows\SysWOW64\URTTEMP 2010-06-02 10:45:08 ----RHD---- C:\Users\patrick\AppData\Roaming\SecuROM 2010-06-02 10:42:10 ----A---- C:\Windows\SysWOW64\PnkBstrB.exe 2010-06-02 10:42:07 ----A---- C:\Windows\SysWOW64\PnkBstrA.exe 2010-06-02 10:42:07 ----A---- C:\Windows\SysWOW64\pbsvc.exe 2010-06-01 20:25:34 ----D---- C:\Users\patrick\AppData\Roaming\LockHunter 2010-05-26 17:23:00 ----A---- C:\Windows\SysWOW64\CmdLineExt_x64.dll 2010-05-26 14:52:49 ----A---- C:\Windows\SysWOW64\tzres.dll 2010-05-24 15:12:10 ----D---- C:\RDesc 2010-05-20 17:27:16 ----D---- C:\Downloads 2010-05-20 17:08:49 ----A---- C:\Windows\MegaManager.INI 2010-05-12 07:49:33 ----A---- C:\Windows\SysWOW64\inetcomm.dll ======List of files/folders modified in the last 1 months====== 2010-06-09 11:03:22 ----D---- C:\Windows\Prefetch 2010-06-09 11:03:13 ----D---- C:\Windows\Temp 2010-06-09 11:03:13 ----D---- C:\Users\patrick\AppData\Roaming\dvdcss 2010-06-09 09:57:18 ----D---- C:\Windows\tracing 2010-06-09 07:49:18 ----D---- C:\Windows\Tasks 2010-06-08 21:10:34 ----D---- C:\Windows\winsxs 2010-06-08 21:10:25 ----D---- C:\Windows\SysWOW64 2010-06-08 21:10:25 ----D---- C:\Windows\System32 2010-06-08 21:10:17 ----SHD---- C:\System Volume Information 2010-06-08 19:54:32 ----D---- C:\Windows\inf 2010-06-08 19:49:57 ----D---- C:\Windows 2010-06-08 19:40:21 ----RD---- C:\Program Files (x86) 2010-06-08 19:40:21 ----HD---- C:\Program Files (x86)\InstallShield Installation Information 2010-06-08 19:40:20 ----SHD---- C:\Windows\Installer 2010-06-08 19:38:37 ----D---- C:\Program Files (x86)\Google 2010-06-08 19:37:00 ----D---- C:\ProgramData\Google 2010-06-07 19:17:04 ----D---- C:\Program Files (x86)\Mozilla Firefox 2010-06-06 17:34:26 ----D---- C:\Windows\debug 2010-06-06 15:47:23 ----D---- C:\Users\patrick\AppData\Roaming\vlc 2010-06-05 23:13:16 ----D---- C:\Users\patrick\AppData\Roaming\Apple Computer 2010-06-05 23:12:46 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2010-06-05 16:08:29 ----RSD---- C:\Windows\assembly 2010-06-05 14:25:15 ----D---- C:\Program Files (x86)\Mozilla Thunderbird 2010-06-05 14:24:08 ----RD---- C:\Program Files 2010-06-05 14:24:08 ----HD---- C:\ProgramData 2010-06-05 14:24:08 ----D---- C:\Program Files (x86)\Common Files\Apple 2010-06-05 13:27:45 ----D---- C:\ProgramData\Adobe 2010-06-05 13:27:45 ----D---- C:\Program Files (x86)\Common Files\Adobe 2010-06-05 13:26:44 ----D---- C:\Users\patrick\AppData\Roaming\Adobe 2010-06-05 13:26:41 ----D---- C:\Program Files (x86)\Common Files\Adobe AIR 2010-06-05 13:07:22 ----D---- C:\Program Files (x86)\Adobe 2010-06-05 12:05:53 ----D---- C:\Program Files (x86)\Common Files 2010-06-05 09:07:21 ----D---- C:\Program Files (x86)\Glary Utilities 2010-06-05 09:07:19 ----D---- C:\Windows\registration 2010-06-05 09:07:14 ----D---- C:\Windows\AppCompat 2010-06-04 16:46:39 ----D---- C:\ProgramData\Spybot - Search & Destroy 2010-06-04 16:35:17 ----SD---- C:\ProgramData\Microsoft 2010-06-04 13:07:45 ----D---- C:\Users\patrick\AppData\Roaming\Macromedia 2010-06-02 10:50:06 ----D---- C:\Program Files (x86)\Internet Explorer 2010-06-01 17:20:26 ----D---- C:\Windows\SysWOW64\drivers 2010-06-01 17:20:25 ----D---- C:\Users\patrick\AppData\Roaming\PowerCinema 2010-05-31 20:56:19 ----SD---- C:\Users\patrick\AppData\Roaming\Microsoft 2010-05-28 15:05:04 ----D---- C:\Windows\LiveKernelReports 2010-05-27 10:29:01 ----D---- C:\Windows\rescache 2010-05-26 23:29:20 ----D---- C:\Windows\SysWOW64\fr-FR 2010-05-26 14:52:04 ----AD---- C:\ProgramData\Temp 2010-05-21 21:17:07 ----D---- C:\Program Files (x86)\TuneUp Utilities 2010 2010-05-21 10:42:57 ----D---- C:\Program Files (x86)\Mah Jong Adventures 2010-05-21 08:43:08 ----D---- C:\Windows\Logs 2010-05-21 07:40:46 ----D---- C:\tempocapt 2010-05-13 03:01:59 ----D---- C:\Program Files (x86)\Windows Mail 2010-05-13 03:00:42 ----D---- C:\ProgramData\Microsoft Help 2010-05-12 14:56:59 ----D---- C:\Program Files (x86)\a-squared Free ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 aswRdr;aswRdr; C:\Windows\SysWOW64\drivers\aswRdr.sys [] R1 aswSP;aswSP; C:\Windows\SysWOW64\drivers\aswSP.sys [] R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys [] R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\Windows\System32\drivers\discache.sys [] R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [] R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [] R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [] R1 RDPREFMP;@%systemroot%\system32\drivers\RdpRefMp.sys,-101; C:\Windows\system32\drivers\rdprefmp.sys [] R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920] R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360] R1 SCDEmu;SCDEmu; C:\Windows\SysWOW64\drivers\SCDEmu.sys [] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [] R1 WfpLwf;WFP Lightweight Filter; C:\Windows\system32\DRIVERS\wfplwf.sys [] R2 aswFsBlk;aswFsBlk; C:\Windows\SysWOW64\drivers\aswFsBlk.sys [] R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [] R3 1394ohci;Contrôleur d’hôte compatible OHCI 1394; C:\Windows\system32\DRIVERS\1394ohci.sys [] R3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [] R3 CompositeBus;Composite Bus Enumerator Driver; C:\Windows\system32\DRIVERS\CompositeBus.sys [] R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K; C:\Windows\system32\DRIVERS\e1k62x64.sys [] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [] R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys [] R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [] R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [] R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [] R3 RasAgileVpn;WAN Miniport (IKEv2); C:\Windows\system32\DRIVERS\AgileVpn.sys [] R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [2009-10-14 11856] R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [] R3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [] R3 vwifibus;Pilote de bus WiFi virtuel; C:\Windows\system32\DRIVERS\vwifibus.sys [] R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [] R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [] R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [] S3 AcpiPmi;ACPI Power Meter Driver; C:\Windows\system32\DRIVERS\acpipmi.sys [] S3 AmdPPM;AMD Processor Driver; C:\Windows\system32\DRIVERS\amdppm.sys [] S3 amdsata;amdsata; C:\Windows\system32\DRIVERS\amdsata.sys [] S3 amdsbs;amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys [] S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\Windows\system32\drivers\appid.sys [] S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [] S3 b06bdrv;Broadcom NetXtreme II VBD; C:\Windows\system32\DRIVERS\bxvbda.sys [] S3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60a.sys [] S3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [] S3 drmkaud;Microsoft Trusted Audio Drivers; C:\Windows\system32\drivers\drmkaud.sys [] S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD; C:\Windows\system32\DRIVERS\evbda.sys [] S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\DRIVERS\errdev.sys [] S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\Windows\System32\drivers\FsDepends.sys [] S3 hcw85cir;Hauppauge Consumer Infrared Receiver; C:\Windows\system32\drivers\hcw85cir.sys [] S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [] S3 HidBatt;HID UPS Battery Driver; C:\Windows\system32\DRIVERS\HidBatt.sys [] S3 HpSAMD;HpSAMD; C:\Windows\system32\DRIVERS\HpSAMD.sys [] S3 LSI_SAS2;LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys [] S3 MegaSR;MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys [] S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\Windows\System32\drivers\mshidkmdf.sys [] S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [] S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [] S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [] S3 MTConfig;Microsoft Input Configuration Driver; C:\Windows\system32\DRIVERS\MTConfig.sys [] S3 NdisCap;NDIS Capture LightWeight Filter; C:\Windows\system32\DRIVERS\ndiscap.sys [] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [] S3 pfc;Padus ASPI Shell; C:\Windows\system32\drivers\pfc.sys [2003-09-19 21248] S3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf.sys [] S3 rdpbus;Remote Desktop Device Redirector Bus Driver; C:\Windows\system32\DRIVERS\rdpbus.sys [] S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\Windows\System32\DRIVERS\scfilter.sys [] S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [] S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [] S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [] S3 stexstor;stexstor; C:\Windows\system32\DRIVERS\stexstor.sys [] S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2009-04-07 16392] S3 UmPass;Microsoft UMPass Driver; C:\Windows\system32\DRIVERS\umpass.sys [] S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [] S3 vhdmp;vhdmp; C:\Windows\system32\DRIVERS\vhdmp.sys [] S3 WIMMount;WIMMount; C:\Windows\system32\drivers\wimmount.sys [2009-07-14 19008] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 a2free;a-squared Free Service; C:\Program Files (x86)\a-squared Free\a2service.exe [2010-04-15 1872320] R2 AcrSch2Svc;Service Scheduler2 Acronis; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2009-09-12 892072] R2 afcdpsrv;Acronis Nonstop Backup service; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2010-03-12 2326920] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-04-16 144672] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384] R2 Bonjour Service;Service Bonjour; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-04-08 345376] R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496] R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-06-06 1352320] R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-08-13 62208] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [] R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-06-02 66872] R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992] R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\Windows\system32\svchost.exe [2009-07-14 20992] R2 SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2010-04-28 120832] R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [2010-05-07 1403208] R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160] R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384] R3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992] R3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992] S2 gupdate;Service Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-03-13 135664] S2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\Windows\system32\sppsvc.exe [] S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 aspnet_state;Service d'état ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [] S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-06-10 89920] S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\Windows\System32\lsass.exe [] S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [] S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2010-04-28 660256] S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-10 305448] S3 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-08-25 935208] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2009-07-14 20992] S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592] S3 sppuinotify;@%SystemRoot%\system32\sppuinotify.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 TuneUp.Defrag;@C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-05-21 607048] S3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\Windows\system32\lsass.exe [] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [] S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [] S3 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 WwanSvc;@%SystemRoot%\System32\wwansvc.dll,-257; C:\Windows\system32\svchost.exe [2009-07-14 20992] S4 TeamViewer5;TeamViewer 5; C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe -service [] -----------------EOF-----------------

bonjour Pour info j'ai le même problème avec IE 8 Je poste les deux logs DDS (Ver_10-03-17.01) - NTFSX64 Run by patrick at 7:56:18,08 on 09/06/2010 Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_20 Microsoft Windows 7 Édition Familiale Premium 6.1.7600.0.1252.33.1036.18.6135.4449 [GMT 2:00] SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9} SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7} ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\Dwm.exe C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe C:\Windows\Explorer.EXE C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Program Files (x86)\a-squared Free\a2service.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Bonjour\mDNSResponder.exe C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Acer\Registration\GregHSRW.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe C:\Program Files\Acer\Acer Updater\UpdaterService.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\WUDFHost.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Secunia\PSI\psi.exe C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Windows\system32\taskeng.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Users\patrick\Downloads\dds.scr C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uStart Page = hxxp://www.google.fr/ uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_m5810&r=17360210cn06973d58k95qg9m3y349 mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_m5810&r=17360210cn06973d58k95qg9m3y349 mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_m5810&r=17360210cn06973d58k95qg9m3y349 mLocal Page = c:\windows\syswow64\blank.htm BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~2\spybot~1\SDHelper.dll BHO: Programme d'aide de l'Assistant de connexion Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll TB: {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} - No File uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe mRun: [JMB36X IDE Setup] c:\windows\raidtool\xInsIDE.exe mRun: [backupManagerTray] "c:\program files (x86)\newtech infosystems\acer backup manager\BackupManagerTray.exe" -h -k mRun: [Hotkey Utility] c:\program files (x86)\acer\hotkey utility\HotkeyUtility.exe mRun: [EgisTecLiveUpdate] "c:\program files (x86)\egistec egis software update\EgisUpdate.exe" mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui mRun: [TrueImageMonitor.exe] c:\program files (x86)\acronis\trueimagehome\TrueImageMonitor.exe mRun: [DXlibrary] c:\windows\system32\d3dlib.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: E&xport to Microsoft Excel - c:\progra~2\micros~1\office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files (x86)\google\google toolbar\component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files (x86)\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~2\micros~1\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~2\micros~1\office12\REFIEBAR.DLL IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~2\spybot~1\SDHelper.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab TCP: {2FB1AC85-CD02-47E7-B89F-8C6DCDDF1F82} = 91.188.60.223,8.8.8.8 TCP: {62700F03-02EE-4818-8A0C-C0A5435BD171} = 208.67.222.222 8.8.8.8 TCP: {9709A052-9166-4307-8A65-8207AB2E70D9} = 91.188.60.223,8.8.8.8 TB-X64: {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} - No File mRun-x64: [iAAnotif] c:\program files (x86)\intel\intel matrix storage manager\iaanotif.exe mRun-x64: [mwlDaemon] c:\program files (x86)\egistec\mywinlocker 3\x86\mwlDaemon.exe mRun-x64: [RtHDVCpl] c:\program files\realtek\audio\hda\RAVCpl64.exe mRun-x64: [skytel] c:\program files\realtek\audio\hda\Skytel.exe mRun-x64: [EPSON Stylus Photo RX520 Series] c:\windows\system32\spool\drivers\x64\3\e_fatiage.exe /f "c:\windows\temp\E_S5CC3.tmp" /EF "HKLM" mRun-x64: [service Scheduler2 Acronis] "c:\program files (x86)\common files\acronis\schedule2\schedhlp.exe" ================= FIREFOX =================== FF - ProfilePath - c:\users\patrick\appdata\roaming\mozilla\firefox\profiles\pdf97g7x.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/ FF - plugin: c:\program files (x86)\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files (x86)\google\update\1.2.183.23\npGoogleOneClick8.dll FF - plugin: c:\program files (x86)\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files (x86)\windows live\photo gallery\NPWLPG.dll FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("html5.enable", false); c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pr ef", true); c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600); c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com"); c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff"); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org"); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com"); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20); ============= SERVICES / DRIVERS =============== R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-6-6 69152] R0 tdrpman251;Acronis Try&Decide and Restore Points filter (build 251);c:\windows\system32\drivers\tdrpm251.sys [2010-3-12 1455648] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-3-1 121936] R1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\drivers\mwlPSDFilter.sys [2009-6-2 22576] R1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\drivers\mwlPSDNserv.sys [2009-6-2 20016] R1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\drivers\mwlPSDVDisk.sys [2009-6-2 60464] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv64.sys [2010-2-17 14920] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\saskutil64.sys [2010-2-17 12360] R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 59904] R2 a2free;a-squared Free Service;c:\program files (x86)\a-squared free\a2service.exe [2010-4-25 1872320] R2 afcdpsrv;Acronis Nonstop Backup service;c:\program files (x86)\common files\acronis\cdp\afcdpsrv.exe [2010-3-12 2326920] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-3-1 22096] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-3-1 63568] R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-5-8 40384] R2 Greg_Service;GRegService;c:\program files (x86)\acer\registration\GregHSRW.exe [2009-8-28 1150496] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\lavasoft\ad-aware\AAWService.exe [2010-2-5 1352320] R2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\newtech infosystems\acer backup manager\IScheduleSvc.exe [2009-8-13 62208] R2 SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore64.exe [2010-4-28 120832] R2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\spybot - search & destroy\SDWinSec.exe [2010-3-1 1153368] R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\tuneup utilities 2010\TuneUpUtilitiesService64.exe [2010-5-7 1403208] R2 Updater Service;Updater Service;c:\program files\acer\acer updater\UpdaterService.exe [2009-10-13 240160] R3 afcdp;afcdp;c:\windows\system32\drivers\afcdp.sys [2010-3-12 250400] R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\drivers\e1k62x64.sys [2009-11-6 283824] R3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\drivers\netr28x.sys [2009-10-13 712704] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2009-10-13 83488] R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\tuneup utilities 2010\TuneUpUtilitiesDriver64.sys [2009-10-14 11856] S2 gupdate;Service Google Update (gupdate);c:\program files (x86)\google\update\GoogleUpdate.exe [2010-3-13 135664] S3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-5-8 40384] S3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-5-8 40384] S3 MWLService;MyWinLocker Service;c:\program files (x86)\egistec\mywinlocker 3\x86\MWLService.exe [2009-9-10 305448] S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-5-28 17456] S3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl64.sys [2009-8-28 49152] S3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\wat\WatAdminSvc.exe [2010-6-8 1255736] S4 TeamViewer5;TeamViewer 5;"c:\program files (x86)\teamviewer\version5\teamviewer_service.exe" -service --> c:\program files (x86)\teamviewer\version5\TeamViewer_Service.exe [?] =============== Created Last 30 ================ 2010-06-08 19:10:25 0 d-----w- c:\windows\syswow64\Wat 2010-06-08 19:10:25 0 d-----w- c:\windows\system32\Wat 2010-06-08 10:26:42 0 d-----w- c:\program files (x86)\trend micro 2010-06-06 09:15:35 69152 ----a-w- c:\windows\system32\drivers\Lbd.sys 2010-06-05 14:00:16 0 d-----w- c:\program files (x86)\THQ 2010-06-05 12:24:08 0 d-----w- c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001} 2010-06-05 12:24:08 0 d-----w- c:\program files\iTunes 2010-06-05 12:24:08 0 d-----w- c:\program files\iPod 2010-06-05 12:24:08 0 d-----w- c:\program files (x86)\iTunes 2010-06-05 12:23:03 0 d-----w- c:\program files\Bonjour 2010-06-05 12:23:03 0 d-----w- c:\program files (x86)\Bonjour 2010-06-05 10:05:53 0 d-----w- c:\programdata\Sun 2010-06-05 10:05:40 411368 ----a-w- c:\windows\syswow64\deployJava1.dll 2010-06-05 10:05:40 153376 ----a-w- c:\windows\syswow64\javaws.exe 2010-06-05 10:05:40 145184 ----a-w- c:\windows\syswow64\javaw.exe 2010-06-05 10:05:40 145184 ----a-w- c:\windows\syswow64\java.exe 2010-06-05 09:56:06 0 d-----w- c:\users\patrick\appdata\roaming\SUPERAntiSpyware.com 2010-06-05 09:56:06 0 d-----w- c:\programdata\SUPERAntiSpyware.com 2010-06-05 09:56:05 0 d-----w- c:\programdata\SASCORE 2010-06-05 09:56:03 0 d-----w- c:\program files\SUPERAntiSpyware 2010-06-05 09:48:10 0 d-----w- c:\program files (x86)\Secunia 2010-06-05 09:04:23 0 d-----w- c:\program files (x86)\Tetris 5000 2010-06-05 06:53:58 65536 --sha-w- c:\users\patrick\ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TM.blf 2010-06-05 06:53:58 524288 --sha-w- c:\users\patrick\ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms 2010-06-05 06:53:58 524288 --sha-w- c:\users\patrick\ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms 2010-06-04 19:33:15 0 d-----w- c:\program files (x86)\Steam 2010-06-04 16:21:30 0 d-----w- c:\users\patrick\SecurityScans 2010-06-04 16:20:57 0 d-----w- c:\programdata\NortonInstaller 2010-06-04 16:20:44 0 d-----w- c:\program files\Microsoft Baseline Security Analyzer 2 2010-06-04 16:09:20 0 d-----w- c:\programdata\Norton 2010-06-04 14:36:36 65536 --sha-w- c:\users\patrick\ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TM.blf 2010-06-04 14:36:36 524288 --sha-w- c:\users\patrick\ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms 2010-06-04 14:36:36 524288 --sha-w- c:\users\patrick\ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms 2010-06-04 14:30:29 524288 --sha-w- c:\users\patrick\ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms 2010-06-04 14:30:29 524288 --sha-w- c:\users\patrick\ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms 2010-06-04 14:30:28 65536 --sha-w- c:\users\patrick\ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TM.blf 2010-06-04 14:11:26 65536 --sha-w- c:\users\patrick\ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TM.blf 2010-06-04 14:11:26 524288 --sha-w- c:\users\patrick\ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms 2010-06-04 14:11:26 524288 --sha-w- c:\users\patrick\ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms 2010-06-04 05:54:42 65536 --sha-w- c:\users\patrick\ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TM.blf 2010-06-04 05:54:42 524288 --sha-w- c:\users\patrick\ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms 2010-06-04 05:54:42 524288 --sha-w- c:\users\patrick\ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms 2010-06-02 10:39:46 0 d-----w- c:\program files (x86)\DreamCatcher 2010-06-02 08:56:43 86016 ----a-w- c:\windows\unvise32.exe 2010-06-02 08:56:00 0 d-----w- c:\program files (x86)\Pure Pinball 2.0 REDUX 2010-06-02 08:50:19 1578582 ----a-w- c:\windows\syswow64\PerfStringBackup.INI 2010-06-02 08:50:06 0 d-----w- c:\windows\syswow64\URTTEMP 2010-06-02 08:42:10 103736 ----a-w- c:\windows\syswow64\PnkBstrB.exe 2010-06-02 08:42:07 669184 ----a-w- c:\windows\syswow64\pbsvc.exe 2010-06-02 08:42:07 66872 ----a-w- c:\windows\syswow64\PnkBstrA.exe 2010-06-01 18:25:34 0 d-----w- c:\users\patrick\appdata\roaming\LockHunter 2010-06-01 15:21:22 524288 --sha-w- c:\users\patrick\ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms 2010-06-01 15:21:22 524288 --sha-w- c:\users\patrick\ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms 2010-06-01 15:21:21 65536 --sha-w- c:\users\patrick\ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TM.blf 2010-05-31 08:57:24 65536 --sha-w- c:\users\patrick\ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TM.blf 2010-05-31 08:57:24 524288 --sha-w- c:\users\patrick\ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms 2010-05-31 08:57:24 524288 --sha-w- c:\users\patrick\ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms 2010-05-31 08:29:05 65536 --sha-w- c:\users\patrick\ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TM.blf 2010-05-31 08:29:05 524288 --sha-w- c:\users\patrick\ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms 2010-05-31 08:29:05 524288 --sha-w- c:\users\patrick\ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms 2010-05-28 11:04:52 17456 ----a-w- c:\windows\system32\drivers\psi_mf.sys 2010-05-26 15:23:00 178800 ----a-w- c:\windows\syswow64\CmdLineExt_x64.dll 2010-05-26 15:14:27 16574 ----a-w- c:\windows\EPISMF00.SWB 2010-05-26 15:08:24 662 ----a-w- c:\windows\syswow64\ealregsnapshot1.reg 2010-05-26 12:52:49 2048 ----a-w- c:\windows\syswow64\tzres.dll 2010-05-26 12:52:49 2048 ----a-w- c:\windows\system32\tzres.dll 2010-05-26 12:43:11 524288 --sha-w- c:\users\patrick\ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms 2010-05-26 12:43:09 65536 --sha-w- c:\users\patrick\ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TM.blf 2010-05-26 12:43:09 524288 --sha-w- c:\users\patrick\ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms 2010-05-24 13:12:10 0 d-----w- C:\RDesc 2010-05-22 10:55:01 9296 ----a-w- C:\logo.bmp 2010-05-20 15:27:16 0 d-----w- C:\Downloads 2010-05-20 15:08:49 50 ----a-w- c:\windows\MegaManager.INI 2010-05-12 05:49:33 976896 ----a-w- c:\windows\system32\inetcomm.dll 2010-05-12 05:49:33 740864 ----a-w- c:\windows\syswow64\inetcomm.dll ==================== Find3M ==================== 2010-06-08 17:54:32 704618 ----a-w- c:\windows\system32\perfh00C.dat 2010-06-08 17:54:32 132340 ----a-w- c:\windows\system32\perfc00C.dat 2010-05-12 09:21:16 270208 ------w- c:\windows\system32\MpSigStub.exe 2010-05-07 16:07:32 34632 ----a-w- c:\windows\system32\TURegOpt.exe 2010-05-07 16:02:00 25928 ----a-w- c:\windows\system32\authuitu.dll 2010-05-07 16:01:56 21320 ----a-w- c:\windows\syswow64\authuitu.dll 2010-05-07 16:01:52 36168 ----a-w- c:\windows\system32\uxtuneup.dll 2010-05-07 16:01:44 30024 ----a-w- c:\windows\syswow64\uxtuneup.dll 2010-05-06 20:59:36 165032 ----a-w- c:\windows\syswow64\aswBoot.exe 2010-05-06 20:34:14 63568 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2010-05-01 06:43:22 15880 ----a-w- c:\windows\system32\lsdelete.exe 2010-04-29 13:39:28 24664 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-04-15 09:02:10 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2010-04-14 16:47:23 38848 ----a-w- c:\windows\syswow64\avastSS.scr 2010-04-08 11:33:00 95520 ----a-w- c:\windows\system32\dnssd.dll 2010-04-08 11:33:00 119584 ----a-w- c:\windows\system32\dns-sd.exe 2010-04-08 11:20:02 91424 ----a-w- c:\windows\syswow64\dnssd.dll 2010-04-08 11:20:02 107808 ----a-w- c:\windows\syswow64\dns-sd.exe 2010-04-03 16:42:00 159336 ----a-w- c:\windows\system32\nvvsvc.exe 2010-04-03 16:42:00 14828648 ----a-w- c:\windows\system32\nvcpl.dll 2010-04-03 16:42:00 116328 ----a-w- c:\windows\system32\nvmctray.dll 2010-04-03 16:42:00 1067624 ----a-w- c:\windows\system32\nvsvc64.dll 2009-12-23 11:27:29 38160 ----a-w- c:\windows\inf\perflib\040c\perfd.dat 2009-12-23 11:27:29 38160 ----a-w- c:\windows\inf\perflib\040c\perfc.dat 2009-12-23 11:27:29 344522 ----a-w- c:\windows\inf\perflib\040c\perfi.dat 2009-12-23 11:27:29 344522 ----a-w- c:\windows\inf\perflib\040c\perfh.dat 2009-07-14 04:54:24 174 --sha-w- c:\program files\desktop.ini 2009-07-14 04:54:24 174 --sha-w- c:\program files (x86)\desktop.ini 2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat 2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat 2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat 2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat 2009-02-10 19:23:42 192484 ----a-w- c:\program files (x86)\common files\Acer GameZone online.ico 2009-06-10 20:44:08 9633792 begin_of_the_skype_highlighting 08 9633792 end_of_the_skype_highlighting begin_of_the_skype_highlighting 08 9633792 end_of_the_skype_highlighting --sha-r- c:\windows\fonts\StaticCache.dat 2010-03-01 17:57:14 245760 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\ietldcache\index.dat 2009-07-14 01:39:53 398848 --sha-w- c:\windows\winsxs\amd64_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_4d4d1f2f696639a2\WinMail.exe 2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe ============= FINISH: 7:56:55,53 ===============

Bonjour merci Thanos de m'aider. je n'arrive pas à lancer RSIT; Il m'affiche message d'erreur suivant : line 2563 (file "c:\users\patrick\desktop\rsit.exe"): error : variable used without being declared J'ai installé Hijack this et je poste le log. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:33:41, on 08/06/2010 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\patrick\Downloads\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&a...d58k95qg9m3y349 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&a...d58k95qg9m3y349 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&a...d58k95qg9m3y349 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: Norton Safe Web Lite BHO - {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\1.0.0.60\coIEPlg.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Norton Safe Web Lite - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\1.0.0.60\coIEPlg.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [DXlibrary] C:\Windows\system32\d3dlib.exe O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O13 - Gopher Prefix: O17 - HKLM\System\CCS\Services\Tcpip\..\{2FB1AC85-CD02-47E7-B89F-8C6DCDDF1F82}: NameServer = 91.188.60.223,8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\..\{62700F03-02EE-4818-8A0C-C0A5435BD171}: NameServer = 208.67.222.222 8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\..\{9709A052-9166-4307-8A65-8207AB2E70D9}: NameServer = 91.188.60.223,8.8.8.8 O17 - HKLM\System\CS1\Services\Tcpip\..\{2FB1AC85-CD02-47E7-B89F-8C6DCDDF1F82}: NameServer = 91.188.60.223,8.8.8.8 O17 - HKLM\System\CS2\Services\Tcpip\..\{2FB1AC85-CD02-47E7-B89F-8C6DCDDF1F82}: NameServer = 91.188.60.223,8.8.8.8 O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file) O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file) O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files (x86)\a-squared Free\a2service.exe O23 - Service: Service Scheduler2 Acronis (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Service d'état ASP.NET (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Safe Web Lite (NSL) - Symantec Corporation - C:\Program Files (x86)\Norton Safe Web Lite\Engine\1.0.0.60\ccSvcHst.exe O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SAS Core Service (SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12644 bytes

Bonjour à vous chers bénévoles Moi aussi je pense avoir été oublié. Pourtant je pense que mon problème relève de l'intrusion d'un cheval de Troie ou autre. Je voudrais que l'on m'aide pour faire un diagnostic au moins. Je ne sais pas comment fonctionne HIJACK Merci de prendre en compte mon problème Bonne journée à tous