OTL logfile created on: 13/10/2011 22:05:23 - Run 7 OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\Thierry 200910\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 1022.42 Mb Total Physical Memory | 524.09 Mb Available Physical Memory | 51.26% Memory free 2.40 Gb Paging File | 1.86 Gb Available in Paging File | 77.52% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 76.32 Gb Total Space | 36.60 Gb Free Space | 47.95% Space Free | Partition Type: NTFS Drive D: | 585.07 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Drive E: | 232.88 Gb Total Space | 152.53 Gb Free Space | 65.49% Space Free | Partition Type: NTFS Drive F: | 983.70 Mb Total Space | 879.11 Mb Free Space | 89.37% Space Free | Partition Type: FAT Computer Name: THIERRY | User Name: Thierry 200910 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011/10/08 12:54:58 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Thierry 200910\Desktop\OTL.exe PRC - [2011/09/06 21:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2011/09/06 21:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2011/06/24 15:54:46 | 000,020,880 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe PRC - [2011/06/24 15:54:36 | 003,373,968 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe PRC - [2011/02/06 14:35:14 | 000,843,144 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe PRC - [2010/09/20 06:07:02 | 000,185,784 | ---- | M] (PPLive Corporation) -- C:\Program Files\Common Files\PPLiveNetwork\PPAP.exe PRC - [2010/03/25 03:50:00 | 002,516,296 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE PRC - [2010/01/11 22:40:47 | 000,442,368 | ---- | M] () -- C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe PRC - [2010/01/11 22:40:46 | 001,638,240 | ---- | M] (BitDefender S. R. L.) -- C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe PRC - [2009/07/20 12:30:50 | 000,813,584 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe PRC - [2009/07/10 12:42:32 | 000,055,824 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008/01/29 11:20:06 | 002,157,064 | ---- | M] (Xpertvision, Inc.) -- C:\Program Files\XpertVision\TBPANEL.exe PRC - [2004/09/19 15:59:00 | 000,368,128 | ---- | M] () -- C:\Program Files\TVTool\TVTOOL.exe PRC - [2004/02/23 16:51:32 | 000,032,768 | ---- | M] (XPDisable0Conf) -- C:\Program Files\Belkin\Belkin 54Mbps Wireless Utility\TOOL\WinXPDisableZeroConfigation.exe PRC - [2003/09/17 10:43:36 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe PRC - [2002/04/12 14:39:24 | 000,155,715 | ---- | M] () -- C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2011/09/06 21:11:46 | 001,385,984 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11090601\algo.dll MOD - [2011/09/05 09:17:50 | 000,208,544 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11090601\aswRep.dll MOD - [2011/06/24 15:54:46 | 000,020,880 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe MOD - [2011/06/12 00:33:46 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\042658de519bb1e22ec5925092061892\System.Management.ni.dll MOD - [2011/06/12 00:28:28 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ed2bf0d86229128c194a872f70fe15ee\System.Windows.Forms.ni.dll MOD - [2011/06/12 00:28:08 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d912066086a59f09424c7c69f95e2c55\System.Drawing.ni.dll MOD - [2011/06/12 00:27:40 | 002,295,296 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Core\684fe21837d3cf3e5935bbd0a7f53141\System.Core.ni.dll MOD - [2011/06/12 00:27:18 | 000,539,648 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\689bb394bcb437ed085c22a43aba30c6\PresentationFramework.Luna.ni.dll MOD - [2011/06/12 00:27:02 | 014,328,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1a5d89d569e2e12842daf4d87c57361a\PresentationFramework.ni.dll MOD - [2011/06/12 00:26:26 | 012,215,808 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\46c57d845e55232a89e98101075cd455\PresentationCore.ni.dll MOD - [2011/06/12 00:26:05 | 003,325,440 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\76e431fde1b252312b331f7108259fda\WindowsBase.ni.dll MOD - [2011/06/12 00:25:53 | 007,949,824 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\f02cf6430a9fc77908a74ab6925cb73c\System.ni.dll MOD - [2011/06/12 00:25:32 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\62d5f089dd51f18472a7caf1593d9f6b\mscorlib.ni.dll MOD - [2011/06/12 00:22:57 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll MOD - [2011/06/07 11:13:56 | 000,592,896 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\CommonModule.dll MOD - [2011/06/07 11:13:56 | 000,007,168 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\IPCServer.dll MOD - [2011/06/07 11:13:54 | 000,367,104 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\FirmwareUpdateAgent.Common.dll MOD - [2011/06/07 11:13:54 | 000,003,584 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\ISharedIPCInterface.dll MOD - [2010/12/19 01:18:39 | 000,243,112 | ---- | M] () -- C:\Program Files\Common Files\PPLiveNetwork\tipsclient.dll MOD - [2010/11/02 08:39:46 | 000,866,152 | ---- | M] () -- C:\Program Files\Common Files\PPLiveNetwork\MngModule.dll MOD - [2010/09/20 06:07:14 | 000,516,864 | ---- | M] () -- C:\Program Files\Common Files\PPLiveNetwork\sqlite3.dll MOD - [2010/01/11 22:40:47 | 000,442,368 | ---- | M] () -- C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe MOD - [2010/01/11 22:40:47 | 000,241,664 | ---- | M] () -- C:\Program Files\BitDefender\BitDefender 2009\ENU\seccenter.ui MOD - [2009/10/10 17:54:45 | 000,192,512 | ---- | M] () -- C:\WINDOWS\system32\txmlutil.dll MOD - [2009/10/10 17:54:42 | 000,073,728 | ---- | M] () -- C:\Program Files\BitDefender\BitDefender 2009\tuneupconp.dll MOD - [2009/10/10 17:54:36 | 000,126,976 | ---- | M] () -- C:\Program Files\BitDefender\BitDefender 2009\hmcore.dll MOD - [2009/10/10 17:54:34 | 000,010,240 | ---- | M] () -- C:\Program Files\BitDefender\BitDefender 2009\dbokf.dll MOD - [2009/10/10 17:54:24 | 000,155,648 | ---- | M] () -- C:\Program Files\BitDefender\BitDefender 2009\bdfltlib.dll MOD - [2009/10/10 17:54:15 | 000,172,032 | ---- | M] () -- C:\Program Files\BitDefender\BitDefender 2009\agentreg.dll MOD - [2009/10/10 17:54:14 | 000,045,056 | ---- | M] () -- C:\Program Files\BitDefender\BitDefender 2009\actxcont.dll MOD - [2009/10/10 17:54:02 | 000,003,584 | ---- | M] () -- C:\Program Files\BitDefender\BitDefender 2009\ENU\encryption.ui MOD - [2009/10/10 17:54:01 | 000,009,728 | ---- | M] () -- C:\Program Files\BitDefender\BitDefender 2009\ENU\bdshelxt.ui MOD - [2009/07/20 12:27:14 | 000,017,936 | ---- | M] () -- C:\Program Files\Logitech\SetPoint\khalwrapper.dll MOD - [2008/01/08 18:53:00 | 001,482,752 | ---- | M] () -- C:\WINDOWS\system32\nview.dll MOD - [2008/01/08 18:53:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll MOD - [2007/09/20 18:34:58 | 000,129,024 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll MOD - [2007/04/18 17:11:26 | 000,196,608 | ---- | M] () -- C:\Program Files\BitDefender\BitDefender 2009\libexpatw.dll MOD - [2007/01/31 11:31:06 | 000,032,768 | ---- | M] () -- C:\Program Files\XpertVision\TBPanelExt.dll MOD - [2004/09/19 15:59:00 | 000,368,128 | ---- | M] () -- C:\Program Files\TVTool\TVTOOL.exe MOD - [2003/08/25 15:55:00 | 000,006,144 | ---- | M] () -- C:\Program Files\TVTool\TVTOOL.DLL MOD - [2002/04/12 14:39:24 | 000,155,715 | ---- | M] () -- C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe MOD - [2000/06/12 15:14:50 | 000,360,518 | ---- | M] () -- C:\Program Files\SEC\Natural Color\LowCMS.dll MOD - [1998/10/31 04:55:56 | 000,005,120 | ---- | M] () -- C:\Program Files\XpertVision\TBMANAGE.DLL [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- -- (WLTRYSVC) SRV - File not found [Auto | Stopped] -- -- (NVSvc) SRV - File not found [On_Demand | Stopped] -- -- (NMIndexingService) SRV - File not found [Auto | Stopped] -- -- (LIVESRV) SRV - File not found [Auto | Stopped] -- -- (JavaQuickStarterService) SRV - File not found [On_Demand | Stopped] -- -- (iPod Service) SRV - File not found [Auto | Stopped] -- -- (Creative Service for CDROM Access) SRV - File not found [Auto | Stopped] -- -- (Apple Mobile Device) SRV - [2011/09/06 21:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2010/01/11 22:40:46 | 001,638,240 | ---- | M] (BitDefender S. R. L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe -- (VSSERV) SRV - [2009/10/10 17:53:48 | 000,323,584 | ---- | M] (S.C. BitDefender S.R.L) [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll -- (scan) SRV - [2009/07/20 12:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2008/07/17 13:06:56 | 000,118,784 | ---- | M] (BitDefender S.R.L. http://www.bitdefender.com) [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe -- (Arrakis3) SRV - [2003/03/09 05:31:02 | 000,065,795 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme) DRV - [2011/09/06 21:38:05 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2011/09/06 21:37:53 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2011/09/06 21:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2011/09/06 21:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2011/09/06 21:36:23 | 000,110,552 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2011/09/06 21:36:12 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2011/09/06 21:33:11 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2011/06/16 10:22:50 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm) SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.) DRV - [2011/06/16 10:22:50 | 000,076,088 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) DRV - [2011/06/07 11:13:36 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dgderdrv.sys -- (dgderdrv) DRV - [2010/11/09 14:56:12 | 000,098,392 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SBREDrv.sys -- (SBRE) DRV - [2010/05/13 23:05:40 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\taphss.sys -- (taphss) DRV - [2009/10/10 17:54:45 | 000,242,184 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bdfsfltr.sys -- (bdfsfltr) DRV - [2009/10/10 17:54:45 | 000,111,112 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bdfm.sys -- (bdfm) DRV - [2009/10/10 17:54:45 | 000,104,456 | ---- | M] (BitDefender LLC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bdfndisf.sys -- (Bdfndisf) DRV - [2009/10/10 17:54:29 | 000,008,832 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Running] -- C:\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys -- (BDSelfPr) DRV - [2009/10/10 17:53:53 | 000,082,696 | ---- | M] (BitDefender S.R.L.) [Kernel | Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2009\BDVEDISK.sys -- (BDVEDISK) DRV - [2009/10/10 17:53:51 | 000,137,224 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys -- (bdftdif) DRV - [2009/10/10 17:53:51 | 000,039,808 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys -- (Trufos) DRV - [2009/10/10 17:53:48 | 000,013,056 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys -- (Profos) DRV - [2009/10/10 15:27:24 | 000,015,648 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x) DRV - [2009/06/17 17:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2009/06/17 17:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2009/06/17 17:55:18 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd) DRV - [2008/04/13 20:45:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2007/03/16 10:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\TBPanel.sys -- (TBPanel) DRV - [2007/03/16 10:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (Cardex) DRV - [2006/09/11 12:45:38 | 000,019,968 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2006/09/11 12:45:36 | 000,057,856 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2006/08/21 11:24:28 | 000,105,344 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata) DRV - [2006/08/11 15:56:36 | 000,008,192 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\pfmodnt.sys -- (PfDetNT) DRV - [2006/08/11 15:45:40 | 000,007,168 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k) DRV - [2006/08/11 15:45:38 | 000,499,584 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM) DRV - [2006/08/11 15:45:28 | 000,180,224 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\haP17v2k.sys -- (hap17v2k) DRV - [2006/08/11 15:45:26 | 000,766,976 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k) DRV - [2006/08/11 15:45:26 | 000,154,112 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\haP16v2k.sys -- (hap16v2k) DRV - [2006/08/11 15:45:24 | 000,116,224 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv) DRV - [2006/08/11 15:45:18 | 000,143,872 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k) DRV - [2006/08/11 15:45:18 | 000,078,336 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia) DRV - [2006/08/11 15:45:14 | 000,502,272 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k) DRV - [2005/11/10 18:06:04 | 000,340,704 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k) DRV - [2004/10/08 02:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K) DRV - [2004/08/13 03:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) DRV - [2004/07/14 16:29:50 | 000,350,299 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VdCap03C.sys -- (Cam5603C) DRV - [2004/02/19 10:51:00 | 000,300,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcmwl5.sys -- (BCM43XX) DRV - [1996/04/03 19:33:00 | 000,005,248 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\TVTool\TVTOOL.SYS -- (tvtool) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1960408961-602609370-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.bing.com/ [binary data] IE - HKU\S-1-5-21-1960408961-602609370-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-1960408961-602609370-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/ IE - HKU\S-1-5-21-1960408961-602609370-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-1960408961-602609370-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1960408961-602609370-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Program Files\TVUPlayer\npTVUAx.dll (TVU networks) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.16: C:\Program Files\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Thierry 200910\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Thierry 200910\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2009\FFToolbar\ [2011/02/06 14:43:23 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/04 12:54:11 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2009\tbextension\ [2007/10/09 22:56:20 | 000,000,000 | ---D | M] [2011/02/20 11:53:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Thierry 200910\Application Data\Mozilla\Extensions [2011/02/20 11:53:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Thierry 200910\Application Data\Mozilla\Extensions\maxtv4@labs.max-tv.be [2011/06/17 23:16:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011/04/14 17:41:09 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2010/01/11 22:40:47 | 000,065,536 | ---- | M] () -- C:\Program Files\mozilla firefox\components\FFComm.dll [2010/01/01 09:00:00 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml [2010/01/01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2010/01/01 09:00:00 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml [2010/01/01 09:00:00 | 000,001,180 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml [2010/01/01 09:00:00 | 000,001,135 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Thierry 200910\Local Settings\Application Data\Google\Chrome\Application\14.0.835.186\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U20 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Thierry 200910\Local Settings\Application Data\Google\Chrome\Application\14.0.835.186\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Thierry 200910\Local Settings\Application Data\Google\Chrome\Application\14.0.835.186\pdf.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Thierry 200910\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: TVU Web Player for FireFox (Enabled) = C:\Program Files\TVUPlayer\npTVUAx.dll CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files\Veetle\Player\npvlc.dll CHR - plugin: Veetle Broadcaster Plugin (Enabled) = C:\Program Files\Veetle\VLCBroadcast\npvbp.dll CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files\Veetle\plugins\npVeetle.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin O1 HOSTS File: ([2011/10/13 21:25:17 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.) O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.) O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.) O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll (Bitdefender) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKU\S-1-5-21-1960408961-602609370-839522115-1003\..\Toolbar\WebBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No CLSID value found. O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe (BitDefender S.R.L.) O4 - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe (BitDefender) O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4 - HKLM..\Run: [CTDVDDET] C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.exe (Creative Technology Ltd) O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\CTHELPER.EXE (Creative Technology Ltd) O4 - HKLM..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe (Creative Technology Ltd) O4 - HKLM..\Run: [CTxfiHlp] C:\WINDOWS\System32\CTXFIHLP.EXE (Creative Technology Ltd) O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.) O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe (Creative Technology Ltd) O4 - HKLM..\Run: [Spyhunter Security Suite] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe () O4 - HKLM..\Run: [TBPanel] C:\Program Files\XpertVision\TBPanel.exe (Xpertvision, Inc.) O4 - HKLM..\Run: [TVTool] C:\Program Files\TVTool\TVTool.exe () O4 - HKLM..\Run: [XpDis0Conf] C:\Program Files\Belkin\Belkin 54Mbps Wireless Utility\TOOL\WinXPDisableZeroConfigation.exe (XPDisable0Conf) O4 - HKU\S-1-5-21-1960408961-602609370-839522115-1003..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG) O4 - HKU\S-1-5-21-1960408961-602609370-839522115-1003..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung) O4 - HKU\S-1-5-21-1960408961-602609370-839522115-1003..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe () O4 - HKU\S-1-5-21-1960408961-602609370-839522115-1003..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKU\S-1-5-21-1960408961-602609370-839522115-1003..\Run: [PPAP] C:\Program Files\Common Files\PPLiveNetwork\PPAP.exe (PPLive Corporation) O4 - HKU\S-1-5-21-1960408961-602609370-839522115-1003..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe () O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NaturalColorLoad.lnk = C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1960408961-602609370-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1960408961-602609370-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-1960408961-602609370-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0 O7 - HKU\S-1-5-21-1960408961-602609370-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-1960408961-602609370-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.) O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPTV\PPLive.exe (PPLive Corporation) O9 - Extra 'Tools' menuitem : PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPTV\PPLive.exe (PPLive Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bitdefender.com/qsax/qsax.cab (BitDefender QuickScan Control) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1255191831465 (WUWebControl Class) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-31-0.cab (EPUImageControl Class) O16 - DPF: {CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/1.3.1/jinstall-131_03-win.cab (Java Plug-in 1.3.1_03) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} http://www.vexcast.com/download/vexcast.cab (VodClient Control Class) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab (Windows Live Hotmail Photo Upload Tool) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{747C9916-C4E9-4B43-808B-7825DC44090B}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D3B3A3FD-03D2-49EF-95B2-A870D4D2BDBA}: NameServer = 87.194.255.155 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\vsharechrome - No CLSID value found O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - C:\WINDOWS\System32\WgaLogon.dll () O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007/10/09 21:12:35 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2001/08/23 13:00:00 | 000,000,110 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ] O32 - AutoRun File - [2011/10/08 12:50:06 | 000,000,000 | RHSD | M] - F:\autorun.inf -- [ FAT ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 2 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 0 [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011/10/13 21:36:04 | 001,559,856 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Thierry 200910\Desktop\tdsskiller.exe [2011/10/12 22:02:28 | 000,000,000 | RHSD | C] -- C:\cmdcons [2011/10/12 21:55:20 | 000,000,000 | ---D | C] -- C:\_OTL [2011/10/12 21:54:03 | 004,608,744 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Thierry 200910\Desktop\WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [2011/10/12 21:53:55 | 004,253,235 | R--- | C] (Swearware) -- C:\Documents and Settings\Thierry 200910\Desktop\ComboFix.exe [2011/10/11 20:37:21 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Thierry 200910\Desktop\OTL.exe [2011/10/10 23:43:48 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2011/10/10 23:43:48 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2011/10/10 23:43:48 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2011/10/10 23:43:48 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2011/10/10 23:39:14 | 000,000,000 | ---D | C] -- C:\!KillBox [2011/10/04 23:15:37 | 000,020,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2011/10/04 23:15:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus [2011/10/04 23:15:36 | 000,320,856 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2011/10/04 23:15:33 | 000,052,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2011/10/04 23:15:33 | 000,034,392 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2011/10/04 23:15:32 | 000,442,200 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys [2011/10/04 23:15:31 | 000,110,552 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2011/10/04 23:15:31 | 000,104,536 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2011/10/04 23:15:31 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2011/10/04 23:15:18 | 000,000,000 | ---D | C] -- C:\Config.Msi [2011/10/04 23:14:52 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe [2011/10/04 23:14:52 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr [2011/10/02 19:14:13 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Thierry 200910\Recent [2011/09/26 22:03:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Thierry 200910\DoctorWeb [2011/09/25 22:59:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp [2011/09/25 19:51:28 | 000,000,000 | ---D | C] -- C:\Program Files\SecurityXploded [2011/09/25 18:05:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\setup.pss [2011/09/25 13:58:41 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ipsec.svs [2011/09/25 13:54:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2011/09/25 13:53:11 | 000,000,000 | ---D | C] -- C:\Qoobox [2011/09/25 13:53:05 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Thierry 200910\Start Menu\Programs\Administrative Tools [2011/09/24 22:20:16 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2011/09/24 22:20:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software [2011/09/24 21:59:46 | 000,000,000 | ---D | C] -- C:\RRTVAULT [2011/09/24 20:28:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Thierry 200910\Application Data\SUPERAntiSpyware.com [2011/09/24 20:28:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com [2011/09/23 22:32:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss [2011/09/23 21:56:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Thierry 200910\Desktop\RK_Quarantine [2011/09/23 20:28:31 | 000,098,392 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys [2011/09/23 20:28:31 | 000,027,984 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\sbbd.exe [2011/09/23 20:28:11 | 000,000,000 | ---D | C] -- C:\VIPRERESCUE [2011/09/20 22:46:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Thierry 200910\Application Data\QuickScan [2011/09/20 21:54:23 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2011/09/20 20:41:16 | 000,092,672 | ---- | C] (Option^Explicit Software vbtechcd@gmail.com) -- C:\Documents and Settings\Thierry 200910\Desktop\KillBox.exe [2007/10/09 22:10:25 | 000,033,792 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll [2006/08/11 15:43:00 | 000,009,216 | ---- | C] ( ) -- C:\WINDOWS\System32\KILLAPPS.EXE [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011/10/13 22:05:11 | 000,000,558 | ---- | M] () -- C:\WINDOWS\DFC.INI [2011/10/13 21:54:05 | 000,000,902 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011/10/13 21:51:06 | 000,001,014 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-602609370-839522115-1003UA.job [2011/10/13 21:32:52 | 001,559,856 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Thierry 200910\Desktop\tdsskiller.exe [2011/10/13 21:26:15 | 000,000,121 | ---- | M] () -- C:\WINDOWS\bdagent.INI [2011/10/13 21:25:46 | 004,958,588 | ---- | M] () -- C:\WINDOWS\{00000001-00000000-00000007-00001102-00000004-20021102}.CDF [2011/10/13 21:25:46 | 004,958,588 | ---- | M] () -- C:\WINDOWS\{00000001-00000000-00000007-00001102-00000004-20021102}.BAK [2011/10/13 21:25:17 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2011/10/13 21:25:08 | 000,000,898 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011/10/13 21:03:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011/10/13 21:02:31 | 000,033,232 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000001-00000000-00000007-00001102-00000004-20021102}.rfx [2011/10/13 21:02:31 | 000,033,232 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000001-00000000-00000007-00001102-00000004-20021102}.rfx [2011/10/13 21:02:31 | 000,032,448 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000001-00000000-00000007-00001102-00000004-20021102}.rfx [2011/10/13 21:02:31 | 000,032,448 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000001-00000000-00000007-00001102-00000004-20021102}.rfx [2011/10/13 21:02:31 | 000,011,564 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000001-00000000-00000007-00001102-00000004-20021102}.rfx [2011/10/13 21:02:31 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm [2011/10/13 21:02:31 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm [2011/10/13 21:02:29 | 000,081,984 | ---- | M] () -- C:\WINDOWS\System32\bdod.bin [2011/10/12 23:19:07 | 000,000,146 | -HS- | M] () -- C:\WINDOWS\7426638drv.spi [2011/10/12 22:02:38 | 000,000,355 | RHS- | M] () -- C:\boot.ini [2011/10/12 21:41:58 | 098,217,864 | ---- | M] () -- C:\Documents and Settings\Thierry 200910\Desktop\setup_11.0.0.1245.x01_2011_10_12_23_33.exe [2011/10/12 21:22:24 | 004,608,744 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Thierry 200910\Desktop\WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [2011/10/12 20:52:43 | 000,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011/10/10 23:26:10 | 004,253,235 | R--- | M] (Swearware) -- C:\Documents and Settings\Thierry 200910\Desktop\ComboFix.exe [2011/10/10 22:55:22 | 000,000,962 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-602609370-839522115-1003Core.job [2011/10/08 12:54:58 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Thierry 200910\Desktop\OTL.exe [2011/10/04 23:15:32 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2011/09/25 14:12:24 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20111010-234234.backup [2011/09/25 13:28:31 | 000,000,239 | ---- | M] () -- C:\Boot.bak [2011/09/24 20:21:13 | 000,000,618 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics [2011/09/21 21:16:03 | 000,002,187 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk [2011/09/20 21:49:37 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\Thierry 200910\Local Settings\Application Data\housecall.guid.cache [2011/09/20 21:12:05 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk [2011/09/20 20:41:16 | 000,092,672 | ---- | M] (Option^Explicit Software vbtechcd@gmail.com) -- C:\Documents and Settings\Thierry 200910\Desktop\KillBox.exe [2011/09/18 18:05:04 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\Thierry 200910\Desktop\SopCast.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011/10/12 23:19:07 | 000,000,146 | -HS- | C] () -- C:\WINDOWS\7426638drv.spi [2011/10/12 22:02:38 | 000,000,239 | ---- | C] () -- C:\Boot.bak [2011/10/12 22:02:35 | 000,260,272 | RHS- | C] () -- C:\cmldr [2011/10/12 21:53:55 | 098,217,864 | ---- | C] () -- C:\Documents and Settings\Thierry 200910\Desktop\setup_11.0.0.1245.x01_2011_10_12_23_33.exe [2011/10/10 23:43:48 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe [2011/10/10 23:43:48 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe [2011/10/10 23:43:48 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2011/10/10 23:43:48 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2011/10/10 23:43:48 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2011/10/04 23:53:08 | 004,958,588 | ---- | C] () -- C:\WINDOWS\{00000001-00000000-00000007-00001102-00000004-20021102}.BAK [2011/09/20 21:49:37 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Thierry 200910\Local Settings\Application Data\housecall.guid.cache [2011/09/18 18:05:04 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\Thierry 200910\Desktop\SopCast.lnk [2011/07/03 22:39:15 | 000,103,696 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat [2011/06/17 23:16:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2011/06/12 00:56:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\WgaLogon.dll [2011/06/07 11:13:38 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll [2011/06/07 11:13:38 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll [2011/06/07 11:13:38 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll [2011/06/07 11:13:38 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll [2011/06/07 11:13:38 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe [2011/04/11 22:14:43 | 000,000,195 | ---- | C] () -- C:\WINDOWS\si-chaid.ini [2011/04/01 17:33:56 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\Thierry 200910\Application Data\setup_ldm.iss [2011/01/03 15:27:38 | 000,002,996 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp [Multi Encoder] Codec.dat [2011/01/03 15:27:27 | 000,002,993 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp [Channel Split] Codec.dat [2011/01/03 15:27:14 | 000,002,863 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp [Tag From Filename] Codec.dat [2011/01/03 15:27:04 | 000,002,856 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp [Length Split] Codec.dat [2011/01/03 15:26:54 | 000,002,865 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp [Audio Info] Codec.dat [2011/01/03 15:26:44 | 000,002,894 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp [ReplayGain] Codec.dat [2011/01/03 15:26:36 | 000,002,830 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp [ID Tag Update] Codec.dat [2011/01/03 15:26:18 | 000,002,873 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp [Arrange Audio] Codec.dat [2011/01/03 15:24:27 | 000,010,999 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp DSP Effects.dat [2011/01/03 15:24:21 | 000,346,800 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall.exe [2011/01/03 15:24:21 | 000,014,639 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp Music Converter.dat [2011/01/03 01:01:14 | 000,086,446 | ---- | C] () -- C:\WINDOWS\System32\instwdm.ini [2011/01/03 01:01:14 | 000,003,072 | ---- | C] () -- C:\WINDOWS\CTXFIRES.DLL [2010/07/11 10:36:19 | 000,017,408 | ---- | C] () -- C:\Documents and Settings\Thierry 200910\Local Settings\Application Data\WebpageIcons.db [2010/07/09 17:37:19 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2010/05/18 21:08:58 | 000,000,031 | ---- | C] () -- C:\WINDOWS\System32\wsoviedsini.dll [2010/05/18 21:08:41 | 000,000,530 | ---- | C] () -- C:\WINDOWS\System32\tx14_ic.ini [2010/04/17 23:51:53 | 000,000,016 | ---- | C] () -- C:\WINDOWS\popcinfo.dat [2010/03/18 23:18:22 | 000,000,014 | ---- | C] () -- C:\WINDOWS\System32\SystemInfo32.sys [2009/10/26 21:09:22 | 000,000,121 | ---- | C] () -- C:\WINDOWS\bdagent.INI [2009/10/11 00:37:30 | 000,081,984 | ---- | C] () -- C:\WINDOWS\System32\bdod.bin [2009/10/10 22:16:08 | 000,000,024 | ---- | C] () -- C:\Documents and Settings\Thierry 200910\Application Data\AVSMediaPlayer.m3u [2009/10/10 22:07:45 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2009/10/10 22:07:45 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2009/10/10 18:56:30 | 000,350,299 | ---- | C] () -- C:\WINDOWS\System32\drivers\VdCap03C.sys [2009/10/10 18:56:29 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\VfwExtC.dll [2009/10/10 18:56:29 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\VfwECamC.dll [2009/10/10 18:56:29 | 000,015,190 | ---- | C] () -- C:\WINDOWS\VdTwn03C.ini [2009/10/10 18:56:29 | 000,003,021 | ---- | C] () -- C:\WINDOWS\System32\drivers\CamH3111.bin [2009/10/10 18:56:29 | 000,003,021 | ---- | C] () -- C:\WINDOWS\System32\drivers\CamH2111.bin [2009/10/10 18:56:29 | 000,003,021 | ---- | C] () -- C:\WINDOWS\System32\drivers\CamH0121.bin [2009/10/10 18:56:29 | 000,003,021 | ---- | C] () -- C:\WINDOWS\System32\drivers\CamH0111.bin [2009/10/10 18:56:29 | 000,003,021 | ---- | C] () -- C:\WINDOWS\System32\drivers\CamF3111.bin [2009/10/10 18:56:29 | 000,003,021 | ---- | C] () -- C:\WINDOWS\System32\drivers\CamF2111.bin [2009/10/10 18:56:29 | 000,003,021 | ---- | C] () -- C:\WINDOWS\System32\drivers\CamF0121.bin [2009/10/10 18:56:29 | 000,003,021 | ---- | C] () -- C:\WINDOWS\System32\drivers\CamF0111.bin [2009/10/10 15:27:23 | 000,651,264 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll [2009/10/10 15:27:23 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll [2009/10/10 15:27:23 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\AegisI5.exe [2009/10/10 15:27:16 | 000,595,968 | ---- | C] () -- C:\WINDOWS\System32\WatchPower.exe [2009/10/10 15:27:16 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\PowerOff.exe [2008/04/23 18:34:48 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\txmlutil.dll [2007/10/10 13:02:38 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\grcauth2.dll [2007/10/10 13:02:38 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\grcauth1.dll [2007/10/10 13:02:38 | 000,000,100 | ---- | C] () -- C:\WINDOWS\System32\prsgrc.dll [2007/10/10 12:58:19 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll [2007/10/10 12:58:19 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll [2007/10/10 12:38:50 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2007/10/10 00:53:12 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2007/10/10 00:53:10 | 000,107,008 | ---- | C] () -- C:\Documents and Settings\Thierry 200910\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007/10/09 22:12:03 | 001,247,400 | ---- | C] () -- C:\WINDOWS\System32\CTAA1.DAT [2007/10/09 22:11:48 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI [2007/10/09 22:11:47 | 001,048,576 | ---- | C] () -- C:\WINDOWS\System32\SFMAN.DAT [2007/10/09 22:10:52 | 000,000,191 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini [2007/10/09 22:10:18 | 000,000,184 | ---- | C] () -- C:\WINDOWS\System32\e000001.dat [2007/10/09 22:08:47 | 000,000,136 | ---- | C] () -- C:\WINDOWS\SBWIN.INI [2007/10/09 22:01:23 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\Gif89.dll [2007/10/09 21:52:46 | 000,001,428 | R--- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin [2007/10/09 21:52:24 | 000,000,804 | R--- | C] () -- C:\WINDOWS\System32\AsusSetup.ini [2007/10/09 21:52:24 | 000,000,396 | R--- | C] () -- C:\WINDOWS\System32\raidmgmt.ini [2007/10/09 21:52:11 | 000,033,860 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2007/10/09 21:52:11 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys [2007/10/09 21:51:57 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2007/10/09 21:44:23 | 000,000,558 | ---- | C] () -- C:\WINDOWS\DFC.INI [2007/10/09 21:42:32 | 001,626,112 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe [2007/10/09 21:42:30 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2007/10/09 21:42:30 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe [2007/10/09 21:42:30 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2007/10/09 21:42:30 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2007/10/09 21:42:30 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe [2007/10/09 21:42:30 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe [2007/10/09 21:42:29 | 001,482,752 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2007/10/09 21:42:29 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2007/10/09 21:39:11 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2007/10/09 21:36:36 | 000,207,304 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2007/10/09 21:14:23 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2007/10/09 21:10:18 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2007/08/16 05:23:28 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\gpyapi.dll [2007/01/31 14:50:32 | 000,913,408 | ---- | C] () -- C:\WINDOWS\System32\xreglib.dll [2006/09/13 12:06:10 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\gtapi.dll [2006/08/11 15:57:18 | 000,037,888 | ---- | C] () -- C:\WINDOWS\System32\CTBURST.DLL [2006/08/11 15:56:04 | 000,034,304 | ---- | C] () -- C:\WINDOWS\PSCONV.EXE [2006/08/11 15:49:24 | 000,323,640 | ---- | C] () -- C:\WINDOWS\System32\ctdlang.dat [2006/08/11 15:49:24 | 000,044,567 | ---- | C] () -- C:\WINDOWS\System32\ctdnlstr.dat [2006/08/11 15:45:18 | 000,033,792 | ---- | C] () -- C:\WINDOWS\System32\REGPLIB.EXE [2006/08/11 15:45:08 | 000,140,643 | ---- | C] () -- C:\WINDOWS\System32\ctbas2w.dat [2006/08/11 15:43:26 | 000,265,042 | ---- | C] () -- C:\WINDOWS\System32\ctsbas2w.dat [2006/08/11 15:43:20 | 000,113,221 | ---- | C] () -- C:\WINDOWS\System32\CTBASICW.DAT [2006/08/11 15:43:18 | 000,231,281 | ---- | C] () -- C:\WINDOWS\System32\CTSBASW.DAT [2006/08/11 15:43:04 | 000,313,207 | ---- | C] () -- C:\WINDOWS\System32\ctstatic.dat [2006/08/11 15:43:04 | 000,053,932 | ---- | C] () -- C:\WINDOWS\System32\ctdaught.dat [2006/08/11 15:43:02 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\ENLOCSTR.EXE [2006/05/23 13:40:34 | 000,000,269 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI [2005/06/16 19:17:16 | 000,071,680 | ---- | C] () -- C:\WINDOWS\System32\CTMMACTL.DLL [2004/08/04 00:07:22 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2004/08/02 13:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2004/03/10 14:42:20 | 000,013,600 | ---- | C] () -- C:\WINDOWS\System32\sasperf.dll [2003/03/09 05:31:04 | 000,561,152 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll [2001/08/23 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2001/08/23 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2001/08/23 13:00:00 | 000,443,062 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2001/08/23 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2001/08/23 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2001/08/23 13:00:00 | 000,071,592 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2001/08/23 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2001/08/23 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2001/08/23 13:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2001/08/23 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [1999/01/22 19:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL [color=#E56717]========== LOP Check ==========[/color] [2011/09/25 14:29:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\BitDefender [2011/10/04 23:14:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software [2007/10/09 22:58:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BitDefender [2011/04/10 18:20:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ [2011/04/10 18:21:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJMSetup [2011/04/22 15:07:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan [2010/03/18 23:17:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DVD X Studios [2010/08/17 21:40:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Jlcm [2010/08/17 21:40:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PPLive [2010/08/17 21:30:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PPLiveVA [2007/10/10 13:01:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SafeNet Sentinel [2011/07/03 16:39:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung [2007/10/09 23:09:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip [2010/12/23 20:28:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2007/10/09 23:27:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{56759C22-EA1E-4BE5-A903-72F67D450F43} [2007/10/09 22:56:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Thierry 200910\Application Data\BitDefender [2011/04/22 15:07:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Thierry 200910\Application Data\Canon [2011/03/05 14:51:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Thierry 200910\Application Data\dBpoweramp [2010/11/28 13:02:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Thierry 200910\Application Data\GrabPro [2011/06/02 23:05:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Thierry 200910\Application Data\Ildi [2009/10/10 15:52:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Thierry 200910\Application Data\InterTrust [2010/08/05 20:01:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Thierry 200910\Application Data\Leadertech [2011/02/20 11:53:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Thierry 200910\Application Data\MaxTV Technologies [2010/04/11 20:36:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Thierry 200910\Application Data\MSNInstaller [2010/11/28 13:06:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Thierry 200910\Application Data\Orbit [2010/08/17 21:40:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Thierry 200910\Application Data\PPLive [2010/11/28 13:03:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Thierry 200910\Application Data\ProgSense [2011/09/20 22:46:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Thierry 200910\Application Data\QuickScan [2011/07/03 16:36:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Thierry 200910\Application Data\Samsung [2007/10/10 13:11:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Thierry 200910\Application Data\SPSSInc [2009/10/20 20:36:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Thierry 200910\Application Data\StreamTorrent [2011/09/09 00:31:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Thierry 200910\Application Data\uTorrent [2011/09/18 12:48:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Thierry 200910\Application Data\VoipDiscount [2010/10/17 10:25:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Thierry 200910\Application Data\vShare [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color] [color=#A23BEC]< C:\WINDOWS\assembly\GAC_MSIL\*.* /s >[/color] [2011/06/12 00:22:52 | 000,010,752 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll [2011/06/12 00:22:40 | 000,507,904 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll [2011/06/12 00:22:46 | 000,013,312 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll [2011/06/12 00:22:47 | 000,008,192 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll [2011/06/12 00:22:48 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll [2011/06/12 00:22:49 | 000,006,656 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll [2010/08/07 12:00:58 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Conversion.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v3.5.dll [2011/06/12 00:22:57 | 000,348,160 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll [2010/08/07 12:00:59 | 000,733,184 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll [2011/06/12 00:22:58 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll [2010/08/07 12:00:59 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll [2010/08/07 12:00:59 | 000,802,816 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.dll [2011/06/12 00:22:59 | 000,655,360 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll [2010/08/07 12:01:00 | 000,094,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.dll [2011/06/12 00:23:00 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll [2011/06/12 00:22:53 | 000,749,568 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll [2010/08/07 11:59:27 | 000,397,312 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll [2011/06/12 00:22:52 | 000,110,592 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll [2011/06/12 00:22:51 | 000,372,736 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll [2011/06/12 00:22:54 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll [2011/06/12 00:22:50 | 000,659,456 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll [2010/08/07 12:00:58 | 000,041,984 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\1.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll [2011/06/12 00:23:12 | 000,005,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll [2011/06/12 00:22:54 | 000,012,800 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll [2011/06/12 00:22:49 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll [2011/06/12 00:22:48 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll [2010/08/07 11:59:42 | 000,598,016 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll [2010/08/07 11:59:35 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll [2010/08/07 11:59:43 | 000,046,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe [2010/08/07 11:59:45 | 000,196,608 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll [2010/08/07 11:59:45 | 000,139,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll [2010/08/07 11:59:45 | 000,397,312 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll [2010/08/07 11:59:45 | 000,163,840 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll [2010/08/14 14:51:21 | 005,279,744 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll [2010/08/07 11:59:46 | 000,864,256 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll [2010/08/07 11:59:37 | 000,528,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll [2010/08/07 12:01:00 | 000,005,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Sentinel.v3.5Client\3.5.0.0__b03f5f7f11d50a3a\Sentinel.v3.5Client.dll [2010/08/14 14:39:52 | 000,110,592 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll [2011/06/12 00:23:13 | 000,110,592 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll [2010/08/07 12:01:01 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll [2010/08/07 12:01:02 | 000,163,840 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll [2010/08/07 12:01:07 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll [2011/06/12 00:23:13 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll [2011/06/12 00:23:15 | 000,425,984 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll [2010/08/07 12:01:03 | 000,667,648 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll [2010/08/07 12:01:03 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Data.DataSetExtensions\3.5.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll [2010/08/07 12:01:03 | 000,229,376 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Data.Entity.Design\3.5.0.0__b77a5c561934e089\System.Data.Entity.Design.dll [2010/08/07 12:01:04 | 002,879,488 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Data.Entity\3.5.0.0__b77a5c561934e089\System.Data.Entity.dll [2010/08/07 12:00:56 | 000,684,032 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Data.Linq\3.5.0.0__b77a5c561934e089\System.Data.Linq.dll [2011/06/12 00:04:30 | 000,294,912 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll [2010/08/07 12:00:55 | 000,114,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Data.Services.Design\3.5.0.0__b77a5c561934e089\System.Data.Services.Design.dll [2011/06/12 00:04:30 | 000,442,368 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll [2011/06/12 00:23:16 | 000,745,472 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll [2011/06/12 00:23:17 | 000,970,752 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll [2011/06/12 00:22:43 | 005,062,656 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll [2010/08/07 12:00:56 | 000,286,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\3.5.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll [2011/06/12 00:22:46 | 000,188,416 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll [2011/06/12 00:22:53 | 000,401,408 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll [2011/06/12 00:22:42 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll [2011/06/12 00:22:58 | 000,626,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll [2010/08/07 11:59:47 | 000,126,976 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll [2010/08/14 14:39:52 | 000,438,272 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll [2010/08/07 11:59:29 | 000,131,072 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll [2010/08/07 12:01:06 | 000,143,360 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Management.Instrumentation\3.5.0.0__b77a5c561934e089\System.Management.Instrumentation.dll [2011/06/12 00:23:00 | 000,372,736 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll [2011/06/12 00:22:59 | 000,258,048 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll [2010/08/07 12:01:08 | 000,233,472 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Net\3.5.0.0__b03f5f7f11d50a3a\System.Net.dll [2011/06/12 00:22:57 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll [2011/06/12 00:22:56 | 000,131,072 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll [2010/08/14 14:39:52 | 000,970,752 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll [2011/06/12 00:22:55 | 000,258,048 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll [2010/08/07 11:59:32 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll [2010/08/14 14:39:55 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll [2010/08/07 12:00:55 | 000,569,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll [2010/08/14 14:39:53 | 005,967,872 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll [2011/06/12 00:22:50 | 000,114,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll [2010/08/07 11:59:43 | 000,688,128 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Speech\3.0.0.0__31bf3856ad364e35\System.Speech.dll [2010/08/07 12:01:08 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Web.Abstractions\3.5.0.0__31bf3856ad364e35\System.Web.Abstractions.dll [2010/08/07 12:01:09 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Web.DynamicData.Design\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll [2011/06/12 00:04:31 | 000,229,376 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Web.DynamicData\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.dll [2010/08/07 12:01:06 | 000,131,072 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Web.Entity.Design\3.5.0.0__b77a5c561934e089\System.Web.Entity.Design.dll [2011/06/12 00:04:30 | 000,139,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll [2010/08/07 12:01:09 | 000,335,872 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Web.Extensions.Design\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll [2011/06/12 00:12:52 | 001,277,952 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll [2011/06/12 00:22:44 | 000,835,584 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll [2011/06/12 00:22:45 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll [2010/08/07 12:01:10 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Web.Routing\3.5.0.0__31bf3856ad364e35\System.Web.Routing.dll [2011/06/12 00:22:45 | 000,839,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll [2011/06/12 00:22:41 | 005,025,792 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll [2010/08/07 12:01:06 | 000,012,288 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Presentation\3.5.0.0__b77a5c561934e089\System.Windows.Presentation.dll [2010/08/07 11:59:40 | 001,138,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll [2010/08/07 11:59:40 | 001,630,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll [2010/08/07 11:59:40 | 000,540,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll [2010/08/07 12:00:55 | 000,507,904 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll [2010/08/07 12:01:07 | 000,139,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll [2011/06/12 00:23:18 | 002,048,000 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll [2011/06/12 00:23:17 | 003,182,592 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll [2010/08/07 11:59:43 | 000,167,936 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll [2010/08/07 11:59:44 | 000,385,024 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll [2010/08/07 11:59:38 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll [2010/08/07 11:59:39 | 000,098,304 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll [2010/08/14 14:51:23 | 001,249,280 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll [2010/08/07 11:59:44 | 000,094,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#A23BEC]< hklm\software\clients\startmenuinternet|command /rs >[/color] HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/04/14 17:41:11 | 000,711,672 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/04/14 17:41:11 | 000,711,672 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/04/14 17:41:11 | 000,711,672 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: firefox.exe HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/04/14 17:41:09 | 000,924,632 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: firefox.exe HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Documents and Settings\Thierry 200910\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --show-icons [2011/09/20 04:07:40 | 001,030,200 | ---- | M] () HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Documents and Settings\Thierry 200910\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --hide-icons [2011/09/20 04:07:40 | 001,030,200 | ---- | M] () HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Documents and Settings\Thierry 200910\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/09/20 04:07:40 | 001,030,200 | ---- | M] () HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Documents and Settings\Thierry 200910\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2011/09/20 04:07:40 | 001,030,200 | ---- | M] () HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/02/18 12:49:53 | 000,173,568 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/02/18 12:49:53 | 000,173,568 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/02/18 12:49:53 | 000,173,568 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] () HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2009/03/08 14:09:26 | 000,638,816 | ---- | M] () HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2011/07/05 20:04:50 | 002,388,848 | ---- | M] (Apple Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2011/07/05 20:04:50 | 002,388,848 | ---- | M] (Apple Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2011/07/05 20:04:50 | 002,388,848 | ---- | M] (Apple Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2011/07/05 20:04:50 | 002,388,848 | ---- | M] (Apple Inc.) [color=#A23BEC]< hklm\software\clients\startmenuinternet|command /64 /rs >[/color] HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/04/14 17:41:11 | 000,711,672 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/04/14 17:41:11 | 000,711,672 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/04/14 17:41:11 | 000,711,672 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: firefox.exe HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/04/14 17:41:09 | 000,924,632 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: firefox.exe HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Documents and Settings\Thierry 200910\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --show-icons [2011/09/20 04:07:40 | 001,030,200 | ---- | M] () HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Documents and Settings\Thierry 200910\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --hide-icons [2011/09/20 04:07:40 | 001,030,200 | ---- | M] () HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Documents and Settings\Thierry 200910\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/09/20 04:07:40 | 001,030,200 | ---- | M] () HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Documents and Settings\Thierry 200910\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2011/09/20 04:07:40 | 001,030,200 | ---- | M] () HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/02/18 12:49:53 | 000,173,568 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/02/18 12:49:53 | 000,173,568 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/02/18 12:49:53 | 000,173,568 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] () HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2009/03/08 14:09:26 | 000,638,816 | ---- | M] () HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2011/07/05 20:04:50 | 002,388,848 | ---- | M] (Apple Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2011/07/05 20:04:50 | 002,388,848 | ---- | M] (Apple Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2011/07/05 20:04:50 | 002,388,848 | ---- | M] (Apple Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2011/07/05 20:04:50 | 002,388,848 | ---- | M] (Apple Inc.) [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 119 bytes -> C:\Documents and Settings\Thierry 200910\75:Color < End of report >