google reste inexorablement en anglais

[Thanos]

salut abraracourcix63

 

Mes excuses pour l'attente!!

 

Tente stp d'utiliser la commande suivante =>

 

Passe par Démarrer> Exécuter et tape cmd puis clique sur [OK]

 

Copie/colle ceci dans la fenetre noire :

 

ipconfig /flushdns

 

> valide par la touche [entrée]

 

Un message doit t'avertir que le Cache de résolution DNS a été vidé.

 

Est ce que tu peux me poster un nouveau rapport RSIT stp ?

[abraracourcix63]

Désolé Thanos j'ai fait nouveau sujet au lieu de répondre

voici mon log. Par contre, aucune fenêtre m'a indiqué que le dNS était vidé et j'ai toujours les lignes 17 et 18

 

Logfile of random's system information tool 1.07 (written by random/random)

Run by patrick at 2010-06-16 07:48:24

Microsoft Windows 7 Édition Familiale Premium Service Pack 2

System drive C: has 400 GB (85%) free of 469 GB

Total RAM: 6135 MB (72% free)

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 07:48:45, on 16/06/2010

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16385)

Boot mode: Normal

 

Running processes:

C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe

C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe

C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe

C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe

C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe

C:\Program Files\Alwil Software\Avast5\AvastUI.exe

C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe

C:\Program Files (x86)\Secunia\PSI\psi.exe

C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Users\patrick\Desktop\RSIT.exe

C:\Program Files (x86)\trend micro\patrick.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&a...d58k95qg9m3y349

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&a...d58k95qg9m3y349

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&a...d58k95qg9m3y349

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe

O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k

O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe

O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"

O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui

O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html

O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

O17 - HKLM\System\CCS\Services\Tcpip\..\{2FB1AC85-CD02-47E7-B89F-8C6DCDDF1F82}: NameServer = 91.188.60.223,8.8.8.8

O17 - HKLM\System\CCS\Services\Tcpip\..\{9709A052-9166-4307-8A65-8207AB2E70D9}: NameServer = 91.188.60.223,8.8.8.8

O17 - HKLM\System\CS1\Services\Tcpip\..\{2FB1AC85-CD02-47E7-B89F-8C6DCDDF1F82}: NameServer = 91.188.60.223,8.8.8.8

O17 - HKLM\System\CS2\Services\Tcpip\..\{2FB1AC85-CD02-47E7-B89F-8C6DCDDF1F82}: NameServer = 91.188.60.223,8.8.8.8

O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)

O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files (x86)\a-squared Free\a2service.exe

O23 - Service: Service Scheduler2 Acronis (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe

O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Service d'état ASP.NET (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe

O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe

O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe

O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe

O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe

O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe

O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: SAS Core Service (SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe

O23 - Service: @C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe

O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe

O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\uxtuneup.dll,-4096 (UxTuneUp) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe

O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

 

--

End of file - 25020 bytes

 

======Scheduled tasks folder======

 

C:\Windows\tasks\Ad-Aware Update (Weekly).job

C:\Windows\tasks\GlaryInitialize.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]

Spybot-S&D IE Protection - C:\PROGRA~2\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-06-05 41760]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

Locked

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2007-03-20 36864]

"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2009-08-12 261888]

"Hotkey Utility"=C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [2009-08-18 629280]

"EgisTecLiveUpdate"=C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04 199464]

"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-05-06 2815192]

"TrueImageMonitor.exe"=C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2009-09-12 5081912]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2010-05-18 2942976]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SASCORE]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SASCORE]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=

"NoActiveDesktopChanges"=

"ForceActiveDesktopOn"=

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

 

======File associations======

 

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

 

======List of files/folders created in the last 1 months======

 

2010-06-15 12:35:30 ----A---- C:\Windows\ntbtlog.txt

2010-06-14 11:47:14 ----D---- C:\Program Files (x86)\WinRAR

2010-06-13 21:10:16 ----D---- C:\Program Files (x86)\7-Zip

2010-06-12 22:29:03 ----D---- C:\Program Files (x86)\JRE

2010-06-12 07:50:12 ----D---- C:\_OTM

2010-06-12 07:37:20 ----D---- C:\Windows\Minidump

2010-06-10 15:23:50 ----A---- C:\Windows\SysWOW64\mshtml.dll

2010-06-10 15:23:49 ----A---- C:\Windows\SysWOW64\ieframe.dll

2010-06-10 15:23:48 ----A---- C:\Windows\SysWOW64\wininet.dll

2010-06-10 15:23:48 ----A---- C:\Windows\SysWOW64\urlmon.dll

2010-06-10 15:23:48 ----A---- C:\Windows\SysWOW64\mstime.dll

2010-06-10 15:23:48 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll

2010-06-10 15:23:48 ----A---- C:\Windows\SysWOW64\iedkcs32.dll

2010-06-10 15:23:47 ----A---- C:\Windows\SysWOW64\jsproxy.dll

2010-06-10 11:05:50 ----A---- C:\Windows\SysWOW64\asycfilt.dll

2010-06-10 09:43:20 ----A---- C:\Windows\SysWOW64\atmlib.dll

2010-06-10 09:43:20 ----A---- C:\Windows\SysWOW64\atmfd.dll

2010-06-08 21:10:25 ----D---- C:\Windows\SysWOW64\Wat

2010-06-08 12:26:42 ----D---- C:\rsit

2010-06-08 12:26:42 ----D---- C:\Program Files (x86)\trend micro

2010-06-05 16:00:16 ----D---- C:\Program Files (x86)\THQ

2010-06-05 14:24:08 ----D---- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}

2010-06-05 14:24:08 ----D---- C:\Program Files (x86)\iTunes

2010-06-05 14:23:29 ----D---- C:\Program Files (x86)\Apple Software Update

2010-06-05 14:23:03 ----D---- C:\Program Files (x86)\Bonjour

2010-06-05 13:09:00 ----D---- C:\Program Files (x86)\QuickTime

2010-06-05 12:05:53 ----D---- C:\ProgramData\Sun

2010-06-05 12:05:53 ----D---- C:\Program Files (x86)\Common Files\Java

2010-06-05 12:05:40 ----A---- C:\Windows\SysWOW64\javaws.exe

2010-06-05 12:05:40 ----A---- C:\Windows\SysWOW64\javaw.exe

2010-06-05 12:05:40 ----A---- C:\Windows\SysWOW64\java.exe

2010-06-05 12:05:40 ----A---- C:\Windows\SysWOW64\deployJava1.dll

2010-06-05 11:56:06 ----D---- C:\Users\patrick\AppData\Roaming\SUPERAntiSpyware.com

2010-06-05 11:56:06 ----D---- C:\ProgramData\SUPERAntiSpyware.com

2010-06-05 11:56:05 ----D---- C:\ProgramData\SASCORE

2010-06-05 11:48:10 ----D---- C:\Program Files (x86)\Secunia

2010-06-05 11:04:23 ----D---- C:\Program Files (x86)\Tetris 5000

2010-06-04 21:33:15 ----D---- C:\Program Files (x86)\Steam

2010-06-04 18:20:57 ----D---- C:\ProgramData\NortonInstaller

2010-06-04 18:09:20 ----D---- C:\ProgramData\Norton

2010-06-02 12:39:46 ----D---- C:\Program Files (x86)\DreamCatcher

2010-06-02 10:56:43 ----A---- C:\Windows\unvise32.exe

2010-06-02 10:56:00 ----D---- C:\Program Files (x86)\Pure Pinball 2.0 REDUX

2010-06-02 10:50:19 ----A---- C:\Windows\SysWOW64\PerfStringBackup.INI

2010-06-02 10:50:06 ----D---- C:\Windows\SysWOW64\URTTEMP

2010-06-02 10:45:08 ----RHD---- C:\Users\patrick\AppData\Roaming\SecuROM

2010-06-02 10:42:10 ----A---- C:\Windows\SysWOW64\PnkBstrB.exe

2010-06-02 10:42:07 ----A---- C:\Windows\SysWOW64\PnkBstrA.exe

2010-06-02 10:42:07 ----A---- C:\Windows\SysWOW64\pbsvc.exe

2010-06-01 20:25:34 ----D---- C:\Users\patrick\AppData\Roaming\LockHunter

2010-05-26 17:23:00 ----A---- C:\Windows\SysWOW64\CmdLineExt_x64.dll

2010-05-26 14:52:49 ----A---- C:\Windows\SysWOW64\tzres.dll

2010-05-24 15:12:10 ----D---- C:\RDesc

2010-05-20 17:27:16 ----D---- C:\Downloads

2010-05-20 17:08:49 ----A---- C:\Windows\MegaManager.INI

 

======List of files/folders modified in the last 1 months======

 

2010-06-16 07:48:43 ----D---- C:\Windows\Prefetch

2010-06-16 07:48:33 ----D---- C:\Windows\Temp

2010-06-16 07:39:41 ----D---- C:\Windows\System32

2010-06-16 07:39:41 ----D---- C:\Windows\inf

2010-06-16 07:38:54 ----D---- C:\Windows\SysWOW64\drivers

2010-06-16 07:38:54 ----D---- C:\Windows\SysWOW64

2010-06-16 06:58:54 ----RD---- C:\Program Files (x86)

2010-06-16 06:19:43 ----D---- C:\Windows\tracing

2010-06-15 12:43:16 ----D---- C:\Windows\Tasks

2010-06-15 12:35:30 ----D---- C:\Windows

2010-06-15 07:51:03 ----D---- C:\Users\patrick\AppData\Roaming\vlc

2010-06-15 07:50:16 ----D---- C:\Users\patrick\AppData\Roaming\dvdcss

2010-06-15 04:54:52 ----SHD---- C:\Windows\Installer

2010-06-15 02:23:40 ----SHD---- C:\System Volume Information

2010-06-14 11:02:35 ----D---- C:\Program Files (x86)\Glary Utilities

2010-06-13 08:50:53 ----D---- C:\Windows\debug

2010-06-13 08:50:08 ----D---- C:\Program Files (x86)\CCleaner

2010-06-12 22:37:52 ----D---- C:\Program Files (x86)\Adobe

2010-06-12 22:37:51 ----D---- C:\Program Files (x86)\Common Files\Adobe AIR

2010-06-12 22:29:28 ----D---- C:\Program Files (x86)\OpenOffice.org 3

2010-06-12 22:29:18 ----RSD---- C:\Windows\assembly

2010-06-12 22:29:06 ----RSD---- C:\Windows\Fonts

2010-06-12 22:28:07 ----D---- C:\Windows\winsxs

2010-06-11 03:28:51 ----D---- C:\Windows\Microsoft.NET

2010-06-11 03:18:29 ----D---- C:\Windows\SysWOW64\migration

2010-06-11 03:18:29 ----D---- C:\Program Files (x86)\Internet Explorer

2010-06-11 03:01:57 ----D---- C:\ProgramData\Microsoft Help

2010-06-08 19:40:21 ----HD---- C:\Program Files (x86)\InstallShield Installation Information

2010-06-08 19:38:37 ----D---- C:\Program Files (x86)\Google

2010-06-08 19:37:00 ----D---- C:\ProgramData\Google

2010-06-07 19:17:04 ----D---- C:\Program Files (x86)\Mozilla Firefox

2010-06-05 23:13:16 ----D---- C:\Users\patrick\AppData\Roaming\Apple Computer

2010-06-05 23:12:46 ----D---- C:\Program Files (x86)\Microsoft Silverlight

2010-06-05 14:25:15 ----D---- C:\Program Files (x86)\Mozilla Thunderbird

2010-06-05 14:24:08 ----RD---- C:\Program Files

2010-06-05 14:24:08 ----HD---- C:\ProgramData

2010-06-05 14:24:08 ----D---- C:\Program Files (x86)\Common Files\Apple

2010-06-05 13:27:45 ----D---- C:\ProgramData\Adobe

2010-06-05 13:27:45 ----D---- C:\Program Files (x86)\Common Files\Adobe

2010-06-05 13:26:44 ----D---- C:\Users\patrick\AppData\Roaming\Adobe

2010-06-05 12:05:53 ----D---- C:\Program Files (x86)\Common Files

2010-06-05 09:07:19 ----D---- C:\Windows\registration

2010-06-05 09:07:14 ----D---- C:\Windows\AppCompat

2010-06-04 16:46:39 ----D---- C:\ProgramData\Spybot - Search & Destroy

2010-06-04 16:35:17 ----SD---- C:\ProgramData\Microsoft

2010-06-04 13:07:45 ----D---- C:\Users\patrick\AppData\Roaming\Macromedia

2010-06-01 17:20:25 ----D---- C:\Users\patrick\AppData\Roaming\PowerCinema

2010-05-31 20:56:19 ----SD---- C:\Users\patrick\AppData\Roaming\Microsoft

2010-05-28 15:05:04 ----D---- C:\Windows\LiveKernelReports

2010-05-27 10:29:01 ----D---- C:\Windows\rescache

2010-05-26 23:29:20 ----D---- C:\Windows\SysWOW64\fr-FR

2010-05-26 14:52:04 ----AD---- C:\ProgramData\Temp

2010-05-21 21:17:07 ----D---- C:\Program Files (x86)\TuneUp Utilities 2010

2010-05-21 10:42:57 ----D---- C:\Program Files (x86)\Mah Jong Adventures

2010-05-21 08:43:08 ----D---- C:\Windows\Logs

2010-05-21 07:40:46 ----D---- C:\tempocapt

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 aswRdr;aswRdr; C:\Windows\SysWOW64\drivers\aswRdr.sys []

R1 aswSP;aswSP; C:\Windows\SysWOW64\drivers\aswSP.sys []

R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys []

R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\Windows\System32\drivers\discache.sys []

R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys []

R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys []

R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys []

R1 RDPREFMP;@%systemroot%\system32\drivers\RdpRefMp.sys,-101; C:\Windows\system32\drivers\rdprefmp.sys []

R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]

R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]

R1 SCDEmu;SCDEmu; C:\Windows\SysWOW64\drivers\SCDEmu.sys []

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []

R1 WfpLwf;WFP Lightweight Filter; C:\Windows\system32\DRIVERS\wfplwf.sys []

R2 aswFsBlk;aswFsBlk; C:\Windows\SysWOW64\drivers\aswFsBlk.sys []

R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys []

R3 1394ohci;Contrôleur d’hôte compatible OHCI 1394; C:\Windows\system32\DRIVERS\1394ohci.sys []

R3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys []

R3 CompositeBus;Composite Bus Enumerator Driver; C:\Windows\system32\DRIVERS\CompositeBus.sys []

R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K; C:\Windows\system32\DRIVERS\e1k62x64.sys []

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys []

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []

R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []

R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys []

R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys []

R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys []

R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys []

R3 RasAgileVpn;WAN Miniport (IKEv2); C:\Windows\system32\DRIVERS\AgileVpn.sys []

R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [2009-10-14 11856]

R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys []

R3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys []

R3 vwifibus;Pilote de bus WiFi virtuel; C:\Windows\system32\DRIVERS\vwifibus.sys []

R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys []

R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys []

R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []

S3 AcpiPmi;ACPI Power Meter Driver; C:\Windows\system32\DRIVERS\acpipmi.sys []

S3 AmdPPM;AMD Processor Driver; C:\Windows\system32\DRIVERS\amdppm.sys []

S3 amdsata;amdsata; C:\Windows\system32\DRIVERS\amdsata.sys []

S3 amdsbs;amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys []

S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\Windows\system32\drivers\appid.sys []

S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []

S3 b06bdrv;Broadcom NetXtreme II VBD; C:\Windows\system32\DRIVERS\bxvbda.sys []

S3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60a.sys []

S3 BTHPORT;Pilote de port Bluetooth; C:\Windows\System32\Drivers\BTHport.sys []

S3 BTHUSB;Pilote USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys []

S3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys []

S3 drmkaud;Microsoft Trusted Audio Drivers; C:\Windows\system32\drivers\drmkaud.sys []

S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD; C:\Windows\system32\DRIVERS\evbda.sys []

S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\DRIVERS\errdev.sys []

S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\Windows\System32\drivers\FsDepends.sys []

S3 hcw85cir;Hauppauge Consumer Infrared Receiver; C:\Windows\system32\drivers\hcw85cir.sys []

S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys []

S3 HidBatt;HID UPS Battery Driver; C:\Windows\system32\DRIVERS\HidBatt.sys []

S3 HpSAMD;HpSAMD; C:\Windows\system32\DRIVERS\HpSAMD.sys []

S3 LSI_SAS2;LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys []

S3 MegaSR;MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys []

S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\Windows\System32\drivers\mshidkmdf.sys []

S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys []

S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys []

S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys []

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys []

S3 MTConfig;Microsoft Input Configuration Driver; C:\Windows\system32\DRIVERS\MTConfig.sys []

S3 NdisCap;NDIS Capture LightWeight Filter; C:\Windows\system32\DRIVERS\ndiscap.sys []

S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []

S3 pfc;Padus ASPI Shell; C:\Windows\system32\drivers\pfc.sys [2003-09-19 21248]

S3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf.sys []

S3 rdpbus;Remote Desktop Device Redirector Bus Driver; C:\Windows\system32\DRIVERS\rdpbus.sys []

S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\Windows\System32\DRIVERS\scfilter.sys []

S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys []

S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys []

S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys []

S3 stexstor;stexstor; C:\Windows\system32\DRIVERS\stexstor.sys []

S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2009-04-07 16392]

S3 UmPass;Microsoft UMPass Driver; C:\Windows\system32\DRIVERS\umpass.sys []

S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys []

S3 vhdmp;vhdmp; C:\Windows\system32\DRIVERS\vhdmp.sys []

S3 WIMMount;WIMMount; C:\Windows\system32\drivers\wimmount.sys [2009-07-14 19008]

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 a2free;a-squared Free Service; C:\Program Files (x86)\a-squared Free\a2service.exe [2010-04-15 1872320]

R2 AcrSch2Svc;Service Scheduler2 Acronis; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2009-09-12 892072]

R2 afcdpsrv;Acronis Nonstop Backup service; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2010-03-12 2326920]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-04-16 144672]

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]

R2 Bonjour Service;Service Bonjour; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-04-08 345376]

R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]

R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-06-06 1352320]

R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-08-13 62208]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []

R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-06-02 66872]

R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]

R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\Windows\system32\svchost.exe [2009-07-14 20992]

R2 SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2010-04-28 120832]

R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]

R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [2010-05-07 1403208]

R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]

R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]

R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]

R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]

R3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]

R3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]

R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]

S2 gupdate;Service Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-03-13 135664]

S2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\Windows\system32\sppsvc.exe []

S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 aspnet_state;Service d'état ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe []

S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-06-10 89920]

S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\Windows\System32\lsass.exe []

S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe []

S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]

S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2010-04-28 660256]

S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-10 305448]

S3 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-08-25 935208]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2009-07-14 20992]

S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 sppuinotify;@%SystemRoot%\system32\sppuinotify.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 TuneUp.Defrag;@C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-05-21 607048]

S3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\Windows\system32\lsass.exe []

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []

S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe []

S3 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 WwanSvc;@%SystemRoot%\System32\wwansvc.dll,-257; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S4 TeamViewer5;TeamViewer 5; C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe -service []

 

-----------------EOF-----------------

[Thanos]

as tu reçu un message disant qu'il fallait une élévation de privilèges pour effectuer l'opération ?

Si oui, retente comme ceci =>

Rends toi dans le répertoire suivant : C:\Windows\System32

Repère le fichier nommé cmd.exe

Fais un clic droit sur le fichier puis choisis Exécuter en tant qu'administrateur

Relance la même commande stp: tu vois voir s'afficher le message disant que le cache de résolution DNS a été vidé.

 

Télécharge GMER Rootkit Scanner du lien suivant :

 

http://www.gmer.net/#files

 

- Clique sur le bouton "Download EXE"

- Sauvegarde-le sur ton Bureau.

- Colle et sauvegarde ces instructions dans un fichier texte ou imprime-les, car tu devras fermer le navigateur.

- Ferme les fenêtres de navigateur ouvertes.

- Fais un clic droit sur le fichier (le nom comporte 8 chiffres/lettres aléatoires) puis choisis Exécuter en tant qu'administrateur

- Si l'outil te lance un warning d'activité de rootkit et te demande de faire un scan ; clique "NO"

• **Assure-toi que "Show All" est décoché**
  

- Clique maintenant sur le bouton "Scan" et patiente (cela peut prendre 10 minutes ou +)

- Lorsque l'analyse sera terminée, clique sur le bouton "Save..." (au bas à droite) ;

- Nomme le fichier"Ark.txt" et sauvegarde-le sur le Bureau ;

- Copie/colle le contenu de ce rapport dans ta réponse.

 

Si le scan plante, recommence mais en décochant les options suivantes => - Dans la section de droite de la fenêtre de l'outil, décoche Sections et IAT/EAT

[abraracourcix63]

Thanos,

la commande ipconfig / flushdns même en mode administrateur n'affiche pas la commande dns affichée.

Avec GMER après quelques minutes fin du scan et affichage GMER hasn't found any system modification. Le log est vide?????

Merci

[abraracourcix63]

Bonjour Thanos

Pour la création de moteur de recherche je tombe sur une fenêtre pour internet explorer 8 je n'ai pas comme sur ta photo le logo de VISTA / XP

Que faire?

[abraracourcix63]

OTS logfile created on: 19/06/2010 13:22:37 - Run 1
OTS by OldTimer - Version 3.1.31.2     Folder = C:\Users\patrick\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

6,00 Gb Total Physical Memory | 5,00 Gb Available Physical Memory | 76,00% Memory free
12,00 Gb Paging File | 10,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 458,45 Gb Total Space | 392,85 Gb Free Space | 85,69% Space Free | Partition Type: NTFS
Drive D: | 458,96 Gb Total Space | 179,03 Gb Free Space | 39,01% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ABRARACOURCIX
Current User Name: patrick
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 60 Days

[Processes - Safe List]
ots.exe -> C:\Users\patrick\Desktop\OTS.exe -> [2010/06/19 13:18:43 | 000,640,000 | ---- | M] (OldTimer Tools)
avguard.exe -> C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -> [2010/06/18 19:52:00 | 000,185,089 | ---- | M] (Avira GmbH)
sched.exe -> C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -> [2010/06/18 19:52:00 | 000,108,289 | ---- | M] (Avira GmbH)
aawtray.exe -> C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe -> [2010/06/16 13:07:32 | 000,864,112 | ---- | M] (Lavasoft)
aawservice.exe -> C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -> [2010/06/16 13:07:26 | 001,352,832 | ---- | M] (Lavasoft)
pnkbstra.exe -> C:\Windows\SysWOW64\PnkBstrA.exe -> [2010/06/02 10:42:07 | 000,066,872 | ---- | M] ()
psi.exe -> C:\Program Files (x86)\Secunia\PSI\psi.exe -> [2010/05/28 13:04:52 | 000,911,920 | ---- | M] (Secunia)
applemobiledeviceservice.exe -> C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -> [2010/04/16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.)
a2service.exe -> C:\Program Files (x86)\a-squared Free\a2service.exe -> [2010/04/15 08:25:20 | 001,872,320 | ---- | M] (Emsi Software GmbH)
afcdpsrv.exe -> C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -> [2010/03/12 13:43:13 | 002,326,920 | ---- | M] (Acronis)
schedhlp.exe -> C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe -> [2009/09/12 18:38:50 | 000,358,024 | ---- | M] (Acronis)
trueimagemonitor.exe -> C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe -> [2009/09/12 18:38:16 | 005,081,912 | ---- | M] (Acronis)
mwldaemon.exe -> C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe -> [2009/09/10 15:42:30 | 000,349,480 | ---- | M] (Egis Technology Inc.)
greghsrw.exe -> C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -> [2009/08/28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated)
hotkeyutility.exe -> C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe -> [2009/08/18 09:27:26 | 000,629,280 | ---- | M] ()
ischedulesvc.exe -> C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -> [2009/08/13 00:04:44 | 000,062,208 | ---- | M] (NewTech Infosystems, Inc.)
backupmanagertray.exe -> C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe -> [2009/08/12 23:58:28 | 000,261,888 | ---- | M] (NewTech Infosystems, Inc.)
egisupdate.exe -> C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe -> [2009/08/04 07:09:34 | 000,199,464 | ---- | M] (Egis Technology Inc.)
updaterservice.exe -> C:\Program Files\Acer\Acer Updater\UpdaterService.exe -> [2009/07/04 03:47:12 | 000,240,160 | ---- | M] (Acer)
iaanotif.exe -> C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe -> [2009/06/05 04:03:32 | 000,186,904 | ---- | M] (Intel Corporation)
iaantmon.exe -> C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -> [2009/06/05 04:03:06 | 000,354,840 | ---- | M] (Intel Corporation)
avgnt.exe -> C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe -> [2009/03/02 13:08:11 | 000,209,153 | ---- | M] (Avira GmbH)
sdwinsec.exe -> C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -> [2009/01/26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.)

[Modules - Safe List]
ots.exe -> C:\Users\patrick\Desktop\OTS.exe -> [2010/06/19 13:18:43 | 000,640,000 | ---- | M] (OldTimer Tools)
comdlg32.dll -> C:\Windows\SysWOW64\comdlg32.dll -> [2009/07/14 03:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation)
msscript.ocx -> C:\Windows\SysWOW64\msscript.ocx -> [2009/07/14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation)
comctl32.dll -> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll -> [2009/07/14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation)

[Win32 Services - Safe List]
64bit-(WatAdminSvc)  [unknown | Stopped] -> C:\Windows\SysNative\Wat\WatAdminSvc.exe -> [2010/06/08 21:10:24 | 001,255,736 | ---- | M] (Microsoft Corporation)
64bit-(UxTuneUp)  [Auto | Running] -> C:\Windows\SysNative\uxtuneup.dll -> [2010/05/07 18:01:52 | 000,036,168 | ---- | M] (TuneUp Software)
64bit-(SASCORE)  [Auto | Running] -> C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -> [2010/04/28 17:23:07 | 000,120,832 | ---- | M] (SUPERAntiSpyware.com)
64bit-(WwanSvc)  [On_Demand | Stopped] -> C:\Windows\SysNative\wwansvc.dll -> [2009/07/14 03:41:59 | 000,229,888 | ---- | M] (Microsoft Corporation)
64bit-(WbioSrvc)  [On_Demand | Stopped] -> C:\Windows\SysNative\wbiosrvc.dll -> [2009/07/14 03:41:56 | 000,202,240 | ---- | M] (Microsoft Corporation)
64bit-(Power)  [Auto | Running] -> C:\Windows\SysNative\umpo.dll -> [2009/07/14 03:41:56 | 000,163,840 | ---- | M] (Microsoft Corporation)
64bit-(Themes)  [Auto | Running] -> C:\Windows\SysNative\themeservice.dll -> [2009/07/14 03:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation)
64bit-(sppuinotify)  [On_Demand | Stopped] -> C:\Windows\SysNative\sppuinotify.dll -> [2009/07/14 03:41:54 | 000,065,536 | ---- | M] (Microsoft Corporation)
64bit-(SensrSvc)  [On_Demand | Stopped] -> C:\Windows\SysNative\sensrsvc.dll -> [2009/07/14 03:41:54 | 000,029,184 | ---- | M] (Microsoft Corporation)
64bit-(PNRPsvc)  [On_Demand | Running] -> C:\Windows\SysNative\pnrpsvc.dll -> [2009/07/14 03:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation)
64bit-(p2pimsvc)  [On_Demand | Running] -> C:\Windows\SysNative\pnrpsvc.dll -> [2009/07/14 03:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation)
64bit-(HomeGroupProvider)  [On_Demand | Running] -> C:\Windows\SysNative\provsvc.dll -> [2009/07/14 03:41:53 | 000,187,904 | ---- | M] (Microsoft Corporation)
64bit-(RpcEptMapper)  [unknown | Running] -> C:\Windows\SysNative\RpcEpMap.dll -> [2009/07/14 03:41:53 | 000,067,072 | ---- | M] (Microsoft Corporation)
64bit-(PNRPAutoReg)  [On_Demand | Stopped] -> C:\Windows\SysNative\pnrpauto.dll -> [2009/07/14 03:41:53 | 000,025,088 | ---- | M] (Microsoft Corporation)
64bit-(WinDefend)  [Auto | Running] -> C:\Program Files\Windows Defender\mpsvc.dll -> [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation)
64bit-(HomeGroupListener)  [On_Demand | Running] -> C:\Windows\SysNative\ListSvc.dll -> [2009/07/14 03:41:18 | 000,231,936 | ---- | M] (Microsoft Corporation)
64bit-(FontCache)  [On_Demand | Stopped] -> C:\Windows\SysNative\FntCache.dll -> [2009/07/14 03:40:54 | 001,127,936 | ---- | M] (Microsoft Corporation)
64bit-(Dhcp)  [Auto | Running] -> C:\Windows\SysNative\dhcpcore.dll -> [2009/07/14 03:40:28 | 000,314,368 | ---- | M] (Microsoft Corporation)
64bit-(defragsvc)  [On_Demand | Stopped] -> C:\Windows\SysNative\defragsvc.dll -> [2009/07/14 03:40:28 | 000,291,328 | ---- | M] (Microsoft Corporation)
64bit-(bthserv)  [On_Demand | Stopped] -> C:\Windows\SysNative\bthserv.dll -> [2009/07/14 03:40:13 | 000,083,968 | ---- | M] (Microsoft Corporation)
64bit-(BDESVC)  [unknown | Stopped] -> C:\Windows\SysNative\bdesvc.dll -> [2009/07/14 03:40:10 | 000,100,864 | ---- | M] (Microsoft Corporation)
64bit-(AxInstSV)  [On_Demand | Stopped] -> C:\Windows\SysNative\AxInstSv.dll -> [2009/07/14 03:40:05 | 000,114,688 | ---- | M] (Microsoft Corporation)
64bit-(AppIDSvc)  [On_Demand | Stopped] -> C:\Windows\SysNative\appidsvc.dll -> [2009/07/14 03:40:01 | 000,032,256 | ---- | M] (Microsoft Corporation)
64bit-(wbengine)  [On_Demand | Stopped] -> C:\Windows\SysNative\wbengine.exe -> [2009/07/14 03:39:51 | 001,503,744 | ---- | M] (Microsoft Corporation)
64bit-(sppsvc)  [Auto | Stopped] -> C:\Windows\SysNative\sppsvc.exe -> [2009/07/14 03:39:28 | 003,524,608 | ---- | M] (Microsoft Corporation)
64bit-(Fax)  [On_Demand | Stopped] -> C:\Windows\SysNative\FXSSVC.exe -> [2009/07/14 03:39:11 | 000,689,152 | ---- | M] (Microsoft Corporation)
64bit-(Updater Service)  [Auto | Running] -> C:\Program Files\Acer\Acer Updater\UpdaterService.exe -> [2009/07/04 03:47:12 | 000,240,160 | ---- | M] (Acer)
(AntiVirService) Avira AntiVir Guard [Auto | Running] -> C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -> [2010/06/18 19:52:00 | 000,185,089 | ---- | M] (Avira GmbH)
(AntiVirSchedulerService) Avira AntiVir Planificateur [Auto | Running] -> C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -> [2010/06/18 19:52:00 | 000,108,289 | ---- | M] (Avira GmbH)
(Lavasoft Ad-Aware Service) Lavasoft Ad-Aware Service [Auto | Running] -> C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -> [2010/06/16 13:07:26 | 001,352,832 | ---- | M] (Lavasoft)
(PnkBstrA) PnkBstrA [Auto | Running] -> C:\Windows\SysWOW64\PnkBstrA.exe -> [2010/06/02 10:42:07 | 000,066,872 | ---- | M] ()
(TuneUp.Defrag) TuneUp Drive Defrag Service [On_Demand | Stopped] -> C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe -> [2010/05/21 21:17:07 | 000,607,048 | ---- | M] (TuneUp Software)
(TuneUp.UtilitiesSvc) TuneUp Utilities Service [Auto | Running] -> C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe -> [2010/05/07 18:06:42 | 001,403,208 | ---- | M] (TuneUp Software)
(UxTuneUp) TuneUp Extension de thème [Auto | Running] -> C:\Windows\SysWOW64\uxtuneup.dll -> [2010/05/07 18:01:44 | 000,030,024 | ---- | M] (TuneUp Software)
(Apple Mobile Device) Apple Mobile Device [Auto | Running] -> C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -> [2010/04/16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.)
(a2free) a-squared Free Service [Auto | Running] -> C:\Program Files (x86)\a-squared Free\a2service.exe -> [2010/04/15 08:25:20 | 001,872,320 | ---- | M] (Emsi Software GmbH)
(afcdpsrv) Acronis Nonstop Backup service [Auto | Running] -> C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -> [2010/03/12 13:43:13 | 002,326,920 | ---- | M] (Acronis)
(AcrSch2Svc) Service Scheduler2 Acronis [Auto | Running] -> C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -> [2009/09/12 18:39:04 | 000,892,072 | ---- | M] (Acronis)
(MWLService) MyWinLocker Service [On_Demand | Stopped] -> C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -> [2009/09/10 15:42:46 | 000,305,448 | ---- | M] ()
(Greg_Service) GRegService [Auto | Running] -> C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -> [2009/08/28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated)
(Nero BackItUp Scheduler 4.0) Nero BackItUp Scheduler 4.0 [On_Demand | Stopped] -> C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -> [2009/08/25 19:38:06 | 000,935,208 | ---- | M] (Nero AG)
(NTI IScheduleSvc) NTI IScheduleSvc [Auto | Running] -> C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -> [2009/08/13 00:04:44 | 000,062,208 | ---- | M] (NewTech Infosystems, Inc.)
(VSS) Cliché instantané des volumes [On_Demand | Stopped] -> C:\Windows\Vss -> [2009/07/14 05:20:14 | 000,000,000 | ---D | M]
(MSDTC) Coordinateur de transactions distribuées [unknown | Stopped] -> C:\Windows\SysWOW64\Msdtc -> [2009/07/14 05:20:14 | 000,000,000 | ---D | M]
(HomeGroupProvider) Fournisseur HomeGroup [On_Demand | Running] -> C:\Windows\SysWOW64\provsvc.dll -> [2009/07/14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation)
(Dhcp) Client DHCP [Auto | Running] -> C:\Windows\SysWOW64\dhcpcore.dll -> [2009/07/14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation)
(vds) Disque virtuel [On_Demand | Stopped] -> C:\Windows\SysWOW64\wbem\vds.mof -> [2009/07/13 22:30:11 | 000,061,056 | ---- | M] ()
(clr_optimization_v2.0.50727_64) Microsoft .NET Framework NGEN v2.0.50727_X64 [On_Demand | Stopped] -> C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -> [2009/06/10 22:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation)
(IAANTMON) Intel(R) Matrix Storage Event Monitor [Auto | Running] -> C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -> [2009/06/05 04:03:06 | 000,354,840 | ---- | M] (Intel Corporation)
(SBSDWSCService) SBSD Security Center Service [Auto | Running] -> C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -> [2009/01/26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.)
(ServiceLayer) ServiceLayer [On_Demand | Stopped] -> C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -> [2008/04/07 10:17:30 | 000,430,592 | ---- | M] (Nokia.)

[Driver Services - Safe List]
64bit-(avgntflt) avgntflt [File_System | Auto | Running] -> C:\Windows\SysNative\drivers\avgntflt.sys -> [2010/06/18 19:52:00 | 000,074,880 | ---- | M] (Avira GmbH)
64bit-(Lbd) Lbd [File_System | Boot | Running] -> C:\Windows\SysNative\drivers\Lbd.sys -> [2010/06/06 10:58:16 | 000,069,152 | ---- | M] (Lavasoft AB)
64bit-(PSI) PSI [File_System | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\psi_mf.sys -> [2010/05/28 13:04:52 | 000,017,456 | ---- | M] (Secunia)
64bit-(afcdp) afcdp [File_System | On_Demand | Running] -> C:\Windows\SysNative\drivers\afcdp.sys -> [2010/03/12 13:43:13 | 000,250,400 | ---- | M] (Acronis)
64bit-(tdrpman251) Acronis Try&Decide and Restore Points filter (build 251) [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\tdrpm251.sys -> [2010/03/12 13:43:11 | 001,455,648 | ---- | M] (Acronis)
64bit-(timounter) Acronis Backup Archive Explorer [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\timntr.sys -> [2010/03/12 13:43:10 | 000,929,312 | ---- | M] (Acronis)
64bit-(snapman) Acronis Snapshots Manager [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\snapman.sys -> [2010/03/12 13:43:06 | 000,254,496 | ---- | M] (Acronis)
64bit-(SASDIFSV) SASDIFSV [Kernel | System | Running] -> C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS -> [2010/02/17 20:23:05 | 000,014,920 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
64bit-(SASKUTIL) SASKUTIL [Kernel | System | Running] -> C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS -> [2010/02/17 20:23:05 | 000,012,360 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
64bit-(KSecPkg) KSecPkg [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\ksecpkg.sys -> [2009/12/11 12:29:27 | 000,153,160 | ---- | M] (Microsoft Corporation)
64bit-(fvevol) Pilote de filtre de Chiffrement de lecteur Bitlocker [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\fvevol.sys -> [2009/09/26 08:20:38 | 000,223,448 | ---- | M] (Microsoft Corporation)
64bit-(e1kexpress) Intel(R) PRO/1000 PCI Express Network Connection Driver K [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\e1k62x64.sys -> [2009/09/23 11:11:04 | 000,283,824 | ---- | M] (Intel Corporation)
64bit-(USBAAPL64) Apple Mobile USB Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\usbaapl64.sys -> [2009/08/28 20:42:52 | 000,049,152 | ---- | M] (Apple, Inc.)
64bit-(JRAID) JRAID [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\jraid.sys -> [2009/07/18 07:18:48 | 000,109,480 | ---- | M] (JMicron Technology Corp.)
64bit-(amdsata) amdsata [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsata.sys -> [2009/07/14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices)
64bit-(amdxata) amdxata [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\amdxata.sys -> [2009/07/14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices)
64bit-(amdsbs) amdsbs [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsbs.sys -> [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.)
64bit-(LSI_SAS2) LSI_SAS2 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\lsi_sas2.sys -> [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation)
64bit-(hwpolicy) Hardware Policy Driver [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\hwpolicy.sys -> [2009/07/14 03:48:04 | 000,014,416 | ---- | M] (Microsoft Corporation)
64bit-(FsDepends) File System Dependency Minifilter [File_System | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\fsdepends.sys -> [2009/07/14 03:47:49 | 000,055,376 | ---- | M] (Microsoft Corporation)
64bit-(HpSAMD) HpSAMD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\HpSAMD.sys -> [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company)
64bit-(WIMMount) WIMMount [File_System | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\wimmount.sys -> [2009/07/14 03:45:56 | 000,022,096 | ---- | M] (Microsoft Corporation)
64bit-(vhdmp) vhdmp [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\vhdmp.sys -> [2009/07/14 03:45:55 | 000,217,680 | ---- | M] (Microsoft Corporation)
64bit-(vdrvroot) Microsoft Virtual Drive Enumerator Driver [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\vdrvroot.sys -> [2009/07/14 03:45:55 | 000,036,432 | ---- | M] (Microsoft Corporation)
64bit-(stexstor) stexstor [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\stexstor.sys -> [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology)
64bit-(rdyboost) ReadyBoost [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\rdyboost.sys -> [2009/07/14 03:45:46 | 000,214,096 | ---- | M] (Microsoft Corporation)
64bit-(pcw) Performance Counters for Windows Driver [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\pcw.sys -> [2009/07/14 03:45:45 | 000,050,768 | ---- | M] (Microsoft Corporation)
64bit-(CNG) CNG [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\cng.sys -> [2009/07/14 03:43:14 | 000,460,504 | ---- | M] (Microsoft Corporation)
64bit-(rdpbus) Remote Desktop Device Redirector Bus Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\rdpbus.sys -> [2009/07/14 02:17:46 | 000,024,064 | ---- | M] (Microsoft Corporation)
64bit-(RDPREFMP) Reflector Display Driver used to gain access to graphics data [Kernel | System | Running] -> C:\Windows\SysNative\drivers\RDPREFMP.sys -> [2009/07/14 02:16:35 | 000,008,192 | ---- | M] (Microsoft Corporation)
64bit-(RasAgileVpn) WAN Miniport (IKEv2) [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\agilevpn.sys -> [2009/07/14 02:10:24 | 000,060,416 | ---- | M] (Microsoft Corporation)
64bit-(WfpLwf) WFP Lightweight Filter [Kernel | System | Running] -> C:\Windows\SysNative\drivers\wfplwf.sys -> [2009/07/14 02:09:26 | 000,012,800 | ---- | M] (Microsoft Corporation)
64bit-(NdisCap) NDIS Capture LightWeight Filter [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\ndiscap.sys -> [2009/07/14 02:08:13 | 000,035,328 | ---- | M] (Microsoft Corporation)
64bit-(vwififlt) Virtual WiFi Filter Driver [Kernel | System | Running] -> C:\Windows\SysNative\drivers\vwififlt.sys -> [2009/07/14 02:07:22 | 000,059,904 | ---- | M] (Microsoft Corporation)
64bit-(vwifibus) Pilote de bus WiFi virtuel [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\vwifibus.sys -> [2009/07/14 02:07:21 | 000,024,576 | ---- | M] (Microsoft Corporation)
64bit-(1394ohci) Contrôleur d’hôte compatible OHCI 1394 [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\1394ohci.sys -> [2009/07/14 02:07:13 | 000,227,840 | ---- | M] (Microsoft Corporation)
64bit-(HdAudAddService) Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\HdAudio.sys -> [2009/07/14 02:07:00 | 000,350,208 | ---- | M] (Microsoft Corporation)
64bit-(BTHPORT) Pilote de port Bluetooth [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\bthport.sys -> [2009/07/14 02:06:57 | 000,551,936 | ---- | M] (Microsoft Corporation)
64bit-(BTHUSB) Pilote USB radio Bluetooth [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\BTHUSB.SYS -> [2009/07/14 02:06:52 | 000,079,360 | ---- | M] (Microsoft Corporation)
64bit-(UmPass) Microsoft UMPass Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\umpass.sys -> [2009/07/14 02:06:52 | 000,009,728 | ---- | M] (Microsoft Corporation)
64bit-(mshidkmdf) Pass-through HID to KMDF Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\mshidkmdf.sys -> [2009/07/14 02:06:24 | 000,008,192 | ---- | M] (Microsoft Corporation)
64bit-(WudfPf) User Mode Driver Frameworks Platform Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\WUDFPf.sys -> [2009/07/14 02:05:37 | 000,112,128 | ---- | M] (Microsoft Corporation)
64bit-(MTConfig) Microsoft Input Configuration Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\MTConfig.sys -> [2009/07/14 02:02:08 | 000,015,360 | ---- | M] (Microsoft Corporation)
64bit-(CompositeBus) Composite Bus Enumerator Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\CompositeBus.sys -> [2009/07/14 02:00:34 | 000,038,912 | ---- | M] (Microsoft Corporation)
64bit-(Beep) Beep [Kernel | System | Running] -> C:\Windows\SysNative\drivers\beep.sys -> [2009/07/14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation)
64bit-(AppID) Pilote AppID [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\appid.sys -> [2009/07/14 01:52:39 | 000,061,440 | ---- | M] (Microsoft Corporation)
64bit-(scfilter) Pilote de filtre de classe PnP de carte à puce [Kernel | Unknown | Stopped] -> C:\Windows\SysNative\drivers\scfilter.sys -> [2009/07/14 01:50:17 | 000,029,696 | ---- | M] (Microsoft Corporation)
64bit-(discache) System Attribute Cache [Kernel | System | Running] -> C:\Windows\SysNative\drivers\discache.sys -> [2009/07/14 01:37:18 | 000,040,448 | ---- | M] (Microsoft Corporation)
64bit-(HidBatt) HID UPS Battery Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\hidbatt.sys -> [2009/07/14 01:31:06 | 000,026,624 | ---- | M] (Microsoft Corporation)
64bit-(CmBatt) Microsoft ACPI Control Method Battery Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\CmBatt.sys -> [2009/07/14 01:31:03 | 000,017,664 | ---- | M] (Microsoft Corporation)
64bit-(AcpiPmi) ACPI Power Meter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\acpipmi.sys -> [2009/07/14 01:27:17 | 000,012,288 | ---- | M] (Microsoft Corporation)
64bit-(AmdPPM) AMD Processor Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdppm.sys -> [2009/07/14 01:19:25 | 000,060,928 | ---- | M] (Microsoft Corporation)
64bit-(atikmdag) atikmdag [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\atikmdag.sys -> [2009/07/13 23:59:33 | 005,020,672 | ---- | M] (ATI Technologies Inc.)
64bit-(NVHDA) Service for NVIDIA High Definition Audio Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\nvhda64v.sys -> [2009/06/26 09:55:10 | 000,083,488 | ---- | M] (NVIDIA Corporation)
64bit-(netr28x) Ralink 802.11n Extensible Wireless Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\netr28x.sys -> [2009/06/20 00:56:08 | 000,712,704 | ---- | M] (Ralink Technology, Corp.)
64bit-(ebdrv) Broadcom NetXtreme II 10 GigE VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\evbda.sys -> [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation)
64bit-(b06bdrv) Broadcom NetXtreme II VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\bxvbda.sys -> [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation)
64bit-(b57nd60a) Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\b57nd60a.sys -> [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation)
64bit-(hcw85cir) Hauppauge Consumer Infrared Receiver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\hcw85cir.sys -> [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.)
64bit-(iaStor) Intel RAID Controller [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\iaStor.sys -> [2009/06/05 03:54:36 | 000,408,600 | ---- | M] (Intel Corporation)
64bit-(mwlPSDVDisk) mwlPSDVDisk [Kernel | System | Running] -> C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -> [2009/06/02 13:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.)
64bit-(mwlPSDFilter) mwlPSDFilter [File_System | System | Running] -> C:\Windows\SysNative\drivers\mwlPSDFilter.sys -> [2009/06/02 13:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.)
64bit-(mwlPSDNServ) mwlPSDNServ [Kernel | System | Running] -> C:\Windows\SysNative\drivers\mwlPSDNserv.sys -> [2009/06/02 13:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.)
64bit-(GEARAspiWDM) GEAR ASPI Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\GEARAspiWDM.sys -> [2009/05/18 15:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.)
64bit-(NTIDrvr) NTIDrvr [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\NTIDrvr.sys -> [2009/05/06 01:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.)
64bit-(UBHelper) UBHelper [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\UBHelper.sys -> [2009/05/06 01:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation)
64bit-(SCDEmu) SCDEmu [Kernel | System | Running] -> C:\Windows\SysNative\drivers\scdemu.sys -> [2009/03/15 12:32:56 | 000,085,424 | ---- | M] (PowerISO Computing, Inc.)
64bit-(sscdmdm) SAMSUNG Mobile Modem Drivers [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\sscdmdm.sys -> [2008/02/22 16:33:00 | 000,151,040 | ---- | M] (MCCI Corporation)
64bit-(sscdbus) SAMSUNG USB Composite Device driver (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\sscdbus.sys -> [2008/02/22 16:32:58 | 000,113,664 | ---- | M] (MCCI Corporation)
64bit-(sscdmdfl) SAMSUNG Mobile Modem Filter [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\sscdmdfl.sys -> [2008/02/22 16:32:58 | 000,018,944 | ---- | M] (MCCI Corporation)
64bit-(pccsmcfd) PCCS Mode Change Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\pccsmcfdx64.sys -> [2007/09/17 16:53:34 | 000,029,184 | ---- | M] (Nokia)
(TuneUpUtilitiesDrv) TuneUpUtilitiesDrv [Kernel | On_Demand | Running] -> C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys -> [2009/10/14 07:24:44 | 000,011,856 | ---- | M] (TuneUp Software)
(WIMMount) WIMMount [File_System | On_Demand | Stopped] -> C:\Windows\SysWOW64\drivers\wimmount.sys -> [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation)
(NetBIOS) NetBIOS Interface [File_System | System | Running] -> C:\Windows\SysWOW64\netbios.dll -> [2009/07/14 03:16:02 | 000,014,336 | ---- | M] (Microsoft Corporation)
(mpsdrv) Pilote d’autorisation du Pare-feu Windows [Kernel | On_Demand | Running] -> C:\Windows\SysWOW64\wbem\mpsdrv.mof -> [2009/06/10 23:28:14 | 000,001,088 | ---- | M] ()
(Tcpip) Pilote du protocole TCP/IP [Kernel | System | Running] -> C:\Windows\SysWOW64\wbem\tcpip.mof -> [2009/06/10 23:15:18 | 000,003,066 | ---- | M] ()
(mwlPSDVDisk) mwlPSDVDisk [Kernel | System | Running] -> C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\mwlPSDVdisk.sys -> [2009/06/02 13:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.)
(mwlPSDFilter) mwlPSDFilter [File_System | System | Running] -> C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\mwlPSDFilter.sys -> [2009/06/02 13:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.)
(mwlPSDNServ) mwlPSDNServ [Kernel | System | Running] -> C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\mwlPSDNServ.sys -> [2009/06/02 13:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.)
(TFsExDisk) TFsExDisk [File_System | On_Demand | Stopped] -> C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -> [2009/04/07 10:39:44 | 000,016,392 | ---- | M] (Teruten Inc)
(pfc) Padus ASPI Shell [Kernel | On_Demand | Stopped] -> C:\Windows\SysWOW64\drivers\pfc.sys -> [2003/09/19 16:45:48 | 000,021,248 | ---- | M] (Padus, Inc.)

[Registry - Safe List]
< 64bit-Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> [url=http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_m5810&r=17360210cn06973d58k95qg9m3y349]http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_m5810&r=17360210cn06973d58k95qg9m3y349[/url] -> 
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> [url=http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_m5810&r=17360210cn06973d58k95qg9m3y349]http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_m5810&r=17360210cn06973d58k95qg9m3y349[/url] -> 
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> C:\Windows\SysWOW64\blank.htm -> 
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> [url=http://fr.msn.com/]MSN : Hotmail, Messenger, Bing, Actualité et Sport[/url] -> 
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> 
HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> 
HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\] > -> -> 
HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\: Main\\"Start Page" -> [url=http://www.google.fr/]Google[/url] -> 
HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\: SearchURL\\"" ->  -> 
HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\: "ProxyEnable" -> 0 -> 
HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\: "ProxyOverride" -> *.local -> 
< FireFox Settings [Prefs.js] > -> C:\Users\patrick\AppData\Roaming\Mozilla\FireFox\Profiles\pdf97g7x.default\prefs.js -> 
browser.search.useDBForOrder -> true ->
browser.startup.homepage -> "http://www.google.fr" ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 ->
extensions.enabledItems -> {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2 ->
extensions.enabledItems -> DTToolbar@toolbarnet.com:1.1.2.0185 ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions ->  -> 
HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components -> C:\Program Files (x86)\Mozilla Firefox\components [C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\COMPONENTS] -> [2010/06/07 19:17:04 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins -> C:\Program Files (x86)\Mozilla Firefox\plugins [C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\PLUGINS] -> [2010/06/07 19:17:03 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions ->  -> 
HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Components -> C:\Program Files (x86)\Mozilla Thunderbird\components [C:\PROGRAM FILES (X86)\MOZILLA THUNDERBIRD\COMPONENTS] -> [2010/06/05 13:09:10 | 000,000,000 | ---D | M]
< FireFox Extensions [user Folders] > -> 
 -> C:\Users\patrick\AppData\Roaming\mozilla\Extensions -> [2010/06/07 19:17:20 | 000,000,000 | ---D | M]
No name found   -> C:\Users\patrick\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} -> [2010/02/28 22:05:35 | 000,000,000 | ---D | M]
 -> C:\Users\patrick\AppData\Roaming\mozilla\Firefox\Profiles\6yt1wco1.default\extensions -> [2010/06/05 08:50:32 | 000,000,000 | ---D | M]
 -> C:\Users\patrick\AppData\Roaming\mozilla\Firefox\Profiles\pdf97g7x.default\extensions -> [2010/06/16 21:18:44 | 000,000,000 | ---D | M]
Adblock Plus   -> C:\Users\patrick\AppData\Roaming\mozilla\Firefox\Profiles\pdf97g7x.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} -> [2010/06/07 19:21:20 | 000,000,000 | ---D | M]
 -> C:\Users\patrick\AppData\Roaming\mozilla\Firefox\Profiles\pdf97g7x.default\extensions\DTToolbar@toolbarnet.com -> [2010/06/16 13:05:53 | 000,000,000 | ---D | M]
< FireFox SearchPlugins [user Folders] > -> 
< FireFox Extensions [Program Folders] > -> 
 -> C:\Program Files (x86)\Mozilla Firefox\extensions -> [2010/06/07 19:17:03 | 000,000,000 | ---D | M]
Java Console   -> C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} -> [2010/06/05 12:05:41 | 000,000,000 | ---D | M]
< HOSTS File > ([2010/06/05 18:12:02 | 000,000,000 | ---- | M] - 0 lines) -> C:\Windows\SysNative\Drivers\etc\hosts -> 
Reset Hosts
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 
{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [spybot-S&D IE Protection] -> [2009/01/26 16:31:02 | 001,879,896 | ---- | M] (Safer Networking Limited)
{9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll [Programme d'aide de l'Assistant de connexion Windows Live] -> [2009/01/22 16:41:30 | 000,408,448 | ---- | M] (Microsoft Corporation)
< 64bit-Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> 
"Locked" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> 
"Locked" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< Internet Explorer ToolBars [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\ -> 
WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\ -> 
WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\] > -> HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\Software\Microsoft\Internet Explorer\Toolbar\ -> 
WebBrowser\\"{30CEEEA2-3742-40E4-85DD-812BF1CBB83D}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< 64bit-Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"EPSON Stylus Photo RX520 Series" -> C:\Windows\SysNative\spool\DRIVERS\x64\3\E_FATIAGE.EXE [C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIAGE.EXE /F "C:\Windows\TEMP\E_S5CC3.tmp" /EF "HKLM"] -> [2005/04/07 05:00:00 | 000,098,304 | ---- | M] (SEIKO EPSON CORPORATION)
"IAAnotif" -> C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe [C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe] -> [2009/06/05 04:03:32 | 000,186,904 | ---- | M] (Intel Corporation)
"mwlDaemon" -> C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe] -> [2009/09/10 15:42:30 | 000,349,480 | ---- | M] (Egis Technology Inc.)
"RtHDVCpl" -> C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe] -> [2009/06/16 12:35:18 | 007,883,296 | ---- | M] (Realtek Semiconductor)
"Service Scheduler2 Acronis" -> C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe ["C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"] -> [2009/09/12 18:38:50 | 000,358,024 | ---- | M] (Acronis)
"Skytel" -> C:\Program Files\Realtek\Audio\HDA\Skytel.exe [C:\Program Files\Realtek\Audio\HDA\Skytel.exe] -> [2009/06/16 12:36:10 | 001,833,504 | ---- | M] (Realtek Semiconductor Corp.)
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"avgnt" -> C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe ["C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min] -> [2009/03/02 13:08:11 | 000,209,153 | ---- | M] (Avira GmbH)
"BackupManagerTray" -> C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe ["C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k] -> [2009/08/12 23:58:28 | 000,261,888 | ---- | M] (NewTech Infosystems, Inc.)
"EgisTecLiveUpdate" -> C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe ["C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"] -> [2009/08/04 07:09:34 | 000,199,464 | ---- | M] (Egis Technology Inc.)
"Hotkey Utility" -> C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe] -> [2009/08/18 09:27:26 | 000,629,280 | ---- | M] ()
"JMB36X IDE Setup" -> C:\Windows\RaidTool\xInsIDE.exe [C:\Windows\RaidTool\xInsIDE.exe] -> [2007/03/20 08:36:18 | 000,036,864 | ---- | M] ()
"TrueImageMonitor.exe" -> C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe] -> [2009/09/12 18:38:16 | 005,081,912 | ---- | M] (Acronis)
< Run [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"Sidebar" -> C:\Program Files (x86)\Windows Sidebar\Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun] -> [2009/07/14 03:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation)
< RunOnce [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce -> 
"mctadmin" -> C:\Windows\SysWow64\mctadmin.exe [C:\Windows\System32\mctadmin.exe] -> File not found
< Run [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"Sidebar" -> C:\Program Files (x86)\Windows Sidebar\Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun] -> [2009/07/14 03:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation)
< RunOnce [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce -> 
"mctadmin" -> C:\Windows\SysWow64\mctadmin.exe [C:\Windows\System32\mctadmin.exe] -> File not found
< Run [HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\] > -> HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"SUPERAntiSpyware" -> C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe] -> [2010/05/18 19:26:13 | 002,942,976 | ---- | M] (SUPERAntiSpyware.com)
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoActiveDesktop" ->  [1] -> File not found
\\"NoActiveDesktopChanges" ->  [1] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"ConsentPromptBehaviorAdmin" ->  [5] -> File not found
\\"ConsentPromptBehaviorUser" ->  [3] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats
< Internet Explorer Menu Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\MenuExt\ -> 
Google Sidewiki... -> C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll [res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html] -> File not found
< Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\MenuExt\ -> 
Google Sidewiki... -> C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll [res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html] -> File not found
< Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\] > -> HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\Software\Microsoft\Internet Explorer\MenuExt\ -> 
Google Sidewiki... -> C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll [res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html] -> File not found
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> 
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}:{5F7B1267-94A9-47F5-98DB-E99415F33AEC} [HKLM] -> C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll [button: Ajout Direct] -> [2009/07/26 21:17:14 | 000,186,192 | ---- | M] (Microsoft Corporation)
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}:{5F7B1267-94A9-47F5-98DB-E99415F33AEC} [HKLM] -> C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll [Menu: &Ajout Direct dans Windows Live Writer] -> [2009/07/26 21:17:14 | 000,186,192 | ---- | M] (Microsoft Corporation)
{2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll [button: Send to OneNote] -> [2009/02/26 19:45:52 | 000,603,040 | ---- | M] (Microsoft Corporation)
{2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll [Menu: S&end to OneNote] -> [2009/02/26 19:45:52 | 000,603,040 | ---- | M] (Microsoft Corporation)
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}:{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [Menu: Spybot - Search & Destroy Configuration] -> [2009/01/26 16:31:02 | 001,879,896 | ---- | M] (Safer Networking Limited)
< 64bit-Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> 
PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> 
PluginsPage -> [url=http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s]ActiveX Controls Gallery[/url] -> 
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> 
< 64bit-Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< 64bit-Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< 64bit-Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\] > -> HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 6869 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\] > -> HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> 
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> 
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> [url=http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab]http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab[/url] [Java Plug-in 1.6.0_20] -> 
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [HKLM] -> [url=http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab]http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab[/url] [Java Plug-in 1.6.0_20] -> 
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> [url=http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab]http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab[/url] [Java Plug-in 1.6.0_20] -> 
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> 
DhcpNameServer -> 192.168.1.1 -> 
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> 
{2FB1AC85-CD02-47E7-B89F-8C6DCDDF1F82}\\DhcpNameServer -> 192.168.1.1   (802.11n Wireless PCI Express Card LAN Adapter) -> 
{2FB1AC85-CD02-47E7-B89F-8C6DCDDF1F82}\\NameServer -> 91.188.60.223,8.8.8.8   (802.11n Wireless PCI Express Card LAN Adapter) -> 
{9709A052-9166-4307-8A65-8207AB2E70D9}\\DhcpNameServer -> 192.168.1.1   (Intel(R) 82578DC Gigabit Network Connection) -> 
{9709A052-9166-4307-8A65-8207AB2E70D9}\\NameServer -> 91.188.60.223,8.8.8.8   (Intel(R) 82578DC Gigabit Network Connection) -> 
< 64bit-Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
64bit-*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> 
explorer.exe -> C:\Windows\explorer.exe -> [2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
64bit-*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> 
SystemPropertiesPerformance.exe -> C:\Windows\SysNative\SystemPropertiesPerformance.exe -> [2009/07/14 03:39:47 | 000,082,432 | ---- | M] (Microsoft Corporation)
/pagefile ->  -> File not found
*MultiFile Done* -> -> 
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> 
Explorer.exe -> C:\Windows\SysWow64\explorer.exe -> [2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> 
SystemPropertiesPerformance.exe -> C:\Windows\SysWow64\SystemPropertiesPerformance.exe -> [2009/07/14 03:14:42 | 000,081,920 | ---- | M] (Microsoft Corporation)
/pagefile ->  -> File not found
*MultiFile Done* -> -> 
< 64bit-SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad -> 
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found
< SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad -> 
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found
< LSA Security Packages [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> 
64bit-*LSA Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> 
pku2u -> C:\Windows\SysNative\pku2u.dll -> [2009/07/14 03:41:53 | 000,240,640 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
*LSA Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> 
pku2u -> C:\Windows\SysWow64\pku2u.dll -> [2009/07/14 03:16:12 | 000,186,880 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
< Vista Active Firewall Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules -> 
{18359AD2-0B8C-45B0-BF5A-58F495C5B57A} -> lport=2869 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31277 | app=system | 
{25A43EA7-8C67-4982-8290-D91E8CE5C289} -> lport=1900 | protocol=17 | dir=in | action=allow | name=windows live messenger (ssdp-in) | app=svchost.exe | svc=ssdpsrv | 
{276068E7-AF64-462C-B6CB-227AC6C1C0D0} -> lport=2177 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31253 | app=%systemroot%\system32\svchost.exe | svc=qwave | 
{32974EC3-146A-4F04-A938-CE3B0790457A} -> lport=2869 | protocol=6 | dir=in | action=allow | name=windows live messenger (upnp-in) | app=system | 
{3EE9B627-BF93-48F3-944D-570354785806} -> rport=137 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28523 | app=system | 
{3F65A13C-9399-4318-9B08-CE77713E23AB} -> rport=445 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28515 | app=system | 
{6B0987B7-29F4-4442-A9A2-FAD44BF42258} -> lport=5355 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28548 | app=%systemroot%\system32\svchost.exe | svc=dnscache | 
{86D471BF-89D7-4CD9-96B6-3C2BA6CAA13A} -> rport=2177 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31257 | app=%systemroot%\system32\svchost.exe | svc=qwave | 
{8D7D87A9-05B8-49FF-8D94-CD90BB8DEAC4} -> lport=2177 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31261 | app=%systemroot%\system32\svchost.exe | svc=qwave | 
{93CAEE23-0757-4165-B52B-40C2A7DD20A8} -> lport=rpc-epmap | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28539 | svc=rpcss | 
{9928FB15-C12E-4038-9DB5-68D5313041C1} -> rport=1900 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31273 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv | 
{A1718E83-7D1E-4D8F-9CF0-7517FD1A331E} -> lport=138 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28527 | app=system | 
{AE01AB13-07CD-4497-8F5F-44561C3D4B62} -> rport=2177 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31265 | app=%systemroot%\system32\svchost.exe | svc=qwave | 
{B3F76739-60DF-4506-B607-762192F586DA} -> lport=139 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28503 | app=system | 
{D3449C76-F140-4FE1-92BC-74CDEC533C42} -> rport=138 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28531 | app=system | 
{D412E4EA-ECA5-476A-B99B-191C3877A8FA} -> lport=445 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28511 | app=system | 
{D5ACACB0-5034-46B6-BEAF-E3BF8AC4DD71} -> lport=137 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28519 | app=system | 
{D7A73857-663B-48E4-8EEE-0BF787DAD2C3} -> rport=10243 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31289 | app=system | 
{DF366AB8-9470-421C-92A9-BA7A85A1077E} -> lport=rpc | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28535 | app=%systemroot%\system32\spoolsv.exe | svc=spooler | 
{DFA3DB4E-A747-46A4-BBB7-4BB72496F836} -> rport=5355 | profile=public | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28550 | app=%systemroot%\system32\svchost.exe | svc=dnscache | 
{EB3E1131-E07C-4B6F-BC15-E59222C8C897} -> lport=10243 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31285 | app=system | 
{EBFAB743-D153-4B05-8352-221F0BEE53F5} -> lport=5355 | profile=public | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28548 | app=%systemroot%\system32\svchost.exe | svc=dnscache | 
{FBE41EA0-655D-4F51-B369-FCE7000CB56D} -> rport=5355 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28550 | app=%systemroot%\system32\svchost.exe | svc=dnscache | 
{FC893513-6025-466C-97B4-4A03A1725585} -> lport=1900 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31269 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv | 
{FF1DA44D-5488-46ED-AC67-A485D4B9BF85} -> rport=139 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28507 | app=system | 
< Vista Active Application Exception Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules -> 
{0958D5CF-7303-4555-9E81-9273E3BD2A56} -> profile=private | protocol=6 | dir=in | action=allow | name=orb stream client | app=c:\program files (x86)\orb networks\orb\bin\orbstreamerclient.exe | 
{0A4DE9FE-A173-4AE6-AC5A-B1C5D2F13B36} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31301 | app=%programfiles%\windows media player\wmplayer.exe | 
{17023B65-32FA-4962-BB0F-27A92AC5B459} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31007 | app=%programfiles%\windows media player\wmplayer.exe | 
{19ED6D48-8F30-4DAE-862B-FBFA30BA6345} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31023 | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
{1C110EE1-B234-4A80-A111-57945728FACC} -> profile=private | protocol=6 | dir=in | action=allow | name=pnkbstrb | app=c:\windows\syswow64\pnkbstrb.exe | 
{1DFBC5D5-3D73-44CE-899B-65A45D93B195} -> profile=private | protocol=6 | dir=in | action=allow | name=itunes | app=c:\program files (x86)\itunes\itunes.exe | 
{1FC3D48B-4DFE-4C23-A950-8FC214DBB6D3} -> dir=in | action=allow | name=windows live messenger | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
{21698BF3-CD67-4FEE-94D8-2FB3A726EA66} -> profile=private | protocol=17 | dir=in | action=allow | name=ktf music aod server | app=c:\program files (x86)\samsung\samsung new pc studio\npsasvr.exe | 
{26688A3E-08A9-4DE7-ADDD-E1C31A3E27E4} -> profile=public | protocol=6 | dir=in | action=allow | name=rlvknlg.exe | app=c:\program files (x86)\relevantknowledge\rlvknlg.exe | 
{2D201402-82B1-4DA4-8492-C7E7A90D1094} -> dir=in | action=allow | name=acer play movie | app=c:\program files (x86)\acer arcade deluxe\playmovie\playmovie.exe | 
{306CA939-DE51-4A77-B32E-DD88A6B40ADC} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31297 | app=%programfiles%\windows media player\wmplayer.exe | 
{38725F7D-728D-4223-AD7A-BE447D71551E} -> dir=in | action=allow | name=acer homemedia | app=c:\program files (x86)\acer arcade deluxe\homemedia\homemedia.exe | 
{390EF0C4-02FB-4DE3-9EF9-46882873FC39} -> profile=private | protocol=17 | dir=in | action=allow | name=orbtvguide | app=c:\program files (x86)\orb networks\orb\bin\xmltv.exe | 
{3ABCB612-6512-453B-ADC6-A17A9BFE7F3E} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31293 | app=%programfiles%\windows media player\wmplayer.exe | 
{3D29D795-E30C-4D82-8875-72E47D3185D2} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31011 | app=%programfiles%\windows media player\wmplayer.exe | 
{426BDD87-DCF5-49D0-B0DB-46B91F58F579} -> profile=public | protocol=6 | dir=in | action=allow | name=microsoft office onenote | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
{43BC474D-C0BA-403D-9486-08B2C0228DE5} -> profile=private | protocol=6 | dir=in | action=allow | name=ktf music vod server | app=c:\program files (x86)\samsung\samsung new pc studio\npsvsvr.exe | 
{47B1E935-11DF-43F3-9406-543AEEB327A1} -> profile=private | protocol=6 | dir=in | action=allow | name=orbchannelscan | app=c:\program files (x86)\orb networks\orb\bin\orbchannelscan.exe | 
{4A335D86-959A-4E74-A87D-D3BF344B143D} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31025 | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
{4C754EA4-D340-4D5B-B575-700F49F0B8BB} -> profile=private | protocol=1 | dir=in | action=allow | name=@firewallapi.dll,-28543 | 
{4CBF61BE-2976-4A74-9D3C-CB31C0C2EF3D} -> profile=private | protocol=17 | dir=in | action=allow | name=itunes | app=c:\program files (x86)\itunes\itunes.exe | 
{5026C635-B4A7-4630-954F-86AC09E2296F} -> profile=private | protocol=1 | dir=out | action=allow | name=@firewallapi.dll,-28544 | 
{528CCDC5-DE46-41FD-941C-04CCD5779496} -> profile=public | protocol=6 | dir=in | action=allow | name=s.t.a.l.k.e.r. - shadow of chernobyl (srv) | app=c:\program files (x86)\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\dedicated\xr_3da.exe | 
{5D603792-C6A7-4696-B8DE-259532379B0D} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31317 | app=%programfiles%\windows media player\wmpnetwk.exe | 
{5DD8EA31-06F8-40D7-AB46-3069FA3D5044} -> profile=private | protocol=17 | dir=in | action=allow | name=orbchannelscan | app=c:\program files (x86)\orb networks\orb\bin\orbchannelscan.exe | 
{659ED95C-F968-47CC-9F25-0E4D7624F7FF} -> profile=private | protocol=6 | dir=in | action=allow | name=service bonjour | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
{65D749D0-61B9-452D-B7BB-045D7ED13216} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31281 | app=system | 
{72C64D90-BA69-445E-9131-D121B18E4A77} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31321 | app=%systemroot%\system32\svchost.exe | svc=upnphost | 
{7E80573C-D38B-4AC1-BB0A-3EE5294FD622} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31024 | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
{7F62B163-BB85-4124-8640-2D7FCBBAA254} -> profile=private | protocol=17 | dir=in | action=allow | name=ktf music vod server | app=c:\program files (x86)\samsung\samsung new pc studio\npsvsvr.exe | 
{870BEDC2-8875-4C31-8C9B-5461FE1C1B89} -> profile=private | protocol=6 | dir=in | action=allow | name=ktf music aod server | app=c:\program files (x86)\samsung\samsung new pc studio\npsasvr.exe | 
{8C1FA035-EA2C-4223-9396-A4B7107E662A} -> profile=private | protocol=6 | dir=in | action=allow | name=orbtvguide | app=c:\program files (x86)\orb networks\orb\bin\xmltv.exe | 
{9120C20C-2293-4094-B8DD-C6B1020ED8B8} -> profile=private | protocol=6 | dir=in | action=allow | name=orbir | app=c:\program files (x86)\orb networks\orb\bin\orbir.exe | 
{9166E47C-143A-4454-BF0C-0A3A53400528} -> profile=private | protocol=6 | dir=in | action=allow | name=orbtray | app=c:\program files (x86)\orb networks\orb\bin\orbtray.exe | 
{926A882C-701D-4941-83F1-06AB71B18B41} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31305 | app=%programfiles%\windows media player\wmpnetwk.exe | 
{967D5165-8E8E-4F8C-A6D3-ADE776A58F0B} -> dir=in | action=allow | name=windows live foldershare | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | 
{9BD2C2C2-B45E-431E-AAAB-FBAFF7C8DE16} -> profile=public | protocol=6 | dir=in | action=allow | name=s.t.a.l.k.e.r. - shadow of chernobyl (cli) | app=c:\program files (x86)\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe | 
{9CF45DEC-6568-4816-8975-6D9B1739AA3E} -> dir=in | action=allow | name=windows live call | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe | 
{A63A7C47-4FD4-4818-AA7F-9FFB075060EF} -> profile=private | protocol=17 | dir=in | action=allow | name=orb stream client | app=c:\program files (x86)\orb networks\orb\bin\orbstreamerclient.exe | 
{A73423F9-1229-4E87-AE16-8F21531F06FD} -> profile=domain | dir=in | action=allow | name=mcafee network agent | app=c:\program files (x86)\common files\mcafee\mna\mcnasvc.exe | 
{ADFF8052-23FB-4197-8613-DF526DE74E4A} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31309 | app=%programfiles%\windows media player\wmpnetwk.exe | 
{B028B1EE-95DB-48D5-8684-2A40F4221B9D} -> profile=private | protocol=6 | dir=in | action=allow | name=orb | app=c:\program files (x86)\orb networks\orb\bin\orb.exe | 
{B16568BD-7C81-4CF8-98E4-A0B9618CC4D4} -> dir=in | action=allow | name=acer play movie resident program | app=c:\program files (x86)\acer arcade deluxe\playmovie\pmvservice.exe | 
{B67EA0F3-7CFB-4DC6-A467-2A7BB78FB282} -> profile=private | protocol=58 | dir=out | action=allow | name=@firewallapi.dll,-28546 | 
{B6BC20F5-7B99-415F-82E9-8CEA1290BD06} -> profile=private | protocol=58 | dir=in | action=allow | name=@firewallapi.dll,-28545 | 
{B8652142-F31D-4700-BFB5-EB23423A38D9} -> profile=private | protocol=17 | dir=in | action=allow | name=pnkbstrb | app=c:\windows\syswow64\pnkbstrb.exe | 
{BDE2806D-EAF6-44D3-898A-072E553C72A8} -> profile=private | protocol=17 | dir=in | action=allow | name=pnkbstra | app=c:\windows\syswow64\pnkbstra.exe | 
{C0B26F4E-9A20-4F22-A340-5CCEAD792365} -> profile=public | protocol=17 | dir=in | action=allow | name=microsoft office onenote | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
{C0BA3DB3-B627-48EA-AF5F-45E2575DDEE9} -> profile=public | protocol=17 | dir=in | action=allow | name=rlvknlg.exe | app=c:\program files (x86)\relevantknowledge\rlvknlg.exe | 
{C540243C-FAD5-4D2D-A40D-4C70077DD75E} -> profile=private | protocol=6 | dir=in | action=allow | name=pnkbstra | app=c:\windows\syswow64\pnkbstra.exe | 
{C94E2486-A642-44DC-BEB9-CDFFD722C4E1} -> profile=private | protocol=17 | dir=in | action=allow | name=orbir | app=c:\program files (x86)\orb networks\orb\bin\orbir.exe | 
{CEC0C5F2-D26E-4044-95ED-1745C7EB7771} -> dir=in | action=allow | name=acer arcade deluxe | app=c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe | 
{D03F093B-7C92-4BAE-ADE0-5B32C78667B7} -> profile=private | protocol=17 | dir=in | action=allow | name=service bonjour | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
{DD010D42-2B61-4C48-B2BB-8FCAB0B47687} -> profile=public | protocol=17 | dir=in | action=allow | name=s.t.a.l.k.e.r. - shadow of chernobyl (srv) | app=c:\program files (x86)\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\dedicated\xr_3da.exe | 
{DFEE985C-AEE8-419F-BA7E-6DDFC5BE56A1} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31003 | app=%programfiles%\windows media player\wmplayer.exe | 
{E28C44D2-3E41-461D-BB43-D048F8C812FB} -> profile=public | protocol=17 | dir=in | action=allow | name=s.t.a.l.k.e.r. - shadow of chernobyl (cli) | app=c:\program files (x86)\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe | 
{E3E5985E-3339-4F41-AAC9-F9504600208D} -> profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31313 | app=%programfiles%\windows media player\wmpnetwk.exe | 
{F7A5B25A-788B-4A13-9D03-8B614F6F9254} -> profile=private | protocol=17 | dir=in | action=allow | name=orb | app=c:\program files (x86)\orb networks\orb\bin\orb.exe | 
{FF6C1EAD-5A95-45B5-BBC2-3CC966150B8B} -> profile=private | protocol=17 | dir=in | action=allow | name=orbtray | app=c:\program files (x86)\orb networks\orb\bin\orbtray.exe | 
TCP Query User{2E246960-EC91-4EF0-B5F5-522DCCE5717D}C:\program files (x86)\java\jre6\bin\javaw.exe -> profile=private | protocol=6 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
TCP Query User{3E8A96FC-444F-4395-A438-B327D8EC586C}C:\program files (x86)\orb networks\orb\bin\orbtray.exe -> profile=public | protocol=6 | dir=in | action=block | name=orb | app=c:\program files (x86)\orb networks\orb\bin\orbtray.exe | 
TCP Query User{626C76D4-6EC3-4E24-819E-3D0DB8EB08BF}C:\program files (x86)\gigatribe\gigatribe.exe -> profile=private | protocol=6 | dir=in | action=allow | name=gigatribe | app=c:\program files (x86)\gigatribe\gigatribe.exe | 
TCP Query User{BB0C1DA5-EC6E-4DD7-8A80-F94CEA18469A}C:\program files (x86)\orb networks\orb\bin\orb.exe -> profile=public | protocol=6 | dir=in | action=block | name=orb application | app=c:\program files (x86)\orb networks\orb\bin\orb.exe | 
UDP Query User{0CBADD32-1BED-4121-B54B-4B44A6CC9F95}C:\program files (x86)\gigatribe\gigatribe.exe -> profile=private | protocol=17 | dir=in | action=allow | name=gigatribe | app=c:\program files (x86)\gigatribe\gigatribe.exe | 
UDP Query User{43318E42-CFC7-4672-87B8-085E8CD9780A}C:\program files (x86)\java\jre6\bin\javaw.exe -> profile=private | protocol=17 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
UDP Query User{BBC1B8F1-87D3-4538-A624-97D2753BAF22}C:\program files (x86)\orb networks\orb\bin\orb.exe -> profile=public | protocol=17 | dir=in | action=block | name=orb application | app=c:\program files (x86)\orb networks\orb\bin\orb.exe | 
UDP Query User{E6D73433-E7C9-4148-8530-81D2DE1BF279}C:\program files (x86)\orb networks\orb\bin\orbtray.exe -> profile=public | protocol=17 | dir=in | action=block | name=orb | app=c:\program files (x86)\orb networks\orb\bin\orbtray.exe | 
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> 
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 -> 
"DisplayName" -> Pilote de CD-ROM -> 
"ImagePath" -> C:\Windows\SysNative\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2009/07/14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation)
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> 
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command -> 
64bit-comfile [open] -> "%1" %* -> File not found
64bit-exefile [open] -> "%1" %* -> File not found
comfile [open] -> "%1" %* -> 
exefile [open] -> "%1" %* -> 
< 64bit-File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ -> 
.com [@ = comfile] -> "%1" %* -> 
.exe [@ = exefile] -> "%1" %* -> 
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ -> 
.com [@ = comfile] -> "%1" %* -> 
.exe [@ = exefile] -> "%1" %* -> 

[Registry - Additional Scans - Safe List]
< 64bit-ActiveX StubPath [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\ -> 
{22d6f312-b0f6-11d0-94ab-0080c74c7e95} [HKLM] -> C:\Windows\SysNative\wmpdxm.dll [(default): Microsoft Windows Media Player 12.0; IsInstalled: 1] -> [2009/07/14 03:41:57 | 000,358,400 | ---- | M] (Microsoft Corporation)
{2C7339CF-2B09-4501-B3F3-F3508C9228ED} [stubPath] -> %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [(default): Themes Setup; IsInstalled: 1] -> 
{3af36230-a269-11d1-b5bf-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Offline Browsing Pack; IsInstalled: 1] -> File not found
{44BBA840-CC51-11CF-AAFA-00AA00B6015C} [stubPath] -> "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE [(default): Microsoft Windows; IsInstalled: 1] -> 
{44BBA855-CC51-11CF-AAFA-00AA00B6015F} [HKLM] -> Reg Error: Key error. [(default): DirectDrawEx; IsInstalled: 1] -> File not found
{45ea75a0-a269-11d1-b5bf-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Help; IsInstalled: 1] -> File not found
{4f645220-306d-11d2-995d-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): Microsoft Windows Script 5.6; IsInstalled: 1] -> File not found
{5fd399c0-a70a-11d1-9948-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Setup Tools; IsInstalled: 1] -> File not found
{630b1da0-b465-11d1-9948-00c04f98bbc9} [KeyFileName] -> Reg Error: Value error. [(default): Browsing Enhancements; IsInstalled: 1] -> File not found
{6BF52A52-394A-11d3-B153-00C04F79FAA6} [stubPath] -> %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI [(default): Microsoft Windows Media Player; IsInstalled: 1] -> 
{6fab99d0-bab8-11d1-994a-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): MSN Site Access; IsInstalled: 1] -> File not found
{7790769C-0471-11d2-AF11-00C04FA35D02} [HKLM] -> Reg Error: Key error. [(default): Address Book 7; IsInstalled: 1] -> File not found
{89820200-ECBD-11cf-8B85-00AA005B4340} [stubPath] -> regsvr32.exe /s /n /i:U shell32.dll [(default): Windows Desktop Update; IsInstalled: 1] -> 
{89820200-ECBD-11cf-8B85-00AA005B4383} [stubPath] -> C:\Windows\System32\ie4uinit.exe -BaseSettings [(default): Web Platform Customizations; IsInstalled: 1] -> 
{89B4C1CD-B018-4511-B0A1-5476DBF70820} [stubPath] -> C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install [ComponentID: DOTNETFRAMEWORKS; IsInstalled: 1] -> 
{9381D8F2-0288-11D0-9501-00AA00B911A5} [HKLM] -> Reg Error: Key error. [(default): Dynamic HTML Data Binding; IsInstalled: 1] -> File not found
{C9E9A340-D1F1-11D0-821E-444553540600} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Core Fonts; IsInstalled: 1] -> File not found
{de5aed00-a4bf-11d1-9948-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): HTML Help; IsInstalled: 1] -> File not found
{E92B03AB-B707-11d2-9CBD-0000F87A369E} [HKLM] -> Reg Error: Key error. [(default): Active Directory Service Interface; IsInstalled: 1] -> File not found
{FEBEF00C-046D-438D-8A88-BF94A6C9E703} [HKLM] -> Reg Error: Key error. [(default): .NET Framework] -> File not found
>{22d6f312-b0f6-11d0-94ab-0080c74c7e95} [stubPath] -> %SystemRoot%\system32\unregmp2.exe /ShowWMP [(default): Microsoft Windows Media Player; IsInstalled: 0] -> 
>{26923b43-4d38-484f-9b9e-de460746276c} [stubPath] -> C:\Windows\System32\ie4uinit.exe -UserIconConfig [(default): Internet Explorer; IsInstalled: 1] -> 
>{60B49E34-C7CC-11D0-8953-00A0C90347FF} [stubPath] -> "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP [(default): Browser Customizations; IsInstalled: 1] -> 
< ActiveX StubPath [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\ -> 
{08B0E5C0-4FCB-11CF-AAA5-00401C608500} [KeyFileName] -> C:\Program Files (x86)\Java\jre6\bin\regutils.dll [(default): Java (Sun); IsInstalled: 1] -> [2010/04/12 18:35:02 | 000,270,336 | ---- | M] (Sun Microsystems, Inc.)
{22d6f312-b0f6-11d0-94ab-0080c74c7e95} [HKLM] -> C:\Windows\SysWOW64\wmpdxm.dll [(default): Microsoft Windows Media Player 12.0; IsInstalled: 1] -> [2009/07/14 03:16:19 | 000,299,520 | ---- | M] (Microsoft Corporation)
{2C7339CF-2B09-4501-B3F3-F3508C9228ED} [stubPath] -> %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [(default): Themes Setup; IsInstalled: 1] -> 
{3af36230-a269-11d1-b5bf-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Offline Browsing Pack; IsInstalled: 1] -> File not found
{44BBA840-CC51-11CF-AAFA-00AA00B6015C} [stubPath] -> "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE [(default): Microsoft Windows; IsInstalled: 1] -> 
{44BBA855-CC51-11CF-AAFA-00AA00B6015F} [HKLM] -> Reg Error: Key error. [(default): DirectDrawEx; IsInstalled: 1] -> File not found
{45ea75a0-a269-11d1-b5bf-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Help; IsInstalled: 1] -> File not found
{4f645220-306d-11d2-995d-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): Microsoft Windows Script 5.6; IsInstalled: 1] -> File not found
{5fd399c0-a70a-11d1-9948-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Setup Tools; IsInstalled: 1] -> File not found
{630b1da0-b465-11d1-9948-00c04f98bbc9} [KeyFileName] -> C:\Windows\SysWOW64\msieftp.dll [(default): Browsing Enhancements; IsInstalled: 1] -> [2009/07/14 03:15:44 | 000,301,568 | ---- | M] (Microsoft Corporation)
{6BF52A52-394A-11d3-B153-00C04F79FAA6} [stubPath] -> %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI [(default): Microsoft Windows Media Player; IsInstalled: 1] -> 
{6fab99d0-bab8-11d1-994a-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): MSN Site Access; IsInstalled: 1] -> File not found
{7790769C-0471-11d2-AF11-00C04FA35D02} [HKLM] -> Reg Error: Key error. [(default): Address Book 7; IsInstalled: 1] -> File not found
{7C028AF8-F614-47B3-82DA-BA94E41B1089} [HKLM] -> Reg Error: Key error. [(default): .NET Framework] -> File not found
{89820200-ECBD-11cf-8B85-00AA005B4340} [stubPath] -> regsvr32.exe /s /n /i:U shell32.dll [(default): Windows Desktop Update; IsInstalled: 1] -> 
{89820200-ECBD-11cf-8B85-00AA005B4383} [stubPath] -> C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings [(default): Web Platform Customizations; IsInstalled: 1] -> 
{89B4C1CD-B018-4511-B0A1-5476DBF70820} [stubPath] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install [ComponentID: DOTNETFRAMEWORKS; IsInstalled: 1] -> 
{9381D8F2-0288-11D0-9501-00AA00B911A5} [HKLM] -> Reg Error: Key error. [(default): Dynamic HTML Data Binding; IsInstalled: 1] -> File not found
{C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} [HKLM] -> Reg Error: Key error. [(default): .NET Framework] -> File not found
{C9E9A340-D1F1-11D0-821E-444553540600} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Core Fonts; IsInstalled: 1] -> File not found
{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} [HKLM] -> Reg Error: Key error. [(default): .NET Framework] -> File not found
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\Windows\SysWOW64\Macromed\Flash\Flash10h.ocx [(default): Adobe Flash Player; IsInstalled: 01 00 00 00  [binary data]] -> [2010/06/12 18:25:27 | 005,712,336 | R--- | M] (Adobe Systems, Inc.)
{de5aed00-a4bf-11d1-9948-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): HTML Help; IsInstalled: 1] -> File not found
{E92B03AB-B707-11d2-9CBD-0000F87A369E} [HKLM] -> Reg Error: Key error. [(default): Active Directory Service Interface; IsInstalled: 1] -> File not found
>{22d6f312-b0f6-11d0-94ab-0080c74c7e95} [stubPath] -> %SystemRoot%\system32\unregmp2.exe /ShowWMP [(default): Microsoft Windows Media Player; IsInstalled: 0] -> 
>{26923b43-4d38-484f-9b9e-de460746276c} [stubPath] -> C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig [(default): Internet Explorer; IsInstalled: 1] -> 
>{60B49E34-C7CC-11D0-8953-00A0C90347FF} [stubPath] -> "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP [(default): Browser Customizations; IsInstalled: 1] -> 
< ActiveX StubPath [HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\] > -> HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\ -> 
{2C7339CF-2B09-4501-B3F3-F3508C9228ED} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found
{44BBA840-CC51-11CF-AAFA-00AA00B6015C} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found
{6BF52A52-394A-11d3-B153-00C04F79FAA6} [HKLM] -> C:\Windows\SysWOW64\wmp.dll [HKLM: Windows Media Player] -> [2009/08/29 08:59:32 | 011,406,336 | ---- | M] (Microsoft Corporation)
{89820200-ECBD-11cf-8B85-00AA005B4340} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found
{89820200-ECBD-11cf-8B85-00AA005B4383} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found
{89B4C1CD-B018-4511-B0A1-5476DBF70820} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found
>{26923b43-4d38-484f-9b9e-de460746276c} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found
>{60B49E34-C7CC-11D0-8953-00A0C90347FF} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found
< 64bit-App Paths [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ -> 
7zFM.exe -> C:\Program Files (x86)\7-Zip\7zFM.exe [C:\Program Files (x86)\7-Zip\7zFM.exe] -> [2009/02/03 09:10:08 | 000,388,096 | ---- | M] (Igor Pavlov)
AcroRd32.exe -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe [C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe] -> [2010/04/04 07:57:52 | 000,349,616 | ---- | M] (Adobe Systems Incorporated)
BackupManager.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found
ccleaner.exe -> C:\Program Files (x86)\CCleaner\CCleaner.exe [C:\Program Files (x86)\CCleaner\ccleaner.exe] -> [2010/05/25 18:08:54 | 001,694,520 | ---- | M] (Piriform Ltd)
cmmgr32.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found
dvdmaker.exe -> C:\Program Files\DVD Maker\dvdmaker.exe [%ProgramFiles%\DVD Maker\dvdmaker.exe] -> [2009/07/14 03:39:08 | 002,258,432 | ---- | M] (Microsoft Corporation)
ECOPY.EXE -> C:\Program Files (x86)\epson\Creativity Suite\Copy Utility\ECOPY.EXE [C:\Program Files (x86)\EPSON\Creativity Suite\Copy Utility\ECOPY.exe] -> [2004/10/08 01:00:02 | 000,716,800 | ---- | M] (SEIKO EPSON CORP.)
Escfg.exe -> C:\Windows\twain_32\escndv\escfg.exe [C:\Windows\twain_32\escndv\Escfg.exe] -> [2006/10/04 01:00:00 | 000,182,424 | ---- | M] (SEIKO EPSON CORP.)
Escndv.exe -> C:\Windows\twain_32\escndv\escndv.exe [C:\Windows\twain_32\escndv\Escndv.exe] -> [2006/03/08 01:00:00 | 000,118,784 | ---- | M] (SEIKO EPSON CORP.)
firefox.exe -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe [C:\Program Files (x86)\Mozilla Firefox\firefox.exe] -> [2010/04/01 20:01:50 | 000,910,296 | ---- | M] (Mozilla Corporation)
fsquirt.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found
install.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found
iTunes.exe -> C:\Program Files (x86)\iTunes\iTunes.exe [C:\Program Files (x86)\iTunes\iTunes.exe] -> [2010/04/28 15:06:24 | 010,358,568 | ---- | M] (Apple Inc.)
IZArc -> C:\Program Files (x86)\IZArc\IZArc.exe [C:\Program Files (x86)\IZArc\IZArc.exe] -> [2009/11/23 11:27:36 | 002,850,304 | ---- | M] ()
javaws.exe -> C:\Program Files (x86)\Java\jre6\bin\javaws.exe [C:\Program Files (x86)\Java\jre6\bin\javaws.exe] -> [2010/06/05 12:05:37 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.)
Journal.exe -> C:\Program Files\Windows Journal\Journal.exe [%ProgramFiles%\Windows Journal\Journal.exe] -> [2009/07/14 03:39:14 | 002,164,224 | ---- | M] (Microsoft Corporation)
mbam.exe -> C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe [C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe] -> [2010/04/29 15:39:32 | 001,090,952 | ---- | M] (Malwarebytes Corporation)
mip.exe -> C:\Program Files\Common Files\Microsoft Shared\Ink\mip.exe [%CommonProgramFiles%\Microsoft Shared\Ink\mip.exe] -> [2009/07/14 03:39:19 | 001,547,264 | ---- | M] (Microsoft Corporation)
mplayer2.exe -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe [%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe] -> [2009/08/29 08:56:10 | 000,164,864 | ---- | M] (Microsoft Corporation)
MSNMSGR.EXE -> C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe] -> [2009/07/26 17:44:52 | 003,883,856 | ---- | M] (Microsoft Corporation)
MsoHtmEd.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found
msoxmled.exe -> C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLED.EXE [C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSOXMLED.EXE] -> [2006/10/27 06:41:50 | 000,059,152 | ---- | M] (Microsoft Corporation)
msworks.exe -> c:\Program Files (x86)\Microsoft Works\MSWorks.exe [c:\Program Files (x86)\Microsoft Works\msworks.exe] -> [2007/06/20 23:03:56 | 000,644,448 | ---- | M] (Microsoft® Corporation)
NewPCStudio.exe -> C:\Program Files (x86)\Samsung\Samsung New PC Studio\ [C:\Program Files (x86)\Samsung\Samsung New PC Studio\] -> [2010/05/26 16:03:42 | 000,000,000 | ---D | M]
ois.exe -> C:\Program Files (x86)\Microsoft Office\Office12\OIS.EXE [C:\PROGRA~2\MICROS~1\Office12\OIS.EXE] -> [2008/11/04 02:24:48 | 000,274,808 | ---- | M] (Microsoft Corporation)
OneNote.exe -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTE.EXE [C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE] -> [2009/02/26 15:24:50 | 001,001,840 | ---- | M] (Microsoft Corporation)
pbrush.exe -> C:\Windows\SysNative\mspaint.exe [%SystemRoot%\System32\mspaint.exe] -> [2009/07/14 03:39:24 | 006,676,480 | ---- | M] (Microsoft Corporation)
PhotoImpression.exe -> C:\Program Files (x86)\ArcSoft\PhotoImpression 5\photoimpression.exe [C:\Program Files (x86)\ArcSoft\PhotoImpression 5\PhotoImpression.exe] -> [2005/03/14 16:30:28 | 000,135,168 | ---- | M] (ArcSoft Inc.)
pi.exe -> C:\Program Files (x86)\Microsoft Digital Image 10\pi.exe [C:\Program Files (x86)\Microsoft Digital Image 10\pi.exe] -> [2004/06/12 12:40:16 | 000,424,448 | ---- | M] (Microsoft Corporation)
PictureViewer.exe -> C:\Program Files (x86)\QuickTime\PictureViewer.exe [C:\Program Files (x86)\QuickTime\PictureViewer.exe] -> [2010/03/17 21:53:32 | 000,557,056 | ---- | M] (Apple Inc.)
PlayMovie.exe -> C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PlayMovie.mcl [C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PlayMovie.mcl] -> [2009/09/29 11:51:14 | 000,000,465 | ---- | M] ()
Pod.exe -> C:\Program Files (x86)\Microsoft Digital Image 10\Pod.exe [C:\Program Files (x86)\Microsoft Digital Image 10\Pod.exe] -> [2004/06/12 12:35:14 | 000,035,328 | ---- | M] (Microsoft Corporation)
PowerCinema -> C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe [C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe] -> [2009/09/29 12:31:56 | 000,353,576 | ---- | M] (Acer Incorporated)
powerpnt.exe -> C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE [C:\PROGRA~2\MICROS~1\Office12\POWERPNT.EXE] -> [2009/02/26 14:06:28 | 000,521,080 | ---- | M] (Microsoft Corporation)
PowerShell.exe -> C:\Windows\SysNative\WindowsPowerShell\v1.0\powershell.exe [%SystemRoot%\system32\WindowsPowerShell\v1.0\PowerShell.exe] -> [2009/07/14 03:39:20 | 000,473,600 | ---- | M] (Microsoft Corporation)
QuickTimePlayer.exe -> C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe [C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe] -> [2010/03/17 23:28:24 | 001,230,128 | ---- | M] (Apple Inc.)
sbase.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\sbase.exe [C:\Program Files (x86)\OpenOffice.org 3\program\sbase.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org)
scalc.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\scalc.exe [C:\Program Files (x86)\OpenOffice.org 3\program\scalc.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org)
sdraw.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\sdraw.exe [C:\Program Files (x86)\OpenOffice.org 3\program\sdraw.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org)
setup.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found
simpress.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\simpress.exe [C:\Program Files (x86)\OpenOffice.org 3\program\simpress.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org)
smath.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\smath.exe [C:\Program Files (x86)\OpenOffice.org 3\program\smath.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org)
SnippingTool.exe -> C:\Windows\SysNative\SnippingTool.exe [%SystemRoot%\system32\SnippingTool.exe] -> [2009/07/14 03:39:41 | 000,431,104 | ---- | M] (Microsoft Corporation)
soffice.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe [C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe] -> [2010/05/21 00:58:46 | 011,318,784 | ---- | M] (OpenOffice.org)
SoftDMA.exe -> C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe [C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe] -> [2009/09/25 11:48:14 | 000,334,392 | ---- | M] (Acer Incorporated)
swriter.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\swriter.exe [C:\Program Files (x86)\OpenOffice.org 3\program\swriter.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org)
table30.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found
TabTip.exe -> C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [%CommonProgramFiles%\microsoft shared\ink\TabTip.exe] -> [2009/07/14 03:39:47 | 000,224,256 | ---- | M] (Microsoft Corporation)
thunderbird.exe -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe [C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe] -> [2010/03/31 07:46:49 | 011,957,424 | ---- | M] (Mozilla Messaging)
unopkg.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\unopkg.exe [C:\Program Files (x86)\OpenOffice.org 3\program\unopkg.exe] -> [2010/05/20 07:01:10 | 000,010,752 | ---- | M] ()
wab.exe -> C:\Program Files\Windows Mail\wab.exe [%ProgramFiles%\Windows Mail\wab.exe] -> [2009/07/14 03:39:50 | 000,516,608 | ---- | M] (Microsoft Corporation)
wabmig.exe -> C:\Program Files\Windows Mail\wabmig.exe [%ProgramFiles%\Windows Mail\wabmig.exe] -> [2009/07/14 03:39:50 | 000,067,584 | ---- | M] (Microsoft Corporation)
WinRAR.exe -> C:\Program Files\WinRAR\WinRAR.exe [C:\Program Files\WinRAR\WinRAR.exe] -> [2010/03/15 11:26:36 | 001,090,560 | ---- | M] ()
Winword.exe -> C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE [C:\PROGRA~2\MICROS~1\Office12\WINWORD.EXE] -> [2010/04/09 19:05:06 | 000,408,936 | ---- | M] (Microsoft Corporation)
WKSAB.EXE -> c:\Program Files (x86)\Microsoft Works\wksab.exe [c:\Program Files (x86)\Microsoft Works\WKSAB.exe] -> [2007/06/20 23:04:22 | 000,020,832 | ---- | M] (Microsoft® Corporation)
wkscal.exe -> c:\Program Files (x86)\Microsoft Works\WksCal.exe [c:\PROGRA~2\MICROS~2\WksCal.exe] -> [2007/06/20 23:04:22 | 000,722,272 | ---- | M] (Microsoft® Corporation)
wksdb.exe -> c:\Program Files (x86)\Microsoft Works\wksdb.exe [c:\Program Files (x86)\Microsoft Works\wksdb.exe] -> [2007/06/20 23:04:22 | 001,242,464 | ---- | M] (Microsoft® Corporation)
WKSSB.EXE -> c:\Program Files (x86)\Microsoft Works\WksSb.exe [c:\Program Files (x86)\Microsoft Works\WKSSB.exe] -> [2007/06/20 23:04:22 | 001,099,104 | ---- | M] (Microsoft® Corporation)
wksss.exe -> c:\Program Files (x86)\Microsoft Works\wksss.exe [c:\Program Files (x86)\Microsoft Works\wksss.exe] -> [2007/06/20 23:04:24 | 000,947,552 | ---- | M] (Microsoft® Corporation)
wkswp.exe -> c:\Program Files (x86)\Microsoft Works\WksWP.exe [c:\Program Files (x86)\Microsoft Works\wkswp.exe] -> [2007/06/20 23:04:24 | 000,709,984 | ---- | M] (Microsoft® Corporation)
wlmail.exe -> C:\Program Files (x86)\Windows Live\Mail\wlmail.exe [C:\Program Files (x86)\Windows Live\Mail\wlmail.exe] -> [2009/07/26 17:44:52 | 000,114,000 | ---- | M] (Microsoft Corporation)
wmplayer.exe -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe [%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe] -> [2009/08/29 08:56:10 | 000,164,864 | ---- | M] (Microsoft Corporation)
WORDPAD.EXE -> C:\Program Files\Windows NT\Accessories\WORDPAD.EXE ["%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"] -> [2009/07/14 03:39:57 | 004,580,352 | ---- | M] (Microsoft Corporation)
WRITE.EXE -> C:\Program Files\Windows NT\Accessories\WORDPAD.EXE ["%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"] -> [2009/07/14 03:39:57 | 004,580,352 | ---- | M] (Microsoft Corporation)
< App Paths [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ -> 
7zFM.exe -> C:\Program Files (x86)\7-Zip\7zFM.exe [C:\Program Files (x86)\7-Zip\7zFM.exe] -> [2009/02/03 09:10:08 | 000,388,096 | ---- | M] (Igor Pavlov)
AcroRd32.exe -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe [C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe] -> [2010/04/04 07:57:52 | 000,349,616 | ---- | M] (Adobe Systems Incorporated)
BackupManager.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found
ccleaner.exe -> C:\Program Files (x86)\CCleaner\CCleaner.exe [C:\Program Files (x86)\CCleaner\ccleaner.exe] -> [2010/05/25 18:08:54 | 001,694,520 | ---- | M] (Piriform Ltd)
cmmgr32.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found
dvdmaker.exe -> C:\Program Files (x86)\DVD Maker\dvdmaker.exe [%ProgramFiles%\DVD Maker\dvdmaker.exe] -> File not found
ECOPY.EXE -> C:\Program Files (x86)\epson\Creativity Suite\Copy Utility\ECOPY.EXE [C:\Program Files (x86)\EPSON\Creativity Suite\Copy Utility\ECOPY.exe] -> [2004/10/08 01:00:02 | 000,716,800 | ---- | M] (SEIKO EPSON CORP.)
Escfg.exe -> C:\Windows\twain_32\escndv\escfg.exe [C:\Windows\twain_32\escndv\Escfg.exe] -> [2006/10/04 01:00:00 | 000,182,424 | ---- | M] (SEIKO EPSON CORP.)
Escndv.exe -> C:\Windows\twain_32\escndv\escndv.exe [C:\Windows\twain_32\escndv\Escndv.exe] -> [2006/03/08 01:00:00 | 000,118,784 | ---- | M] (SEIKO EPSON CORP.)
firefox.exe -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe [C:\Program Files (x86)\Mozilla Firefox\firefox.exe] -> [2010/04/01 20:01:50 | 000,910,296 | ---- | M] (Mozilla Corporation)
fsquirt.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found
install.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found
iTunes.exe -> C:\Program Files (x86)\iTunes\iTunes.exe [C:\Program Files (x86)\iTunes\iTunes.exe] -> [2010/04/28 15:06:24 | 010,358,568 | ---- | M] (Apple Inc.)
IZArc -> C:\Program Files (x86)\IZArc\IZArc.exe [C:\Program Files (x86)\IZArc\IZArc.exe] -> [2009/11/23 11:27:36 | 002,850,304 | ---- | M] ()
javaws.exe -> C:\Program Files (x86)\Java\jre6\bin\javaws.exe [C:\Program Files (x86)\Java\jre6\bin\javaws.exe] -> [2010/06/05 12:05:37 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.)
Journal.exe -> C:\Program Files (x86)\Windows Journal\Journal.exe [%ProgramFiles%\Windows Journal\Journal.exe] -> File not found
mbam.exe -> C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe [C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe] -> [2010/04/29 15:39:32 | 001,090,952 | ---- | M] (Malwarebytes Corporation)
mip.exe -> C:\Program Files (x86)\Common Files\microsoft shared\ink\mip.exe [%CommonProgramFiles%\Microsoft Shared\Ink\mip.exe] -> [2009/07/14 03:14:24 | 001,221,632 | ---- | M] (Microsoft Corporation)
mplayer2.exe -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe [%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe] -> [2009/08/29 08:56:10 | 000,164,864 | ---- | M] (Microsoft Corporation)
MSNMSGR.EXE -> C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe] -> [2009/07/26 17:44:52 | 003,883,856 | ---- | M] (Microsoft Corporation)
MsoHtmEd.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found
msoxmled.exe -> C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLED.EXE [C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSOXMLED.EXE] -> [2006/10/27 06:41:50 | 000,059,152 | ---- | M] (Microsoft Corporation)
msworks.exe -> c:\Program Files (x86)\Microsoft Works\MSWorks.exe [c:\Program Files (x86)\Microsoft Works\msworks.exe] -> [2007/06/20 23:03:56 | 000,644,448 | ---- | M] (Microsoft® Corporation)
NewPCStudio.exe -> C:\Program Files (x86)\Samsung\Samsung New PC Studio\ [C:\Program Files (x86)\Samsung\Samsung New PC Studio\] -> [2010/05/26 16:03:42 | 000,000,000 | ---D | M]
ois.exe -> C:\Program Files (x86)\Microsoft Office\Office12\OIS.EXE [C:\PROGRA~2\MICROS~1\Office12\OIS.EXE] -> [2008/11/04 02:24:48 | 000,274,808 | ---- | M] (Microsoft Corporation)
OneNote.exe -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTE.EXE [C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE] -> [2009/02/26 15:24:50 | 001,001,840 | ---- | M] (Microsoft Corporation)
pbrush.exe -> C:\Windows\SysWOW64\mspaint.exe [%SystemRoot%\System32\mspaint.exe] -> [2009/07/14 03:14:26 | 006,376,960 | ---- | M] (Microsoft Corporation)
PhotoImpression.exe -> C:\Program Files (x86)\ArcSoft\PhotoImpression 5\photoimpression.exe [C:\Program Files (x86)\ArcSoft\PhotoImpression 5\PhotoImpression.exe] -> [2005/03/14 16:30:28 | 000,135,168 | ---- | M] (ArcSoft Inc.)
pi.exe -> C:\Program Files (x86)\Microsoft Digital Image 10\pi.exe [C:\Program Files (x86)\Microsoft Digital Image 10\pi.exe] -> [2004/06/12 12:40:16 | 000,424,448 | ---- | M] (Microsoft Corporation)
PictureViewer.exe -> C:\Program Files (x86)\QuickTime\PictureViewer.exe [C:\Program Files (x86)\QuickTime\PictureViewer.exe] -> [2010/03/17 21:53:32 | 000,557,056 | ---- | M] (Apple Inc.)
PlayMovie.exe -> C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PlayMovie.mcl [C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PlayMovie.mcl] -> [2009/09/29 11:51:14 | 000,000,465 | ---- | M] ()
Pod.exe -> C:\Program Files (x86)\Microsoft Digital Image 10\Pod.exe [C:\Program Files (x86)\Microsoft Digital Image 10\Pod.exe] -> [2004/06/12 12:35:14 | 000,035,328 | ---- | M] (Microsoft Corporation)
PowerCinema -> C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe [C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe] -> [2009/09/29 12:31:56 | 000,353,576 | ---- | M] (Acer Incorporated)
powerpnt.exe -> C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE [C:\PROGRA~2\MICROS~1\Office12\POWERPNT.EXE] -> [2009/02/26 14:06:28 | 000,521,080 | ---- | M] (Microsoft Corporation)
PowerShell.exe -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe [%SystemRoot%\system32\WindowsPowerShell\v1.0\PowerShell.exe] -> [2009/07/14 03:14:24 | 000,452,608 | ---- | M] (Microsoft Corporation)
QuickTimePlayer.exe -> C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe [C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe] -> [2010/03/17 23:28:24 | 001,230,128 | ---- | M] (Apple Inc.)
sbase.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\sbase.exe [C:\Program Files (x86)\OpenOffice.org 3\program\sbase.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org)
scalc.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\scalc.exe [C:\Program Files (x86)\OpenOffice.org 3\program\scalc.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org)
sdraw.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\sdraw.exe [C:\Program Files (x86)\OpenOffice.org 3\program\sdraw.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org)
setup.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found
sidebar.exe -> C:\Program Files (x86)\Windows Sidebar\sidebar.exe ["%ProgramFiles%\Windows Sidebar\sidebar.exe"] -> [2009/07/14 03:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation)
simpress.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\simpress.exe [C:\Program Files (x86)\OpenOffice.org 3\program\simpress.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org)
smath.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\smath.exe [C:\Program Files (x86)\OpenOffice.org 3\program\smath.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org)
SnippingTool.exe -> C:\Windows\SysWow64\SnippingTool.exe [%SystemRoot%\system32\SnippingTool.exe] -> File not found
soffice.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe [C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe] -> [2010/05/21 00:58:46 | 011,318,784 | ---- | M] (OpenOffice.org)
SoftDMA.exe -> C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe [C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe] -> [2009/09/25 11:48:14 | 000,334,392 | ---- | M] (Acer Incorporated)
swriter.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\swriter.exe [C:\Program Files (x86)\OpenOffice.org 3\program\swriter.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org)
table30.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found
TabTip.exe -> C:\Program Files (x86)\Common Files\microsoft shared\ink\TabTip.exe [%CommonProgramFiles%\microsoft shared\ink\TabTip.exe] -> File not found
thunderbird.exe -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe [C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe] -> [2010/03/31 07:46:49 | 011,957,424 | ---- | M] (Mozilla Messaging)
unopkg.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\unopkg.exe [C:\Program Files (x86)\OpenOffice.org 3\program\unopkg.exe] -> [2010/05/20 07:01:10 | 000,010,752 | ---- | M] ()
wab.exe -> C:\Program Files (x86)\Windows Mail\wab.exe [%ProgramFiles%\Windows Mail\wab.exe] -> [2009/07/14 03:14:44 | 000,516,096 | ---- | M] (Microsoft Corporation)
wabmig.exe -> C:\Program Files (x86)\Windows Mail\wabmig.exe [%ProgramFiles%\Windows Mail\wabmig.exe] -> [2009/07/14 03:14:44 | 000,065,536 | ---- | M] (Microsoft Corporation)
WinRAR.exe -> C:\Program Files\WinRAR\WinRAR.exe [C:\Program Files\WinRAR\WinRAR.exe] -> [2010/03/15 11:26:36 | 001,090,560 | ---- | M] ()
Winword.exe -> C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE [C:\PROGRA~2\MICROS~1\Office12\WINWORD.EXE] -> [2010/04/09 19:05:06 | 000,408,936 | ---- | M] (Microsoft Corporation)
WKSAB.EXE -> c:\Program Files (x86)\Microsoft Works\wksab.exe [c:\Program Files (x86)\Microsoft Works\WKSAB.exe] -> [2007/06/20 23:04:22 | 000,020,832 | ---- | M] (Microsoft® Corporation)
wkscal.exe -> c:\Program Files (x86)\Microsoft Works\WksCal.exe [c:\PROGRA~2\MICROS~2\WksCal.exe] -> [2007/06/20 23:04:22 | 000,722,272 | ---- | M] (Microsoft® Corporation)
wksdb.exe -> c:\Program Files (x86)\Microsoft Works\wksdb.exe [c:\Program Files (x86)\Microsoft Works\wksdb.exe] -> [2007/06/20 23:04:22 | 001,242,464 | ---- | M] (Microsoft® Corporation)
WKSSB.EXE -> c:\Program Files (x86)\Microsoft Works\WksSb.exe [c:\Program Files (x86)\Microsoft Works\WKSSB.exe] -> [2007/06/20 23:04:22 | 001,099,104 | ---- | M] (Microsoft® Corporation)
wksss.exe -> c:\Program Files (x86)\Microsoft Works\wksss.exe [c:\Program Files (x86)\Microsoft Works\wksss.exe] -> [2007/06/20 23:04:24 | 000,947,552 | ---- | M] (Microsoft® Corporation)
wkswp.exe -> c:\Program Files (x86)\Microsoft Works\WksWP.exe [c:\Program Files (x86)\Microsoft Works\wkswp.exe] -> [2007/06/20 23:04:24 | 000,709,984 | ---- | M] (Microsoft® Corporation)
wlmail.exe -> C:\Program Files (x86)\Windows Live\Mail\wlmail.exe [C:\Program Files (x86)\Windows Live\Mail\wlmail.exe] -> [2009/07/26 17:44:52 | 000,114,000 | ---- | M] (Microsoft Corporation)
wmplayer.exe -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe [%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe] -> [2009/08/29 08:56:10 | 000,164,864 | ---- | M] (Microsoft Corporation)
WORDPAD.EXE -> C:\Program Files (x86)\Windows NT\Accessories\WORDPAD.EXE ["%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"] -> [2009/07/14 03:14:49 | 004,243,968 | ---- | M] (Microsoft Corporation)
WRITE.EXE -> C:\Program Files (x86)\Windows NT\Accessories\WORDPAD.EXE ["%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"] -> [2009/07/14 03:14:49 | 004,243,968 | ---- | M] (Microsoft Corporation)
< 64bit-Approved Shell Extensions [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved -> 
"{00C6D95F-329C-409a-81D7-C46C66EA7F33}" [HKLM] -> C:\Windows\SysNative\shdocvw.dll [] -> [2009/07/14 03:41:54 | 000,196,096 | ---- | M] (Microsoft Corporation)
"{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKLM] -> C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll [eDS psd drag drop protection] -> [2009/09/10 15:44:06 | 000,137,512 | ---- | M] (Egis Technology Inc.)
"{3BBAC0AD-8227-3462-C8EF-A36794DD8CD2}" [HKLM] -> C:\Program Files (x86)\IZArc\IZArcCM64.dll [iZArc Shell Extension] -> [2009/04/24 15:50:52 | 000,210,944 | ---- | M] ()
"{3D1975AF-48C6-4f8e-A182-BE0E08FA86A9}" [HKLM] -> C:\Windows\SysNative\nvshext.dll [NVIDIA Play On My TV Context Menu Extension] -> [2009/07/14 10:51:46 | 000,238,080 | ---- | M] (NVIDIA Corporation)
"{42042206-2D85-11D3-8CFF-005004838597}" [HKLM] -> C:\PROGRA~1\MICROS~2\Office12\MSOHEVI.DLL [Microsoft Office HTML Icon Handler] -> [2008/10/25 17:36:06 | 000,110,968 | ---- | M] (Microsoft Corporation)
"{44440D00-FF19-4AFC-B765-9A0970567D97}" [HKLM] -> C:\Windows\SysNative\uxtuneup.dll [TuneUp Theme Extension] -> [2010/05/07 18:01:52 | 000,036,168 | ---- | M] (TuneUp Software)
"{45AC2688-0253-4ED8-97DE-B5370FA7D48A}" [HKLM] -> C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [shell Extension for Malware scanning] -> [2010/06/18 19:52:00 | 000,357,224 | ---- | M] (Avira GmbH)
"{4838CD50-7E5D-4811-9B17-C47A85539F28}" [HKLM] -> C:\Program Files (x86)\TuneUp Utilities 2010\DseShExt-x64.dll [TuneUp Disk Space Explorer Shell Extension] -> [2010/05/07 18:02:12 | 000,024,392 | ---- | M] (TuneUp Software)
"{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}" [HKLM] -> C:\Program Files (x86)\TuneUp Utilities 2010\SDShelEx-x64.dll [TuneUp Shredder Shell Extension] -> [2010/05/07 18:02:24 | 000,029,512 | ---- | M] (TuneUp Software)
"{80009818-f38f-4af1-87b5-eadab9433e58}" [HKLM] -> C:\Windows\SysNative\mf.dll [MF ADTS Property Handler] -> [2009/07/14 03:41:22 | 004,062,208 | ---- | M] (Microsoft Corporation)
"{85D26561-0241-4BE2-A8DF-8F921A0EF948}" [HKLM] -> C:\Program Files (x86)\a-squared Free\a2freecontmenu64.dll [a-squared Free Shell Extension x64] -> [2009/10/01 17:03:14 | 000,302,736 | ---- | M] (Emsi Software GmbH)
"{967B2D40-8B7D-4127-9049-61EA0C2C6DCE}" [HKLM] -> Reg Error: Key error. [PowerISO] -> File not found
"{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}" [HKLM] -> C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [Microsoft Office Metadata Handler] -> [2008/11/21 08:06:22 | 001,586,568 | ---- | M] (Microsoft Corporation)
"{A70C977A-BF00-412C-90B7-034C51DA2439}" [HKLM] -> C:\Windows\SysNative\nvcpl.dll [NvCpl DesktopContext Class] -> [2010/04/03 18:42:00 | 014,828,648 | ---- | M] (NVIDIA Corporation)
"{B41DB860-64E4-11D2-9906-E49FADC173CA}" [HKLM] -> C:\Program Files\WinRAR\rarext.dll [WinRAR shell extension] -> [2010/03/15 11:28:22 | 000,166,400 | ---- | M] ()
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" [HKLM] -> Reg Error: Key error. [WinRAR shell extension] -> File not found
{B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKU\S-1-5-21-3258892936-4116843137-97899428-1001] -> C:\Program Files\WinRAR\rarext32.dll [WinRAR shell extension] -> [2010/03/15 11:28:22 | 000,141,824 | ---- | M] ()
"{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}" [HKLM] -> C:\Program Files\iTunes\iTunesMiniPlayer.dll [iTunes] -> [2010/04/28 15:06:34 | 000,141,096 | ---- | M] (Apple Inc.)
"{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97}" [HKLM] -> C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [Microsoft Office Thumbnail Handler] -> [2008/11/21 08:06:22 | 001,586,568 | ---- | M] (Microsoft Corporation)
"{FFB699E0-306A-11d3-8BD1-00104B6F7516}" [HKLM] -> C:\Windows\SysNative\nvcpl.dll [Play on my TV helper] -> [2010/04/03 18:42:00 | 014,828,648 | ---- | M] (NVIDIA Corporation)
< Approved Shell Extensions [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved -> 
"{087B3AE3-E237-4467-B8DB-5A38AB959AC9}" [HKLM] -> C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll [OpenOffice.org Infotip Handler] -> [2010/05/19 15:37:00 | 000,401,920 | ---- | M] (OpenOffice.org)
"{23170F69-40C1-278A-1000-000100020000}" [HKLM] -> C:\Program Files (x86)\7-Zip\7-zip.dll [7-Zip Shell Extension] -> [2009/02/03 09:09:46 | 000,069,632 | ---- | M] (Igor Pavlov)
"{3B092F0C-7696-40E3-A80F-68D74DA84210}" [HKLM] -> C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll [OpenOffice.org Thumbnail Viewer] -> [2010/05/19 15:37:00 | 000,401,920 | ---- | M] (OpenOffice.org)
"{4838CD50-7E5D-4811-9B17-C47A85539F28}" [HKLM] -> C:\Program Files (x86)\TuneUp Utilities 2010\DseShExt-x86.dll [TuneUp Disk Space Explorer Shell Extension] -> [2010/05/07 18:02:06 | 000,026,440 | ---- | M] (TuneUp Software)
"{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}" [HKLM] -> C:\Program Files (x86)\TuneUp Utilities 2010\SDShelEx-win32.dll [TuneUp Shredder Shell Extension] -> [2010/05/07 18:02:18 | 000,030,536 | ---- | M] (TuneUp Software)
"{63542C48-9552-494A-84F7-73AA6A7C99C1}" [HKLM] -> C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll [OpenOffice.org Property Sheet Handler] -> [2010/05/19 15:37:00 | 000,401,920 | ---- | M] (OpenOffice.org)
"{72923739-5A47-40A3-9895-25AF0DFBB9E4}" [HKLM] -> C:\Program Files (x86)\Glary Utilities\ContextHandler.dll [Glary Utilities Context Menu Shell Extension] -> [2010/05/26 10:01:22 | 000,036,152 | ---- | M] (Glarysoft Ltd)
"{B41DB860-64E4-11D2-9906-E49FADC173CA}" [HKLM] -> Reg Error: Key error. [WinRAR shell extension] -> File not found
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" [HKLM] -> C:\Program Files\WinRAR\rarext32.dll [WinRAR shell extension] -> [2010/03/15 11:28:22 | 000,141,824 | ---- | M] ()
{B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKU\S-1-5-21-3258892936-4116843137-97899428-1001] -> C:\Program Files\WinRAR\rarext32.dll [WinRAR shell extension] -> [2010/03/15 11:28:22 | 000,141,824 | ---- | M] ()
"{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" [HKLM] -> C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll [OpenOffice.org Column Handler] -> [2010/05/19 15:37:00 | 000,401,920 | ---- | M] (OpenOffice.org)
< 64bit-Disabled MSConfig State [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state -> 
"services" -> 2 -> 
< 64bit-Drivers32 [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 -> 
"aux" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation)
"midi" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation)
"midi1" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation)
"midi2" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation)
"midi3" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation)
"midi4" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation)
"midimapper" -> C:\Windows\SysNative\midimap.dll [midimap.dll] -> [2009/07/14 03:41:23 | 000,020,480 | ---- | M] (Microsoft Corporation)
"mixer" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation)
"mixer1" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation)
"mixer2" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation)
"mixer3" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation)
"mixer4" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation)
"msacm.imaadpcm" -> C:\Windows\SysNative\imaadp32.acm [imaadp32.acm] -> [2009/07/14 03:38:53 | 000,022,016 | ---- | M] (Microsoft Corporation)
"msacm.l3acm" -> C:\Windows\SysNative\l3codeca.acm [C:\Windows\System32\l3codeca.acm] -> [2009/07/14 03:38:53 | 000,081,408 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS)
"msacm.msadpcm" -> C:\Windows\SysNative\msadp32.acm [msadp32.acm] -> [2009/07/14 03:38:53 | 000,024,064 | ---- | M] (Microsoft Corporation)
"msacm.msg711" -> C:\Windows\SysNative\msg711.acm [msg711.acm] -> [2009/07/14 03:38:53 | 000,014,848 | ---- | M] (Microsoft Corporation)
"msacm.msgsm610" -> C:\Windows\SysNative\msgsm32.acm [msgsm32.acm] -> [2009/07/14 03:38:53 | 000,029,184 | ---- | M] (Microsoft Corporation)
"vidc.i420" -> C:\Windows\SysNative\iyuv_32.dll [iyuv_32.dll] -> [2009/12/19 11:46:35 | 000,054,272 | ---- | M] (Microsoft Corporation)
"vidc.iyuv" -> C:\Windows\SysNative\iyuv_32.dll [iyuv_32.dll] -> [2009/12/19 11:46:35 | 000,054,272 | ---- | M] (Microsoft Corporation)
"vidc.mrle" -> C:\Windows\SysNative\msrle32.dll [msrle32.dll] -> [2009/12/19 11:47:46 | 000,016,384 | ---- | M] (Microsoft Corporation)
"vidc.msvc" -> C:\Windows\SysNative\msvidc32.dll [msvidc32.dll] -> [2009/12/19 11:47:53 | 000,038,912 | ---- | M] (Microsoft Corporation)
"vidc.uyvy" -> C:\Windows\SysNative\msyuv.dll [msyuv.dll] -> [2009/12/19 11:47:56 | 000,025,088 | ---- | M] (Microsoft Corporation)
"vidc.yuy2" -> C:\Windows\SysNative\msyuv.dll [msyuv.dll] -> [2009/12/19 11:47:56 | 000,025,088 | ---- | M] (Microsoft Corporation)
"vidc.yvu9" -> C:\Windows\SysNative\tsbyuv.dll [tsbyuv.dll] -> [2009/12/19 11:50:56 | 000,014,848 | ---- | M] (Microsoft Corporation)
"vidc.yvyu" -> C:\Windows\SysNative\msyuv.dll [msyuv.dll] -> [2009/12/19 11:47:56 | 000,025,088 | ---- | M] (Microsoft Corporation)
"wave" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation)
"wave1" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation)
"wave2" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation)
"wave3" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation)
"wave4" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation)
"wavemapper" -> C:\Windows\SysNative\msacm32.drv [msacm32.drv] -> [2009/07/14 03:38:50 | 000,025,600 | ---- | M] (Microsoft Corporation)
< Drivers32 [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 -> 
"msacm.l3acm" -> C:\Windows\SysWOW64\l3codeca.acm [C:\Windows\SysWOW64\l3codeca.acm] -> [2009/07/14 03:14:10 | 000,064,000 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS)
"msacm.siren" -> C:\Windows\SysWow64\sirenacm.dll [sirenacm.dll] -> [2009/07/26 17:44:56 | 000,048,448 | ---- | M] (Microsoft Corporation)
"vidc.cvid" -> C:\Windows\SysWow64\iccvid.dll [iccvid.dll] -> [2009/07/14 03:15:26 | 000,082,944 | ---- | M] (Radius Inc.)
< 64bit-Ext (PreApproved) - [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ -> 
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{19916E01-B44E-4E31-94A4-4696DF46157B} [HKLM] -> C:\Windows\SysNative\icardie.dll [informationCardSigninHelper Class] -> [2009/07/14 03:41:05 | 000,084,480 | ---- | M] (Microsoft Corporation)
{233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{3050F819-98B5-11CF-BB82-00AA00BDCE0B} [HKLM] -> C:\Windows\SysNative\mshtmled.dll [HtmlDlgSafeHelper Class] -> [2009/07/14 03:41:28 | 000,097,280 | ---- | M] (Microsoft Corporation)
{333C7BC4-460F-11D0-BC04-0080C7055A83} [HKLM] -> C:\Windows\SysNative\tdc.ocx [Tabular Data Control] -> [2009/07/14 03:38:53 | 000,078,336 | ---- | M] (Microsoft Corporation)
{3E4D4F1C-2AEE-11D1-9D3D-00C04FC30DF6} [HKLM] -> C:\Windows\SysNative\oleprn.dll [oleprn Class] -> [2009/07/14 03:41:53 | 000,129,536 | ---- | M] (Microsoft Corporation)
{4063BE15-3B08-470D-A0D5-B37161CFFD69} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{435899C9-44AB-11D1-AF00-080036234103} [HKLM] -> C:\Windows\SysNative\oleprn.dll [DSPrintQueue Class] -> [2009/07/14 03:41:53 | 000,129,536 | ---- | M] (Microsoft Corporation)
{4F664F91-FF01-11D0-8AED-00C04FD7B597} [HKLM] -> C:\Windows\SysNative\oleprn.dll [OleSNMP Class] -> [2009/07/14 03:41:53 | 000,129,536 | ---- | M] (Microsoft Corporation)
{65303443-AD66-11D1-9D65-00C04FC30DF6} [HKLM] -> C:\Windows\SysNative\oleprn.dll [OleCvt Class] -> [2009/07/14 03:41:53 | 000,129,536 | ---- | M] (Microsoft Corporation)
{6BF52A52-394A-11d3-B153-00C04F79FAA6} [HKLM] -> C:\Windows\SysNative\wmp.dll [Windows Media Player] -> [2009/08/29 09:53:27 | 014,629,376 | ---- | M] (Microsoft Corporation)
{760C4B83-E211-11D2-BF3E-00805FBE84A6} [HKLM] -> C:\Windows\SysNative\msnetobj.dll [Windows Media Services DRM Storage object] -> [2009/07/14 03:41:30 | 000,325,632 | ---- | M] (Microsoft Corporation)
{884e2049-217d-11da-b2a4-000e7bbb2b09} [HKLM] -> C:\Windows\SysNative\CertEnrollCtrl.exe [X509 Enrollment WebClassFactory] -> [2009/07/14 03:38:58 | 000,070,144 | ---- | M] (Microsoft Corporation)
{884e2051-217d-11da-b2a4-000e7bbb2b09} [HKLM] -> C:\Windows\SysNative\CertEnroll.dll [X509 Machine Enrollment Factory] -> [2009/09/03 09:36:39 | 001,975,296 | ---- | M] (Microsoft Corporation)
{88d969c0-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{88d969c1-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{88d969c2-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{88d969c3-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{88d969c4-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{88d969c5-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{8E4062D9-FE1B-4b9e-AA16-5E8EEF68F48E} [HKLM] -> C:\Windows\SysNative\RegCtrl.dll [Registration Control] -> [2009/07/14 03:41:53 | 000,049,152 | ---- | M] (Microsoft Corporation)
{92337A8C-E11D-11D0-BE48-00C04FC30DF6} [HKLM] -> C:\Windows\SysNative\oleprn.dll [prturl Class] -> [2009/07/14 03:41:53 | 000,129,536 | ---- | M] (Microsoft Corporation)
{A9FC132B-096D-460B-B7D5-1DB0FAE0C062} [HKLM] -> C:\Windows\SysNative\msnetobj.dll [RMGetLicense Class] -> [2009/07/14 03:41:30 | 000,325,632 | ---- | M] (Microsoft Corporation)
{C3701884-B39B-11D1-9D68-00C04FC30DF6} [HKLM] -> C:\Windows\SysNative\oleprn.dll [OleInstall Class] -> [2009/07/14 03:41:53 | 000,129,536 | ---- | M] (Microsoft Corporation)
{CA8A9780-280D-11CF-A24D-444553540000} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{CFCDAA03-8BE4-11cf-B84B-0020AFBBCCFA} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{D27CDB6E-AE6D-11cf-96B8-444553540000} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{EE09B103-97E0-11CF-978F-00A02463E06F} [HKLM] -> C:\Windows\SysNative\scrrun.dll [scripting.Dictionary] -> [2009/07/14 03:41:53 | 000,202,752 | ---- | M] (Microsoft Corporation)
< Ext (PreApproved) - [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ -> 
{02BCC737-B171-4746-94C9-0D8A0B2C0089} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\IEAWSDC.DLL [Microsoft Office Template and Media Control] -> [2008/10/25 07:18:50 | 000,172,880 | ---- | M] ()
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [HKLM] -> C:\Program Files (x86)\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2010/03/17 23:28:24 | 000,800,048 | ---- | M] (Apple Inc.)
{07B06095-5687-4D13-9E32-12B4259C9813} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\STSUPLD.DLL [sTSUpld UploadCtl Class] -> [2006/10/27 04:59:30 | 000,227,128 | ---- | M] (Microsoft Corporation)
{166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{19916E01-B44E-4E31-94A4-4696DF46157B} [HKLM] -> C:\Windows\SysWOW64\icardie.dll [informationCardSigninHelper Class] -> [2009/07/14 03:15:26 | 000,061,952 | ---- | M] (Microsoft Corporation)
{233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{3050F819-98B5-11CF-BB82-00AA00BDCE0B} [HKLM] -> C:\Windows\SysWOW64\mshtmled.dll [HtmlDlgSafeHelper Class] -> [2009/07/14 03:15:44 | 000,067,072 | ---- | M] (Microsoft Corporation)
{333C7BC4-460F-11D0-BC04-0080C7055A83} [HKLM] -> C:\Windows\SysWOW64\tdc.ocx [Tabular Data Control] -> [2009/07/14 03:14:10 | 000,066,560 | ---- | M] (Microsoft Corporation)
{3E4D4F1C-2AEE-11D1-9D3D-00C04FC30DF6} [HKLM] -> C:\Windows\SysWOW64\oleprn.dll [oleprn Class] -> [2009/07/14 03:16:12 | 000,107,008 | ---- | M] (Microsoft Corporation)
{3E8FD258-0359-4476-AAF4-7C5F65E9B46E} [HKLM] -> C:\Program Files (x86)\Common Files\Oberon Media\Odyssey\2.0.0.29\Odyssey.dll [OdysseyActiveX Class] -> [2007/07/04 13:17:40 | 000,206,120 | ---- | M] (Oberon Media)
{3FD37ABB-F90A-4DE5-AA38-179629E64C2F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSSUPP.DLL [sharePoint Spreadsheet Launcher] -> [2009/03/06 05:23:08 | 000,140,168 | ---- | M] (Microsoft Corporation)
{4063BE15-3B08-470D-A0D5-B37161CFFD69} [HKLM] -> C:\Program Files (x86)\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2010/03/17 23:28:24 | 000,800,048 | ---- | M] (Apple Inc.)
{435899C9-44AB-11D1-AF00-080036234103} [HKLM] -> C:\Windows\SysWOW64\oleprn.dll [DSPrintQueue Class] -> [2009/07/14 03:16:12 | 000,107,008 | ---- | M] (Microsoft Corporation)
{4F07F79F-087F-42cf-8B36-7A88D06088E9} [HKLM] -> C:\Program Files (x86)\Windows Live\Messenger\msgsc.14.0.8089.0726.dll [Reg Error: Value error.] -> [2009/07/26 17:44:56 | 000,221,520 | ---- | M] (Microsoft Corporation)
{4F664F91-FF01-11D0-8AED-00C04FD7B597} [HKLM] -> C:\Windows\SysWOW64\oleprn.dll [OleSNMP Class] -> [2009/07/14 03:16:12 | 000,107,008 | ---- | M] (Microsoft Corporation)
{5852F5ED-8BF4-11D4-A245-0080C6F74284} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\wsdetect.dll [isInstalled Class] -> [2010/06/05 12:05:37 | 000,108,320 | ---- | M] (Sun Microsystems, Inc.)
{62B4D041-4667-40B6-BB50-4BC0A5043A73} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSSUPP.DLL [sharePoint Export Database Launcher] -> [2009/03/06 05:23:08 | 000,140,168 | ---- | M] (Microsoft Corporation)
{65303443-AD66-11D1-9D65-00C04FC30DF6} [HKLM] -> C:\Windows\SysWOW64\oleprn.dll [OleCvt Class] -> [2009/07/14 03:16:12 | 000,107,008 | ---- | M] (Microsoft Corporation)
{65BCBEE4-7728-41A0-97BE-14E1CAE36AAE} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\STSLIST.DLL [Microsoft Office List 12.0] -> [2009/03/06 04:01:06 | 002,335,648 | ---- | M] (Microsoft Corporation)
{6BF52A52-394A-11d3-B153-00C04F79FAA6} [HKLM] -> C:\Windows\SysWOW64\wmp.dll [Windows Media Player] -> [2009/08/29 08:59:32 | 011,406,336 | ---- | M] (Microsoft Corporation)
{760C4B83-E211-11D2-BF3E-00805FBE84A6} [HKLM] -> C:\Windows\SysWOW64\msnetobj.dll [Windows Media Services DRM Storage object] -> [2009/07/14 03:15:46 | 000,265,216 | ---- | M] (Microsoft Corporation)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{884e2049-217d-11da-b2a4-000e7bbb2b09} [HKLM] -> C:\Windows\SysWOW64\CertEnrollCtrl.exe [X509 Enrollment WebClassFactory] -> [2009/07/14 03:14:13 | 000,067,072 | ---- | M] (Microsoft Corporation)
{884e2051-217d-11da-b2a4-000e7bbb2b09} [HKLM] -> C:\Windows\SysWOW64\CertEnroll.dll [X509 Machine Enrollment Factory] -> [2009/09/03 09:04:15 | 001,320,960 | ---- | M] (Microsoft Corporation)
{88d969c0-f192-11d4-a65f-0040963251e5} [HKLM] -> C:\Windows\SysWOW64\msxml4.dll [xml DOM Document 4.0] -> [2009/07/21 01:05:40 | 001,348,432 | ---- | M] (Microsoft Corporation)
{88d969c1-f192-11d4-a65f-0040963251e5} [HKLM] -> C:\Windows\SysWOW64\msxml4.dll [Free Threaded XML DOM Document 4.0] -> [2009/07/21 01:05:40 | 001,348,432 | ---- | M] (Microsoft Corporation)
{88d969c2-f192-11d4-a65f-0040963251e5} [HKLM] -> C:\Windows\SysWOW64\msxml4.dll [xml Schema Cache 4.0] -> [2009/07/21 01:05:40 | 001,348,432 | ---- | M] (Microsoft Corporation)
{88d969c3-f192-11d4-a65f-0040963251e5} [HKLM] -> C:\Windows\SysWOW64\msxml4.dll [XSL Template 4.0] -> [2009/07/21 01:05:40 | 001,348,432 | ---- | M] (Microsoft Corporation)
{88d969c4-f192-11d4-a65f-0040963251e5} [HKLM] -> C:\Windows\SysWOW64\msxml4.dll [xml Data Source Object 4.0] -> [2009/07/21 01:05:40 | 001,348,432 | ---- | M] (Microsoft Corporation)
{88d969c5-f192-11d4-a65f-0040963251e5} [HKLM] -> C:\Windows\SysWOW64\msxml4.dll [xml HTTP 4.0] -> [2009/07/21 01:05:40 | 001,348,432 | ---- | M] (Microsoft Corporation)
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_20] -> [2010/06/05 12:05:37 | 000,108,320 | ---- | M] ()
{8E4062D9-FE1B-4b9e-AA16-5E8EEF68F48E} [HKLM] -> C:\Windows\SysWOW64\RegCtrl.dll [Registration Control] -> [2009/07/14 03:16:13 | 000,041,472 | ---- | M] (Microsoft Corporation)
{9203C2CB-1DC1-482D-967E-597AFF270F0D} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSSUPP.DLL [sharePoint OpenDocuments Class] -> [2009/03/06 05:23:08 | 000,140,168 | ---- | M] (Microsoft Corporation)
{92337A8C-E11D-11D0-BE48-00C04FC30DF6} [HKLM] -> C:\Windows\SysWOW64\oleprn.dll [prturl Class] -> [2009/07/14 03:16:12 | 000,107,008 | ---- | M] (Microsoft Corporation)
{9F9C4924-C3F3-4459-A396-9E9E0D8B83D1} [HKLM] -> Reg Error: Key error. [sharePoint OpenDocuments Class] -> File not found
{A9FC132B-096D-460B-B7D5-1DB0FAE0C062} [HKLM] -> C:\Windows\SysWOW64\msnetobj.dll [RMGetLicense Class] -> [2009/07/14 03:15:46 | 000,265,216 | ---- | M] (Microsoft Corporation)
{BDEADE3E-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWSClientEventSubscription Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation)
{BDEADE3F-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWSClientMiscApis Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation)
{BDEADE40-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWSClientCommentThread Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation)
{BDEADE42-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWSClientComment Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation)
{BDEADE43-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWSBrowserUI Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation)
{BDEADE98-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWS Post Data] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation)
{BDEADE9E-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [sharePoint Spreadsheet Launcher] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation)
{BDEADEB3-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [Web Discussions] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation)
{BDEADEB4-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [Web Discussions] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation)
{BDEADEB5-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [Web Discussions] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation)
{BDEADEB7-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWSDiscussionServers Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation)
{BDEADEB8-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWSClientCollaboration Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation)
{BDEADEDA-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OSE.Discussion] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation)
{BDEADEDB-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OSE.Discussions] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation)
{BDEADEDC-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OSE.DiscussionServer] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation)
{BDEADEDD-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OSE.DiscussionServers] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation)
{BDEADEDE-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OSE Global Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation)
{BDEADEE0-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWSDiscussionBar Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation)
{BDEADEF2-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> Reg Error: Key error. [sharePoint OpenDocuments Class] -> File not found
{BDEADEF4-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> Reg Error: Key error. [sharePoint Stssync Handler] -> File not found
{BDEADEF5-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSSUPP.DLL [sharePoint Stssync Handler] -> [2009/03/06 05:23:08 | 000,140,168 | ---- | M] (Microsoft Corporation)
{C2828995-4A83-4100-A212-3024BA117356} [HKLM] -> C:\Program Files (x86)\Windows Live SkyDrive\Microsoft.Live.Folders.RichUpload.3.dll [Outil de téléchargement Windows Live] -> [2008/10/29 12:46:56 | 000,245,112 | ---- | M] (Microsoft Corporation)
{C3701884-B39B-11D1-9D68-00C04FC30DF6} [HKLM] -> C:\Windows\SysWOW64\oleprn.dll [OleInstall Class] -> [2009/07/14 03:16:12 | 000,107,008 | ---- | M] (Microsoft Corporation)
{C9712B19-838B-45A5-ABF2-9A315DDDED50} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\AUTHZAX.DLL [Microsoft Office 12 Authorization Control] -> [2008/10/25 07:18:46 | 000,054,152 | ---- | M] (Microsoft Corporation)
{CA8A9780-280D-11CF-A24D-444553540000} [HKLM] -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll [Adobe PDF Reader] -> [2010/04/04 01:22:06 | 000,660,912 | ---- | M] (Adobe Systems, Inc.)
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_20] -> [2010/06/05 12:05:37 | 000,108,320 | ---- | M] ()
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_20] -> [2010/06/05 12:05:37 | 000,108,320 | ---- | M] ()
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_20] -> [2010/06/05 12:05:37 | 000,108,320 | ---- | M] ()
{CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA} [HKLM] -> C:\Windows\SysWOW64\deployJava1.dll [Deployment Toolkit] -> [2010/06/05 12:05:37 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.)
{CAFEEFAC-DEC7-0000-0001-ABCDEFFEDCBA} [HKLM] -> C:\Windows\SysWOW64\deployJava1.dll [Deployment Toolkit] -> [2010/06/05 12:05:37 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.)
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBC} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{CB927D12-4FF7-4A9E-A169-56E4B8A75598} [HKLM] -> C:\Program Files (x86)\QuickTime\QTPlugin.ocx [behavior Object] -> [2010/03/17 23:28:24 | 000,800,048 | ---- | M] (Apple Inc.)
{CDEC13B2-0B3C-400E-B909-E27EE89C6799} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\STSUPLD.DLL [sTSUpld CopyCtl Class] -> [2006/10/27 04:59:30 | 000,227,128 | ---- | M] (Microsoft Corporation)
{CFCDAA03-8BE4-11cf-B84B-0020AFBBCCFA} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{D2517915-48CE-4286-970F-921E881B8C5C} [HKLM] -> C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll [Contrôle de l'Assistant de connexion Windows Live] -> [2009/01/22 16:41:30 | 000,408,448 | ---- | M] (Microsoft Corporation)
{D27CDB6E-AE6D-11cf-96B8-444553540000} [HKLM] -> C:\Windows\SysWOW64\Macromed\Flash\Flash10h.ocx [shockwave Flash Object] -> [2010/06/12 18:25:27 | 005,712,336 | R--- | M] (Adobe Systems, Inc.)
{D719897A-B07A-4C0C-AEA9-9B663A28DFCB} [HKLM] -> C:\Program Files (x86)\iTunes\ITDetector.ocx [iTunesDetector Class] -> [2010/04/28 15:06:20 | 000,111,912 | ---- | M] (Apple Inc.)
{DFEAF541-F3E1-4c24-ACAC-99C30715084A} [HKLM] -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50524.0\npctrl.dll [Microsoft Silverlight] -> [2010/05/23 23:30:20 | 001,013,760 | ---- | M] ( Microsoft Corporation)
{E13AAC70-70AE-4988-808C-B267F2C20E79} [HKLM] -> C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [Reg Error: Value error.] -> [2009/07/26 17:44:52 | 003,883,856 | ---- | M] (Microsoft Corporation)
{E1771B7F-98BE-407F-BA67-AA16ADA5D0C5} [HKLM] -> C:\Program Files (x86)\Windows Live\Messenger\msgsc.14.0.8089.0726.dll [Reg Error: Value error.] -> [2009/07/26 17:44:56 | 000,221,520 | ---- | M] (Microsoft Corporation)
{E543A17A-F212-49C0-B63D-BF09B460250E} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\oisctrl.dll [OISClientLauncher Class] -> [2009/03/06 05:23:50 | 000,022,432 | ---- | M] (Microsoft Corporation)
{E7339A62-0E31-4A5E-BA3D-F2FEDFBF8BE5} [HKLM] -> C:\Program Files (x86)\Common Files\microsoft shared\Portal\PortalConnectCore.dll [PersonalSite Class] -> [2008/10/26 06:42:16 | 000,482,656 | ---- | M] ()
{E9DA06F1-632C-462F-98B3-AF74B47DA727} [HKLM] -> C:\Program Files (x86)\Google\Update\1.2.183.29\npGoogleOneClick8.dll [Google Update Plugin] -> [2010/06/16 18:55:20 | 000,219,800 | ---- | M] (Google Inc.)
{EE09B103-97E0-11CF-978F-00A02463E06F} [HKLM] -> C:\Windows\SysWOW64\scrrun.dll [scripting.Dictionary] -> [2009/07/14 03:16:13 | 000,163,840 | ---- | M] (Microsoft Corporation)
{F06608C7-1874-4EEA-B3B2-DF99EBB144B8} [HKLM] -> C:\Program Files (x86)\Windows Live\Messenger\msgsc.14.0.8089.0726.dll [Reg Error: Value error.] -> [2009/07/26 17:44:56 | 000,221,520 | ---- | M] (Microsoft Corporation)
{F9152AEC-3462-4632-8087-EEE3C3CDDA24} [HKLM] -> C:\Program Files (x86)\Google\Google Earth\plugin\ie\5.2.0.5932\plugin_ax.dll [GEPluginCoClass Object] -> [2010/05/06 08:36:43 | 005,102,064 | ---- | M] (Google)
< Ext (Settings) - [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\ -> 
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{27B4851A-3207-45A2-B947-BE8AFE6163AB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{30CEEEA2-3742-40E4-85DD-812BF1CBB83D} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [spybot-S&D IE Protection] -> [2009/01/26 16:31:02 | 001,879,896 | ---- | M] (Safer Networking Limited)
{7DB2D5A0-7241-4E79-B68D-6309F01C5231} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll [Programme d'aide de l'Assistant de connexion Windows Live] -> [2009/01/22 16:41:30 | 000,408,448 | ---- | M] (Microsoft Corporation)
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{B164E929-A1B6-4A06-B104-2CD0E90A88FF} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{BF00E119-21A3-4FD1-B178-3B8537E75C92} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\Windows\SysWOW64\Macromed\Flash\Flash10h.ocx [shockwave Flash Object] -> [2010/06/12 18:25:27 | 005,712,336 | R--- | M] (Adobe Systems, Inc.)
{F0DA78E9-6B60-42FB-BC26-EF2CFB8C8FF3} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< Ext (Stats) - [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\ -> 
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{219C3416-8CB2-491A-A3C7-D9FCDDC9D600} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{2670000A-7350-4F3C-8081-5663EE0C6C49} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{27B4851A-3207-45A2-B947-BE8AFE6163AB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{30CEEEA2-3742-40E4-85DD-812BF1CBB83D} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{4063BE15-3B08-470D-A0D5-B37161CFFD69} [HKLM] -> C:\Program Files (x86)\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2010/03/17 23:28:24 | 000,800,048 | ---- | M] (Apple Inc.)
{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [spybot-S&D IE Protection] -> [2009/01/26 16:31:02 | 001,879,896 | ---- | M] (Safer Networking Limited)
{5C255C8A-E604-49B4-9D64-90988571CECB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
64bit-{6BF52A52-394A-11D3-B153-00C04F79FAA6} [HKLM] -> C:\Windows\SysNative\wmp.dll [Windows Media Player] -> [2009/08/29 09:53:27 | 014,629,376 | ---- | M] (Microsoft Corporation)
{6BF52A52-394A-11D3-B153-00C04F79FAA6} [HKLM] -> C:\Windows\SysWOW64\wmp.dll [Windows Media Player] -> [2009/08/29 08:59:32 | 011,406,336 | ---- | M] (Microsoft Corporation)
{7DB2D5A0-7241-4E79-B68D-6309F01C5231} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll [Programme d'aide de l'Assistant de connexion Windows Live] -> [2009/01/22 16:41:30 | 000,408,448 | ---- | M] (Microsoft Corporation)
{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{AA58ED58-01DD-4D91-8333-CF10577473F7} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{B164E929-A1B6-4A06-B104-2CD0E90A88FF} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{BF00E119-21A3-4FD1-B178-3B8537E75C92} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\Windows\SysWOW64\Macromed\Flash\Flash10h.ocx [shockwave Flash Object] -> [2010/06/12 18:25:27 | 005,712,336 | R--- | M] (Adobe Systems, Inc.)
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{DFEAF541-F3E1-4C24-ACAC-99C30715084A} [HKLM] -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50524.0\npctrl.dll [Microsoft Silverlight] -> [2010/05/23 23:30:20 | 001,013,760 | ---- | M] ( Microsoft Corporation)
{F0DA78E9-6B60-42FB-BC26-EF2CFB8C8FF3} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< 64bit-File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ -> 
.bat [@ = batfile] -> "%1" %* -> 
.cmd [@ = cmdfile] -> "%1" %* -> 
.com [@ = comfile] -> "%1" %* -> 
.exe [@ = exefile] -> "%1" %* -> 
.pif [@ = piffile] -> "%1" %* -> 
.scr [@ = scrfile] -> "%1" /S -> 
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ -> 
.bat [@ = batfile] -> "%1" %* -> 
.cmd [@ = cmdfile] -> "%1" %* -> 
.com [@ = comfile] -> "%1" %* -> 
.cpl [@ = cplfile] -> C:\Windows\SysWow64\control.exe -> [2009/07/14 03:14:15 | 000,113,152 | ---- | M] (Microsoft Corporation)
.exe [@ = exefile] -> "%1" %* -> 
.pif [@ = piffile] -> "%1" %* -> 
.scr [@ = scrfile] -> "%1" /S -> 
< File Associations - Select to Repair > -> HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\SOFTWARE\Classes\<extension>\ -> 
.html [@ = FirefoxHTML] -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe -> [2010/04/01 20:01:50 | 000,910,296 | ---- | M] (Mozilla Corporation)
< 64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> ->
*netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs ->
Ias -> C:\Windows\SysNative\ias -> [2009/07/14 05:20:14 | 000,000,000 | ---D | M]
Irmon -> C:\Windows\SysNative\irmon.dll -> [2009/07/14 03:41:11 | 000,023,552 | ---- | M] (Microsoft Corporation)
UxTuneUp -> C:\Windows\SysNative\uxtuneup.dll -> [2010/05/07 18:01:52 | 000,036,168 | ---- | M] (TuneUp Software)
Wmi -> C:\Windows\SysNative\wmi.dll -> [2009/07/14 03:33:56 | 000,005,120 | ---- | M] (Microsoft Corporation)
Themes -> C:\Windows\SysNative\themeservice.dll -> [2009/07/14 03:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation)
BDESVC -> C:\Windows\SysNative\bdesvc.dll -> [2009/07/14 03:40:10 | 000,100,864 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> ->
*netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs ->
Ias -> C:\Windows\SysWOW64\ias.dll -> [2009/07/14 03:15:26 | 000,019,456 | ---- | M] (Microsoft Corporation)
Wmi -> C:\Windows\SysWOW64\wmi.dll -> [2009/07/14 03:11:09 | 000,005,120 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
< 64bit-Protocol Filters [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ -> 
text/xml:{807563E5-5146-11D5-A672-00B0D022E945} [HKLM] -> C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL[Microsoft Office InfoPath XML Mime Filter] -> [2008/10/25 17:34:10 | 000,108,920 | ---- | M] (Microsoft Corporation)
< 64bit-Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> 
dssrequest:{5513F07E-936B-4E52-9B00-067394E91CC5} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found
livecall:{828030A1-22C1-4009-854F-8E305202313F} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found
ms-help:{314111c7-a502-11d2-bbca-00c04f8ec294} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found
ms-itss:{0A9007C0-4076-11D3-8789-0000F8105754} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found
msnim:{828030A1-22C1-4009-854F-8E305202313F} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found
sacore:{5513F07E-936B-4E52-9B00-067394E91CC5} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found
wlmailhtml:{03C514A3-1EFB-4856-9F99-10D7BE1653C0} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> 
dssrequest:{5513F07E-936B-4E52-9B00-067394E91CC5} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found
livecall:{828030A1-22C1-4009-854F-8E305202313F} [HKLM] -> C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll[Reg Error: Value error.] -> [2009/07/26 17:44:54 | 000,061,264 | ---- | M] (Microsoft Corporation)
msnim:{828030A1-22C1-4009-854F-8E305202313F} [HKLM] -> C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll[Reg Error: Value error.] -> [2009/07/26 17:44:54 | 000,061,264 | ---- | M] (Microsoft Corporation)
sacore:{5513F07E-936B-4E52-9B00-067394E91CC5} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found
wlmailhtml:{03C514A3-1EFB-4856-9F99-10D7BE1653C0} [HKLM] -> C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll[Windows Live Mail HTML Asynchronous Pluggable Protocol Handler] -> [2009/07/26 17:44:48 | 000,789,824 | ---- | M] (Microsoft Corporation)
< 64bit-SafeBoot-Minimal Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ -> 
{36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers
{4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive
{4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive
{4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller
{4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc
{4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard
{4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse
{4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters
{4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter
{4D36E97D-E325-11CE-BFC1-08002BE10318} -> System
{4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive
{533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy
{6BDD1FC1-810F-11D0-BEC7-08002BE2092F} -> IEEE 1394 Bus host controllers
{71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume
{745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices
{D48179BE-EC20-11D1-B6B8-00C04FA372A7} -> SBP2 IEEE 1394 Devices
{D94EE5D8-D189-4994-83D2-F68D7D41B0E6} -> SecurityDevices
AppMgmt -> Service
Base -> Driver Group
Boot Bus Extender -> Driver Group
Boot file system -> Driver Group
File system -> Driver Group
Filter -> Driver Group
HelpSvc -> Service
Lavasoft Ad-Aware Service -> 32bit -> File not found
MCODS -> 
NTDS -> 32bit -> File not found
PCI Configuration -> Driver Group
PNP Filter -> Driver Group
Power -> C:\Windows\SysNative\umpo.dll -> [2009/07/14 03:41:56 | 000,163,840 | ---- | M] (Microsoft Corporation)
Primary disk -> Driver Group
RpcEptMapper -> C:\Windows\SysNative\RpcEpMap.dll -> [2009/07/14 03:41:53 | 000,067,072 | ---- | M] (Microsoft Corporation)
sacsvr -> Service
SASCORE -> C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -> [2010/04/28 17:23:07 | 000,120,832 | ---- | M] (SUPERAntiSpyware.com)
SCSI Class -> Driver Group
System Bus Extender -> Driver Group
TrustedInstaller -> 32bit -> File not found
vmms -> Service
WinDefend -> C:\Program Files\Windows Defender\mpsvc.dll -> [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation)
WudfPf -> C:\Windows\SysNative\drivers\WUDFPf.sys -> [2009/07/14 02:05:37 | 000,112,128 | ---- | M] (Microsoft Corporation)
< SafeBoot-Minimal Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ -> 
{36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers
{4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive
{4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive
{4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller
{4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc
{4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard
{4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse
{4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters
{4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter
{4D36E97D-E325-11CE-BFC1-08002BE10318} -> System
{4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive
{533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy
{6BDD1FC1-810F-11D0-BEC7-08002BE2092F} -> IEEE 1394 Bus host controllers
{71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume
{745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices
{D48179BE-EC20-11D1-B6B8-00C04FA372A7} -> SBP2 IEEE 1394 Devices
{D94EE5D8-D189-4994-83D2-F68D7D41B0E6} -> SecurityDevices
AppInfo -> 64bit -> File not found
AppMgmt -> Service
Base -> Driver Group
Boot Bus Extender -> Driver Group
Boot file system -> Driver Group
DcomLaunch -> 64bit -> File not found
EFS -> 64bit -> File not found
EventLog -> 64bit -> File not found
File system -> Driver Group
Filter -> Driver Group
HelpSvc -> Service
Lavasoft Ad-Aware Service -> C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -> [2010/06/16 13:07:26 | 001,352,832 | ---- | M] (Lavasoft)
MCODS -> 
NTDS -> 64bit -> File not found
PCI Configuration -> Driver Group
PlugPlay -> 64bit -> File not found
PNP Filter -> Driver Group
Power -> 64bit -> File not found
Primary disk -> Driver Group
ProfSvc -> 64bit -> File not found
RpcEptMapper -> 64bit -> File not found
RpcSs -> 64bit -> File not found
sacsvr -> Service
SASCORE -> 64bit -> File not found
SCSI Class -> Driver Group
sermouse.sys -> 64bit -> File not found
SWPRV -> 64bit -> File not found
System Bus Extender -> Driver Group
TabletInputService -> 64bit -> File not found
TBS -> 64bit -> File not found
VDS -> C:\Windows\SysWOW64\wbem\vds.mof -> [2009/07/13 22:30:11 | 000,061,056 | ---- | M] ()
vga.sys -> 64bit -> File not found
vgasave.sys -> 64bit -> File not found
vmms -> Service
volmgr.sys -> 64bit -> File not found
volmgrx.sys -> 64bit -> File not found
WinDefend -> 64bit -> File not found
WinMgmt -> 64bit -> File not found
WudfPf -> 64bit -> File not found
WudfRd -> 64bit -> File not found
WudfSvc -> 64bit -> File not found
< 64bit-SafeBoot-Network Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ -> 
{36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers
{4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive
{4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive
{4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller
{4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc
{4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard
{4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse
{4D36E972-E325-11CE-BFC1-08002BE10318} -> Net
{4D36E973-E325-11CE-BFC1-08002BE10318} -> NetClient
{4D36E974-E325-11CE-BFC1-08002BE10318} -> NetService
{4D36E975-E325-11CE-BFC1-08002BE10318} -> NetTrans
{4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters
{4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter
{4D36E97D-E325-11CE-BFC1-08002BE10318} -> System
{4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive
{50DD5230-BA8A-11D1-BF5D-0000F805F530} -> Smart card readers
{533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy
{6BDD1FC1-810F-11D0-BEC7-08002BE2092F} -> IEEE 1394 Bus host controllers
{71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume
{745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices
{D48179BE-EC20-11D1-B6B8-00C04FA372A7} -> SBP2 IEEE 1394 Devices
{D94EE5D8-D189-4994-83D2-F68D7D41B0E6} -> SecurityDevices
AppMgmt -> Service
Base -> Driver Group
Boot Bus Extender -> Driver Group
Boot file system -> Driver Group
Dhcp -> C:\Windows\SysNative\dhcpcore.dll -> [2009/07/14 03:40:28 | 000,314,368 | ---- | M] (Microsoft Corporation)
File system -> Driver Group
Filter -> Driver Group
HelpSvc -> Service
Lavasoft Ad-Aware Service -> 32bit -> File not found
Messenger -> Service
NDIS Wrapper -> Driver Group
ndiscap -> C:\Windows\SysNative\drivers\ndiscap.sys -> [2009/07/14 02:08:13 | 000,035,328 | ---- | M] (Microsoft Corporation)
NetBIOSGroup -> Driver Group
NetDDEGroup -> Driver Group
Network -> Driver Group
NetworkProvider -> Driver Group
NTDS -> 32bit -> File not found
PCI Configuration -> Driver Group
PNP Filter -> Driver Group
PNP_TDI -> Driver Group
Power -> C:\Windows\SysNative\umpo.dll -> [2009/07/14 03:41:56 | 000,163,840 | ---- | M] (Microsoft Corporation)
Primary disk -> Driver Group
rdsessmgr -> Service
RpcEptMapper -> C:\Windows\SysNative\RpcEpMap.dll -> [2009/07/14 03:41:53 | 000,067,072 | ---- | M] (Microsoft Corporation)
sacsvr -> Service
SASCORE -> C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -> [2010/04/28 17:23:07 | 000,120,832 | ---- | M] (SUPERAntiSpyware.com)
SCSI Class -> Driver Group
Streams Drivers -> Driver Group
System Bus Extender -> Driver Group
TDI -> Driver Group
TrustedInstaller -> 32bit -> File not found
vmms -> Service
WinDefend -> C:\Program Files\Windows Defender\mpsvc.dll -> [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation)
WudfPf -> C:\Windows\SysNative\drivers\WUDFPf.sys -> [2009/07/14 02:05:37 | 000,112,128 | ---- | M] (Microsoft Corporation)
WudfUsbccidDriver -> Driver
< SafeBoot-Network Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ -> 
{36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers
{4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive
{4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive
{4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller
{4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc
{4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard
{4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse
{4D36E972-E325-11CE-BFC1-08002BE10318} -> Net
{4D36E973-E325-11CE-BFC1-08002BE10318} -> NetClient
{4D36E974-E325-11CE-BFC1-08002BE10318} -> NetService
{4D36E975-E325-11CE-BFC1-08002BE10318} -> NetTrans
{4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters
{4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter
{4D36E97D-E325-11CE-BFC1-08002BE10318} -> System
{4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive
{50DD5230-BA8A-11D1-BF5D-0000F805F530} -> Smart card readers
{533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy
{6BDD1FC1-810F-11D0-BEC7-08002BE2092F} -> IEEE 1394 Bus host controllers
{71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume
{745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices
{D48179BE-EC20-11D1-B6B8-00C04FA372A7} -> SBP2 IEEE 1394 Devices
{D94EE5D8-D189-4994-83D2-F68D7D41B0E6} -> SecurityDevices
AFD -> 64bit -> File not found
AppInfo -> 64bit -> File not found
AppMgmt -> Service
Base -> Driver Group
BFE -> 64bit -> File not found
Boot Bus Extender -> Driver Group
Boot file system -> Driver Group
bowser -> 64bit -> File not found
Browser -> 64bit -> File not found
DcomLaunch -> 64bit -> File not found
dfsc -> 64bit -> File not found
Dhcp -> C:\Windows\SysWOW64\dhcpcore.dll -> [2009/07/14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation)
DnsCache -> 64bit -> File not found
Dot3Svc -> 64bit -> File not found
Eaphost -> 64bit -> File not found
EFS -> 64bit -> File not found
EventLog -> 64bit -> File not found
File system -> Driver Group
Filter -> Driver Group
HelpSvc -> Service
IKEEXT -> 64bit -> File not found
ipnat.sys -> 64bit -> File not found
LanmanServer -> 64bit -> File not found
LanmanWorkstation -> 64bit -> File not found
Lavasoft Ad-Aware Service -> C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -> [2010/06/16 13:07:26 | 001,352,832 | ---- | M] (Lavasoft)
LmHosts -> 64bit -> File not found
Messenger -> Service
MPSDrv -> C:\Windows\SysWOW64\wbem\mpsdrv.mof -> [2009/06/10 23:28:14 | 000,001,088 | ---- | M] ()
MPSSvc -> 64bit -> File not found
mrxsmb -> 64bit -> File not found
mrxsmb10 -> 64bit -> File not found
mrxsmb20 -> 64bit -> File not found
NativeWifiP -> 64bit -> File not found
NDIS -> 64bit -> File not found
NDIS Wrapper -> Driver Group
ndiscap -> 64bit -> File not found
Ndisuio -> 64bit -> File not found
NetBIOS -> C:\Windows\SysWOW64\netbios.dll -> [2009/07/14 03:16:02 | 000,014,336 | ---- | M] (Microsoft Corporation)
NetBIOSGroup -> Driver Group
NetBT -> 64bit -> File not found
NetDDEGroup -> Driver Group
NetMan -> 64bit -> File not found
Network -> Driver Group
NetworkProvider -> Driver Group
NlaSvc -> 64bit -> File not found
Nsi -> 64bit -> File not found
nsiproxy.sys -> 64bit -> File not found
NTDS -> 64bit -> File not found
PCI Configuration -> Driver Group
PlugPlay -> 64bit -> File not found
PNP Filter -> Driver Group
PNP_TDI -> Driver Group
PolicyAgent -> 64bit -> File not found
Power -> 64bit -> File not found
Primary disk -> Driver Group
ProfSvc -> 64bit -> File not found
rdbss -> 64bit -> File not found
rdpencdd.sys -> 64bit -> File not found
rdsessmgr -> Service
RpcEptMapper -> 64bit -> File not found
RpcSs -> 64bit -> File not found
sacsvr -> Service
SASCORE -> 64bit -> File not found
SCardSvr -> 64bit -> File not found
SCSI Class -> Driver Group
sermouse.sys -> 64bit -> File not found
SharedAccess -> 64bit -> File not found
Streams Drivers -> Driver Group
SWPRV -> 64bit -> File not found
System Bus Extender -> Driver Group
TabletInputService -> 64bit -> File not found
TBS -> 64bit -> File not found
Tcpip -> C:\Windows\SysWOW64\wbem\tcpip.mof -> [2009/06/10 23:15:18 | 000,003,066 | ---- | M] ()
TDI -> Driver Group
VaultSvc -> 64bit -> File not found
VDS -> C:\Windows\SysWOW64\wbem\vds.mof -> [2009/07/13 22:30:11 | 000,061,056 | ---- | M] ()
vga.sys -> 64bit -> File not found
vgasave.sys -> 64bit -> File not found
vmms -> Service
volmgr.sys -> 64bit -> File not found
volmgrx.sys -> 64bit -> File not found
WinDefend -> 64bit -> File not found
WinMgmt -> 64bit -> File not found
Wlansvc -> 64bit -> File not found
WudfPf -> 64bit -> File not found
WudfRd -> 64bit -> File not found
WudfSvc -> 64bit -> File not found
WudfUsbccidDriver -> Driver
< 64bit-Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center -> 
64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
\\"cval" ->  [1] -> File not found
64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> -> 
64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\ -> -> 
64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc
\Svc\\"VistaSp1" ->  [28 4D B2 76 41 04 CA 01  [binary data]] -> File not found
\Svc\\"AntiVirusOverride" ->  [0] -> File not found
\Svc\\"AntiSpywareOverride" ->  [0] -> File not found
\Svc\\"FirewallOverride" ->  [0] -> File not found
64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol\ -> -> 
< Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
\\"DisableNotifications" ->  [0] -> File not found
\\"EnableFirewall" ->  [1] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging\ -> -> 
< Session Manager Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager -> 
*BootExecute* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\\BootExecute -> 
autocheck autochk * ->  -> File not found
lsdelete ->  -> File not found
*MultiFile Done* -> -> 
"ExcludeFromKnownDlls" ->  [binary data] -> 
64bit-*ObjectDirectories* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\\ObjectDirectories -> 
\Windows -> \Windows -> [2010/06/19 07:54:43 | 000,000,000 | ---D | M]
\RPC Control ->  -> File not found
*MultiFile Done* -> -> 
*ObjectDirectories* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\\ObjectDirectories -> 
\Windows -> \Windows -> [2010/06/19 07:54:43 | 000,000,000 | ---D | M]
\RPC Control ->  -> File not found
*MultiFile Done* -> -> 
< Session Manager Environment Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment -> 
64bit-"ComSpec" -> C:\Windows\SysNative\cmd.exe -> [2009/07/14 03:39:01 | 000,344,576 | ---- | M] (Microsoft Corporation)
"ComSpec" -> C:\Windows\SysWOW64\cmd.exe -> [2009/07/14 03:14:15 | 000,301,568 | ---- | M] (Microsoft Corporation)
"TEMP" -> C:\Windows\Temp -> [2010/06/19 13:19:45 | 000,000,000 | ---D | M]
"TMP" -> C:\Windows\Temp -> [2010/06/19 13:19:45 | 000,000,000 | ---D | M]
"windir" -> C:\Windows -> [2010/06/19 07:54:43 | 000,000,000 | ---D | M]
64bit-*Path* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\\Path -> 
C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common -> [2010/04/26 07:38:45 | 000,000,000 | ---D | M]
C:\Program Files (x86)\PC Connectivity Solution\ -> C:\Program Files (x86)\PC Connectivity Solution\ -> [2010/03/09 12:56:37 | 000,000,000 | ---D | M]
%SystemRoot%\system32 -> C:\Windows\SysNative -> File not found
%SystemRoot% -> C:\Windows -> [2010/06/19 07:54:43 | 000,000,000 | ---D | M]
%SystemRoot%\System32\Wbem -> C:\Windows\SysNative\wbem -> [2010/06/16 13:06:44 | 000,000,000 | ---D | M]
%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\ -> C:\Windows\SysNative\WindowsPowerShell\v1.0\ -> [2009/12/23 13:27:35 | 000,000,000 | ---D | M]
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86 -> C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86 -> [2009/10/13 00:44:38 | 000,000,000 | ---D | M]
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64 -> C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64 -> [2009/10/13 00:44:38 | 000,000,000 | ---D | M]
C:\Program Files (x86)\Common Files\Acronis\SnapAPI\ -> C:\Program Files (x86)\Common Files\Acronis\SnapAPI\ -> [2010/03/12 13:43:04 | 000,000,000 | ---D | M]
C:\Program Files (x86)\QuickTime\QTSystem\ -> C:\Program Files (x86)\QuickTime\QTSystem\ -> [2010/06/05 13:09:06 | 000,000,000 | ---D | M]
*MultiFile Done* -> -> 
*Path* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\\Path -> 
C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common -> [2010/04/26 07:38:45 | 000,000,000 | ---D | M]
C:\Program Files (x86)\PC Connectivity Solution\ -> C:\Program Files (x86)\PC Connectivity Solution\ -> [2010/03/09 12:56:37 | 000,000,000 | ---D | M]
%SystemRoot%\system32 -> C:\Windows\SysWOW64 -> [2010/06/18 19:26:27 | 000,000,000 | ---D | M]
%SystemRoot% -> C:\Windows -> [2010/06/19 07:54:43 | 000,000,000 | ---D | M]
%SystemRoot%\System32\Wbem -> C:\Windows\SysWOW64\wbem -> [2009/12/23 13:27:37 | 000,000,000 | ---D | M]
%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\ -> C:\Windows\SysWow64\WindowsPowerShell\v1.0\ -> [2009/12/23 13:27:38 | 000,000,000 | ---D | M]
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86 -> C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86 -> [2009/10/13 00:44:38 | 000,000,000 | ---D | M]
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64 -> C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64 -> [2009/10/13 00:44:38 | 000,000,000 | ---D | M]
C:\Program Files (x86)\Common Files\Acronis\SnapAPI\ -> C:\Program Files (x86)\Common Files\Acronis\SnapAPI\ -> [2010/03/12 13:43:04 | 000,000,000 | ---D | M]
C:\Program Files (x86)\QuickTime\QTSystem\ -> C:\Program Files (x86)\QuickTime\QTSystem\ -> [2010/06/05 13:09:06 | 000,000,000 | ---D | M]
*MultiFile Done* -> -> 
*PATHEXT* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\\PATHEXT -> 
.COM ->  -> File not found
.EXE ->  -> File not found
.BAT ->  -> File not found
.CMD ->  -> File not found
.VBS ->  -> File not found
.VBE ->  -> File not found
.JS ->  -> File not found
.JSE ->  -> File not found
.WSF ->  -> File not found
.WSH ->  -> File not found
.MSC ->  -> File not found
*MultiFile Done* -> -> 
< Session Manager FileRenameOperations Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\FileRenameOperations -> 
< Session Manager KnownDlls Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDlls -> 
64bit-"advapi32" -> C:\Windows\SysNative\advapi32.dll -> [2009/07/14 03:40:01 | 000,877,056 | ---- | M] (Microsoft Corporation)
64bit-"clbcatq" -> C:\Windows\SysNative\clbcatq.dll -> [2009/07/14 03:40:15 | 000,607,744 | ---- | M] (Microsoft Corporation)
64bit-"COMDLG32" -> C:\Windows\SysNative\comdlg32.dll -> [2009/07/14 03:40:22 | 000,595,456 | ---- | M] (Microsoft Corporation)
64bit-"DifxApi" -> C:\Windows\SysNative\difxapi.dll -> [2009/07/14 03:40:30 | 000,504,320 | ---- | M] (Microsoft Corporation)
64bit-"DllDirectory" -> C:\Windows\SysNative -> File not found
64bit-"DllDirectory32" -> C:\Windows\SysWOW64 -> [2010/06/18 19:26:27 | 000,000,000 | ---D | M]
64bit-"gdi32" -> C:\Windows\SysNative\gdi32.dll -> [2009/07/14 03:40:56 | 000,404,480 | ---- | M] (Microsoft Corporation)
64bit-"IERTUTIL" -> C:\Windows\SysNative\iertutil.dll -> [2009/07/14 03:41:06 | 002,440,704 | ---- | M] (Microsoft Corporation)
64bit-"IMAGEHLP" -> C:\Windows\SysNative\imagehlp.dll -> [2009/07/14 03:41:08 | 000,076,288 | ---- | M] (Microsoft Corporation)
64bit-"IMM32" -> C:\Windows\SysNative\imm32.dll -> [2009/07/14 03:41:09 | 000,167,424 | ---- | M] (Microsoft Corporation)
64bit-"kernel32" -> C:\Windows\SysNative\kernel32.dll -> [2009/07/14 03:41:13 | 001,162,240 | ---- | M] (Microsoft Corporation)
64bit-"LPK" -> C:\Windows\SysNative\lpk.dll -> [2009/07/14 03:41:19 | 000,041,984 | ---- | M] (Microsoft Corporation)
64bit-"MSCTF" -> C:\Windows\SysNative\msctf.dll -> [2009/07/14 03:41:28 | 001,067,008 | ---- | M] (Microsoft Corporation)
64bit-"MSVCRT" -> C:\Windows\SysNative\msvcrt.dll -> [2009/07/14 03:41:32 | 000,634,880 | ---- | M] (Microsoft Corporation)
64bit-"NORMALIZ" -> C:\Windows\SysNative\normaliz.dll -> [2009/07/14 03:31:40 | 000,002,560 | ---- | M] (Microsoft Corporation)
64bit-"NSI" -> C:\Windows\SysNative\nsi.dll -> [2009/07/14 03:41:53 | 000,013,824 | ---- | M] (Microsoft Corporation)
64bit-"ole32" -> C:\Windows\SysNative\ole32.dll -> [2009/07/14 03:41:53 | 002,084,352 | ---- | M] (Microsoft Corporation)
64bit-"OLEAUT32" -> C:\Windows\SysNative\oleaut32.dll -> [2009/07/14 03:41:53 | 000,861,184 | ---- | M] (Microsoft Corporation)
64bit-"PSAPI" -> C:\Windows\SysNative\psapi.dll -> [2009/07/14 03:41:53 | 000,009,216 | ---- | M] (Microsoft Corporation)
64bit-"rpcrt4" -> C:\Windows\SysNative\rpcrt4.dll -> [2009/07/14 03:41:53 | 001,221,632 | ---- | M] (Microsoft Corporation)
64bit-"sechost" -> C:\Windows\SysNative\sechost.dll -> [2009/07/14 03:41:53 | 000,113,664 | ---- | M] (Microsoft Corporation)
64bit-"Setupapi" -> C:\Windows\SysNative\setupapi.dll -> [2009/07/14 03:41:54 | 001,899,520 | ---- | M] (Microsoft Corporation)
64bit-"SHELL32" -> C:\Windows\SysNative\shell32.dll -> [2010/02/18 10:07:44 | 014,163,456 | ---- | M] (Microsoft Corporation)
64bit-"SHLWAPI" -> C:\Windows\SysNative\shlwapi.dll -> [2009/07/14 03:41:54 | 000,449,536 | ---- | M] (Microsoft Corporation)
64bit-"URLMON" -> C:\Windows\SysNative\urlmon.dll -> [2010/05/06 15:02:38 | 001,493,504 | ---- | M] (Microsoft Corporation)
64bit-"user32" -> C:\Windows\SysNative\user32.dll -> [2009/07/14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation)
64bit-"USP10" -> C:\Windows\SysNative\usp10.dll -> [2009/07/14 03:41:56 | 000,801,280 | ---- | M] (Microsoft Corporation)
64bit-"WININET" -> C:\Windows\SysNative\wininet.dll -> [2010/05/21 07:52:30 | 001,192,960 | ---- | M] (Microsoft Corporation)
64bit-"WLDAP32" -> C:\Windows\SysNative\Wldap32.dll -> [2009/07/14 03:41:56 | 000,311,808 | ---- | M] (Microsoft Corporation)
64bit-"WS2_32" -> C:\Windows\SysNative\ws2_32.dll -> [2009/07/14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation)
"advapi32" -> C:\Windows\SysWow64\advapi32.dll -> [2009/07/14 03:14:53 | 000,640,000 | ---- | M] (Microsoft Corporation)
"clbcatq" -> C:\Windows\SysWow64\clbcatq.dll -> [2009/07/14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation)
"COMDLG32" -> C:\Windows\SysWow64\comdlg32.dll -> [2009/07/14 03:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation)
"DifxApi" -> C:\Windows\SysWow64\difxapi.dll -> [2009/07/14 03:15:11 | 000,315,904 | ---- | M] (Microsoft Corporation)
"DllDirectory" -> C:\Windows\SysWOW64 -> [2010/06/18 19:26:27 | 000,000,000 | ---D | M]
"DllDirectory32" -> C:\Windows\SysWOW64 -> [2010/06/18 19:26:27 | 000,000,000 | ---D | M]
"gdi32" -> C:\Windows\SysWow64\gdi32.dll -> [2009/07/14 03:11:21 | 000,310,784 | ---- | M] (Microsoft Corporation)
"IERTUTIL" -> C:\Windows\SysWow64\iertutil.dll -> [2009/07/14 03:15:28 | 002,058,240 | ---- | M] (Microsoft Corporation)
"IMAGEHLP" -> C:\Windows\SysWow64\imagehlp.dll -> [2009/07/14 03:15:31 | 000,154,624 | ---- | M] (Microsoft Corporation)
"IMM32" -> C:\Windows\SysWow64\imm32.dll -> [2009/07/14 03:11:21 | 000,119,808 | ---- | M] (Microsoft Corporation)
"kernel32" -> C:\Windows\SysWow64\kernel32.dll -> [2009/07/14 03:11:23 | 000,836,608 | ---- | M] (Microsoft Corporation)
"LPK" -> C:\Windows\SysWow64\lpk.dll -> [2009/07/14 03:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation)
"MSCTF" -> C:\Windows\SysWow64\msctf.dll -> [2009/07/14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation)
"MSVCRT" -> C:\Windows\SysWow64\msvcrt.dll -> [2009/07/14 03:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation)
"NORMALIZ" -> C:\Windows\SysWow64\normaliz.dll -> [2009/07/14 03:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation)
"NSI" -> C:\Windows\SysWow64\nsi.dll -> [2009/07/14 03:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation)
"ole32" -> C:\Windows\SysWow64\ole32.dll -> [2009/07/14 03:16:12 | 001,412,608 | ---- | M] (Microsoft Corporation)
"OLEAUT32" -> C:\Windows\SysWow64\oleaut32.dll -> [2009/07/14 03:16:12 | 000,571,904 | ---- | M] (Microsoft Corporation)
"PSAPI" -> C:\Windows\SysWow64\psapi.dll -> [2009/07/14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation)
"rpcrt4" -> C:\Windows\SysWow64\rpcrt4.dll -> [2009/07/14 03:11:23 | 000,662,528 | ---- | M] (Microsoft Corporation)
"sechost" -> C:\Windows\SysWow64\sechost.dll -> [2009/07/14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation)
"Setupapi" -> C:\Windows\SysWow64\setupapi.dll -> [2009/07/14 03:16:14 | 001,668,608 | ---- | M] (Microsoft Corporation)
"SHELL32" -> C:\Windows\SysWow64\shell32.dll -> [2010/02/18 09:34:01 | 012,867,072 | ---- | M] (Microsoft Corporation)
"SHLWAPI" -> C:\Windows\SysWow64\shlwapi.dll -> [2009/07/14 03:16:14 | 000,350,208 | ---- | M] (Microsoft Corporation)
"URLMON" -> C:\Windows\SysWow64\urlmon.dll -> [2010/05/06 14:42:05 | 001,225,216 | ---- | M] (Microsoft Corporation)
"user32" -> C:\Windows\SysWow64\user32.dll -> [2009/07/14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation)
"USP10" -> C:\Windows\SysWow64\usp10.dll -> [2009/07/14 03:16:17 | 000,627,200 | ---- | M] (Microsoft Corporation)
"WININET" -> C:\Windows\SysWow64\wininet.dll -> [2010/05/21 07:18:06 | 000,977,920 | ---- | M] (Microsoft Corporation)
"WLDAP32" -> C:\Windows\SysWow64\Wldap32.dll -> [2009/07/14 03:16:19 | 000,268,800 | ---- | M] (Microsoft Corporation)
"WS2_32" -> C:\Windows\SysWow64\ws2_32.dll -> [2009/07/14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation)
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command -> 
64bit-batfile [open] -> "%1" %* -> File not found
64bit-cmdfile [open] -> "%1" %* -> File not found
64bit-comfile [open] -> "%1" %* -> File not found
64bit-exefile [open] -> "%1" %* -> File not found
64bit-htmlfile [edit] -> "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 -> [2008/11/10 11:50:30 | 000,068,472 | ---- | M] (Microsoft Corporation)
64bit-htmlfile [print] -> "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 -> [2008/11/10 11:50:30 | 000,068,472 | ---- | M] (Microsoft Corporation)
64bit-inffile [install] -> %SystemRoot%\System32\InfDefaultInstall.exe "%1" -> [2009/07/14 03:39:13 | 000,010,240 | ---- | M] (Microsoft Corporation)
64bit-InternetShortcut [print] -> "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" -> [2010/05/06 14:41:53 | 005,970,944 | ---- | M] (Microsoft Corporation)
64bit-piffile [open] -> "%1" %* -> File not found
64bit-scrfile [config] -> "%1" -> File not found
64bit-scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l -> [2009/07/14 03:38:51 | 000,130,048 | ---- | M] (Microsoft Corporation)
64bit-scrfile [open] -> "%1" /S -> File not found
64bit-Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 -> File not found
64bit-Directory [AddToPlaylistVLC] -> "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" -> [2010/01/31 00:27:38 | 000,141,061 | ---- | M] ()
64bit-Directory [cmd] -> cmd.exe /s /k pushd "%V" -> [2009/07/14 03:39:01 | 000,344,576 | ---- | M] (Microsoft Corporation)
64bit-Directory [find] -> %SystemRoot%\Explorer.exe -> [2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation)
64bit-Directory [OneNote.Open] -> C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" -> [2009/02/26 15:24:50 | 001,001,840 | ---- | M] (Microsoft Corporation)
64bit-Directory [PlayWithVLC] -> "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" -> [2010/01/31 00:27:38 | 000,141,061 | ---- | M] ()
64bit-Folder [open] -> %SystemRoot%\Explorer.exe -> [2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation)
64bit-Drive [find] -> %SystemRoot%\Explorer.exe -> [2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation)
batfile [open] -> "%1" %* -> 
cmdfile [open] -> "%1" %* -> 
comfile [open] -> "%1" %* -> 
cplfile [cplopen] -> %SystemRoot%\System32\control.exe "%1",%* -> [2009/07/14 03:14:15 | 000,113,152 | ---- | M] (Microsoft Corporation)
exefile [open] -> "%1" %* -> 
htmlfile [edit] -> "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 -> [2008/11/10 11:50:30 | 000,068,472 | ---- | M] (Microsoft Corporation)
htmlfile [print] -> "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 -> [2008/11/10 11:50:30 | 000,068,472 | ---- | M] (Microsoft Corporation)
inffile [install] -> %SystemRoot%\System32\InfDefaultInstall.exe "%1" -> [2009/07/14 03:14:21 | 000,009,216 | ---- | M] (Microsoft Corporation)
InternetShortcut [print] -> "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" -> [2010/05/06 14:41:53 | 005,970,944 | ---- | M] (Microsoft Corporation)
piffile [open] -> "%1" %* -> 
scrfile [config] -> "%1" -> 
scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l -> [2009/07/14 03:14:08 | 000,128,000 | ---- | M] (Microsoft Corporation)
scrfile [open] -> "%1" /S -> 
Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 -> 
Directory [AddToPlaylistVLC] -> "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" -> [2010/01/31 00:27:38 | 000,141,061 | ---- | M] ()
Directory [cmd] -> cmd.exe /s /k pushd "%V" -> [2009/07/14 03:14:15 | 000,301,568 | ---- | M] (Microsoft Corporation)
Directory [find] -> %SystemRoot%\Explorer.exe -> [2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation)
Directory [OneNote.Open] -> C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" -> [2009/02/26 15:24:50 | 001,001,840 | ---- | M] (Microsoft Corporation)
Directory [PlayWithVLC] -> "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" -> [2010/01/31 00:27:38 | 000,141,061 | ---- | M] ()
Folder [open] -> %SystemRoot%\Explorer.exe -> [2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation)
Drive [find] -> %SystemRoot%\Explorer.exe -> [2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation)
< Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ -> 
64bit-NameSpace_Catalog5\Catalog_Entries\000000000007 [mdnsNSP] -> C:\Program Files (x86)\Bonjour\mdnsNSP.dll -> [2010/04/08 13:20:00 | 000,152,864 | ---- | M] (Apple Inc.)
NameSpace_Catalog5\Catalog_Entries\000000000007 [mdnsNSP] -> C:\Program Files (x86)\Bonjour\mdnsNSP.dll -> [2010/04/08 13:20:00 | 000,152,864 | ---- | M] (Apple Inc.)
< Default Protocols [HKEY_LOCAL_MACHINE\] - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> 
ldap -> 4 = Restricted sites (Not a Default Protocol) -> 
news -> 4 = Restricted sites (Not a Default Protocol) -> 
nntp -> 4 = Restricted sites (Not a Default Protocol) -> 
oecmd -> 4 = Restricted sites (Not a Default Protocol) -> 
snews -> 4 = Restricted sites (Not a Default Protocol) -> 
< Default Protocols [HKEY_USERS\S-1-5-19\] - Select to Repair > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> 
@ivt -> @ivt protocol not assigned -> 
file -> file protocol not assigned -> 
ftp -> ftp protocol not assigned -> 
http -> http protocol not assigned -> 
https -> https protocol not assigned -> 
shell -> shell protocol not assigned -> 
< Default Protocols [HKEY_USERS\S-1-5-20\] - Select to Repair > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> 
@ivt -> @ivt protocol not assigned -> 
file -> file protocol not assigned -> 
ftp -> ftp protocol not assigned -> 
http -> http protocol not assigned -> 
https -> https protocol not assigned -> 
shell -> shell protocol not assigned -> 
< 64bit-Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> 
{071c9b48-7c32-4621-a0ac-3f809523288f} -> Microsoft Visual C++ 2005 Redistributable (x64)
{350AA351-21FA-3270-8B7A-835434E766AD} -> Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
{3D3E663D-4E7E-4577-A560-7ECDDD45548A} -> PVSonyDll
{404BB1FF-A84F-432F-B77B-301E88E8D1C7} -> Apple Mobile Device Support
{47DEB25D-4FA2-4894-8A0D-FE944C47326E} -> Microsoft Baseline Security Analyzer 2.1
{8220EEFE-38CD-377E-8595-13398D740ACE} -> Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
{90120000-002A-0000-1000-0000000FF1CE} -> Microsoft Office Office 64-bit Components 2007
{90120000-002A-0409-1000-0000000FF1CE} -> Microsoft Office Shared 64-bit MUI (English) 2007
{90120000-002A-040C-1000-0000000FF1CE} -> Microsoft Office Shared 64-bit MUI (French) 2007
{90120000-0116-0409-1000-0000000FF1CE} -> Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E} -> Intel® Matrix Storage Manager
{95120000-00B9-0409-1000-0000000FF1CE} -> Microsoft Application Error Reporting
{96D5EB02-DE18-4DCD-A713-929B4461CA8D} -> iTunes
{B6E3757B-5E77-3915-866A-CCFC4B8D194C} -> Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
{C19D4D8F-4433-4F6D-9F0C-79589FD0B973} -> Bonjour
{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA} -> SUPERAntiSpyware
{EE936C7A-EA40-31D5-9B65-8E3E089C3828} -> Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
BC15EA930074932BB2C4B4493C9FD4EA95087D1A -> Package de pilotes Windows - Nokia pccsmcfd  (10/12/2007 6.85.4.0)
EPSON Printer and Utilities -> EPSON Logiciel imprimante
LockHunter_is1 -> LockHunter version 1.0 beta 3, 64 bit edition
NVIDIA Display Control Panel -> NVIDIA Display Control Panel
NVIDIA Drivers -> NVIDIA Drivers
SAMSUNG Mobile Composite Device -> SAMSUNG Mobile Composite Device Software
SAMSUNG Mobile Modem -> SAMSUNG Mobile Modem Driver Set
Samsung Mobile Modem Device -> Samsung Mobile Modem Device Software
Samsung Mobile phone USB driver -> Samsung Mobile phone USB driver Software
Samsung Mobile phone USB driver Drive -> Samsung Mobile phone USB driver Drive Software
SAMSUNG Mobile USB Modem -> SAMSUNG Mobile USB Modem Software
SAMSUNG Mobile USB Modem 1.0 -> SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG USB Mobile Device -> SAMSUNG USB Mobile Device Software
WinRAR archiver -> Logiciel d'archivage WinRAR
< Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> 
{0214A441-A4AB-43A8-8DEF-2F73C5364673} -> Microsoft Works
{0638268c-b727-4f78-a92b-a4f68176e670} -> Nero 9 Essentials
{0E3C6700-B0FB-4508-A4B0-51EF626D6D60}_is1 -> Mah Jong Adventures
{15D967B5-A4BE-42AE-9E84-64CD062B25AA} -> eSobi v2
{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
{20400dbd-e6db-45b8-9b6b-1dd7033818ec} -> Nero InfoTool Help
{205C6BDD-7B73-42DE-8505-9A093F35A238} -> Outil de téléchargement Windows Live
{2075CB0A-D26F-4DAA-B424-5079296B43BA} -> Windows Live FolderShare
{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} -> MSVCRT
{2348b586-c9ae-46ce-936c-a68e9426e214} -> Nero StartSmart Help
{2637C347-9DAD-11D6-9EA2-00055D0CA761} -> Acer Arcade Deluxe
{266517E6-D866-439D-919C-B8B1A52E6080} -> OpenOffice.org 3.2
{26A24AE4-039D-4CA4-87B4-2F83216020FF} -> Java(TM) 6 Update 20
{287ECFA4-719A-2143-A09B-D6A12DE54E40} -> Acrobat.com
{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD} -> QuickTime
{30075A70-B5D2-440B-AFA3-FB2021740121} -> Backup Manager Advance
{338F08AB-C262-42C7-B000-34DE1A475273} -> Ad-Aware Email Scanner for Outlook
{33cf58f5-48d8-4575-83d6-96f574e4d83a} -> Nero DriveSpeed
{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF} -> JMicron JMB36X Driver
{3B4E636E-9D65-4D67-BA61-189800823F52} -> Windows Live Communications Platform
{3F262ADC-5AD2-48E5-A586-44315E04A9E9} -> Microsoft Album photo 10
{42756145-9997-4D28-809B-8756BFD00109} -> Microsoft Photo Pro 10
{4634B21A-CC07-4396-890C-2B8168661FEA} -> Windows Live Writer
{46ABBC54-1872-4AA3-95E2-F2C063A63F31} -> Installation Windows Live
{4A03706F-666A-4037-7777-5F2748764D10} -> Java Auto Updater
{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA} -> Nero StartSmart OEM
{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
{53B20C18-D8D4-4588-8737-9BBFE303C354} -> Windows Live Movie Maker
{54194F60-988C-4D03-B922-C2B00EFDA39A} -> NVIDIA PhysX
{553255F3-78FD-40F1-A6F8-6882140265FE} -> Apple Application Support
{56C049BE-79E9-4502-BEA7-9754A3E60F9B} -> neroxml
{595a3116-40bb-4e0f-a2e8-d7951da56270} -> NeroExpress
{5DD76286-9BE7-4894-A990-E905E91AC818} -> Windows Live Mail
{67EDD823-135A-4D59-87BD-950616D6E857} -> EPSON Copy Utility 3
{68301905-2DEA-41CE-A4D4-E8B443B099BA} -> MyWinLocker
{7299052b-02a4-4627-81f2-1818da5d550d} -> Microsoft Visual C++ 2005 Redistributable
{770F1BEC-2871-4E70-B837-FB8525FFA3B1} -> Windows Live Messenger
{7748ac8c-18e3-43bb-959b-088faea16fb2} -> Nero StartSmart
{7B0A8F0E-3672-4DA5-9540-A8D0171C38D8} -> TuneUp Utilities Language Pack (fr-FR)
{7E84FAC8-C518-40F9-9807-7455301D6D25} -> SamsungConnectivityCableDriver
{7F811A54-5A09-4579-90E1-C93498E230D9} -> Acer eRecovery Management
{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593} -> Chicken Invaders 2
{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697} -> Granny In Paradise
{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477} -> Merriam Websters Spell Jam
{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477} -> Amazonia
{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767} -> Alice Greenfingers
{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380} -> Heroes of Hellas
{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110} -> Dream Day First Home
{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100} -> Dairy Dash
{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115208410} -> First Class Flurry
{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173} -> Farm Frenzy 2
{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} -> Windows Live Call
{83202942-84b3-4c50-8622-b8c0aa2d2885} -> Nero Express Help
{837b34e3-7c30-493c-8f6a-2b0f04e2912c} -> Microsoft Visual C++ 2005 Redistributable
{869200db-287a-4dc0-b02b-2b6787fbcd4c} -> Nero DiscSpeed
{89661B04-C646-4412-B6D3-5E19F02F1F37} -> EAX4 Unified Redist
{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} -> Microsoft Silverlight
{8C676E78-9169-43FB-9A56-415DF6DE50EE} -> Tetris 5000
{8DD0F820-3656-4AB3-A7F4-005CAA2D0897}_is1 -> RDesc 2.31
{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1 -> Acer GameZone Console
{90120000-0015-040C-0000-0000000FF1CE} -> Microsoft Office Access MUI (French) 2007
{90120000-0015-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-0016-0409-0000-0000000FF1CE} -> Microsoft Office Excel MUI (English) 2007
{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> 2007 Microsoft Office Suite Service Pack 2 (SP2)
{90120000-0016-040C-0000-0000000FF1CE} -> Microsoft Office Excel MUI (French) 2007
{90120000-0016-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-0017-040C-0000-0000000FF1CE} -> Microsoft Office SharePoint Designer MUI (French) 2007
{90120000-0017-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CCDA3DD6-E33D-4D75-B7C9-FF585580CE83} -> Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
{90120000-0018-0409-0000-0000000FF1CE} -> Microsoft Office PowerPoint MUI (English) 2007
{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> 2007 Microsoft Office Suite Service Pack 2 (SP2)
{90120000-0018-040C-0000-0000000FF1CE} -> Microsoft Office PowerPoint MUI (French) 2007
{90120000-0018-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-0019-040C-0000-0000000FF1CE} -> Microsoft Office Publisher MUI (French) 2007
{90120000-0019-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-001A-040C-0000-0000000FF1CE} -> Microsoft Office Outlook MUI (French) 2007
{90120000-001A-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-001B-0409-0000-0000000FF1CE} -> Microsoft Office Word MUI (English) 2007
{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> 2007 Microsoft Office Suite Service Pack 2 (SP2)
{90120000-001B-040C-0000-0000000FF1CE} -> Microsoft Office Word MUI (French) 2007
{90120000-001B-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-001F-0401-0000-0000000FF1CE} -> Microsoft Office Proof (Arabic) 2007
{90120000-001F-0401-0000-0000000FF1CE}_OMUI.fr-fr_{14809F99-C601-4D4A-9391-F1E8FAA964C5} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
{90120000-001F-0407-0000-0000000FF1CE} -> Microsoft Office Proof (German) 2007
{90120000-001F-0407-0000-0000000FF1CE}_OMUI.fr-fr_{A0516415-ED61-419A-981D-93596DA74165} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
{90120000-001F-0409-0000-0000000FF1CE} -> Microsoft Office Proof (English) 2007
{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045} -> 2007 Microsoft Office Suite Service Pack 2 (SP2)
{90120000-001F-040C-0000-0000000FF1CE} -> Microsoft Office Proof (French) 2007
{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787} -> 2007 Microsoft Office Suite Service Pack 2 (SP2)
{90120000-001F-0413-0000-0000000FF1CE} -> Microsoft Office Proof (Dutch) 2007
{90120000-001F-0413-0000-0000000FF1CE}_OMUI.fr-fr_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
{90120000-001F-0C0A-0000-0000000FF1CE} -> Microsoft Office Proof (Spanish) 2007
{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9} -> 2007 Microsoft Office Suite Service Pack 2 (SP2)
{90120000-0020-040C-0000-0000000FF1CE} -> Module de compatibilité pour Microsoft Office System 2007
{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192} -> 2007 Microsoft Office Suite Service Pack 2 (SP2)
{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E} -> 2007 Microsoft Office Suite Service Pack 2 (SP2)
{90120000-002A-040C-1000-0000000FF1CE}_OMUI.fr-fr_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-002C-0409-0000-0000000FF1CE} -> Microsoft Office Proofing (English) 2007
{90120000-002C-040C-0000-0000000FF1CE} -> Microsoft Office Proofing (French) 2007
{90120000-0044-040C-0000-0000000FF1CE} -> Microsoft Office InfoPath MUI (French) 2007
{90120000-0044-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-006E-0409-0000-0000000FF1CE} -> Microsoft Office Shared MUI (English) 2007
{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E} -> 2007 Microsoft Office Suite Service Pack 2 (SP2)
{90120000-006E-040C-0000-0000000FF1CE} -> Microsoft Office Shared MUI (French) 2007
{90120000-006E-040C-0000-0000000FF1CE}_OMUI.fr-fr_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-00A1-0409-0000-0000000FF1CE} -> Microsoft Office OneNote MUI (English) 2007
{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> 2007 Microsoft Office Suite Service Pack 2 (SP2)
{90120000-00A1-040C-0000-0000000FF1CE} -> Microsoft Office OneNote MUI (French) 2007
{90120000-00A1-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-00BA-040C-0000-0000000FF1CE} -> Microsoft Office Groove MUI (French) 2007
{90120000-00BA-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-0100-040C-0000-0000000FF1CE} -> Microsoft Office O MUI (French) 2007
{90120000-0100-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-0101-040C-0000-0000000FF1CE} -> Microsoft Office X MUI (French) 2007
{90120000-0101-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-0115-0409-0000-0000000FF1CE} -> Microsoft Office Shared Setup Metadata MUI (English) 2007
{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E} -> 2007 Microsoft Office Suite Service Pack 2 (SP2)
{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E} -> 2007 Microsoft Office Suite Service Pack 2 (SP2)
{91120000-002F-0000-0000-0000000FF1CE} -> Microsoft Office Home and Student 2007
{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} -> Microsoft Office 2007 Service Pack 2 (SP2)
{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF} -> Security Update for Microsoft Office system 2007 (972581)
{95120000-00AF-040C-0000-0000000FF1CE} -> Microsoft Office PowerPoint Viewer 2007 (French)
{97C82B44-D408-4F14-9252-47FC1636D23E}_is1 -> IZArc 4.1
{9A25302D-30C0-39D9-BD6F-21E6EC160475} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
{9F7FC79B-3059-4264-9450-39EB368E3225} -> Microsoft Digital Image Library 9 - Blocker
{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D} -> ImagXpress
{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} -> Google Update Helper
{AC599724-5755-48C1-ABE7-ABB857652930} -> PC Connectivity Solution
{AC76BA86-7AD7-1033-7B44-A93000000001} -> Adobe Reader 9.3.2
{AF7E85DC-317C-47F5-810E-B82EE093A612} -> Samsung New PC Studio USB Driver Installer
{B131E59D-202C-43C6-84C9-68F0C37541F1} -> Galerie de photos Windows Live
{B194272D-1F92-46DF-99EB-8D5CE91CB4EC} -> Adobe AIR
{b2ec4a38-b545-4a00-8214-13fe0e915e6d} -> Advertising Center
{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 -> Spybot - Search & Destroy
{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a} -> Nero ControlCenter
{C2F1F96A-057E-5819-B52E-FEA1D1D2933B} -> Acronis True Image Home
{C41300B9-185D-475E-BFEC-39EF732F19B1} -> Apple Software Update
{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} -> Microsoft .NET Framework 1.1
{cc019e3f-59d2-4486-8d4b-878105b62a71} -> Nero DiscSpeed Help
{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} -> TuneUp Utilities
{D433ABC3-0CD8-4BB0-B6A9-84501B4B47B7} -> ArcSoft PhotoImpression 5
{dba84796-8503-4ff0-af57-1747dd9a166d} -> Nero Online Upgrade
{DCE8CD14-FBF5-4464-B9A4-E18E473546C7} -> Assistant de connexion Windows Live
{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF} -> Ad-Aware
{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1 -> Auslogics Disk Defrag
{E2DFE069-083E-4631-9B6C-43C48E991DE5} -> Junk Mail filter update
{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E} -> Microsoft Office Suite Activation Assistant
{e5c7d048-f9b4-4219-b323-8bdb01a2563d} -> Nero DriveSpeed Help
{e8a80433-302b-4ff1-815d-fcc8eac482ff} -> Nero Installer
{EE171732-BEB4-4576-887D-CB62727F01CA} -> Acer Updater
{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} -> Microsoft SQL Server 2005 Compact Edition [ENU]
{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} -> Microsoft Choice Guard
{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} -> Realtek High Definition Audio Driver
{F193FC0E-9E18-40FC-A974-509A1BDD240A} -> Samsung New PC Studio
{F19D07BC-6240-49D3-BA5C-59B015DF8916} -> EPSON Easy Photo Print
{F333A33D-125C-32A2-8DCE-5C5D14231E27} -> Visual C++ 2008 x86 Runtime - (v9.0.30729)
{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01 -> Visual C++ 2008 x86 Runtime - v9.0.30729.01
{f4041dce-3fe1-4e18-8a9e-9de65231ee36} -> Nero ControlCenter
{F7B0939E-58DF-11DF-B3A6-005056806466} -> Google Earth
{fbcdfd61-7dcf-4e71-9226-873ba0053139} -> Nero InfoTool
7-Zip -> 7-Zip 4.65
Acer Registration -> Acer Registration
Acer Screensaver -> Acer ScreenSaver
Acer Welcome Center -> Welcome Center
Ad-Aware -> Ad-Aware
Adobe AIR -> Adobe AIR
Adobe Flash Player ActiveX -> Adobe Flash Player 10 ActiveX
Adobe Flash Player Plugin -> Adobe Flash Player 10 Plugin
a-squared Free_is1 -> a-squared Free 4.5
Audacity_is1 -> Audacity 1.2.6
Avira AntiVir Desktop -> Avira AntiVir Personal - Free Antivirus
AVS DVD Copy_is1 -> AVS DVD Copy version 4.1.1
AVS Update Manager_is1 -> AVS Update Manager 1.0
AVS4YOU Software Navigator_is1 -> AVS4YOU Software Navigator 1.3
CCleaner -> CCleaner
EPSON Printer and Utilities -> EPSON Logiciel imprimante
EPSON Scanner -> EPSON Scan
Glary Utilities_is1 -> Glary Utilities 2.23.0.923
HOMESTUDENTR -> Microsoft Office Home and Student 2007
Hotkey Utility -> Hotkey Utility
Identity Card -> Identity Card
InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA} -> eSobi v2
InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761} -> Acer Arcade Deluxe
InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121} -> Acer Backup Manager
InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612} -> Samsung New PC Studio USB Driver Installer
InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A} -> Samsung New PC Studio
KC Softwares IDPhotoStudio_is1 -> KC Softwares IDPhotoStudio
Malwarebytes' Anti-Malware_is1 -> Malwarebytes' Anti-Malware
Mozilla Firefox (3.6.3) -> Mozilla Firefox (3.6.3)
Mozilla Thunderbird (3.0.4) -> Mozilla Thunderbird (3.0.4)
OMUI.fr-fr -> Microsoft Office Language Pack 2007 - French/Français
Orb -> Orb
PictureItSuite_v10 -> Microsoft Photo Pro Suite 10
PowerISO -> PowerISO
PunkBusterSvc -> PunkBuster Services
Pure Pinball 2.0 REDUX -> Pure Pinball 2.0 REDUX
RAR Repair Tool_is1 -> RAR Repair Tool v.4.0.1
S.T.A.L.K.E.R. - Shadow of Chernobyl_is1 -> S.T.A.L.K.E.R. - Shadow of Chernobyl
Secunia PSI -> Secunia PSI
ShalSoft.GigaTribe_is1 -> GigaTribe 3.01.001
TuneUp Utilities -> TuneUp Utilities
VLC media player -> VLC media player 1.0.5
WBFS Manager 3.0 -> WBFS Manager 3.0
WinLiveSuite_Wave3 -> Installation Windows Live
WinRAR archiver -> Logiciel d'archivage WinRAR
< Uninstall List [HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\] > -> HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> 
Capturino V2.11 -> Capturino V2.11
Vietcong 2 -> Vietcong 2
< EventViewer Logs - Last 10 Errors > -> Event Information -> Description
Application [ Error ] 05/06/2010 02:22:14 Computer Name = abraracourcix | Source = SideBySide | ID = 16842787 -> Description = La création du contexte d’activation a échoué pour « c:\program files (x86)\windows live\photo gallery\MovieMaker.Exe ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL » à la ligne 8.  L’identité de composant trouvé dans le manifeste ne correspond pas à celle du composant demandé.  La référence est WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".  La définition est WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".  Utilisez sxstrace.exe pour un diagnostic détaillé.
Application [ Error ] 05/06/2010 05:07:23 Computer Name = abraracourcix | Source = Application Error | ID = 1000 -> Description = Nom de l’application défaillante Game_full.exe, version : 0.0.0.0, horodatage : 0x41a19ee4  Nom du module défaillant : cgD3D9.dll, version : 1.1.307.700, horodatage : 0x3f09c46c  Code d’exception : 0xc0000005  Décalage d’erreur : 0x000059e9  ID du processus défaillant : 0x1658  Heure de début de l’application défaillante : 0x01cb048e1bbec824  Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Tetris 5000\Game_full.exe  Chemin d’accès du module défaillant: C:\Program Files (x86)\Tetris 5000\cgD3D9.dll  ID de rapport : c05b8002-7081-11df-a0b8-90fba62d1373
Application [ Error ] 05/06/2010 07:45:31 Computer Name = abraracourcix | Source = MsiInstaller | ID = 10005 -> Description = 
Application [ Error ] 06/06/2010 04:10:59 Computer Name = abraracourcix | Source = SideBySide | ID = 16842815 -> Description = La création du contexte d’activation a échoué pour « c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll » à la ligne 3.  La valeur « MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR » de l’attribut « version » de l’élément « assemblyIdentity » n’est pas valide.
Application [ Error ] 06/06/2010 04:12:30 Computer Name = abraracourcix | Source = SideBySide | ID = 16842787 -> Description = La création du contexte d’activation a échoué pour « c:\program files (x86)\windows live\photo gallery\MovieMaker.Exe ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL » à la ligne 8.  L’identité de composant trouvé dans le manifeste ne correspond pas à celle du composant demandé.  La référence est WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".  La définition est WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".  Utilisez sxstrace.exe pour un diagnostic détaillé.
Application [ Error ] 06/06/2010 15:12:04 Computer Name = abraracourcix | Source = Application Error | ID = 1000 -> Description = Nom de l’application défaillante Game_full.exe, version : 0.0.0.0, horodatage : 0x41a19ee4  Nom du module défaillant : cgD3D9.dll, version : 1.1.307.700, horodatage : 0x3f09c46c  Code d’exception : 0xc0000005  Décalage d’erreur : 0x000059e9  ID du processus défaillant : 0xfbc  Heure de début de l’application défaillante : 0x01cb05a8b4730c2a  Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Tetris 5000\Game_full.exe  Chemin d’accès du module défaillant: C:\Program Files (x86)\Tetris 5000\cgD3D9.dll  ID de rapport : 63f19d8c-719f-11df-bd2a-90fba62d1373
Application [ Error ] 07/06/2010 01:14:26 Computer Name = abraracourcix | Source = SideBySide | ID = 16842815 -> Description = La création du contexte d’activation a échoué pour « c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll » à la ligne 3.  La valeur « MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR » de l’attribut « version » de l’élément « assemblyIdentity » n’est pas valide.
Application [ Error ] 07/06/2010 01:15:09 Computer Name = abraracourcix | Source = SideBySide | ID = 16842787 -> Description = La création du contexte d’activation a échoué pour « c:\program files (x86)\windows live\photo gallery\MovieMaker.Exe ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL » à la ligne 8.  L’identité de composant trouvé dans le manifeste ne correspond pas à celle du composant demandé.  La référence est WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".  La définition est WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".  Utilisez sxstrace.exe pour un diagnostic détaillé.
Application [ Error ] 07/06/2010 18:31:01 Computer Name = abraracourcix | Source = SideBySide | ID = 16842815 -> Description = La création du contexte d’activation a échoué pour « c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll » à la ligne 3.  La valeur « MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR » de l’attribut « version » de l’élément « assemblyIdentity » n’est pas valide.
Application [ Error ] 07/06/2010 18:31:44 Computer Name = abraracourcix | Source = SideBySide | ID = 16842787 -> Description = La création du contexte d’activation a échoué pour « c:\program files (x86)\windows live\photo gallery\MovieMaker.Exe ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL » à la ligne 8.  L’identité de composant trouvé dans le manifeste ne correspond pas à celle du composant demandé.  La référence est WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".  La définition est WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".  Utilisez sxstrace.exe pour un diagnostic détaillé.
Media Center [ Error ] 04/03/2010 08:01:52 Computer Name = abraracourcix | Source = MCUpdate | ID = 0 -> Description = 13:01:52 - Erreur de connexion à Internet.  13:01:52 -     Impossible de contacter le service..  
Media Center [ Error ] 04/03/2010 08:02:00 Computer Name = abraracourcix | Source = MCUpdate | ID = 0 -> Description = 13:01:58 - Erreur de connexion à Internet.  13:01:58 -     Impossible de contacter le service..  
Media Center [ Error ] 04/03/2010 09:02:33 Computer Name = abraracourcix | Source = MCUpdate | ID = 0 -> Description = 14:02:33 - Erreur de connexion à Internet.  14:02:33 -     Impossible de contacter le service..  
Media Center [ Error ] 04/03/2010 09:02:38 Computer Name = abraracourcix | Source = MCUpdate | ID = 0 -> Description = 14:02:38 - Erreur de connexion à Internet.  14:02:38 -     Impossible de contacter le service..  
Media Center [ Error ] 04/03/2010 10:03:10 Computer Name = abraracourcix | Source = MCUpdate | ID = 0 -> Description = 15:03:10 - Erreur de connexion à Internet.  15:03:10 -     Impossible de contacter le service..  
Media Center [ Error ] 04/03/2010 10:03:16 Computer Name = abraracourcix | Source = MCUpdate | ID = 0 -> Description = 15:03:15 - Erreur de connexion à Internet.  15:03:15 -     Impossible de contacter le service..  
Media Center [ Error ] 04/03/2010 11:05:46 Computer Name = abraracourcix | Source = MCUpdate | ID = 0 -> Description = 16:05:46 - Erreur de connexion à Internet.  16:05:46 -     Impossible de contacter le service..  
Media Center [ Error ] 04/03/2010 11:05:52 Computer Name = abraracourcix | Source = MCUpdate | ID = 0 -> Description = 16:05:51 - Erreur de connexion à Internet.  16:05:51 -     Impossible de contacter le service..  
System [ Error ] 15/06/2010 06:36:10 Computer Name = abraracourcix | Source = Service Control Manager | ID = 7001 -> Description = Le service Explorateur d’ordinateurs dépend du service Serveur qui n’a pas pu démarrer en raison de l’erreur :   %%1068
System [ Error ] 15/06/2010 06:36:10 Computer Name = abraracourcix | Source = Service Control Manager | ID = 7001 -> Description = Le service Explorateur d’ordinateurs dépend du service Serveur qui n’a pas pu démarrer en raison de l’erreur :   %%1068
System [ Error ] 15/06/2010 06:36:10 Computer Name = abraracourcix | Source = Service Control Manager | ID = 7001 -> Description = Le service Explorateur d’ordinateurs dépend du service Serveur qui n’a pas pu démarrer en raison de l’erreur :   %%1068
System [ Error ] 15/06/2010 06:36:10 Computer Name = abraracourcix | Source = Service Control Manager | ID = 7001 -> Description = Le service Explorateur d’ordinateurs dépend du service Serveur qui n’a pas pu démarrer en raison de l’erreur :   %%1068
System [ Error ] 15/06/2010 06:36:10 Computer Name = abraracourcix | Source = Service Control Manager | ID = 7001 -> Description = Le service Explorateur d’ordinateurs dépend du service Serveur qui n’a pas pu démarrer en raison de l’erreur :   %%1068
System [ Error ] 15/06/2010 06:36:22 Computer Name = abraracourcix | Source = Service Control Manager | ID = 7001 -> Description = Le service Explorateur d’ordinateurs dépend du service Serveur qui n’a pas pu démarrer en raison de l’erreur :   %%1068
System [ Error ] 15/06/2010 06:36:22 Computer Name = abraracourcix | Source = Service Control Manager | ID = 7001 -> Description = Le service Explorateur d’ordinateurs dépend du service Serveur qui n’a pas pu démarrer en raison de l’erreur :   %%1068
System [ Error ] 15/06/2010 06:36:22 Computer Name = abraracourcix | Source = Service Control Manager | ID = 7001 -> Description = Le service Explorateur d’ordinateurs dépend du service Serveur qui n’a pas pu démarrer en raison de l’erreur :   %%1068
System [ Error ] 15/06/2010 06:38:29 Computer Name = abraracourcix | Source = Application Popup | ID = 1060 -> Description = Le chargement de \SystemRoot\SysWow64\drivers\pfc.sys a été bloqué en raison d’une incompatibilité avec ce système. Contactez l’éditeur de votre logiciel pour obtenir une version compatible du pilote.
System [ Error ] 15/06/2010 15:01:41 Computer Name = abraracourcix | Source = RasSstp | ID = 1 -> Description = 

[Files/Folders - Created Within 60 Days]
OTS.exe -> C:\Users\patrick\Desktop\OTS.exe -> [2010/06/19 13:19:32 | 000,640,000 | ---- | C] (OldTimer Tools)
avgntflt.sys -> C:\Windows\SysNative\drivers\avgntflt.sys -> [2010/06/18 19:39:17 | 000,074,880 | ---- | C] (Avira GmbH)
ssmdrv.sys -> C:\Windows\SysWow64\drivers\ssmdrv.sys -> [2010/06/18 19:39:17 | 000,028,376 | ---- | C] (Avira GmbH)
Avira -> C:\ProgramData\Avira -> [2010/06/18 19:39:16 | 000,000,000 | ---D | C]
Avira -> C:\Program Files (x86)\Avira -> [2010/06/18 19:39:16 | 000,000,000 | ---D | C]
Ad-Remover -> C:\Program Files (x86)\Ad-Remover -> [2010/06/18 12:35:16 | 000,000,000 | ---D | C]
Rar Repair Tool -> C:\Program Files (x86)\Rar Repair Tool -> [2010/06/16 20:22:37 | 000,000,000 | ---D | C]
DAEMON Tools Lite -> C:\Users\patrick\AppData\Roaming\DAEMON Tools Lite -> [2010/06/16 12:52:26 | 000,000,000 | ---D | C]
DAEMON Tools Lite -> C:\ProgramData\DAEMON Tools Lite -> [2010/06/16 12:52:24 | 000,000,000 | ---D | C]
WinRAR -> C:\Program Files (x86)\WinRAR -> [2010/06/14 11:47:14 | 000,000,000 | ---D | C]
7-Zip -> C:\Program Files (x86)\7-Zip -> [2010/06/13 21:10:16 | 000,000,000 | ---D | C]
JRE -> C:\Program Files (x86)\JRE -> [2010/06/12 22:29:03 | 000,000,000 | ---D | C]
_OTM -> C:\_OTM -> [2010/06/12 07:50:12 | 000,000,000 | ---D | C]
Minidump -> C:\Windows\Minidump -> [2010/06/12 07:37:20 | 000,000,000 | ---D | C]
OTM.exe -> C:\Users\patrick\Desktop\OTM.exe -> [2010/06/12 07:33:37 | 000,518,656 | ---- | C] (OldTimer Tools)
mstime.dll -> C:\Windows\SysNative\mstime.dll -> [2010/06/10 15:23:49 | 001,026,048 | ---- | C] (Microsoft Corporation)
wininet.dll -> C:\Windows\SysNative\wininet.dll -> [2010/06/10 15:23:48 | 001,192,960 | ---- | C] (Microsoft Corporation)
wininet.dll -> C:\Windows\SysWow64\wininet.dll -> [2010/06/10 15:23:48 | 000,977,920 | ---- | C] (Microsoft Corporation)
mstime.dll -> C:\Windows\SysWow64\mstime.dll -> [2010/06/10 15:23:48 | 000,606,208 | ---- | C] (Microsoft Corporation)
iedkcs32.dll -> C:\Windows\SysNative\iedkcs32.dll -> [2010/06/10 15:23:48 | 000,445,952 | ---- | C] (Microsoft Corporation)
iedkcs32.dll -> C:\Windows\SysWow64\iedkcs32.dll -> [2010/06/10 15:23:48 | 000,381,440 | ---- | C] (Microsoft Corporation)
msfeedsbs.dll -> C:\Windows\SysNative\msfeedsbs.dll -> [2010/06/10 15:23:48 | 000,082,944 | ---- | C] (Microsoft Corporation)
msfeedsbs.dll -> C:\Windows\SysWow64\msfeedsbs.dll -> [2010/06/10 15:23:48 | 000,064,512 | ---- | C] (Microsoft Corporation)
jsproxy.dll -> C:\Windows\SysNative\jsproxy.dll -> [2010/06/10 15:23:47 | 000,064,512 | ---- | C] (Microsoft Corporation)
jsproxy.dll -> C:\Windows\SysWow64\jsproxy.dll -> [2010/06/10 15:23:47 | 000,048,128 | ---- | C] (Microsoft Corporation)
asycfilt.dll -> C:\Windows\SysNative\asycfilt.dll -> [2010/06/10 11:05:50 | 000,084,992 | ---- | C] (Microsoft Corporation)
asycfilt.dll -> C:\Windows\SysWow64\asycfilt.dll -> [2010/06/10 11:05:50 | 000,067,584 | ---- | C] (Microsoft Corporation)
atmfd.dll -> C:\Windows\SysNative\atmfd.dll -> [2010/06/10 09:43:21 | 000,366,080 | ---- | C] (Adobe Systems Incorporated)
atmfd.dll -> C:\Windows\SysWow64\atmfd.dll -> [2010/06/10 09:43:20 | 000,293,888 | ---- | C] (Adobe Systems Incorporated)
atmlib.dll -> C:\Windows\SysNative\atmlib.dll -> [2010/06/10 09:43:20 | 000,046,080 | ---- | C] (Adobe Systems)
atmlib.dll -> C:\Windows\SysWow64\atmlib.dll -> [2010/06/10 09:43:20 | 000,034,304 | ---- | C] (Adobe Systems)
Wat -> C:\Windows\SysWow64\Wat -> [2010/06/08 21:10:25 | 000,000,000 | ---D | C]
Wat -> C:\Windows\SysNative\Wat -> [2010/06/08 21:10:25 | 000,000,000 | ---D | C]
trend micro -> C:\Program Files (x86)\trend micro -> [2010/06/08 12:26:42 | 000,000,000 | ---D | C]
rsit -> C:\rsit -> [2010/06/08 12:26:42 | 000,000,000 | ---D | C]
Lbd.sys -> C:\Windows\SysNative\drivers\Lbd.sys -> [2010/06/06 11:15:35 | 000,069,152 | ---- | C] (Lavasoft AB)
THQ -> C:\Program Files (x86)\THQ -> [2010/06/05 16:00:16 | 000,000,000 | ---D | C]
STALKER-SHOC -> C:\Users\Public\Documents\STALKER-SHOC -> [2010/06/05 16:00:16 | 000,000,000 | ---D | C]
iTunes -> C:\Program Files\iTunes -> [2010/06/05 14:24:08 | 000,000,000 | ---D | C]
iTunes -> C:\Program Files (x86)\iTunes -> [2010/06/05 14:24:08 | 000,000,000 | ---D | C]
iPod -> C:\Program Files\iPod -> [2010/06/05 14:24:08 | 000,000,000 | ---D | C]
{93E26451-CD9A-43A5-A2FA-C42392EA4001} -> C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} -> [2010/06/05 14:24:08 | 000,000,000 | ---D | C]
Apple Software Update -> C:\Program Files (x86)\Apple Software Update -> [2010/06/05 14:23:29 | 000,000,000 | ---D | C]
Bonjour -> C:\Program Files\Bonjour -> [2010/06/05 14:23:03 | 000,000,000 | ---D | C]
Bonjour -> C:\Program Files (x86)\Bonjour -> [2010/06/05 14:23:03 | 000,000,000 | ---D | C]
QuickTime -> C:\Program Files (x86)\QuickTime -> [2010/06/05 13:09:00 | 000,000,000 | ---D | C]
Sun -> C:\ProgramData\Sun -> [2010/06/05 12:05:53 | 000,000,000 | ---D | C]
Java -> C:\Program Files (x86)\Common Files\Java -> [2010/06/05 12:05:53 | 000,000,000 | ---D | C]
deployJava1.dll -> C:\Windows\SysWow64\deployJava1.dll -> [2010/06/05 12:05:40 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.)
javaws.exe -> C:\Windows\SysWow64\javaws.exe -> [2010/06/05 12:05:40 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.)
javaw.exe -> C:\Windows\SysWow64\javaw.exe -> [2010/06/05 12:05:40 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.)
java.exe -> C:\Windows\SysWow64\java.exe -> [2010/06/05 12:05:40 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.)
SUPERAntiSpyware.com -> C:\Users\patrick\AppData\Roaming\SUPERAntiSpyware.com -> [2010/06/05 11:56:06 | 000,000,000 | ---D | C]
SUPERAntiSpyware.com -> C:\ProgramData\SUPERAntiSpyware.com -> [2010/06/05 11:56:06 | 000,000,000 | ---D | C]
SASCORE -> C:\ProgramData\SASCORE -> [2010/06/05 11:56:05 | 000,000,000 | ---D | C]
SUPERAntiSpyware -> C:\Program Files\SUPERAntiSpyware -> [2010/06/05 11:56:03 | 000,000,000 | ---D | C]
Secunia -> C:\Program Files (x86)\Secunia -> [2010/06/05 11:48:10 | 000,000,000 | ---D | C]
Tetris 5000 -> C:\Program Files (x86)\Tetris 5000 -> [2010/06/05 11:04:23 | 000,000,000 | ---D | C]
Steam -> C:\Program Files (x86)\Steam -> [2010/06/04 21:33:15 | 000,000,000 | ---D | C]
SecurityScans -> C:\Users\patrick\SecurityScans -> [2010/06/04 18:21:30 | 000,000,000 | ---D | C]
NortonInstaller -> C:\ProgramData\NortonInstaller -> [2010/06/04 18:20:57 | 000,000,000 | ---D | C]
Microsoft Baseline Security Analyzer 2 -> C:\Program Files\Microsoft Baseline Security Analyzer 2 -> [2010/06/04 18:20:44 | 000,000,000 | ---D | C]
Norton -> C:\ProgramData\Norton -> [2010/06/04 18:09:20 | 000,000,000 | ---D | C]
NPE -> C:\Users\patrick\AppData\Local\NPE -> [2010/06/04 18:09:18 | 000,000,000 | ---D | C]
unvise32.exe -> C:\Windows\unvise32.exe -> [2010/06/02 10:56:43 | 000,086,016 | ---- | C] (MindVision Software)
Pure Pinball 2.0 REDUX -> C:\Program Files (x86)\Pure Pinball 2.0 REDUX -> [2010/06/02 10:56:00 | 000,000,000 | ---D | C]
URTTEMP -> C:\Windows\SysWow64\URTTEMP -> [2010/06/02 10:50:06 | 000,000,000 | ---D | C]
SecuROM -> C:\Users\patrick\AppData\Roaming\SecuROM -> [2010/06/02 10:45:08 | 000,000,000 | RH-D | C]
LockHunter -> C:\Users\patrick\AppData\Roaming\LockHunter -> [2010/06/01 20:25:34 | 000,000,000 | ---D | C]
psi_mf.sys -> C:\Windows\SysNative\drivers\psi_mf.sys -> [2010/05/28 13:04:52 | 000,017,456 | ---- | C] (Secunia)
CmdLineExt_x64.dll -> C:\Windows\SysWow64\CmdLineExt_x64.dll -> [2010/05/26 17:23:00 | 000,178,800 | ---- | C] (Sony DADC Austria AG.)
My Games -> C:\Users\patrick\Documents\My Games -> [2010/05/26 09:35:53 | 000,000,000 | ---D | C]
RDesc -> C:\RDesc -> [2010/05/24 15:12:10 | 000,000,000 | ---D | C]
Downloads -> C:\Downloads -> [2010/05/20 17:27:16 | 000,000,000 | ---D | C]
zoug -> C:\Users\patrick\AppData\Local\zoug -> [2010/05/12 16:20:16 | 000,000,000 | ---D | C]
Malwarebytes -> C:\Users\patrick\AppData\Roaming\Malwarebytes -> [2010/05/02 11:22:22 | 000,000,000 | ---D | C]
mbamswissarmy.sys -> C:\Windows\SysWow64\drivers\mbamswissarmy.sys -> [2010/05/02 11:22:17 | 000,038,224 | ---- | C] (Malwarebytes Corporation)
mbam.sys -> C:\Windows\SysNative\drivers\mbam.sys -> [2010/05/02 11:22:16 | 000,024,664 | ---- | C] (Malwarebytes Corporation)
Malwarebytes' Anti-Malware -> C:\Program Files (x86)\Malwarebytes' Anti-Malware -> [2010/05/02 11:22:16 | 000,000,000 | ---D | C]
Malwarebytes -> C:\ProgramData\Malwarebytes -> [2010/05/02 11:22:16 | 000,000,000 | ---D | C]
TURegOpt.exe -> C:\Windows\SysNative\TURegOpt.exe -> [2010/04/30 17:34:08 | 000,034,632 | ---- | C] (TuneUp Software)
uxtuneup.dll -> C:\Windows\SysNative\uxtuneup.dll -> [2010/04/30 17:34:07 | 000,036,168 | ---- | C] (TuneUp Software)
uxtuneup.dll -> C:\Windows\SysWow64\uxtuneup.dll -> [2010/04/30 17:34:07 | 000,030,024 | ---- | C] (TuneUp Software)
authuitu.dll -> C:\Windows\SysNative\authuitu.dll -> [2010/04/30 17:34:07 | 000,025,928 | ---- | C] (TuneUp Software)
authuitu.dll -> C:\Windows\SysWow64\authuitu.dll -> [2010/04/30 17:34:07 | 000,021,320 | ---- | C] (TuneUp Software)
TuneUp Software -> C:\Users\patrick\AppData\Roaming\TuneUp Software -> [2010/04/30 17:33:53 | 000,000,000 | ---D | C]
TuneUp Utilities 2010 -> C:\Program Files (x86)\TuneUp Utilities 2010 -> [2010/04/30 17:33:44 | 000,000,000 | ---D | C]
TuneUp Software -> C:\ProgramData\TuneUp Software -> [2010/04/30 17:33:15 | 000,000,000 | ---D | C]
{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} -> C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} -> [2010/04/30 17:33:08 | 000,000,000 | -HSD | C]
BVRP Software -> C:\ProgramData\BVRP Software -> [2010/04/30 14:46:05 | 000,000,000 | ---D | C]
lsasrv.dll -> C:\Windows\SysNative\lsasrv.dll -> [2010/04/30 08:16:44 | 001,446,912 | ---- | C] (Microsoft Corporation)
ksecpkg.sys -> C:\Windows\SysNative\drivers\ksecpkg.sys -> [2010/04/30 08:16:44 | 000,153,160 | ---- | C] (Microsoft Corporation)
fvevol.sys -> C:\Windows\SysNative\drivers\fvevol.sys -> [2010/04/30 08:16:11 | 000,223,448 | ---- | C] (Microsoft Corporation)
SecuROM -> C:\ProgramData\SecuROM -> [2010/04/27 13:15:21 | 000,000,000 | -HSD | C]
4A Games -> C:\Users\patrick\AppData\Local\4A Games -> [2010/04/26 12:57:33 | 000,000,000 | ---D | C]
XAudio2_6.dll -> C:\Windows\SysNative\XAudio2_6.dll -> [2010/04/26 12:57:06 | 000,530,776 | ---- | C] (Microsoft Corporation)
XAudio2_6.dll -> C:\Windows\SysWow64\XAudio2_6.dll -> [2010/04/26 12:57:06 | 000,528,216 | ---- | C] (Microsoft Corporation)
xactengine3_6.dll -> C:\Windows\SysWow64\xactengine3_6.dll -> [2010/04/26 12:57:06 | 000,238,936 | ---- | C] (Microsoft Corporation)
xactengine3_6.dll -> C:\Windows\SysNative\xactengine3_6.dll -> [2010/04/26 12:57:06 | 000,176,984 | ---- | C] (Microsoft Corporation)
XAPOFX1_4.dll -> C:\Windows\SysNative\XAPOFX1_4.dll -> [2010/04/26 12:57:06 | 000,078,680 | ---- | C] (Microsoft Corporation)
XAPOFX1_4.dll -> C:\Windows\SysWow64\XAPOFX1_4.dll -> [2010/04/26 12:57:06 | 000,074,072 | ---- | C] (Microsoft Corporation)
X3DAudio1_7.dll -> C:\Windows\SysNative\X3DAudio1_7.dll -> [2010/04/26 12:57:06 | 000,024,920 | ---- | C] (Microsoft Corporation)
NVIDIA Corporation -> C:\Program Files (x86)\NVIDIA Corporation -> [2010/04/26 07:38:45 | 000,000,000 | ---D | C]
Wise Installation Wizard -> C:\Program Files (x86)\Common Files\Wise Installation Wizard -> [2010/04/26 07:38:26 | 000,000,000 | ---D | C]
NVIDIA -> C:\Users\patrick\AppData\Roaming\NVIDIA -> [2010/04/25 23:11:27 | 000,000,000 | ---D | C]
NVIDIA Corporation -> C:\Program Files\NVIDIA Corporation -> [2010/04/25 21:52:16 | 000,000,000 | ---D | C]
X3DAudio1_7.dll -> C:\Windows\SysWow64\X3DAudio1_7.dll -> [2010/04/25 21:04:04 | 000,022,360 | ---- | C] (Microsoft Corporation)
a-squared Free -> C:\Users\patrick\Documents\a-squared Free -> [2010/04/25 17:41:27 | 000,000,000 | ---D | C]
a-squared Free -> C:\Program Files (x86)\a-squared Free -> [2010/04/25 17:41:27 | 000,000,000 | ---D | C]
BVRP Software -> C:\Users\Public\Documents\BVRP Software -> [2010/04/25 09:46:41 | 000,000,000 | ---D | C]
_Backup.RC -> C:\_Backup.RC -> [2010/04/25 09:44:39 | 000,000,000 | RHSD | C]
_Backup -> C:\_Backup -> [2010/04/25 09:44:37 | 000,000,000 | -H-D | C]
Avanquest -> C:\Users\patrick\AppData\Roaming\Avanquest -> [2010/04/25 09:42:28 | 000,000,000 | ---D | C]
Avanquest -> C:\ProgramData\Avanquest -> [2010/04/25 09:42:28 | 000,000,000 | ---D | C]
AntiVirus -> C:\Program Files (x86)\Common Files\AntiVirus -> [2010/04/25 09:42:26 | 000,000,000 | ---D | C]

[Files/Folders - Modified Within 60 Days]
7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> [2010/06/19 13:22:12 | 000,009,920 | -H-- | M] ()
7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> [2010/06/19 13:22:12 | 000,009,920 | -H-- | M] ()
OTS.exe -> C:\Users\patrick\Desktop\OTS.exe -> [2010/06/19 13:18:43 | 000,640,000 | ---- | M] (OldTimer Tools)
Ad-Aware Update (Weekly).job -> C:\Windows\tasks\Ad-Aware Update (Weekly).job -> [2010/06/19 13:15:39 | 000,000,396 | ---- | M] ()
Ikeext.etl -> C:\Windows\SysNative\Ikeext.etl -> [2010/06/19 13:15:02 | 000,065,536 | ---- | M] ()
GoogleUpdateTaskMachineCore.job -> C:\Windows\tasks\GoogleUpdateTaskMachineCore.job -> [2010/06/19 13:15:01 | 000,001,064 | ---- | M] ()
GlaryInitialize.job -> C:\Windows\tasks\GlaryInitialize.job -> [2010/06/19 13:15:01 | 000,000,328 | ---- | M] ()
SA.DAT -> C:\Windows\tasks\SA.DAT -> [2010/06/19 13:14:55 | 000,000,006 | -H-- | M] ()
bootstat.dat -> C:\Windows\bootstat.dat -> [2010/06/19 13:14:50 | 000,067,584 | --S- | M] ()
hiberfil.sys -> C:\hiberfil.sys -> [2010/06/19 13:14:48 | 529,854,463 | -HS- | M] ()
ntuser.dat -> C:\Users\patrick\ntuser.dat -> [2010/06/19 13:14:03 | 006,029,312 | -HS- | M] ()
IconCache.db -> C:\Users\patrick\AppData\Local\IconCache.db -> [2010/06/19 13:13:57 | 002,724,564 | -H-- | M] ()
GoogleUpdateTaskMachineUA.job -> C:\Windows\tasks\GoogleUpdateTaskMachineUA.job -> [2010/06/19 13:00:01 | 000,001,068 | ---- | M] ()
PerfStringBackup.INI -> C:\Windows\SysNative\PerfStringBackup.INI -> [2010/06/19 08:41:52 | 001,553,042 | ---- | M] ()
perfh00C.dat -> C:\Windows\SysNative\perfh00C.dat -> [2010/06/19 08:41:52 | 000,704,618 | ---- | M] ()
perfh009.dat -> C:\Windows\SysNative\perfh009.dat -> [2010/06/19 08:41:52 | 000,615,760 | ---- | M] ()
perfc00C.dat -> C:\Windows\SysNative\perfc00C.dat -> [2010/06/19 08:41:52 | 000,132,340 | ---- | M] ()
perfc009.dat -> C:\Windows\SysNative\perfc009.dat -> [2010/06/19 08:41:52 | 000,107,396 | ---- | M] ()
cc_20100618_224007.reg -> C:\Users\patrick\Documents\cc_20100618_224007.reg -> [2010/06/18 22:40:09 | 000,002,522 | ---- | M] ()
avgntflt.sys -> C:\Windows\SysNative\drivers\avgntflt.sys -> [2010/06/18 19:52:00 | 000,074,880 | ---- | M] (Avira GmbH)
base registre.reg -> C:\Users\patrick\Documents\base registre.reg -> [2010/06/17 19:06:01 | 000,000,294 | ---- | M] ()
EPISMF00.SWB -> C:\Windows\EPISMF00.SWB -> [2010/06/17 07:38:53 | 000,016,574 | ---- | M] ()
ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/16 13:55:19 | 000,524,288 | -HS- | M] ()
ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/16 13:55:19 | 000,524,288 | -HS- | M] ()
ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TM.blf -> [2010/06/16 13:55:19 | 000,065,536 | -HS- | M] ()
5h9xvjf9i.lnk -> C:\Users\patrick\Desktop\5h9xvjf9i.lnk -> [2010/06/16 13:13:53 | 000,001,197 | ---- | M] ()
GDIPFONTCACHEV1.DAT -> C:\Users\patrick\AppData\Local\GDIPFONTCACHEV1.DAT -> [2010/06/14 08:52:14 | 000,107,496 | ---- | M] ()
FNTCACHE.DAT -> C:\Windows\SysNative\FNTCACHE.DAT -> [2010/06/14 08:12:03 | 000,411,000 | ---- | M] ()
cc_20100613_085115.reg -> C:\Users\patrick\Documents\cc_20100613_085115.reg -> [2010/06/13 08:51:17 | 000,001,192 | ---- | M] ()
OTM.exe -> C:\Users\patrick\Desktop\OTM.exe -> [2010/06/12 06:39:21 | 000,518,656 | ---- | M] (OldTimer Tools)
MegaManager.INI -> C:\Windows\MegaManager.INI -> [2010/06/08 19:39:53 | 000,000,050 | ---- | M] ()
RSIT.exe -> C:\Users\patrick\Desktop\RSIT.exe -> [2010/06/08 12:26:15 | 000,824,681 | ---- | M] ()
bookmarks-2010-06-07.json -> C:\Users\patrick\Documents\bookmarks-2010-06-07.json -> [2010/06/07 19:31:37 | 000,101,194 | ---- | M] ()
Mozilla Firefox.lnk -> C:\Users\Public\Desktop\Mozilla Firefox.lnk -> [2010/06/07 19:17:05 | 000,001,946 | ---- | M] ()
Lbd.sys -> C:\Windows\SysNative\drivers\Lbd.sys -> [2010/06/06 10:58:16 | 000,069,152 | ---- | M] (Lavasoft AB)
hosts -> C:\Windows\SysNative\drivers\etc\hosts -> [2010/06/05 18:12:02 | 000,000,000 | ---- | M] ()
RDesc.lnk -> C:\Users\Public\Desktop\RDesc.lnk -> [2010/06/05 14:33:03 | 000,000,551 | ---- | M] ()
iTunes.lnk -> C:\Users\Public\Desktop\iTunes.lnk -> [2010/06/05 14:24:18 | 000,002,429 | ---- | M] ()
deployJava1.dll -> C:\Windows\SysWow64\deployJava1.dll -> [2010/06/05 12:05:37 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.)
javaws.exe -> C:\Windows\SysWow64\javaws.exe -> [2010/06/05 12:05:37 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.)
javaw.exe -> C:\Windows\SysWow64\javaw.exe -> [2010/06/05 12:05:37 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.)
java.exe -> C:\Windows\SysWow64\java.exe -> [2010/06/05 12:05:37 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.)
ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/05 09:00:35 | 000,524,288 | -HS- | M] ()
ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/05 09:00:35 | 000,524,288 | -HS- | M] ()
ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TM.blf -> [2010/06/05 09:00:35 | 000,065,536 | -HS- | M] ()
ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/04 16:53:44 | 000,524,288 | -HS- | M] ()
ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/04 16:53:44 | 000,524,288 | -HS- | M] ()
ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TM.blf -> [2010/06/04 16:53:44 | 000,065,536 | -HS- | M] ()
ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/04 16:33:33 | 000,524,288 | -HS- | M] ()
ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/04 16:33:33 | 000,524,288 | -HS- | M] ()
ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TM.blf -> [2010/06/04 16:33:33 | 000,065,536 | -HS- | M] ()
ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/04 16:28:40 | 000,524,288 | -HS- | M] ()
ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/04 16:28:40 | 000,524,288 | -HS- | M] ()
ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TM.blf -> [2010/06/04 16:28:40 | 000,065,536 | -HS- | M] ()
housecall.guid.cache -> C:\Users\patrick\AppData\Local\housecall.guid.cache -> [2010/06/04 13:40:11 | 000,000,036 | ---- | M] ()
ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/04 13:08:08 | 000,524,288 | -HS- | M] ()
ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/04 13:08:08 | 000,524,288 | -HS- | M] ()
ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TM.blf -> [2010/06/04 13:08:08 | 000,065,536 | -HS- | M] ()
PerfStringBackup.INI -> C:\Windows\SysWow64\PerfStringBackup.INI -> [2010/06/02 10:50:21 | 001,578,582 | ---- | M] ()
PnkBstrB.exe -> C:\Windows\SysWow64\PnkBstrB.exe -> [2010/06/02 10:42:14 | 000,103,736 | ---- | M] ()
pbsvc.exe -> C:\Windows\SysWow64\pbsvc.exe -> [2010/06/02 10:42:07 | 000,669,184 | ---- | M] ()
PnkBstrA.exe -> C:\Windows\SysWow64\PnkBstrA.exe -> [2010/06/02 10:42:07 | 000,066,872 | ---- | M] ()
ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/01 20:17:42 | 000,524,288 | -HS- | M] ()
ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/01 20:17:42 | 000,524,288 | -HS- | M] ()
ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TM.blf -> [2010/06/01 20:17:42 | 000,065,536 | -HS- | M] ()
ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/01 17:10:23 | 000,524,288 | -HS- | M] ()
ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/01 17:10:23 | 000,524,288 | -HS- | M] ()
ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TM.blf -> [2010/06/01 17:10:23 | 000,065,536 | -HS- | M] ()
ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/05/31 10:31:42 | 000,524,288 | -HS- | M] ()
ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/05/31 10:31:42 | 000,524,288 | -HS- | M] ()
ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TM.blf -> [2010/05/31 10:31:42 | 000,065,536 | -HS- | M] ()
psi_mf.sys -> C:\Windows\SysNative\drivers\psi_mf.sys -> [2010/05/28 13:04:52 | 000,017,456 | ---- | M] (Secunia)
atmlib.dll -> C:\Windows\SysWow64\atmlib.dll -> [2010/05/27 09:24:13 | 000,034,304 | ---- | M] (Adobe Systems)
atmlib.dll -> C:\Windows\SysNative\atmlib.dll -> [2010/05/27 08:34:09 | 000,046,080 | ---- | M] (Adobe Systems)
atmfd.dll -> C:\Windows\SysNative\atmfd.dll -> [2010/05/27 06:11:32 | 000,366,080 | ---- | M] (Adobe Systems Incorporated)
atmfd.dll -> C:\Windows\SysWow64\atmfd.dll -> [2010/05/27 05:49:37 | 000,293,888 | ---- | M] (Adobe Systems Incorporated)
ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/05/26 23:28:55 | 000,524,288 | -HS- | M] ()
ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/05/26 23:28:55 | 000,524,288 | -HS- | M] ()
ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TM.blf -> [2010/05/26 23:28:55 | 000,065,536 | -HS- | M] ()
CmdLineExt_x64.dll -> C:\Windows\SysWow64\CmdLineExt_x64.dll -> [2010/05/26 17:23:00 | 000,178,800 | ---- | M] (Sony DADC Austria AG.)
ealregsnapshot1.reg -> C:\Windows\SysWow64\ealregsnapshot1.reg -> [2010/05/26 17:08:24 | 000,000,662 | ---- | M] ()
wininet.dll -> C:\Windows\SysNative\wininet.dll -> [2010/05/21 07:52:30 | 001,192,960 | ---- | M] (Microsoft Corporation)
jsproxy.dll -> C:\Windows\SysNative\jsproxy.dll -> [2010/05/21 07:47:27 | 000,064,512 | ---- | M] (Microsoft Corporation)
wininet.dll -> C:\Windows\SysWow64\wininet.dll -> [2010/05/21 07:18:06 | 000,977,920 | ---- | M] (Microsoft Corporation)
jsproxy.dll -> C:\Windows\SysWow64\jsproxy.dll -> [2010/05/21 07:14:50 | 000,048,128 | ---- | M] (Microsoft Corporation)
config.nt -> C:\Windows\SysWow64\config.nt -> [2010/05/08 09:15:01 | 000,000,000 | ---- | M] ()
TURegOpt.exe -> C:\Windows\SysNative\TURegOpt.exe -> [2010/05/07 18:07:32 | 000,034,632 | ---- | M] (TuneUp Software)
authuitu.dll -> C:\Windows\SysNative\authuitu.dll -> [2010/05/07 18:02:00 | 000,025,928 | ---- | M] (TuneUp Software)
authuitu.dll -> C:\Windows\SysWow64\authuitu.dll -> [2010/05/07 18:01:56 | 000,021,320 | ---- | M] (TuneUp Software)
uxtuneup.dll -> C:\Windows\SysNative\uxtuneup.dll -> [2010/05/07 18:01:52 | 000,036,168 | ---- | M] (TuneUp Software)
uxtuneup.dll -> C:\Windows\SysWow64\uxtuneup.dll -> [2010/05/07 18:01:44 | 000,030,024 | ---- | M] (TuneUp Software)
mstime.dll -> C:\Windows\SysNative\mstime.dll -> [2010/05/06 15:00:06 | 001,026,048 | ---- | M] (Microsoft Corporation)
msfeedsbs.dll -> C:\Windows\SysNative\msfeedsbs.dll -> [2010/05/06 14:59:55 | 000,082,944 | ---- | M] (Microsoft Corporation)
iedkcs32.dll -> C:\Windows\SysNative\iedkcs32.dll -> [2010/05/06 14:58:57 | 000,445,952 | ---- | M] (Microsoft Corporation)
mstime.dll -> C:\Windows\SysWow64\mstime.dll -> [2010/05/06 14:41:55 | 000,606,208 | ---- | M] (Microsoft Corporation)
msfeedsbs.dll -> C:\Windows\SysWow64\msfeedsbs.dll -> [2010/05/06 14:41:53 | 000,064,512 | ---- | M] (Microsoft Corporation)
iedkcs32.dll -> C:\Windows\SysWow64\iedkcs32.dll -> [2010/05/06 14:41:49 | 000,381,440 | ---- | M] (Microsoft Corporation)
lsdelete.exe -> C:\Windows\SysNative\lsdelete.exe -> [2010/05/01 08:43:22 | 000,015,880 | ---- | M] ()
ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/04/30 17:40:38 | 000,524,288 | -HS- | M] ()
ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/04/30 17:40:38 | 000,524,288 | -HS- | M] ()
ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TM.blf -> [2010/04/30 17:40:38 | 000,065,536 | -HS- | M] ()
mbamswissarmy.sys -> C:\Windows\SysWow64\drivers\mbamswissarmy.sys -> [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation)
mbam.sys -> C:\Windows\SysNative\drivers\mbam.sys -> [2010/04/29 15:39:28 | 000,024,664 | ---- | M] (Malwarebytes Corporation)
ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/04/24 22:06:43 | 000,524,288 | -HS- | M] ()
ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/04/24 22:06:43 | 000,524,288 | -HS- | M] ()
ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TM.blf -> [2010/04/24 22:06:43 | 000,065,536 | -HS- | M] ()

[Files - No Company Name]
Ad-Aware Update (Weekly).job -> C:\Windows\tasks\Ad-Aware Update (Weekly).job -> [2010/06/19 13:15:39 | 000,000,396 | ---- | C] ()
cc_20100618_224007.reg -> C:\Users\patrick\Documents\cc_20100618_224007.reg -> [2010/06/18 22:40:08 | 000,002,522 | ---- | C] ()
base registre.reg -> C:\Users\patrick\Documents\base registre.reg -> [2010/06/17 19:06:01 | 000,000,294 | ---- | C] ()
5h9xvjf9i.lnk -> C:\Users\patrick\Desktop\5h9xvjf9i.lnk -> [2010/06/16 13:13:53 | 000,001,197 | ---- | C] ()
ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/16 13:06:52 | 000,524,288 | -HS- | C] ()
ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/16 13:06:52 | 000,524,288 | -HS- | C] ()
ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TM.blf -> [2010/06/16 13:06:52 | 000,065,536 | -HS- | C] ()
IconCache.db -> C:\Users\patrick\AppData\Local\IconCache.db -> [2010/06/16 07:53:04 | 002,724,564 | -H-- | C] ()
cc_20100613_085115.reg -> C:\Users\patrick\Documents\cc_20100613_085115.reg -> [2010/06/13 08:51:16 | 000,001,192 | ---- | C] ()
RSIT.exe -> C:\Users\patrick\Desktop\RSIT.exe -> [2010/06/08 12:26:33 | 000,824,681 | ---- | C] ()
bookmarks-2010-06-07.json -> C:\Users\patrick\Documents\bookmarks-2010-06-07.json -> [2010/06/07 19:29:19 | 000,101,194 | ---- | C] ()
Mozilla Firefox.lnk -> C:\Users\Public\Desktop\Mozilla Firefox.lnk -> [2010/06/07 19:17:05 | 000,001,946 | ---- | C] ()
iTunes.lnk -> C:\Users\Public\Desktop\iTunes.lnk -> [2010/06/05 14:24:18 | 000,002,429 | ---- | C] ()
ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/05 08:53:58 | 000,524,288 | -HS- | C] ()
ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/05 08:53:58 | 000,524,288 | -HS- | C] ()
ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TM.blf -> [2010/06/05 08:53:58 | 000,065,536 | -HS- | C] ()
ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/04 16:36:36 | 000,524,288 | -HS- | C] ()
ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/04 16:36:36 | 000,524,288 | -HS- | C] ()
ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TM.blf -> [2010/06/04 16:36:36 | 000,065,536 | -HS- | C] ()
ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/04 16:30:29 | 000,524,288 | -HS- | C] ()
ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/04 16:30:29 | 000,524,288 | -HS- | C] ()
ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TM.blf -> [2010/06/04 16:30:28 | 000,065,536 | -HS- | C] ()
ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/04 16:11:26 | 000,524,288 | -HS- | C] ()
ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/04 16:11:26 | 000,524,288 | -HS- | C] ()
ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TM.blf -> [2010/06/04 16:11:26 | 000,065,536 | -HS- | C] ()
housecall.guid.cache -> C:\Users\patrick\AppData\Local\housecall.guid.cache -> [2010/06/04 13:40:11 | 000,000,036 | ---- | C] ()
ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/04 07:54:42 | 000,524,288 | -HS- | C] ()
ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/04 07:54:42 | 000,524,288 | -HS- | C] ()
ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TM.blf -> [2010/06/04 07:54:42 | 000,065,536 | -HS- | C] ()
PerfStringBackup.INI -> C:\Windows\SysWow64\PerfStringBackup.INI -> [2010/06/02 10:50:19 | 001,578,582 | ---- | C] ()
PnkBstrB.exe -> C:\Windows\SysWow64\PnkBstrB.exe -> [2010/06/02 10:42:10 | 000,103,736 | ---- | C] ()
pbsvc.exe -> C:\Windows\SysWow64\pbsvc.exe -> [2010/06/02 10:42:07 | 000,669,184 | ---- | C] ()
PnkBstrA.exe -> C:\Windows\SysWow64\PnkBstrA.exe -> [2010/06/02 10:42:07 | 000,066,872 | ---- | C] ()
ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/01 17:21:22 | 000,524,288 | -HS- | C] ()
ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/01 17:21:22 | 000,524,288 | -HS- | C] ()
ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TM.blf -> [2010/06/01 17:21:21 | 000,065,536 | -HS- | C] ()
ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/05/31 10:57:24 | 000,524,288 | -HS- | C] ()
ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/05/31 10:57:24 | 000,524,288 | -HS- | C] ()
ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TM.blf -> [2010/05/31 10:57:24 | 000,065,536 | -HS- | C] ()
ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/05/31 10:29:05 | 000,524,288 | -HS- | C] ()
ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/05/31 10:29:05 | 000,524,288 | -HS- | C] ()
ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TM.blf -> [2010/05/31 10:29:05 | 000,065,536 | -HS- | C] ()
RDesc.lnk -> C:\Users\Public\Desktop\RDesc.lnk -> [2010/05/28 17:01:51 | 000,000,551 | ---- | C] ()
EPISMF00.SWB -> C:\Windows\EPISMF00.SWB -> [2010/05/26 17:14:27 | 000,016,574 | ---- | C] ()
ealregsnapshot1.reg -> C:\Windows\SysWow64\ealregsnapshot1.reg -> [2010/05/26 17:08:24 | 000,000,662 | ---- | C] ()
ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/05/26 14:43:11 | 000,524,288 | -HS- | C] ()
ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/05/26 14:43:09 | 000,524,288 | -HS- | C] ()
ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TM.blf -> [2010/05/26 14:43:09 | 000,065,536 | -HS- | C] ()
logo.bmp -> C:\logo.bmp -> [2010/05/22 12:55:01 | 000,009,296 | ---- | C] ()
MegaManager.INI -> C:\Windows\MegaManager.INI -> [2010/05/20 17:08:49 | 000,000,050 | ---- | C] ()
ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/04/30 08:06:52 | 000,524,288 | -HS- | C] ()
ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/04/30 08:06:52 | 000,524,288 | -HS- | C] ()
ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TM.blf -> [2010/04/30 08:06:52 | 000,065,536 | -HS- | C] ()
ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/04/24 21:58:34 | 000,524,288 | -HS- | C] ()
ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/04/24 21:58:34 | 000,524,288 | -HS- | C] ()
ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TM.blf -> [2010/04/24 21:58:34 | 000,065,536 | -HS- | C] ()
game.ini -> C:\Windows\game.ini -> [2010/04/13 09:23:38 | 000,000,331 | ---- | C] ()
PICSDK.ini -> C:\Windows\SysWow64\PICSDK.ini -> [2010/02/28 21:30:24 | 000,000,099 | ---- | C] ()
CDE RX520FI.ini -> C:\Windows\CDE RX520FI.ini -> [2010/02/28 20:52:09 | 000,000,027 | ---- | C] ()
GlobalUserInterface.CompositeFont -> C:\Windows\Fonts\GlobalUserInterface.CompositeFont -> [2009/07/14 07:32:39 | 000,043,318 | ---- | C] ()
GlobalSerif.CompositeFont -> C:\Windows\Fonts\GlobalSerif.CompositeFont -> [2009/07/14 07:32:39 | 000,029,779 | ---- | C] ()
GlobalSansSerif.CompositeFont -> C:\Windows\Fonts\GlobalSansSerif.CompositeFont -> [2009/07/14 07:32:39 | 000,026,489 | ---- | C] ()
GlobalMonospace.CompositeFont -> C:\Windows\Fonts\GlobalMonospace.CompositeFont -> [2009/07/14 07:32:39 | 000,026,040 | ---- | C] ()
BWContextHandler.dll -> C:\Windows\SysWow64\BWContextHandler.dll -> [2009/07/14 01:42:10 | 000,064,000 | ---- | C] ()
msjetoledb40.dll -> C:\Windows\SysWow64\msjetoledb40.dll -> [2009/07/13 23:03:59 | 000,364,544 | ---- | C] ()
StarOpen.sys -> C:\Windows\SysWow64\drivers\StarOpen.sys -> [2007/10/25 18:26:10 | 000,005,632 | ---- | C] ()
EPSPTDV.DLL -> C:\Windows\SysWow64\EPSPTDV.DLL -> [2005/02/25 07:15:00 | 000,159,744 | ---- | C] ()

[File - Lop Check]
Acronis -> C:\Users\patrick\AppData\Roaming\Acronis -> [2010/03/12 14:43:01 | 000,000,000 | ---D | M]
Auslogics -> C:\Users\patrick\AppData\Roaming\Auslogics -> [2010/03/01 19:31:06 | 000,000,000 | ---D | M]
Avanquest -> C:\Users\patrick\AppData\Roaming\Avanquest -> [2010/04/25 09:58:58 | 000,000,000 | ---D | M]
Capturino -> C:\Users\patrick\AppData\Roaming\Capturino -> [2010/03/17 17:54:53 | 000,000,000 | ---D | M]
DAEMON Tools Lite -> C:\Users\patrick\AppData\Roaming\DAEMON Tools Lite -> [2010/06/16 12:56:05 | 000,000,000 | ---D | M]
GlarySoft -> C:\Users\patrick\AppData\Roaming\GlarySoft -> [2010/03/12 13:38:08 | 000,000,000 | ---D | M]
KC Softwares -> C:\Users\patrick\AppData\Roaming\KC Softwares -> [2010/03/03 21:40:01 | 000,000,000 | ---D | M]
LockHunter -> C:\Users\patrick\AppData\Roaming\LockHunter -> [2010/06/01 20:25:35 | 000,000,000 | ---D | M]
OpenOffice.org -> C:\Users\patrick\AppData\Roaming\OpenOffice.org -> [2010/03/04 18:50:46 | 000,000,000 | ---D | M]
PC Suite -> C:\Users\patrick\AppData\Roaming\PC Suite -> [2010/03/02 14:11:07 | 000,000,000 | ---D | M]
PowerCinema -> C:\Users\patrick\AppData\Roaming\PowerCinema -> [2010/06/01 17:20:25 | 000,000,000 | ---D | M]
Samsung -> C:\Users\patrick\AppData\Roaming\Samsung -> [2010/03/09 12:56:48 | 000,000,000 | ---D | M]
SoftDMA -> C:\Users\patrick\AppData\Roaming\SoftDMA -> [2010/02/28 18:46:47 | 000,000,000 | ---D | M]
system32 -> C:\Users\patrick\AppData\Roaming\system32 -> [2010/04/30 17:42:19 | 000,000,000 | RHSD | M]
Thunderbird -> C:\Users\patrick\AppData\Roaming\Thunderbird -> [2010/02/28 22:05:33 | 000,000,000 | ---D | M]
TuneUp Software -> C:\Users\patrick\AppData\Roaming\TuneUp Software -> [2010/04/30 17:33:53 | 000,000,000 | ---D | M]
URSoft -> C:\Users\patrick\AppData\Roaming\URSoft -> [2010/02/28 21:55:06 | 000,000,000 | ---D | M]
Ad-Aware Update (Weekly).job -> C:\Windows\Tasks\Ad-Aware Update (Weekly).job -> [2010/06/19 13:15:39 | 000,000,396 | ---- | M] ()
GlaryInitialize.job -> C:\Windows\Tasks\GlaryInitialize.job -> [2010/06/19 13:15:01 | 000,000,328 | ---- | M] ()
SCHEDLGU.TXT -> C:\Windows\Tasks\SCHEDLGU.TXT -> [2010/06/04 16:54:40 | 000,032,566 | ---- | M] ()

[File - Purity Scan]


[Alternate Data Streams]
@Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:B3D74A13
@Alternate Data Stream - 180 bytes -> C:\ProgramData\Temp:1CE11B51
< End of report >

 

OTS logfile created on: 19/06/2010 13:22:37 - Run 1
OTS by OldTimer - Version 3.1.31.2     Folder = C:\Users\patrick\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

6,00 Gb Total Physical Memory | 5,00 Gb Available Physical Memory | 76,00% Memory free
12,00 Gb Paging File | 10,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 458,45 Gb Total Space | 392,85 Gb Free Space | 85,69% Space Free | Partition Type: NTFS
Drive D: | 458,96 Gb Total Space | 179,03 Gb Free Space | 39,01% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ABRARACOURCIX
Current User Name: patrick
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 60 Days

[Processes - Safe List]
ots.exe -> C:\Users\patrick\Desktop\OTS.exe -> [2010/06/19 13:18:43 | 000,640,000 | ---- | M] (OldTimer Tools)
avguard.exe -> C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -> [2010/06/18 19:52:00 | 000,185,089 | ---- | M] (Avira GmbH)
sched.exe -> C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -> [2010/06/18 19:52:00 | 000,108,289 | ---- | M] (Avira GmbH)
aawtray.exe -> C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe -> [2010/06/16 13:07:32 | 000,864,112 | ---- | M] (Lavasoft)
aawservice.exe -> C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -> [2010/06/16 13:07:26 | 001,352,832 | ---- | M] (Lavasoft)
pnkbstra.exe -> C:\Windows\SysWOW64\PnkBstrA.exe -> [2010/06/02 10:42:07 | 000,066,872 | ---- | M] ()
psi.exe -> C:\Program Files (x86)\Secunia\PSI\psi.exe -> [2010/05/28 13:04:52 | 000,911,920 | ---- | M] (Secunia)
applemobiledeviceservice.exe -> C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -> [2010/04/16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.)
a2service.exe -> C:\Program Files (x86)\a-squared Free\a2service.exe -> [2010/04/15 08:25:20 | 001,872,320 | ---- | M] (Emsi Software GmbH)
afcdpsrv.exe -> C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -> [2010/03/12 13:43:13 | 002,326,920 | ---- | M] (Acronis)
schedhlp.exe -> C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe -> [2009/09/12 18:38:50 | 000,358,024 | ---- | M] (Acronis)
trueimagemonitor.exe -> C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe -> [2009/09/12 18:38:16 | 005,081,912 | ---- | M] (Acronis)
mwldaemon.exe -> C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe -> [2009/09/10 15:42:30 | 000,349,480 | ---- | M] (Egis Technology Inc.)
greghsrw.exe -> C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -> [2009/08/28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated)
hotkeyutility.exe -> C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe -> [2009/08/18 09:27:26 | 000,629,280 | ---- | M] ()
ischedulesvc.exe -> C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -> [2009/08/13 00:04:44 | 000,062,208 | ---- | M] (NewTech Infosystems, Inc.)
backupmanagertray.exe -> C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe -> [2009/08/12 23:58:28 | 000,261,888 | ---- | M] (NewTech Infosystems, Inc.)
egisupdate.exe -> C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe -> [2009/08/04 07:09:34 | 000,199,464 | ---- | M] (Egis Technology Inc.)
updaterservice.exe -> C:\Program Files\Acer\Acer Updater\UpdaterService.exe -> [2009/07/04 03:47:12 | 000,240,160 | ---- | M] (Acer)
iaanotif.exe -> C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe -> [2009/06/05 04:03:32 | 000,186,904 | ---- | M] (Intel Corporation)
iaantmon.exe -> C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -> [2009/06/05 04:03:06 | 000,354,840 | ---- | M] (Intel Corporation)
avgnt.exe -> C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe -> [2009/03/02 13:08:11 | 000,209,153 | ---- | M] (Avira GmbH)
sdwinsec.exe -> C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -> [2009/01/26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.)

[Modules - Safe List]
ots.exe -> C:\Users\patrick\Desktop\OTS.exe -> [2010/06/19 13:18:43 | 000,640,000 | ---- | M] (OldTimer Tools)
comdlg32.dll -> C:\Windows\SysWOW64\comdlg32.dll -> [2009/07/14 03:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation)
msscript.ocx -> C:\Windows\SysWOW64\msscript.ocx -> [2009/07/14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation)
comctl32.dll -> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll -> [2009/07/14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation)

[Win32 Services - Safe List]
64bit-(WatAdminSvc)  [unknown | Stopped] -> C:\Windows\SysNative\Wat\WatAdminSvc.exe -> [2010/06/08 21:10:24 | 001,255,736 | ---- | M] (Microsoft Corporation)
64bit-(UxTuneUp)  [Auto | Running] -> C:\Windows\SysNative\uxtuneup.dll -> [2010/05/07 18:01:52 | 000,036,168 | ---- | M] (TuneUp Software)
64bit-(SASCORE)  [Auto | Running] -> C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -> [2010/04/28 17:23:07 | 000,120,832 | ---- | M] (SUPERAntiSpyware.com)
64bit-(WwanSvc)  [On_Demand | Stopped] -> C:\Windows\SysNative\wwansvc.dll -> [2009/07/14 03:41:59 | 000,229,888 | ---- | M] (Microsoft Corporation)
64bit-(WbioSrvc)  [On_Demand | Stopped] -> C:\Windows\SysNative\wbiosrvc.dll -> [2009/07/14 03:41:56 | 000,202,240 | ---- | M] (Microsoft Corporation)
64bit-(Power)  [Auto | Running] -> C:\Windows\SysNative\umpo.dll -> [2009/07/14 03:41:56 | 000,163,840 | ---- | M] (Microsoft Corporation)
64bit-(Themes)  [Auto | Running] -> C:\Windows\SysNative\themeservice.dll -> [2009/07/14 03:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation)
64bit-(sppuinotify)  [On_Demand | Stopped] -> C:\Windows\SysNative\sppuinotify.dll -> [2009/07/14 03:41:54 | 000,065,536 | ---- | M] (Microsoft Corporation)
64bit-(SensrSvc)  [On_Demand | Stopped] -> C:\Windows\SysNative\sensrsvc.dll -> [2009/07/14 03:41:54 | 000,029,184 | ---- | M] (Microsoft Corporation)
64bit-(PNRPsvc)  [On_Demand | Running] -> C:\Windows\SysNative\pnrpsvc.dll -> [2009/07/14 03:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation)
64bit-(p2pimsvc)  [On_Demand | Running] -> C:\Windows\SysNative\pnrpsvc.dll -> [2009/07/14 03:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation)
64bit-(HomeGroupProvider)  [On_Demand | Running] -> C:\Windows\SysNative\provsvc.dll -> [2009/07/14 03:41:53 | 000,187,904 | ---- | M] (Microsoft Corporation)
64bit-(RpcEptMapper)  [unknown | Running] -> C:\Windows\SysNative\RpcEpMap.dll -> [2009/07/14 03:41:53 | 000,067,072 | ---- | M] (Microsoft Corporation)
64bit-(PNRPAutoReg)  [On_Demand | Stopped] -> C:\Windows\SysNative\pnrpauto.dll -> [2009/07/14 03:41:53 | 000,025,088 | ---- | M] (Microsoft Corporation)
64bit-(WinDefend)  [Auto | Running] -> C:\Program Files\Windows Defender\mpsvc.dll -> [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation)
64bit-(HomeGroupListener)  [On_Demand | Running] -> C:\Windows\SysNative\ListSvc.dll -> [2009/07/14 03:41:18 | 000,231,936 | ---- | M] (Microsoft Corporation)
64bit-(FontCache)  [On_Demand | Stopped] -> C:\Windows\SysNative\FntCache.dll -> [2009/07/14 03:40:54 | 001,127,936 | ---- | M] (Microsoft Corporation)
64bit-(Dhcp)  [Auto | Running] -> C:\Windows\SysNative\dhcpcore.dll -> [2009/07/14 03:40:28 | 000,314,368 | ---- | M] (Microsoft Corporation)
64bit-(defragsvc)  [On_Demand | Stopped] -> C:\Windows\SysNative\defragsvc.dll -> [2009/07/14 03:40:28 | 000,291,328 | ---- | M] (Microsoft Corporation)
64bit-(bthserv)  [On_Demand | Stopped] -> C:\Windows\SysNative\bthserv.dll -> [2009/07/14 03:40:13 | 000,083,968 | ---- | M] (Microsoft Corporation)
64bit-(BDESVC)  [unknown | Stopped] -> C:\Windows\SysNative\bdesvc.dll -> [2009/07/14 03:40:10 | 000,100,864 | ---- | M] (Microsoft Corporation)
64bit-(AxInstSV)  [On_Demand | Stopped] -> C:\Windows\SysNative\AxInstSv.dll -> [2009/07/14 03:40:05 | 000,114,688 | ---- | M] (Microsoft Corporation)
64bit-(AppIDSvc)  [On_Demand | Stopped] -> C:\Windows\SysNative\appidsvc.dll -> [2009/07/14 03:40:01 | 000,032,256 | ---- | M] (Microsoft Corporation)
64bit-(wbengine)  [On_Demand | Stopped] -> C:\Windows\SysNative\wbengine.exe -> [2009/07/14 03:39:51 | 001,503,744 | ---- | M] (Microsoft Corporation)
64bit-(sppsvc)  [Auto | Stopped] -> C:\Windows\SysNative\sppsvc.exe -> [2009/07/14 03:39:28 | 003,524,608 | ---- | M] (Microsoft Corporation)
64bit-(Fax)  [On_Demand | Stopped] -> C:\Windows\SysNative\FXSSVC.exe -> [2009/07/14 03:39:11 | 000,689,152 | ---- | M] (Microsoft Corporation)
64bit-(Updater Service)  [Auto | Running] -> C:\Program Files\Acer\Acer Updater\UpdaterService.exe -> [2009/07/04 03:47:12 | 000,240,160 | ---- | M] (Acer)
(AntiVirService) Avira AntiVir Guard [Auto | Running] -> C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -> [2010/06/18 19:52:00 | 000,185,089 | ---- | M] (Avira GmbH)
(AntiVirSchedulerService) Avira AntiVir Planificateur [Auto | Running] -> C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -> [2010/06/18 19:52:00 | 000,108,289 | ---- | M] (Avira GmbH)
(Lavasoft Ad-Aware Service) Lavasoft Ad-Aware Service [Auto | Running] -> C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -> [2010/06/16 13:07:26 | 001,352,832 | ---- | M] (Lavasoft)
(PnkBstrA) PnkBstrA [Auto | Running] -> C:\Windows\SysWOW64\PnkBstrA.exe -> [2010/06/02 10:42:07 | 000,066,872 | ---- | M] ()
(TuneUp.Defrag) TuneUp Drive Defrag Service [On_Demand | Stopped] -> C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe -> [2010/05/21 21:17:07 | 000,607,048 | ---- | M] (TuneUp Software)
(TuneUp.UtilitiesSvc) TuneUp Utilities Service [Auto | Running] -> C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe -> [2010/05/07 18:06:42 | 001,403,208 | ---- | M] (TuneUp Software)
(UxTuneUp) TuneUp Extension de thème [Auto | Running] -> C:\Windows\SysWOW64\uxtuneup.dll -> [2010/05/07 18:01:44 | 000,030,024 | ---- | M] (TuneUp Software)
(Apple Mobile Device) Apple Mobile Device [Auto | Running] -> C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -> [2010/04/16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.)
(a2free) a-squared Free Service [Auto | Running] -> C:\Program Files (x86)\a-squared Free\a2service.exe -> [2010/04/15 08:25:20 | 001,872,320 | ---- | M] (Emsi Software GmbH)
(afcdpsrv) Acronis Nonstop Backup service [Auto | Running] -> C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -> [2010/03/12 13:43:13 | 002,326,920 | ---- | M] (Acronis)
(AcrSch2Svc) Service Scheduler2 Acronis [Auto | Running] -> C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -> [2009/09/12 18:39:04 | 000,892,072 | ---- | M] (Acronis)
(MWLService) MyWinLocker Service [On_Demand | Stopped] -> C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -> [2009/09/10 15:42:46 | 000,305,448 | ---- | M] ()
(Greg_Service) GRegService [Auto | Running] -> C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -> [2009/08/28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated)
(Nero BackItUp Scheduler 4.0) Nero BackItUp Scheduler 4.0 [On_Demand | Stopped] -> C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -> [2009/08/25 19:38:06 | 000,935,208 | ---- | M] (Nero AG)
(NTI IScheduleSvc) NTI IScheduleSvc [Auto | Running] -> C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -> [2009/08/13 00:04:44 | 000,062,208 | ---- | M] (NewTech Infosystems, Inc.)
(VSS) Cliché instantané des volumes [On_Demand | Stopped] -> C:\Windows\Vss -> [2009/07/14 05:20:14 | 000,000,000 | ---D | M]
(MSDTC) Coordinateur de transactions distribuées [unknown | Stopped] -> C:\Windows\SysWOW64\Msdtc -> [2009/07/14 05:20:14 | 000,000,000 | ---D | M]
(HomeGroupProvider) Fournisseur HomeGroup [On_Demand | Running] -> C:\Windows\SysWOW64\provsvc.dll -> [2009/07/14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation)
(Dhcp) Client DHCP [Auto | Running] -> C:\Windows\SysWOW64\dhcpcore.dll -> [2009/07/14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation)
(vds) Disque virtuel [On_Demand | Stopped] -> C:\Windows\SysWOW64\wbem\vds.mof -> [2009/07/13 22:30:11 | 000,061,056 | ---- | M] ()
(clr_optimization_v2.0.50727_64) Microsoft .NET Framework NGEN v2.0.50727_X64 [On_Demand | Stopped] -> C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -> [2009/06/10 22:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation)
(IAANTMON) Intel(R) Matrix Storage Event Monitor [Auto | Running] -> C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -> [2009/06/05 04:03:06 | 000,354,840 | ---- | M] (Intel Corporation)
(SBSDWSCService) SBSD Security Center Service [Auto | Running] -> C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -> [2009/01/26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.)
(ServiceLayer) ServiceLayer [On_Demand | Stopped] -> C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -> [2008/04/07 10:17:30 | 000,430,592 | ---- | M] (Nokia.)

[Driver Services - Safe List]
64bit-(avgntflt) avgntflt [File_System | Auto | Running] -> C:\Windows\SysNative\drivers\avgntflt.sys -> [2010/06/18 19:52:00 | 000,074,880 | ---- | M] (Avira GmbH)
64bit-(Lbd) Lbd [File_System | Boot | Running] -> C:\Windows\SysNative\drivers\Lbd.sys -> [2010/06/06 10:58:16 | 000,069,152 | ---- | M] (Lavasoft AB)
64bit-(PSI) PSI [File_System | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\psi_mf.sys -> [2010/05/28 13:04:52 | 000,017,456 | ---- | M] (Secunia)
64bit-(afcdp) afcdp [File_System | On_Demand | Running] -> C:\Windows\SysNative\drivers\afcdp.sys -> [2010/03/12 13:43:13 | 000,250,400 | ---- | M] (Acronis)
64bit-(tdrpman251) Acronis Try&Decide and Restore Points filter (build 251) [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\tdrpm251.sys -> [2010/03/12 13:43:11 | 001,455,648 | ---- | M] (Acronis)
64bit-(timounter) Acronis Backup Archive Explorer [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\timntr.sys -> [2010/03/12 13:43:10 | 000,929,312 | ---- | M] (Acronis)
64bit-(snapman) Acronis Snapshots Manager [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\snapman.sys -> [2010/03/12 13:43:06 | 000,254,496 | ---- | M] (Acronis)
64bit-(SASDIFSV) SASDIFSV [Kernel | System | Running] -> C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS -> [2010/02/17 20:23:05 | 000,014,920 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
64bit-(SASKUTIL) SASKUTIL [Kernel | System | Running] -> C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS -> [2010/02/17 20:23:05 | 000,012,360 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
64bit-(KSecPkg) KSecPkg [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\ksecpkg.sys -> [2009/12/11 12:29:27 | 000,153,160 | ---- | M] (Microsoft Corporation)
64bit-(fvevol) Pilote de filtre de Chiffrement de lecteur Bitlocker [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\fvevol.sys -> [2009/09/26 08:20:38 | 000,223,448 | ---- | M] (Microsoft Corporation)
64bit-(e1kexpress) Intel(R) PRO/1000 PCI Express Network Connection Driver K [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\e1k62x64.sys -> [2009/09/23 11:11:04 | 000,283,824 | ---- | M] (Intel Corporation)
64bit-(USBAAPL64) Apple Mobile USB Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\usbaapl64.sys -> [2009/08/28 20:42:52 | 000,049,152 | ---- | M] (Apple, Inc.)
64bit-(JRAID) JRAID [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\jraid.sys -> [2009/07/18 07:18:48 | 000,109,480 | ---- | M] (JMicron Technology Corp.)
64bit-(amdsata) amdsata [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsata.sys -> [2009/07/14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices)
64bit-(amdxata) amdxata [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\amdxata.sys -> [2009/07/14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices)
64bit-(amdsbs) amdsbs [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsbs.sys -> [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.)
64bit-(LSI_SAS2) LSI_SAS2 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\lsi_sas2.sys -> [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation)
64bit-(hwpolicy) Hardware Policy Driver [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\hwpolicy.sys -> [2009/07/14 03:48:04 | 000,014,416 | ---- | M] (Microsoft Corporation)
64bit-(FsDepends) File System Dependency Minifilter [File_System | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\fsdepends.sys -> [2009/07/14 03:47:49 | 000,055,376 | ---- | M] (Microsoft Corporation)
64bit-(HpSAMD) HpSAMD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\HpSAMD.sys -> [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company)
64bit-(WIMMount) WIMMount [File_System | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\wimmount.sys -> [2009/07/14 03:45:56 | 000,022,096 | ---- | M] (Microsoft Corporation)
64bit-(vhdmp) vhdmp [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\vhdmp.sys -> [2009/07/14 03:45:55 | 000,217,680 | ---- | M] (Microsoft Corporation)
64bit-(vdrvroot) Microsoft Virtual Drive Enumerator Driver [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\vdrvroot.sys -> [2009/07/14 03:45:55 | 000,036,432 | ---- | M] (Microsoft Corporation)
64bit-(stexstor) stexstor [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\stexstor.sys -> [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology)
64bit-(rdyboost) ReadyBoost [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\rdyboost.sys -> [2009/07/14 03:45:46 | 000,214,096 | ---- | M] (Microsoft Corporation)
64bit-(pcw) Performance Counters for Windows Driver [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\pcw.sys -> [2009/07/14 03:45:45 | 000,050,768 | ---- | M] (Microsoft Corporation)
64bit-(CNG) CNG [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\cng.sys -> [2009/07/14 03:43:14 | 000,460,504 | ---- | M] (Microsoft Corporation)
64bit-(rdpbus) Remote Desktop Device Redirector Bus Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\rdpbus.sys -> [2009/07/14 02:17:46 | 000,024,064 | ---- | M] (Microsoft Corporation)
64bit-(RDPREFMP) Reflector Display Driver used to gain access to graphics data [Kernel | System | Running] -> C:\Windows\SysNative\drivers\RDPREFMP.sys -> [2009/07/14 02:16:35 | 000,008,192 | ---- | M] (Microsoft Corporation)
64bit-(RasAgileVpn) WAN Miniport (IKEv2) [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\agilevpn.sys -> [2009/07/14 02:10:24 | 000,060,416 | ---- | M] (Microsoft Corporation)
64bit-(WfpLwf) WFP Lightweight Filter [Kernel | System | Running] -> C:\Windows\SysNative\drivers\wfplwf.sys -> [2009/07/14 02:09:26 | 000,012,800 | ---- | M] (Microsoft Corporation)
64bit-(NdisCap) NDIS Capture LightWeight Filter [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\ndiscap.sys -> [2009/07/14 02:08:13 | 000,035,328 | ---- | M] (Microsoft Corporation)
64bit-(vwififlt) Virtual WiFi Filter Driver [Kernel | System | Running] -> C:\Windows\SysNative\drivers\vwififlt.sys -> [2009/07/14 02:07:22 | 000,059,904 | ---- | M] (Microsoft Corporation)
64bit-(vwifibus) Pilote de bus WiFi virtuel [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\vwifibus.sys -> [2009/07/14 02:07:21 | 000,024,576 | ---- | M] (Microsoft Corporation)
64bit-(1394ohci) Contrôleur d’hôte compatible OHCI 1394 [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\1394ohci.sys -> [2009/07/14 02:07:13 | 000,227,840 | ---- | M] (Microsoft Corporation)
64bit-(HdAudAddService) Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\HdAudio.sys -> [2009/07/14 02:07:00 | 000,350,208 | ---- | M] (Microsoft Corporation)
64bit-(BTHPORT) Pilote de port Bluetooth [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\bthport.sys -> [2009/07/14 02:06:57 | 000,551,936 | ---- | M] (Microsoft Corporation)
64bit-(BTHUSB) Pilote USB radio Bluetooth [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\BTHUSB.SYS -> [2009/07/14 02:06:52 | 000,079,360 | ---- | M] (Microsoft Corporation)
64bit-(UmPass) Microsoft UMPass Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\umpass.sys -> [2009/07/14 02:06:52 | 000,009,728 | ---- | M] (Microsoft Corporation)
64bit-(mshidkmdf) Pass-through HID to KMDF Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\mshidkmdf.sys -> [2009/07/14 02:06:24 | 000,008,192 | ---- | M] (Microsoft Corporation)
64bit-(WudfPf) User Mode Driver Frameworks Platform Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\WUDFPf.sys -> [2009/07/14 02:05:37 | 000,112,128 | ---- | M] (Microsoft Corporation)
64bit-(MTConfig) Microsoft Input Configuration Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\MTConfig.sys -> [2009/07/14 02:02:08 | 000,015,360 | ---- | M] (Microsoft Corporation)
64bit-(CompositeBus) Composite Bus Enumerator Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\CompositeBus.sys -> [2009/07/14 02:00:34 | 000,038,912 | ---- | M] (Microsoft Corporation)
64bit-(Beep) Beep [Kernel | System | Running] -> C:\Windows\SysNative\drivers\beep.sys -> [2009/07/14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation)
64bit-(AppID) Pilote AppID [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\appid.sys -> [2009/07/14 01:52:39 | 000,061,440 | ---- | M] (Microsoft Corporation)
64bit-(scfilter) Pilote de filtre de classe PnP de carte à puce [Kernel | Unknown | Stopped] -> C:\Windows\SysNative\drivers\scfilter.sys -> [2009/07/14 01:50:17 | 000,029,696 | ---- | M] (Microsoft Corporation)
64bit-(discache) System Attribute Cache [Kernel | System | Running] -> C:\Windows\SysNative\drivers\discache.sys -> [2009/07/14 01:37:18 | 000,040,448 | ---- | M] (Microsoft Corporation)
64bit-(HidBatt) HID UPS Battery Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\hidbatt.sys -> [2009/07/14 01:31:06 | 000,026,624 | ---- | M] (Microsoft Corporation)
64bit-(CmBatt) Microsoft ACPI Control Method Battery Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\CmBatt.sys -> [2009/07/14 01:31:03 | 000,017,664 | ---- | M] (Microsoft Corporation)
64bit-(AcpiPmi) ACPI Power Meter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\acpipmi.sys -> [2009/07/14 01:27:17 | 000,012,288 | ---- | M] (Microsoft Corporation)
64bit-(AmdPPM) AMD Processor Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdppm.sys -> [2009/07/14 01:19:25 | 000,060,928 | ---- | M] (Microsoft Corporation)
64bit-(atikmdag) atikmdag [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\atikmdag.sys -> [2009/07/13 23:59:33 | 005,020,672 | ---- | M] (ATI Technologies Inc.)
64bit-(NVHDA) Service for NVIDIA High Definition Audio Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\nvhda64v.sys -> [2009/06/26 09:55:10 | 000,083,488 | ---- | M] (NVIDIA Corporation)
64bit-(netr28x) Ralink 802.11n Extensible Wireless Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\netr28x.sys -> [2009/06/20 00:56:08 | 000,712,704 | ---- | M] (Ralink Technology, Corp.)
64bit-(ebdrv) Broadcom NetXtreme II 10 GigE VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\evbda.sys -> [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation)
64bit-(b06bdrv) Broadcom NetXtreme II VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\bxvbda.sys -> [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation)
64bit-(b57nd60a) Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\b57nd60a.sys -> [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation)
64bit-(hcw85cir) Hauppauge Consumer Infrared Receiver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\hcw85cir.sys -> [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.)
64bit-(iaStor) Intel RAID Controller [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\iaStor.sys -> [2009/06/05 03:54:36 | 000,408,600 | ---- | M] (Intel Corporation)
64bit-(mwlPSDVDisk) mwlPSDVDisk [Kernel | System | Running] -> C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -> [2009/06/02 13:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.)
64bit-(mwlPSDFilter) mwlPSDFilter [File_System | System | Running] -> C:\Windows\SysNative\drivers\mwlPSDFilter.sys -> [2009/06/02 13:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.)
64bit-(mwlPSDNServ) mwlPSDNServ [Kernel | System | Running] -> C:\Windows\SysNative\drivers\mwlPSDNserv.sys -> [2009/06/02 13:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.)
64bit-(GEARAspiWDM) GEAR ASPI Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\GEARAspiWDM.sys -> [2009/05/18 15:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.)
64bit-(NTIDrvr) NTIDrvr [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\NTIDrvr.sys -> [2009/05/06 01:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.)
64bit-(UBHelper) UBHelper [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\UBHelper.sys -> [2009/05/06 01:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation)
64bit-(SCDEmu) SCDEmu [Kernel | System | Running] -> C:\Windows\SysNative\drivers\scdemu.sys -> [2009/03/15 12:32:56 | 000,085,424 | ---- | M] (PowerISO Computing, Inc.)
64bit-(sscdmdm) SAMSUNG Mobile Modem Drivers [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\sscdmdm.sys -> [2008/02/22 16:33:00 | 000,151,040 | ---- | M] (MCCI Corporation)
64bit-(sscdbus) SAMSUNG USB Composite Device driver (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\sscdbus.sys -> [2008/02/22 16:32:58 | 000,113,664 | ---- | M] (MCCI Corporation)
64bit-(sscdmdfl) SAMSUNG Mobile Modem Filter [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\sscdmdfl.sys -> [2008/02/22 16:32:58 | 000,018,944 | ---- | M] (MCCI Corporation)
64bit-(pccsmcfd) PCCS Mode Change Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\pccsmcfdx64.sys -> [2007/09/17 16:53:34 | 000,029,184 | ---- | M] (Nokia)
(TuneUpUtilitiesDrv) TuneUpUtilitiesDrv [Kernel | On_Demand | Running] -> C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys -> [2009/10/14 07:24:44 | 000,011,856 | ---- | M] (TuneUp Software)
(WIMMount) WIMMount [File_System | On_Demand | Stopped] -> C:\Windows\SysWOW64\drivers\wimmount.sys -> [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation)
(NetBIOS) NetBIOS Interface [File_System | System | Running] -> C:\Windows\SysWOW64\netbios.dll -> [2009/07/14 03:16:02 | 000,014,336 | ---- | M] (Microsoft Corporation)
(mpsdrv) Pilote d’autorisation du Pare-feu Windows [Kernel | On_Demand | Running] -> C:\Windows\SysWOW64\wbem\mpsdrv.mof -> [2009/06/10 23:28:14 | 000,001,088 | ---- | M] ()
(Tcpip) Pilote du protocole TCP/IP [Kernel | System | Running] -> C:\Windows\SysWOW64\wbem\tcpip.mof -> [2009/06/10 23:15:18 | 000,003,066 | ---- | M] ()
(mwlPSDVDisk) mwlPSDVDisk [Kernel | System | Running] -> C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\mwlPSDVdisk.sys -> [2009/06/02 13:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.)
(mwlPSDFilter) mwlPSDFilter [File_System | System | Running] -> C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\mwlPSDFilter.sys -> [2009/06/02 13:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.)
(mwlPSDNServ) mwlPSDNServ [Kernel | System | Running] -> C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\mwlPSDNServ.sys -> [2009/06/02 13:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.)
(TFsExDisk) TFsExDisk [File_System | On_Demand | Stopped] -> C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -> [2009/04/07 10:39:44 | 000,016,392 | ---- | M] (Teruten Inc)
(pfc) Padus ASPI Shell [Kernel | On_Demand | Stopped] -> C:\Windows\SysWOW64\drivers\pfc.sys -> [2003/09/19 16:45:48 | 000,021,248 | ---- | M] (Padus, Inc.)

[Registry - Safe List]
< 64bit-Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> [url=http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_m5810&r=17360210cn06973d58k95qg9m3y349]http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_m5810&r=17360210cn06973d58k95qg9m3y349[/url] -> 
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> [url=http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_m5810&r=17360210cn06973d58k95qg9m3y349]http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_m5810&r=17360210cn06973d58k95qg9m3y349[/url] -> 
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> C:\Windows\SysWOW64\blank.htm -> 
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> [url=http://fr.msn.com/]MSN : Hotmail, Messenger, Bing, Actualité et Sport[/url] -> 
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> 
HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> 
HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\] > -> -> 
HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\: Main\\"Start Page" -> [url=http://www.google.fr/]Google[/url] -> 
HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\: SearchURL\\"" ->  -> 
HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\: "ProxyEnable" -> 0 -> 
HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\: "ProxyOverride" -> *.local -> 
< FireFox Settings [Prefs.js] > -> C:\Users\patrick\AppData\Roaming\Mozilla\FireFox\Profiles\pdf97g7x.default\prefs.js -> 
browser.search.useDBForOrder -> true ->
browser.startup.homepage -> "http://www.google.fr" ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 ->
extensions.enabledItems -> {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2 ->
extensions.enabledItems -> DTToolbar@toolbarnet.com:1.1.2.0185 ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions ->  -> 
HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components -> C:\Program Files (x86)\Mozilla Firefox\components [C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\COMPONENTS] -> [2010/06/07 19:17:04 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins -> C:\Program Files (x86)\Mozilla Firefox\plugins [C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\PLUGINS] -> [2010/06/07 19:17:03 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions ->  -> 
HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Components -> C:\Program Files (x86)\Mozilla Thunderbird\components [C:\PROGRAM FILES (X86)\MOZILLA THUNDERBIRD\COMPONENTS] -> [2010/06/05 13:09:10 | 000,000,000 | ---D | M]
< FireFox Extensions [user Folders] > -> 
 -> C:\Users\patrick\AppData\Roaming\mozilla\Extensions -> [2010/06/07 19:17:20 | 000,000,000 | ---D | M]
No name found   -> C:\Users\patrick\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} -> [2010/02/28 22:05:35 | 000,000,000 | ---D | M]
 -> C:\Users\patrick\AppData\Roaming\mozilla\Firefox\Profiles\6yt1wco1.default\extensions -> [2010/06/05 08:50:32 | 000,000,000 | ---D | M]
 -> C:\Users\patrick\AppData\Roaming\mozilla\Firefox\Profiles\pdf97g7x.default\extensions -> [2010/06/16 21:18:44 | 000,000,000 | ---D | M]
Adblock Plus   -> C:\Users\patrick\AppData\Roaming\mozilla\Firefox\Profiles\pdf97g7x.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} -> [2010/06/07 19:21:20 | 000,000,000 | ---D | M]
 -> C:\Users\patrick\AppData\Roaming\mozilla\Firefox\Profiles\pdf97g7x.default\extensions\DTToolbar@toolbarnet.com -> [2010/06/16 13:05:53 | 000,000,000 | ---D | M]
< FireFox SearchPlugins [user Folders] > -> 
< FireFox Extensions [Program Folders] > -> 
 -> C:\Program Files (x86)\Mozilla Firefox\extensions -> [2010/06/07 19:17:03 | 000,000,000 | ---D | M]
Java Console   -> C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} -> [2010/06/05 12:05:41 | 000,000,000 | ---D | M]
< HOSTS File > ([2010/06/05 18:12:02 | 000,000,000 | ---- | M] - 0 lines) -> C:\Windows\SysNative\Drivers\etc\hosts -> 
Reset Hosts
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 
{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [spybot-S&D IE Protection] -> [2009/01/26 16:31:02 | 001,879,896 | ---- | M] (Safer Networking Limited)
{9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll [Programme d'aide de l'Assistant de connexion Windows Live] -> [2009/01/22 16:41:30 | 000,408,448 | ---- | M] (Microsoft Corporation)
< 64bit-Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> 
"Locked" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> 
"Locked" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< Internet Explorer ToolBars [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\ -> 
WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\ -> 
WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\] > -> HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\Software\Microsoft\Internet Explorer\Toolbar\ -> 
WebBrowser\\"{30CEEEA2-3742-40E4-85DD-812BF1CBB83D}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< 64bit-Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"EPSON Stylus Photo RX520 Series" -> C:\Windows\SysNative\spool\DRIVERS\x64\3\E_FATIAGE.EXE [C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIAGE.EXE /F "C:\Windows\TEMP\E_S5CC3.tmp" /EF "HKLM"] -> [2005/04/07 05:00:00 | 000,098,304 | ---- | M] (SEIKO EPSON CORPORATION)
"IAAnotif" -> C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe [C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe] -> [2009/06/05 04:03:32 | 000,186,904 | ---- | M] (Intel Corporation)
"mwlDaemon" -> C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe] -> [2009/09/10 15:42:30 | 000,349,480 | ---- | M] (Egis Technology Inc.)
"RtHDVCpl" -> C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe] -> [2009/06/16 12:35:18 | 007,883,296 | ---- | M] (Realtek Semiconductor)
"Service Scheduler2 Acronis" -> C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe ["C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"] -> [2009/09/12 18:38:50 | 000,358,024 | ---- | M] (Acronis)
"Skytel" -> C:\Program Files\Realtek\Audio\HDA\Skytel.exe [C:\Program Files\Realtek\Audio\HDA\Skytel.exe] -> [2009/06/16 12:36:10 | 001,833,504 | ---- | M] (Realtek Semiconductor Corp.)
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"avgnt" -> C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe ["C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min] -> [2009/03/02 13:08:11 | 000,209,153 | ---- | M] (Avira GmbH)
"BackupManagerTray" -> C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe ["C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k] -> [2009/08/12 23:58:28 | 000,261,888 | ---- | M] (NewTech Infosystems, Inc.)
"EgisTecLiveUpdate" -> C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe ["C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"] -> [2009/08/04 07:09:34 | 000,199,464 | ---- | M] (Egis Technology Inc.)
"Hotkey Utility" -> C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe] -> [2009/08/18 09:27:26 | 000,629,280 | ---- | M] ()
"JMB36X IDE Setup" -> C:\Windows\RaidTool\xInsIDE.exe [C:\Windows\RaidTool\xInsIDE.exe] -> [2007/03/20 08:36:18 | 000,036,864 | ---- | M] ()
"TrueImageMonitor.exe" -> C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe] -> [2009/09/12 18:38:16 | 005,081,912 | ---- | M] (Acronis)
< Run [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"Sidebar" -> C:\Program Files (x86)\Windows Sidebar\Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun] -> [2009/07/14 03:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation)
< RunOnce [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce -> 
"mctadmin" -> C:\Windows\SysWow64\mctadmin.exe [C:\Windows\System32\mctadmin.exe] -> File not found
< Run [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"Sidebar" -> C:\Program Files (x86)\Windows Sidebar\Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun] -> [2009/07/14 03:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation)
< RunOnce [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce -> 
"mctadmin" -> C:\Windows\SysWow64\mctadmin.exe [C:\Windows\System32\mctadmin.exe] -> File not found
< Run [HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\] > -> HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"SUPERAntiSpyware" -> C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe] -> [2010/05/18 19:26:13 | 002,942,976 | ---- | M] (SUPERAntiSpyware.com)
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoActiveDesktop" ->  [1] -> File not found
\\"NoActiveDesktopChanges" ->  [1] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"ConsentPromptBehaviorAdmin" ->  [5] -> File not found
\\"ConsentPromptBehaviorUser" ->  [3] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats
< Internet Explorer Menu Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\MenuExt\ -> 
Google Sidewiki... -> C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll [res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html] -> File not found
< Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\MenuExt\ -> 
Google Sidewiki... -> C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll [res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html] -> File not found
< Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\] > -> HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\Software\Microsoft\Internet Explorer\MenuExt\ -> 
Google Sidewiki... -> C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll [res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html] -> File not found
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> 
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}:{5F7B1267-94A9-47F5-98DB-E99415F33AEC} [HKLM] -> C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll [button: Ajout Direct] -> [2009/07/26 21:17:14 | 000,186,192 | ---- | M] (Microsoft Corporation)
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}:{5F7B1267-94A9-47F5-98DB-E99415F33AEC} [HKLM] -> C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll [Menu: &Ajout Direct dans Windows Live Writer] -> [2009/07/26 21:17:14 | 000,186,192 | ---- | M] (Microsoft Corporation)
{2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll [button: Send to OneNote] -> [2009/02/26 19:45:52 | 000,603,040 | ---- | M] (Microsoft Corporation)
{2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll [Menu: S&end to OneNote] -> [2009/02/26 19:45:52 | 000,603,040 | ---- | M] (Microsoft Corporation)
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}:{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [Menu: Spybot - Search & Destroy Configuration] -> [2009/01/26 16:31:02 | 001,879,896 | ---- | M] (Safer Networking Limited)
< 64bit-Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> 
PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> 
PluginsPage -> [url=http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s]ActiveX Controls Gallery[/url] -> 
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> 
< 64bit-Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< 64bit-Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< 64bit-Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\] > -> HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 6869 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\] > -> HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> 
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> 
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> [url=http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab]http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab[/url] [Java Plug-in 1.6.0_20] -> 
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [HKLM] -> [url=http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab]http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab[/url] [Java Plug-in 1.6.0_20] -> 
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> [url=http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab]http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab[/url] [Java Plug-in 1.6.0_20] -> 
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> 
DhcpNameServer -> 192.168.1.1 -> 
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> 
{2FB1AC85-CD02-47E7-B89F-8C6DCDDF1F82}\\DhcpNameServer -> 192.168.1.1   (802.11n Wireless PCI Express Card LAN Adapter) -> 
{2FB1AC85-CD02-47E7-B89F-8C6DCDDF1F82}\\NameServer -> 91.188.60.223,8.8.8.8   (802.11n Wireless PCI Express Card LAN Adapter) -> 
{9709A052-9166-4307-8A65-8207AB2E70D9}\\DhcpNameServer -> 192.168.1.1   (Intel(R) 82578DC Gigabit Network Connection) -> 
{9709A052-9166-4307-8A65-8207AB2E70D9}\\NameServer -> 91.188.60.223,8.8.8.8   (Intel(R) 82578DC Gigabit Network Connection) -> 
< 64bit-Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
64bit-*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> 
explorer.exe -> C:\Windows\explorer.exe -> [2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
64bit-*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> 
SystemPropertiesPerformance.exe -> C:\Windows\SysNative\SystemPropertiesPerformance.exe -> [2009/07/14 03:39:47 | 000,082,432 | ---- | M] (Microsoft Corporation)
/pagefile ->  -> File not found
*MultiFile Done* -> -> 
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> 
Explorer.exe -> C:\Windows\SysWow64\explorer.exe -> [2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> 
SystemPropertiesPerformance.exe -> C:\Windows\SysWow64\SystemPropertiesPerformance.exe -> [2009/07/14 03:14:42 | 000,081,920 | ---- | M] (Microsoft Corporation)
/pagefile ->  -> File not found
*MultiFile Done* -> -> 
< 64bit-SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad -> 
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found
< SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad -> 
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found
< LSA Security Packages [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> 
64bit-*LSA Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> 
pku2u -> C:\Windows\SysNative\pku2u.dll -> [2009/07/14 03:41:53 | 000,240,640 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
*LSA Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> 
pku2u -> C:\Windows\SysWow64\pku2u.dll -> [2009/07/14 03:16:12 | 000,186,880 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
< Vista Active Firewall Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules -> 
{18359AD2-0B8C-45B0-BF5A-58F495C5B57A} -> lport=2869 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31277 | app=system | 
{25A43EA7-8C67-4982-8290-D91E8CE5C289} -> lport=1900 | protocol=17 | dir=in | action=allow | name=windows live messenger (ssdp-in) | app=svchost.exe | svc=ssdpsrv | 
{276068E7-AF64-462C-B6CB-227AC6C1C0D0} -> lport=2177 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31253 | app=%systemroot%\system32\svchost.exe | svc=qwave | 
{32974EC3-146A-4F04-A938-CE3B0790457A} -> lport=2869 | protocol=6 | dir=in | action=allow | name=windows live messenger (upnp-in) | app=system | 
{3EE9B627-BF93-48F3-944D-570354785806} -> rport=137 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28523 | app=system | 
{3F65A13C-9399-4318-9B08-CE77713E23AB} -> rport=445 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28515 | app=system | 
{6B0987B7-29F4-4442-A9A2-FAD44BF42258} -> lport=5355 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28548 | app=%systemroot%\system32\svchost.exe | svc=dnscache | 
{86D471BF-89D7-4CD9-96B6-3C2BA6CAA13A} -> rport=2177 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31257 | app=%systemroot%\system32\svchost.exe | svc=qwave | 
{8D7D87A9-05B8-49FF-8D94-CD90BB8DEAC4} -> lport=2177 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31261 | app=%systemroot%\system32\svchost.exe | svc=qwave | 
{93CAEE23-0757-4165-B52B-40C2A7DD20A8} -> lport=rpc-epmap | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28539 | svc=rpcss | 
{9928FB15-C12E-4038-9DB5-68D5313041C1} -> rport=1900 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31273 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv | 
{A1718E83-7D1E-4D8F-9CF0-7517FD1A331E} -> lport=138 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28527 | app=system | 
{AE01AB13-07CD-4497-8F5F-44561C3D4B62} -> rport=2177 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31265 | app=%systemroot%\system32\svchost.exe | svc=qwave | 
{B3F76739-60DF-4506-B607-762192F586DA} -> lport=139 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28503 | app=system | 
{D3449C76-F140-4FE1-92BC-74CDEC533C42} -> rport=138 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28531 | app=system | 
{D412E4EA-ECA5-476A-B99B-191C3877A8FA} -> lport=445 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28511 | app=system | 
{D5ACACB0-5034-46B6-BEAF-E3BF8AC4DD71} -> lport=137 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28519 | app=system | 
{D7A73857-663B-48E4-8EEE-0BF787DAD2C3} -> rport=10243 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31289 | app=system | 
{DF366AB8-9470-421C-92A9-BA7A85A1077E} -> lport=rpc | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28535 | app=%systemroot%\system32\spoolsv.exe | svc=spooler | 
{DFA3DB4E-A747-46A4-BBB7-4BB72496F836} -> rport=5355 | profile=public | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28550 | app=%systemroot%\system32\svchost.exe | svc=dnscache | 
{EB3E1131-E07C-4B6F-BC15-E59222C8C897} -> lport=10243 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31285 | app=system | 
{EBFAB743-D153-4B05-8352-221F0BEE53F5} -> lport=5355 | profile=public | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28548 | app=%systemroot%\system32\svchost.exe | svc=dnscache | 
{FBE41EA0-655D-4F51-B369-FCE7000CB56D} -> rport=5355 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28550 | app=%systemroot%\system32\svchost.exe | svc=dnscache | 
{FC893513-6025-466C-97B4-4A03A1725585} -> lport=1900 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31269 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv | 
{FF1DA44D-5488-46ED-AC67-A485D4B9BF85} -> rport=139 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28507 | app=system | 
< Vista Active Application Exception Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules -> 
{0958D5CF-7303-4555-9E81-9273E3BD2A56} -> profile=private | protocol=6 | dir=in | action=allow | name=orb stream client | app=c:\program files (x86)\orb networks\orb\bin\orbstreamerclient.exe | 
{0A4DE9FE-A173-4AE6-AC5A-B1C5D2F13B36} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31301 | app=%programfiles%\windows media player\wmplayer.exe | 
{17023B65-32FA-4962-BB0F-27A92AC5B459} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31007 | app=%programfiles%\windows media player\wmplayer.exe | 
{19ED6D48-8F30-4DAE-862B-FBFA30BA6345} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31023 | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
{1C110EE1-B234-4A80-A111-57945728FACC} -> profile=private | protocol=6 | dir=in | action=allow | name=pnkbstrb | app=c:\windows\syswow64\pnkbstrb.exe | 
{1DFBC5D5-3D73-44CE-899B-65A45D93B195} -> profile=private | protocol=6 | dir=in | action=allow | name=itunes | app=c:\program files (x86)\itunes\itunes.exe | 
{1FC3D48B-4DFE-4C23-A950-8FC214DBB6D3} -> dir=in | action=allow | name=windows live messenger | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
{21698BF3-CD67-4FEE-94D8-2FB3A726EA66} -> profile=private | protocol=17 | dir=in | action=allow | name=ktf music aod server | app=c:\program files (x86)\samsung\samsung new pc studio\npsasvr.exe | 
{26688A3E-08A9-4DE7-ADDD-E1C31A3E27E4} -> profile=public | protocol=6 | dir=in | action=allow | name=rlvknlg.exe | app=c:\program files (x86)\relevantknowledge\rlvknlg.exe | 
{2D201402-82B1-4DA4-8492-C7E7A90D1094} -> dir=in | action=allow | name=acer play movie | app=c:\program files (x86)\acer arcade deluxe\playmovie\playmovie.exe | 
{306CA939-DE51-4A77-B32E-DD88A6B40ADC} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31297 | app=%programfiles%\windows media player\wmplayer.exe | 
{38725F7D-728D-4223-AD7A-BE447D71551E} -> dir=in | action=allow | name=acer homemedia | app=c:\program files (x86)\acer arcade deluxe\homemedia\homemedia.exe | 
{390EF0C4-02FB-4DE3-9EF9-46882873FC39} -> profile=private | protocol=17 | dir=in | action=allow | name=orbtvguide | app=c:\program files (x86)\orb networks\orb\bin\xmltv.exe | 
{3ABCB612-6512-453B-ADC6-A17A9BFE7F3E} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31293 | app=%programfiles%\windows media player\wmplayer.exe | 
{3D29D795-E30C-4D82-8875-72E47D3185D2} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31011 | app=%programfiles%\windows media player\wmplayer.exe | 
{426BDD87-DCF5-49D0-B0DB-46B91F58F579} -> profile=public | protocol=6 | dir=in | action=allow | name=microsoft office onenote | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
{43BC474D-C0BA-403D-9486-08B2C0228DE5} -> profile=private | protocol=6 | dir=in | action=allow | name=ktf music vod server | app=c:\program files (x86)\samsung\samsung new pc studio\npsvsvr.exe | 
{47B1E935-11DF-43F3-9406-543AEEB327A1} -> profile=private | protocol=6 | dir=in | action=allow | name=orbchannelscan | app=c:\program files (x86)\orb networks\orb\bin\orbchannelscan.exe | 
{4A335D86-959A-4E74-A87D-D3BF344B143D} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31025 | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
{4C754EA4-D340-4D5B-B575-700F49F0B8BB} -> profile=private | protocol=1 | dir=in | action=allow | name=@firewallapi.dll,-28543 | 
{4CBF61BE-2976-4A74-9D3C-CB31C0C2EF3D} -> profile=private | protocol=17 | dir=in | action=allow | name=itunes | app=c:\program files (x86)\itunes\itunes.exe | 
{5026C635-B4A7-4630-954F-86AC09E2296F} -> profile=private | protocol=1 | dir=out | action=allow | name=@firewallapi.dll,-28544 | 
{528CCDC5-DE46-41FD-941C-04CCD5779496} -> profile=public | protocol=6 | dir=in | action=allow | name=s.t.a.l.k.e.r. - shadow of chernobyl (srv) | app=c:\program files (x86)\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\dedicated\xr_3da.exe | 
{5D603792-C6A7-4696-B8DE-259532379B0D} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31317 | app=%programfiles%\windows media player\wmpnetwk.exe | 
{5DD8EA31-06F8-40D7-AB46-3069FA3D5044} -> profile=private | protocol=17 | dir=in | action=allow | name=orbchannelscan | app=c:\program files (x86)\orb networks\orb\bin\orbchannelscan.exe | 
{659ED95C-F968-47CC-9F25-0E4D7624F7FF} -> profile=private | protocol=6 | dir=in | action=allow | name=service bonjour | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
{65D749D0-61B9-452D-B7BB-045D7ED13216} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31281 | app=system | 
{72C64D90-BA69-445E-9131-D121B18E4A77} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31321 | app=%systemroot%\system32\svchost.exe | svc=upnphost | 
{7E80573C-D38B-4AC1-BB0A-3EE5294FD622} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31024 | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
{7F62B163-BB85-4124-8640-2D7FCBBAA254} -> profile=private | protocol=17 | dir=in | action=allow | name=ktf music vod server | app=c:\program files (x86)\samsung\samsung new pc studio\npsvsvr.exe | 
{870BEDC2-8875-4C31-8C9B-5461FE1C1B89} -> profile=private | protocol=6 | dir=in | action=allow | name=ktf music aod server | app=c:\program files (x86)\samsung\samsung new pc studio\npsasvr.exe | 
{8C1FA035-EA2C-4223-9396-A4B7107E662A} -> profile=private | protocol=6 | dir=in | action=allow | name=orbtvguide | app=c:\program files (x86)\orb networks\orb\bin\xmltv.exe | 
{9120C20C-2293-4094-B8DD-C6B1020ED8B8} -> profile=private | protocol=6 | dir=in | action=allow | name=orbir | app=c:\program files (x86)\orb networks\orb\bin\orbir.exe | 
{9166E47C-143A-4454-BF0C-0A3A53400528} -> profile=private | protocol=6 | dir=in | action=allow | name=orbtray | app=c:\program files (x86)\orb networks\orb\bin\orbtray.exe | 
{926A882C-701D-4941-83F1-06AB71B18B41} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31305 | app=%programfiles%\windows media player\wmpnetwk.exe | 
{967D5165-8E8E-4F8C-A6D3-ADE776A58F0B} -> dir=in | action=allow | name=windows live foldershare | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | 
{9BD2C2C2-B45E-431E-AAAB-FBAFF7C8DE16} -> profile=public | protocol=6 | dir=in | action=allow | name=s.t.a.l.k.e.r. - shadow of chernobyl (cli) | app=c:\program files (x86)\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe | 
{9CF45DEC-6568-4816-8975-6D9B1739AA3E} -> dir=in | action=allow | name=windows live call | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe | 
{A63A7C47-4FD4-4818-AA7F-9FFB075060EF} -> profile=private | protocol=17 | dir=in | action=allow | name=orb stream client | app=c:\program files (x86)\orb networks\orb\bin\orbstreamerclient.exe | 
{A73423F9-1229-4E87-AE16-8F21531F06FD} -> profile=domain | dir=in | action=allow | name=mcafee network agent | app=c:\program files (x86)\common files\mcafee\mna\mcnasvc.exe | 
{ADFF8052-23FB-4197-8613-DF526DE74E4A} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31309 | app=%programfiles%\windows media player\wmpnetwk.exe | 
{B028B1EE-95DB-48D5-8684-2A40F4221B9D} -> profile=private | protocol=6 | dir=in | action=allow | name=orb | app=c:\program files (x86)\orb networks\orb\bin\orb.exe | 
{B16568BD-7C81-4CF8-98E4-A0B9618CC4D4} -> dir=in | action=allow | name=acer play movie resident program | app=c:\program files (x86)\acer arcade deluxe\playmovie\pmvservice.exe | 
{B67EA0F3-7CFB-4DC6-A467-2A7BB78FB282} -> profile=private | protocol=58 | dir=out | action=allow | name=@firewallapi.dll,-28546 | 
{B6BC20F5-7B99-415F-82E9-8CEA1290BD06} -> profile=private | protocol=58 | dir=in | action=allow | name=@firewallapi.dll,-28545 | 
{B8652142-F31D-4700-BFB5-EB23423A38D9} -> profile=private | protocol=17 | dir=in | action=allow | name=pnkbstrb | app=c:\windows\syswow64\pnkbstrb.exe | 
{BDE2806D-EAF6-44D3-898A-072E553C72A8} -> profile=private | protocol=17 | dir=in | action=allow | name=pnkbstra | app=c:\windows\syswow64\pnkbstra.exe | 
{C0B26F4E-9A20-4F22-A340-5CCEAD792365} -> profile=public | protocol=17 | dir=in | action=allow | name=microsoft office onenote | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
{C0BA3DB3-B627-48EA-AF5F-45E2575DDEE9} -> profile=public | protocol=17 | dir=in | action=allow | name=rlvknlg.exe | app=c:\program files (x86)\relevantknowledge\rlvknlg.exe | 
{C540243C-FAD5-4D2D-A40D-4C70077DD75E} -> profile=private | protocol=6 | dir=in | action=allow | name=pnkbstra | app=c:\windows\syswow64\pnkbstra.exe | 
{C94E2486-A642-44DC-BEB9-CDFFD722C4E1} -> profile=private | protocol=17 | dir=in | action=allow | name=orbir | app=c:\program files (x86)\orb networks\orb\bin\orbir.exe | 
{CEC0C5F2-D26E-4044-95ED-1745C7EB7771} -> dir=in | action=allow | name=acer arcade deluxe | app=c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe | 
{D03F093B-7C92-4BAE-ADE0-5B32C78667B7} -> profile=private | protocol=17 | dir=in | action=allow | name=service bonjour | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
{DD010D42-2B61-4C48-B2BB-8FCAB0B47687} -> profile=public | protocol=17 | dir=in | action=allow | name=s.t.a.l.k.e.r. - shadow of chernobyl (srv) | app=c:\program files (x86)\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\dedicated\xr_3da.exe | 
{DFEE985C-AEE8-419F-BA7E-6DDFC5BE56A1} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31003 | app=%programfiles%\windows media player\wmplayer.exe | 
{E28C44D2-3E41-461D-BB43-D048F8C812FB} -> profile=public | protocol=17 | dir=in | action=allow | name=s.t.a.l.k.e.r. - shadow of chernobyl (cli) | app=c:\program files (x86)\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe | 
{E3E5985E-3339-4F41-AAC9-F9504600208D} -> profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31313 | app=%programfiles%\windows media player\wmpnetwk.exe | 
{F7A5B25A-788B-4A13-9D03-8B614F6F9254} -> profile=private | protocol=17 | dir=in | action=allow | name=orb | app=c:\program files (x86)\orb networks\orb\bin\orb.exe | 
{FF6C1EAD-5A95-45B5-BBC2-3CC966150B8B} -> profile=private | protocol=17 | dir=in | action=allow | name=orbtray | app=c:\program files (x86)\orb networks\orb\bin\orbtray.exe | 
TCP Query User{2E246960-EC91-4EF0-B5F5-522DCCE5717D}C:\program files (x86)\java\jre6\bin\javaw.exe -> profile=private | protocol=6 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
TCP Query User{3E8A96FC-444F-4395-A438-B327D8EC586C}C:\program files (x86)\orb networks\orb\bin\orbtray.exe -> profile=public | protocol=6 | dir=in | action=block | name=orb | app=c:\program files (x86)\orb networks\orb\bin\orbtray.exe | 
TCP Query User{626C76D4-6EC3-4E24-819E-3D0DB8EB08BF}C:\program files (x86)\gigatribe\gigatribe.exe -> profile=private | protocol=6 | dir=in | action=allow | name=gigatribe | app=c:\program files (x86)\gigatribe\gigatribe.exe | 
TCP Query User{BB0C1DA5-EC6E-4DD7-8A80-F94CEA18469A}C:\program files (x86)\orb networks\orb\bin\orb.exe -> profile=public | protocol=6 | dir=in | action=block | name=orb application | app=c:\program files (x86)\orb networks\orb\bin\orb.exe | 
UDP Query User{0CBADD32-1BED-4121-B54B-4B44A6CC9F95}C:\program files (x86)\gigatribe\gigatribe.exe -> profile=private | protocol=17 | dir=in | action=allow | name=gigatribe | app=c:\program files (x86)\gigatribe\gigatribe.exe | 
UDP Query User{43318E42-CFC7-4672-87B8-085E8CD9780A}C:\program files (x86)\java\jre6\bin\javaw.exe -> profile=private | protocol=17 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
UDP Query User{BBC1B8F1-87D3-4538-A624-97D2753BAF22}C:\program files (x86)\orb networks\orb\bin\orb.exe -> profile=public | protocol=17 | dir=in | action=block | name=orb application | app=c:\program files (x86)\orb networks\orb\bin\orb.exe | 
UDP Query User{E6D73433-E7C9-4148-8530-81D2DE1BF279}C:\program files (x86)\orb networks\orb\bin\orbtray.exe -> profile=public | protocol=17 | dir=in | action=block | name=orb | app=c:\program files (x86)\orb networks\orb\bin\orbtray.exe | 
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> 
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 -> 
"DisplayName" -> Pilote de CD-ROM -> 
"ImagePath" -> C:\Windows\SysNative\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2009/07/14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation)
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> 
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command -> 
64bit-comfile [open] -> "%1" %* -> File not found
64bit-exefile [open] -> "%1" %* -> File not found
comfile [open] -> "%1" %* -> 
exefile [open] -> "%1" %* -> 
< 64bit-File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ -> 
.com [@ = comfile] -> "%1" %* -> 
.exe [@ = exefile] -> "%1" %* -> 
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ -> 
.com [@ = comfile] -> "%1" %* -> 
.exe [@ = exefile] -> "%1" %* -> 

[Registry - Additional Scans - Safe List]
< 64bit-ActiveX StubPath [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\ -> 
{22d6f312-b0f6-11d0-94ab-0080c74c7e95} [HKLM] -> C:\Windows\SysNative\wmpdxm.dll [(default): Microsoft Windows Media Player 12.0; IsInstalled: 1] -> [2009/07/14 03:41:57 | 000,358,400 | ---- | M] (Microsoft Corporation)
{2C7339CF-2B09-4501-B3F3-F3508C9228ED} [stubPath] -> %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [(default): Themes Setup; IsInstalled: 1] -> 
{3af36230-a269-11d1-b5bf-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Offline Browsing Pack; IsInstalled: 1] -> File not found
{44BBA840-CC51-11CF-AAFA-00AA00B6015C} [stubPath] -> "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE [(default): Microsoft Windows; IsInstalled: 1] -> 
{44BBA855-CC51-11CF-AAFA-00AA00B6015F} [HKLM] -> Reg Error: Key error. [(default): DirectDrawEx; IsInstalled: 1] -> File not found
{45ea75a0-a269-11d1-b5bf-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Help; IsInstalled: 1] -> File not found
{4f645220-306d-11d2-995d-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): Microsoft Windows Script 5.6; IsInstalled: 1] -> File not found
{5fd399c0-a70a-11d1-9948-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Setup Tools; IsInstalled: 1] -> File not found
{630b1da0-b465-11d1-9948-00c04f98bbc9} [KeyFileName] -> Reg Error: Value error. [(default): Browsing Enhancements; IsInstalled: 1] -> File not found
{6BF52A52-394A-11d3-B153-00C04F79FAA6} [stubPath] -> %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI [(default): Microsoft Windows Media Player; IsInstalled: 1] -> 
{6fab99d0-bab8-11d1-994a-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): MSN Site Access; IsInstalled: 1] -> File not found
{7790769C-0471-11d2-AF11-00C04FA35D02} [HKLM] -> Reg Error: Key error. [(default): Address Book 7; IsInstalled: 1] -> File not found
{89820200-ECBD-11cf-8B85-00AA005B4340} [stubPath] -> regsvr32.exe /s /n /i:U shell32.dll [(default): Windows Desktop Update; IsInstalled: 1] -> 
{89820200-ECBD-11cf-8B85-00AA005B4383} [stubPath] -> C:\Windows\System32\ie4uinit.exe -BaseSettings [(default): Web Platform Customizations; IsInstalled: 1] -> 
{89B4C1CD-B018-4511-B0A1-5476DBF70820} [stubPath] -> C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install [ComponentID: DOTNETFRAMEWORKS; IsInstalled: 1] -> 
{9381D8F2-0288-11D0-9501-00AA00B911A5} [HKLM] -> Reg Error: Key error. [(default): Dynamic HTML Data Binding; IsInstalled: 1] -> File not found
{C9E9A340-D1F1-11D0-821E-444553540600} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Core Fonts; IsInstalled: 1] -> File not found
{de5aed00-a4bf-11d1-9948-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): HTML Help; IsInstalled: 1] -> File not found
{E92B03AB-B707-11d2-9CBD-0000F87A369E} [HKLM] -> Reg Error: Key error. [(default): Active Directory Service Interface; IsInstalled: 1] -> File not found
{FEBEF00C-046D-438D-8A88-BF94A6C9E703} [HKLM] -> Reg Error: Key error. [(default): .NET Framework] -> File not found
>{22d6f312-b0f6-11d0-94ab-0080c74c7e95} [stubPath] -> %SystemRoot%\system32\unregmp2.exe /ShowWMP [(default): Microsoft Windows Media Player; IsInstalled: 0] -> 
>{26923b43-4d38-484f-9b9e-de460746276c} [stubPath] -> C:\Windows\System32\ie4uinit.exe -UserIconConfig [(default): Internet Explorer; IsInstalled: 1] -> 
>{60B49E34-C7CC-11D0-8953-00A0C90347FF} [stubPath] -> "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP [(default): Browser Customizations; IsInstalled: 1] -> 
< ActiveX StubPath [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\ -> 
{08B0E5C0-4FCB-11CF-AAA5-00401C608500} [KeyFileName] -> C:\Program Files (x86)\Java\jre6\bin\regutils.dll [(default): Java (Sun); IsInstalled: 1] -> [2010/04/12 18:35:02 | 000,270,336 | ---- | M] (Sun Microsystems, Inc.)
{22d6f312-b0f6-11d0-94ab-0080c74c7e95} [HKLM] -> C:\Windows\SysWOW64\wmpdxm.dll [(default): Microsoft Windows Media Player 12.0; IsInstalled: 1] -> [2009/07/14 03:16:19 | 000,299,520 | ---- | M] (Microsoft Corporation)
{2C7339CF-2B09-4501-B3F3-F3508C9228ED} [stubPath] -> %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [(default): Themes Setup; IsInstalled: 1] -> 
{3af36230-a269-11d1-b5bf-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Offline Browsing Pack; IsInstalled: 1] -> File not found
{44BBA840-CC51-11CF-AAFA-00AA00B6015C} [stubPath] -> "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE [(default): Microsoft Windows; IsInstalled: 1] -> 
{44BBA855-CC51-11CF-AAFA-00AA00B6015F} [HKLM] -> Reg Error: Key error. [(default): DirectDrawEx; IsInstalled: 1] -> File not found
{45ea75a0-a269-11d1-b5bf-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Help; IsInstalled: 1] -> File not found
{4f645220-306d-11d2-995d-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): Microsoft Windows Script 5.6; IsInstalled: 1] -> File not found
{5fd399c0-a70a-11d1-9948-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Setup Tools; IsInstalled: 1] -> File not found
{630b1da0-b465-11d1-9948-00c04f98bbc9} [KeyFileName] -> C:\Windows\SysWOW64\msieftp.dll [(default): Browsing Enhancements; IsInstalled: 1] -> [2009/07/14 03:15:44 | 000,301,568 | ---- | M] (Microsoft Corporation)
{6BF52A52-394A-11d3-B153-00C04F79FAA6} [stubPath] -> %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI [(default): Microsoft Windows Media Player; IsInstalled: 1] -> 
{6fab99d0-bab8-11d1-994a-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): MSN Site Access; IsInstalled: 1] -> File not found
{7790769C-0471-11d2-AF11-00C04FA35D02} [HKLM] -> Reg Error: Key error. [(default): Address Book 7; IsInstalled: 1] -> File not found
{7C028AF8-F614-47B3-82DA-BA94E41B1089} [HKLM] -> Reg Error: Key error. [(default): .NET Framework] -> File not found
{89820200-ECBD-11cf-8B85-00AA005B4340} [stubPath] -> regsvr32.exe /s /n /i:U shell32.dll [(default): Windows Desktop Update; IsInstalled: 1] -> 
{89820200-ECBD-11cf-8B85-00AA005B4383} [stubPath] -> C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings [(default): Web Platform Customizations; IsInstalled: 1] -> 
{89B4C1CD-B018-4511-B0A1-5476DBF70820} [stubPath] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install [ComponentID: DOTNETFRAMEWORKS; IsInstalled: 1] -> 
{9381D8F2-0288-11D0-9501-00AA00B911A5} [HKLM] -> Reg Error: Key error. [(default): Dynamic HTML Data Binding; IsInstalled: 1] -> File not found
{C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} [HKLM] -> Reg Error: Key error. [(default): .NET Framework] -> File not found
{C9E9A340-D1F1-11D0-821E-444553540600} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Core Fonts; IsInstalled: 1] -> File not found
{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} [HKLM] -> Reg Error: Key error. [(default): .NET Framework] -> File not found
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\Windows\SysWOW64\Macromed\Flash\Flash10h.ocx [(default): Adobe Flash Player; IsInstalled: 01 00 00 00  [binary data]] -> [2010/06/12 18:25:27 | 005,712,336 | R--- | M] (Adobe Systems, Inc.)
{de5aed00-a4bf-11d1-9948-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): HTML Help; IsInstalled: 1] -> File not found
{E92B03AB-B707-11d2-9CBD-0000F87A369E} [HKLM] -> Reg Error: Key error. [(default): Active Directory Service Interface; IsInstalled: 1] -> File not found
>{22d6f312-b0f6-11d0-94ab-0080c74c7e95} [stubPath] -> %SystemRoot%\system32\unregmp2.exe /ShowWMP [(default): Microsoft Windows Media Player; IsInstalled: 0] -> 
>{26923b43-4d38-484f-9b9e-de460746276c} [stubPath] -> C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig [(default): Internet Explorer; IsInstalled: 1] -> 
>{60B49E34-C7CC-11D0-8953-00A0C90347FF} [stubPath] -> "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP [(default): Browser Customizations; IsInstalled: 1] -> 
< ActiveX StubPath [HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\] > -> HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\ -> 
{2C7339CF-2B09-4501-B3F3-F3508C9228ED} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found
{44BBA840-CC51-11CF-AAFA-00AA00B6015C} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found
{6BF52A52-394A-11d3-B153-00C04F79FAA6} [HKLM] -> C:\Windows\SysWOW64\wmp.dll [HKLM: Windows Media Player] -> [2009/08/29 08:59:32 | 011,406,336 | ---- | M] (Microsoft Corporation)
{89820200-ECBD-11cf-8B85-00AA005B4340} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found
{89820200-ECBD-11cf-8B85-00AA005B4383} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found
{89B4C1CD-B018-4511-B0A1-5476DBF70820} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found
>{26923b43-4d38-484f-9b9e-de460746276c} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found
>{60B49E34-C7CC-11D0-8953-00A0C90347FF} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found
< 64bit-App Paths [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ -> 
7zFM.exe -> C:\Program Files (x86)\7-Zip\7zFM.exe [C:\Program Files (x86)\7-Zip\7zFM.exe] -> [2009/02/03 09:10:08 | 000,388,096 | ---- | M] (Igor Pavlov)
AcroRd32.exe -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe [C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe] -> [2010/04/04 07:57:52 | 000,349,616 | ---- | M] (Adobe Systems Incorporated)
BackupManager.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found
ccleaner.exe -> C:\Program Files (x86)\CCleaner\CCleaner.exe [C:\Program Files (x86)\CCleaner\ccleaner.exe] -> [2010/05/25 18:08:54 | 001,694,520 | ---- | M] (Piriform Ltd)
cmmgr32.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found
dvdmaker.exe -> C:\Program Files\DVD Maker\dvdmaker.exe [%ProgramFiles%\DVD Maker\dvdmaker.exe] -> [2009/07/14 03:39:08 | 002,258,432 | ---- | M] (Microsoft Corporation)
ECOPY.EXE -> C:\Program Files (x86)\epson\Creativity Suite\Copy Utility\ECOPY.EXE [C:\Program Files (x86)\EPSON\Creativity Suite\Copy Utility\ECOPY.exe] -> [2004/10/08 01:00:02 | 000,716,800 | ---- | M] (SEIKO EPSON CORP.)
Escfg.exe -> C:\Windows\twain_32\escndv\escfg.exe [C:\Windows\twain_32\escndv\Escfg.exe] -> [2006/10/04 01:00:00 | 000,182,424 | ---- | M] (SEIKO EPSON CORP.)
Escndv.exe -> C:\Windows\twain_32\escndv\escndv.exe [C:\Windows\twain_32\escndv\Escndv.exe] -> [2006/03/08 01:00:00 | 000,118,784 | ---- | M] (SEIKO EPSON CORP.)
firefox.exe -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe [C:\Program Files (x86)\Mozilla Firefox\firefox.exe] -> [2010/04/01 20:01:50 | 000,910,296 | ---- | M] (Mozilla Corporation)
fsquirt.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found
install.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found
iTunes.exe -> C:\Program Files (x86)\iTunes\iTunes.exe [C:\Program Files (x86)\iTunes\iTunes.exe] -> [2010/04/28 15:06:24 | 010,358,568 | ---- | M] (Apple Inc.)
IZArc -> C:\Program Files (x86)\IZArc\IZArc.exe [C:\Program Files (x86)\IZArc\IZArc.exe] -> [2009/11/23 11:27:36 | 002,850,304 | ---- | M] ()
javaws.exe -> C:\Program Files (x86)\Java\jre6\bin\javaws.exe [C:\Program Files (x86)\Java\jre6\bin\javaws.exe] -> [2010/06/05 12:05:37 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.)
Journal.exe -> C:\Program Files\Windows Journal\Journal.exe [%ProgramFiles%\Windows Journal\Journal.exe] -> [2009/07/14 03:39:14 | 002,164,224 | ---- | M] (Microsoft Corporation)
mbam.exe -> C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe [C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe] -> [2010/04/29 15:39:32 | 001,090,952 | ---- | M] (Malwarebytes Corporation)
mip.exe -> C:\Program Files\Common Files\Microsoft Shared\Ink\mip.exe [%CommonProgramFiles%\Microsoft Shared\Ink\mip.exe] -> [2009/07/14 03:39:19 | 001,547,264 | ---- | M] (Microsoft Corporation)
mplayer2.exe -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe [%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe] -> [2009/08/29 08:56:10 | 000,164,864 | ---- | M] (Microsoft Corporation)
MSNMSGR.EXE -> C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe] -> [2009/07/26 17:44:52 | 003,883,856 | ---- | M] (Microsoft Corporation)
MsoHtmEd.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found
msoxmled.exe -> C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLED.EXE [C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSOXMLED.EXE] -> [2006/10/27 06:41:50 | 000,059,152 | ---- | M] (Microsoft Corporation)
msworks.exe -> c:\Program Files (x86)\Microsoft Works\MSWorks.exe [c:\Program Files (x86)\Microsoft Works\msworks.exe] -> [2007/06/20 23:03:56 | 000,644,448 | ---- | M] (Microsoft® Corporation)
NewPCStudio.exe -> C:\Program Files (x86)\Samsung\Samsung New PC Studio\ [C:\Program Files (x86)\Samsung\Samsung New PC Studio\] -> [2010/05/26 16:03:42 | 000,000,000 | ---D | M]
ois.exe -> C:\Program Files (x86)\Microsoft Office\Office12\OIS.EXE [C:\PROGRA~2\MICROS~1\Office12\OIS.EXE] -> [2008/11/04 02:24:48 | 000,274,808 | ---- | M] (Microsoft Corporation)
OneNote.exe -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTE.EXE [C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE] -> [2009/02/26 15:24:50 | 001,001,840 | ---- | M] (Microsoft Corporation)
pbrush.exe -> C:\Windows\SysNative\mspaint.exe [%SystemRoot%\System32\mspaint.exe] -> [2009/07/14 03:39:24 | 006,676,480 | ---- | M] (Microsoft Corporation)
PhotoImpression.exe -> C:\Program Files (x86)\ArcSoft\PhotoImpression 5\photoimpression.exe [C:\Program Files (x86)\ArcSoft\PhotoImpression 5\PhotoImpression.exe] -> [2005/03/14 16:30:28 | 000,135,168 | ---- | M] (ArcSoft Inc.)
pi.exe -> C:\Program Files (x86)\Microsoft Digital Image 10\pi.exe [C:\Program Files (x86)\Microsoft Digital Image 10\pi.exe] -> [2004/06/12 12:40:16 | 000,424,448 | ---- | M] (Microsoft Corporation)
PictureViewer.exe -> C:\Program Files (x86)\QuickTime\PictureViewer.exe [C:\Program Files (x86)\QuickTime\PictureViewer.exe] -> [2010/03/17 21:53:32 | 000,557,056 | ---- | M] (Apple Inc.)
PlayMovie.exe -> C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PlayMovie.mcl [C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PlayMovie.mcl] -> [2009/09/29 11:51:14 | 000,000,465 | ---- | M] ()
Pod.exe -> C:\Program Files (x86)\Microsoft Digital Image 10\Pod.exe [C:\Program Files (x86)\Microsoft Digital Image 10\Pod.exe] -> [2004/06/12 12:35:14 | 000,035,328 | ---- | M] (Microsoft Corporation)
PowerCinema -> C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe [C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe] -> [2009/09/29 12:31:56 | 000,353,576 | ---- | M] (Acer Incorporated)
powerpnt.exe -> C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE [C:\PROGRA~2\MICROS~1\Office12\POWERPNT.EXE] -> [2009/02/26 14:06:28 | 000,521,080 | ---- | M] (Microsoft Corporation)
PowerShell.exe -> C:\Windows\SysNative\WindowsPowerShell\v1.0\powershell.exe [%SystemRoot%\system32\WindowsPowerShell\v1.0\PowerShell.exe] -> [2009/07/14 03:39:20 | 000,473,600 | ---- | M] (Microsoft Corporation)
QuickTimePlayer.exe -> C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe [C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe] -> [2010/03/17 23:28:24 | 001,230,128 | ---- | M] (Apple Inc.)
sbase.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\sbase.exe [C:\Program Files (x86)\OpenOffice.org 3\program\sbase.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org)
scalc.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\scalc.exe [C:\Program Files (x86)\OpenOffice.org 3\program\scalc.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org)
sdraw.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\sdraw.exe [C:\Program Files (x86)\OpenOffice.org 3\program\sdraw.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org)
setup.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found
simpress.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\simpress.exe [C:\Program Files (x86)\OpenOffice.org 3\program\simpress.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org)
smath.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\smath.exe [C:\Program Files (x86)\OpenOffice.org 3\program\smath.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org)
SnippingTool.exe -> C:\Windows\SysNative\SnippingTool.exe [%SystemRoot%\system32\SnippingTool.exe] -> [2009/07/14 03:39:41 | 000,431,104 | ---- | M] (Microsoft Corporation)
soffice.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe [C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe] -> [2010/05/21 00:58:46 | 011,318,784 | ---- | M] (OpenOffice.org)
SoftDMA.exe -> C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe [C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe] -> [2009/09/25 11:48:14 | 000,334,392 | ---- | M] (Acer Incorporated)
swriter.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\swriter.exe [C:\Program Files (x86)\OpenOffice.org 3\program\swriter.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org)
table30.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found
TabTip.exe -> C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [%CommonProgramFiles%\microsoft shared\ink\TabTip.exe] -> [2009/07/14 03:39:47 | 000,224,256 | ---- | M] (Microsoft Corporation)
thunderbird.exe -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe [C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe] -> [2010/03/31 07:46:49 | 011,957,424 | ---- | M] (Mozilla Messaging)
unopkg.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\unopkg.exe [C:\Program Files (x86)\OpenOffice.org 3\program\unopkg.exe] -> [2010/05/20 07:01:10 | 000,010,752 | ---- | M] ()
wab.exe -> C:\Program Files\Windows Mail\wab.exe [%ProgramFiles%\Windows Mail\wab.exe] -> [2009/07/14 03:39:50 | 000,516,608 | ---- | M] (Microsoft Corporation)
wabmig.exe -> C:\Program Files\Windows Mail\wabmig.exe [%ProgramFiles%\Windows Mail\wabmig.exe] -> [2009/07/14 03:39:50 | 000,067,584 | ---- | M] (Microsoft Corporation)
WinRAR.exe -> C:\Program Files\WinRAR\WinRAR.exe [C:\Program Files\WinRAR\WinRAR.exe] -> [2010/03/15 11:26:36 | 001,090,560 | ---- | M] ()
Winword.exe -> C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE [C:\PROGRA~2\MICROS~1\Office12\WINWORD.EXE] -> [2010/04/09 19:05:06 | 000,408,936 | ---- | M] (Microsoft Corporation)
WKSAB.EXE -> c:\Program Files (x86)\Microsoft Works\wksab.exe [c:\Program Files (x86)\Microsoft Works\WKSAB.exe] -> [2007/06/20 23:04:22 | 000,020,832 | ---- | M] (Microsoft® Corporation)
wkscal.exe -> c:\Program Files (x86)\Microsoft Works\WksCal.exe [c:\PROGRA~2\MICROS~2\WksCal.exe] -> [2007/06/20 23:04:22 | 000,722,272 | ---- | M] (Microsoft® Corporation)
wksdb.exe -> c:\Program Files (x86)\Microsoft Works\wksdb.exe [c:\Program Files (x86)\Microsoft Works\wksdb.exe] -> [2007/06/20 23:04:22 | 001,242,464 | ---- | M] (Microsoft® Corporation)
WKSSB.EXE -> c:\Program Files (x86)\Microsoft Works\WksSb.exe [c:\Program Files (x86)\Microsoft Works\WKSSB.exe] -> [2007/06/20 23:04:22 | 001,099,104 | ---- | M] (Microsoft® Corporation)
wksss.exe -> c:\Program Files (x86)\Microsoft Works\wksss.exe [c:\Program Files (x86)\Microsoft Works\wksss.exe] -> [2007/06/20 23:04:24 | 000,947,552 | ---- | M] (Microsoft® Corporation)
wkswp.exe -> c:\Program Files (x86)\Microsoft Works\WksWP.exe [c:\Program Files (x86)\Microsoft Works\wkswp.exe] -> [2007/06/20 23:04:24 | 000,709,984 | ---- | M] (Microsoft® Corporation)
wlmail.exe -> C:\Program Files (x86)\Windows Live\Mail\wlmail.exe [C:\Program Files (x86)\Windows Live\Mail\wlmail.exe] -> [2009/07/26 17:44:52 | 000,114,000 | ---- | M] (Microsoft Corporation)
wmplayer.exe -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe [%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe] -> [2009/08/29 08:56:10 | 000,164,864 | ---- | M] (Microsoft Corporation)
WORDPAD.EXE -> C:\Program Files\Windows NT\Accessories\WORDPAD.EXE ["%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"] -> [2009/07/14 03:39:57 | 004,580,352 | ---- | M] (Microsoft Corporation)
WRITE.EXE -> C:\Program Files\Windows NT\Accessories\WORDPAD.EXE ["%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"] -> [2009/07/14 03:39:57 | 004,580,352 | ---- | M] (Microsoft Corporation)
< App Paths [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ -> 
7zFM.exe -> C:\Program Files (x86)\7-Zip\7zFM.exe [C:\Program Files (x86)\7-Zip\7zFM.exe] -> [2009/02/03 09:10:08 | 000,388,096 | ---- | M] (Igor Pavlov)
AcroRd32.exe -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe [C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe] -> [2010/04/04 07:57:52 | 000,349,616 | ---- | M] (Adobe Systems Incorporated)
BackupManager.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found
ccleaner.exe -> C:\Program Files (x86)\CCleaner\CCleaner.exe [C:\Program Files (x86)\CCleaner\ccleaner.exe] -> [2010/05/25 18:08:54 | 001,694,520 | ---- | M] (Piriform Ltd)
cmmgr32.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found
dvdmaker.exe -> C:\Program Files (x86)\DVD Maker\dvdmaker.exe [%ProgramFiles%\DVD Maker\dvdmaker.exe] -> File not found
ECOPY.EXE -> C:\Program Files (x86)\epson\Creativity Suite\Copy Utility\ECOPY.EXE [C:\Program Files (x86)\EPSON\Creativity Suite\Copy Utility\ECOPY.exe] -> [2004/10/08 01:00:02 | 000,716,800 | ---- | M] (SEIKO EPSON CORP.)
Escfg.exe -> C:\Windows\twain_32\escndv\escfg.exe [C:\Windows\twain_32\escndv\Escfg.exe] -> [2006/10/04 01:00:00 | 000,182,424 | ---- | M] (SEIKO EPSON CORP.)
Escndv.exe -> C:\Windows\twain_32\escndv\escndv.exe [C:\Windows\twain_32\escndv\Escndv.exe] -> [2006/03/08 01:00:00 | 000,118,784 | ---- | M] (SEIKO EPSON CORP.)
firefox.exe -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe [C:\Program Files (x86)\Mozilla Firefox\firefox.exe] -> [2010/04/01 20:01:50 | 000,910,296 | ---- | M] (Mozilla Corporation)
fsquirt.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found
install.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found
iTunes.exe -> C:\Program Files (x86)\iTunes\iTunes.exe [C:\Program Files (x86)\iTunes\iTunes.exe] -> [2010/04/28 15:06:24 | 010,358,568 | ---- | M] (Apple Inc.)
IZArc -> C:\Program Files (x86)\IZArc\IZArc.exe [C:\Program Files (x86)\IZArc\IZArc.exe] -> [2009/11/23 11:27:36 | 002,850,304 | ---- | M] ()
javaws.exe -> C:\Program Files (x86)\Java\jre6\bin\javaws.exe [C:\Program Files (x86)\Java\jre6\bin\javaws.exe] -> [2010/06/05 12:05:37 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.)
Journal.exe -> C:\Program Files (x86)\Windows Journal\Journal.exe [%ProgramFiles%\Windows Journal\Journal.exe] -> File not found
mbam.exe -> C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe [C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe] -> [2010/04/29 15:39:32 | 001,090,952 | ---- | M] (Malwarebytes Corporation)
mip.exe -> C:\Program Files (x86)\Common Files\microsoft shared\ink\mip.exe [%CommonProgramFiles%\Microsoft Shared\Ink\mip.exe] -> [2009/07/14 03:14:24 | 001,221,632 | ---- | M] (Microsoft Corporation)
mplayer2.exe -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe [%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe] -> [2009/08/29 08:56:10 | 000,164,864 | ---- | M] (Microsoft Corporation)
MSNMSGR.EXE -> C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe] -> [2009/07/26 17:44:52 | 003,883,856 | ---- | M] (Microsoft Corporation)
MsoHtmEd.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found
msoxmled.exe -> C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLED.EXE [C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSOXMLED.EXE] -> [2006/10/27 06:41:50 | 000,059,152 | ---- | M] (Microsoft Corporation)
msworks.exe -> c:\Program Files (x86)\Microsoft Works\MSWorks.exe [c:\Program Files (x86)\Microsoft Works\msworks.exe] -> [2007/06/20 23:03:56 | 000,644,448 | ---- | M] (Microsoft® Corporation)
NewPCStudio.exe -> C:\Program Files (x86)\Samsung\Samsung New PC Studio\ [C:\Program Files (x86)\Samsung\Samsung New PC Studio\] -> [2010/05/26 16:03:42 | 000,000,000 | ---D | M]
ois.exe -> C:\Program Files (x86)\Microsoft Office\Office12\OIS.EXE [C:\PROGRA~2\MICROS~1\Office12\OIS.EXE] -> [2008/11/04 02:24:48 | 000,274,808 | ---- | M] (Microsoft Corporation)
OneNote.exe -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTE.EXE [C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE] -> [2009/02/26 15:24:50 | 001,001,840 | ---- | M] (Microsoft Corporation)
pbrush.exe -> C:\Windows\SysWOW64\mspaint.exe [%SystemRoot%\System32\mspaint.exe] -> [2009/07/14 03:14:26 | 006,376,960 | ---- | M] (Microsoft Corporation)
PhotoImpression.exe -> C:\Program Files (x86)\ArcSoft\PhotoImpression 5\photoimpression.exe [C:\Program Files (x86)\ArcSoft\PhotoImpression 5\PhotoImpression.exe] -> [2005/03/14 16:30:28 | 000,135,168 | ---- | M] (ArcSoft Inc.)
pi.exe -> C:\Program Files (x86)\Microsoft Digital Image 10\pi.exe [C:\Program Files (x86)\Microsoft Digital Image 10\pi.exe] -> [2004/06/12 12:40:16 | 000,424,448 | ---- | M] (Microsoft Corporation)
PictureViewer.exe -> C:\Program Files (x86)\QuickTime\PictureViewer.exe [C:\Program Files (x86)\QuickTime\PictureViewer.exe] -> [2010/03/17 21:53:32 | 000,557,056 | ---- | M] (Apple Inc.)
PlayMovie.exe -> C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PlayMovie.mcl [C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PlayMovie.mcl] -> [2009/09/29 11:51:14 | 000,000,465 | ---- | M] ()
Pod.exe -> C:\Program Files (x86)\Microsoft Digital Image 10\Pod.exe [C:\Program Files (x86)\Microsoft Digital Image 10\Pod.exe] -> [2004/06/12 12:35:14 | 000,035,328 | ---- | M] (Microsoft Corporation)
PowerCinema -> C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe [C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe] -> [2009/09/29 12:31:56 | 000,353,576 | ---- | M] (Acer Incorporated)
powerpnt.exe -> C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE [C:\PROGRA~2\MICROS~1\Office12\POWERPNT.EXE] -> [2009/02/26 14:06:28 | 000,521,080 | ---- | M] (Microsoft Corporation)
PowerShell.exe -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe [%SystemRoot%\system32\WindowsPowerShell\v1.0\PowerShell.exe] -> [2009/07/14 03:14:24 | 000,452,608 | ---- | M] (Microsoft Corporation)
QuickTimePlayer.exe -> C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe [C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe] -> [2010/03/17 23:28:24 | 001,230,128 | ---- | M] (Apple Inc.)
sbase.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\sbase.exe [C:\Program Files (x86)\OpenOffice.org 3\program\sbase.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org)
scalc.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\scalc.exe [C:\Program Files (x86)\OpenOffice.org 3\program\scalc.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org)
sdraw.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\sdraw.exe [C:\Program Files (x86)\OpenOffice.org 3\program\sdraw.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org)
setup.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found
sidebar.exe -> C:\Program Files (x86)\Windows Sidebar\sidebar.exe ["%ProgramFiles%\Windows Sidebar\sidebar.exe"] -> [2009/07/14 03:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation)
simpress.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\simpress.exe [C:\Program Files (x86)\OpenOffice.org 3\program\simpress.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org)
smath.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\smath.exe [C:\Program Files (x86)\OpenOffice.org 3\program\smath.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org)
SnippingTool.exe -> C:\Windows\SysWow64\SnippingTool.exe [%SystemRoot%\system32\SnippingTool.exe] -> File not found
soffice.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe [C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe] -> [2010/05/21 00:58:46 | 011,318,784 | ---- | M] (OpenOffice.org)
SoftDMA.exe -> C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe [C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe] -> [2009/09/25 11:48:14 | 000,334,392 | ---- | M] (Acer Incorporated)
swriter.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\swriter.exe [C:\Program Files (x86)\OpenOffice.org 3\program\swriter.exe] -> [2010/05/21 00:58:50 | 000,305,152 | ---- | M] (OpenOffice.org)
table30.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found
TabTip.exe -> C:\Program Files (x86)\Common Files\microsoft shared\ink\TabTip.exe [%CommonProgramFiles%\microsoft shared\ink\TabTip.exe] -> File not found
thunderbird.exe -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe [C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe] -> [2010/03/31 07:46:49 | 011,957,424 | ---- | M] (Mozilla Messaging)
unopkg.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\unopkg.exe [C:\Program Files (x86)\OpenOffice.org 3\program\unopkg.exe] -> [2010/05/20 07:01:10 | 000,010,752 | ---- | M] ()
wab.exe -> C:\Program Files (x86)\Windows Mail\wab.exe [%ProgramFiles%\Windows Mail\wab.exe] -> [2009/07/14 03:14:44 | 000,516,096 | ---- | M] (Microsoft Corporation)
wabmig.exe -> C:\Program Files (x86)\Windows Mail\wabmig.exe [%ProgramFiles%\Windows Mail\wabmig.exe] -> [2009/07/14 03:14:44 | 000,065,536 | ---- | M] (Microsoft Corporation)
WinRAR.exe -> C:\Program Files\WinRAR\WinRAR.exe [C:\Program Files\WinRAR\WinRAR.exe] -> [2010/03/15 11:26:36 | 001,090,560 | ---- | M] ()
Winword.exe -> C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE [C:\PROGRA~2\MICROS~1\Office12\WINWORD.EXE] -> [2010/04/09 19:05:06 | 000,408,936 | ---- | M] (Microsoft Corporation)
WKSAB.EXE -> c:\Program Files (x86)\Microsoft Works\wksab.exe [c:\Program Files (x86)\Microsoft Works\WKSAB.exe] -> [2007/06/20 23:04:22 | 000,020,832 | ---- | M] (Microsoft® Corporation)
wkscal.exe -> c:\Program Files (x86)\Microsoft Works\WksCal.exe [c:\PROGRA~2\MICROS~2\WksCal.exe] -> [2007/06/20 23:04:22 | 000,722,272 | ---- | M] (Microsoft® Corporation)
wksdb.exe -> c:\Program Files (x86)\Microsoft Works\wksdb.exe [c:\Program Files (x86)\Microsoft Works\wksdb.exe] -> [2007/06/20 23:04:22 | 001,242,464 | ---- | M] (Microsoft® Corporation)
WKSSB.EXE -> c:\Program Files (x86)\Microsoft Works\WksSb.exe [c:\Program Files (x86)\Microsoft Works\WKSSB.exe] -> [2007/06/20 23:04:22 | 001,099,104 | ---- | M] (Microsoft® Corporation)
wksss.exe -> c:\Program Files (x86)\Microsoft Works\wksss.exe [c:\Program Files (x86)\Microsoft Works\wksss.exe] -> [2007/06/20 23:04:24 | 000,947,552 | ---- | M] (Microsoft® Corporation)
wkswp.exe -> c:\Program Files (x86)\Microsoft Works\WksWP.exe [c:\Program Files (x86)\Microsoft Works\wkswp.exe] -> [2007/06/20 23:04:24 | 000,709,984 | ---- | M] (Microsoft® Corporation)
wlmail.exe -> C:\Program Files (x86)\Windows Live\Mail\wlmail.exe [C:\Program Files (x86)\Windows Live\Mail\wlmail.exe] -> [2009/07/26 17:44:52 | 000,114,000 | ---- | M] (Microsoft Corporation)
wmplayer.exe -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe [%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe] -> [2009/08/29 08:56:10 | 000,164,864 | ---- | M] (Microsoft Corporation)
WORDPAD.EXE -> C:\Program Files (x86)\Windows NT\Accessories\WORDPAD.EXE ["%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"] -> [2009/07/14 03:14:49 | 004,243,968 | ---- | M] (Microsoft Corporation)
WRITE.EXE -> C:\Program Files (x86)\Windows NT\Accessories\WORDPAD.EXE ["%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"] -> [2009/07/14 03:14:49 | 004,243,968 | ---- | M] (Microsoft Corporation)
< 64bit-Approved Shell Extensions [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved -> 
"{00C6D95F-329C-409a-81D7-C46C66EA7F33}" [HKLM] -> C:\Windows\SysNative\shdocvw.dll [] -> [2009/07/14 03:41:54 | 000,196,096 | ---- | M] (Microsoft Corporation)
"{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKLM] -> C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll [eDS psd drag drop protection] -> [2009/09/10 15:44:06 | 000,137,512 | ---- | M] (Egis Technology Inc.)
"{3BBAC0AD-8227-3462-C8EF-A36794DD8CD2}" [HKLM] -> C:\Program Files (x86)\IZArc\IZArcCM64.dll [iZArc Shell Extension] -> [2009/04/24 15:50:52 | 000,210,944 | ---- | M] ()
"{3D1975AF-48C6-4f8e-A182-BE0E08FA86A9}" [HKLM] -> C:\Windows\SysNative\nvshext.dll [NVIDIA Play On My TV Context Menu Extension] -> [2009/07/14 10:51:46 | 000,238,080 | ---- | M] (NVIDIA Corporation)
"{42042206-2D85-11D3-8CFF-005004838597}" [HKLM] -> C:\PROGRA~1\MICROS~2\Office12\MSOHEVI.DLL [Microsoft Office HTML Icon Handler] -> [2008/10/25 17:36:06 | 000,110,968 | ---- | M] (Microsoft Corporation)
"{44440D00-FF19-4AFC-B765-9A0970567D97}" [HKLM] -> C:\Windows\SysNative\uxtuneup.dll [TuneUp Theme Extension] -> [2010/05/07 18:01:52 | 000,036,168 | ---- | M] (TuneUp Software)
"{45AC2688-0253-4ED8-97DE-B5370FA7D48A}" [HKLM] -> C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [shell Extension for Malware scanning] -> [2010/06/18 19:52:00 | 000,357,224 | ---- | M] (Avira GmbH)
"{4838CD50-7E5D-4811-9B17-C47A85539F28}" [HKLM] -> C:\Program Files (x86)\TuneUp Utilities 2010\DseShExt-x64.dll [TuneUp Disk Space Explorer Shell Extension] -> [2010/05/07 18:02:12 | 000,024,392 | ---- | M] (TuneUp Software)
"{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}" [HKLM] -> C:\Program Files (x86)\TuneUp Utilities 2010\SDShelEx-x64.dll [TuneUp Shredder Shell Extension] -> [2010/05/07 18:02:24 | 000,029,512 | ---- | M] (TuneUp Software)
"{80009818-f38f-4af1-87b5-eadab9433e58}" [HKLM] -> C:\Windows\SysNative\mf.dll [MF ADTS Property Handler] -> [2009/07/14 03:41:22 | 004,062,208 | ---- | M] (Microsoft Corporation)
"{85D26561-0241-4BE2-A8DF-8F921A0EF948}" [HKLM] -> C:\Program Files (x86)\a-squared Free\a2freecontmenu64.dll [a-squared Free Shell Extension x64] -> [2009/10/01 17:03:14 | 000,302,736 | ---- | M] (Emsi Software GmbH)
"{967B2D40-8B7D-4127-9049-61EA0C2C6DCE}" [HKLM] -> Reg Error: Key error. [PowerISO] -> File not found
"{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}" [HKLM] -> C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [Microsoft Office Metadata Handler] -> [2008/11/21 08:06:22 | 001,586,568 | ---- | M] (Microsoft Corporation)
"{A70C977A-BF00-412C-90B7-034C51DA2439}" [HKLM] -> C:\Windows\SysNative\nvcpl.dll [NvCpl DesktopContext Class] -> [2010/04/03 18:42:00 | 014,828,648 | ---- | M] (NVIDIA Corporation)
"{B41DB860-64E4-11D2-9906-E49FADC173CA}" [HKLM] -> C:\Program Files\WinRAR\rarext.dll [WinRAR shell extension] -> [2010/03/15 11:28:22 | 000,166,400 | ---- | M] ()
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" [HKLM] -> Reg Error: Key error. [WinRAR shell extension] -> File not found
{B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKU\S-1-5-21-3258892936-4116843137-97899428-1001] -> C:\Program Files\WinRAR\rarext32.dll [WinRAR shell extension] -> [2010/03/15 11:28:22 | 000,141,824 | ---- | M] ()
"{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}" [HKLM] -> C:\Program Files\iTunes\iTunesMiniPlayer.dll [iTunes] -> [2010/04/28 15:06:34 | 000,141,096 | ---- | M] (Apple Inc.)
"{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97}" [HKLM] -> C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [Microsoft Office Thumbnail Handler] -> [2008/11/21 08:06:22 | 001,586,568 | ---- | M] (Microsoft Corporation)
"{FFB699E0-306A-11d3-8BD1-00104B6F7516}" [HKLM] -> C:\Windows\SysNative\nvcpl.dll [Play on my TV helper] -> [2010/04/03 18:42:00 | 014,828,648 | ---- | M] (NVIDIA Corporation)
< Approved Shell Extensions [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved -> 
"{087B3AE3-E237-4467-B8DB-5A38AB959AC9}" [HKLM] -> C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll [OpenOffice.org Infotip Handler] -> [2010/05/19 15:37:00 | 000,401,920 | ---- | M] (OpenOffice.org)
"{23170F69-40C1-278A-1000-000100020000}" [HKLM] -> C:\Program Files (x86)\7-Zip\7-zip.dll [7-Zip Shell Extension] -> [2009/02/03 09:09:46 | 000,069,632 | ---- | M] (Igor Pavlov)
"{3B092F0C-7696-40E3-A80F-68D74DA84210}" [HKLM] -> C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll [OpenOffice.org Thumbnail Viewer] -> [2010/05/19 15:37:00 | 000,401,920 | ---- | M] (OpenOffice.org)
"{4838CD50-7E5D-4811-9B17-C47A85539F28}" [HKLM] -> C:\Program Files (x86)\TuneUp Utilities 2010\DseShExt-x86.dll [TuneUp Disk Space Explorer Shell Extension] -> [2010/05/07 18:02:06 | 000,026,440 | ---- | M] (TuneUp Software)
"{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}" [HKLM] -> C:\Program Files (x86)\TuneUp Utilities 2010\SDShelEx-win32.dll [TuneUp Shredder Shell Extension] -> [2010/05/07 18:02:18 | 000,030,536 | ---- | M] (TuneUp Software)
"{63542C48-9552-494A-84F7-73AA6A7C99C1}" [HKLM] -> C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll [OpenOffice.org Property Sheet Handler] -> [2010/05/19 15:37:00 | 000,401,920 | ---- | M] (OpenOffice.org)
"{72923739-5A47-40A3-9895-25AF0DFBB9E4}" [HKLM] -> C:\Program Files (x86)\Glary Utilities\ContextHandler.dll [Glary Utilities Context Menu Shell Extension] -> [2010/05/26 10:01:22 | 000,036,152 | ---- | M] (Glarysoft Ltd)
"{B41DB860-64E4-11D2-9906-E49FADC173CA}" [HKLM] -> Reg Error: Key error. [WinRAR shell extension] -> File not found
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" [HKLM] -> C:\Program Files\WinRAR\rarext32.dll [WinRAR shell extension] -> [2010/03/15 11:28:22 | 000,141,824 | ---- | M] ()
{B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKU\S-1-5-21-3258892936-4116843137-97899428-1001] -> C:\Program Files\WinRAR\rarext32.dll [WinRAR shell extension] -> [2010/03/15 11:28:22 | 000,141,824 | ---- | M] ()
"{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" [HKLM] -> C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll [OpenOffice.org Column Handler] -> [2010/05/19 15:37:00 | 000,401,920 | ---- | M] (OpenOffice.org)
< 64bit-Disabled MSConfig State [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state -> 
"services" -> 2 -> 
< 64bit-Drivers32 [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 -> 
"aux" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation)
"midi" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation)
"midi1" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation)
"midi2" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation)
"midi3" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation)
"midi4" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation)
"midimapper" -> C:\Windows\SysNative\midimap.dll [midimap.dll] -> [2009/07/14 03:41:23 | 000,020,480 | ---- | M] (Microsoft Corporation)
"mixer" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation)
"mixer1" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation)
"mixer2" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation)
"mixer3" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation)
"mixer4" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation)
"msacm.imaadpcm" -> C:\Windows\SysNative\imaadp32.acm [imaadp32.acm] -> [2009/07/14 03:38:53 | 000,022,016 | ---- | M] (Microsoft Corporation)
"msacm.l3acm" -> C:\Windows\SysNative\l3codeca.acm [C:\Windows\System32\l3codeca.acm] -> [2009/07/14 03:38:53 | 000,081,408 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS)
"msacm.msadpcm" -> C:\Windows\SysNative\msadp32.acm [msadp32.acm] -> [2009/07/14 03:38:53 | 000,024,064 | ---- | M] (Microsoft Corporation)
"msacm.msg711" -> C:\Windows\SysNative\msg711.acm [msg711.acm] -> [2009/07/14 03:38:53 | 000,014,848 | ---- | M] (Microsoft Corporation)
"msacm.msgsm610" -> C:\Windows\SysNative\msgsm32.acm [msgsm32.acm] -> [2009/07/14 03:38:53 | 000,029,184 | ---- | M] (Microsoft Corporation)
"vidc.i420" -> C:\Windows\SysNative\iyuv_32.dll [iyuv_32.dll] -> [2009/12/19 11:46:35 | 000,054,272 | ---- | M] (Microsoft Corporation)
"vidc.iyuv" -> C:\Windows\SysNative\iyuv_32.dll [iyuv_32.dll] -> [2009/12/19 11:46:35 | 000,054,272 | ---- | M] (Microsoft Corporation)
"vidc.mrle" -> C:\Windows\SysNative\msrle32.dll [msrle32.dll] -> [2009/12/19 11:47:46 | 000,016,384 | ---- | M] (Microsoft Corporation)
"vidc.msvc" -> C:\Windows\SysNative\msvidc32.dll [msvidc32.dll] -> [2009/12/19 11:47:53 | 000,038,912 | ---- | M] (Microsoft Corporation)
"vidc.uyvy" -> C:\Windows\SysNative\msyuv.dll [msyuv.dll] -> [2009/12/19 11:47:56 | 000,025,088 | ---- | M] (Microsoft Corporation)
"vidc.yuy2" -> C:\Windows\SysNative\msyuv.dll [msyuv.dll] -> [2009/12/19 11:47:56 | 000,025,088 | ---- | M] (Microsoft Corporation)
"vidc.yvu9" -> C:\Windows\SysNative\tsbyuv.dll [tsbyuv.dll] -> [2009/12/19 11:50:56 | 000,014,848 | ---- | M] (Microsoft Corporation)
"vidc.yvyu" -> C:\Windows\SysNative\msyuv.dll [msyuv.dll] -> [2009/12/19 11:47:56 | 000,025,088 | ---- | M] (Microsoft Corporation)
"wave" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation)
"wave1" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation)
"wave2" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation)
"wave3" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation)
"wave4" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/07/14 03:38:50 | 000,217,088 | ---- | M] (Microsoft Corporation)
"wavemapper" -> C:\Windows\SysNative\msacm32.drv [msacm32.drv] -> [2009/07/14 03:38:50 | 000,025,600 | ---- | M] (Microsoft Corporation)
< Drivers32 [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 -> 
"msacm.l3acm" -> C:\Windows\SysWOW64\l3codeca.acm [C:\Windows\SysWOW64\l3codeca.acm] -> [2009/07/14 03:14:10 | 000,064,000 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS)
"msacm.siren" -> C:\Windows\SysWow64\sirenacm.dll [sirenacm.dll] -> [2009/07/26 17:44:56 | 000,048,448 | ---- | M] (Microsoft Corporation)
"vidc.cvid" -> C:\Windows\SysWow64\iccvid.dll [iccvid.dll] -> [2009/07/14 03:15:26 | 000,082,944 | ---- | M] (Radius Inc.)
< 64bit-Ext (PreApproved) - [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ -> 
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{19916E01-B44E-4E31-94A4-4696DF46157B} [HKLM] -> C:\Windows\SysNative\icardie.dll [informationCardSigninHelper Class] -> [2009/07/14 03:41:05 | 000,084,480 | ---- | M] (Microsoft Corporation)
{233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{3050F819-98B5-11CF-BB82-00AA00BDCE0B} [HKLM] -> C:\Windows\SysNative\mshtmled.dll [HtmlDlgSafeHelper Class] -> [2009/07/14 03:41:28 | 000,097,280 | ---- | M] (Microsoft Corporation)
{333C7BC4-460F-11D0-BC04-0080C7055A83} [HKLM] -> C:\Windows\SysNative\tdc.ocx [Tabular Data Control] -> [2009/07/14 03:38:53 | 000,078,336 | ---- | M] (Microsoft Corporation)
{3E4D4F1C-2AEE-11D1-9D3D-00C04FC30DF6} [HKLM] -> C:\Windows\SysNative\oleprn.dll [oleprn Class] -> [2009/07/14 03:41:53 | 000,129,536 | ---- | M] (Microsoft Corporation)
{4063BE15-3B08-470D-A0D5-B37161CFFD69} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{435899C9-44AB-11D1-AF00-080036234103} [HKLM] -> C:\Windows\SysNative\oleprn.dll [DSPrintQueue Class] -> [2009/07/14 03:41:53 | 000,129,536 | ---- | M] (Microsoft Corporation)
{4F664F91-FF01-11D0-8AED-00C04FD7B597} [HKLM] -> C:\Windows\SysNative\oleprn.dll [OleSNMP Class] -> [2009/07/14 03:41:53 | 000,129,536 | ---- | M] (Microsoft Corporation)
{65303443-AD66-11D1-9D65-00C04FC30DF6} [HKLM] -> C:\Windows\SysNative\oleprn.dll [OleCvt Class] -> [2009/07/14 03:41:53 | 000,129,536 | ---- | M] (Microsoft Corporation)
{6BF52A52-394A-11d3-B153-00C04F79FAA6} [HKLM] -> C:\Windows\SysNative\wmp.dll [Windows Media Player] -> [2009/08/29 09:53:27 | 014,629,376 | ---- | M] (Microsoft Corporation)
{760C4B83-E211-11D2-BF3E-00805FBE84A6} [HKLM] -> C:\Windows\SysNative\msnetobj.dll [Windows Media Services DRM Storage object] -> [2009/07/14 03:41:30 | 000,325,632 | ---- | M] (Microsoft Corporation)
{884e2049-217d-11da-b2a4-000e7bbb2b09} [HKLM] -> C:\Windows\SysNative\CertEnrollCtrl.exe [X509 Enrollment WebClassFactory] -> [2009/07/14 03:38:58 | 000,070,144 | ---- | M] (Microsoft Corporation)
{884e2051-217d-11da-b2a4-000e7bbb2b09} [HKLM] -> C:\Windows\SysNative\CertEnroll.dll [X509 Machine Enrollment Factory] -> [2009/09/03 09:36:39 | 001,975,296 | ---- | M] (Microsoft Corporation)
{88d969c0-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{88d969c1-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{88d969c2-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{88d969c3-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{88d969c4-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{88d969c5-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{8E4062D9-FE1B-4b9e-AA16-5E8EEF68F48E} [HKLM] -> C:\Windows\SysNative\RegCtrl.dll [Registration Control] -> [2009/07/14 03:41:53 | 000,049,152 | ---- | M] (Microsoft Corporation)
{92337A8C-E11D-11D0-BE48-00C04FC30DF6} [HKLM] -> C:\Windows\SysNative\oleprn.dll [prturl Class] -> [2009/07/14 03:41:53 | 000,129,536 | ---- | M] (Microsoft Corporation)
{A9FC132B-096D-460B-B7D5-1DB0FAE0C062} [HKLM] -> C:\Windows\SysNative\msnetobj.dll [RMGetLicense Class] -> [2009/07/14 03:41:30 | 000,325,632 | ---- | M] (Microsoft Corporation)
{C3701884-B39B-11D1-9D68-00C04FC30DF6} [HKLM] -> C:\Windows\SysNative\oleprn.dll [OleInstall Class] -> [2009/07/14 03:41:53 | 000,129,536 | ---- | M] (Microsoft Corporation)
{CA8A9780-280D-11CF-A24D-444553540000} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{CFCDAA03-8BE4-11cf-B84B-0020AFBBCCFA} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{D27CDB6E-AE6D-11cf-96B8-444553540000} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{EE09B103-97E0-11CF-978F-00A02463E06F} [HKLM] -> C:\Windows\SysNative\scrrun.dll [scripting.Dictionary] -> [2009/07/14 03:41:53 | 000,202,752 | ---- | M] (Microsoft Corporation)
< Ext (PreApproved) - [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ -> 
{02BCC737-B171-4746-94C9-0D8A0B2C0089} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\IEAWSDC.DLL [Microsoft Office Template and Media Control] -> [2008/10/25 07:18:50 | 000,172,880 | ---- | M] ()
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [HKLM] -> C:\Program Files (x86)\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2010/03/17 23:28:24 | 000,800,048 | ---- | M] (Apple Inc.)
{07B06095-5687-4D13-9E32-12B4259C9813} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\STSUPLD.DLL [sTSUpld UploadCtl Class] -> [2006/10/27 04:59:30 | 000,227,128 | ---- | M] (Microsoft Corporation)
{166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{19916E01-B44E-4E31-94A4-4696DF46157B} [HKLM] -> C:\Windows\SysWOW64\icardie.dll [informationCardSigninHelper Class] -> [2009/07/14 03:15:26 | 000,061,952 | ---- | M] (Microsoft Corporation)
{233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{3050F819-98B5-11CF-BB82-00AA00BDCE0B} [HKLM] -> C:\Windows\SysWOW64\mshtmled.dll [HtmlDlgSafeHelper Class] -> [2009/07/14 03:15:44 | 000,067,072 | ---- | M] (Microsoft Corporation)
{333C7BC4-460F-11D0-BC04-0080C7055A83} [HKLM] -> C:\Windows\SysWOW64\tdc.ocx [Tabular Data Control] -> [2009/07/14 03:14:10 | 000,066,560 | ---- | M] (Microsoft Corporation)
{3E4D4F1C-2AEE-11D1-9D3D-00C04FC30DF6} [HKLM] -> C:\Windows\SysWOW64\oleprn.dll [oleprn Class] -> [2009/07/14 03:16:12 | 000,107,008 | ---- | M] (Microsoft Corporation)
{3E8FD258-0359-4476-AAF4-7C5F65E9B46E} [HKLM] -> C:\Program Files (x86)\Common Files\Oberon Media\Odyssey\2.0.0.29\Odyssey.dll [OdysseyActiveX Class] -> [2007/07/04 13:17:40 | 000,206,120 | ---- | M] (Oberon Media)
{3FD37ABB-F90A-4DE5-AA38-179629E64C2F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSSUPP.DLL [sharePoint Spreadsheet Launcher] -> [2009/03/06 05:23:08 | 000,140,168 | ---- | M] (Microsoft Corporation)
{4063BE15-3B08-470D-A0D5-B37161CFFD69} [HKLM] -> C:\Program Files (x86)\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2010/03/17 23:28:24 | 000,800,048 | ---- | M] (Apple Inc.)
{435899C9-44AB-11D1-AF00-080036234103} [HKLM] -> C:\Windows\SysWOW64\oleprn.dll [DSPrintQueue Class] -> [2009/07/14 03:16:12 | 000,107,008 | ---- | M] (Microsoft Corporation)
{4F07F79F-087F-42cf-8B36-7A88D06088E9} [HKLM] -> C:\Program Files (x86)\Windows Live\Messenger\msgsc.14.0.8089.0726.dll [Reg Error: Value error.] -> [2009/07/26 17:44:56 | 000,221,520 | ---- | M] (Microsoft Corporation)
{4F664F91-FF01-11D0-8AED-00C04FD7B597} [HKLM] -> C:\Windows\SysWOW64\oleprn.dll [OleSNMP Class] -> [2009/07/14 03:16:12 | 000,107,008 | ---- | M] (Microsoft Corporation)
{5852F5ED-8BF4-11D4-A245-0080C6F74284} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\wsdetect.dll [isInstalled Class] -> [2010/06/05 12:05:37 | 000,108,320 | ---- | M] (Sun Microsystems, Inc.)
{62B4D041-4667-40B6-BB50-4BC0A5043A73} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSSUPP.DLL [sharePoint Export Database Launcher] -> [2009/03/06 05:23:08 | 000,140,168 | ---- | M] (Microsoft Corporation)
{65303443-AD66-11D1-9D65-00C04FC30DF6} [HKLM] -> C:\Windows\SysWOW64\oleprn.dll [OleCvt Class] -> [2009/07/14 03:16:12 | 000,107,008 | ---- | M] (Microsoft Corporation)
{65BCBEE4-7728-41A0-97BE-14E1CAE36AAE} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\STSLIST.DLL [Microsoft Office List 12.0] -> [2009/03/06 04:01:06 | 002,335,648 | ---- | M] (Microsoft Corporation)
{6BF52A52-394A-11d3-B153-00C04F79FAA6} [HKLM] -> C:\Windows\SysWOW64\wmp.dll [Windows Media Player] -> [2009/08/29 08:59:32 | 011,406,336 | ---- | M] (Microsoft Corporation)
{760C4B83-E211-11D2-BF3E-00805FBE84A6} [HKLM] -> C:\Windows\SysWOW64\msnetobj.dll [Windows Media Services DRM Storage object] -> [2009/07/14 03:15:46 | 000,265,216 | ---- | M] (Microsoft Corporation)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{884e2049-217d-11da-b2a4-000e7bbb2b09} [HKLM] -> C:\Windows\SysWOW64\CertEnrollCtrl.exe [X509 Enrollment WebClassFactory] -> [2009/07/14 03:14:13 | 000,067,072 | ---- | M] (Microsoft Corporation)
{884e2051-217d-11da-b2a4-000e7bbb2b09} [HKLM] -> C:\Windows\SysWOW64\CertEnroll.dll [X509 Machine Enrollment Factory] -> [2009/09/03 09:04:15 | 001,320,960 | ---- | M] (Microsoft Corporation)
{88d969c0-f192-11d4-a65f-0040963251e5} [HKLM] -> C:\Windows\SysWOW64\msxml4.dll [xml DOM Document 4.0] -> [2009/07/21 01:05:40 | 001,348,432 | ---- | M] (Microsoft Corporation)
{88d969c1-f192-11d4-a65f-0040963251e5} [HKLM] -> C:\Windows\SysWOW64\msxml4.dll [Free Threaded XML DOM Document 4.0] -> [2009/07/21 01:05:40 | 001,348,432 | ---- | M] (Microsoft Corporation)
{88d969c2-f192-11d4-a65f-0040963251e5} [HKLM] -> C:\Windows\SysWOW64\msxml4.dll [xml Schema Cache 4.0] -> [2009/07/21 01:05:40 | 001,348,432 | ---- | M] (Microsoft Corporation)
{88d969c3-f192-11d4-a65f-0040963251e5} [HKLM] -> C:\Windows\SysWOW64\msxml4.dll [XSL Template 4.0] -> [2009/07/21 01:05:40 | 001,348,432 | ---- | M] (Microsoft Corporation)
{88d969c4-f192-11d4-a65f-0040963251e5} [HKLM] -> C:\Windows\SysWOW64\msxml4.dll [xml Data Source Object 4.0] -> [2009/07/21 01:05:40 | 001,348,432 | ---- | M] (Microsoft Corporation)
{88d969c5-f192-11d4-a65f-0040963251e5} [HKLM] -> C:\Windows\SysWOW64\msxml4.dll [xml HTTP 4.0] -> [2009/07/21 01:05:40 | 001,348,432 | ---- | M] (Microsoft Corporation)
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_20] -> [2010/06/05 12:05:37 | 000,108,320 | ---- | M] ()
{8E4062D9-FE1B-4b9e-AA16-5E8EEF68F48E} [HKLM] -> C:\Windows\SysWOW64\RegCtrl.dll [Registration Control] -> [2009/07/14 03:16:13 | 000,041,472 | ---- | M] (Microsoft Corporation)
{9203C2CB-1DC1-482D-967E-597AFF270F0D} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSSUPP.DLL [sharePoint OpenDocuments Class] -> [2009/03/06 05:23:08 | 000,140,168 | ---- | M] (Microsoft Corporation)
{92337A8C-E11D-11D0-BE48-00C04FC30DF6} [HKLM] -> C:\Windows\SysWOW64\oleprn.dll [prturl Class] -> [2009/07/14 03:16:12 | 000,107,008 | ---- | M] (Microsoft Corporation)
{9F9C4924-C3F3-4459-A396-9E9E0D8B83D1} [HKLM] -> Reg Error: Key error. [sharePoint OpenDocuments Class] -> File not found
{A9FC132B-096D-460B-B7D5-1DB0FAE0C062} [HKLM] -> C:\Windows\SysWOW64\msnetobj.dll [RMGetLicense Class] -> [2009/07/14 03:15:46 | 000,265,216 | ---- | M] (Microsoft Corporation)
{BDEADE3E-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWSClientEventSubscription Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation)
{BDEADE3F-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWSClientMiscApis Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation)
{BDEADE40-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWSClientCommentThread Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation)
{BDEADE42-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWSClientComment Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation)
{BDEADE43-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWSBrowserUI Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation)
{BDEADE98-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWS Post Data] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation)
{BDEADE9E-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [sharePoint Spreadsheet Launcher] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation)
{BDEADEB3-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [Web Discussions] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation)
{BDEADEB4-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [Web Discussions] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation)
{BDEADEB5-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [Web Discussions] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation)
{BDEADEB7-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWSDiscussionServers Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation)
{BDEADEB8-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWSClientCollaboration Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation)
{BDEADEDA-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OSE.Discussion] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation)
{BDEADEDB-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OSE.Discussions] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation)
{BDEADEDC-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OSE.DiscussionServer] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation)
{BDEADEDD-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OSE.DiscussionServers] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation)
{BDEADEDE-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OSE Global Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation)
{BDEADEE0-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWSDiscussionBar Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation)
{BDEADEF2-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> Reg Error: Key error. [sharePoint OpenDocuments Class] -> File not found
{BDEADEF4-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> Reg Error: Key error. [sharePoint Stssync Handler] -> File not found
{BDEADEF5-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSSUPP.DLL [sharePoint Stssync Handler] -> [2009/03/06 05:23:08 | 000,140,168 | ---- | M] (Microsoft Corporation)
{C2828995-4A83-4100-A212-3024BA117356} [HKLM] -> C:\Program Files (x86)\Windows Live SkyDrive\Microsoft.Live.Folders.RichUpload.3.dll [Outil de téléchargement Windows Live] -> [2008/10/29 12:46:56 | 000,245,112 | ---- | M] (Microsoft Corporation)
{C3701884-B39B-11D1-9D68-00C04FC30DF6} [HKLM] -> C:\Windows\SysWOW64\oleprn.dll [OleInstall Class] -> [2009/07/14 03:16:12 | 000,107,008 | ---- | M] (Microsoft Corporation)
{C9712B19-838B-45A5-ABF2-9A315DDDED50} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\AUTHZAX.DLL [Microsoft Office 12 Authorization Control] -> [2008/10/25 07:18:46 | 000,054,152 | ---- | M] (Microsoft Corporation)
{CA8A9780-280D-11CF-A24D-444553540000} [HKLM] -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll [Adobe PDF Reader] -> [2010/04/04 01:22:06 | 000,660,912 | ---- | M] (Adobe Systems, Inc.)
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_20] -> [2010/06/05 12:05:37 | 000,108,320 | ---- | M] ()
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_20] -> [2010/06/05 12:05:37 | 000,108,320 | ---- | M] ()
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_20] -> [2010/06/05 12:05:37 | 000,108,320 | ---- | M] ()
{CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA} [HKLM] -> C:\Windows\SysWOW64\deployJava1.dll [Deployment Toolkit] -> [2010/06/05 12:05:37 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.)
{CAFEEFAC-DEC7-0000-0001-ABCDEFFEDCBA} [HKLM] -> C:\Windows\SysWOW64\deployJava1.dll [Deployment Toolkit] -> [2010/06/05 12:05:37 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.)
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBC} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{CB927D12-4FF7-4A9E-A169-56E4B8A75598} [HKLM] -> C:\Program Files (x86)\QuickTime\QTPlugin.ocx [behavior Object] -> [2010/03/17 23:28:24 | 000,800,048 | ---- | M] (Apple Inc.)
{CDEC13B2-0B3C-400E-B909-E27EE89C6799} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\STSUPLD.DLL [sTSUpld CopyCtl Class] -> [2006/10/27 04:59:30 | 000,227,128 | ---- | M] (Microsoft Corporation)
{CFCDAA03-8BE4-11cf-B84B-0020AFBBCCFA} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{D2517915-48CE-4286-970F-921E881B8C5C} [HKLM] -> C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll [Contrôle de l'Assistant de connexion Windows Live] -> [2009/01/22 16:41:30 | 000,408,448 | ---- | M] (Microsoft Corporation)
{D27CDB6E-AE6D-11cf-96B8-444553540000} [HKLM] -> C:\Windows\SysWOW64\Macromed\Flash\Flash10h.ocx [shockwave Flash Object] -> [2010/06/12 18:25:27 | 005,712,336 | R--- | M] (Adobe Systems, Inc.)
{D719897A-B07A-4C0C-AEA9-9B663A28DFCB} [HKLM] -> C:\Program Files (x86)\iTunes\ITDetector.ocx [iTunesDetector Class] -> [2010/04/28 15:06:20 | 000,111,912 | ---- | M] (Apple Inc.)
{DFEAF541-F3E1-4c24-ACAC-99C30715084A} [HKLM] -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50524.0\npctrl.dll [Microsoft Silverlight] -> [2010/05/23 23:30:20 | 001,013,760 | ---- | M] ( Microsoft Corporation)
{E13AAC70-70AE-4988-808C-B267F2C20E79} [HKLM] -> C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [Reg Error: Value error.] -> [2009/07/26 17:44:52 | 003,883,856 | ---- | M] (Microsoft Corporation)
{E1771B7F-98BE-407F-BA67-AA16ADA5D0C5} [HKLM] -> C:\Program Files (x86)\Windows Live\Messenger\msgsc.14.0.8089.0726.dll [Reg Error: Value error.] -> [2009/07/26 17:44:56 | 000,221,520 | ---- | M] (Microsoft Corporation)
{E543A17A-F212-49C0-B63D-BF09B460250E} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\oisctrl.dll [OISClientLauncher Class] -> [2009/03/06 05:23:50 | 000,022,432 | ---- | M] (Microsoft Corporation)
{E7339A62-0E31-4A5E-BA3D-F2FEDFBF8BE5} [HKLM] -> C:\Program Files (x86)\Common Files\microsoft shared\Portal\PortalConnectCore.dll [PersonalSite Class] -> [2008/10/26 06:42:16 | 000,482,656 | ---- | M] ()
{E9DA06F1-632C-462F-98B3-AF74B47DA727} [HKLM] -> C:\Program Files (x86)\Google\Update\1.2.183.29\npGoogleOneClick8.dll [Google Update Plugin] -> [2010/06/16 18:55:20 | 000,219,800 | ---- | M] (Google Inc.)
{EE09B103-97E0-11CF-978F-00A02463E06F} [HKLM] -> C:\Windows\SysWOW64\scrrun.dll [scripting.Dictionary] -> [2009/07/14 03:16:13 | 000,163,840 | ---- | M] (Microsoft Corporation)
{F06608C7-1874-4EEA-B3B2-DF99EBB144B8} [HKLM] -> C:\Program Files (x86)\Windows Live\Messenger\msgsc.14.0.8089.0726.dll [Reg Error: Value error.] -> [2009/07/26 17:44:56 | 000,221,520 | ---- | M] (Microsoft Corporation)
{F9152AEC-3462-4632-8087-EEE3C3CDDA24} [HKLM] -> C:\Program Files (x86)\Google\Google Earth\plugin\ie\5.2.0.5932\plugin_ax.dll [GEPluginCoClass Object] -> [2010/05/06 08:36:43 | 005,102,064 | ---- | M] (Google)
< Ext (Settings) - [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\ -> 
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{27B4851A-3207-45A2-B947-BE8AFE6163AB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{30CEEEA2-3742-40E4-85DD-812BF1CBB83D} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [spybot-S&D IE Protection] -> [2009/01/26 16:31:02 | 001,879,896 | ---- | M] (Safer Networking Limited)
{7DB2D5A0-7241-4E79-B68D-6309F01C5231} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll [Programme d'aide de l'Assistant de connexion Windows Live] -> [2009/01/22 16:41:30 | 000,408,448 | ---- | M] (Microsoft Corporation)
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{B164E929-A1B6-4A06-B104-2CD0E90A88FF} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{BF00E119-21A3-4FD1-B178-3B8537E75C92} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\Windows\SysWOW64\Macromed\Flash\Flash10h.ocx [shockwave Flash Object] -> [2010/06/12 18:25:27 | 005,712,336 | R--- | M] (Adobe Systems, Inc.)
{F0DA78E9-6B60-42FB-BC26-EF2CFB8C8FF3} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< Ext (Stats) - [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\ -> 
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{219C3416-8CB2-491A-A3C7-D9FCDDC9D600} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{2670000A-7350-4F3C-8081-5663EE0C6C49} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{27B4851A-3207-45A2-B947-BE8AFE6163AB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{30CEEEA2-3742-40E4-85DD-812BF1CBB83D} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{4063BE15-3B08-470D-A0D5-B37161CFFD69} [HKLM] -> C:\Program Files (x86)\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2010/03/17 23:28:24 | 000,800,048 | ---- | M] (Apple Inc.)
{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [spybot-S&D IE Protection] -> [2009/01/26 16:31:02 | 001,879,896 | ---- | M] (Safer Networking Limited)
{5C255C8A-E604-49B4-9D64-90988571CECB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
64bit-{6BF52A52-394A-11D3-B153-00C04F79FAA6} [HKLM] -> C:\Windows\SysNative\wmp.dll [Windows Media Player] -> [2009/08/29 09:53:27 | 014,629,376 | ---- | M] (Microsoft Corporation)
{6BF52A52-394A-11D3-B153-00C04F79FAA6} [HKLM] -> C:\Windows\SysWOW64\wmp.dll [Windows Media Player] -> [2009/08/29 08:59:32 | 011,406,336 | ---- | M] (Microsoft Corporation)
{7DB2D5A0-7241-4E79-B68D-6309F01C5231} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll [Programme d'aide de l'Assistant de connexion Windows Live] -> [2009/01/22 16:41:30 | 000,408,448 | ---- | M] (Microsoft Corporation)
{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{AA58ED58-01DD-4D91-8333-CF10577473F7} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{B164E929-A1B6-4A06-B104-2CD0E90A88FF} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{BF00E119-21A3-4FD1-B178-3B8537E75C92} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\Windows\SysWOW64\Macromed\Flash\Flash10h.ocx [shockwave Flash Object] -> [2010/06/12 18:25:27 | 005,712,336 | R--- | M] (Adobe Systems, Inc.)
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{DFEAF541-F3E1-4C24-ACAC-99C30715084A} [HKLM] -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50524.0\npctrl.dll [Microsoft Silverlight] -> [2010/05/23 23:30:20 | 001,013,760 | ---- | M] ( Microsoft Corporation)
{F0DA78E9-6B60-42FB-BC26-EF2CFB8C8FF3} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< 64bit-File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ -> 
.bat [@ = batfile] -> "%1" %* -> 
.cmd [@ = cmdfile] -> "%1" %* -> 
.com [@ = comfile] -> "%1" %* -> 
.exe [@ = exefile] -> "%1" %* -> 
.pif [@ = piffile] -> "%1" %* -> 
.scr [@ = scrfile] -> "%1" /S -> 
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ -> 
.bat [@ = batfile] -> "%1" %* -> 
.cmd [@ = cmdfile] -> "%1" %* -> 
.com [@ = comfile] -> "%1" %* -> 
.cpl [@ = cplfile] -> C:\Windows\SysWow64\control.exe -> [2009/07/14 03:14:15 | 000,113,152 | ---- | M] (Microsoft Corporation)
.exe [@ = exefile] -> "%1" %* -> 
.pif [@ = piffile] -> "%1" %* -> 
.scr [@ = scrfile] -> "%1" /S -> 
< File Associations - Select to Repair > -> HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\SOFTWARE\Classes\<extension>\ -> 
.html [@ = FirefoxHTML] -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe -> [2010/04/01 20:01:50 | 000,910,296 | ---- | M] (Mozilla Corporation)
< 64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> ->
*netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs ->
Ias -> C:\Windows\SysNative\ias -> [2009/07/14 05:20:14 | 000,000,000 | ---D | M]
Irmon -> C:\Windows\SysNative\irmon.dll -> [2009/07/14 03:41:11 | 000,023,552 | ---- | M] (Microsoft Corporation)
UxTuneUp -> C:\Windows\SysNative\uxtuneup.dll -> [2010/05/07 18:01:52 | 000,036,168 | ---- | M] (TuneUp Software)
Wmi -> C:\Windows\SysNative\wmi.dll -> [2009/07/14 03:33:56 | 000,005,120 | ---- | M] (Microsoft Corporation)
Themes -> C:\Windows\SysNative\themeservice.dll -> [2009/07/14 03:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation)
BDESVC -> C:\Windows\SysNative\bdesvc.dll -> [2009/07/14 03:40:10 | 000,100,864 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> ->
*netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs ->
Ias -> C:\Windows\SysWOW64\ias.dll -> [2009/07/14 03:15:26 | 000,019,456 | ---- | M] (Microsoft Corporation)
Wmi -> C:\Windows\SysWOW64\wmi.dll -> [2009/07/14 03:11:09 | 000,005,120 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
< 64bit-Protocol Filters [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ -> 
text/xml:{807563E5-5146-11D5-A672-00B0D022E945} [HKLM] -> C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL[Microsoft Office InfoPath XML Mime Filter] -> [2008/10/25 17:34:10 | 000,108,920 | ---- | M] (Microsoft Corporation)
< 64bit-Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> 
dssrequest:{5513F07E-936B-4E52-9B00-067394E91CC5} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found
livecall:{828030A1-22C1-4009-854F-8E305202313F} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found
ms-help:{314111c7-a502-11d2-bbca-00c04f8ec294} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found
ms-itss:{0A9007C0-4076-11D3-8789-0000F8105754} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found
msnim:{828030A1-22C1-4009-854F-8E305202313F} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found
sacore:{5513F07E-936B-4E52-9B00-067394E91CC5} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found
wlmailhtml:{03C514A3-1EFB-4856-9F99-10D7BE1653C0} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> 
dssrequest:{5513F07E-936B-4E52-9B00-067394E91CC5} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found
livecall:{828030A1-22C1-4009-854F-8E305202313F} [HKLM] -> C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll[Reg Error: Value error.] -> [2009/07/26 17:44:54 | 000,061,264 | ---- | M] (Microsoft Corporation)
msnim:{828030A1-22C1-4009-854F-8E305202313F} [HKLM] -> C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll[Reg Error: Value error.] -> [2009/07/26 17:44:54 | 000,061,264 | ---- | M] (Microsoft Corporation)
sacore:{5513F07E-936B-4E52-9B00-067394E91CC5} [HKLM] -> Reg Error: Key error.[Reg Error: Key error.] -> File not found
wlmailhtml:{03C514A3-1EFB-4856-9F99-10D7BE1653C0} [HKLM] -> C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll[Windows Live Mail HTML Asynchronous Pluggable Protocol Handler] -> [2009/07/26 17:44:48 | 000,789,824 | ---- | M] (Microsoft Corporation)
< 64bit-SafeBoot-Minimal Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ -> 
{36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers
{4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive
{4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive
{4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller
{4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc
{4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard
{4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse
{4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters
{4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter
{4D36E97D-E325-11CE-BFC1-08002BE10318} -> System
{4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive
{533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy
{6BDD1FC1-810F-11D0-BEC7-08002BE2092F} -> IEEE 1394 Bus host controllers
{71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume
{745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices
{D48179BE-EC20-11D1-B6B8-00C04FA372A7} -> SBP2 IEEE 1394 Devices
{D94EE5D8-D189-4994-83D2-F68D7D41B0E6} -> SecurityDevices
AppMgmt -> Service
Base -> Driver Group
Boot Bus Extender -> Driver Group
Boot file system -> Driver Group
File system -> Driver Group
Filter -> Driver Group
HelpSvc -> Service
Lavasoft Ad-Aware Service -> 32bit -> File not found
MCODS -> 
NTDS -> 32bit -> File not found
PCI Configuration -> Driver Group
PNP Filter -> Driver Group
Power -> C:\Windows\SysNative\umpo.dll -> [2009/07/14 03:41:56 | 000,163,840 | ---- | M] (Microsoft Corporation)
Primary disk -> Driver Group
RpcEptMapper -> C:\Windows\SysNative\RpcEpMap.dll -> [2009/07/14 03:41:53 | 000,067,072 | ---- | M] (Microsoft Corporation)
sacsvr -> Service
SASCORE -> C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -> [2010/04/28 17:23:07 | 000,120,832 | ---- | M] (SUPERAntiSpyware.com)
SCSI Class -> Driver Group
System Bus Extender -> Driver Group
TrustedInstaller -> 32bit -> File not found
vmms -> Service
WinDefend -> C:\Program Files\Windows Defender\mpsvc.dll -> [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation)
WudfPf -> C:\Windows\SysNative\drivers\WUDFPf.sys -> [2009/07/14 02:05:37 | 000,112,128 | ---- | M] (Microsoft Corporation)
< SafeBoot-Minimal Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ -> 
{36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers
{4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive
{4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive
{4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller
{4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc
{4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard
{4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse
{4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters
{4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter
{4D36E97D-E325-11CE-BFC1-08002BE10318} -> System
{4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive
{533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy
{6BDD1FC1-810F-11D0-BEC7-08002BE2092F} -> IEEE 1394 Bus host controllers
{71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume
{745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices
{D48179BE-EC20-11D1-B6B8-00C04FA372A7} -> SBP2 IEEE 1394 Devices
{D94EE5D8-D189-4994-83D2-F68D7D41B0E6} -> SecurityDevices
AppInfo -> 64bit -> File not found
AppMgmt -> Service
Base -> Driver Group
Boot Bus Extender -> Driver Group
Boot file system -> Driver Group
DcomLaunch -> 64bit -> File not found
EFS -> 64bit -> File not found
EventLog -> 64bit -> File not found
File system -> Driver Group
Filter -> Driver Group
HelpSvc -> Service
Lavasoft Ad-Aware Service -> C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -> [2010/06/16 13:07:26 | 001,352,832 | ---- | M] (Lavasoft)
MCODS -> 
NTDS -> 64bit -> File not found
PCI Configuration -> Driver Group
PlugPlay -> 64bit -> File not found
PNP Filter -> Driver Group
Power -> 64bit -> File not found
Primary disk -> Driver Group
ProfSvc -> 64bit -> File not found
RpcEptMapper -> 64bit -> File not found
RpcSs -> 64bit -> File not found
sacsvr -> Service
SASCORE -> 64bit -> File not found
SCSI Class -> Driver Group
sermouse.sys -> 64bit -> File not found
SWPRV -> 64bit -> File not found
System Bus Extender -> Driver Group
TabletInputService -> 64bit -> File not found
TBS -> 64bit -> File not found
VDS -> C:\Windows\SysWOW64\wbem\vds.mof -> [2009/07/13 22:30:11 | 000,061,056 | ---- | M] ()
vga.sys -> 64bit -> File not found
vgasave.sys -> 64bit -> File not found
vmms -> Service
volmgr.sys -> 64bit -> File not found
volmgrx.sys -> 64bit -> File not found
WinDefend -> 64bit -> File not found
WinMgmt -> 64bit -> File not found
WudfPf -> 64bit -> File not found
WudfRd -> 64bit -> File not found
WudfSvc -> 64bit -> File not found
< 64bit-SafeBoot-Network Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ -> 
{36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers
{4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive
{4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive
{4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller
{4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc
{4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard
{4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse
{4D36E972-E325-11CE-BFC1-08002BE10318} -> Net
{4D36E973-E325-11CE-BFC1-08002BE10318} -> NetClient
{4D36E974-E325-11CE-BFC1-08002BE10318} -> NetService
{4D36E975-E325-11CE-BFC1-08002BE10318} -> NetTrans
{4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters
{4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter
{4D36E97D-E325-11CE-BFC1-08002BE10318} -> System
{4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive
{50DD5230-BA8A-11D1-BF5D-0000F805F530} -> Smart card readers
{533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy
{6BDD1FC1-810F-11D0-BEC7-08002BE2092F} -> IEEE 1394 Bus host controllers
{71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume
{745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices
{D48179BE-EC20-11D1-B6B8-00C04FA372A7} -> SBP2 IEEE 1394 Devices
{D94EE5D8-D189-4994-83D2-F68D7D41B0E6} -> SecurityDevices
AppMgmt -> Service
Base -> Driver Group
Boot Bus Extender -> Driver Group
Boot file system -> Driver Group
Dhcp -> C:\Windows\SysNative\dhcpcore.dll -> [2009/07/14 03:40:28 | 000,314,368 | ---- | M] (Microsoft Corporation)
File system -> Driver Group
Filter -> Driver Group
HelpSvc -> Service
Lavasoft Ad-Aware Service -> 32bit -> File not found
Messenger -> Service
NDIS Wrapper -> Driver Group
ndiscap -> C:\Windows\SysNative\drivers\ndiscap.sys -> [2009/07/14 02:08:13 | 000,035,328 | ---- | M] (Microsoft Corporation)
NetBIOSGroup -> Driver Group
NetDDEGroup -> Driver Group
Network -> Driver Group
NetworkProvider -> Driver Group
NTDS -> 32bit -> File not found
PCI Configuration -> Driver Group
PNP Filter -> Driver Group
PNP_TDI -> Driver Group
Power -> C:\Windows\SysNative\umpo.dll -> [2009/07/14 03:41:56 | 000,163,840 | ---- | M] (Microsoft Corporation)
Primary disk -> Driver Group
rdsessmgr -> Service
RpcEptMapper -> C:\Windows\SysNative\RpcEpMap.dll -> [2009/07/14 03:41:53 | 000,067,072 | ---- | M] (Microsoft Corporation)
sacsvr -> Service
SASCORE -> C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -> [2010/04/28 17:23:07 | 000,120,832 | ---- | M] (SUPERAntiSpyware.com)
SCSI Class -> Driver Group
Streams Drivers -> Driver Group
System Bus Extender -> Driver Group
TDI -> Driver Group
TrustedInstaller -> 32bit -> File not found
vmms -> Service
WinDefend -> C:\Program Files\Windows Defender\mpsvc.dll -> [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation)
WudfPf -> C:\Windows\SysNative\drivers\WUDFPf.sys -> [2009/07/14 02:05:37 | 000,112,128 | ---- | M] (Microsoft Corporation)
WudfUsbccidDriver -> Driver
< SafeBoot-Network Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ -> 
{36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers
{4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive
{4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive
{4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller
{4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc
{4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard
{4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse
{4D36E972-E325-11CE-BFC1-08002BE10318} -> Net
{4D36E973-E325-11CE-BFC1-08002BE10318} -> NetClient
{4D36E974-E325-11CE-BFC1-08002BE10318} -> NetService
{4D36E975-E325-11CE-BFC1-08002BE10318} -> NetTrans
{4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters
{4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter
{4D36E97D-E325-11CE-BFC1-08002BE10318} -> System
{4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive
{50DD5230-BA8A-11D1-BF5D-0000F805F530} -> Smart card readers
{533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy
{6BDD1FC1-810F-11D0-BEC7-08002BE2092F} -> IEEE 1394 Bus host controllers
{71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume
{745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices
{D48179BE-EC20-11D1-B6B8-00C04FA372A7} -> SBP2 IEEE 1394 Devices
{D94EE5D8-D189-4994-83D2-F68D7D41B0E6} -> SecurityDevices
AFD -> 64bit -> File not found
AppInfo -> 64bit -> File not found
AppMgmt -> Service
Base -> Driver Group
BFE -> 64bit -> File not found
Boot Bus Extender -> Driver Group
Boot file system -> Driver Group
bowser -> 64bit -> File not found
Browser -> 64bit -> File not found
DcomLaunch -> 64bit -> File not found
dfsc -> 64bit -> File not found
Dhcp -> C:\Windows\SysWOW64\dhcpcore.dll -> [2009/07/14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation)
DnsCache -> 64bit -> File not found
Dot3Svc -> 64bit -> File not found
Eaphost -> 64bit -> File not found
EFS -> 64bit -> File not found
EventLog -> 64bit -> File not found
File system -> Driver Group
Filter -> Driver Group
HelpSvc -> Service
IKEEXT -> 64bit -> File not found
ipnat.sys -> 64bit -> File not found
LanmanServer -> 64bit -> File not found
LanmanWorkstation -> 64bit -> File not found
Lavasoft Ad-Aware Service -> C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -> [2010/06/16 13:07:26 | 001,352,832 | ---- | M] (Lavasoft)
LmHosts -> 64bit -> File not found
Messenger -> Service
MPSDrv -> C:\Windows\SysWOW64\wbem\mpsdrv.mof -> [2009/06/10 23:28:14 | 000,001,088 | ---- | M] ()
MPSSvc -> 64bit -> File not found
mrxsmb -> 64bit -> File not found
mrxsmb10 -> 64bit -> File not found
mrxsmb20 -> 64bit -> File not found
NativeWifiP -> 64bit -> File not found
NDIS -> 64bit -> File not found
NDIS Wrapper -> Driver Group
ndiscap -> 64bit -> File not found
Ndisuio -> 64bit -> File not found
NetBIOS -> C:\Windows\SysWOW64\netbios.dll -> [2009/07/14 03:16:02 | 000,014,336 | ---- | M] (Microsoft Corporation)
NetBIOSGroup -> Driver Group
NetBT -> 64bit -> File not found
NetDDEGroup -> Driver Group
NetMan -> 64bit -> File not found
Network -> Driver Group
NetworkProvider -> Driver Group
NlaSvc -> 64bit -> File not found
Nsi -> 64bit -> File not found
nsiproxy.sys -> 64bit -> File not found
NTDS -> 64bit -> File not found
PCI Configuration -> Driver Group
PlugPlay -> 64bit -> File not found
PNP Filter -> Driver Group
PNP_TDI -> Driver Group
PolicyAgent -> 64bit -> File not found
Power -> 64bit -> File not found
Primary disk -> Driver Group
ProfSvc -> 64bit -> File not found
rdbss -> 64bit -> File not found
rdpencdd.sys -> 64bit -> File not found
rdsessmgr -> Service
RpcEptMapper -> 64bit -> File not found
RpcSs -> 64bit -> File not found
sacsvr -> Service
SASCORE -> 64bit -> File not found
SCardSvr -> 64bit -> File not found
SCSI Class -> Driver Group
sermouse.sys -> 64bit -> File not found
SharedAccess -> 64bit -> File not found
Streams Drivers -> Driver Group
SWPRV -> 64bit -> File not found
System Bus Extender -> Driver Group
TabletInputService -> 64bit -> File not found
TBS -> 64bit -> File not found
Tcpip -> C:\Windows\SysWOW64\wbem\tcpip.mof -> [2009/06/10 23:15:18 | 000,003,066 | ---- | M] ()
TDI -> Driver Group
VaultSvc -> 64bit -> File not found
VDS -> C:\Windows\SysWOW64\wbem\vds.mof -> [2009/07/13 22:30:11 | 000,061,056 | ---- | M] ()
vga.sys -> 64bit -> File not found
vgasave.sys -> 64bit -> File not found
vmms -> Service
volmgr.sys -> 64bit -> File not found
volmgrx.sys -> 64bit -> File not found
WinDefend -> 64bit -> File not found
WinMgmt -> 64bit -> File not found
Wlansvc -> 64bit -> File not found
WudfPf -> 64bit -> File not found
WudfRd -> 64bit -> File not found
WudfSvc -> 64bit -> File not found
WudfUsbccidDriver -> Driver
< 64bit-Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center -> 
64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
\\"cval" ->  [1] -> File not found
64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> -> 
64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\ -> -> 
64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc
\Svc\\"VistaSp1" ->  [28 4D B2 76 41 04 CA 01  [binary data]] -> File not found
\Svc\\"AntiVirusOverride" ->  [0] -> File not found
\Svc\\"AntiSpywareOverride" ->  [0] -> File not found
\Svc\\"FirewallOverride" ->  [0] -> File not found
64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol\ -> -> 
< Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
\\"DisableNotifications" ->  [0] -> File not found
\\"EnableFirewall" ->  [1] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging\ -> -> 
< Session Manager Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager -> 
*BootExecute* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\\BootExecute -> 
autocheck autochk * ->  -> File not found
lsdelete ->  -> File not found
*MultiFile Done* -> -> 
"ExcludeFromKnownDlls" ->  [binary data] -> 
64bit-*ObjectDirectories* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\\ObjectDirectories -> 
\Windows -> \Windows -> [2010/06/19 07:54:43 | 000,000,000 | ---D | M]
\RPC Control ->  -> File not found
*MultiFile Done* -> -> 
*ObjectDirectories* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\\ObjectDirectories -> 
\Windows -> \Windows -> [2010/06/19 07:54:43 | 000,000,000 | ---D | M]
\RPC Control ->  -> File not found
*MultiFile Done* -> -> 
< Session Manager Environment Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment -> 
64bit-"ComSpec" -> C:\Windows\SysNative\cmd.exe -> [2009/07/14 03:39:01 | 000,344,576 | ---- | M] (Microsoft Corporation)
"ComSpec" -> C:\Windows\SysWOW64\cmd.exe -> [2009/07/14 03:14:15 | 000,301,568 | ---- | M] (Microsoft Corporation)
"TEMP" -> C:\Windows\Temp -> [2010/06/19 13:19:45 | 000,000,000 | ---D | M]
"TMP" -> C:\Windows\Temp -> [2010/06/19 13:19:45 | 000,000,000 | ---D | M]
"windir" -> C:\Windows -> [2010/06/19 07:54:43 | 000,000,000 | ---D | M]
64bit-*Path* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\\Path -> 
C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common -> [2010/04/26 07:38:45 | 000,000,000 | ---D | M]
C:\Program Files (x86)\PC Connectivity Solution\ -> C:\Program Files (x86)\PC Connectivity Solution\ -> [2010/03/09 12:56:37 | 000,000,000 | ---D | M]
%SystemRoot%\system32 -> C:\Windows\SysNative -> File not found
%SystemRoot% -> C:\Windows -> [2010/06/19 07:54:43 | 000,000,000 | ---D | M]
%SystemRoot%\System32\Wbem -> C:\Windows\SysNative\wbem -> [2010/06/16 13:06:44 | 000,000,000 | ---D | M]
%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\ -> C:\Windows\SysNative\WindowsPowerShell\v1.0\ -> [2009/12/23 13:27:35 | 000,000,000 | ---D | M]
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86 -> C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86 -> [2009/10/13 00:44:38 | 000,000,000 | ---D | M]
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64 -> C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64 -> [2009/10/13 00:44:38 | 000,000,000 | ---D | M]
C:\Program Files (x86)\Common Files\Acronis\SnapAPI\ -> C:\Program Files (x86)\Common Files\Acronis\SnapAPI\ -> [2010/03/12 13:43:04 | 000,000,000 | ---D | M]
C:\Program Files (x86)\QuickTime\QTSystem\ -> C:\Program Files (x86)\QuickTime\QTSystem\ -> [2010/06/05 13:09:06 | 000,000,000 | ---D | M]
*MultiFile Done* -> -> 
*Path* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\\Path -> 
C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common -> [2010/04/26 07:38:45 | 000,000,000 | ---D | M]
C:\Program Files (x86)\PC Connectivity Solution\ -> C:\Program Files (x86)\PC Connectivity Solution\ -> [2010/03/09 12:56:37 | 000,000,000 | ---D | M]
%SystemRoot%\system32 -> C:\Windows\SysWOW64 -> [2010/06/18 19:26:27 | 000,000,000 | ---D | M]
%SystemRoot% -> C:\Windows -> [2010/06/19 07:54:43 | 000,000,000 | ---D | M]
%SystemRoot%\System32\Wbem -> C:\Windows\SysWOW64\wbem -> [2009/12/23 13:27:37 | 000,000,000 | ---D | M]
%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\ -> C:\Windows\SysWow64\WindowsPowerShell\v1.0\ -> [2009/12/23 13:27:38 | 000,000,000 | ---D | M]
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86 -> C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86 -> [2009/10/13 00:44:38 | 000,000,000 | ---D | M]
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64 -> C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64 -> [2009/10/13 00:44:38 | 000,000,000 | ---D | M]
C:\Program Files (x86)\Common Files\Acronis\SnapAPI\ -> C:\Program Files (x86)\Common Files\Acronis\SnapAPI\ -> [2010/03/12 13:43:04 | 000,000,000 | ---D | M]
C:\Program Files (x86)\QuickTime\QTSystem\ -> C:\Program Files (x86)\QuickTime\QTSystem\ -> [2010/06/05 13:09:06 | 000,000,000 | ---D | M]
*MultiFile Done* -> -> 
*PATHEXT* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\\PATHEXT -> 
.COM ->  -> File not found
.EXE ->  -> File not found
.BAT ->  -> File not found
.CMD ->  -> File not found
.VBS ->  -> File not found
.VBE ->  -> File not found
.JS ->  -> File not found
.JSE ->  -> File not found
.WSF ->  -> File not found
.WSH ->  -> File not found
.MSC ->  -> File not found
*MultiFile Done* -> -> 
< Session Manager FileRenameOperations Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\FileRenameOperations -> 
< Session Manager KnownDlls Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDlls -> 
64bit-"advapi32" -> C:\Windows\SysNative\advapi32.dll -> [2009/07/14 03:40:01 | 000,877,056 | ---- | M] (Microsoft Corporation)
64bit-"clbcatq" -> C:\Windows\SysNative\clbcatq.dll -> [2009/07/14 03:40:15 | 000,607,744 | ---- | M] (Microsoft Corporation)
64bit-"COMDLG32" -> C:\Windows\SysNative\comdlg32.dll -> [2009/07/14 03:40:22 | 000,595,456 | ---- | M] (Microsoft Corporation)
64bit-"DifxApi" -> C:\Windows\SysNative\difxapi.dll -> [2009/07/14 03:40:30 | 000,504,320 | ---- | M] (Microsoft Corporation)
64bit-"DllDirectory" -> C:\Windows\SysNative -> File not found
64bit-"DllDirectory32" -> C:\Windows\SysWOW64 -> [2010/06/18 19:26:27 | 000,000,000 | ---D | M]
64bit-"gdi32" -> C:\Windows\SysNative\gdi32.dll -> [2009/07/14 03:40:56 | 000,404,480 | ---- | M] (Microsoft Corporation)
64bit-"IERTUTIL" -> C:\Windows\SysNative\iertutil.dll -> [2009/07/14 03:41:06 | 002,440,704 | ---- | M] (Microsoft Corporation)
64bit-"IMAGEHLP" -> C:\Windows\SysNative\imagehlp.dll -> [2009/07/14 03:41:08 | 000,076,288 | ---- | M] (Microsoft Corporation)
64bit-"IMM32" -> C:\Windows\SysNative\imm32.dll -> [2009/07/14 03:41:09 | 000,167,424 | ---- | M] (Microsoft Corporation)
64bit-"kernel32" -> C:\Windows\SysNative\kernel32.dll -> [2009/07/14 03:41:13 | 001,162,240 | ---- | M] (Microsoft Corporation)
64bit-"LPK" -> C:\Windows\SysNative\lpk.dll -> [2009/07/14 03:41:19 | 000,041,984 | ---- | M] (Microsoft Corporation)
64bit-"MSCTF" -> C:\Windows\SysNative\msctf.dll -> [2009/07/14 03:41:28 | 001,067,008 | ---- | M] (Microsoft Corporation)
64bit-"MSVCRT" -> C:\Windows\SysNative\msvcrt.dll -> [2009/07/14 03:41:32 | 000,634,880 | ---- | M] (Microsoft Corporation)
64bit-"NORMALIZ" -> C:\Windows\SysNative\normaliz.dll -> [2009/07/14 03:31:40 | 000,002,560 | ---- | M] (Microsoft Corporation)
64bit-"NSI" -> C:\Windows\SysNative\nsi.dll -> [2009/07/14 03:41:53 | 000,013,824 | ---- | M] (Microsoft Corporation)
64bit-"ole32" -> C:\Windows\SysNative\ole32.dll -> [2009/07/14 03:41:53 | 002,084,352 | ---- | M] (Microsoft Corporation)
64bit-"OLEAUT32" -> C:\Windows\SysNative\oleaut32.dll -> [2009/07/14 03:41:53 | 000,861,184 | ---- | M] (Microsoft Corporation)
64bit-"PSAPI" -> C:\Windows\SysNative\psapi.dll -> [2009/07/14 03:41:53 | 000,009,216 | ---- | M] (Microsoft Corporation)
64bit-"rpcrt4" -> C:\Windows\SysNative\rpcrt4.dll -> [2009/07/14 03:41:53 | 001,221,632 | ---- | M] (Microsoft Corporation)
64bit-"sechost" -> C:\Windows\SysNative\sechost.dll -> [2009/07/14 03:41:53 | 000,113,664 | ---- | M] (Microsoft Corporation)
64bit-"Setupapi" -> C:\Windows\SysNative\setupapi.dll -> [2009/07/14 03:41:54 | 001,899,520 | ---- | M] (Microsoft Corporation)
64bit-"SHELL32" -> C:\Windows\SysNative\shell32.dll -> [2010/02/18 10:07:44 | 014,163,456 | ---- | M] (Microsoft Corporation)
64bit-"SHLWAPI" -> C:\Windows\SysNative\shlwapi.dll -> [2009/07/14 03:41:54 | 000,449,536 | ---- | M] (Microsoft Corporation)
64bit-"URLMON" -> C:\Windows\SysNative\urlmon.dll -> [2010/05/06 15:02:38 | 001,493,504 | ---- | M] (Microsoft Corporation)
64bit-"user32" -> C:\Windows\SysNative\user32.dll -> [2009/07/14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation)
64bit-"USP10" -> C:\Windows\SysNative\usp10.dll -> [2009/07/14 03:41:56 | 000,801,280 | ---- | M] (Microsoft Corporation)
64bit-"WININET" -> C:\Windows\SysNative\wininet.dll -> [2010/05/21 07:52:30 | 001,192,960 | ---- | M] (Microsoft Corporation)
64bit-"WLDAP32" -> C:\Windows\SysNative\Wldap32.dll -> [2009/07/14 03:41:56 | 000,311,808 | ---- | M] (Microsoft Corporation)
64bit-"WS2_32" -> C:\Windows\SysNative\ws2_32.dll -> [2009/07/14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation)
"advapi32" -> C:\Windows\SysWow64\advapi32.dll -> [2009/07/14 03:14:53 | 000,640,000 | ---- | M] (Microsoft Corporation)
"clbcatq" -> C:\Windows\SysWow64\clbcatq.dll -> [2009/07/14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation)
"COMDLG32" -> C:\Windows\SysWow64\comdlg32.dll -> [2009/07/14 03:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation)
"DifxApi" -> C:\Windows\SysWow64\difxapi.dll -> [2009/07/14 03:15:11 | 000,315,904 | ---- | M] (Microsoft Corporation)
"DllDirectory" -> C:\Windows\SysWOW64 -> [2010/06/18 19:26:27 | 000,000,000 | ---D | M]
"DllDirectory32" -> C:\Windows\SysWOW64 -> [2010/06/18 19:26:27 | 000,000,000 | ---D | M]
"gdi32" -> C:\Windows\SysWow64\gdi32.dll -> [2009/07/14 03:11:21 | 000,310,784 | ---- | M] (Microsoft Corporation)
"IERTUTIL" -> C:\Windows\SysWow64\iertutil.dll -> [2009/07/14 03:15:28 | 002,058,240 | ---- | M] (Microsoft Corporation)
"IMAGEHLP" -> C:\Windows\SysWow64\imagehlp.dll -> [2009/07/14 03:15:31 | 000,154,624 | ---- | M] (Microsoft Corporation)
"IMM32" -> C:\Windows\SysWow64\imm32.dll -> [2009/07/14 03:11:21 | 000,119,808 | ---- | M] (Microsoft Corporation)
"kernel32" -> C:\Windows\SysWow64\kernel32.dll -> [2009/07/14 03:11:23 | 000,836,608 | ---- | M] (Microsoft Corporation)
"LPK" -> C:\Windows\SysWow64\lpk.dll -> [2009/07/14 03:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation)
"MSCTF" -> C:\Windows\SysWow64\msctf.dll -> [2009/07/14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation)
"MSVCRT" -> C:\Windows\SysWow64\msvcrt.dll -> [2009/07/14 03:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation)
"NORMALIZ" -> C:\Windows\SysWow64\normaliz.dll -> [2009/07/14 03:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation)
"NSI" -> C:\Windows\SysWow64\nsi.dll -> [2009/07/14 03:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation)
"ole32" -> C:\Windows\SysWow64\ole32.dll -> [2009/07/14 03:16:12 | 001,412,608 | ---- | M] (Microsoft Corporation)
"OLEAUT32" -> C:\Windows\SysWow64\oleaut32.dll -> [2009/07/14 03:16:12 | 000,571,904 | ---- | M] (Microsoft Corporation)
"PSAPI" -> C:\Windows\SysWow64\psapi.dll -> [2009/07/14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation)
"rpcrt4" -> C:\Windows\SysWow64\rpcrt4.dll -> [2009/07/14 03:11:23 | 000,662,528 | ---- | M] (Microsoft Corporation)
"sechost" -> C:\Windows\SysWow64\sechost.dll -> [2009/07/14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation)
"Setupapi" -> C:\Windows\SysWow64\setupapi.dll -> [2009/07/14 03:16:14 | 001,668,608 | ---- | M] (Microsoft Corporation)
"SHELL32" -> C:\Windows\SysWow64\shell32.dll -> [2010/02/18 09:34:01 | 012,867,072 | ---- | M] (Microsoft Corporation)
"SHLWAPI" -> C:\Windows\SysWow64\shlwapi.dll -> [2009/07/14 03:16:14 | 000,350,208 | ---- | M] (Microsoft Corporation)
"URLMON" -> C:\Windows\SysWow64\urlmon.dll -> [2010/05/06 14:42:05 | 001,225,216 | ---- | M] (Microsoft Corporation)
"user32" -> C:\Windows\SysWow64\user32.dll -> [2009/07/14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation)
"USP10" -> C:\Windows\SysWow64\usp10.dll -> [2009/07/14 03:16:17 | 000,627,200 | ---- | M] (Microsoft Corporation)
"WININET" -> C:\Windows\SysWow64\wininet.dll -> [2010/05/21 07:18:06 | 000,977,920 | ---- | M] (Microsoft Corporation)
"WLDAP32" -> C:\Windows\SysWow64\Wldap32.dll -> [2009/07/14 03:16:19 | 000,268,800 | ---- | M] (Microsoft Corporation)
"WS2_32" -> C:\Windows\SysWow64\ws2_32.dll -> [2009/07/14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation)
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command -> 
64bit-batfile [open] -> "%1" %* -> File not found
64bit-cmdfile [open] -> "%1" %* -> File not found
64bit-comfile [open] -> "%1" %* -> File not found
64bit-exefile [open] -> "%1" %* -> File not found
64bit-htmlfile [edit] -> "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 -> [2008/11/10 11:50:30 | 000,068,472 | ---- | M] (Microsoft Corporation)
64bit-htmlfile [print] -> "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 -> [2008/11/10 11:50:30 | 000,068,472 | ---- | M] (Microsoft Corporation)
64bit-inffile [install] -> %SystemRoot%\System32\InfDefaultInstall.exe "%1" -> [2009/07/14 03:39:13 | 000,010,240 | ---- | M] (Microsoft Corporation)
64bit-InternetShortcut [print] -> "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" -> [2010/05/06 14:41:53 | 005,970,944 | ---- | M] (Microsoft Corporation)
64bit-piffile [open] -> "%1" %* -> File not found
64bit-scrfile [config] -> "%1" -> File not found
64bit-scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l -> [2009/07/14 03:38:51 | 000,130,048 | ---- | M] (Microsoft Corporation)
64bit-scrfile [open] -> "%1" /S -> File not found
64bit-Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 -> File not found
64bit-Directory [AddToPlaylistVLC] -> "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" -> [2010/01/31 00:27:38 | 000,141,061 | ---- | M] ()
64bit-Directory [cmd] -> cmd.exe /s /k pushd "%V" -> [2009/07/14 03:39:01 | 000,344,576 | ---- | M] (Microsoft Corporation)
64bit-Directory [find] -> %SystemRoot%\Explorer.exe -> [2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation)
64bit-Directory [OneNote.Open] -> C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" -> [2009/02/26 15:24:50 | 001,001,840 | ---- | M] (Microsoft Corporation)
64bit-Directory [PlayWithVLC] -> "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" -> [2010/01/31 00:27:38 | 000,141,061 | ---- | M] ()
64bit-Folder [open] -> %SystemRoot%\Explorer.exe -> [2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation)
64bit-Drive [find] -> %SystemRoot%\Explorer.exe -> [2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation)
batfile [open] -> "%1" %* -> 
cmdfile [open] -> "%1" %* -> 
comfile [open] -> "%1" %* -> 
cplfile [cplopen] -> %SystemRoot%\System32\control.exe "%1",%* -> [2009/07/14 03:14:15 | 000,113,152 | ---- | M] (Microsoft Corporation)
exefile [open] -> "%1" %* -> 
htmlfile [edit] -> "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 -> [2008/11/10 11:50:30 | 000,068,472 | ---- | M] (Microsoft Corporation)
htmlfile [print] -> "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 -> [2008/11/10 11:50:30 | 000,068,472 | ---- | M] (Microsoft Corporation)
inffile [install] -> %SystemRoot%\System32\InfDefaultInstall.exe "%1" -> [2009/07/14 03:14:21 | 000,009,216 | ---- | M] (Microsoft Corporation)
InternetShortcut [print] -> "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" -> [2010/05/06 14:41:53 | 005,970,944 | ---- | M] (Microsoft Corporation)
piffile [open] -> "%1" %* -> 
scrfile [config] -> "%1" -> 
scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l -> [2009/07/14 03:14:08 | 000,128,000 | ---- | M] (Microsoft Corporation)
scrfile [open] -> "%1" /S -> 
Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 -> 
Directory [AddToPlaylistVLC] -> "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" -> [2010/01/31 00:27:38 | 000,141,061 | ---- | M] ()
Directory [cmd] -> cmd.exe /s /k pushd "%V" -> [2009/07/14 03:14:15 | 000,301,568 | ---- | M] (Microsoft Corporation)
Directory [find] -> %SystemRoot%\Explorer.exe -> [2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation)
Directory [OneNote.Open] -> C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" -> [2009/02/26 15:24:50 | 001,001,840 | ---- | M] (Microsoft Corporation)
Directory [PlayWithVLC] -> "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" -> [2010/01/31 00:27:38 | 000,141,061 | ---- | M] ()
Folder [open] -> %SystemRoot%\Explorer.exe -> [2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation)
Drive [find] -> %SystemRoot%\Explorer.exe -> [2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation)
< Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ -> 
64bit-NameSpace_Catalog5\Catalog_Entries\000000000007 [mdnsNSP] -> C:\Program Files (x86)\Bonjour\mdnsNSP.dll -> [2010/04/08 13:20:00 | 000,152,864 | ---- | M] (Apple Inc.)
NameSpace_Catalog5\Catalog_Entries\000000000007 [mdnsNSP] -> C:\Program Files (x86)\Bonjour\mdnsNSP.dll -> [2010/04/08 13:20:00 | 000,152,864 | ---- | M] (Apple Inc.)
< Default Protocols [HKEY_LOCAL_MACHINE\] - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> 
ldap -> 4 = Restricted sites (Not a Default Protocol) -> 
news -> 4 = Restricted sites (Not a Default Protocol) -> 
nntp -> 4 = Restricted sites (Not a Default Protocol) -> 
oecmd -> 4 = Restricted sites (Not a Default Protocol) -> 
snews -> 4 = Restricted sites (Not a Default Protocol) -> 
< Default Protocols [HKEY_USERS\S-1-5-19\] - Select to Repair > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> 
@ivt -> @ivt protocol not assigned -> 
file -> file protocol not assigned -> 
ftp -> ftp protocol not assigned -> 
http -> http protocol not assigned -> 
https -> https protocol not assigned -> 
shell -> shell protocol not assigned -> 
< Default Protocols [HKEY_USERS\S-1-5-20\] - Select to Repair > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> 
@ivt -> @ivt protocol not assigned -> 
file -> file protocol not assigned -> 
ftp -> ftp protocol not assigned -> 
http -> http protocol not assigned -> 
https -> https protocol not assigned -> 
shell -> shell protocol not assigned -> 
< 64bit-Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> 
{071c9b48-7c32-4621-a0ac-3f809523288f} -> Microsoft Visual C++ 2005 Redistributable (x64)
{350AA351-21FA-3270-8B7A-835434E766AD} -> Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
{3D3E663D-4E7E-4577-A560-7ECDDD45548A} -> PVSonyDll
{404BB1FF-A84F-432F-B77B-301E88E8D1C7} -> Apple Mobile Device Support
{47DEB25D-4FA2-4894-8A0D-FE944C47326E} -> Microsoft Baseline Security Analyzer 2.1
{8220EEFE-38CD-377E-8595-13398D740ACE} -> Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
{90120000-002A-0000-1000-0000000FF1CE} -> Microsoft Office Office 64-bit Components 2007
{90120000-002A-0409-1000-0000000FF1CE} -> Microsoft Office Shared 64-bit MUI (English) 2007
{90120000-002A-040C-1000-0000000FF1CE} -> Microsoft Office Shared 64-bit MUI (French) 2007
{90120000-0116-0409-1000-0000000FF1CE} -> Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E} -> Intel® Matrix Storage Manager
{95120000-00B9-0409-1000-0000000FF1CE} -> Microsoft Application Error Reporting
{96D5EB02-DE18-4DCD-A713-929B4461CA8D} -> iTunes
{B6E3757B-5E77-3915-866A-CCFC4B8D194C} -> Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
{C19D4D8F-4433-4F6D-9F0C-79589FD0B973} -> Bonjour
{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA} -> SUPERAntiSpyware
{EE936C7A-EA40-31D5-9B65-8E3E089C3828} -> Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
BC15EA930074932BB2C4B4493C9FD4EA95087D1A -> Package de pilotes Windows - Nokia pccsmcfd  (10/12/2007 6.85.4.0)
EPSON Printer and Utilities -> EPSON Logiciel imprimante
LockHunter_is1 -> LockHunter version 1.0 beta 3, 64 bit edition
NVIDIA Display Control Panel -> NVIDIA Display Control Panel
NVIDIA Drivers -> NVIDIA Drivers
SAMSUNG Mobile Composite Device -> SAMSUNG Mobile Composite Device Software
SAMSUNG Mobile Modem -> SAMSUNG Mobile Modem Driver Set
Samsung Mobile Modem Device -> Samsung Mobile Modem Device Software
Samsung Mobile phone USB driver -> Samsung Mobile phone USB driver Software
Samsung Mobile phone USB driver Drive -> Samsung Mobile phone USB driver Drive Software
SAMSUNG Mobile USB Modem -> SAMSUNG Mobile USB Modem Software
SAMSUNG Mobile USB Modem 1.0 -> SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG USB Mobile Device -> SAMSUNG USB Mobile Device Software
WinRAR archiver -> Logiciel d'archivage WinRAR
< Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> 
{0214A441-A4AB-43A8-8DEF-2F73C5364673} -> Microsoft Works
{0638268c-b727-4f78-a92b-a4f68176e670} -> Nero 9 Essentials
{0E3C6700-B0FB-4508-A4B0-51EF626D6D60}_is1 -> Mah Jong Adventures
{15D967B5-A4BE-42AE-9E84-64CD062B25AA} -> eSobi v2
{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
{20400dbd-e6db-45b8-9b6b-1dd7033818ec} -> Nero InfoTool Help
{205C6BDD-7B73-42DE-8505-9A093F35A238} -> Outil de téléchargement Windows Live
{2075CB0A-D26F-4DAA-B424-5079296B43BA} -> Windows Live FolderShare
{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} -> MSVCRT
{2348b586-c9ae-46ce-936c-a68e9426e214} -> Nero StartSmart Help
{2637C347-9DAD-11D6-9EA2-00055D0CA761} -> Acer Arcade Deluxe
{266517E6-D866-439D-919C-B8B1A52E6080} -> OpenOffice.org 3.2
{26A24AE4-039D-4CA4-87B4-2F83216020FF} -> Java(TM) 6 Update 20
{287ECFA4-719A-2143-A09B-D6A12DE54E40} -> Acrobat.com
{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD} -> QuickTime
{30075A70-B5D2-440B-AFA3-FB2021740121} -> Backup Manager Advance
{338F08AB-C262-42C7-B000-34DE1A475273} -> Ad-Aware Email Scanner for Outlook
{33cf58f5-48d8-4575-83d6-96f574e4d83a} -> Nero DriveSpeed
{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF} -> JMicron JMB36X Driver
{3B4E636E-9D65-4D67-BA61-189800823F52} -> Windows Live Communications Platform
{3F262ADC-5AD2-48E5-A586-44315E04A9E9} -> Microsoft Album photo 10
{42756145-9997-4D28-809B-8756BFD00109} -> Microsoft Photo Pro 10
{4634B21A-CC07-4396-890C-2B8168661FEA} -> Windows Live Writer
{46ABBC54-1872-4AA3-95E2-F2C063A63F31} -> Installation Windows Live
{4A03706F-666A-4037-7777-5F2748764D10} -> Java Auto Updater
{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA} -> Nero StartSmart OEM
{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
{53B20C18-D8D4-4588-8737-9BBFE303C354} -> Windows Live Movie Maker
{54194F60-988C-4D03-B922-C2B00EFDA39A} -> NVIDIA PhysX
{553255F3-78FD-40F1-A6F8-6882140265FE} -> Apple Application Support
{56C049BE-79E9-4502-BEA7-9754A3E60F9B} -> neroxml
{595a3116-40bb-4e0f-a2e8-d7951da56270} -> NeroExpress
{5DD76286-9BE7-4894-A990-E905E91AC818} -> Windows Live Mail
{67EDD823-135A-4D59-87BD-950616D6E857} -> EPSON Copy Utility 3
{68301905-2DEA-41CE-A4D4-E8B443B099BA} -> MyWinLocker
{7299052b-02a4-4627-81f2-1818da5d550d} -> Microsoft Visual C++ 2005 Redistributable
{770F1BEC-2871-4E70-B837-FB8525FFA3B1} -> Windows Live Messenger
{7748ac8c-18e3-43bb-959b-088faea16fb2} -> Nero StartSmart
{7B0A8F0E-3672-4DA5-9540-A8D0171C38D8} -> TuneUp Utilities Language Pack (fr-FR)
{7E84FAC8-C518-40F9-9807-7455301D6D25} -> SamsungConnectivityCableDriver
{7F811A54-5A09-4579-90E1-C93498E230D9} -> Acer eRecovery Management
{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593} -> Chicken Invaders 2
{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697} -> Granny In Paradise
{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477} -> Merriam Websters Spell Jam
{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477} -> Amazonia
{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767} -> Alice Greenfingers
{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380} -> Heroes of Hellas
{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110} -> Dream Day First Home
{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100} -> Dairy Dash
{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115208410} -> First Class Flurry
{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173} -> Farm Frenzy 2
{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} -> Windows Live Call
{83202942-84b3-4c50-8622-b8c0aa2d2885} -> Nero Express Help
{837b34e3-7c30-493c-8f6a-2b0f04e2912c} -> Microsoft Visual C++ 2005 Redistributable
{869200db-287a-4dc0-b02b-2b6787fbcd4c} -> Nero DiscSpeed
{89661B04-C646-4412-B6D3-5E19F02F1F37} -> EAX4 Unified Redist
{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} -> Microsoft Silverlight
{8C676E78-9169-43FB-9A56-415DF6DE50EE} -> Tetris 5000
{8DD0F820-3656-4AB3-A7F4-005CAA2D0897}_is1 -> RDesc 2.31
{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1 -> Acer GameZone Console
{90120000-0015-040C-0000-0000000FF1CE} -> Microsoft Office Access MUI (French) 2007
{90120000-0015-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-0016-0409-0000-0000000FF1CE} -> Microsoft Office Excel MUI (English) 2007
{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> 2007 Microsoft Office Suite Service Pack 2 (SP2)
{90120000-0016-040C-0000-0000000FF1CE} -> Microsoft Office Excel MUI (French) 2007
{90120000-0016-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-0017-040C-0000-0000000FF1CE} -> Microsoft Office SharePoint Designer MUI (French) 2007
{90120000-0017-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CCDA3DD6-E33D-4D75-B7C9-FF585580CE83} -> Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
{90120000-0018-0409-0000-0000000FF1CE} -> Microsoft Office PowerPoint MUI (English) 2007
{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> 2007 Microsoft Office Suite Service Pack 2 (SP2)
{90120000-0018-040C-0000-0000000FF1CE} -> Microsoft Office PowerPoint MUI (French) 2007
{90120000-0018-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-0019-040C-0000-0000000FF1CE} -> Microsoft Office Publisher MUI (French) 2007
{90120000-0019-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-001A-040C-0000-0000000FF1CE} -> Microsoft Office Outlook MUI (French) 2007
{90120000-001A-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-001B-0409-0000-0000000FF1CE} -> Microsoft Office Word MUI (English) 2007
{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> 2007 Microsoft Office Suite Service Pack 2 (SP2)
{90120000-001B-040C-0000-0000000FF1CE} -> Microsoft Office Word MUI (French) 2007
{90120000-001B-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-001F-0401-0000-0000000FF1CE} -> Microsoft Office Proof (Arabic) 2007
{90120000-001F-0401-0000-0000000FF1CE}_OMUI.fr-fr_{14809F99-C601-4D4A-9391-F1E8FAA964C5} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
{90120000-001F-0407-0000-0000000FF1CE} -> Microsoft Office Proof (German) 2007
{90120000-001F-0407-0000-0000000FF1CE}_OMUI.fr-fr_{A0516415-ED61-419A-981D-93596DA74165} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
{90120000-001F-0409-0000-0000000FF1CE} -> Microsoft Office Proof (English) 2007
{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045} -> 2007 Microsoft Office Suite Service Pack 2 (SP2)
{90120000-001F-040C-0000-0000000FF1CE} -> Microsoft Office Proof (French) 2007
{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787} -> 2007 Microsoft Office Suite Service Pack 2 (SP2)
{90120000-001F-0413-0000-0000000FF1CE} -> Microsoft Office Proof (Dutch) 2007
{90120000-001F-0413-0000-0000000FF1CE}_OMUI.fr-fr_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
{90120000-001F-0C0A-0000-0000000FF1CE} -> Microsoft Office Proof (Spanish) 2007
{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9} -> 2007 Microsoft Office Suite Service Pack 2 (SP2)
{90120000-0020-040C-0000-0000000FF1CE} -> Module de compatibilité pour Microsoft Office System 2007
{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192} -> 2007 Microsoft Office Suite Service Pack 2 (SP2)
{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E} -> 2007 Microsoft Office Suite Service Pack 2 (SP2)
{90120000-002A-040C-1000-0000000FF1CE}_OMUI.fr-fr_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-002C-0409-0000-0000000FF1CE} -> Microsoft Office Proofing (English) 2007
{90120000-002C-040C-0000-0000000FF1CE} -> Microsoft Office Proofing (French) 2007
{90120000-0044-040C-0000-0000000FF1CE} -> Microsoft Office InfoPath MUI (French) 2007
{90120000-0044-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-006E-0409-0000-0000000FF1CE} -> Microsoft Office Shared MUI (English) 2007
{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E} -> 2007 Microsoft Office Suite Service Pack 2 (SP2)
{90120000-006E-040C-0000-0000000FF1CE} -> Microsoft Office Shared MUI (French) 2007
{90120000-006E-040C-0000-0000000FF1CE}_OMUI.fr-fr_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-00A1-0409-0000-0000000FF1CE} -> Microsoft Office OneNote MUI (English) 2007
{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> 2007 Microsoft Office Suite Service Pack 2 (SP2)
{90120000-00A1-040C-0000-0000000FF1CE} -> Microsoft Office OneNote MUI (French) 2007
{90120000-00A1-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-00BA-040C-0000-0000000FF1CE} -> Microsoft Office Groove MUI (French) 2007
{90120000-00BA-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-0100-040C-0000-0000000FF1CE} -> Microsoft Office O MUI (French) 2007
{90120000-0100-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-0101-040C-0000-0000000FF1CE} -> Microsoft Office X MUI (French) 2007
{90120000-0101-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-0115-0409-0000-0000000FF1CE} -> Microsoft Office Shared Setup Metadata MUI (English) 2007
{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E} -> 2007 Microsoft Office Suite Service Pack 2 (SP2)
{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E} -> 2007 Microsoft Office Suite Service Pack 2 (SP2)
{91120000-002F-0000-0000-0000000FF1CE} -> Microsoft Office Home and Student 2007
{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} -> Microsoft Office 2007 Service Pack 2 (SP2)
{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF} -> Security Update for Microsoft Office system 2007 (972581)
{95120000-00AF-040C-0000-0000000FF1CE} -> Microsoft Office PowerPoint Viewer 2007 (French)
{97C82B44-D408-4F14-9252-47FC1636D23E}_is1 -> IZArc 4.1
{9A25302D-30C0-39D9-BD6F-21E6EC160475} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
{9F7FC79B-3059-4264-9450-39EB368E3225} -> Microsoft Digital Image Library 9 - Blocker
{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D} -> ImagXpress
{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} -> Google Update Helper
{AC599724-5755-48C1-ABE7-ABB857652930} -> PC Connectivity Solution
{AC76BA86-7AD7-1033-7B44-A93000000001} -> Adobe Reader 9.3.2
{AF7E85DC-317C-47F5-810E-B82EE093A612} -> Samsung New PC Studio USB Driver Installer
{B131E59D-202C-43C6-84C9-68F0C37541F1} -> Galerie de photos Windows Live
{B194272D-1F92-46DF-99EB-8D5CE91CB4EC} -> Adobe AIR
{b2ec4a38-b545-4a00-8214-13fe0e915e6d} -> Advertising Center
{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 -> Spybot - Search & Destroy
{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a} -> Nero ControlCenter
{C2F1F96A-057E-5819-B52E-FEA1D1D2933B} -> Acronis True Image Home
{C41300B9-185D-475E-BFEC-39EF732F19B1} -> Apple Software Update
{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} -> Microsoft .NET Framework 1.1
{cc019e3f-59d2-4486-8d4b-878105b62a71} -> Nero DiscSpeed Help
{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} -> TuneUp Utilities
{D433ABC3-0CD8-4BB0-B6A9-84501B4B47B7} -> ArcSoft PhotoImpression 5
{dba84796-8503-4ff0-af57-1747dd9a166d} -> Nero Online Upgrade
{DCE8CD14-FBF5-4464-B9A4-E18E473546C7} -> Assistant de connexion Windows Live
{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF} -> Ad-Aware
{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1 -> Auslogics Disk Defrag
{E2DFE069-083E-4631-9B6C-43C48E991DE5} -> Junk Mail filter update
{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E} -> Microsoft Office Suite Activation Assistant
{e5c7d048-f9b4-4219-b323-8bdb01a2563d} -> Nero DriveSpeed Help
{e8a80433-302b-4ff1-815d-fcc8eac482ff} -> Nero Installer
{EE171732-BEB4-4576-887D-CB62727F01CA} -> Acer Updater
{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} -> Microsoft SQL Server 2005 Compact Edition [ENU]
{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} -> Microsoft Choice Guard
{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} -> Realtek High Definition Audio Driver
{F193FC0E-9E18-40FC-A974-509A1BDD240A} -> Samsung New PC Studio
{F19D07BC-6240-49D3-BA5C-59B015DF8916} -> EPSON Easy Photo Print
{F333A33D-125C-32A2-8DCE-5C5D14231E27} -> Visual C++ 2008 x86 Runtime - (v9.0.30729)
{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01 -> Visual C++ 2008 x86 Runtime - v9.0.30729.01
{f4041dce-3fe1-4e18-8a9e-9de65231ee36} -> Nero ControlCenter
{F7B0939E-58DF-11DF-B3A6-005056806466} -> Google Earth
{fbcdfd61-7dcf-4e71-9226-873ba0053139} -> Nero InfoTool
7-Zip -> 7-Zip 4.65
Acer Registration -> Acer Registration
Acer Screensaver -> Acer ScreenSaver
Acer Welcome Center -> Welcome Center
Ad-Aware -> Ad-Aware
Adobe AIR -> Adobe AIR
Adobe Flash Player ActiveX -> Adobe Flash Player 10 ActiveX
Adobe Flash Player Plugin -> Adobe Flash Player 10 Plugin
a-squared Free_is1 -> a-squared Free 4.5
Audacity_is1 -> Audacity 1.2.6
Avira AntiVir Desktop -> Avira AntiVir Personal - Free Antivirus
AVS DVD Copy_is1 -> AVS DVD Copy version 4.1.1
AVS Update Manager_is1 -> AVS Update Manager 1.0
AVS4YOU Software Navigator_is1 -> AVS4YOU Software Navigator 1.3
CCleaner -> CCleaner
EPSON Printer and Utilities -> EPSON Logiciel imprimante
EPSON Scanner -> EPSON Scan
Glary Utilities_is1 -> Glary Utilities 2.23.0.923
HOMESTUDENTR -> Microsoft Office Home and Student 2007
Hotkey Utility -> Hotkey Utility
Identity Card -> Identity Card
InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA} -> eSobi v2
InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761} -> Acer Arcade Deluxe
InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121} -> Acer Backup Manager
InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612} -> Samsung New PC Studio USB Driver Installer
InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A} -> Samsung New PC Studio
KC Softwares IDPhotoStudio_is1 -> KC Softwares IDPhotoStudio
Malwarebytes' Anti-Malware_is1 -> Malwarebytes' Anti-Malware
Mozilla Firefox (3.6.3) -> Mozilla Firefox (3.6.3)
Mozilla Thunderbird (3.0.4) -> Mozilla Thunderbird (3.0.4)
OMUI.fr-fr -> Microsoft Office Language Pack 2007 - French/Français
Orb -> Orb
PictureItSuite_v10 -> Microsoft Photo Pro Suite 10
PowerISO -> PowerISO
PunkBusterSvc -> PunkBuster Services
Pure Pinball 2.0 REDUX -> Pure Pinball 2.0 REDUX
RAR Repair Tool_is1 -> RAR Repair Tool v.4.0.1
S.T.A.L.K.E.R. - Shadow of Chernobyl_is1 -> S.T.A.L.K.E.R. - Shadow of Chernobyl
Secunia PSI -> Secunia PSI
ShalSoft.GigaTribe_is1 -> GigaTribe 3.01.001
TuneUp Utilities -> TuneUp Utilities
VLC media player -> VLC media player 1.0.5
WBFS Manager 3.0 -> WBFS Manager 3.0
WinLiveSuite_Wave3 -> Installation Windows Live
WinRAR archiver -> Logiciel d'archivage WinRAR
< Uninstall List [HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\] > -> HKEY_USERS\S-1-5-21-3258892936-4116843137-97899428-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> 
Capturino V2.11 -> Capturino V2.11
Vietcong 2 -> Vietcong 2
< EventViewer Logs - Last 10 Errors > -> Event Information -> Description
Application [ Error ] 05/06/2010 02:22:14 Computer Name = abraracourcix | Source = SideBySide | ID = 16842787 -> Description = La création du contexte d’activation a échoué pour « c:\program files (x86)\windows live\photo gallery\MovieMaker.Exe ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL » à la ligne 8.  L’identité de composant trouvé dans le manifeste ne correspond pas à celle du composant demandé.  La référence est WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".  La définition est WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".  Utilisez sxstrace.exe pour un diagnostic détaillé.
Application [ Error ] 05/06/2010 05:07:23 Computer Name = abraracourcix | Source = Application Error | ID = 1000 -> Description = Nom de l’application défaillante Game_full.exe, version : 0.0.0.0, horodatage : 0x41a19ee4  Nom du module défaillant : cgD3D9.dll, version : 1.1.307.700, horodatage : 0x3f09c46c  Code d’exception : 0xc0000005  Décalage d’erreur : 0x000059e9  ID du processus défaillant : 0x1658  Heure de début de l’application défaillante : 0x01cb048e1bbec824  Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Tetris 5000\Game_full.exe  Chemin d’accès du module défaillant: C:\Program Files (x86)\Tetris 5000\cgD3D9.dll  ID de rapport : c05b8002-7081-11df-a0b8-90fba62d1373
Application [ Error ] 05/06/2010 07:45:31 Computer Name = abraracourcix | Source = MsiInstaller | ID = 10005 -> Description = 
Application [ Error ] 06/06/2010 04:10:59 Computer Name = abraracourcix | Source = SideBySide | ID = 16842815 -> Description = La création du contexte d’activation a échoué pour « c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll » à la ligne 3.  La valeur « MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR » de l’attribut « version » de l’élément « assemblyIdentity » n’est pas valide.
Application [ Error ] 06/06/2010 04:12:30 Computer Name = abraracourcix | Source = SideBySide | ID = 16842787 -> Description = La création du contexte d’activation a échoué pour « c:\program files (x86)\windows live\photo gallery\MovieMaker.Exe ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL » à la ligne 8.  L’identité de composant trouvé dans le manifeste ne correspond pas à celle du composant demandé.  La référence est WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".  La définition est WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".  Utilisez sxstrace.exe pour un diagnostic détaillé.
Application [ Error ] 06/06/2010 15:12:04 Computer Name = abraracourcix | Source = Application Error | ID = 1000 -> Description = Nom de l’application défaillante Game_full.exe, version : 0.0.0.0, horodatage : 0x41a19ee4  Nom du module défaillant : cgD3D9.dll, version : 1.1.307.700, horodatage : 0x3f09c46c  Code d’exception : 0xc0000005  Décalage d’erreur : 0x000059e9  ID du processus défaillant : 0xfbc  Heure de début de l’application défaillante : 0x01cb05a8b4730c2a  Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Tetris 5000\Game_full.exe  Chemin d’accès du module défaillant: C:\Program Files (x86)\Tetris 5000\cgD3D9.dll  ID de rapport : 63f19d8c-719f-11df-bd2a-90fba62d1373
Application [ Error ] 07/06/2010 01:14:26 Computer Name = abraracourcix | Source = SideBySide | ID = 16842815 -> Description = La création du contexte d’activation a échoué pour « c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll » à la ligne 3.  La valeur « MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR » de l’attribut « version » de l’élément « assemblyIdentity » n’est pas valide.
Application [ Error ] 07/06/2010 01:15:09 Computer Name = abraracourcix | Source = SideBySide | ID = 16842787 -> Description = La création du contexte d’activation a échoué pour « c:\program files (x86)\windows live\photo gallery\MovieMaker.Exe ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL » à la ligne 8.  L’identité de composant trouvé dans le manifeste ne correspond pas à celle du composant demandé.  La référence est WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".  La définition est WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".  Utilisez sxstrace.exe pour un diagnostic détaillé.
Application [ Error ] 07/06/2010 18:31:01 Computer Name = abraracourcix | Source = SideBySide | ID = 16842815 -> Description = La création du contexte d’activation a échoué pour « c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll » à la ligne 3.  La valeur « MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR » de l’attribut « version » de l’élément « assemblyIdentity » n’est pas valide.
Application [ Error ] 07/06/2010 18:31:44 Computer Name = abraracourcix | Source = SideBySide | ID = 16842787 -> Description = La création du contexte d’activation a échoué pour « c:\program files (x86)\windows live\photo gallery\MovieMaker.Exe ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL » à la ligne 8.  L’identité de composant trouvé dans le manifeste ne correspond pas à celle du composant demandé.  La référence est WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".  La définition est WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".  Utilisez sxstrace.exe pour un diagnostic détaillé.
Media Center [ Error ] 04/03/2010 08:01:52 Computer Name = abraracourcix | Source = MCUpdate | ID = 0 -> Description = 13:01:52 - Erreur de connexion à Internet.  13:01:52 -     Impossible de contacter le service..  
Media Center [ Error ] 04/03/2010 08:02:00 Computer Name = abraracourcix | Source = MCUpdate | ID = 0 -> Description = 13:01:58 - Erreur de connexion à Internet.  13:01:58 -     Impossible de contacter le service..  
Media Center [ Error ] 04/03/2010 09:02:33 Computer Name = abraracourcix | Source = MCUpdate | ID = 0 -> Description = 14:02:33 - Erreur de connexion à Internet.  14:02:33 -     Impossible de contacter le service..  
Media Center [ Error ] 04/03/2010 09:02:38 Computer Name = abraracourcix | Source = MCUpdate | ID = 0 -> Description = 14:02:38 - Erreur de connexion à Internet.  14:02:38 -     Impossible de contacter le service..  
Media Center [ Error ] 04/03/2010 10:03:10 Computer Name = abraracourcix | Source = MCUpdate | ID = 0 -> Description = 15:03:10 - Erreur de connexion à Internet.  15:03:10 -     Impossible de contacter le service..  
Media Center [ Error ] 04/03/2010 10:03:16 Computer Name = abraracourcix | Source = MCUpdate | ID = 0 -> Description = 15:03:15 - Erreur de connexion à Internet.  15:03:15 -     Impossible de contacter le service..  
Media Center [ Error ] 04/03/2010 11:05:46 Computer Name = abraracourcix | Source = MCUpdate | ID = 0 -> Description = 16:05:46 - Erreur de connexion à Internet.  16:05:46 -     Impossible de contacter le service..  
Media Center [ Error ] 04/03/2010 11:05:52 Computer Name = abraracourcix | Source = MCUpdate | ID = 0 -> Description = 16:05:51 - Erreur de connexion à Internet.  16:05:51 -     Impossible de contacter le service..  
System [ Error ] 15/06/2010 06:36:10 Computer Name = abraracourcix | Source = Service Control Manager | ID = 7001 -> Description = Le service Explorateur d’ordinateurs dépend du service Serveur qui n’a pas pu démarrer en raison de l’erreur :   %%1068
System [ Error ] 15/06/2010 06:36:10 Computer Name = abraracourcix | Source = Service Control Manager | ID = 7001 -> Description = Le service Explorateur d’ordinateurs dépend du service Serveur qui n’a pas pu démarrer en raison de l’erreur :   %%1068
System [ Error ] 15/06/2010 06:36:10 Computer Name = abraracourcix | Source = Service Control Manager | ID = 7001 -> Description = Le service Explorateur d’ordinateurs dépend du service Serveur qui n’a pas pu démarrer en raison de l’erreur :   %%1068
System [ Error ] 15/06/2010 06:36:10 Computer Name = abraracourcix | Source = Service Control Manager | ID = 7001 -> Description = Le service Explorateur d’ordinateurs dépend du service Serveur qui n’a pas pu démarrer en raison de l’erreur :   %%1068
System [ Error ] 15/06/2010 06:36:10 Computer Name = abraracourcix | Source = Service Control Manager | ID = 7001 -> Description = Le service Explorateur d’ordinateurs dépend du service Serveur qui n’a pas pu démarrer en raison de l’erreur :   %%1068
System [ Error ] 15/06/2010 06:36:22 Computer Name = abraracourcix | Source = Service Control Manager | ID = 7001 -> Description = Le service Explorateur d’ordinateurs dépend du service Serveur qui n’a pas pu démarrer en raison de l’erreur :   %%1068
System [ Error ] 15/06/2010 06:36:22 Computer Name = abraracourcix | Source = Service Control Manager | ID = 7001 -> Description = Le service Explorateur d’ordinateurs dépend du service Serveur qui n’a pas pu démarrer en raison de l’erreur :   %%1068
System [ Error ] 15/06/2010 06:36:22 Computer Name = abraracourcix | Source = Service Control Manager | ID = 7001 -> Description = Le service Explorateur d’ordinateurs dépend du service Serveur qui n’a pas pu démarrer en raison de l’erreur :   %%1068
System [ Error ] 15/06/2010 06:38:29 Computer Name = abraracourcix | Source = Application Popup | ID = 1060 -> Description = Le chargement de \SystemRoot\SysWow64\drivers\pfc.sys a été bloqué en raison d’une incompatibilité avec ce système. Contactez l’éditeur de votre logiciel pour obtenir une version compatible du pilote.
System [ Error ] 15/06/2010 15:01:41 Computer Name = abraracourcix | Source = RasSstp | ID = 1 -> Description = 

[Files/Folders - Created Within 60 Days]
OTS.exe -> C:\Users\patrick\Desktop\OTS.exe -> [2010/06/19 13:19:32 | 000,640,000 | ---- | C] (OldTimer Tools)
avgntflt.sys -> C:\Windows\SysNative\drivers\avgntflt.sys -> [2010/06/18 19:39:17 | 000,074,880 | ---- | C] (Avira GmbH)
ssmdrv.sys -> C:\Windows\SysWow64\drivers\ssmdrv.sys -> [2010/06/18 19:39:17 | 000,028,376 | ---- | C] (Avira GmbH)
Avira -> C:\ProgramData\Avira -> [2010/06/18 19:39:16 | 000,000,000 | ---D | C]
Avira -> C:\Program Files (x86)\Avira -> [2010/06/18 19:39:16 | 000,000,000 | ---D | C]
Ad-Remover -> C:\Program Files (x86)\Ad-Remover -> [2010/06/18 12:35:16 | 000,000,000 | ---D | C]
Rar Repair Tool -> C:\Program Files (x86)\Rar Repair Tool -> [2010/06/16 20:22:37 | 000,000,000 | ---D | C]
DAEMON Tools Lite -> C:\Users\patrick\AppData\Roaming\DAEMON Tools Lite -> [2010/06/16 12:52:26 | 000,000,000 | ---D | C]
DAEMON Tools Lite -> C:\ProgramData\DAEMON Tools Lite -> [2010/06/16 12:52:24 | 000,000,000 | ---D | C]
WinRAR -> C:\Program Files (x86)\WinRAR -> [2010/06/14 11:47:14 | 000,000,000 | ---D | C]
7-Zip -> C:\Program Files (x86)\7-Zip -> [2010/06/13 21:10:16 | 000,000,000 | ---D | C]
JRE -> C:\Program Files (x86)\JRE -> [2010/06/12 22:29:03 | 000,000,000 | ---D | C]
_OTM -> C:\_OTM -> [2010/06/12 07:50:12 | 000,000,000 | ---D | C]
Minidump -> C:\Windows\Minidump -> [2010/06/12 07:37:20 | 000,000,000 | ---D | C]
OTM.exe -> C:\Users\patrick\Desktop\OTM.exe -> [2010/06/12 07:33:37 | 000,518,656 | ---- | C] (OldTimer Tools)
mstime.dll -> C:\Windows\SysNative\mstime.dll -> [2010/06/10 15:23:49 | 001,026,048 | ---- | C] (Microsoft Corporation)
wininet.dll -> C:\Windows\SysNative\wininet.dll -> [2010/06/10 15:23:48 | 001,192,960 | ---- | C] (Microsoft Corporation)
wininet.dll -> C:\Windows\SysWow64\wininet.dll -> [2010/06/10 15:23:48 | 000,977,920 | ---- | C] (Microsoft Corporation)
mstime.dll -> C:\Windows\SysWow64\mstime.dll -> [2010/06/10 15:23:48 | 000,606,208 | ---- | C] (Microsoft Corporation)
iedkcs32.dll -> C:\Windows\SysNative\iedkcs32.dll -> [2010/06/10 15:23:48 | 000,445,952 | ---- | C] (Microsoft Corporation)
iedkcs32.dll -> C:\Windows\SysWow64\iedkcs32.dll -> [2010/06/10 15:23:48 | 000,381,440 | ---- | C] (Microsoft Corporation)
msfeedsbs.dll -> C:\Windows\SysNative\msfeedsbs.dll -> [2010/06/10 15:23:48 | 000,082,944 | ---- | C] (Microsoft Corporation)
msfeedsbs.dll -> C:\Windows\SysWow64\msfeedsbs.dll -> [2010/06/10 15:23:48 | 000,064,512 | ---- | C] (Microsoft Corporation)
jsproxy.dll -> C:\Windows\SysNative\jsproxy.dll -> [2010/06/10 15:23:47 | 000,064,512 | ---- | C] (Microsoft Corporation)
jsproxy.dll -> C:\Windows\SysWow64\jsproxy.dll -> [2010/06/10 15:23:47 | 000,048,128 | ---- | C] (Microsoft Corporation)
asycfilt.dll -> C:\Windows\SysNative\asycfilt.dll -> [2010/06/10 11:05:50 | 000,084,992 | ---- | C] (Microsoft Corporation)
asycfilt.dll -> C:\Windows\SysWow64\asycfilt.dll -> [2010/06/10 11:05:50 | 000,067,584 | ---- | C] (Microsoft Corporation)
atmfd.dll -> C:\Windows\SysNative\atmfd.dll -> [2010/06/10 09:43:21 | 000,366,080 | ---- | C] (Adobe Systems Incorporated)
atmfd.dll -> C:\Windows\SysWow64\atmfd.dll -> [2010/06/10 09:43:20 | 000,293,888 | ---- | C] (Adobe Systems Incorporated)
atmlib.dll -> C:\Windows\SysNative\atmlib.dll -> [2010/06/10 09:43:20 | 000,046,080 | ---- | C] (Adobe Systems)
atmlib.dll -> C:\Windows\SysWow64\atmlib.dll -> [2010/06/10 09:43:20 | 000,034,304 | ---- | C] (Adobe Systems)
Wat -> C:\Windows\SysWow64\Wat -> [2010/06/08 21:10:25 | 000,000,000 | ---D | C]
Wat -> C:\Windows\SysNative\Wat -> [2010/06/08 21:10:25 | 000,000,000 | ---D | C]
trend micro -> C:\Program Files (x86)\trend micro -> [2010/06/08 12:26:42 | 000,000,000 | ---D | C]
rsit -> C:\rsit -> [2010/06/08 12:26:42 | 000,000,000 | ---D | C]
Lbd.sys -> C:\Windows\SysNative\drivers\Lbd.sys -> [2010/06/06 11:15:35 | 000,069,152 | ---- | C] (Lavasoft AB)
THQ -> C:\Program Files (x86)\THQ -> [2010/06/05 16:00:16 | 000,000,000 | ---D | C]
STALKER-SHOC -> C:\Users\Public\Documents\STALKER-SHOC -> [2010/06/05 16:00:16 | 000,000,000 | ---D | C]
iTunes -> C:\Program Files\iTunes -> [2010/06/05 14:24:08 | 000,000,000 | ---D | C]
iTunes -> C:\Program Files (x86)\iTunes -> [2010/06/05 14:24:08 | 000,000,000 | ---D | C]
iPod -> C:\Program Files\iPod -> [2010/06/05 14:24:08 | 000,000,000 | ---D | C]
{93E26451-CD9A-43A5-A2FA-C42392EA4001} -> C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} -> [2010/06/05 14:24:08 | 000,000,000 | ---D | C]
Apple Software Update -> C:\Program Files (x86)\Apple Software Update -> [2010/06/05 14:23:29 | 000,000,000 | ---D | C]
Bonjour -> C:\Program Files\Bonjour -> [2010/06/05 14:23:03 | 000,000,000 | ---D | C]
Bonjour -> C:\Program Files (x86)\Bonjour -> [2010/06/05 14:23:03 | 000,000,000 | ---D | C]
QuickTime -> C:\Program Files (x86)\QuickTime -> [2010/06/05 13:09:00 | 000,000,000 | ---D | C]
Sun -> C:\ProgramData\Sun -> [2010/06/05 12:05:53 | 000,000,000 | ---D | C]
Java -> C:\Program Files (x86)\Common Files\Java -> [2010/06/05 12:05:53 | 000,000,000 | ---D | C]
deployJava1.dll -> C:\Windows\SysWow64\deployJava1.dll -> [2010/06/05 12:05:40 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.)
javaws.exe -> C:\Windows\SysWow64\javaws.exe -> [2010/06/05 12:05:40 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.)
javaw.exe -> C:\Windows\SysWow64\javaw.exe -> [2010/06/05 12:05:40 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.)
java.exe -> C:\Windows\SysWow64\java.exe -> [2010/06/05 12:05:40 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.)
SUPERAntiSpyware.com -> C:\Users\patrick\AppData\Roaming\SUPERAntiSpyware.com -> [2010/06/05 11:56:06 | 000,000,000 | ---D | C]
SUPERAntiSpyware.com -> C:\ProgramData\SUPERAntiSpyware.com -> [2010/06/05 11:56:06 | 000,000,000 | ---D | C]
SASCORE -> C:\ProgramData\SASCORE -> [2010/06/05 11:56:05 | 000,000,000 | ---D | C]
SUPERAntiSpyware -> C:\Program Files\SUPERAntiSpyware -> [2010/06/05 11:56:03 | 000,000,000 | ---D | C]
Secunia -> C:\Program Files (x86)\Secunia -> [2010/06/05 11:48:10 | 000,000,000 | ---D | C]
Tetris 5000 -> C:\Program Files (x86)\Tetris 5000 -> [2010/06/05 11:04:23 | 000,000,000 | ---D | C]
Steam -> C:\Program Files (x86)\Steam -> [2010/06/04 21:33:15 | 000,000,000 | ---D | C]
SecurityScans -> C:\Users\patrick\SecurityScans -> [2010/06/04 18:21:30 | 000,000,000 | ---D | C]
NortonInstaller -> C:\ProgramData\NortonInstaller -> [2010/06/04 18:20:57 | 000,000,000 | ---D | C]
Microsoft Baseline Security Analyzer 2 -> C:\Program Files\Microsoft Baseline Security Analyzer 2 -> [2010/06/04 18:20:44 | 000,000,000 | ---D | C]
Norton -> C:\ProgramData\Norton -> [2010/06/04 18:09:20 | 000,000,000 | ---D | C]
NPE -> C:\Users\patrick\AppData\Local\NPE -> [2010/06/04 18:09:18 | 000,000,000 | ---D | C]
unvise32.exe -> C:\Windows\unvise32.exe -> [2010/06/02 10:56:43 | 000,086,016 | ---- | C] (MindVision Software)
Pure Pinball 2.0 REDUX -> C:\Program Files (x86)\Pure Pinball 2.0 REDUX -> [2010/06/02 10:56:00 | 000,000,000 | ---D | C]
URTTEMP -> C:\Windows\SysWow64\URTTEMP -> [2010/06/02 10:50:06 | 000,000,000 | ---D | C]
SecuROM -> C:\Users\patrick\AppData\Roaming\SecuROM -> [2010/06/02 10:45:08 | 000,000,000 | RH-D | C]
LockHunter -> C:\Users\patrick\AppData\Roaming\LockHunter -> [2010/06/01 20:25:34 | 000,000,000 | ---D | C]
psi_mf.sys -> C:\Windows\SysNative\drivers\psi_mf.sys -> [2010/05/28 13:04:52 | 000,017,456 | ---- | C] (Secunia)
CmdLineExt_x64.dll -> C:\Windows\SysWow64\CmdLineExt_x64.dll -> [2010/05/26 17:23:00 | 000,178,800 | ---- | C] (Sony DADC Austria AG.)
My Games -> C:\Users\patrick\Documents\My Games -> [2010/05/26 09:35:53 | 000,000,000 | ---D | C]
RDesc -> C:\RDesc -> [2010/05/24 15:12:10 | 000,000,000 | ---D | C]
Downloads -> C:\Downloads -> [2010/05/20 17:27:16 | 000,000,000 | ---D | C]
zoug -> C:\Users\patrick\AppData\Local\zoug -> [2010/05/12 16:20:16 | 000,000,000 | ---D | C]
Malwarebytes -> C:\Users\patrick\AppData\Roaming\Malwarebytes -> [2010/05/02 11:22:22 | 000,000,000 | ---D | C]
mbamswissarmy.sys -> C:\Windows\SysWow64\drivers\mbamswissarmy.sys -> [2010/05/02 11:22:17 | 000,038,224 | ---- | C] (Malwarebytes Corporation)
mbam.sys -> C:\Windows\SysNative\drivers\mbam.sys -> [2010/05/02 11:22:16 | 000,024,664 | ---- | C] (Malwarebytes Corporation)
Malwarebytes' Anti-Malware -> C:\Program Files (x86)\Malwarebytes' Anti-Malware -> [2010/05/02 11:22:16 | 000,000,000 | ---D | C]
Malwarebytes -> C:\ProgramData\Malwarebytes -> [2010/05/02 11:22:16 | 000,000,000 | ---D | C]
TURegOpt.exe -> C:\Windows\SysNative\TURegOpt.exe -> [2010/04/30 17:34:08 | 000,034,632 | ---- | C] (TuneUp Software)
uxtuneup.dll -> C:\Windows\SysNative\uxtuneup.dll -> [2010/04/30 17:34:07 | 000,036,168 | ---- | C] (TuneUp Software)
uxtuneup.dll -> C:\Windows\SysWow64\uxtuneup.dll -> [2010/04/30 17:34:07 | 000,030,024 | ---- | C] (TuneUp Software)
authuitu.dll -> C:\Windows\SysNative\authuitu.dll -> [2010/04/30 17:34:07 | 000,025,928 | ---- | C] (TuneUp Software)
authuitu.dll -> C:\Windows\SysWow64\authuitu.dll -> [2010/04/30 17:34:07 | 000,021,320 | ---- | C] (TuneUp Software)
TuneUp Software -> C:\Users\patrick\AppData\Roaming\TuneUp Software -> [2010/04/30 17:33:53 | 000,000,000 | ---D | C]
TuneUp Utilities 2010 -> C:\Program Files (x86)\TuneUp Utilities 2010 -> [2010/04/30 17:33:44 | 000,000,000 | ---D | C]
TuneUp Software -> C:\ProgramData\TuneUp Software -> [2010/04/30 17:33:15 | 000,000,000 | ---D | C]
{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} -> C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} -> [2010/04/30 17:33:08 | 000,000,000 | -HSD | C]
BVRP Software -> C:\ProgramData\BVRP Software -> [2010/04/30 14:46:05 | 000,000,000 | ---D | C]
lsasrv.dll -> C:\Windows\SysNative\lsasrv.dll -> [2010/04/30 08:16:44 | 001,446,912 | ---- | C] (Microsoft Corporation)
ksecpkg.sys -> C:\Windows\SysNative\drivers\ksecpkg.sys -> [2010/04/30 08:16:44 | 000,153,160 | ---- | C] (Microsoft Corporation)
fvevol.sys -> C:\Windows\SysNative\drivers\fvevol.sys -> [2010/04/30 08:16:11 | 000,223,448 | ---- | C] (Microsoft Corporation)
SecuROM -> C:\ProgramData\SecuROM -> [2010/04/27 13:15:21 | 000,000,000 | -HSD | C]
4A Games -> C:\Users\patrick\AppData\Local\4A Games -> [2010/04/26 12:57:33 | 000,000,000 | ---D | C]
XAudio2_6.dll -> C:\Windows\SysNative\XAudio2_6.dll -> [2010/04/26 12:57:06 | 000,530,776 | ---- | C] (Microsoft Corporation)
XAudio2_6.dll -> C:\Windows\SysWow64\XAudio2_6.dll -> [2010/04/26 12:57:06 | 000,528,216 | ---- | C] (Microsoft Corporation)
xactengine3_6.dll -> C:\Windows\SysWow64\xactengine3_6.dll -> [2010/04/26 12:57:06 | 000,238,936 | ---- | C] (Microsoft Corporation)
xactengine3_6.dll -> C:\Windows\SysNative\xactengine3_6.dll -> [2010/04/26 12:57:06 | 000,176,984 | ---- | C] (Microsoft Corporation)
XAPOFX1_4.dll -> C:\Windows\SysNative\XAPOFX1_4.dll -> [2010/04/26 12:57:06 | 000,078,680 | ---- | C] (Microsoft Corporation)
XAPOFX1_4.dll -> C:\Windows\SysWow64\XAPOFX1_4.dll -> [2010/04/26 12:57:06 | 000,074,072 | ---- | C] (Microsoft Corporation)
X3DAudio1_7.dll -> C:\Windows\SysNative\X3DAudio1_7.dll -> [2010/04/26 12:57:06 | 000,024,920 | ---- | C] (Microsoft Corporation)
NVIDIA Corporation -> C:\Program Files (x86)\NVIDIA Corporation -> [2010/04/26 07:38:45 | 000,000,000 | ---D | C]
Wise Installation Wizard -> C:\Program Files (x86)\Common Files\Wise Installation Wizard -> [2010/04/26 07:38:26 | 000,000,000 | ---D | C]
NVIDIA -> C:\Users\patrick\AppData\Roaming\NVIDIA -> [2010/04/25 23:11:27 | 000,000,000 | ---D | C]
NVIDIA Corporation -> C:\Program Files\NVIDIA Corporation -> [2010/04/25 21:52:16 | 000,000,000 | ---D | C]
X3DAudio1_7.dll -> C:\Windows\SysWow64\X3DAudio1_7.dll -> [2010/04/25 21:04:04 | 000,022,360 | ---- | C] (Microsoft Corporation)
a-squared Free -> C:\Users\patrick\Documents\a-squared Free -> [2010/04/25 17:41:27 | 000,000,000 | ---D | C]
a-squared Free -> C:\Program Files (x86)\a-squared Free -> [2010/04/25 17:41:27 | 000,000,000 | ---D | C]
BVRP Software -> C:\Users\Public\Documents\BVRP Software -> [2010/04/25 09:46:41 | 000,000,000 | ---D | C]
_Backup.RC -> C:\_Backup.RC -> [2010/04/25 09:44:39 | 000,000,000 | RHSD | C]
_Backup -> C:\_Backup -> [2010/04/25 09:44:37 | 000,000,000 | -H-D | C]
Avanquest -> C:\Users\patrick\AppData\Roaming\Avanquest -> [2010/04/25 09:42:28 | 000,000,000 | ---D | C]
Avanquest -> C:\ProgramData\Avanquest -> [2010/04/25 09:42:28 | 000,000,000 | ---D | C]
AntiVirus -> C:\Program Files (x86)\Common Files\AntiVirus -> [2010/04/25 09:42:26 | 000,000,000 | ---D | C]

[Files/Folders - Modified Within 60 Days]
7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> [2010/06/19 13:22:12 | 000,009,920 | -H-- | M] ()
7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> [2010/06/19 13:22:12 | 000,009,920 | -H-- | M] ()
OTS.exe -> C:\Users\patrick\Desktop\OTS.exe -> [2010/06/19 13:18:43 | 000,640,000 | ---- | M] (OldTimer Tools)
Ad-Aware Update (Weekly).job -> C:\Windows\tasks\Ad-Aware Update (Weekly).job -> [2010/06/19 13:15:39 | 000,000,396 | ---- | M] ()
Ikeext.etl -> C:\Windows\SysNative\Ikeext.etl -> [2010/06/19 13:15:02 | 000,065,536 | ---- | M] ()
GoogleUpdateTaskMachineCore.job -> C:\Windows\tasks\GoogleUpdateTaskMachineCore.job -> [2010/06/19 13:15:01 | 000,001,064 | ---- | M] ()
GlaryInitialize.job -> C:\Windows\tasks\GlaryInitialize.job -> [2010/06/19 13:15:01 | 000,000,328 | ---- | M] ()
SA.DAT -> C:\Windows\tasks\SA.DAT -> [2010/06/19 13:14:55 | 000,000,006 | -H-- | M] ()
bootstat.dat -> C:\Windows\bootstat.dat -> [2010/06/19 13:14:50 | 000,067,584 | --S- | M] ()
hiberfil.sys -> C:\hiberfil.sys -> [2010/06/19 13:14:48 | 529,854,463 | -HS- | M] ()
ntuser.dat -> C:\Users\patrick\ntuser.dat -> [2010/06/19 13:14:03 | 006,029,312 | -HS- | M] ()
IconCache.db -> C:\Users\patrick\AppData\Local\IconCache.db -> [2010/06/19 13:13:57 | 002,724,564 | -H-- | M] ()
GoogleUpdateTaskMachineUA.job -> C:\Windows\tasks\GoogleUpdateTaskMachineUA.job -> [2010/06/19 13:00:01 | 000,001,068 | ---- | M] ()
PerfStringBackup.INI -> C:\Windows\SysNative\PerfStringBackup.INI -> [2010/06/19 08:41:52 | 001,553,042 | ---- | M] ()
perfh00C.dat -> C:\Windows\SysNative\perfh00C.dat -> [2010/06/19 08:41:52 | 000,704,618 | ---- | M] ()
perfh009.dat -> C:\Windows\SysNative\perfh009.dat -> [2010/06/19 08:41:52 | 000,615,760 | ---- | M] ()
perfc00C.dat -> C:\Windows\SysNative\perfc00C.dat -> [2010/06/19 08:41:52 | 000,132,340 | ---- | M] ()
perfc009.dat -> C:\Windows\SysNative\perfc009.dat -> [2010/06/19 08:41:52 | 000,107,396 | ---- | M] ()
cc_20100618_224007.reg -> C:\Users\patrick\Documents\cc_20100618_224007.reg -> [2010/06/18 22:40:09 | 000,002,522 | ---- | M] ()
avgntflt.sys -> C:\Windows\SysNative\drivers\avgntflt.sys -> [2010/06/18 19:52:00 | 000,074,880 | ---- | M] (Avira GmbH)
base registre.reg -> C:\Users\patrick\Documents\base registre.reg -> [2010/06/17 19:06:01 | 000,000,294 | ---- | M] ()
EPISMF00.SWB -> C:\Windows\EPISMF00.SWB -> [2010/06/17 07:38:53 | 000,016,574 | ---- | M] ()
ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/16 13:55:19 | 000,524,288 | -HS- | M] ()
ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/16 13:55:19 | 000,524,288 | -HS- | M] ()
ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TM.blf -> [2010/06/16 13:55:19 | 000,065,536 | -HS- | M] ()
5h9xvjf9i.lnk -> C:\Users\patrick\Desktop\5h9xvjf9i.lnk -> [2010/06/16 13:13:53 | 000,001,197 | ---- | M] ()
GDIPFONTCACHEV1.DAT -> C:\Users\patrick\AppData\Local\GDIPFONTCACHEV1.DAT -> [2010/06/14 08:52:14 | 000,107,496 | ---- | M] ()
FNTCACHE.DAT -> C:\Windows\SysNative\FNTCACHE.DAT -> [2010/06/14 08:12:03 | 000,411,000 | ---- | M] ()
cc_20100613_085115.reg -> C:\Users\patrick\Documents\cc_20100613_085115.reg -> [2010/06/13 08:51:17 | 000,001,192 | ---- | M] ()
OTM.exe -> C:\Users\patrick\Desktop\OTM.exe -> [2010/06/12 06:39:21 | 000,518,656 | ---- | M] (OldTimer Tools)
MegaManager.INI -> C:\Windows\MegaManager.INI -> [2010/06/08 19:39:53 | 000,000,050 | ---- | M] ()
RSIT.exe -> C:\Users\patrick\Desktop\RSIT.exe -> [2010/06/08 12:26:15 | 000,824,681 | ---- | M] ()
bookmarks-2010-06-07.json -> C:\Users\patrick\Documents\bookmarks-2010-06-07.json -> [2010/06/07 19:31:37 | 000,101,194 | ---- | M] ()
Mozilla Firefox.lnk -> C:\Users\Public\Desktop\Mozilla Firefox.lnk -> [2010/06/07 19:17:05 | 000,001,946 | ---- | M] ()
Lbd.sys -> C:\Windows\SysNative\drivers\Lbd.sys -> [2010/06/06 10:58:16 | 000,069,152 | ---- | M] (Lavasoft AB)
hosts -> C:\Windows\SysNative\drivers\etc\hosts -> [2010/06/05 18:12:02 | 000,000,000 | ---- | M] ()
RDesc.lnk -> C:\Users\Public\Desktop\RDesc.lnk -> [2010/06/05 14:33:03 | 000,000,551 | ---- | M] ()
iTunes.lnk -> C:\Users\Public\Desktop\iTunes.lnk -> [2010/06/05 14:24:18 | 000,002,429 | ---- | M] ()
deployJava1.dll -> C:\Windows\SysWow64\deployJava1.dll -> [2010/06/05 12:05:37 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.)
javaws.exe -> C:\Windows\SysWow64\javaws.exe -> [2010/06/05 12:05:37 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.)
javaw.exe -> C:\Windows\SysWow64\javaw.exe -> [2010/06/05 12:05:37 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.)
java.exe -> C:\Windows\SysWow64\java.exe -> [2010/06/05 12:05:37 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.)
ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/05 09:00:35 | 000,524,288 | -HS- | M] ()
ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/05 09:00:35 | 000,524,288 | -HS- | M] ()
ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TM.blf -> [2010/06/05 09:00:35 | 000,065,536 | -HS- | M] ()
ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/04 16:53:44 | 000,524,288 | -HS- | M] ()
ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/04 16:53:44 | 000,524,288 | -HS- | M] ()
ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TM.blf -> [2010/06/04 16:53:44 | 000,065,536 | -HS- | M] ()
ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/04 16:33:33 | 000,524,288 | -HS- | M] ()
ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/04 16:33:33 | 000,524,288 | -HS- | M] ()
ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TM.blf -> [2010/06/04 16:33:33 | 000,065,536 | -HS- | M] ()
ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/04 16:28:40 | 000,524,288 | -HS- | M] ()
ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/04 16:28:40 | 000,524,288 | -HS- | M] ()
ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TM.blf -> [2010/06/04 16:28:40 | 000,065,536 | -HS- | M] ()
housecall.guid.cache -> C:\Users\patrick\AppData\Local\housecall.guid.cache -> [2010/06/04 13:40:11 | 000,000,036 | ---- | M] ()
ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/04 13:08:08 | 000,524,288 | -HS- | M] ()
ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/04 13:08:08 | 000,524,288 | -HS- | M] ()
ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TM.blf -> [2010/06/04 13:08:08 | 000,065,536 | -HS- | M] ()
PerfStringBackup.INI -> C:\Windows\SysWow64\PerfStringBackup.INI -> [2010/06/02 10:50:21 | 001,578,582 | ---- | M] ()
PnkBstrB.exe -> C:\Windows\SysWow64\PnkBstrB.exe -> [2010/06/02 10:42:14 | 000,103,736 | ---- | M] ()
pbsvc.exe -> C:\Windows\SysWow64\pbsvc.exe -> [2010/06/02 10:42:07 | 000,669,184 | ---- | M] ()
PnkBstrA.exe -> C:\Windows\SysWow64\PnkBstrA.exe -> [2010/06/02 10:42:07 | 000,066,872 | ---- | M] ()
ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/01 20:17:42 | 000,524,288 | -HS- | M] ()
ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/01 20:17:42 | 000,524,288 | -HS- | M] ()
ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TM.blf -> [2010/06/01 20:17:42 | 000,065,536 | -HS- | M] ()
ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/01 17:10:23 | 000,524,288 | -HS- | M] ()
ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/01 17:10:23 | 000,524,288 | -HS- | M] ()
ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TM.blf -> [2010/06/01 17:10:23 | 000,065,536 | -HS- | M] ()
ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/05/31 10:31:42 | 000,524,288 | -HS- | M] ()
ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/05/31 10:31:42 | 000,524,288 | -HS- | M] ()
ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TM.blf -> [2010/05/31 10:31:42 | 000,065,536 | -HS- | M] ()
psi_mf.sys -> C:\Windows\SysNative\drivers\psi_mf.sys -> [2010/05/28 13:04:52 | 000,017,456 | ---- | M] (Secunia)
atmlib.dll -> C:\Windows\SysWow64\atmlib.dll -> [2010/05/27 09:24:13 | 000,034,304 | ---- | M] (Adobe Systems)
atmlib.dll -> C:\Windows\SysNative\atmlib.dll -> [2010/05/27 08:34:09 | 000,046,080 | ---- | M] (Adobe Systems)
atmfd.dll -> C:\Windows\SysNative\atmfd.dll -> [2010/05/27 06:11:32 | 000,366,080 | ---- | M] (Adobe Systems Incorporated)
atmfd.dll -> C:\Windows\SysWow64\atmfd.dll -> [2010/05/27 05:49:37 | 000,293,888 | ---- | M] (Adobe Systems Incorporated)
ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/05/26 23:28:55 | 000,524,288 | -HS- | M] ()
ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/05/26 23:28:55 | 000,524,288 | -HS- | M] ()
ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TM.blf -> [2010/05/26 23:28:55 | 000,065,536 | -HS- | M] ()
CmdLineExt_x64.dll -> C:\Windows\SysWow64\CmdLineExt_x64.dll -> [2010/05/26 17:23:00 | 000,178,800 | ---- | M] (Sony DADC Austria AG.)
ealregsnapshot1.reg -> C:\Windows\SysWow64\ealregsnapshot1.reg -> [2010/05/26 17:08:24 | 000,000,662 | ---- | M] ()
wininet.dll -> C:\Windows\SysNative\wininet.dll -> [2010/05/21 07:52:30 | 001,192,960 | ---- | M] (Microsoft Corporation)
jsproxy.dll -> C:\Windows\SysNative\jsproxy.dll -> [2010/05/21 07:47:27 | 000,064,512 | ---- | M] (Microsoft Corporation)
wininet.dll -> C:\Windows\SysWow64\wininet.dll -> [2010/05/21 07:18:06 | 000,977,920 | ---- | M] (Microsoft Corporation)
jsproxy.dll -> C:\Windows\SysWow64\jsproxy.dll -> [2010/05/21 07:14:50 | 000,048,128 | ---- | M] (Microsoft Corporation)
config.nt -> C:\Windows\SysWow64\config.nt -> [2010/05/08 09:15:01 | 000,000,000 | ---- | M] ()
TURegOpt.exe -> C:\Windows\SysNative\TURegOpt.exe -> [2010/05/07 18:07:32 | 000,034,632 | ---- | M] (TuneUp Software)
authuitu.dll -> C:\Windows\SysNative\authuitu.dll -> [2010/05/07 18:02:00 | 000,025,928 | ---- | M] (TuneUp Software)
authuitu.dll -> C:\Windows\SysWow64\authuitu.dll -> [2010/05/07 18:01:56 | 000,021,320 | ---- | M] (TuneUp Software)
uxtuneup.dll -> C:\Windows\SysNative\uxtuneup.dll -> [2010/05/07 18:01:52 | 000,036,168 | ---- | M] (TuneUp Software)
uxtuneup.dll -> C:\Windows\SysWow64\uxtuneup.dll -> [2010/05/07 18:01:44 | 000,030,024 | ---- | M] (TuneUp Software)
mstime.dll -> C:\Windows\SysNative\mstime.dll -> [2010/05/06 15:00:06 | 001,026,048 | ---- | M] (Microsoft Corporation)
msfeedsbs.dll -> C:\Windows\SysNative\msfeedsbs.dll -> [2010/05/06 14:59:55 | 000,082,944 | ---- | M] (Microsoft Corporation)
iedkcs32.dll -> C:\Windows\SysNative\iedkcs32.dll -> [2010/05/06 14:58:57 | 000,445,952 | ---- | M] (Microsoft Corporation)
mstime.dll -> C:\Windows\SysWow64\mstime.dll -> [2010/05/06 14:41:55 | 000,606,208 | ---- | M] (Microsoft Corporation)
msfeedsbs.dll -> C:\Windows\SysWow64\msfeedsbs.dll -> [2010/05/06 14:41:53 | 000,064,512 | ---- | M] (Microsoft Corporation)
iedkcs32.dll -> C:\Windows\SysWow64\iedkcs32.dll -> [2010/05/06 14:41:49 | 000,381,440 | ---- | M] (Microsoft Corporation)
lsdelete.exe -> C:\Windows\SysNative\lsdelete.exe -> [2010/05/01 08:43:22 | 000,015,880 | ---- | M] ()
ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/04/30 17:40:38 | 000,524,288 | -HS- | M] ()
ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/04/30 17:40:38 | 000,524,288 | -HS- | M] ()
ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TM.blf -> [2010/04/30 17:40:38 | 000,065,536 | -HS- | M] ()
mbamswissarmy.sys -> C:\Windows\SysWow64\drivers\mbamswissarmy.sys -> [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation)
mbam.sys -> C:\Windows\SysNative\drivers\mbam.sys -> [2010/04/29 15:39:28 | 000,024,664 | ---- | M] (Malwarebytes Corporation)
ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/04/24 22:06:43 | 000,524,288 | -HS- | M] ()
ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/04/24 22:06:43 | 000,524,288 | -HS- | M] ()
ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TM.blf -> [2010/04/24 22:06:43 | 000,065,536 | -HS- | M] ()

[Files - No Company Name]
Ad-Aware Update (Weekly).job -> C:\Windows\tasks\Ad-Aware Update (Weekly).job -> [2010/06/19 13:15:39 | 000,000,396 | ---- | C] ()
cc_20100618_224007.reg -> C:\Users\patrick\Documents\cc_20100618_224007.reg -> [2010/06/18 22:40:08 | 000,002,522 | ---- | C] ()
base registre.reg -> C:\Users\patrick\Documents\base registre.reg -> [2010/06/17 19:06:01 | 000,000,294 | ---- | C] ()
5h9xvjf9i.lnk -> C:\Users\patrick\Desktop\5h9xvjf9i.lnk -> [2010/06/16 13:13:53 | 000,001,197 | ---- | C] ()
ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/16 13:06:52 | 000,524,288 | -HS- | C] ()
ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/16 13:06:52 | 000,524,288 | -HS- | C] ()
ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{814469d4-7935-11df-99b7-90fba62d1373}.TM.blf -> [2010/06/16 13:06:52 | 000,065,536 | -HS- | C] ()
IconCache.db -> C:\Users\patrick\AppData\Local\IconCache.db -> [2010/06/16 07:53:04 | 002,724,564 | -H-- | C] ()
cc_20100613_085115.reg -> C:\Users\patrick\Documents\cc_20100613_085115.reg -> [2010/06/13 08:51:16 | 000,001,192 | ---- | C] ()
RSIT.exe -> C:\Users\patrick\Desktop\RSIT.exe -> [2010/06/08 12:26:33 | 000,824,681 | ---- | C] ()
bookmarks-2010-06-07.json -> C:\Users\patrick\Documents\bookmarks-2010-06-07.json -> [2010/06/07 19:29:19 | 000,101,194 | ---- | C] ()
Mozilla Firefox.lnk -> C:\Users\Public\Desktop\Mozilla Firefox.lnk -> [2010/06/07 19:17:05 | 000,001,946 | ---- | C] ()
iTunes.lnk -> C:\Users\Public\Desktop\iTunes.lnk -> [2010/06/05 14:24:18 | 000,002,429 | ---- | C] ()
ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/05 08:53:58 | 000,524,288 | -HS- | C] ()
ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/05 08:53:58 | 000,524,288 | -HS- | C] ()
ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{5eff6d15-7067-11df-aef8-90fba62d1373}.TM.blf -> [2010/06/05 08:53:58 | 000,065,536 | -HS- | C] ()
ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/04 16:36:36 | 000,524,288 | -HS- | C] ()
ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/04 16:36:36 | 000,524,288 | -HS- | C] ()
ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{abbef344-6fe5-11df-980e-90fba62d1373}.TM.blf -> [2010/06/04 16:36:36 | 000,065,536 | -HS- | C] ()
ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/04 16:30:29 | 000,524,288 | -HS- | C] ()
ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/04 16:30:29 | 000,524,288 | -HS- | C] ()
ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{043bfe8a-6fe3-11df-9dc3-90fba62d1373}.TM.blf -> [2010/06/04 16:30:28 | 000,065,536 | -HS- | C] ()
ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/04 16:11:26 | 000,524,288 | -HS- | C] ()
ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/04 16:11:26 | 000,524,288 | -HS- | C] ()
ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{8904b22e-6fc9-11df-9bb1-90fba62d1373}.TM.blf -> [2010/06/04 16:11:26 | 000,065,536 | -HS- | C] ()
housecall.guid.cache -> C:\Users\patrick\AppData\Local\housecall.guid.cache -> [2010/06/04 13:40:11 | 000,000,036 | ---- | C] ()
ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/04 07:54:42 | 000,524,288 | -HS- | C] ()
ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/04 07:54:42 | 000,524,288 | -HS- | C] ()
ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{0d4c2782-6f9c-11df-85c4-90fba62d1373}.TM.blf -> [2010/06/04 07:54:42 | 000,065,536 | -HS- | C] ()
PerfStringBackup.INI -> C:\Windows\SysWow64\PerfStringBackup.INI -> [2010/06/02 10:50:19 | 001,578,582 | ---- | C] ()
PnkBstrB.exe -> C:\Windows\SysWow64\PnkBstrB.exe -> [2010/06/02 10:42:10 | 000,103,736 | ---- | C] ()
pbsvc.exe -> C:\Windows\SysWow64\pbsvc.exe -> [2010/06/02 10:42:07 | 000,669,184 | ---- | C] ()
PnkBstrA.exe -> C:\Windows\SysWow64\PnkBstrA.exe -> [2010/06/02 10:42:07 | 000,066,872 | ---- | C] ()
ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/06/01 17:21:22 | 000,524,288 | -HS- | C] ()
ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/06/01 17:21:22 | 000,524,288 | -HS- | C] ()
ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{956042cc-6d90-11df-b046-90fba62d1373}.TM.blf -> [2010/06/01 17:21:21 | 000,065,536 | -HS- | C] ()
ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/05/31 10:57:24 | 000,524,288 | -HS- | C] ()
ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/05/31 10:57:24 | 000,524,288 | -HS- | C] ()
ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{7c6ca4b6-6c92-11df-b773-90fba62d1373}.TM.blf -> [2010/05/31 10:57:24 | 000,065,536 | -HS- | C] ()
ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/05/31 10:29:05 | 000,524,288 | -HS- | C] ()
ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/05/31 10:29:05 | 000,524,288 | -HS- | C] ()
ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{88ea3b75-6c8e-11df-b8db-90fba62d1373}.TM.blf -> [2010/05/31 10:29:05 | 000,065,536 | -HS- | C] ()
RDesc.lnk -> C:\Users\Public\Desktop\RDesc.lnk -> [2010/05/28 17:01:51 | 000,000,551 | ---- | C] ()
EPISMF00.SWB -> C:\Windows\EPISMF00.SWB -> [2010/05/26 17:14:27 | 000,016,574 | ---- | C] ()
ealregsnapshot1.reg -> C:\Windows\SysWow64\ealregsnapshot1.reg -> [2010/05/26 17:08:24 | 000,000,662 | ---- | C] ()
ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/05/26 14:43:11 | 000,524,288 | -HS- | C] ()
ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/05/26 14:43:09 | 000,524,288 | -HS- | C] ()
ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{6b61635b-68c3-11df-bb1e-90fba62d1373}.TM.blf -> [2010/05/26 14:43:09 | 000,065,536 | -HS- | C] ()
logo.bmp -> C:\logo.bmp -> [2010/05/22 12:55:01 | 000,009,296 | ---- | C] ()
MegaManager.INI -> C:\Windows\MegaManager.INI -> [2010/05/20 17:08:49 | 000,000,050 | ---- | C] ()
ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/04/30 08:06:52 | 000,524,288 | -HS- | C] ()
ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/04/30 08:06:52 | 000,524,288 | -HS- | C] ()
ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{850e3115-541e-11df-b3e3-90fba62d1373}.TM.blf -> [2010/04/30 08:06:52 | 000,065,536 | -HS- | C] ()
ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\patrick\ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TMContainer00000000000000000002.regtrans-ms -> [2010/04/24 21:58:34 | 000,524,288 | -HS- | C] ()
ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\patrick\ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TMContainer00000000000000000001.regtrans-ms -> [2010/04/24 21:58:34 | 000,524,288 | -HS- | C] ()
ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TM.blf -> C:\Users\patrick\ntuser.dat{e4b4d092-4fda-11df-8a1d-90fba62d1373}.TM.blf -> [2010/04/24 21:58:34 | 000,065,536 | -HS- | C] ()
game.ini -> C:\Windows\game.ini -> [2010/04/13 09:23:38 | 000,000,331 | ---- | C] ()
PICSDK.ini -> C:\Windows\SysWow64\PICSDK.ini -> [2010/02/28 21:30:24 | 000,000,099 | ---- | C] ()
CDE RX520FI.ini -> C:\Windows\CDE RX520FI.ini -> [2010/02/28 20:52:09 | 000,000,027 | ---- | C] ()
GlobalUserInterface.CompositeFont -> C:\Windows\Fonts\GlobalUserInterface.CompositeFont -> [2009/07/14 07:32:39 | 000,043,318 | ---- | C] ()
GlobalSerif.CompositeFont -> C:\Windows\Fonts\GlobalSerif.CompositeFont -> [2009/07/14 07:32:39 | 000,029,779 | ---- | C] ()
GlobalSansSerif.CompositeFont -> C:\Windows\Fonts\GlobalSansSerif.CompositeFont -> [2009/07/14 07:32:39 | 000,026,489 | ---- | C] ()
GlobalMonospace.CompositeFont -> C:\Windows\Fonts\GlobalMonospace.CompositeFont -> [2009/07/14 07:32:39 | 000,026,040 | ---- | C] ()
BWContextHandler.dll -> C:\Windows\SysWow64\BWContextHandler.dll -> [2009/07/14 01:42:10 | 000,064,000 | ---- | C] ()
msjetoledb40.dll -> C:\Windows\SysWow64\msjetoledb40.dll -> [2009/07/13 23:03:59 | 000,364,544 | ---- | C] ()
StarOpen.sys -> C:\Windows\SysWow64\drivers\StarOpen.sys -> [2007/10/25 18:26:10 | 000,005,632 | ---- | C] ()
EPSPTDV.DLL -> C:\Windows\SysWow64\EPSPTDV.DLL -> [2005/02/25 07:15:00 | 000,159,744 | ---- | C] ()

[File - Lop Check]
Acronis -> C:\Users\patrick\AppData\Roaming\Acronis -> [2010/03/12 14:43:01 | 000,000,000 | ---D | M]
Auslogics -> C:\Users\patrick\AppData\Roaming\Auslogics -> [2010/03/01 19:31:06 | 000,000,000 | ---D | M]
Avanquest -> C:\Users\patrick\AppData\Roaming\Avanquest -> [2010/04/25 09:58:58 | 000,000,000 | ---D | M]
Capturino -> C:\Users\patrick\AppData\Roaming\Capturino -> [2010/03/17 17:54:53 | 000,000,000 | ---D | M]
DAEMON Tools Lite -> C:\Users\patrick\AppData\Roaming\DAEMON Tools Lite -> [2010/06/16 12:56:05 | 000,000,000 | ---D | M]
GlarySoft -> C:\Users\patrick\AppData\Roaming\GlarySoft -> [2010/03/12 13:38:08 | 000,000,000 | ---D | M]
KC Softwares -> C:\Users\patrick\AppData\Roaming\KC Softwares -> [2010/03/03 21:40:01 | 000,000,000 | ---D | M]
LockHunter -> C:\Users\patrick\AppData\Roaming\LockHunter -> [2010/06/01 20:25:35 | 000,000,000 | ---D | M]
OpenOffice.org -> C:\Users\patrick\AppData\Roaming\OpenOffice.org -> [2010/03/04 18:50:46 | 000,000,000 | ---D | M]
PC Suite -> C:\Users\patrick\AppData\Roaming\PC Suite -> [2010/03/02 14:11:07 | 000,000,000 | ---D | M]
PowerCinema -> C:\Users\patrick\AppData\Roaming\PowerCinema -> [2010/06/01 17:20:25 | 000,000,000 | ---D | M]
Samsung -> C:\Users\patrick\AppData\Roaming\Samsung -> [2010/03/09 12:56:48 | 000,000,000 | ---D | M]
SoftDMA -> C:\Users\patrick\AppData\Roaming\SoftDMA -> [2010/02/28 18:46:47 | 000,000,000 | ---D | M]
system32 -> C:\Users\patrick\AppData\Roaming\system32 -> [2010/04/30 17:42:19 | 000,000,000 | RHSD | M]
Thunderbird -> C:\Users\patrick\AppData\Roaming\Thunderbird -> [2010/02/28 22:05:33 | 000,000,000 | ---D | M]
TuneUp Software -> C:\Users\patrick\AppData\Roaming\TuneUp Software -> [2010/04/30 17:33:53 | 000,000,000 | ---D | M]
URSoft -> C:\Users\patrick\AppData\Roaming\URSoft -> [2010/02/28 21:55:06 | 000,000,000 | ---D | M]
Ad-Aware Update (Weekly).job -> C:\Windows\Tasks\Ad-Aware Update (Weekly).job -> [2010/06/19 13:15:39 | 000,000,396 | ---- | M] ()
GlaryInitialize.job -> C:\Windows\Tasks\GlaryInitialize.job -> [2010/06/19 13:15:01 | 000,000,328 | ---- | M] ()
SCHEDLGU.TXT -> C:\Windows\Tasks\SCHEDLGU.TXT -> [2010/06/04 16:54:40 | 000,032,566 | ---- | M] ()

[File - Purity Scan]


[Alternate Data Streams]
@Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:B3D74A13
@Alternate Data Stream - 180 bytes -> C:\ProgramData\Temp:1CE11B51
< End of report >