Victime de spams et envois d'emails non autorisés

[woodbin59]

Bonjour;

 

Voiçi plusieurs semaines que je suis infecté par une saloperie que mon antivirus et anti spyware ne trouve pas; en effet je reçois des spams et on envoie à partir de mon compte MSN . J'ai fais des scans en ligne; passé CCleaner, Spybot search nd destroy, Ad Aware Pro tenté une recherche avec Hijack This, mais rien n'y fais;alors je vous fais parvenir un rapport OTL qui me parait plus complet.

 

Merçi de l'aide apportée

 

OTL logfile created on: 12/9/2011 11:40:14 AM - Run 1

OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Claude\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

 

1.75 Gb Total Physical Memory | 1.08 Gb Available Physical Memory | 61.94% Memory free

3.49 Gb Paging File | 2.25 Gb Available in Paging File | 64.56% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 220.78 Gb Total Space | 174.47 Gb Free Space | 79.02% Space Free | Partition Type: NTFS

 

Computer Name: CLAUDE-PORTABLE | User Name: Claude | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2011/12/09 11:03:30 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Claude\Desktop\OTL.exe

PRC - [2011/10/21 04:09:36 | 000,198,032 | ---- | M] (Lavasoft) -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe

PRC - [2011/08/08 13:15:42 | 000,722,616 | ---- | M] (iolo technologies, LLC) -- C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe

PRC - [2011/07/06 18:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

PRC - [2011/01/25 13:20:08 | 000,283,992 | ---- | M] () -- C:\Program Files (x86)\Common Files\Iconix\IconixService.exe

PRC - [2010/02/08 13:43:20 | 001,916,248 | ---- | M] (Smith Micro Software, Inc.) -- C:\Program Files (x86)\Smith Micro\StuffIt 2010\ArcNameService.exe

PRC - [2009/09/10 08:42:30 | 000,349,480 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe

PRC - [2009/08/28 04:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe

PRC - [2009/08/18 04:42:08 | 001,157,128 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe

PRC - [2009/08/04 00:09:34 | 000,199,464 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe

PRC - [2009/07/03 21:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe

PRC - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

 

 

========== Modules (No Company Name) ==========

 

MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV:64bit: - [2011/07/13 20:33:44 | 003,760,264 | ---- | M] (Agnitum Ltd.) [Auto | Stopped] -- C:\Program Files\Agnitum\Outpost Security Suite Pro\acs.exe -- (acssrv)

SRV:64bit: - [2009/10/29 13:10:02 | 000,844,320 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)

SRV:64bit: - [2009/07/29 07:03:42 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV:64bit: - [2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [unknown | Running] -- C:\Windows\SysNative\svchost.exe -- (gpsvc)

SRV:64bit: - [2009/07/03 21:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)

SRV - [2011/11/03 12:06:56 | 002,152,152 | ---- | M] (Lavasoft Limited) [On_Demand | Stopped] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)

SRV - [2011/08/08 13:15:42 | 000,722,616 | ---- | M] (iolo technologies, LLC) [Auto | Running] -- C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)

SRV - [2011/08/08 13:15:42 | 000,722,616 | ---- | M] (iolo technologies, LLC) [Auto | Stopped] -- C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe -- (ioloFileInfoList)

SRV - [2011/07/06 18:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2011/01/25 13:20:08 | 000,283,992 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\Iconix\IconixService.exe -- (IconixService)

SRV - [2010/10/12 12:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)

SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010/02/08 13:43:20 | 001,916,248 | ---- | M] (Smith Micro Software, Inc.) [Auto | Running] -- C:\Program Files (x86)\Smith Micro\StuffIt 2010\ArcNameService.exe -- (Stuffit Archive Name Service)

SRV - [2009/09/10 08:42:46 | 000,305,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)

SRV - [2009/08/28 04:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service)

SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)

 

 

========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2011/07/06 18:52:42 | 000,025,912 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)

DRV:64bit: - [2011/06/15 13:22:12 | 000,084,176 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Filt\VBFilt64.dll -- (VBFilt)

DRV:64bit: - [2011/06/15 13:22:08 | 000,066,184 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Filt\ASWFilt64.dll -- (ASWFilt)

DRV:64bit: - [2011/06/15 13:22:04 | 001,250,088 | ---- | M] (Agnitum Ltd.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\SandBox64.sys -- (SandBox)

DRV:64bit: - [2011/06/15 13:21:42 | 000,444,504 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\afwcore.sys -- (afwcore)

DRV:64bit: - [2011/05/10 07:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2011/03/28 17:53:54 | 000,038,488 | ---- | M] (Agnitum Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\afw.sys -- (afw)

DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2011/02/02 16:04:24 | 000,293,048 | ---- | M] (VirusBuster Kft.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBEngNT.sys -- (VBEngNT)

DRV:64bit: - [2010/12/02 11:14:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)

DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2010/11/20 05:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)

DRV:64bit: - [2009/11/11 18:24:14 | 000,023,464 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElRawDsk.sys -- (ElRawDisk)

DRV:64bit: - [2009/10/05 15:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)

DRV:64bit: - [2009/10/02 00:33:48 | 000,946,688 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtl8192se.sys -- (rtl8192se)

DRV:64bit: - [2009/07/29 17:11:24 | 006,038,016 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)

DRV:64bit: - [2009/07/27 02:04:36 | 000,058,880 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20)

DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/06/18 07:12:32 | 000,272,432 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)

DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009/06/02 06:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)

DRV:64bit: - [2009/06/02 06:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)

DRV:64bit: - [2009/06/02 06:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)

DRV:64bit: - [2009/05/18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2009/05/05 03:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)

DRV:64bit: - [2009/05/05 03:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)

DRV:64bit: - [2009/05/04 08:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)

DRV:64bit: - [2009/04/03 08:39:58 | 000,034,872 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)

DRV - [2011/11/25 17:34:06 | 000,017,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys -- (Lavasoft Kernexplorer)

DRV - [2010/06/29 17:30:08 | 000,009,341 | ---- | M] (iolo technologies, LLC (based on original work by Bo Brantén)) [Kernel | System | Stopped] -- C:\Windows\SysWow64\drivers\filedisk.sys -- (FileDisk)

DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

DRV - [2009/03/25 22:16:08 | 000,025,608 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\Drivers\DKbFltr.sys -- (DKbFltr) Dritek Keyboard Filter Driver (64-bit)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0c0c&m=aspire_5517&r=27360610f215l0434z175t4522x54p

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0c0c&m=aspire_5517&r=27360610f215l0434z175t4522x54p

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = Le Complément de recherche d'Internet Explorer 6 n'est plus pris en charge.

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN Hotmail, Messenger, Actualité, Sport, People, Femmes - MSN France

 

 

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-3082297268-1611230529-2805471807-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN Hotmail, Messenger, Actualité, Sport, People, Femmes - MSN France

IE - HKU\S-1-5-21-3082297268-1611230529-2805471807-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3082297268-1611230529-2805471807-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 

========== FireFox ==========

 

FF - prefs.js..browser.search.selectedEngine: "Search the Web"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://192.168.0.1/st_device.asp"

FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.1

FF - prefs.js..extensions.enabledItems: [email protected]:1.6.2

FF - prefs.js..extensions.enabledItems: [email protected]:1.12.2.44172

FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8

FF - prefs.js..extensions.enabledItems: {CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}:3.2

FF - prefs.js..extensions.enabledItems: {3CE993BF-A3D9-4fd2-B3B6-768CBBC337F8}:0.9.6

FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.1.0.1

FF - prefs.js..extensions.enabledItems: [email protected]:1.1pre

FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.90

FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.3

FF - prefs.js..extensions.enabledItems: {1253D21B-263B-1843-275C-1726DA8B2A12}:4.2.2

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=utf-8&mssrc=ms_kwd&mstb=adawaretb&q="

FF - prefs.js..network.proxy.type: 4

 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/11/08 16:34:08 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/11/18 19:36:35 | 000,000,000 | ---D | M]

 

[2010/06/27 15:48:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Claude\AppData\Roaming\Mozilla\Extensions

[2011/12/09 10:58:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Claude\AppData\Roaming\Mozilla\Firefox\Profiles\ng7joz93.default\extensions

[2011/12/09 10:58:55 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Users\Claude\AppData\Roaming\Mozilla\Firefox\Profiles\ng7joz93.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}

[2011/11/27 07:38:38 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Claude\AppData\Roaming\Mozilla\Firefox\Profiles\ng7joz93.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}

[2011/08/27 07:55:02 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Claude\AppData\Roaming\Mozilla\Firefox\Profiles\ng7joz93.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}

[2010/06/28 11:27:50 | 000,000,000 | ---D | M] (Forecastbar Enhanced) -- C:\Users\Claude\AppData\Roaming\Mozilla\Firefox\Profiles\ng7joz93.default\extensions\{3CE993BF-A3D9-4fd2-B3B6-768CBBC337F8}

[2011/11/25 17:21:48 | 000,000,000 | ---D | M] (Ad-Aware Security Toolbar) -- C:\Users\Claude\AppData\Roaming\Mozilla\Firefox\Profiles\ng7joz93.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}

[2011/11/19 09:42:04 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Claude\AppData\Roaming\Mozilla\Firefox\Profiles\ng7joz93.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}

[2011/07/28 18:55:55 | 000,000,000 | ---D | M] (BitDefender QuickScan) -- C:\Users\Claude\AppData\Roaming\Mozilla\Firefox\Profiles\ng7joz93.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}

[2011/03/12 17:35:34 | 000,000,000 | ---D | M] (Personas) -- C:\Users\Claude\AppData\Roaming\Mozilla\Firefox\Profiles\ng7joz93.default\extensions\[email protected]

[2011/11/08 16:36:18 | 000,000,000 | ---D | M] (Cooliris) -- C:\Users\Claude\AppData\Roaming\Mozilla\Firefox\Profiles\ng7joz93.default\extensions\[email protected]

[2010/07/16 07:19:34 | 000,000,771 | ---- | M] () -- C:\Users\Claude\AppData\Roaming\Mozilla\Firefox\Profiles\ng7joz93.default\searchplugins\torrent-scan.xml

[2011/11/30 15:57:43 | 000,002,306 | ---- | M] () -- C:\Users\Claude\AppData\Roaming\Mozilla\Firefox\Profiles\ng7joz93.default\searchplugins\wot-safe-search.xml

[2011/11/18 19:36:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

[2011/11/18 19:36:33 | 000,000,000 | ---D | M] (Iconix) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{D2E7BDD1-36FB-4b06-A118-E274D213D63D}

() (No name found) -- C:\USERS\CLAUDE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NG7JOZ93.DEFAULT\EXTENSIONS\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.XPI

() (No name found) -- C:\USERS\CLAUDE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NG7JOZ93.DEFAULT\EXTENSIONS\{563E4790-7E70-11DA-A72B-0800200C9A66}.XPI

() (No name found) -- C:\USERS\CLAUDE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NG7JOZ93.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI

() (No name found) -- C:\USERS\CLAUDE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NG7JOZ93.DEFAULT\EXTENSIONS\{CE6E6E3B-84DD-4CAC-9F63-8D2AE4F30A4B}.XPI

() (No name found) -- C:\USERS\CLAUDE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NG7JOZ93.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI

() (No name found) -- C:\USERS\CLAUDE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NG7JOZ93.DEFAULT\EXTENSIONS\{EF4E370E-D9F0-4E00-B93E-A4F274CFDD5A}.XPI

[2011/11/08 16:34:08 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2010/11/01 20:00:42 | 000,171,320 | ---- | M] (Cisco WebEx LLC) -- C:\Program Files (x86)\mozilla firefox\plugins\npatgpc.dll

[2011/05/04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll

[2011/11/18 19:36:22 | 000,196,448 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\npIconixProxy80.dll

[2011/10/17 13:14:28 | 000,002,149 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\adawaretb.xml

[2011/11/08 16:34:01 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-france.xml

[2011/11/08 16:34:01 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2011/11/08 16:34:01 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml

[2011/11/08 16:34:01 | 000,001,154 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-france.xml

[2011/11/08 16:34:01 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-fr.xml

[2011/11/08 16:34:01 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-france.xml

 

========== Chrome ==========

 

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll

CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

CHR - plugin: Java Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\pdf.dll

CHR - plugin: ActiveTouch General Plugin Container (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npatgpc.dll

CHR - plugin: eMail ID (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npIconixProxy80.dll

CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll

CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll

CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

CHR - plugin: Default Plug-in (Enabled) = default_plugin

 

O1 HOSTS File: ([2010/12/23 20:08:04 | 000,000,780 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O2 - BHO: (Ad-Aware Security Toolbar) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll ()

O2 - BHO: (IconixBHOClass Class) - {761233B6-F228-49E4-8F6B-668499D4E55A} - C:\Program Files (x86)\Iconix\IEAddOn\IconixBHO_46.dll ()

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (Ad-Aware Security Toolbar) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll ()

O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)

O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)

O4:64bit: - HKLM..\Run: [OutpostMonitor] C:\Program Files\Agnitum\Outpost Security Suite Pro\op_mon.exe (Agnitum Ltd.)

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)

O4 - HKLM..\Run: [iconixOEAddOn] C:\Program Files (x86)\Iconix\OEAddOn\OEdmn_6.exe ()

O4 - HKLM..\Run: [iolo Startup] C:\Program Files (x86)\iolo\Common\Lib\ioloLManager.exe (iolo technologies, LLC)

O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe (CyberLink Corp.)

O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O7 - HKU\S-1-5-21-3082297268-1611230529-2805471807-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileSharing = 1

O7 - HKU\S-1-5-21-3082297268-1611230529-2805471807-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3

O7 - HKU\S-1-5-21-3082297268-1611230529-2805471807-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0

O9 - Extra 'Tools' menuitem : Email ID Préférences - {400A6CFA-E326-4d61-A90C-9AD75358DC5F} - C:\Program Files (x86)\Iconix\IEAddOn\IconixBHO_46.dll ()

O9 - Extra 'Tools' menuitem : À propos de Email ID - {BC3F6B6D-2E49-4603-B028-7411655713F3} - C:\Program Files (x86)\Iconix\IEAddOn\IconixBHO_46.dll ()

O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)

O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{14BA6289-403F-4536-ABA3-7280A7677FA2}: DhcpNameServer = 192.168.0.1

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O20:64bit: - AppInit_DLLs: (c:\progra~1\agnitum\outpos~1\wl_hoo~1.dll) - c:\Program Files\Agnitum\Outpost Security Suite Pro\wl_hook64.dll (Agnitum Ltd.)

O20 - AppInit_DLLs: (c:\progra~1\agnitum\outpos~1\wl_hook.dll) -c:\Program Files\Agnitum\Outpost Security Suite Pro\wl_hook.dll (Agnitum Ltd.)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\SysWOW64\Userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2011/12/06 18:39:14 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

========== Files/Folders - Created Within 30 Days ==========

 

[2011/12/09 11:03:25 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Claude\Desktop\OTL.exe

[2011/12/09 10:55:18 | 000,000,000 | R--D | C] -- C:\Users\Claude\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 8

[2011/12/06 18:39:14 | 000,000,000 | RHSD | C] -- C:\Autorun.inf

[2011/12/02 19:14:21 | 000,000,000 | ---D | C] -- C:\Windows\pss

[2011/11/25 17:22:52 | 000,000,000 | ---D | C] -- C:\Users\Claude\AppData\Local\adaware

[2011/11/25 17:22:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection

[2011/11/25 17:21:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Toolbar Cleaner

[2011/11/25 17:21:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\adawaretb

[2011/11/25 17:20:38 | 000,069,376 | ---- | C] (Lavasoft AB) -- C:\Windows\SysNative\drivers\Lbd.sys

[2011/11/19 09:43:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth

[2011/11/18 16:58:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

[2011/11/18 16:57:16 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2011/11/18 16:57:12 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2011/11/18 16:57:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes

 

========== Files - Modified Within 30 Days ==========

 

[2011/12/09 11:39:15 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2011/12/09 11:34:42 | 000,000,064 | ---- | M] () -- C:\Windows\SysWow64\rp_stats.dat

[2011/12/09 11:34:42 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64\rp_rules.dat

[2011/12/09 11:03:30 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Claude\Desktop\OTL.exe

[2011/12/09 10:59:31 | 001,577,920 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2011/12/09 10:59:31 | 000,719,014 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat

[2011/12/09 10:59:31 | 000,620,492 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2011/12/09 10:59:31 | 000,135,660 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat

[2011/12/09 10:59:31 | 000,110,680 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2011/12/09 10:58:16 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011/12/09 10:58:16 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011/12/09 10:54:44 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2011/12/09 10:50:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011/12/09 10:49:49 | 1406,177,280 | -HS- | M] () -- C:\hiberfil.sys

[2011/12/08 16:02:16 | 000,110,666 | ---- | M] () -- C:\Users\Claude\Documents\viewtopic.php.htm

[2011/12/06 18:39:27 | 107,286,970 | ---- | M] () -- C:\UsbFix_Upload_Me_CLAUDE-PORTABLE.zip

[2011/12/04 15:58:02 | 000,000,406 | ---- | M] () -- C:\Windows\SysWow64\ioloBootDefrag.cfg

[2011/12/03 12:44:21 | 000,049,713 | ---- | M] () -- C:\Users\Claude\Documents\WEB_UEL_City.pdf

[2011/12/02 19:42:52 | 000,002,680 | ---- | M] () -- C:\Users\Claude\Documents\cc_20111202_194241.reg

[2011/11/29 17:00:09 | 001,236,386 | ---- | M] () -- C:\Users\Claude\Documents\3871de1d-8e39-411c-8529-6ab67fd3a17c_6.jpg

[2011/11/25 17:20:43 | 000,001,024 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk

[2011/11/19 09:43:58 | 000,002,176 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk

[2011/11/18 16:58:38 | 000,001,747 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk

[2011/11/18 16:42:20 | 000,002,348 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2011/11/17 15:50:57 | 002,125,402 | ---- | M] () -- C:\Users\Claude\Documents\hairconversionsystem-ii-guide.pdf

[2011/11/09 18:51:28 | 000,002,771 | ---- | M] () -- C:\Users\Claude\Documents\the who.jpg

[2011/11/09 18:30:11 | 000,003,570 | ---- | M] () -- C:\Users\Claude\Documents\ted.jpg

[2011/11/09 16:14:30 | 000,343,064 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

 

========== Files Created - No Company Name ==========

 

[2011/12/08 16:02:13 | 000,110,666 | ---- | C] () -- C:\Users\Claude\Documents\viewtopic.php.htm

[2011/12/03 12:44:21 | 000,049,713 | ---- | C] () -- C:\Users\Claude\Documents\WEB_UEL_City.pdf

[2011/12/02 19:42:45 | 000,002,680 | ---- | C] () -- C:\Users\Claude\Documents\cc_20111202_194241.reg

[2011/11/29 17:00:04 | 001,236,386 | ---- | C] () -- C:\Users\Claude\Documents\3871de1d-8e39-411c-8529-6ab67fd3a17c_6.jpg

[2011/11/19 09:43:58 | 000,002,176 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk

[2011/11/18 16:58:38 | 000,001,747 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk

[2011/11/17 15:50:57 | 002,125,402 | ---- | C] () -- C:\Users\Claude\Documents\hairconversionsystem-ii-guide.pdf

[2011/11/09 18:51:26 | 000,002,771 | ---- | C] () -- C:\Users\Claude\Documents\the who.jpg

[2011/11/09 18:30:10 | 000,003,570 | ---- | C] () -- C:\Users\Claude\Documents\ted.jpg

[2011/10/09 07:50:47 | 000,000,000 | ---- | C] () -- C:\Users\Claude\AppData\Local\{68FC46D9-3F80-4BA8-8BC7-C45D8EC5CD6D}

[2011/10/01 14:47:10 | 000,000,000 | ---- | C] () -- C:\Users\Claude\AppData\Roaming\wklnhst.dat

[2011/08/27 06:22:50 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat

[2011/08/27 06:22:50 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat

[2011/04/01 17:41:11 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat

[2011/02/18 12:37:34 | 000,000,051 | ---- | C] () -- C:\Windows\wininit.ini

[2011/02/13 12:56:09 | 000,007,596 | ---- | C] () -- C:\Users\Claude\AppData\Local\Resmon.ResmonCfg

[2010/11/16 17:40:55 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

[2010/11/16 17:38:19 | 000,000,330 | ---- | C] () -- C:\Windows\SysMech.INI

[2010/07/14 15:03:02 | 000,000,036 | ---- | C] () -- C:\Users\Claude\AppData\Local\housecall.guid.cache

[2010/07/10 17:41:50 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll

[2010/06/27 17:18:19 | 000,000,019 | ---- | C] () -- C:\Windows\popcinfo.dat

[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT

[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat

[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

 

========== LOP Check ==========

 

[2011/07/29 22:22:23 | 000,000,000 | ---D | M] -- C:\Users\Claude\AppData\Roaming\Agnitum

[2011/02/26 16:54:34 | 000,000,000 | ---D | M] -- C:\Users\Claude\AppData\Roaming\GARMIN

[2011/03/14 16:24:14 | 000,000,000 | ---D | M] -- C:\Users\Claude\AppData\Roaming\Iconix

[2010/11/16 17:05:00 | 000,000,000 | ---D | M] -- C:\Users\Claude\AppData\Roaming\iolo

[2011/06/12 09:18:39 | 000,000,000 | ---D | M] -- C:\Users\Claude\AppData\Roaming\PC Suite

[2011/09/10 19:44:17 | 000,000,000 | ---D | M] -- C:\Users\Claude\AppData\Roaming\QuickScan

[2011/10/01 14:47:18 | 000,000,000 | ---D | M] -- C:\Users\Claude\AppData\Roaming\Template

[2010/12/12 12:30:10 | 000,000,000 | ---D | M] -- C:\Users\Claude\AppData\Roaming\webex

[2011/03/23 16:27:25 | 000,000,000 | ---D | M] -- C:\Users\Invité\AppData\Roaming\eMail ID

[2011/03/23 16:25:10 | 000,000,000 | ---D | M] -- C:\Users\Invité\AppData\Roaming\iolo

[2011/11/06 07:20:35 | 000,032,482 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 

========== Purity Check ==========

 

 

 

< End of report >

 

 

 

OTL Extras logfile created on: 12/9/2011 11:40:14 AM - Run 1

OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Claude\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

 

1.75 Gb Total Physical Memory | 1.08 Gb Available Physical Memory | 61.94% Memory free

3.49 Gb Paging File | 2.25 Gb Available in Paging File | 64.56% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 220.78 Gb Total Space | 174.47 Gb Free Space | 79.02% Space Free | Partition Type: NTFS

 

Computer Name: CLAUDE-PORTABLE | User Name: Claude | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-3082297268-1611230529-2805471807-1000\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 

========== Shell Spawning ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 

========== System Restore Settings ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

 

========== Authorized Applications List ==========

 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant

"{26A7FC57-FC21-4CA9-85BD-4324B3294D8B}" = StuffIt 2010

"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022

"{4B5F58F7-C7D1-3CE3-9B37-B657F0852643}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack

"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

"{56F26668-13DA-497A-883F-61434A10CBAB}" = MobileMe Control Panel

"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{6CFB1B20-ECAE-488F-9FFB-6AD420882E71}" = iTunes

"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour

"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support

"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570

"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007

"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007

"{90120000-002A-040C-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (French) 2007

"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

"{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb" = Internet Explorer (Enable DEP)

"{ACCA82EB-7088-919E-5E1C-100A24F11CCF}" = ATI Catalyst Install Manager

"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter

"{E2FCA441-6D7B-CD78-3ADF-42EA9FA06065}" = ccc-utility64

"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit

"Agnitum Outpost Security Suite Pro_is1" = Outpost Security Suite Pro 7.5.1

"CCleaner" = CCleaner

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA

"SynTPDeinstKey" = Synaptics Pointing Device Driver

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0214A441-A4AB-43A8-8DEF-2F73C5364673}" = Microsoft Works

"{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard

"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2

"{183F0908-AD5E-8B3B-5F06-28B1A8C65C62}" = CCC Help Japanese

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare

"{23E9588B-05ED-BC2F-EB69-101A96511EF1}" = ccc-core-static

"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8

"{2484D1EA-CBA4-60BB-82B9-F8477D25C47A}" = CCC Help Dutch

"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java 6 Update 26

"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com

"{29802D65-9514-DB20-36CD-E47A94C8AEB9}" = Catalyst Control Center Graphics Full Existing

"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8

"{2F61E9D7-CD05-643E-A04E-CC1A8B6610BA}" = CCC Help Finnish

"{2FA3CDD8-1436-497D-6339-789936561E99}" = CCC Help German

"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App

"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{34123E80-BE96-6282-1167-6696730AF6D2}" = CCC Help Korean

"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live

"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer

"{3D20EF26-2E9A-D388-851D-E7675BBACFF5}" = Catalyst Control Center Core Implementation

"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management

"{4024F49B-65D4-D6B2-2A1D-6DBF6F09F181}" = CCC Help Greek

"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis

"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live

"{49A63237-FD38-AE77-6DF6-FFB41499A4E6}" = CCC Help Hungarian

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform

"{4F0FC827-B693-F166-612E-EA89D798540C}" = CCC Help Chinese Traditional

"{52FBF90E-D2EF-A2A3-1CCA-6984596B1B02}" = CCC Help English

"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth

"{5E453519-60F6-4A4D-A0BF-16663F9B3536}" = Safari

"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger

"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources

"{628CBFE4-3823-67FB-26D2-566899C3BB5C}" = CCC Help Italian

"{652EB559-6865-DEF4-2409-D506963C15FD}" = CCC Help Polish

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker

"{68987945-A387-4C25-0C59-21F2AF657E65}" = CCC Help Thai

"{6B45E33B-6BB4-234B-2F5F-65B1A103801D}" = CCC Help Russian

"{6B99737C-9FDC-50F9-C9A4-AB7DA5C9A336}" = Catalyst Control Center Graphics Full New

"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker

"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer" = WildTangent Games App (Acer Games)

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime

"{7BE74C0E-F300-D0A6-780B-C93BB78DE58C}" = CCC Help Norwegian

"{7E75ACC5-B0EC-7006-183A-374974019911}" = Catalyst Control Center Graphics Light

"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management

"{82809116-D1EE-443C-AE31-F19E709DDF7A}" = AMD USB Filter Driver

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007

"{90120000-0017-040C-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (French) 2007

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007

"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007

"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007

"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007

"{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007

"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007

"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007

"{90120000-00BA-040C-0000-0000000FF1CE}" = Microsoft Office Groove MUI (French) 2007

"{90120000-0100-040C-0000-0000000FF1CE}" = Microsoft Office O MUI (French) 2007

"{90120000-0101-040C-0000-0000000FF1CE}" = Microsoft Office X MUI (French) 2007

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In

"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{932D0FC7-6DF1-4136-A2EC-166E8DEFD6A4}" = Ad-Aware

"{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French)

"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader

"{97124B44-C17B-C352-44B1-403D0D706173}" = CCC Help Czech

"{9ACA8261-11D1-F8A1-C154-7F8B23515C79}" = CCC Help Swedish

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail

"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9574A7E-C024-EED1-7A81-CC4786A1915A}" = CCC Help Portuguese

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AA32D2A6-1299-0F05-BF8D-04075A9F69EB}" = CCC Help Turkish

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AC76BA86-7AD7-1036-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Français

"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy

"{BBD3F66B-1180-4785-B679-3F91572CD3B4}_is1" = iolo technologies' System Mechanic Professional

"{BCC05B1F-7397-799A-9EDB-AC10123BB17A}" = CCC Help Chinese Standard

"{BEF4FD8A-29FF-C250-468A-5FC55F0E3451}" = Catalyst Control Center Localization All

"{C45ED267-57B3-4BB8-869C-6FD429A48EB3}" = Cisco WebEx Meeting Center for Firefox or Chrome

"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common

"{CA09037E-6B9F-408F-BB5C-61F040FD1D5A}" = Ad-Aware

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{CF7A62B6-F712-412E-9914-D80033A7F8B8}" = Catalyst Control Center - Branding

"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64

"{D41301F8-90FD-9CE8-CD2C-ED2B9D5F07E3}" = CCC Help Spanish

"{D43AD08C-BE76-8C5B-FD90-4B665EF60E2E}" = CCC Help Danish

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D56B3391-1DAB-4AB3-AFF5-D55457911BBB}" = Ad-Aware

"{DA4CA661-5ABF-9218-6E42-84BF89F43655}" = CCC Help French

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide

"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant

"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger

"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"Acer Registration" = Acer Registration

"Acer Welcome Center" = Welcome Center

"adawaretb" = Ad-Aware Security Toolbar

"Adobe AIR" = Adobe AIR

"Ad-Remover" = Ad-Remover par C_XX

"ESET Online Scanner" = ESET Online Scanner v3

"Google Chrome" = Google Chrome

"GridVista" = Acer GridVista

"HOMESTUDENTR" = Microsoft Office Home and Student 2007

"Iconix eMail ID" = Iconix® eMail ID

"Identity Card" = Identity Card

"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5

"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2

"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8

"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8

"LManager" = Launch Manager

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800

"Mozilla Firefox 8.0 (x86 fr)" = Mozilla Firefox 8.0 (x86 fr)

"OMUI.fr-fr" = Microsoft Office Language Pack 2007 - French/Français

"Usbfix" = UsbFix By TeamXscript

"WildTangent acer Master Uninstall" = Acer Games

"WinLiveSuite" = Windows Live

"ZHPDiag_is1" = ZHPDiag 1.27

 

========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-21-3082297268-1611230529-2805471807-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"ActiveTouchMeetingClient" = WebEx

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 9/8/2011 4:37:45 PM | Computer Name = Claude-Portable | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

 

Error - 9/8/2011 4:37:45 PM | Computer Name = Claude-Portable | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 20202

 

Error - 9/8/2011 4:37:45 PM | Computer Name = Claude-Portable | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 20202

 

Error - 9/8/2011 4:37:46 PM | Computer Name = Claude-Portable | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

 

Error - 9/8/2011 4:37:46 PM | Computer Name = Claude-Portable | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 21310

 

Error - 9/8/2011 4:37:46 PM | Computer Name = Claude-Portable | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 21310

 

Error - 9/8/2011 4:37:48 PM | Computer Name = Claude-Portable | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

 

Error - 9/8/2011 4:37:48 PM | Computer Name = Claude-Portable | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 22605

 

Error - 9/8/2011 4:37:48 PM | Computer Name = Claude-Portable | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 22605

 

Error - 9/8/2011 4:37:49 PM | Computer Name = Claude-Portable | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

 

[ System Events ]

Error - 12/9/2011 11:50:01 AM | Computer Name = Claude-Portable | Source = atikmdag | ID = 52236

Description = CPLIB :: General - Invalid Parameter

 

Error - 12/9/2011 11:50:01 AM | Computer Name = Claude-Portable | Source = atikmdag | ID = 43029

Description = Display is not active

 

Error - 12/9/2011 11:50:19 AM | Computer Name = Claude-Portable | Source = Service Control Manager | ID = 7000

Description = Le service iolo FileInfoList Service n’a pas pu démarrer en raison

de l’erreur : %%1083

 

Error - 12/9/2011 11:50:41 AM | Computer Name = Claude-Portable | Source = Service Control Manager | ID = 7026

Description = Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se

charger : FileDisk

 

Error - 12/9/2011 11:58:38 AM | Computer Name = Claude-Portable | Source = NetBT | ID = 4307

Description = L’initialisation a échoué car le transport a refusé d’ouvrir les adresses

initiales.

 

Error - 12/9/2011 11:58:42 AM | Computer Name = Claude-Portable | Source = NetBT | ID = 4307

Description = L’initialisation a échoué car le transport a refusé d’ouvrir les adresses

initiales.

 

Error - 12/9/2011 11:58:44 AM | Computer Name = Claude-Portable | Source = HTTP | ID = 15005

Description =

 

Error - 12/9/2011 11:58:45 AM | Computer Name = Claude-Portable | Source = Service Control Manager | ID = 7001

Description = Le service Fournisseur HomeGroup dépend du service Publication des

ressources de découverte de fonctions qui n’a pas pu démarrer en raison de l’erreur :

%%-2147024891

 

Error - 12/9/2011 11:58:45 AM | Computer Name = Claude-Portable | Source = Service Control Manager | ID = 7023

Description = Le service Publication des ressources de découverte de fonctions s’est

arrêté avec l’erreur : %%-2147024891

 

Error - 12/9/2011 11:58:46 AM | Computer Name = Claude-Portable | Source = NetBT | ID = 4307

Description = L’initialisation a échoué car le transport a refusé d’ouvrir les adresses

initiales.

 

 

< End of report >