woodbin59

Bonjour!! Si quelqu'un est disponible pour consulter mon rapport OTL, cela serait apprécier, car je ne puis accéder à mon compte MSN, il est bloqué pour cause d'envoi massif de spam,autre symptomes ordi tres lent au démarrage et a la fermeture ainsi que Firefox gèle souvent. L'antivirus bloque et AdAware pro ne se charge pas et ADWatch se désactive. Merçi de me répondre Mon lien Edit: est-ce qu'il y a quelque chose que j'ai fais de pas correct pour ne pas avoir une réponse !?!?

Bonjour; Voiçi plusieurs semaines que je suis infecté par une saloperie que mon antivirus et anti spyware ne trouve pas; en effet je reçois des spams et on envoie à partir de mon compte MSN . J'ai fais des scans en ligne; passé CCleaner, Spybot search nd destroy, Ad Aware Pro tenté une recherche avec Hijack This, mais rien n'y fais;alors je vous fais parvenir un rapport OTL qui me parait plus complet. Merçi de l'aide apportée OTL logfile created on: 12/9/2011 11:40:14 AM - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Claude\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd 1.75 Gb Total Physical Memory | 1.08 Gb Available Physical Memory | 61.94% Memory free 3.49 Gb Paging File | 2.25 Gb Available in Paging File | 64.56% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 220.78 Gb Total Space | 174.47 Gb Free Space | 79.02% Space Free | Partition Type: NTFS Computer Name: CLAUDE-PORTABLE | User Name: Claude | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/12/09 11:03:30 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Claude\Desktop\OTL.exe PRC - [2011/10/21 04:09:36 | 000,198,032 | ---- | M] (Lavasoft) -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe PRC - [2011/08/08 13:15:42 | 000,722,616 | ---- | M] (iolo technologies, LLC) -- C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe PRC - [2011/07/06 18:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011/01/25 13:20:08 | 000,283,992 | ---- | M] () -- C:\Program Files (x86)\Common Files\Iconix\IconixService.exe PRC - [2010/02/08 13:43:20 | 001,916,248 | ---- | M] (Smith Micro Software, Inc.) -- C:\Program Files (x86)\Smith Micro\StuffIt 2010\ArcNameService.exe PRC - [2009/09/10 08:42:30 | 000,349,480 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe PRC - [2009/08/28 04:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe PRC - [2009/08/18 04:42:08 | 001,157,128 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe PRC - [2009/08/04 00:09:34 | 000,199,464 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe PRC - [2009/07/03 21:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe PRC - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe ========== Modules (No Company Name) ========== MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011/07/13 20:33:44 | 003,760,264 | ---- | M] (Agnitum Ltd.) [Auto | Stopped] -- C:\Program Files\Agnitum\Outpost Security Suite Pro\acs.exe -- (acssrv) SRV:64bit: - [2009/10/29 13:10:02 | 000,844,320 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc) SRV:64bit: - [2009/07/29 07:03:42 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:64bit: - [2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [unknown | Running] -- C:\Windows\SysNative\svchost.exe -- (gpsvc) SRV:64bit: - [2009/07/03 21:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service) SRV - [2011/11/03 12:06:56 | 002,152,152 | ---- | M] (Lavasoft Limited) [On_Demand | Stopped] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service) SRV - [2011/08/08 13:15:42 | 000,722,616 | ---- | M] (iolo technologies, LLC) [Auto | Running] -- C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService) SRV - [2011/08/08 13:15:42 | 000,722,616 | ---- | M] (iolo technologies, LLC) [Auto | Stopped] -- C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe -- (ioloFileInfoList) SRV - [2011/07/06 18:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011/01/25 13:20:08 | 000,283,992 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\Iconix\IconixService.exe -- (IconixService) SRV - [2010/10/12 12:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService) SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/02/08 13:43:20 | 001,916,248 | ---- | M] (Smith Micro Software, Inc.) [Auto | Running] -- C:\Program Files (x86)\Smith Micro\StuffIt 2010\ArcNameService.exe -- (Stuffit Archive Name Service) SRV - [2009/09/10 08:42:46 | 000,305,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService) SRV - [2009/08/28 04:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service) SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011/07/06 18:52:42 | 000,025,912 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2011/06/15 13:22:12 | 000,084,176 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Filt\VBFilt64.dll -- (VBFilt) DRV:64bit: - [2011/06/15 13:22:08 | 000,066,184 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Filt\ASWFilt64.dll -- (ASWFilt) DRV:64bit: - [2011/06/15 13:22:04 | 001,250,088 | ---- | M] (Agnitum Ltd.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\SandBox64.sys -- (SandBox) DRV:64bit: - [2011/06/15 13:21:42 | 000,444,504 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\afwcore.sys -- (afwcore) DRV:64bit: - [2011/05/10 07:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2011/03/28 17:53:54 | 000,038,488 | ---- | M] (Agnitum Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\afw.sys -- (afw) DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011/02/02 16:04:24 | 000,293,048 | ---- | M] (VirusBuster Kft.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBEngNT.sys -- (VBEngNT) DRV:64bit: - [2010/12/02 11:14:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt) DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010/11/20 05:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:64bit: - [2009/11/11 18:24:14 | 000,023,464 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElRawDsk.sys -- (ElRawDisk) DRV:64bit: - [2009/10/05 15:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2009/10/02 00:33:48 | 000,946,688 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtl8192se.sys -- (rtl8192se) DRV:64bit: - [2009/07/29 17:11:24 | 006,038,016 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:64bit: - [2009/07/27 02:04:36 | 000,058,880 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20) DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/06/18 07:12:32 | 000,272,432 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/06/02 06:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk) DRV:64bit: - [2009/06/02 06:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter) DRV:64bit: - [2009/06/02 06:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ) DRV:64bit: - [2009/05/18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2009/05/05 03:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr) DRV:64bit: - [2009/05/05 03:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper) DRV:64bit: - [2009/05/04 08:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO) DRV:64bit: - [2009/04/03 08:39:58 | 000,034,872 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter) DRV - [2011/11/25 17:34:06 | 000,017,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys -- (Lavasoft Kernexplorer) DRV - [2010/06/29 17:30:08 | 000,009,341 | ---- | M] (iolo technologies, LLC (based on original work by Bo Brantén)) [Kernel | System | Stopped] -- C:\Windows\SysWow64\drivers\filedisk.sys -- (FileDisk) DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2009/03/25 22:16:08 | 000,025,608 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\Drivers\DKbFltr.sys -- (DKbFltr) Dritek Keyboard Filter Driver (64-bit) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0c0c&m=aspire_5517&r=27360610f215l0434z175t4522x54p IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0c0c&m=aspire_5517&r=27360610f215l0434z175t4522x54p IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = Le Complément de recherche d'Internet Explorer 6 n'est plus pris en charge. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN Hotmail, Messenger, Actualité, Sport, People, Femmes - MSN France IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3082297268-1611230529-2805471807-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN Hotmail, Messenger, Actualité, Sport, People, Femmes - MSN France IE - HKU\S-1-5-21-3082297268-1611230529-2805471807-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3082297268-1611230529-2805471807-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Search the Web" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://192.168.0.1/st_device.asp" FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.1 FF - prefs.js..extensions.enabledItems: [email protected]:1.6.2 FF - prefs.js..extensions.enabledItems: [email protected]:1.12.2.44172 FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8 FF - prefs.js..extensions.enabledItems: {CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}:3.2 FF - prefs.js..extensions.enabledItems: {3CE993BF-A3D9-4fd2-B3B6-768CBBC337F8}:0.9.6 FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.1.0.1 FF - prefs.js..extensions.enabledItems: [email protected]:1.1pre FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.90 FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.3 FF - prefs.js..extensions.enabledItems: {1253D21B-263B-1843-275C-1726DA8B2A12}:4.2.2 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=utf-8&mssrc=ms_kwd&mstb=adawaretb&q=" FF - prefs.js..network.proxy.type: 4 FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll () FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/11/08 16:34:08 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/11/18 19:36:35 | 000,000,000 | ---D | M] [2010/06/27 15:48:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Claude\AppData\Roaming\Mozilla\Extensions [2011/12/09 10:58:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Claude\AppData\Roaming\Mozilla\Firefox\Profiles\ng7joz93.default\extensions [2011/12/09 10:58:55 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Users\Claude\AppData\Roaming\Mozilla\Firefox\Profiles\ng7joz93.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2011/11/27 07:38:38 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Claude\AppData\Roaming\Mozilla\Firefox\Profiles\ng7joz93.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2011/08/27 07:55:02 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Claude\AppData\Roaming\Mozilla\Firefox\Profiles\ng7joz93.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2010/06/28 11:27:50 | 000,000,000 | ---D | M] (Forecastbar Enhanced) -- C:\Users\Claude\AppData\Roaming\Mozilla\Firefox\Profiles\ng7joz93.default\extensions\{3CE993BF-A3D9-4fd2-B3B6-768CBBC337F8} [2011/11/25 17:21:48 | 000,000,000 | ---D | M] (Ad-Aware Security Toolbar) -- C:\Users\Claude\AppData\Roaming\Mozilla\Firefox\Profiles\ng7joz93.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c} [2011/11/19 09:42:04 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Claude\AppData\Roaming\Mozilla\Firefox\Profiles\ng7joz93.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2011/07/28 18:55:55 | 000,000,000 | ---D | M] (BitDefender QuickScan) -- C:\Users\Claude\AppData\Roaming\Mozilla\Firefox\Profiles\ng7joz93.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2011/03/12 17:35:34 | 000,000,000 | ---D | M] (Personas) -- C:\Users\Claude\AppData\Roaming\Mozilla\Firefox\Profiles\ng7joz93.default\extensions\[email protected] [2011/11/08 16:36:18 | 000,000,000 | ---D | M] (Cooliris) -- C:\Users\Claude\AppData\Roaming\Mozilla\Firefox\Profiles\ng7joz93.default\extensions\[email protected] [2010/07/16 07:19:34 | 000,000,771 | ---- | M] () -- C:\Users\Claude\AppData\Roaming\Mozilla\Firefox\Profiles\ng7joz93.default\searchplugins\torrent-scan.xml [2011/11/30 15:57:43 | 000,002,306 | ---- | M] () -- C:\Users\Claude\AppData\Roaming\Mozilla\Firefox\Profiles\ng7joz93.default\searchplugins\wot-safe-search.xml [2011/11/18 19:36:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2011/11/18 19:36:33 | 000,000,000 | ---D | M] (Iconix) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{D2E7BDD1-36FB-4b06-A118-E274D213D63D} () (No name found) -- C:\USERS\CLAUDE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NG7JOZ93.DEFAULT\EXTENSIONS\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.XPI () (No name found) -- C:\USERS\CLAUDE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NG7JOZ93.DEFAULT\EXTENSIONS\{563E4790-7E70-11DA-A72B-0800200C9A66}.XPI () (No name found) -- C:\USERS\CLAUDE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NG7JOZ93.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI () (No name found) -- C:\USERS\CLAUDE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NG7JOZ93.DEFAULT\EXTENSIONS\{CE6E6E3B-84DD-4CAC-9F63-8D2AE4F30A4B}.XPI () (No name found) -- C:\USERS\CLAUDE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NG7JOZ93.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI () (No name found) -- C:\USERS\CLAUDE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NG7JOZ93.DEFAULT\EXTENSIONS\{EF4E370E-D9F0-4E00-B93E-A4F274CFDD5A}.XPI [2011/11/08 16:34:08 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2010/11/01 20:00:42 | 000,171,320 | ---- | M] (Cisco WebEx LLC) -- C:\Program Files (x86)\mozilla firefox\plugins\npatgpc.dll [2011/05/04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2011/11/18 19:36:22 | 000,196,448 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\npIconixProxy80.dll [2011/10/17 13:14:28 | 000,002,149 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\adawaretb.xml [2011/11/08 16:34:01 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-france.xml [2011/11/08 16:34:01 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2011/11/08 16:34:01 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2011/11/08 16:34:01 | 000,001,154 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-france.xml [2011/11/08 16:34:01 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-fr.xml [2011/11/08 16:34:01 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-france.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\pdf.dll CHR - plugin: ActiveTouch General Plugin Container (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npatgpc.dll CHR - plugin: eMail ID (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npIconixProxy80.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin O1 HOSTS File: ([2010/12/23 20:08:04 | 000,000,780 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Ad-Aware Security Toolbar) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll () O2 - BHO: (IconixBHOClass Class) - {761233B6-F228-49E4-8F6B-668499D4E55A} - C:\Program Files (x86)\Iconix\IEAddOn\IconixBHO_46.dll () O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (Ad-Aware Security Toolbar) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll () O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated) O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.) O4:64bit: - HKLM..\Run: [OutpostMonitor] C:\Program Files\Agnitum\Outpost Security Suite Pro\op_mon.exe (Agnitum Ltd.) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [iconixOEAddOn] C:\Program Files (x86)\Iconix\OEAddOn\OEdmn_6.exe () O4 - HKLM..\Run: [iolo Startup] C:\Program Files (x86)\iolo\Common\Lib\ioloLManager.exe (iolo technologies, LLC) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe (CyberLink Corp.) O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O7 - HKU\S-1-5-21-3082297268-1611230529-2805471807-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileSharing = 1 O7 - HKU\S-1-5-21-3082297268-1611230529-2805471807-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3 O7 - HKU\S-1-5-21-3082297268-1611230529-2805471807-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O9 - Extra 'Tools' menuitem : Email ID Préférences - {400A6CFA-E326-4d61-A90C-9AD75358DC5F} - C:\Program Files (x86)\Iconix\IEAddOn\IconixBHO_46.dll () O9 - Extra 'Tools' menuitem : À propos de Email ID - {BC3F6B6D-2E49-4603-B028-7411655713F3} - C:\Program Files (x86)\Iconix\IEAddOn\IconixBHO_46.dll () O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{14BA6289-403F-4536-ABA3-7280A7677FA2}: DhcpNameServer = 192.168.0.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O20:64bit: - AppInit_DLLs: (c:\progra~1\agnitum\outpos~1\wl_hoo~1.dll) - c:\Program Files\Agnitum\Outpost Security Suite Pro\wl_hook64.dll (Agnitum Ltd.) O20 - AppInit_DLLs: (c:\progra~1\agnitum\outpos~1\wl_hook.dll) -c:\Program Files\Agnitum\Outpost Security Suite Pro\wl_hook.dll (Agnitum Ltd.) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\SysWOW64\Userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011/12/06 18:39:14 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011/12/09 11:03:25 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Claude\Desktop\OTL.exe [2011/12/09 10:55:18 | 000,000,000 | R--D | C] -- C:\Users\Claude\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 8 [2011/12/06 18:39:14 | 000,000,000 | RHSD | C] -- C:\Autorun.inf [2011/12/02 19:14:21 | 000,000,000 | ---D | C] -- C:\Windows\pss [2011/11/25 17:22:52 | 000,000,000 | ---D | C] -- C:\Users\Claude\AppData\Local\adaware [2011/11/25 17:22:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection [2011/11/25 17:21:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Toolbar Cleaner [2011/11/25 17:21:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\adawaretb [2011/11/25 17:20:38 | 000,069,376 | ---- | C] (Lavasoft AB) -- C:\Windows\SysNative\drivers\Lbd.sys [2011/11/19 09:43:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth [2011/11/18 16:58:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2011/11/18 16:57:16 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2011/11/18 16:57:12 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2011/11/18 16:57:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes ========== Files - Modified Within 30 Days ========== [2011/12/09 11:39:15 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011/12/09 11:34:42 | 000,000,064 | ---- | M] () -- C:\Windows\SysWow64\rp_stats.dat [2011/12/09 11:34:42 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64\rp_rules.dat [2011/12/09 11:03:30 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Claude\Desktop\OTL.exe [2011/12/09 10:59:31 | 001,577,920 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011/12/09 10:59:31 | 000,719,014 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat [2011/12/09 10:59:31 | 000,620,492 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011/12/09 10:59:31 | 000,135,660 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat [2011/12/09 10:59:31 | 000,110,680 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011/12/09 10:58:16 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/12/09 10:58:16 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/12/09 10:54:44 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011/12/09 10:50:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/12/09 10:49:49 | 1406,177,280 | -HS- | M] () -- C:\hiberfil.sys [2011/12/08 16:02:16 | 000,110,666 | ---- | M] () -- C:\Users\Claude\Documents\viewtopic.php.htm [2011/12/06 18:39:27 | 107,286,970 | ---- | M] () -- C:\UsbFix_Upload_Me_CLAUDE-PORTABLE.zip [2011/12/04 15:58:02 | 000,000,406 | ---- | M] () -- C:\Windows\SysWow64\ioloBootDefrag.cfg [2011/12/03 12:44:21 | 000,049,713 | ---- | M] () -- C:\Users\Claude\Documents\WEB_UEL_City.pdf [2011/12/02 19:42:52 | 000,002,680 | ---- | M] () -- C:\Users\Claude\Documents\cc_20111202_194241.reg [2011/11/29 17:00:09 | 001,236,386 | ---- | M] () -- C:\Users\Claude\Documents\3871de1d-8e39-411c-8529-6ab67fd3a17c_6.jpg [2011/11/25 17:20:43 | 000,001,024 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk [2011/11/19 09:43:58 | 000,002,176 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk [2011/11/18 16:58:38 | 000,001,747 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2011/11/18 16:42:20 | 000,002,348 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2011/11/17 15:50:57 | 002,125,402 | ---- | M] () -- C:\Users\Claude\Documents\hairconversionsystem-ii-guide.pdf [2011/11/09 18:51:28 | 000,002,771 | ---- | M] () -- C:\Users\Claude\Documents\the who.jpg [2011/11/09 18:30:11 | 000,003,570 | ---- | M] () -- C:\Users\Claude\Documents\ted.jpg [2011/11/09 16:14:30 | 000,343,064 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT ========== Files Created - No Company Name ========== [2011/12/08 16:02:13 | 000,110,666 | ---- | C] () -- C:\Users\Claude\Documents\viewtopic.php.htm [2011/12/03 12:44:21 | 000,049,713 | ---- | C] () -- C:\Users\Claude\Documents\WEB_UEL_City.pdf [2011/12/02 19:42:45 | 000,002,680 | ---- | C] () -- C:\Users\Claude\Documents\cc_20111202_194241.reg [2011/11/29 17:00:04 | 001,236,386 | ---- | C] () -- C:\Users\Claude\Documents\3871de1d-8e39-411c-8529-6ab67fd3a17c_6.jpg [2011/11/19 09:43:58 | 000,002,176 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk [2011/11/18 16:58:38 | 000,001,747 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2011/11/17 15:50:57 | 002,125,402 | ---- | C] () -- C:\Users\Claude\Documents\hairconversionsystem-ii-guide.pdf [2011/11/09 18:51:26 | 000,002,771 | ---- | C] () -- C:\Users\Claude\Documents\the who.jpg [2011/11/09 18:30:10 | 000,003,570 | ---- | C] () -- C:\Users\Claude\Documents\ted.jpg [2011/10/09 07:50:47 | 000,000,000 | ---- | C] () -- C:\Users\Claude\AppData\Local\{68FC46D9-3F80-4BA8-8BC7-C45D8EC5CD6D} [2011/10/01 14:47:10 | 000,000,000 | ---- | C] () -- C:\Users\Claude\AppData\Roaming\wklnhst.dat [2011/08/27 06:22:50 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat [2011/08/27 06:22:50 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat [2011/04/01 17:41:11 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2011/02/18 12:37:34 | 000,000,051 | ---- | C] () -- C:\Windows\wininit.ini [2011/02/13 12:56:09 | 000,007,596 | ---- | C] () -- C:\Users\Claude\AppData\Local\Resmon.ResmonCfg [2010/11/16 17:40:55 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2010/11/16 17:38:19 | 000,000,330 | ---- | C] () -- C:\Windows\SysMech.INI [2010/07/14 15:03:02 | 000,000,036 | ---- | C] () -- C:\Users\Claude\AppData\Local\housecall.guid.cache [2010/07/10 17:41:50 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll [2010/06/27 17:18:19 | 000,000,019 | ---- | C] () -- C:\Windows\popcinfo.dat [2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat ========== LOP Check ========== [2011/07/29 22:22:23 | 000,000,000 | ---D | M] -- C:\Users\Claude\AppData\Roaming\Agnitum [2011/02/26 16:54:34 | 000,000,000 | ---D | M] -- C:\Users\Claude\AppData\Roaming\GARMIN [2011/03/14 16:24:14 | 000,000,000 | ---D | M] -- C:\Users\Claude\AppData\Roaming\Iconix [2010/11/16 17:05:00 | 000,000,000 | ---D | M] -- C:\Users\Claude\AppData\Roaming\iolo [2011/06/12 09:18:39 | 000,000,000 | ---D | M] -- C:\Users\Claude\AppData\Roaming\PC Suite [2011/09/10 19:44:17 | 000,000,000 | ---D | M] -- C:\Users\Claude\AppData\Roaming\QuickScan [2011/10/01 14:47:18 | 000,000,000 | ---D | M] -- C:\Users\Claude\AppData\Roaming\Template [2010/12/12 12:30:10 | 000,000,000 | ---D | M] -- C:\Users\Claude\AppData\Roaming\webex [2011/03/23 16:27:25 | 000,000,000 | ---D | M] -- C:\Users\Invité\AppData\Roaming\eMail ID [2011/03/23 16:25:10 | 000,000,000 | ---D | M] -- C:\Users\Invité\AppData\Roaming\iolo [2011/11/06 07:20:35 | 000,032,482 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > OTL Extras logfile created on: 12/9/2011 11:40:14 AM - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Claude\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd 1.75 Gb Total Physical Memory | 1.08 Gb Available Physical Memory | 61.94% Memory free 3.49 Gb Paging File | 2.25 Gb Available in Paging File | 64.56% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 220.78 Gb Total Space | 174.47 Gb Free Space | 79.02% Space Free | Partition Type: NTFS Computer Name: CLAUDE-PORTABLE | User Name: Claude | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-3082297268-1611230529-2805471807-1000\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== System Restore Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{26A7FC57-FC21-4CA9-85BD-4324B3294D8B}" = StuffIt 2010 "{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 "{4B5F58F7-C7D1-3CE3-9B37-B657F0852643}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{56F26668-13DA-497A-883F-61434A10CBAB}" = MobileMe Control Panel "{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{6CFB1B20-ECAE-488F-9FFB-6AD420882E71}" = iTunes "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007 "{90120000-002A-040C-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (French) 2007 "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 "{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb" = Internet Explorer (Enable DEP) "{ACCA82EB-7088-919E-5E1C-100A24F11CCF}" = ATI Catalyst Install Manager "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{E2FCA441-6D7B-CD78-3ADF-42EA9FA06065}" = ccc-utility64 "{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit "Agnitum Outpost Security Suite Pro_is1" = Outpost Security Suite Pro 7.5.1 "CCleaner" = CCleaner "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA "SynTPDeinstKey" = Synaptics Pointing Device Driver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0214A441-A4AB-43A8-8DEF-2F73C5364673}" = Microsoft Works "{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard "{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2 "{183F0908-AD5E-8B3B-5F06-28B1A8C65C62}" = CCC Help Japanese "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare "{23E9588B-05ED-BC2F-EB69-101A96511EF1}" = ccc-core-static "{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8 "{2484D1EA-CBA4-60BB-82B9-F8477D25C47A}" = CCC Help Dutch "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java 6 Update 26 "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{29802D65-9514-DB20-36CD-E47A94C8AEB9}" = Catalyst Control Center Graphics Full Existing "{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8 "{2F61E9D7-CD05-643E-A04E-CC1A8B6610BA}" = CCC Help Finnish "{2FA3CDD8-1436-497D-6339-789936561E99}" = CCC Help German "{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App "{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34123E80-BE96-6282-1167-6696730AF6D2}" = CCC Help Korean "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live "{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer "{3D20EF26-2E9A-D388-851D-E7675BBACFF5}" = Catalyst Control Center Core Implementation "{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management "{4024F49B-65D4-D6B2-2A1D-6DBF6F09F181}" = CCC Help Greek "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live "{49A63237-FD38-AE77-6DF6-FFB41499A4E6}" = CCC Help Hungarian "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform "{4F0FC827-B693-F166-612E-EA89D798540C}" = CCC Help Chinese Traditional "{52FBF90E-D2EF-A2A3-1CCA-6984596B1B02}" = CCC Help English "{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth "{5E453519-60F6-4A4D-A0BF-16663F9B3536}" = Safari "{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources "{628CBFE4-3823-67FB-26D2-566899C3BB5C}" = CCC Help Italian "{652EB559-6865-DEF4-2409-D506963C15FD}" = CCC Help Polish "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker "{68987945-A387-4C25-0C59-21F2AF657E65}" = CCC Help Thai "{6B45E33B-6BB4-234B-2F5F-65B1A103801D}" = CCC Help Russian "{6B99737C-9FDC-50F9-C9A4-AB7DA5C9A336}" = Catalyst Control Center Graphics Full New "{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker "{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer" = WildTangent Games App (Acer Games) "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime "{7BE74C0E-F300-D0A6-780B-C93BB78DE58C}" = CCC Help Norwegian "{7E75ACC5-B0EC-7006-183A-374974019911}" = Catalyst Control Center Graphics Light "{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management "{82809116-D1EE-443C-AE31-F19E709DDF7A}" = AMD USB Filter Driver "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007 "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007 "{90120000-0017-040C-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (French) 2007 "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007 "{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007 "{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007 "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007 "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007 "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007 "{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007 "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007 "{90120000-00BA-040C-0000-0000000FF1CE}" = Microsoft Office Groove MUI (French) 2007 "{90120000-0100-040C-0000-0000000FF1CE}" = Microsoft Office O MUI (French) 2007 "{90120000-0101-040C-0000-0000000FF1CE}" = Microsoft Office X MUI (French) 2007 "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{932D0FC7-6DF1-4136-A2EC-166E8DEFD6A4}" = Ad-Aware "{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French) "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader "{97124B44-C17B-C352-44B1-403D0D706173}" = CCC Help Czech "{9ACA8261-11D1-F8A1-C154-7F8B23515C79}" = CCC Help Swedish "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9574A7E-C024-EED1-7A81-CC4786A1915A}" = CCC Help Portuguese "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AA32D2A6-1299-0F05-BF8D-04075A9F69EB}" = CCC Help Turkish "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AC76BA86-7AD7-1036-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Français "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{BBD3F66B-1180-4785-B679-3F91572CD3B4}_is1" = iolo technologies' System Mechanic Professional "{BCC05B1F-7397-799A-9EDB-AC10123BB17A}" = CCC Help Chinese Standard "{BEF4FD8A-29FF-C250-468A-5FC55F0E3451}" = Catalyst Control Center Localization All "{C45ED267-57B3-4BB8-869C-6FD429A48EB3}" = Cisco WebEx Meeting Center for Firefox or Chrome "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common "{CA09037E-6B9F-408F-BB5C-61F040FD1D5A}" = Ad-Aware "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{CF7A62B6-F712-412E-9914-D80033A7F8B8}" = Catalyst Control Center - Branding "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D41301F8-90FD-9CE8-CD2C-ED2B9D5F07E3}" = CCC Help Spanish "{D43AD08C-BE76-8C5B-FD90-4B665EF60E2E}" = CCC Help Danish "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D56B3391-1DAB-4AB3-AFF5-D55457911BBB}" = Ad-Aware "{DA4CA661-5ABF-9218-6E42-84BF89F43655}" = CCC Help French "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "Acer Registration" = Acer Registration "Acer Welcome Center" = Welcome Center "adawaretb" = Ad-Aware Security Toolbar "Adobe AIR" = Adobe AIR "Ad-Remover" = Ad-Remover par C_XX "ESET Online Scanner" = ESET Online Scanner v3 "Google Chrome" = Google Chrome "GridVista" = Acer GridVista "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "Iconix eMail ID" = Iconix® eMail ID "Identity Card" = Identity Card "InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5 "InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2 "InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8 "InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8 "LManager" = Launch Manager "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800 "Mozilla Firefox 8.0 (x86 fr)" = Mozilla Firefox 8.0 (x86 fr) "OMUI.fr-fr" = Microsoft Office Language Pack 2007 - French/Français "Usbfix" = UsbFix By TeamXscript "WildTangent acer Master Uninstall" = Acer Games "WinLiveSuite" = Windows Live "ZHPDiag_is1" = ZHPDiag 1.27 ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-3082297268-1611230529-2805471807-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "ActiveTouchMeetingClient" = WebEx ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 9/8/2011 4:37:45 PM | Computer Name = Claude-Portable | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 9/8/2011 4:37:45 PM | Computer Name = Claude-Portable | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 20202 Error - 9/8/2011 4:37:45 PM | Computer Name = Claude-Portable | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 20202 Error - 9/8/2011 4:37:46 PM | Computer Name = Claude-Portable | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 9/8/2011 4:37:46 PM | Computer Name = Claude-Portable | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 21310 Error - 9/8/2011 4:37:46 PM | Computer Name = Claude-Portable | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 21310 Error - 9/8/2011 4:37:48 PM | Computer Name = Claude-Portable | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 9/8/2011 4:37:48 PM | Computer Name = Claude-Portable | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 22605 Error - 9/8/2011 4:37:48 PM | Computer Name = Claude-Portable | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 22605 Error - 9/8/2011 4:37:49 PM | Computer Name = Claude-Portable | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second [ System Events ] Error - 12/9/2011 11:50:01 AM | Computer Name = Claude-Portable | Source = atikmdag | ID = 52236 Description = CPLIB :: General - Invalid Parameter Error - 12/9/2011 11:50:01 AM | Computer Name = Claude-Portable | Source = atikmdag | ID = 43029 Description = Display is not active Error - 12/9/2011 11:50:19 AM | Computer Name = Claude-Portable | Source = Service Control Manager | ID = 7000 Description = Le service iolo FileInfoList Service n’a pas pu démarrer en raison de l’erreur : %%1083 Error - 12/9/2011 11:50:41 AM | Computer Name = Claude-Portable | Source = Service Control Manager | ID = 7026 Description = Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se charger : FileDisk Error - 12/9/2011 11:58:38 AM | Computer Name = Claude-Portable | Source = NetBT | ID = 4307 Description = L’initialisation a échoué car le transport a refusé d’ouvrir les adresses initiales. Error - 12/9/2011 11:58:42 AM | Computer Name = Claude-Portable | Source = NetBT | ID = 4307 Description = L’initialisation a échoué car le transport a refusé d’ouvrir les adresses initiales. Error - 12/9/2011 11:58:44 AM | Computer Name = Claude-Portable | Source = HTTP | ID = 15005 Description = Error - 12/9/2011 11:58:45 AM | Computer Name = Claude-Portable | Source = Service Control Manager | ID = 7001 Description = Le service Fournisseur HomeGroup dépend du service Publication des ressources de découverte de fonctions qui n’a pas pu démarrer en raison de l’erreur : %%-2147024891 Error - 12/9/2011 11:58:45 AM | Computer Name = Claude-Portable | Source = Service Control Manager | ID = 7023 Description = Le service Publication des ressources de découverte de fonctions s’est arrêté avec l’erreur : %%-2147024891 Error - 12/9/2011 11:58:46 AM | Computer Name = Claude-Portable | Source = NetBT | ID = 4307 Description = L’initialisation a échoué car le transport a refusé d’ouvrir les adresses initiales. < End of report >