Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Netlnstaller.exe


  • This topic is locked This topic is locked
19 replies to this topic

#1 neil

neil

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:11:15 PM

Posted 19 June 2007 - 04:30 AM

hi and thnx in advance for any halp!!

I.E just keeps opening new windows and pop-ups just can find the trojan.

k, ran through the pre giude, had a few probs!
Ad-Aware where has been freezing on me.
S.SandD works as always.
housecall Anti Virus, coulded get to work same with Panda Anti Virus,
Bit Defender worked and found the above and removed "i had hoped"
ran stinger and it didt find anything!

Logfile of HijackThis v1.99.1
Scan saved at 11:28:29, on 19/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Apps\Softex\OmniPass\Omniserv.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Apps\Softex\OmniPass\OPXPApp.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Apps\Softex\OmniPass\scureapp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\ehome\ehtray.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\apps\ABoard\ABoard.exe
C:\Program Files\The Cleaner\tca.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\The Cleaner\tcm.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Logitech\Video\LowLight.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Logitech\Video\AlbumDB2.exe
C:\PROGRA~1\Logitech\Video\FxSvr2.exe
C:\Program Files\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo! UK & Ireland
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [OmniPass] C:\Apps\Softex\OmniPass\scureapp.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [tcactive] C:\Program Files\The Cleaner\tca.exe
O4 - HKLM\..\Run: [tcmonitor] C:\Program Files\The Cleaner\tcm.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://eu-housecall.trendmicro-europe.com/...ivex/hcImpl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O18 - Protocol: bw+0 - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {2F1DE927-F218-42D0-8D96-EF15ADC31FB3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: OPXPGina - C:\Apps\Softex\OmniPass\opxpgina.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Apps\Softex\OmniPass\Omniserv.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

BC AdBot (Login to Remove)

 


#2 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:06:15 PM

Posted 24 June 2007 - 04:38 PM

Hello neil and welcome to the BC HijackThis forum. I don't see any signs of viruses or malware in the log. It is clean.

Let's try a different scanner and see if it shows anything. Download WinPFind3u.exe to your Desktop and double-click on it to extract the files. It will create a folder named WinPFind3u on your desktop.

Note: You must be logged on to the system with an account that has Administrator privileges to run this program.
  • Close ALL OTHER PROGRAMS.
  • Open the WinPFind3u folder and double-click on WinPFind3U.exe to start the program.
  • In the Driver Services section click Non-Microsoft.
  • Under Additional Scans click the checkboxes in front of the following items to select them:

    • Reg - Desktop Components
      Reg - Security Settings
      File - Additional Folder Scans
  • Do not change any other settings.
  • Now click the Run Scan button on the toolbar.
  • Let it run unhindered until it finishes.
  • When the scan is complete Notepad will open with the report file loaded in it.
  • Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.
Use the Add Reply button and Copy/Paste the information back here. I will review it when it comes in.

If, after posting, the last line is not < End of Report > then the log is too big to fit into a single post and you will need to split it into multiple posts.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#3 neil

neil
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:11:15 PM

Posted 25 June 2007 - 02:09 AM

thanks OD for the reply,

well dl WinPFind3U and did everthing you told me to do but got an error message saying

windows-Pas De disque

exception processing message c0000013 parameters 75 afbf9c 75 afbf9c 75 afbf9c

i tred to take a screen shoot but it wouldnt take one

still getting popup and iv dele some of the new programs id installed

#4 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:06:15 PM

Posted 25 June 2007 - 03:57 AM

Hi neil. Try running the scan from Safe Mode.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#5 neil

neil
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:11:15 PM

Posted 25 June 2007 - 04:53 AM

WinPFind3 logfile created on: 25/06/2007 11:30:13
WinPFind3U by OldTimer - Version 1.0.39 Folder = D:\Documents and Settings\creese\Bureau\WinPFind3u\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 7.0.5730.11)

1022,48 Mb Total Physical Memory | 775,98 Mb Available Physical Memory | 75,89% Memory free
2,40 Gb Paging File | 2,30 Gb Available in Paging File | 95,98% Paging File free
Paging file location(s): C:\pagefile.sys 0 0;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,99 Gb Total Space | 11,90 Gb Free Space | 39,69% Space Free
Drive D: | 241,65 Gb Total Space | 89,56 Gb Free Space | 37,06% Space Free
E: Drive not present or media not loaded
F: Drive not present or media not loaded

Computer Name: neil
Current User Name: creese
Logged in as Administrator.
Cannot determine boot mode.


[Processes - Non-Microsoft Only]
opxpapp.exe -> %SystemDrive%\APPS\Softex\OmniPass\OPXPApp.exe -> [Ver = | Size = 14848 bytes | Modified Date = 30/01/2006 08:47:50 | Attr = ]
winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> OldTimer Tools [Ver = 1.0.38.0 | Size = 322048 bytes | Modified Date = 23/06/2007 15:15:54 | Attr = ]

[Win32 Services - Non-Microsoft Only]
(Adobe LM Service) Adobe LM Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Adobe Systems Shared\Service\Adobelmsvc.exe -> Adobe Systems [Ver = 2.67.010 | Size = 72704 bytes | Modified Date = 17/04/2007 16:18:36 | Attr = ]
(aswUpdSv) avast! iAVS4 Control Service [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> ALWIL Software [Ver = 4, 7, 997, 0 | Size = 16512 bytes | Modified Date = 30/04/2007 17:29:56 | Attr = ]
(avast! Antivirus) avast! Antivirus [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> ALWIL Software [Ver = 4, 7, 997, 0 | Size = 132736 bytes | Modified Date = 30/04/2007 17:42:40 | Attr = ]
(avast! Mail Scanner) avast! Mail Scanner [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 7, 997, 0 | Size = 243328 bytes | Modified Date = 30/04/2007 18:04:38 | Attr = ]
(avast! Web Scanner) avast! Web Scanner [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 7, 997, 0 | Size = 345728 bytes | Modified Date = 30/04/2007 17:41:28 | Attr = ]
(dmadmin) Service d'administration du Gestionnaire de disque logique [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 225280 bytes | Modified Date = 10/08/2004 14:00:00 | Attr = ]
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 04/04/2005 01:41:10 | Attr = ]
(iPod Service) Service de l'iPod [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Inc. [Ver = 7.2.0.34 | Size = 501312 bytes | Modified Date = 26/05/2007 12:45:46 | Attr = ]
(MSCSPTISRV) MSCSPTISRV [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\AVLib\MSCSPTISRV.exe -> Sony Corporation [Ver = 4.4.00.11241 | Size = 53337 bytes | Modified Date = 24/11/2005 17:03:22 | Attr = ]
(NBService) NBService [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Nero\Nero 7\Nero BackItUp\NBService.exe -> Nero AG [Ver = 2, 6, 6, 0 | Size = 724992 bytes | Modified Date = 09/10/2006 23:11:08 | Attr = ]
(NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Stopped] -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.8466 | Size = 143426 bytes | Modified Date = 28/04/2006 00:47:00 | Attr = ]
(omniserv) Softex OmniPass Service [Win32_Own | Auto | Stopped] -> %SystemDrive%\APPS\Softex\OmniPass\OmniServ.exe -> Softex Inc. [Ver = 1.0.0.1 | Size = 32768 bytes | Modified Date = 30/01/2006 08:47:48 | Attr = ]
(PACSPTISVR) PACSPTISVR [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\AVLib\PACSPTISVR.exe -> Sony Corporation [Ver = 4.4.00.11241 | Size = 53337 bytes | Modified Date = 24/11/2005 16:57:44 | Attr = ]
(Planificateur LiveUpdate automatique) Planificateur LiveUpdate automatique [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Symantec\LiveUpdate\ALUSchedulerSvc.exe -> File not found
(Pml Driver HPZ12) Pml Driver HPZ12 [Win32_Own | On_Demand | Stopped] -> %System32%\HPZipm12.exe -> HP [Ver = 6, 0, 0, 0 | Size = 65795 bytes | Modified Date = 09/03/2003 06:31:02 | Attr = R ]
(SPF4) Sunbelt Personal Firewall 4 [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Sunbelt Software\Personal Firewall\kpf4ss.exe -> Sunbelt Software [Ver = 4.5.916.0 | Size = 1234480 bytes | Modified Date = 26/04/2007 10:21:28 | Attr = ]
(SPTISRV) Sony SPTI Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\AVLib\SPTISRV.exe -> Sony Corporation [Ver = 4.4.00.11241 | Size = 69718 bytes | Modified Date = 24/11/2005 16:47:30 | Attr = ]
(Symantec Core LC) Symantec Core LC [Win32_Own | Auto | Stopped] -> %CommonProgramFiles%\Symantec Shared\CCPD-LC\symlcsvc.exe -> Symantec Corporation [Ver = 1.9.1.762 | Size = 1119888 bytes | Modified Date = 19/07/2006 21:44:50 | Attr = ]
(UleadBurningHelper) Ulead Burning Helper [Win32_Own | Auto | Stopped] -> %CommonProgramFiles%\Ulead Systems\DVD\ULCDRSvr.exe -> Ulead Systems, Inc. [Ver = 1, 0, 0, 4 | Size = 49152 bytes | Modified Date = 31/01/2005 09:45:20 | Attr = ]
(USBDeviceService) USBDeviceService [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe -> [Ver = 1, 0, 0, 1 | Size = 90112 bytes | Modified Date = 20/10/2005 06:15:00 | Attr = ]
(x10nets) X10 Device Network Service [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Common Files\X10\Common\X10nets.exe -> X10 [Ver = 1, 0, 0, 1 | Size = 20480 bytes | Modified Date = 12/11/2001 13:31:48 | Attr = ]

[Driver Services - Non-Microsoft Only]
(3xHybrid) 3xHybrid service [Kernel | On_Demand | Stopped] -> %System32%\drivers\3xHybrid.sys -> Philips Semiconductors GmbH [Ver = 1, 3, 3, 1 | Size = 825600 bytes | Modified Date = 17/04/2006 12:25:00 | Attr = ]
(Aavmker4) avast! Asynchronous Virus Monitor [Kernel | System | Stopped] -> %System32%\drivers\aavmker4.sys -> ALWIL Software [Ver = 4.7.997.0 | Size = 26888 bytes | Modified Date = 30/04/2007 17:37:24 | Attr = ]
(Abiosdsk) Abiosdsk [Kernel | Disabled | Stopped] -> -> File not found
(AFS2K) AFS2K [Kernel | System | Running] -> %System32%\drivers\AFS2K.SYS -> Oak Technology Inc. [Ver = 3.1.14.886 | Size = 82380 bytes | Modified Date = 22/04/2007 02:20:48 | Attr = ]
(AliIde) AliIde [Kernel | Boot | Running] -> %System32%\drivers\aliide.sys -> Acer Laboratories Inc. [Ver = 1.20 | Size = 5248 bytes | Modified Date = 17/08/2001 21:51:56 | Attr = ]
(amdagp) Pilote de filtre du bus AMD AGP [Kernel | Boot | Running] -> %System32%\drivers\AMDAGP.SYS -> Advanced Micro Devices, Inc. [Ver = 5.00 (xpsp_sp2_rtm.040803-2158) | Size = 43008 bytes | Modified Date = 03/08/2004 23:07:44 | Attr = ]
(asc) asc [Kernel | Boot | Running] -> %System32%\drivers\asc.sys -> Advanced System Products, Inc. [Ver = 2.9I-MS (XPClient.010817-1148) | Size = 26496 bytes | Modified Date = 17/08/2001 21:52:00 | Attr = ]
(asc3550) asc3550 [Kernel | Boot | Running] -> %System32%\drivers\asc3550.sys -> Advanced System Products, Inc. [Ver = 3.1E-MS (XPClient.010817-1148) | Size = 14848 bytes | Modified Date = 17/08/2001 21:51:58 | Attr = ]
(Aspi32) Aspi32 [Kernel | Auto | Stopped] -> %System32%\drivers\ASPI32.SYS -> Adaptec [Ver = 4.71 (0002) built by: WinDDK | Size = 16512 bytes | Modified Date = 17/07/2002 03:05:10 | Attr = ]
(aswMon2) avast! Standard Shield Support [File_System | Auto | Stopped] -> %System32%\drivers\aswmon2.sys -> ALWIL Software [Ver = 4.7.997.0 | Size = 94552 bytes | Modified Date = 30/04/2007 17:41:42 | Attr = ]
(aswRdr) aswRdr [Kernel | On_Demand | Stopped] -> %System32%\drivers\aswRdr.sys -> ALWIL Software [Ver = 4.7.997.0 | Size = 23416 bytes | Modified Date = 30/04/2007 17:39:42 | Attr = ]
(aswTdi) avast! Network Shield Support [Kernel | System | Running] -> %System32%\drivers\aswTdi.sys -> ALWIL Software [Ver = 4.7.997.0 | Size = 43176 bytes | Modified Date = 30/04/2007 17:38:52 | Attr = ]
(Atdisk) Atdisk [Kernel | Disabled | Stopped] -> -> File not found
(BANTExt) Belarc SMBios Access [Kernel | System | Stopped] -> %System32%\drivers\BANTExt.sys -> [Ver = | Size = 3840 bytes | Modified Date = 07/04/2005 17:18:34 | Attr = ]
(Changer) Changer [Kernel | System | Stopped] -> -> File not found
(CmdIde) CmdIde [Kernel | Boot | Running] -> %System32%\drivers\cmdide.sys -> CMD Technology, Inc. [Ver = 2.0.7 (XPClient.010817-1148) | Size = 6656 bytes | Modified Date = 23/08/2001 17:04:44 | Attr = ]
(dac2w2k) dac2w2k [Kernel | Boot | Running] -> %System32%\drivers\dac2w2k.sys -> Mylex Corporation [Ver = 6.00-21 (XPClient.010817-1148) | Size = 179584 bytes | Modified Date = 17/08/2001 21:52:16 | Attr = ]
(dmboot) dmboot [Kernel | Disabled | Stopped] -> %System32%\drivers\dmboot.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 800256 bytes | Modified Date = 10/08/2004 14:00:00 | Attr = ]
(dmio) Pilote de Gestionnaire de disque logique [Kernel | Boot | Running] -> %System32%\drivers\dmio.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 154496 bytes | Modified Date = 10/08/2004 14:00:00 | Attr = ]
(dmload) dmload [Kernel | Boot | Running] -> %System32%\drivers\dmload.sys -> Microsoft Corp., Veritas Software. [Ver = 2600.0.503.0 | Size = 5888 bytes | Modified Date = 10/08/2004 14:00:00 | Attr = ]
(dtscsi) dtscsi [Kernel | On_Demand | Stopped] -> %System32%\drivers\dtscsi.sys -> DT Soft Ltd. [Ver = 4.03.0.0 built by: WinDDK | Size = 223128 bytes | Modified Date = 23/11/2006 02:28:42 | Attr = ]
(fwdrv) Firewall Driver [Kernel | System | Running] -> %System32%\drivers\fwdrv.sys -> Sunbelt Software [Ver = 4.3.182.0 | Size = 302000 bytes | Modified Date = 26/04/2007 10:21:30 | Attr = ]
(GEARAspiWDM) GEARAspiWDM [Kernel | On_Demand | Running] -> %System32%\drivers\GEARAspiWDM.sys -> GEAR Software Inc. [Ver = 2.0.6.1 | Size = 15664 bytes | Modified Date = 19/09/2006 16:44:04 | Attr = ]
(HdAudAddService) Microsoft UAA Function Driver for High Definition Audio Service [Kernel | On_Demand | Stopped] -> %System32%\drivers\Hdaudio.sys -> Windows ® Server 2003 DDK provider [Ver = 5.10.01.5013 built by: WinDDK | Size = 145920 bytes | Modified Date = 07/01/2005 17:07:16 | Attr = ]
(HDAudBus) Microsoft UAA Bus Driver for High Definition Audio [Kernel | On_Demand | Running] -> %System32%\drivers\Hdaudbus.sys -> Windows ® Server 2003 DDK provider [Ver = 5.10.01.5013 built by: WinDDK | Size = 138752 bytes | Modified Date = 07/01/2005 17:07:18 | Attr = ]
(HPZid412) IEEE-1284.4 Driver HPZid412 [Kernel | On_Demand | Stopped] -> %System32%\drivers\hpzid412.sys -> HP [Ver = 6, 0, 0, 0 | Size = 51024 bytes | Modified Date = 09/03/2003 06:31:00 | Attr = R ]
(HPZipr12) Print Class Driver for IEEE-1284.4 HPZipr12 [Kernel | On_Demand | Stopped] -> %System32%\drivers\HPZipr12.sys -> HP [Ver = 6, 0, 0, 0 | Size = 16080 bytes | Modified Date = 09/03/2003 06:31:02 | Attr = R ]
(HPZius12) USB to IEEE-1284.4 Translation Driver HPZius12 [Kernel | On_Demand | Stopped] -> %System32%\drivers\HPZius12.sys -> HP [Ver = 6, 0, 0, 0 | Size = 21456 bytes | Modified Date = 09/03/2003 06:31:02 | Attr = R ]
(imagedrv) imagedrv [Kernel | Boot | Running] -> %System32%\drivers\imagedrv.sys -> Ahead Software AG [Ver = 2.29.0.0 built by: WinDDK | Size = 5888 bytes | Modified Date = 15/08/2005 13:08:26 | Attr = ]
(imagesrv) imagesrv [Kernel | Boot | Running] -> %System32%\drivers\imagesrv.sys -> Ahead Software AG [Ver = 2.29.0.0 built by: WinDDK | Size = 127488 bytes | Modified Date = 15/08/2005 13:08:26 | Attr = ]
(IntcAzAudAddService) Service for Realtek HD Audio (WDM) [Kernel | On_Demand | Stopped] -> %System32%\drivers\RtkHDAud.Sys -> Realtek Semiconductor Corp. [Ver = 5.10.00.5200 built by: WinDDK | Size = 4123136 bytes | Modified Date = 09/12/2005 17:48:40 | Attr = ]
(khips) Kerio HIPS Driver [Kernel | System | Stopped] -> %System32%\drivers\khips.sys -> Sunbelt Software [Ver = 4.3.182.0 | Size = 72624 bytes | Modified Date = 26/04/2007 10:21:34 | Attr = ]
(lbrtfdc) lbrtfdc [Kernel | System | Stopped] -> -> File not found
(mcdbus) Driver for MagicISO SCSI Host Controller [Kernel | On_Demand | Running] -> %System32%\drivers\mcdbus.sys -> MagicISO, Inc. [Ver = 1.0.0.32 | Size = 92160 bytes | Modified Date = 22/09/2006 14:06:10 | Attr = ]
(mraid35x) mraid35x [Kernel | Boot | Running] -> %System32%\drivers\mraid35x.sys -> American Megatrends Inc. [Ver = 6.19 (XPClient.010817-1148) | Size = 17280 bytes | Modified Date = 17/08/2001 21:52:12 | Attr = ]
(nv) nv [Kernel | On_Demand | Stopped] -> %System32%\drivers\nv4_mini.sys -> NVIDIA Corporation [Ver = 6.14.10.8466 | Size = 3663040 bytes | Modified Date = 28/04/2006 00:47:00 | Attr = ]
(PCANDIS5) PCANDIS5 Protocol Driver [Kernel | On_Demand | Stopped] -> %System32%\PCANDIS5.SYS -> File not found
(PCIDump) PCIDump [Kernel | System | Stopped] -> -> File not found
(PDCOMP) PDCOMP [Kernel | On_Demand | Stopped] -> -> File not found
(PDFRAME) PDFRAME [Kernel | On_Demand | Stopped] -> -> File not found
(PDRELI) PDRELI [Kernel | On_Demand | Stopped] -> -> File not found
(PDRFRAME) PDRFRAME [Kernel | On_Demand | Stopped] -> -> File not found
(PhilCam8116) Logitech QuickCam Pro 3000(PID_08B0) [Kernel | On_Demand | Stopped] -> %System32%\drivers\CamDrL21.sys -> Logitech Inc. [Ver = 8.0.3.1110 | Size = 313216 bytes | Modified Date = 27/06/2003 05:08:38 | Attr = ]
(PLUsbbc2) High-Speed USB Bridge Cable Driver [Kernel | On_Demand | Stopped] -> %System32%\drivers\usbbc2.sys -> Prolific Technology Inc. [Ver = 2.0.0.20 | Size = 8960 bytes | Modified Date = 07/05/2003 15:54:38 | Attr = ]
(Ptilink) Pilote de liaison parallèle directe [Kernel | On_Demand | Running] -> %System32%\drivers\ptilink.sys -> Parallel Technologies, Inc. [Ver = 1.10 (XPClient.010817-1148) | Size = 17792 bytes | Modified Date = 10/08/2004 14:00:00 | Attr = ]
(PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %System32%\drivers\pxhelp20.sys -> Sonic Solutions [Ver = 2.03.32a | Size = 20640 bytes | Modified Date = 25/04/2005 02:03:00 | Attr = ]
(ql1080) ql1080 [Kernel | Boot | Running] -> %System32%\drivers\ql1080.sys -> QLogic Corporation [Ver = 3.04 | Size = 40320 bytes | Modified Date = 17/08/2001 21:52:20 | Attr = ]
(ql12160) ql12160 [Kernel | Boot | Running] -> %System32%\drivers\ql12160.sys -> QLogic Corporation [Ver = 7.13.02 (W64) | Size = 45312 bytes | Modified Date = 17/08/2001 21:52:20 | Attr = ]
(ql1280) ql1280 [Kernel | Boot | Running] -> %System32%\drivers\ql1280.sys -> QLogic Corporation [Ver = 7.13.01 (W2K) | Size = 49024 bytes | Modified Date = 17/08/2001 21:52:18 | Attr = ]
(RTL8023xp) Realtek 10/100/1000 NIC Family all in one NDIS XP Driver [Kernel | On_Demand | Stopped] -> %System32%\drivers\Rtnicxp.sys -> Realtek Semiconductor Corporation [Ver = 5,641,0209,2006 built by: WinDDK | Size = 81408 bytes | Modified Date = 27/02/2006 06:46:20 | Attr = ]
(rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C) [Kernel | On_Demand | Stopped] -> %System32%\drivers\RTL8139.sys -> Realtek Semiconductor Corporation [Ver = 5.398.613.2003 built by: WinDDK | Size = 20992 bytes | Modified Date = 03/08/2004 22:31:34 | Attr = ]
(SCDEmu) SCDEmu [Kernel | System | Stopped] -> %System32%\drivers\scdemu.sys -> PowerISO Computing, Inc. [Ver = 3, 0, 0, 0 | Size = 26844 bytes | Modified Date = 18/03/2006 04:25:00 | Attr = ]
(Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> %System32%\drivers\secdrv.sys -> [Ver = | Size = 27440 bytes | Modified Date = 10/08/2004 14:00:00 | Attr = ]
(SG762_XP) SAGEM 802.11g XG762 1211B Driver [Kernel | On_Demand | Running] -> %System32%\drivers\WlanBZXP.sys -> ZyDAS Technology Corporation [Ver = 6, 3, 0, 0 | Size = 402432 bytes | Modified Date = 22/12/2005 14:45:18 | Attr = ]
(Simbad) Simbad [Kernel | Disabled | Stopped] -> -> File not found
(sisagp) Filtre de bus AGP SIS [Kernel | Boot | Running] -> %System32%\drivers\SISAGP.SYS -> Silicon Integrated Systems Corporation [Ver = 5.12.01.2010 (xpsp_sp2_rtm.040803-2158) | Size = 41088 bytes | Modified Date = 03/08/2004 23:07:44 | Attr = ]
(Sparrow) Sparrow [Kernel | Boot | Running] -> %System32%\drivers\sparrow.sys -> Adaptec, Inc. [Ver = v2.0a (ReleaseBinaries.001205-1804) | Size = 19072 bytes | Modified Date = 17/08/2001 22:07:44 | Attr = ]
(sptd) sptd [Kernel | Boot | Running] -> %System32%\drivers\sptd.sys -> [Ver = | Size = 639224 bytes | Modified Date = 25/11/2006 02:59:50 | Attr = ]
(symc810) symc810 [Kernel | Boot | Running] -> %System32%\drivers\symc810.sys -> Symbios Logic Inc. [Ver = 5.1.2409.1 (ReleaseBinaries.001205-1804) | Size = 16256 bytes | Modified Date = 17/08/2001 22:07:34 | Attr = ]
(symc8xx) symc8xx [Kernel | Boot | Running] -> %System32%\drivers\symc8xx.sys -> LSI Logic [Ver = 5.1.2409.1 (ReleaseBinaries.001205-1804) | Size = 32640 bytes | Modified Date = 17/08/2001 22:07:36 | Attr = ]
(symlcbrd) symlcbrd [Kernel | Auto | Stopped] -> %System32%\drivers\symlcbrd.sys -> Symantec Corporation [Ver = 1.8.54.834 | Size = 10344 bytes | Modified Date = 19/07/2006 21:44:50 | Attr = ]
(sym_hi) sym_hi [Kernel | Boot | Running] -> %System32%\drivers\sym_hi.sys -> LSI Logic [Ver = 5.1.2462.0 (Lab01_N.010309-0027) | Size = 28384 bytes | Modified Date = 17/08/2001 22:07:40 | Attr = ]
(sym_u3) sym_u3 [Kernel | Boot | Running] -> %System32%\drivers\sym_u3.sys -> LSI Logic [Ver = 5.1.2462.0 (Lab01_N.010309-0027) | Size = 30688 bytes | Modified Date = 17/08/2001 22:07:42 | Attr = ]
(ultra) ultra [Kernel | Boot | Running] -> %System32%\drivers\ultra.sys -> Promise Technology, Inc. [Ver = 1.43 (version 0603) | Size = 36736 bytes | Modified Date = 17/08/2001 21:52:22 | Attr = ]
(wanatw) WAN Miniport (ATW) [Kernel | On_Demand | Stopped] -> system32\DRIVERS\wanatw4.sys -> File not found
(WDICA) WDICA [Kernel | On_Demand | Stopped] -> -> File not found
(X10Hid) X10 Hid Device [Kernel | On_Demand | Running] -> %System32%\drivers\x10hid.sys -> X10 Wireless Technology, Inc. [Ver = 3.0.0.198 | Size = 7040 bytes | Modified Date = 28/11/2005 10:45:16 | Attr = ]
(XUIF) X10 USB Wireless Transceiver [Kernel | On_Demand | Running] -> %System32%\drivers\x10ufx2.sys -> X10 Wireless Technology, Inc. [Ver = 3.0.0.187 | Size = 17792 bytes | Modified Date = 19/05/2005 15:52:58 | Attr = ]
(ZDCndis5) ZDCndis5 Protocol Driver [Kernel | On_Demand | Stopped] -> %System32%\ZDCndis5.SYS -> File not found
(ZDPNDIS5) ZDPNDIS5 NDIS Protocol Driver [Kernel | On_Demand | Stopped] -> %System32%\ZDPNDIS5.SYS -> File not found
(ZDPSp50) ZDPSp50 NDIS Protocol Driver [Kernel | On_Demand | Stopped] -> %System32%\drivers\ZDPSp50.sys -> Printing Communications Assoc., Inc. (PCAUSA) [Ver = 5.5.18.02 | Size = 17664 bytes | Modified Date = 18/01/2006 14:09:40 | Attr = ]

[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
ACTIVBOARD -> %SystemDrive%\APPS\ABOARD\ABOARD.EXE -> NEC Computers International [Ver = 1, 2, 0, 0 | Size = 24576 bytes | Modified Date = 02/05/2003 11:31:50 | Attr = ]
Adobe Reader Speed Launcher -> %ProgramFiles%\Adobe\Reader 8.0\Reader\Reader_sl.exe -> Adobe Systems Incorporated [Ver = 8.0.0.0 | Size = 40048 bytes | Modified Date = 11/05/2007 03:06:32 | Attr = ]
avast! -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe -> ALWIL Software [Ver = 4, 7, 997, 0 | Size = 75392 bytes | Modified Date = 30/04/2007 17:42:48 | Attr = ]
DetectorApp -> %ProgramFiles%\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe -> [Ver = 1, 0, 0, 6 | Size = 102400 bytes | Modified Date = 20/10/2005 06:15:00 | Attr = ]
fhqakduk -> %System32%\fhqakduk.exe -> [Ver = | Size = 280064 bytes | Modified Date = 22/06/2007 02:16:42 | Attr = ]
High Definition Audio Property Page Shortcut -> %System32%\HdAShCut.exe -> Windows ® Server 2003 DDK provider [Ver = 5.10.01.5013 built by: WinDDK | Size = 61952 bytes | Modified Date = 07/01/2005 17:07:16 | Attr = ]
iTunesHelper -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Inc. [Ver = 7.2.0.34 | Size = 257088 bytes | Modified Date = 26/05/2007 12:45:54 | Attr = ]
LogitechGalleryRepair -> %ProgramFiles%\Logitech\Video\ISStart.exe -> Logitech Inc. [Ver = 8.0.3.1112 | Size = 188416 bytes | Modified Date = 30/06/2003 20:56:34 | Attr = ]
LogitechVideoRepair -> %ProgramFiles%\Logitech\Video\ISStart.exe -> Logitech Inc. [Ver = 8.0.3.1112 | Size = 188416 bytes | Modified Date = 30/06/2003 20:56:34 | Attr = ]
LogitechVideoTray -> %ProgramFiles%\Logitech\Video\LogiTray.exe -> Logitech Inc. [Ver = 8.0.3.1112 | Size = 65536 bytes | Modified Date = 30/06/2003 21:00:24 | Attr = ]
NvCplDaemon -> %System32%\nvcpl.dll [RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup] -> NVIDIA Corporation [Ver = 6.14.10.8466 | Size = 7573504 bytes | Modified Date = 28/04/2006 00:47:00 | Attr = ]
NvMediaCenter -> %System32%\nvmctray.dll [RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit] -> NVIDIA Corporation [Ver = 6.14.10.8466 | Size = 86016 bytes | Modified Date = 28/04/2006 00:47:00 | Attr = ]
OmniPass -> %SystemDrive%\APPS\Softex\OmniPass\scureapp.exe -> [Ver = 1, 0, 0, 1 | Size = 1978368 bytes | Modified Date = 30/01/2006 09:56:38 | Attr = ]
QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Inc. [Ver = 7.1.6 | Size = 282624 bytes | Modified Date = 27/04/2007 09:41:54 | Attr = ]
RTHDCPL -> %SystemRoot%\RTHDCPL.exe -> Realtek Semiconductor Corp. [Ver = 2.0.3.2 | Size = 15691264 bytes | Modified Date = 09/12/2005 16:49:42 | Attr = ]
tcactive -> %ProgramFiles%\The Cleaner\tca.exe -> MooSoft Development [Ver = 3.1.0.3073 | Size = 631808 bytes | Modified Date = 09/04/2004 10:26:36 | Attr = ]
tcmonitor -> %ProgramFiles%\The Cleaner\tcm.exe -> MooSoft Development [Ver = 2.1.0.2043 | Size = 388096 bytes | Modified Date = 13/03/2004 14:48:52 | Attr = ]
TkBellExe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.3760 | Size = 185896 bytes | Modified Date = 02/03/2007 17:32:18 | Attr = ]
< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ ->
IMAIL -> Installed = 1 ->
MAPI -> Installed = 1 ->
MSFS -> Installed = 1 ->
< Common Startup > -> D:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage ->
%AllUsersStartup%\hp psc 1000 series.lnk -> %ProgramFiles%\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe -> Hewlett-Packard Co. [Ver = 4.2.0.020 | Size = 147456 bytes | Modified Date = 06/04/2003 01:17:18 | Attr = ]
%AllUsersStartup%\hpoddt01.exe.lnk -> %ProgramFiles%\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe -> Hewlett-Packard [Ver = 1, 0, 0, 1 | Size = 28672 bytes | Modified Date = 06/04/2003 01:06:58 | Attr = ]
%AllUsersStartup%\Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk -> %ProgramFiles%\SAGEM WiFi manager\WLANUTL.EXE -> [Ver = 2, 5, 5, 1 | Size = 925696 bytes | Modified Date = 19/01/2006 16:54:34 | Attr = ]
< User Startup > -> D:\Documents and Settings\creese\Menu Démarrer\Programmes\Démarrage ->
%UserStartup%\Adobe Gamma.lnk -> %CommonProgramFiles%\Adobe\Calibration\Adobe Gamma Loader.exe -> Adobe Systems, Inc. [Ver = 1, 0, 0, 1 | Size = 113664 bytes | Modified Date = 16/03/2005 19:16:50 | Attr = ]
%UserStartup%\MagicDisc.lnk -> %ProgramFiles%\MagicDisc\MagicDisc.exe -> [Ver = | Size = 534016 bytes | Modified Date = 26/09/2006 09:59:14 | Attr = ]
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon\Notify settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
OPXPGina -> %SystemDrive%\APPS\Softex\OmniPass\OPXPGina.dll -> [Ver = | Size = 49152 bytes | Modified Date = 30/01/2006 08:53:44 | Attr = ]
< CurrentVersion Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\InstallVisualStyle -> C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\InstallTheme -> C:\WINDOWS\Resources\Themes\Royale.theme ->
< CurrentVersion Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> •
< HOSTS File > (31 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
127.0.0.1 localhost -> ->
< Internet Explorer Settings > -> ->
HKLM: Default_Page_URL -> http://uk.yahoo.com ->
HKLM: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKLM: Local Page -> %SystemRoot%\system32\blank.htm ->
HKLM: Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKLM: Start Page -> http://uk.yahoo.com ->
HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKLM: SearchAssistant -> http://www.google.com/ie ->
HKCU: Local Page -> C:\WINDOWS\system32\blank.htm ->
HKCU: Search Bar -> http://www.google.com/ie ->
HKCU: Search Page -> http://www.google.com ->
HKCU: Start Page -> http://www.demonoid.com/ ->
HKCU: URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn0\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2006, 9, 29, 1 | Size = 440384 bytes | Modified Date = 29/09/2006 13:53:18 | Attr = ]
HKCU: ProxyEnable -> 0 ->
HKCU: ProxyOverride -> <local> ->
< Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
msn.com [ - ] -> ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 8.0.0.2006102200 | Size = 62080 bytes | Modified Date = 22/10/2006 23:08:42 | Attr = ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_11\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 440056 bytes | Modified Date = 15/12/2006 04:23:24 | Attr = ]
{7E853D72-626A-48EC-A868-BA8D5E23E045} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> %ProgramFiles%\Google\googletoolbar2.dll [Google Toolbar Helper] -> Google Inc. [Ver = 4, 0, 1020, 6156 | Size = 2133056 bytes | Modified Date = 17/11/2006 16:43:34 | Attr = R ]
< Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
{2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar2.dll [&Google] -> Google Inc. [Ver = 4, 0, 1020, 6156 | Size = 2133056 bytes | Modified Date = 17/11/2006 16:43:34 | Attr = R ]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn0\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2006, 9, 29, 1 | Size = 440384 bytes | Modified Date = 29/09/2006 13:53:18 | Attr = ]
< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
ShellBrowser\\{C4069E3A-68F1-403E-B40E-20066696354B} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar2.dll [&Google] -> Google Inc. [Ver = 4, 0, 1020, 6156 | Size = 2133056 bytes | Modified Date = 17/11/2006 16:43:34 | Attr = R ]
WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn0\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2006, 9, 29, 1 | Size = 440384 bytes | Modified Date = 29/09/2006 13:53:18 | Attr = ]
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_11\bin\npjpi150_11.dll [MenuText: Console Java (Sun)] -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 75528 bytes | Modified Date = 15/12/2006 04:23:26 | Attr = ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKCU] -> %ProgramFiles%\Java\jre1.5.0_11\bin\ssv.dll [MenuText: Console Java (Sun)] -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 440056 bytes | Modified Date = 15/12/2006 04:23:24 | Attr = ]
{2670000A-7350-4f3c-8081-5663EE0C6C49} -> Reg Data - Value does not exist [ButtonText: Send to OneNote] -> File not found
{85d1f590-48f4-11d9-9669-0800200c9a66} [HKLM] -> Reg Data - Key not found [MenuText: Uninstall BitDefender Online Scanner v8] -> File not found
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> Reg Data - Value does not exist [ButtonText: Research] -> File not found
{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -> Reg Data - Value does not exist [ButtonText: Real.com] -> File not found
{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> Reg Data - Key not found [MenuText: @xpsp3res.dll,-20001] -> File not found
{F4430FE8-2638-42e5-B849-800749B94EED} -> %ProgramFiles%\PartyGaming.Net\PartyPokerNet\RunPF.exe [ButtonText: PartyPoker.net] -> File not found
< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
&Windows Live Search -> %ProgramFiles%\Windows Live Toolbar\msntb.dll\search.htm -> File not found
E&xport to Microsoft Excel -> -> File not found
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{30190A9B-4FA1-4E89-AB4C-B1DC80FB2D7D} -> (Carte réseau 1394) ->
{559DE7D7-B76B-448F-9B3B-4F37AF21FFD7} -> (Realtek RTL8139/810x Family Fast Ethernet NIC) ->
{D35D3FA1-AA7A-4FCE-B06B-C9F48709D5EC} -> (SAGEM Wi-Fi 11g USB adapter) ->
{E2BC7829-F509-4E5A-8E73-46F5D037BD49} -> () ->
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
belarc -> %ProgramFiles%\Belarc\Advisor\System\BAVoilaX.dll -> Belarc, Inc. [Ver = 7.2h | Size = 33280 bytes | Modified Date = 16/01/2007 19:30:02 | Attr = ]
bw+0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw+0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw-0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw00 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw00s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw-0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw10 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw10s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw20 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw20s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw30 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw30s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw40 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw40s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw50 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw50s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw60 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw60s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw70 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw70s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw80 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw80s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw90 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw90s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwa0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwa0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwb0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwb0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwc0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwc0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwd0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwd0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwe0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwe0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwf0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwf0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwfile-8876480 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwg0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwg0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwh0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwh0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwi0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwi0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwj0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwj0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwk0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwk0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwl0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwl0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwm0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwm0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwn0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwn0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwo0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwo0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwp0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwp0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwq0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwq0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwr0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwr0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bws0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bws0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwt0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwt0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwu0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwu0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwv0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwv0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bww0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bww0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwx0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwx0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwy0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwy0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwz0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwz0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
ipp -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found
offline-8876480 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} -> CKAVWebScan Object - CodeBase = http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab ->
{166B1BCA-3F9C-11CF-8075-444553540000} -> Shockwave ActiveX Control - CodeBase = http://fpdownload.macromedia.com/get/shock...director/sw.cab ->
{215B8138-A3CF-44C5-803F-8226143CFC0A} -> Trend Micro ActiveX Scan Agent 6.6 - CodeBase = http://eu-housecall.trendmicro-europe.com/...ivex/hcImpl.cab ->
{5C051655-FCD5-4969-9182-770EA5AA5565} -> Solitaire Showdown Class - CodeBase = http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab ->
{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> BDSCANONLINE Control - CodeBase = http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.5.0_11 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->
{9A9307A0-7DA4-4DAF-B042-5009F29E09E1} -> ActiveScan Installer Class - CodeBase = http://acs.pandasoftware.com/activescan/as5free/asinst.cab ->
{A90A5822-F108-45AD-8482-9BC8B12DD539} -> Crucial cpcScan - CodeBase = http://www.crucial.com/controls/cpcScanner.cab ->
{C3F79A2B-B9B4-4A66-B012-3EE46475B072} -> MessengerStatsClient Class - CodeBase = http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab ->
{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_11 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_11 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} -> - CodeBase = http://fpdownload.macromedia.com/get/flash...ent/swflash.cab ->

[Registry - Additional Scans - Non-Microsoft Only]
< Desktop Components > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\ ->
0 -> [Key] ->
0 -> FriendlyName = ->
0 -> Source = ->
0 -> SubscribedURL = ->
< Security Settings > -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirstRunDisabled -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusDisableNotify -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallDisableNotify -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\UpdatesDisableNotify -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusOverride -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallOverride -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\\DisableMonitoring -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\\DisableMonitoring -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\Type -> 32 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\Start -> 3 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\ErrorControl -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\ImagePath -> %SystemRoot%\system32\svchost.exe -k netsvcs ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\DisplayName -> Service de transfert intelligent en arrière-plan ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\DependOnService -> RpcSs; ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\DependOnGroup -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\ObjectName -> LocalSystem ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\Description -> Transfère des données entre les clients et les serveurs en tâche de fond. Si le service BITS est désactivé, les fonctionnalités telles que Windows Update ne fonctionneront pas correctement. ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\FailureActions ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Parameters\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Parameters\\ServiceDll -> C:\WINDOWS\system32\qmgr.dll ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Security\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Security\\Security -> _
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\\0 -> Root\LEGACY_BITS\0000 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\\Count -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\\NextInstance -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnGroup -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnService -> Netman;WinMgmt; ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Description -> Assure la traduction d'adresses de réseau, l'adressage, les services de résolution de noms et/ou les services de prévention d'intrusion pour un réseau de petite entreprise ou un réseau domestique. ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DisplayName -> Pare-feu Windows / Partage de connexion Internet ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ErrorControl -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ImagePath -> %SystemRoot%\system32\svchost.exe -k netsvcs ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ObjectName -> LocalSystem ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Start -> 2 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Type -> 32 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\\Epoch -> 5387 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\\ServiceDll -> %SystemRoot%\System32\ipnathlp.dll ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\msncall.exe -> C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe -> C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\AOL 9.0\waol.exe -> C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\Network Diagnostic\xpnetdiag.exe -> %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\msnmsgr.exe -> C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\livecall.exe -> C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\EnableFirewall -> 0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\DoNotAllowExceptions -> 0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\DisableNotifications -> 0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\AOL 9.0\aol.exe -> C:\Program Files\AOL 9.0\aol.exe:*:Enabled:AOL ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\system32\sessmgr.exe -> C:\WINDOWS\system32\sessmgr.exe:*:Enabled:@xpsp2res.dll,-22019 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\APPS\Inventime\my.exe -> C:\APPS\Inventime\my.exe:*:Enabled:INVENTIME ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\LimeWire\LimeWire.exe -> C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe -> C:\Program Files\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe:*:Enabled:PANDORA ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\APPS\skype\phone\Skype.exe -> C:\APPS\skype\phone\Skype.exe:*:Enabled:Skype ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\UBISOFT\Splinter Cell Pandora Tomorrow\logo_ubi.exe -> C:\Program Files\UBISOFT\Splinter Cell Pandora Tomorrow\logo_ubi.exe:*:Enabled:SPLINTER CELL PANDORA ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe -> C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\AOL 9.0\waol.exe -> C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\msncall.exe -> C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Messenger\msmsgs.exe -> C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Azureus\Azureus.exe -> C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\Network Diagnostic\xpnetdiag.exe -> %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\msnmsgr.exe -> C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\livecall.exe -> C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE -> C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Microsoft Office\Office12\GROOVE.EXE -> C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE -> C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\iTunes\iTunes.exe -> C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\2869:TCP -> 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\3389:TCP -> 3389:TCP:*:Enabled:@xpsp2res.dll,-22009 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\139:TCP -> 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\445:TCP -> 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\137:UDP -> 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\138:UDP -> 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\1900:UDP -> 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\\ServiceUpgrade -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\All -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\0 -> Root\LEGACY_SHAREDACCESS\0000 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\Count -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\NextInstance -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Type -> 32 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Start -> 2 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ErrorControl -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ImagePath -> %systemroot%\system32\svchost.exe -k netsvcs ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\DisplayName -> Mises à jour automatiques ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ObjectName -> LocalSystem ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Description -> Active le téléchargement et l'installation des mises à jour Windows. Si ce service est désactivé, cet ordinateur ne pourra pas utiliser la fonctionnalité des mises à jour automatiques ou le site Windows Update. ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\\ServiceDll -> C:\WINDOWS\system32\wuauserv.dll ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\\Security -> _
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\0 -> Root\LEGACY_WUAUSERV\0000 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\Count -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\NextInstance -> 1 ->

[Files/Folders - Created Within 30 days]
Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Created Date = 24/06/2007 21:00:08 | Attr = HS]
sqmdata06.sqm -> %SystemDrive%\sqmdata06.sqm -> [Ver = | Size = 268 bytes | Created Date = 14/06/2007 03:42:16 | Attr = H ]
sqmnoopt06.sqm -> %SystemDrive%\sqmnoopt06.sqm -> [Ver = | Size = 244 bytes | Created Date = 14/06/2007 03:42:16 | Attr = H ]
$NtUninstallKB929123$ -> %SystemRoot%\$NtUninstallKB929123$ -> [Folder | Created Date = 13/06/2007 15:32:11 | Attr = H ]
$NtUninstallKB935839$ -> %SystemRoot%\$NtUninstallKB935839$ -> [Folder | Created Date = 13/06/2007 15:29:00 | Attr = H ]
$NtUninstallKB935840$ -> %SystemRoot%\$NtUninstallKB935840$ -> [Folder | Created Date = 13/06/2007 15:32:02 | Attr = H ]
BDOSCAN8 -> %SystemRoot%\BDOSCAN8 -> [Folder | Created Date = 12/06/2007 15:20:03 | Attr = ]
msoffice.ini -> %SystemRoot%\msoffice.ini -> [Ver = | Size = 2 bytes | Created Date = 11/06/2007 06:32:48 | Attr = ]
Vérifier les mises à jour de Windows Live Toolbar.job -> %SystemRoot%\tasks\Vérifier les mises à jour de Windows Live Toolbar.job -> [Ver = | Size = 256 bytes | Created Date = 03/06/2007 02:02:53 | Attr = ]
fhqakduk.dat -> %System32%\fhqakduk.dat -> [Ver = | Size = 6814 bytes | Created Date = 22/06/2007 01:16:50 | Attr = ]
fhqakduk.exe -> %System32%\fhqakduk.exe -> [Ver = | Size = 280064 bytes | Created Date = 22/06/2007 01:16:40 | Attr = ]
fhqakduk_nav.dat -> %System32%\fhqakduk_nav.dat -> [Ver = | Size = 254865 bytes | Created Date = 22/06/2007 01:16:50 | Attr = ]
fhqakduk_navps.dat -> %System32%\fhqakduk_navps.dat -> [Ver = | Size = 1837 bytes | Created Date = 22/06/2007 01:16:50 | Attr = ]
EnterNHelp -> %AllUsersAppData%\EnterNHelp -> [Folder | Created Date = 06/06/2007 08:40:32 | Attr = ]
PKP_DLbz.DAT -> %AllUsersAppData%\PKP_DLbz.DAT -> [Ver = | Size = 0 bytes | Created Date = 06/06/2007 08:40:32 | Attr = ]
Ultima_T15 -> %AllUsersAppData%\Ultima_T15 -> [Folder | Created Date = 06/06/2007 08:40:32 | Attr = ]
Nikon -> %UserAppData%\Nikon -> [Folder | Created Date = 06/06/2007 08:22:40 | Attr = ]
bookmark.htm -> %UserDocuments%\bookmark.htm -> [Ver = | Size = 12288 bytes | Created Date = 04/06/2007 17:26:51 | Attr = ]
Adobe Reader 8.lnk -> %AllUsersDesktop%\Adobe Reader 8.lnk -> [Ver = | Size = 1612 bytes | Created Date = 11/06/2007 22:05:42 | Attr = ]
iTunes.lnk -> %AllUsersDesktop%\iTunes.lnk -> [Ver = | Size = 2055 bytes | Created Date = 30/05/2007 17:18:36 | Attr = ]
Logitech QuickCam.lnk -> %AllUsersDesktop%\Logitech QuickCam.lnk -> [Ver = | Size = 1547 bytes | Created Date = 12/06/2007 08:31:08 | Attr = ]
My Logitech Pictures.lnk -> %AllUsersDesktop%\My Logitech Pictures.lnk -> [Ver = | Size = 1558 bytes | Created Date = 12/06/2007 08:31:08 | Attr = ]
RegistryBooster 2.lnk -> %AllUsersDesktop%\RegistryBooster 2.lnk -> [Ver = | Size = 659 bytes | Created Date = 24/06/2007 19:56:17 | Attr = ]
Dossier d'archivage AOL sauvegardé -> %UserDesktop%\Dossier d'archivage AOL sauvegardé -> [Folder | Created Date = 11/06/2007 06:32:48 | Attr = ]
Logitech Print Service.lnk -> %UserDesktop%\Logitech Print Service.lnk -> [Ver = | Size = 626 bytes | Created Date = 12/06/2007 08:30:17 | Attr = ]
PCSX2 0.9.2 With BIOS and Memcard -> %UserDesktop%\PCSX2 0.9.2 With BIOS and Memcard -> [Folder | Created Date = 29/05/2007 14:40:59 | Attr = ]
stinger.exe -> %UserDesktop%\stinger.exe -> McAfee Inc. [Ver = 3.4.9 | Size = 1893383 bytes | Created Date = 12/06/2007 16:55:53 | Attr = ]
@Alternate Data Stream - 26 bytes -> %UserDesktop%\stinger.exe:Zone.Identifier ->
stinger.opt -> %UserDesktop%\stinger.opt -> [Ver = | Size = 22 bytes | Created Date = 12/06/2007 22:16:14 | Attr = ]
updater.bmp -> %UserDesktop%\updater.bmp -> [Ver = | Size = 3888054 bytes | Created Date = 12/06/2007 09:19:03 | Attr = ]
WinPFind3u -> %UserDesktop%\WinPFind3u -> [Folder | Created Date = 25/06/2007 07:45:39 | Attr = ]
Nikon -> %CommonProgramFiles%\Nikon -> [Folder | Created Date = 06/06/2007 08:22:02 | Attr = ]
ODBC -> %CommonProgramFiles%\ODBC -> [Folder | Created Date = 13/06/2007 15:28:17 | Attr = ]

[Files/Folders - Modified Within 30 days]
Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Modified Date = 25/06/2007 11:22:02 | Attr = HS]
hpfr3420.xml -> %SystemDrive%\hpfr3420.xml -> [Ver = | Size = 519 bytes | Modified Date = 25/06/2007 08:45:16 | Attr = ]
Program Files -> %ProgramFiles% -> [Folder | Modified Date = 24/06/2007 20:38:34 | Attr = R ]
sqmdata06.sqm -> %SystemDrive%\sqmdata06.sqm -> [Ver = | Size = 268 bytes | Modified Date = 14/06/2007 04:42:18 | Attr = H ]
sqmnoopt06.sqm -> %SystemDrive%\sqmnoopt06.sqm -> [Ver = | Size = 244 bytes | Modified Date = 14/06/2007 04:42:18 | Attr = H ]
WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 25/06/2007 03:00:34 | Attr = ]
$hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 13/06/2007 04:24:16 | Attr = H ]
$NtUninstallKB929123$ -> %SystemRoot%\$NtUninstallKB929123$ -> [Folder | Modified Date = 13/06/2007 16:32:14 | Attr = H ]
$NtUninstallKB935839$ -> %SystemRoot%\$NtUninstallKB935839$ -> [Folder | Modified Date = 13/06/2007 16:29:02 | Attr = H ]
$NtUninstallKB935840$ -> %SystemRoot%\$NtUninstallKB935840$ -> [Folder | Modified Date = 13/06/2007 16:32:04 | Attr = H ]
assembly -> %SystemRoot%\assembly -> [Folder | Modified Date = 24/06/2007 20:23:48 | Attr = R S]
BDOSCAN8 -> %SystemRoot%\BDOSCAN8 -> [Folder | Modified Date = 14/06/2007 14:53:54 | Attr = ]
bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 25/06/2007 11:27:34 | Attr = S]
Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 22/06/2007 01:46:00 | Attr = ]
ie7updates -> %SystemRoot%\ie7updates -> [Folder | Modified Date = 14/06/2007 06:54:38 | Attr = ]
imsins.BAK -> %SystemRoot%\imsins.BAK -> [Ver = | Size = 1374 bytes | Modified Date = 13/06/2007 16:32:18 | Attr = ]
inf -> %SystemRoot%\inf -> [Folder | Modified Date = 24/06/2007 20:00:48 | Attr = ]
Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 25/06/2007 03:01:12 | Attr = HS]
Minidump -> %SystemRoot%\Minidump -> [Folder | Modified Date = 11/06/2007 07:31:08 | Attr = ]
msoffice.ini -> %SystemRoot%\msoffice.ini -> [Ver = | Size = 2 bytes | Modified Date = 11/06/2007 07:32:50 | Attr = ]
NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = | Size = 116 bytes | Modified Date = 25/06/2007 11:24:34 | Attr = ]
network diagnostic -> %SystemRoot%\network diagnostic -> [Folder | Modified Date = 05/06/2007 23:51:18 | Attr = ]
PREFETCH -> %SystemRoot%\PREFETCH -> [Folder | Modified Date = 25/06/2007 09:55:56 | Attr = ]
Registration -> %SystemRoot%\Registration -> [Folder | Modified Date = 24/06/2007 19:59:34 | Attr = ]
security -> %SystemRoot%\security -> [Folder | Modified Date = 24/06/2007 21:12:52 | Attr = ]
setupapi.log.0.old -> %SystemRoot%\setupapi.log.0.old -> [Ver = | Size = 1063617 bytes | Modified Date = 12/06/2007 16:20:08 | Attr = ]
system32 -> %System32% -> [Folder | Modified Date = 25/06/2007 08:45:12 | Attr = ]
Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 22/06/2007 02:21:06 | Attr = ]
Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 25/06/2007 11:23:54 | Attr = ]
win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 883 bytes | Modified Date = 11/06/2007 07:33:04 | Attr = ]
_delis32.ini -> %SystemRoot%\_delis32.ini -> [Ver = | Size = 528 bytes | Modified Date = 12/06/2007 09:30:40 | Attr = ]
1-Klick-Wartung.job -> %SystemRoot%\tasks\1-Klick-Wartung.job -> [Ver = | Size = 406 bytes | Modified Date = 23/06/2007 00:11:00 | Attr = ]
AppleSoftwareUpdate.job -> %SystemRoot%\tasks\AppleSoftwareUpdate.job -> [Ver = | Size = 284 bytes | Modified Date = 20/06/2007 17:07:06 | Attr = ]
Extension de garantie.job -> %SystemRoot%\tasks\Extension de garantie.job -> [Ver = | Size = 230 bytes | Modified Date = 25/06/2007 11:00:02 | Attr = ]
FRU Task #Hewlett-Packard#hp psc 1200 series#1177201252.job -> %SystemRoot%\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1177201252.job -> [Ver = | Size = 392 bytes | Modified Date = 22/06/2007 02:21:06 | Attr = ]
Master CD_DVD Creator.job -> %SystemRoot%\tasks\Master CD_DVD Creator.job -> [Ver = | Size = 230 bytes | Modified Date = 25/06/2007 11:00:06 | Attr = ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 25/06/2007 11:25:10 | Attr = H ]
Vérifier les mises à jour de Windows Live Toolbar.job -> %SystemRoot%\tasks\Vérifier les mises à jour de Windows Live Toolbar.job -> [Ver = | Size = 256 bytes | Modified Date = 25/06/2007 10:37:04 | Attr = ]
ActiveScan -> %System32%\ActiveScan -> [Folder | Modified Date = 12/06/2007 11:24:02 | Attr = ]
CatRoot -> %System32%\CatRoot -> [Folder | Modified Date = 12/06/2007 09:31:56 | Attr = ]
CatRoot2 -> %System32%\CatRoot2 -> [Folder | Modified Date = 25/06/2007 11:23:02 | Attr = ]
dllcache -> %System32%\dllcache -> [Folder | Modified Date = 14/06/2007 06:54:50 | Attr = ]
drivers -> %System32%\drivers -> [Folder | Modified Date = 24/06/2007 20:26:12 | Attr = ]
fhqakduk.dat -> %System32%\fhqakduk.dat -> [Ver = | Size = 6814 bytes | Modified Date = 25/06/2007 11:24:26 | Attr = ]
fhqakduk.exe -> %System32%\fhqakduk.exe -> [Ver = | Size = 280064 bytes | Modified Date = 22/06/2007 02:16:42 | Attr = ]
fhqakduk_nav.dat -> %System32%\fhqakduk_nav.dat -> [Ver = | Size = 254865 bytes | Modified Date = 22/06/2007 02:16:42 | Attr = ]
fhqakduk_navps.dat -> %System32%\fhqakduk_navps.dat -> [Ver = | Size = 1837 bytes | Modified Date = 25/06/2007 11:24:34 | Attr = ]
Help.ico -> %System32%\Help.ico -> [Ver = | Size = 1406 bytes | Modified Date = 12/06/2007 11:31:58 | Attr = ]
Lang -> %System32%\Lang -> [Folder | Modified Date = 24/06/2007 21:58:18 | Attr = ]
nvapps.xml -> %System32%\nvapps.xml -> [Ver = | Size = 51048 bytes | Modified Date = 25/06/2007 11:24:06 | Attr = ]
pavas.ico -> %System32%\pavas.ico -> [Ver = | Size = 30590 bytes | Modified Date = 12/06/2007 11:31:58 | Attr = ]
Uninstall.ico -> %System32%\Uninstall.ico -> [Ver = | Size = 2550 bytes | Modified Date = 12/06/2007 11:31:58 | Attr = ]
wpa.dbl -> %System32%\wpa.dbl -> [Ver = | Size = 1158 bytes | Modified Date = 25/06/2007 11:29:14 | Attr = ]
fwdrv.err -> %System32%\drivers\fwdrv.err -> [Ver = | Size = 3658181 bytes | Modified Date = 24/06/2007 18:34:02 | Attr = ]
Adobe -> %AllUsersAppData%\Adobe -> [Folder | Modified Date = 11/06/2007 23:05:38 | Attr = ]
AOL -> %AllUsersAppData%\AOL -> [Folder | Modified Date = 11/06/2007 07:33:02 | Attr = ]
EnterNHelp -> %AllUsersAppData%\EnterNHelp -> [Folder | Modified Date = 06/06/2007 09:40:34 | Attr = ]
Microsoft -> %AllUsersAppData%\Microsoft -> [Folder | Modified Date = 24/06/2007 20:56:18 | Attr = S]
Microsoft Corporation -> %AllUsersAppData%\Microsoft Corporation -> [Folder | Modified Date = 11/06/2007 23:07:26 | Attr = ]
Microsoft Help -> %AllUsersAppData%\Microsoft Help -> [Folder | Modified Date = 13/06/2007 16:32:44 | Attr = ]
PKP_DLbz.DAT -> %AllUsersAppData%\PKP_DLbz.DAT -> [Ver = | Size = 0 bytes | Modified Date = 06/06/2007 09:40:34 | Attr = ]
Ultima_T15 -> %AllUsersAppData%\Ultima_T15 -> [Folder | Modified Date = 06/06/2007 09:40:34 | Attr = ]
Azureus -> %UserAppData%\Azureus -> [Folder | Modified Date = 25/06/2007 11:20:18 | Attr = ]
dvdcss -> %UserAppData%\dvdcss -> [Folder | Modified Date = 22/06/2007 01:38:40 | Attr = ]
Microsoft -> %UserAppData%\Microsoft -> [Folder | Modified Date = 12/06/2007 10:37:40 | Attr = S]
Nikon -> %UserAppData%\Nikon -> [Folder | Modified Date = 06/06/2007 09:22:42 | Attr = ]
SUPERAntiSpyware.com -> %UserAppData%\SUPERAntiSpyware.com -> [Folder | Modified Date = 24/06/2007 22:00:14 | Attr = ]
Uniblue -> %UserAppData%\Uniblue -> [Folder | Modified Date = 24/06/2007 20:56:28 | Attr = ]
ApplicationHistory -> %LocalAppData%\ApplicationHistory -> [Folder | Modified Date = 24/06/2007 20:49:34 | Attr = ]
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %LocalAppData%\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [Ver = | Size = 76288 bytes | Modified Date = 25/06/2007 09:39:38 | Attr = ]
Téléchargements AOL -> %AllUsersDocuments%\Téléchargements AOL -> [Folder | Modified Date = 11/06/2007 07:32:50 | Attr = ]
bookmark.htm -> %UserDocuments%\bookmark.htm -> [Ver = | Size = 12288 bytes | Modified Date = 04/06/2007 18:26:52 | Attr = ]
elodie -> %UserDocuments%\elodie -> [Folder | Modified Date = 11/06/2007 07:02:08 | Attr = ]
Mes images -> %UserDocuments%\Mes images -> [Folder | Modified Date = 06/06/2007 09:43:58 | Attr = R ]
Mes vidéos -> %UserDocuments%\Mes vidéos -> [Folder | Modified Date = 24/06/2007 21:04:32 | Attr = R ]
My Sharing Folders.lnk -> %UserDocuments%\My Sharing Folders.lnk -> [Ver = | Size = 585 bytes | Modified Date = 25/06/2007 11:06:12 | Attr = ]
My Skype Pictures -> %UserDocuments%\My Skype Pictures -> [Folder | Modified Date = 12/06/2007 08:49:38 | Attr = ]
Neil CREESE -> %UserDocuments%\Neil CREESE -> [Folder | Modified Date = 23/06/2007 00:15:22 | Attr = ]
Updater5 -> %UserDocuments%\Updater5 -> [Folder | Modified Date = 11/06/2007 12:32:14 | Attr = ]
Adobe Reader 8.lnk -> %AllUsersDesktop%\Adobe Reader 8.lnk -> [Ver = | Size = 1612 bytes | Modified Date = 11/06/2007 23:05:44 | Attr = ]
iTunes.lnk -> %AllUsersDesktop%\iTunes.lnk -> [Ver = | Size = 2055 bytes | Modified Date = 22/06/2007 12:15:12 | Attr = ]
Logitech QuickCam.lnk -> %AllUsersDesktop%\Logitech QuickCam.lnk -> [Ver = | Size = 1547 bytes | Modified Date = 12/06/2007 09:31:10 | Attr = ]
My Logitech Pictures.lnk -> %AllUsersDesktop%\My Logitech Pictures.lnk -> [Ver = | Size = 1558 bytes | Modified Date = 12/06/2007 09:31:10 | Attr = ]
RegistryBooster 2.lnk -> %AllUsersDesktop%\RegistryBooster 2.lnk -> [Ver = | Size = 659 bytes | Modified Date = 24/06/2007 20:56:18 | Attr = ]
Dossier d'archivage AOL sauvegardé -> %UserDesktop%\Dossier d'archivage AOL sauvegardé -> [Folder | Modified Date = 11/06/2007 07:32:50 | Attr = ]
Logitech Print Service.lnk -> %UserDesktop%\Logitech Print Service.lnk -> [Ver = | Size = 626 bytes | Modified Date = 12/06/2007 09:30:18 | Attr = ]
PCSX2 0.9.2 With BIOS and Memcard -> %UserDesktop%\PCSX2 0.9.2 With BIOS and Memcard -> [Folder | Modified Date = 29/05/2007 15:41:12 | Attr = ]
Raccourcis Bureau non utilisés -> %UserDesktop%\Raccourcis Bureau non utilisés -> [Folder | Modified Date = 24/06/2007 21:22:54 | Attr = ]
bleep -> %UserDesktop%\bleep -> [Folder | Modified Date = 11/06/2007 21:54:16 | Attr = ]
stinger.exe -> %UserDesktop%\stinger.exe -> McAfee Inc. [Ver = 3.4.9 | Size = 1893383 bytes | Modified Date = 12/06/2007 17:56:12 | Attr = ]
@Alternate Data Stream - 26 bytes -> %UserDesktop%\stinger.exe:Zone.Identifier ->
stinger.opt -> %UserDesktop%\stinger.opt -> [Ver = | Size = 22 bytes | Modified Date = 12/06/2007 23:16:16 | Attr = ]
updater.bmp -> %UserDesktop%\updater.bmp -> [Ver = | Size = 3888054 bytes | Modified Date = 12/06/2007 10:19:04 | Attr = ]
WinPFind3u -> %UserDesktop%\WinPFind3u -> [Folder | Modified Date = 25/06/2007 08:45:40 | Attr = ]
Adobe -> %CommonProgramFiles%\Adobe -> [Folder | Modified Date = 11/06/2007 23:05:42 | Attr = ]
AOL -> %CommonProgramFiles%\AOL -> [Folder | Modified Date = 11/06/2007 07:33:28 | Attr = ]
FotoWire -> %CommonProgramFiles%\FotoWire -> [Folder | Modified Date = 12/06/2007 09:30:16 | Attr = ]
Nikon -> %CommonProgramFiles%\Nikon -> [Folder | Modified Date = 06/06/2007 09:22:16 | Attr = ]
ODBC -> %CommonProgramFiles%\ODBC -> [Folder | Modified Date = 13/06/2007 16:28:18 | Attr = ]
Symantec Shared -> %CommonProgramFiles%\Symantec Shared -> [Folder | Modified Date = 11/06/2007 07:33:28 | Attr = ]
System -> %CommonProgramFiles%\System -> [Folder | Modified Date = 13/06/2007 16:32:14 | Attr = ]
Wise Installation Wizard -> %CommonProgramFiles%\Wise Installation Wizard -> [Folder | Modified Date = 24/06/2007 22:00:12 | Attr = ]

[File String Scan - Non-Microsoft Only]
UPX! , UPX0 , -> %System32%\aswBoot.exe -> ALWIL Software [Ver = 4, 7, 997, 0 | Size = 745600 bytes | Modified Date = 30/04/2007 17:46:10 | Attr = ]
PEC2 , -> %System32%\dfrg.msc -> [Ver = | Size = 41131 bytes | Modified Date = 10/08/2004 14:00:00 | Attr = ]
UPX! , UPX0 , -> %System32%\pncrt.dll -> Real Networks, Inc [Ver = 6.0.0.0 | Size = 123392 bytes | Modified Date = 26/11/2003 01:32:02 | Attr = ]
Thawte Consulting , -> %System32%\pxdrv.dll -> Sonic Solutions [Ver = 1.01.83a | Size = 464552 bytes | Modified Date = 28/03/2006 11:01:00 | Attr = ]
Thawte Consulting , -> %System32%\rmoc3260.dll -> RealNetworks, Inc. [Ver = 6.0.9.2568 | Size = 185952 bytes | Modified Date = 02/03/2007 17:32:44 | Attr = ]
UPX! , UPX0 , -> %System32%\vbskpro2.ocx -> JB [Ver = 2.01 | Size = 412672 bytes | Modified Date = 09/08/2005 00:07:00 | Attr = ]
winsync , -> %System32%\wbdbase.deu -> [Ver = | Size = 1309184 bytes | Modified Date = 10/08/2004 14:00:00 | Attr = ]
WSUD , UPX0 , -> %System32%\dllcache\hwxjpn.dll -> [Ver = | Size = 13463552 bytes | Modified Date = 10/08/2004 14:00:00 | Attr = ]
File scan skipped for file %UserDocuments%\Sims2_1.daa -> File size too big (665936050 bytes) ->
File scan skipped for file %UserDocuments%\Sims2_2.daa -> File size too big (681615173 bytes) ->
@Alternate Data Stream - 26 bytes -> %UserDesktop%\6773251300-cd.exe:Zone.Identifier ->
File scan skipped for file %UserDesktop%\avl-hlgo.img -> File size too big (403075072 bytes) ->
@Alternate Data Stream - 26 bytes -> %UserDesktop%\stinger.exe:Zone.Identifier ->
UPX! , UPX0 , -> %UserDesktop%\stinger.exe -> McAfee Inc. [Ver = 3.4.9 | Size = 1893383 bytes | Modified Date = 12/06/2007 17:56:12 | Attr = ]

< End of report >

#6 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:06:15 PM

Posted 25 June 2007 - 03:02 PM

Hi neil. Ok, let's get started. First, please print these directions so they will be available to you (we will be rebooting into Safe Mode during the fix).

Next, Please follow the steps below in order:

Step #1

Download AVG anti-spyware from HERE and save that file to your desktop.
  • Once you have downloaded AVG Anti-Spyware, locate the icon on the desktop and double-click it to launch the set up program.
  • Once the setup is complete you will need to run AVG Anti-Spyware and update the definition files.
  • On the main screen select the icon "Update" then select the "Update now" link.
    • Next select the "Start Update" button, the update will start and a progress bar will show the updates being installed.
  • Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
  • Once in the Settings screen, under "How to act" select "Quarantine".
  • Under "Reports"
    • Select "Automatically generate report after every scan"
    • Un-Select "Only if threats were found"
Close AVG Anti-Spyware, Do Not run a scan just yet, we will shortly.

Step #2

Now start WinPFind3U. Copy/Paste the information in the quotebox below into the pane where it says "Paste fix here" and then click the Run Fix button.

[Kill Explorer]
[Unregister Dlls]
[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
YY -> fhqakduk -> %System32%\fhqakduk.exe
< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\
YN -> ShellBrowser\\{C4069E3A-68F1-403E-B40E-20066696354B} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found]
YN -> WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found]
[Registry - Additional Scans - Non-Microsoft Only]
< Desktop Components > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\
YN -> 0 -> [Key]
[Files/Folders - Created Within 30 days]
NY -> fhqakduk.dat -> %System32%\fhqakduk.dat
NY -> fhqakduk.exe -> %System32%\fhqakduk.exe
NY -> fhqakduk_nav.dat -> %System32%\fhqakduk_nav.dat
NY -> fhqakduk_navps.dat -> %System32%\fhqakduk_navps.dat
[Files/Folders - Modified Within 30 days]
NY -> imsins.BAK -> %SystemRoot%\imsins.BAK
NY -> setupapi.log.0.old -> %SystemRoot%\setupapi.log.0.old
NY -> fhqakduk.dat -> %System32%\fhqakduk.dat
NY -> fhqakduk.exe -> %System32%\fhqakduk.exe
NY -> fhqakduk_nav.dat -> %System32%\fhqakduk_nav.dat
NY -> fhqakduk_navps.dat -> %System32%\fhqakduk_navps.dat
[Empty Temp Folders]
[Reboot]


The fix should only take a very short time. You will be asked to reboot when the fix is complete. Choose Yes and reboot into Safe Mode as shown below.

Start in Safe Mode Using the F8 method:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until the boot menu appears.
  • Use the arrow keys to select the Safe Mode menu item.
  • Press the Enter key.
Step #3

Launch AVG Anti-Spyware by double-clicking the icon on your desktop.

IMPORTANT: Do not open any other windows or programs while AVG Anti-Spyware is scanning, it may interfere with the scanning proccess:
  • Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan".
  • AVG Anti-Spyware will now begin the scanning process, be patient this may take a little time.
    Once the scan is complete do the following:
    • IMake sure that Set all elements to: shows Quarantine, if not click on the link and choose Quarantine from the popup menu.
    • At the bottom of the window click on the "Apply all actions" button
    Note: Don't save the report before you hit the Apply action button.
  • Next select the "Reports" icon at the top.
  • Select the "Save report as" button in the lower left hand of the screen and save it to a text file on your system (make sure to remember where you saved that file, this is important).
  • Close AVG Anti-Spyware and reboot your system back into Normal Mode and post the results of the AVG Anti-Spyware report scan.
Step #4

Post the following back here:
  • a new WinPFind3U report
  • the AVG Anti-Spyware report
  • the latest .log file from the WinPFind3u folder (it will be a .log file and have a date_time name in the format mmddyyyy_hhmmss.log)
I will review the information when it comes back in.

Also let me know of any problems you encountered performing the steps above or any continuing problems you are still having with the computer.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#7 neil

neil
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:11:15 PM

Posted 25 June 2007 - 03:26 PM

sorry OT
do i need to select
Reg - Desktop Components
Reg - Security Settings
File - Additional Folder Scans
in WinPFind3U?

#8 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:06:15 PM

Posted 25 June 2007 - 04:02 PM

Hi neil. Go ahead and select those and let's see what they show this time.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#9 neil

neil
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:11:15 PM

Posted 26 June 2007 - 02:32 AM

Hi OT
well follow'd your instructions to the T and here what happen,
in AVG i selected set all elemnts to Quarantine and the apply all ations button
went to Report icon but there was know log and the Save report as was inactive!
it found 32 objects (43 traces)
ran WinPFind3u worked in normal mode! but when i tryed to add a reply here i IE crashed so need to do a new scan in safe mode cos now it will not run in normal mode.
heres the log from WinPFind3U
WinPFind3 logfile created on: 26/06/2007 08:46:50
WinPFind3U by OldTimer - Version 1.0.39 Folder = D:\Documents and Settings\creese\Bureau\WinPFind3u\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 7.0.5730.11)

1022,48 Mb Total Physical Memory | 374,66 Mb Available Physical Memory | 36,64% Memory free
2,40 Gb Paging File | 1,77 Gb Available in Paging File | 73,81% Paging File free
Paging file location(s): C:\pagefile.sys 0 0;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,99 Gb Total Space | 10,87 Gb Free Space | 36,25% Space Free
Drive D: | 241,65 Gb Total Space | 94,69 Gb Free Space | 39,18% Space Free
E: Drive not present or media not loaded
F: Drive not present or media not loaded

Computer Name: neil
Current User Name: creese
Logged in as Administrator.
Current Boot Mode: Normal


[Processes - Non-Microsoft Only]
aboard.exe -> %SystemDrive%\APPS\ABOARD\ABOARD.EXE -> NEC Computers International [Ver = 1, 2, 0, 0 | Size = 24576 bytes | Modified Date = 02/05/2003 11:31:50 | Attr = ]
aosd.exe -> %SystemDrive%\APPS\ABOARD\AOSD.EXE -> NEC Computers International [Ver = 1, 2, 0, 0 | Size = 69632 bytes | Modified Date = 02/05/2003 11:31:38 | Attr = ]
ashdisp.exe -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe -> ALWIL Software [Ver = 4, 7, 997, 0 | Size = 75392 bytes | Modified Date = 30/04/2007 17:42:48 | Attr = ]
ashmaisv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 7, 997, 0 | Size = 243328 bytes | Modified Date = 30/04/2007 18:04:38 | Attr = ]
ashserv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> ALWIL Software [Ver = 4, 7, 997, 0 | Size = 132736 bytes | Modified Date = 30/04/2007 17:42:40 | Attr = ]
ashwebsv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 7, 997, 0 | Size = 345728 bytes | Modified Date = 30/04/2007 17:41:28 | Attr = ]
aswupdsv.exe -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> ALWIL Software [Ver = 4, 7, 997, 0 | Size = 16512 bytes | Modified Date = 30/04/2007 17:29:56 | Attr = ]
avgas.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 43 | Size = 6731312 bytes | Modified Date = 11/06/2007 11:25:42 | Attr = ]
guard.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 30/05/2007 14:31:10 | Attr = ]
hpoevm08.exe -> %ProgramFiles%\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe -> Hewlett-Packard Co. [Ver = 4.2.0.020 | Size = 286720 bytes | Modified Date = 06/04/2003 00:45:10 | Attr = ]
hpohmr08.exe -> %ProgramFiles%\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe -> Hewlett-Packard Co. [Ver = 4.2.0.020 | Size = 147456 bytes | Modified Date = 06/04/2003 01:17:18 | Attr = ]
hposts08.exe -> %ProgramFiles%\Hewlett-Packard\Digital Imaging\bin\hposts08.exe -> Hewlett-Packard Co. [Ver = 4.2.0.020 | Size = 311296 bytes | Modified Date = 06/04/2003 00:55:04 | Attr = ]
hpotdd01.exe -> %ProgramFiles%\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe -> Hewlett-Packard [Ver = 1, 0, 0, 1 | Size = 28672 bytes | Modified Date = 06/04/2003 01:06:58 | Attr = ]
hpzipm12.exe -> %System32%\HPZipm12.exe -> HP [Ver = 6, 0, 0, 0 | Size = 65795 bytes | Modified Date = 09/03/2003 06:31:02 | Attr = R ]
ipodservice.exe -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Inc. [Ver = 7.2.0.34 | Size = 501312 bytes | Modified Date = 26/05/2007 12:45:46 | Attr = ]
ituneshelper.exe -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Inc. [Ver = 7.2.0.34 | Size = 257088 bytes | Modified Date = 26/05/2007 12:45:54 | Attr = ]
kpf4gui.exe -> %ProgramFiles%\Sunbelt Software\Personal Firewall\kpf4gui.exe -> Sunbelt Software [Ver = 4.5.916.0 | Size = 1967664 bytes | Modified Date = 26/04/2007 10:21:28 | Attr = ]
kpf4gui.exe -> %ProgramFiles%\Sunbelt Software\Personal Firewall\kpf4gui.exe -> Sunbelt Software [Ver = 4.5.916.0 | Size = 1967664 bytes | Modified Date = 26/04/2007 10:21:28 | Attr = ]
kpf4ss.exe -> %ProgramFiles%\Sunbelt Software\Personal Firewall\kpf4ss.exe -> Sunbelt Software [Ver = 4.5.916.0 | Size = 1234480 bytes | Modified Date = 26/04/2007 10:21:28 | Attr = ]
logitray.exe -> %ProgramFiles%\Logitech\Video\LogiTray.exe -> Logitech Inc. [Ver = 8.0.3.1112 | Size = 65536 bytes | Modified Date = 30/06/2003 21:00:24 | Attr = ]
lowlight.exe -> %ProgramFiles%\Logitech\Video\LowLight.exe -> Logitech Inc. [Ver = 8.0.3.1112 | Size = 53248 bytes | Modified Date = 30/06/2003 20:59:30 | Attr = ]
lvcoms.exe -> %System32%\LVComS.exe -> Logitech Inc. [Ver = 8.0.3.1110 | Size = 135214 bytes | Modified Date = 27/06/2003 05:09:56 | Attr = ]
magicdisc.exe -> %ProgramFiles%\MagicDisc\MagicDisc.exe -> [Ver = | Size = 534016 bytes | Modified Date = 26/09/2006 09:59:14 | Attr = ]
ndp1.1sp1-kb886903-x86.exe -> %SystemRoot%\SoftwareDistribution\Download\Install\NDP1.1sp1-KB886903-X86.exe -> M [Ver = 1 | Size = 1577248 bytes | Modified Date = 07/02/2005 21:42:58 | Attr = ]
nvsvc32.exe -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.8466 | Size = 143426 bytes | Modified Date = 28/04/2006 00:47:00 | Attr = ]
omniserv.exe -> %SystemDrive%\APPS\Softex\OmniPass\OmniServ.exe -> Softex Inc. [Ver = 1.0.0.1 | Size = 32768 bytes | Modified Date = 30/01/2006 08:47:48 | Attr = ]
opxpapp.exe -> %SystemDrive%\APPS\Softex\OmniPass\OPXPApp.exe -> [Ver = | Size = 14848 bytes | Modified Date = 30/01/2006 08:47:50 | Attr = ]
qttask.exe -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Inc. [Ver = 7.1.6 | Size = 282624 bytes | Modified Date = 27/04/2007 09:41:54 | Attr = ]
reader_sl.exe -> %ProgramFiles%\Adobe\Reader 8.0\Reader\Reader_sl.exe -> Adobe Systems Incorporated [Ver = 8.0.0.0 | Size = 40048 bytes | Modified Date = 11/05/2007 03:06:32 | Attr = ]
realsched.exe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.3760 | Size = 185896 bytes | Modified Date = 02/03/2007 17:32:18 | Attr = ]
rthdcpl.exe -> %SystemRoot%\RTHDCPL.exe -> Realtek Semiconductor Corp. [Ver = 2.0.3.2 | Size = 15691264 bytes | Modified Date = 09/12/2005 16:49:42 | Attr = ]
scureapp.exe -> %SystemDrive%\APPS\Softex\OmniPass\scureapp.exe -> [Ver = 1, 0, 0, 1 | Size = 1978368 bytes | Modified Date = 30/01/2006 09:56:38 | Attr = ]
sl3.tmp -> %SystemRoot%\Temp\SL3.tmp -> [Ver = | Size = 1519904 bytes | Modified Date = 26/06/2007 08:46:40 | Attr = ]
symlcsvc.exe -> %CommonProgramFiles%\Symantec Shared\CCPD-LC\symlcsvc.exe -> Symantec Corporation [Ver = 1.9.1.762 | Size = 1119888 bytes | Modified Date = 19/07/2006 21:44:50 | Attr = ]
tca.exe -> %ProgramFiles%\The Cleaner\tca.exe -> MooSoft Development [Ver = 3.1.0.3073 | Size = 631808 bytes | Modified Date = 09/04/2004 10:26:36 | Attr = ]
tcm.exe -> %ProgramFiles%\The Cleaner\tcm.exe -> MooSoft Development [Ver = 2.1.0.2043 | Size = 388096 bytes | Modified Date = 13/03/2004 14:48:52 | Attr = ]
ulcdrsvr.exe -> %CommonProgramFiles%\Ulead Systems\DVD\ULCDRSvr.exe -> Ulead Systems, Inc. [Ver = 1, 0, 0, 4 | Size = 49152 bytes | Modified Date = 31/01/2005 09:45:20 | Attr = ]
usbdeviceservice.exe -> %ProgramFiles%\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe -> [Ver = 1, 0, 0, 1 | Size = 90112 bytes | Modified Date = 20/10/2005 06:15:00 | Attr = ]
winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> OldTimer Tools [Ver = 1.0.38.0 | Size = 322048 bytes | Modified Date = 23/06/2007 15:15:54 | Attr = ]
wlanutl.exe -> %ProgramFiles%\SAGEM WiFi manager\WLANUTL.EXE -> [Ver = 2, 5, 5, 1 | Size = 925696 bytes | Modified Date = 19/01/2006 16:54:34 | Attr = ]
x10nets.exe -> %ProgramFiles%\Common Files\X10\Common\X10nets.exe -> X10 [Ver = 1, 0, 0, 1 | Size = 20480 bytes | Modified Date = 12/11/2001 13:31:48 | Attr = ]

[Win32 Services - Non-Microsoft Only]
(Adobe LM Service) Adobe LM Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Adobe Systems Shared\Service\Adobelmsvc.exe -> Adobe Systems [Ver = 2.67.010 | Size = 72704 bytes | Modified Date = 17/04/2007 16:18:36 | Attr = ]
(aswUpdSv) avast! iAVS4 Control Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> ALWIL Software [Ver = 4, 7, 997, 0 | Size = 16512 bytes | Modified Date = 30/04/2007 17:29:56 | Attr = ]
(avast! Antivirus) avast! Antivirus [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> ALWIL Software [Ver = 4, 7, 997, 0 | Size = 132736 bytes | Modified Date = 30/04/2007 17:42:40 | Attr = ]
(avast! Mail Scanner) avast! Mail Scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 7, 997, 0 | Size = 243328 bytes | Modified Date = 30/04/2007 18:04:38 | Attr = ]
(avast! Web Scanner) avast! Web Scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 7, 997, 0 | Size = 345728 bytes | Modified Date = 30/04/2007 17:41:28 | Attr = ]
(AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 30/05/2007 14:31:10 | Attr = ]
(dmadmin) Service d'administration du Gestionnaire de disque logique [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 225280 bytes | Modified Date = 10/08/2004 14:00:00 | Attr = ]
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 04/04/2005 01:41:10 | Attr = ]
(iPod Service) Service de l'iPod [Win32_Own | On_Demand | Running] -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Inc. [Ver = 7.2.0.34 | Size = 501312 bytes | Modified Date = 26/05/2007 12:45:46 | Attr = ]
(MSCSPTISRV) MSCSPTISRV [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\AVLib\MSCSPTISRV.exe -> Sony Corporation [Ver = 4.4.00.11241 | Size = 53337 bytes | Modified Date = 24/11/2005 17:03:22 | Attr = ]
(NBService) NBService [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Nero\Nero 7\Nero BackItUp\NBService.exe -> Nero AG [Ver = 2, 6, 6, 0 | Size = 724992 bytes | Modified Date = 09/10/2006 23:11:08 | Attr = ]
(NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Running] -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.8466 | Size = 143426 bytes | Modified Date = 28/04/2006 00:47:00 | Attr = ]
(omniserv) Softex OmniPass Service [Win32_Own | Auto | Running] -> %SystemDrive%\APPS\Softex\OmniPass\OmniServ.exe -> Softex Inc. [Ver = 1.0.0.1 | Size = 32768 bytes | Modified Date = 30/01/2006 08:47:48 | Attr = ]
(PACSPTISVR) PACSPTISVR [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\AVLib\PACSPTISVR.exe -> Sony Corporation [Ver = 4.4.00.11241 | Size = 53337 bytes | Modified Date = 24/11/2005 16:57:44 | Attr = ]
(Planificateur LiveUpdate automatique) Planificateur LiveUpdate automatique [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Symantec\LiveUpdate\ALUSchedulerSvc.exe -> File not found
(Pml Driver HPZ12) Pml Driver HPZ12 [Win32_Own | On_Demand | Running] -> %System32%\HPZipm12.exe -> HP [Ver = 6, 0, 0, 0 | Size = 65795 bytes | Modified Date = 09/03/2003 06:31:02 | Attr = R ]
(SPF4) Sunbelt Personal Firewall 4 [Win32_Own | Auto | Running] -> %ProgramFiles%\Sunbelt Software\Personal Firewall\kpf4ss.exe -> Sunbelt Software [Ver = 4.5.916.0 | Size = 1234480 bytes | Modified Date = 26/04/2007 10:21:28 | Attr = ]
(SPTISRV) Sony SPTI Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\AVLib\SPTISRV.exe -> Sony Corporation [Ver = 4.4.00.11241 | Size = 69718 bytes | Modified Date = 24/11/2005 16:47:30 | Attr = ]
(Symantec Core LC) Symantec Core LC [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\CCPD-LC\symlcsvc.exe -> Symantec Corporation [Ver = 1.9.1.762 | Size = 1119888 bytes | Modified Date = 19/07/2006 21:44:50 | Attr = ]
(UleadBurningHelper) Ulead Burning Helper [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Ulead Systems\DVD\ULCDRSvr.exe -> Ulead Systems, Inc. [Ver = 1, 0, 0, 4 | Size = 49152 bytes | Modified Date = 31/01/2005 09:45:20 | Attr = ]
(USBDeviceService) USBDeviceService [Win32_Own | Auto | Running] -> %ProgramFiles%\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe -> [Ver = 1, 0, 0, 1 | Size = 90112 bytes | Modified Date = 20/10/2005 06:15:00 | Attr = ]
(x10nets) X10 Device Network Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Common Files\X10\Common\X10nets.exe -> X10 [Ver = 1, 0, 0, 1 | Size = 20480 bytes | Modified Date = 12/11/2001 13:31:48 | Attr = ]

[Driver Services - Non-Microsoft Only]
(3xHybrid) 3xHybrid service [Kernel | On_Demand | Running] -> %System32%\drivers\3xHybrid.sys -> Philips Semiconductors GmbH [Ver = 1, 3, 3, 1 | Size = 825600 bytes | Modified Date = 17/04/2006 12:25:00 | Attr = ]
(Aavmker4) avast! Asynchronous Virus Monitor [Kernel | System | Running] -> %System32%\drivers\aavmker4.sys -> ALWIL Software [Ver = 4.7.997.0 | Size = 26888 bytes | Modified Date = 30/04/2007 17:37:24 | Attr = ]
(Abiosdsk) Abiosdsk [Kernel | Disabled | Stopped] -> -> File not found
(AFS2K) AFS2K [Kernel | System | Running] -> %System32%\drivers\AFS2K.SYS -> Oak Technology Inc. [Ver = 3.1.14.886 | Size = 82380 bytes | Modified Date = 22/04/2007 02:20:48 | Attr = ]
(AliIde) AliIde [Kernel | Boot | Running] -> %System32%\drivers\aliide.sys -> Acer Laboratories Inc. [Ver = 1.20 | Size = 5248 bytes | Modified Date = 17/08/2001 21:51:56 | Attr = ]
(amdagp) Pilote de filtre du bus AMD AGP [Kernel | Boot | Running] -> %System32%\drivers\AMDAGP.SYS -> Advanced Micro Devices, Inc. [Ver = 5.00 (xpsp_sp2_rtm.040803-2158) | Size = 43008 bytes | Modified Date = 03/08/2004 23:07:44 | Attr = ]
(asc) asc [Kernel | Boot | Running] -> %System32%\drivers\asc.sys -> Advanced System Products, Inc. [Ver = 2.9I-MS (XPClient.010817-1148) | Size = 26496 bytes | Modified Date = 17/08/2001 21:52:00 | Attr = ]
(asc3550) asc3550 [Kernel | Boot | Running] -> %System32%\drivers\asc3550.sys -> Advanced System Products, Inc. [Ver = 3.1E-MS (XPClient.010817-1148) | Size = 14848 bytes | Modified Date = 17/08/2001 21:51:58 | Attr = ]
(Aspi32) Aspi32 [Kernel | Auto | Running] -> %System32%\drivers\ASPI32.SYS -> Adaptec [Ver = 4.71 (0002) built by: WinDDK | Size = 16512 bytes | Modified Date = 17/07/2002 03:05:10 | Attr = ]
(aswMon2) avast! Standard Shield Support [File_System | Auto | Running] -> %System32%\drivers\aswmon2.sys -> ALWIL Software [Ver = 4.7.997.0 | Size = 94552 bytes | Modified Date = 30/04/2007 17:41:42 | Attr = ]
(aswRdr) aswRdr [Kernel | On_Demand | Running] -> %System32%\drivers\aswRdr.sys -> ALWIL Software [Ver = 4.7.997.0 | Size = 23416 bytes | Modified Date = 30/04/2007 17:39:42 | Attr = ]
(aswTdi) avast! Network Shield Support [Kernel | System | Running] -> %System32%\drivers\aswTdi.sys -> ALWIL Software [Ver = 4.7.997.0 | Size = 43176 bytes | Modified Date = 30/04/2007 17:38:52 | Attr = ]
(Atdisk) Atdisk [Kernel | Disabled | Stopped] -> -> File not found
(AVG Anti-Spyware Driver) AVG Anti-Spyware Driver [Kernel | System | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.sys -> [Ver = | Size = 11000 bytes | Modified Date = 30/05/2007 14:10:42 | Attr = ]
(AvgAsCln) AVG Anti-Spyware Clean Driver [Kernel | System | Running] -> %System32%\drivers\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 10872 bytes | Modified Date = 30/05/2007 14:10:42 | Attr = ]
(BANTExt) Belarc SMBios Access [Kernel | System | Running] -> %System32%\drivers\BANTExt.sys -> [Ver = | Size = 3840 bytes | Modified Date = 07/04/2005 17:18:34 | Attr = ]
(Changer) Changer [Kernel | System | Stopped] -> -> File not found
(CmdIde) CmdIde [Kernel | Boot | Running] -> %System32%\drivers\cmdide.sys -> CMD Technology, Inc. [Ver = 2.0.7 (XPClient.010817-1148) | Size = 6656 bytes | Modified Date = 23/08/2001 17:04:44 | Attr = ]
(dac2w2k) dac2w2k [Kernel | Boot | Running] -> %System32%\drivers\dac2w2k.sys -> Mylex Corporation [Ver = 6.00-21 (XPClient.010817-1148) | Size = 179584 bytes | Modified Date = 17/08/2001 21:52:16 | Attr = ]
(dmboot) dmboot [Kernel | Disabled | Stopped] -> %System32%\drivers\dmboot.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 800256 bytes | Modified Date = 10/08/2004 14:00:00 | Attr = ]
(dmio) Pilote de Gestionnaire de disque logique [Kernel | Boot | Running] -> %System32%\drivers\dmio.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 154496 bytes | Modified Date = 10/08/2004 14:00:00 | Attr = ]
(dmload) dmload [Kernel | Boot | Running] -> %System32%\drivers\dmload.sys -> Microsoft Corp., Veritas Software. [Ver = 2600.0.503.0 | Size = 5888 bytes | Modified Date = 10/08/2004 14:00:00 | Attr = ]
(dtscsi) dtscsi [Kernel | On_Demand | Stopped] -> %System32%\drivers\dtscsi.sys -> DT Soft Ltd. [Ver = 4.03.0.0 built by: WinDDK | Size = 223128 bytes | Modified Date = 23/11/2006 02:28:42 | Attr = ]
(fwdrv) Firewall Driver [Kernel | System | Running] -> %System32%\drivers\fwdrv.sys -> Sunbelt Software [Ver = 4.3.182.0 | Size = 302000 bytes | Modified Date = 26/04/2007 10:21:30 | Attr = ]
(GEARAspiWDM) GEARAspiWDM [Kernel | On_Demand | Running] -> %System32%\drivers\GEARAspiWDM.sys -> GEAR Software Inc. [Ver = 2.0.6.1 | Size = 15664 bytes | Modified Date = 19/09/2006 16:44:04 | Attr = ]
(HdAudAddService) Microsoft UAA Function Driver for High Definition Audio Service [Kernel | On_Demand | Stopped] -> %System32%\drivers\Hdaudio.sys -> Windows ® Server 2003 DDK provider [Ver = 5.10.01.5013 built by: WinDDK | Size = 145920 bytes | Modified Date = 07/01/2005 17:07:16 | Attr = ]
(HDAudBus) Microsoft UAA Bus Driver for High Definition Audio [Kernel | On_Demand | Running] -> %System32%\drivers\Hdaudbus.sys -> Windows ® Server 2003 DDK provider [Ver = 5.10.01.5013 built by: WinDDK | Size = 138752 bytes | Modified Date = 07/01/2005 17:07:18 | Attr = ]
(HPZid412) IEEE-1284.4 Driver HPZid412 [Kernel | On_Demand | Running] -> %System32%\drivers\hpzid412.sys -> HP [Ver = 6, 0, 0, 0 | Size = 51024 bytes | Modified Date = 09/03/2003 06:31:00 | Attr = R ]
(HPZipr12) Print Class Driver for IEEE-1284.4 HPZipr12 [Kernel | On_Demand | Running] -> %System32%\drivers\HPZipr12.sys -> HP [Ver = 6, 0, 0, 0 | Size = 16080 bytes | Modified Date = 09/03/2003 06:31:02 | Attr = R ]
(HPZius12) USB to IEEE-1284.4 Translation Driver HPZius12 [Kernel | On_Demand | Running] -> %System32%\drivers\HPZius12.sys -> HP [Ver = 6, 0, 0, 0 | Size = 21456 bytes | Modified Date = 09/03/2003 06:31:02 | Attr = R ]
(imagedrv) imagedrv [Kernel | Boot | Running] -> %System32%\drivers\imagedrv.sys -> Ahead Software AG [Ver = 2.29.0.0 built by: WinDDK | Size = 5888 bytes | Modified Date = 15/08/2005 13:08:26 | Attr = ]
(imagesrv) imagesrv [Kernel | Boot | Running] -> %System32%\drivers\imagesrv.sys -> Ahead Software AG [Ver = 2.29.0.0 built by: WinDDK | Size = 127488 bytes | Modified Date = 15/08/2005 13:08:26 | Attr = ]
(IntcAzAudAddService) Service for Realtek HD Audio (WDM) [Kernel | On_Demand | Running] -> %System32%\drivers\RtkHDAud.Sys -> Realtek Semiconductor Corp. [Ver = 5.10.00.5200 built by: WinDDK | Size = 4123136 bytes | Modified Date = 09/12/2005 17:48:40 | Attr = ]
(khips) Kerio HIPS Driver [Kernel | System | Running] -> %System32%\drivers\khips.sys -> Sunbelt Software [Ver = 4.3.182.0 | Size = 72624 bytes | Modified Date = 26/04/2007 10:21:34 | Attr = ]
(lbrtfdc) lbrtfdc [Kernel | System | Stopped] -> -> File not found
(mcdbus) Driver for MagicISO SCSI Host Controller [Kernel | On_Demand | Running] -> %System32%\drivers\mcdbus.sys -> MagicISO, Inc. [Ver = 1.0.0.32 | Size = 92160 bytes | Modified Date = 22/09/2006 14:06:10 | Attr = ]
(mraid35x) mraid35x [Kernel | Boot | Running] -> %System32%\drivers\mraid35x.sys -> American Megatrends Inc. [Ver = 6.19 (XPClient.010817-1148) | Size = 17280 bytes | Modified Date = 17/08/2001 21:52:12 | Attr = ]
(nv) nv [Kernel | On_Demand | Running] -> %System32%\drivers\nv4_mini.sys -> NVIDIA Corporation [Ver = 6.14.10.8466 | Size = 3663040 bytes | Modified Date = 28/04/2006 00:47:00 | Attr = ]
(PCANDIS5) PCANDIS5 Protocol Driver [Kernel | On_Demand | Stopped] -> %System32%\PCANDIS5.SYS -> File not found
(PCIDump) PCIDump [Kernel | System | Stopped] -> -> File not found
(PDCOMP) PDCOMP [Kernel | On_Demand | Stopped] -> -> File not found
(PDFRAME) PDFRAME [Kernel | On_Demand | Stopped] -> -> File not found
(PDRELI) PDRELI [Kernel | On_Demand | Stopped] -> -> File not found
(PDRFRAME) PDRFRAME [Kernel | On_Demand | Stopped] -> -> File not found
(PhilCam8116) Logitech QuickCam Pro 3000(PID_08B0) [Kernel | On_Demand | Running] -> %System32%\drivers\CamDrL21.sys -> Logitech Inc. [Ver = 8.0.3.1110 | Size = 313216 bytes | Modified Date = 27/06/2003 05:08:38 | Attr = ]
(PLUsbbc2) High-Speed USB Bridge Cable Driver [Kernel | On_Demand | Stopped] -> %System32%\drivers\usbbc2.sys -> Prolific Technology Inc. [Ver = 2.0.0.20 | Size = 8960 bytes | Modified Date = 07/05/2003 15:54:38 | Attr = ]
(Ptilink) Pilote de liaison parallèle directe [Kernel | On_Demand | Running] -> %System32%\drivers\ptilink.sys -> Parallel Technologies, Inc. [Ver = 1.10 (XPClient.010817-1148) | Size = 17792 bytes | Modified Date = 10/08/2004 14:00:00 | Attr = ]
(PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %System32%\drivers\pxhelp20.sys -> Sonic Solutions [Ver = 2.03.32a | Size = 20640 bytes | Modified Date = 25/04/2005 02:03:00 | Attr = ]
(ql1080) ql1080 [Kernel | Boot | Running] -> %System32%\drivers\ql1080.sys -> QLogic Corporation [Ver = 3.04 | Size = 40320 bytes | Modified Date = 17/08/2001 21:52:20 | Attr = ]
(ql12160) ql12160 [Kernel | Boot | Running] -> %System32%\drivers\ql12160.sys -> QLogic Corporation [Ver = 7.13.02 (W64) | Size = 45312 bytes | Modified Date = 17/08/2001 21:52:20 | Attr = ]
(ql1280) ql1280 [Kernel | Boot | Running] -> %System32%\drivers\ql1280.sys -> QLogic Corporation [Ver = 7.13.01 (W2K) | Size = 49024 bytes | Modified Date = 17/08/2001 21:52:18 | Attr = ]
(RTL8023xp) Realtek 10/100/1000 NIC Family all in one NDIS XP Driver [Kernel | On_Demand | Stopped] -> %System32%\drivers\Rtnicxp.sys -> Realtek Semiconductor Corporation [Ver = 5,641,0209,2006 built by: WinDDK | Size = 81408 bytes | Modified Date = 27/02/2006 06:46:20 | Attr = ]
(rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C) [Kernel | On_Demand | Stopped] -> %System32%\drivers\RTL8139.sys -> Realtek Semiconductor Corporation [Ver = 5.398.613.2003 built by: WinDDK | Size = 20992 bytes | Modified Date = 03/08/2004 22:31:34 | Attr = ]
(SCDEmu) SCDEmu [Kernel | System | Running] -> %System32%\drivers\scdemu.sys -> PowerISO Computing, Inc. [Ver = 3, 0, 0, 0 | Size = 26844 bytes | Modified Date = 18/03/2006 04:25:00 | Attr = ]
(Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> %System32%\drivers\secdrv.sys -> [Ver = | Size = 27440 bytes | Modified Date = 10/08/2004 14:00:00 | Attr = ]
(SG762_XP) SAGEM 802.11g XG762 1211B Driver [Kernel | On_Demand | Running] -> %System32%\drivers\WlanBZXP.sys -> ZyDAS Technology Corporation [Ver = 6, 3, 0, 0 | Size = 402432 bytes | Modified Date = 22/12/2005 14:45:18 | Attr = ]
(Simbad) Simbad [Kernel | Disabled | Stopped] -> -> File not found
(sisagp) Filtre de bus AGP SIS [Kernel | Boot | Running] -> %System32%\drivers\SISAGP.SYS -> Silicon Integrated Systems Corporation [Ver = 5.12.01.2010 (xpsp_sp2_rtm.040803-2158) | Size = 41088 bytes | Modified Date = 03/08/2004 23:07:44 | Attr = ]
(Sparrow) Sparrow [Kernel | Boot | Running] -> %System32%\drivers\sparrow.sys -> Adaptec, Inc. [Ver = v2.0a (ReleaseBinaries.001205-1804) | Size = 19072 bytes | Modified Date = 17/08/2001 22:07:44 | Attr = ]
(sptd) sptd [Kernel | Boot | Running] -> %System32%\drivers\sptd.sys -> [Ver = | Size = 639224 bytes | Modified Date = 25/11/2006 02:59:50 | Attr = ]
(symc810) symc810 [Kernel | Boot | Running] -> %System32%\drivers\symc810.sys -> Symbios Logic Inc. [Ver = 5.1.2409.1 (ReleaseBinaries.001205-1804) | Size = 16256 bytes | Modified Date = 17/08/2001 22:07:34 | Attr = ]
(symc8xx) symc8xx [Kernel | Boot | Running] -> %System32%\drivers\symc8xx.sys -> LSI Logic [Ver = 5.1.2409.1 (ReleaseBinaries.001205-1804) | Size = 32640 bytes | Modified Date = 17/08/2001 22:07:36 | Attr = ]
(symlcbrd) symlcbrd [Kernel | Auto | Running] -> %System32%\drivers\symlcbrd.sys -> Symantec Corporation [Ver = 1.8.54.834 | Size = 10344 bytes | Modified Date = 19/07/2006 21:44:50 | Attr = ]
(sym_hi) sym_hi [Kernel | Boot | Running] -> %System32%\drivers\sym_hi.sys -> LSI Logic [Ver = 5.1.2462.0 (Lab01_N.010309-0027) | Size = 28384 bytes | Modified Date = 17/08/2001 22:07:40 | Attr = ]
(sym_u3) sym_u3 [Kernel | Boot | Running] -> %System32%\drivers\sym_u3.sys -> LSI Logic [Ver = 5.1.2462.0 (Lab01_N.010309-0027) | Size = 30688 bytes | Modified Date = 17/08/2001 22:07:42 | Attr = ]
(ultra) ultra [Kernel | Boot | Running] -> %System32%\drivers\ultra.sys -> Promise Technology, Inc. [Ver = 1.43 (version 0603) | Size = 36736 bytes | Modified Date = 17/08/2001 21:52:22 | Attr = ]
(wanatw) WAN Miniport (ATW) [Kernel | On_Demand | Stopped] -> system32\DRIVERS\wanatw4.sys -> File not found
(WDICA) WDICA [Kernel | On_Demand | Stopped] -> -> File not found
(X10Hid) X10 Hid Device [Kernel | On_Demand | Running] -> %System32%\drivers\x10hid.sys -> X10 Wireless Technology, Inc. [Ver = 3.0.0.198 | Size = 7040 bytes | Modified Date = 28/11/2005 10:45:16 | Attr = ]
(XUIF) X10 USB Wireless Transceiver [Kernel | On_Demand | Running] -> %System32%\drivers\x10ufx2.sys -> X10 Wireless Technology, Inc. [Ver = 3.0.0.187 | Size = 17792 bytes | Modified Date = 19/05/2005 15:52:58 | Attr = ]
(ZDCndis5) ZDCndis5 Protocol Driver [Kernel | On_Demand | Stopped] -> %System32%\ZDCndis5.SYS -> File not found
(ZDPSp50) ZDPSp50 NDIS Protocol Driver [Kernel | On_Demand | Running] -> %System32%\drivers\ZDPSp50.sys -> Printing Communications Assoc., Inc. (PCAUSA) [Ver = 5.5.18.02 | Size = 17664 bytes | Modified Date = 18/01/2006 14:09:40 | Attr = ]
(ZDPNDIS5) ZDPNDIS5 NDIS Protocol Driver [Kernel | On_Demand | Stopped] -> %System32%\ZDPNDIS5.SYS -> File not found

[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
!AVG Anti-Spyware -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 43 | Size = 6731312 bytes | Modified Date = 11/06/2007 11:25:42 | Attr = ]
ACTIVBOARD -> %SystemDrive%\APPS\ABOARD\ABOARD.EXE -> NEC Computers International [Ver = 1, 2, 0, 0 | Size = 24576 bytes | Modified Date = 02/05/2003 11:31:50 | Attr = ]
Adobe Reader Speed Launcher -> %ProgramFiles%\Adobe\Reader 8.0\Reader\Reader_sl.exe -> Adobe Systems Incorporated [Ver = 8.0.0.0 | Size = 40048 bytes | Modified Date = 11/05/2007 03:06:32 | Attr = ]
avast! -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe -> ALWIL Software [Ver = 4, 7, 997, 0 | Size = 75392 bytes | Modified Date = 30/04/2007 17:42:48 | Attr = ]
DetectorApp -> %ProgramFiles%\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe -> [Ver = 1, 0, 0, 6 | Size = 102400 bytes | Modified Date = 20/10/2005 06:15:00 | Attr = ]
High Definition Audio Property Page Shortcut -> %System32%\HdAShCut.exe -> Windows ® Server 2003 DDK provider [Ver = 5.10.01.5013 built by: WinDDK | Size = 61952 bytes | Modified Date = 07/01/2005 17:07:16 | Attr = ]
iTunesHelper -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Inc. [Ver = 7.2.0.34 | Size = 257088 bytes | Modified Date = 26/05/2007 12:45:54 | Attr = ]
LogitechGalleryRepair -> %ProgramFiles%\Logitech\Video\ISStart.exe -> Logitech Inc. [Ver = 8.0.3.1112 | Size = 188416 bytes | Modified Date = 30/06/2003 20:56:34 | Attr = ]
LogitechVideoRepair -> %ProgramFiles%\Logitech\Video\ISStart.exe -> Logitech Inc. [Ver = 8.0.3.1112 | Size = 188416 bytes | Modified Date = 30/06/2003 20:56:34 | Attr = ]
LogitechVideoTray -> %ProgramFiles%\Logitech\Video\LogiTray.exe -> Logitech Inc. [Ver = 8.0.3.1112 | Size = 65536 bytes | Modified Date = 30/06/2003 21:00:24 | Attr = ]
NvCplDaemon -> %System32%\nvcpl.dll [RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup] -> NVIDIA Corporation [Ver = 6.14.10.8466 | Size = 7573504 bytes | Modified Date = 28/04/2006 00:47:00 | Attr = ]
NvMediaCenter -> %System32%\nvmctray.dll [RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit] -> NVIDIA Corporation [Ver = 6.14.10.8466 | Size = 86016 bytes | Modified Date = 28/04/2006 00:47:00 | Attr = ]
OmniPass -> %SystemDrive%\APPS\Softex\OmniPass\scureapp.exe -> [Ver = 1, 0, 0, 1 | Size = 1978368 bytes | Modified Date = 30/01/2006 09:56:38 | Attr = ]
QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Inc. [Ver = 7.1.6 | Size = 282624 bytes | Modified Date = 27/04/2007 09:41:54 | Attr = ]
RTHDCPL -> %SystemRoot%\RTHDCPL.exe -> Realtek Semiconductor Corp. [Ver = 2.0.3.2 | Size = 15691264 bytes | Modified Date = 09/12/2005 16:49:42 | Attr = ]
tcactive -> %ProgramFiles%\The Cleaner\tca.exe -> MooSoft Development [Ver = 3.1.0.3073 | Size = 631808 bytes | Modified Date = 09/04/2004 10:26:36 | Attr = ]
tcmonitor -> %ProgramFiles%\The Cleaner\tcm.exe -> MooSoft Development [Ver = 2.1.0.2043 | Size = 388096 bytes | Modified Date = 13/03/2004 14:48:52 | Attr = ]
TkBellExe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.3760 | Size = 185896 bytes | Modified Date = 02/03/2007 17:32:18 | Attr = ]
< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ ->
IMAIL -> Installed = 1 ->
MAPI -> Installed = 1 ->
MSFS -> Installed = 1 ->
< Common Startup > -> D:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage ->
%AllUsersStartup%\hp psc 1000 series.lnk -> %ProgramFiles%\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe -> Hewlett-Packard Co. [Ver = 4.2.0.020 | Size = 147456 bytes | Modified Date = 06/04/2003 01:17:18 | Attr = ]
%AllUsersStartup%\hpoddt01.exe.lnk -> %ProgramFiles%\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe -> Hewlett-Packard [Ver = 1, 0, 0, 1 | Size = 28672 bytes | Modified Date = 06/04/2003 01:06:58 | Attr = ]
%AllUsersStartup%\Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk -> %ProgramFiles%\SAGEM WiFi manager\WLANUTL.EXE -> [Ver = 2, 5, 5, 1 | Size = 925696 bytes | Modified Date = 19/01/2006 16:54:34 | Attr = ]
< User Startup > -> D:\Documents and Settings\creese\Menu Démarrer\Programmes\Démarrage ->
%UserStartup%\Adobe Gamma.lnk -> %CommonProgramFiles%\Adobe\Calibration\Adobe Gamma Loader.exe -> Adobe Systems, Inc. [Ver = 1, 0, 0, 1 | Size = 113664 bytes | Modified Date = 16/03/2005 19:16:50 | Attr = ]
%UserStartup%\MagicDisc.lnk -> %ProgramFiles%\MagicDisc\MagicDisc.exe -> [Ver = | Size = 534016 bytes | Modified Date = 26/09/2006 09:59:14 | Attr = ]
< ShellExecuteHooks [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks ->
{57B86673-276A-48B2-BAE7-C6DBB3020EB8} [HKLM] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> GRISOFT s.r.o. [Ver = 7, 5, 1, 36 | Size = 79408 bytes | Modified Date = 30/05/2007 14:29:58 | Attr = ]
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon\Notify settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
OPXPGina -> %SystemDrive%\APPS\Softex\OmniPass\OPXPGina.dll -> [Ver = | Size = 49152 bytes | Modified Date = 30/01/2006 08:53:44 | Attr = ]
< CurrentVersion Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\InstallVisualStyle -> C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\InstallTheme -> C:\WINDOWS\Resources\Themes\Royale.theme ->
< CurrentVersion Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> •
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 0 ->
< HOSTS File > (31 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
127.0.0.1 localhost -> ->
< Internet Explorer Settings > -> ->
HKLM: Default_Page_URL -> http://uk.yahoo.com ->
HKLM: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKLM: Local Page -> %SystemRoot%\system32\blank.htm ->
HKLM: Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKLM: Start Page -> http://uk.yahoo.com ->
HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKLM: SearchAssistant -> http://www.google.com/ie ->
HKCU: Local Page -> C:\WINDOWS\system32\blank.htm ->
HKCU: Search Bar -> http://www.google.com/ie ->
HKCU: Search Page -> http://www.google.com ->
HKCU: Start Page -> http://www.demonoid.com/ ->
HKCU: URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn0\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2006, 9, 29, 1 | Size = 440384 bytes | Modified Date = 29/09/2006 13:53:18 | Attr = ]
HKCU: ProxyEnable -> 0 ->
HKCU: ProxyOverride -> <local> ->
< Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
msn.com [ - ] -> ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 8.0.0.2006102200 | Size = 62080 bytes | Modified Date = 22/10/2006 23:08:42 | Attr = ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_11\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 440056 bytes | Modified Date = 15/12/2006 04:23:24 | Attr = ]
{7E853D72-626A-48EC-A868-BA8D5E23E045} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> %ProgramFiles%\Google\googletoolbar2.dll [Google Toolbar Helper] -> Google Inc. [Ver = 4, 0, 1020, 6156 | Size = 2133056 bytes | Modified Date = 17/11/2006 16:43:34 | Attr = R ]
< Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
{2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar2.dll [&Google] -> Google Inc. [Ver = 4, 0, 1020, 6156 | Size = 2133056 bytes | Modified Date = 17/11/2006 16:43:34 | Attr = R ]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn0\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2006, 9, 29, 1 | Size = 440384 bytes | Modified Date = 29/09/2006 13:53:18 | Attr = ]
< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar2.dll [&Google] -> Google Inc. [Ver = 4, 0, 1020, 6156 | Size = 2133056 bytes | Modified Date = 17/11/2006 16:43:34 | Attr = R ]
WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn0\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2006, 9, 29, 1 | Size = 440384 bytes | Modified Date = 29/09/2006 13:53:18 | Attr = ]
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_11\bin\npjpi150_11.dll [MenuText: Console Java (Sun)] -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 75528 bytes | Modified Date = 15/12/2006 04:23:26 | Attr = ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKCU] -> %ProgramFiles%\Java\jre1.5.0_11\bin\ssv.dll [MenuText: Console Java (Sun)] -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 440056 bytes | Modified Date = 15/12/2006 04:23:24 | Attr = ]
{2670000A-7350-4f3c-8081-5663EE0C6C49} -> Reg Data - Value does not exist [ButtonText: Send to OneNote] -> File not found
{85d1f590-48f4-11d9-9669-0800200c9a66} [HKLM] -> Reg Data - Key not found [MenuText: Uninstall BitDefender Online Scanner v8] -> File not found
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> Reg Data - Value does not exist [ButtonText: Research] -> File not found
{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -> Reg Data - Value does not exist [ButtonText: Real.com] -> File not found
{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> Reg Data - Key not found [MenuText: @xpsp3res.dll,-20001] -> File not found
{F4430FE8-2638-42e5-B849-800749B94EED} -> %ProgramFiles%\PartyGaming.Net\PartyPokerNet\RunPF.exe [ButtonText: PartyPoker.net] -> File not found
< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
&Windows Live Search -> %ProgramFiles%\Windows Live Toolbar\msntb.dll\search.htm -> File not found
E&xport to Microsoft Excel -> -> File not found
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{30190A9B-4FA1-4E89-AB4C-B1DC80FB2D7D} -> (Carte réseau 1394) ->
{559DE7D7-B76B-448F-9B3B-4F37AF21FFD7} -> (Realtek RTL8139/810x Family Fast Ethernet NIC) ->
{D35D3FA1-AA7A-4FCE-B06B-C9F48709D5EC} -> (SAGEM Wi-Fi 11g USB adapter) ->
{E2BC7829-F509-4E5A-8E73-46F5D037BD49} -> () ->
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
belarc -> %ProgramFiles%\Belarc\Advisor\System\BAVoilaX.dll -> Belarc, Inc. [Ver = 7.2h | Size = 33280 bytes | Modified Date = 16/01/2007 19:30:02 | Attr = ]
bw+0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw+0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw-0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw00 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw00s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw-0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw10 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw10s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw20 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw20s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw30 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw30s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw40 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw40s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw50 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw50s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw60 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw60s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw70 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw70s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw80 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw80s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw90 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw90s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwa0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwa0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwb0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwb0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwc0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwc0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwd0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwd0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwe0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwe0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwf0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwf0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwfile-8876480 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwg0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwg0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwh0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwh0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwi0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwi0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwj0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwj0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwk0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwk0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwl0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwl0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwm0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwm0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwn0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwn0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwo0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwo0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwp0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwp0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwq0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwq0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwr0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwr0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bws0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bws0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwt0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwt0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwu0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwu0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwv0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwv0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bww0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bww0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwx0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwx0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwy0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwy0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwz0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwz0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
ipp -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found
offline-8876480 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} -> CKAVWebScan Object - CodeBase = http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab ->
{166B1BCA-3F9C-11CF-8075-444553540000} -> Shockwave ActiveX Control - CodeBase = http://fpdownload.macromedia.com/get/shock...director/sw.cab ->
{215B8138-A3CF-44C5-803F-8226143CFC0A} -> Trend Micro ActiveX Scan Agent 6.6 - CodeBase = http://eu-housecall.trendmicro-europe.com/...ivex/hcImpl.cab ->
{5C051655-FCD5-4969-9182-770EA5AA5565} -> Solitaire Showdown Class - CodeBase = http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab ->
{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> BDSCANONLINE Control - CodeBase = http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.5.0_11 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->
{9A9307A0-7DA4-4DAF-B042-5009F29E09E1} -> ActiveScan Installer Class - CodeBase = http://acs.pandasoftware.com/activescan/as5free/asinst.cab ->
{A90A5822-F108-45AD-8482-9BC8B12DD539} -> Crucial cpcScan - CodeBase = http://www.crucial.com/controls/cpcScanner.cab ->
{C3F79A2B-B9B4-4A66-B012-3EE46475B072} -> MessengerStatsClient Class - CodeBase = http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab ->
{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_11 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_11 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} -> - CodeBase = http://fpdownload.macromedia.com/get/flash...ent/swflash.cab ->

[Registry - Additional Scans - Non-Microsoft Only]
< Security Settings > -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirstRunDisabled -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusDisableNotify -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallDisableNotify -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\UpdatesDisableNotify -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusOverride -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallOverride -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\\DisableMonitoring -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\\DisableMonitoring -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\Type -> 32 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\Start -> 3 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\ErrorControl -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\ImagePath -> %SystemRoot%\system32\svchost.exe -k netsvcs ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\DisplayName -> Service de transfert intelligent en arrière-plan ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\DependOnService -> RpcSs; ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\DependOnGroup -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\ObjectName -> LocalSystem ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\Description -> Transfère des données entre les clients et les serveurs en tâche de fond. Si le service BITS est désactivé, les fonctionnalités telles que Windows Update ne fonctionneront pas correctement. ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\FailureActions ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Parameters\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Parameters\\ServiceDll -> C:\WINDOWS\system32\qmgr.dll ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Security\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Security\\Security -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\\0 -> Root\LEGACY_BITS\0000 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\\Count -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\\NextInstance -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnGroup -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnService -> Netman;WinMgmt; ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Description -> Assure la traduction d'adresses de réseau, l'adressage, les services de résolution de noms et/ou les services de prévention d'intrusion pour un réseau de petite entreprise ou un réseau domestique. ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DisplayName -> Pare-feu Windows / Partage de connexion Internet ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ErrorControl -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ImagePath -> %SystemRoot%\system32\svchost.exe -k netsvcs ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ObjectName -> LocalSystem ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Start -> 2 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Type -> 32 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\\Epoch -> 5468 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\\ServiceDll -> %SystemRoot%\System32\ipnathlp.dll ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\msncall.exe -> C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe -> C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\AOL 9.0\waol.exe -> C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\Network Diagnostic\xpnetdiag.exe -> %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\msnmsgr.exe -> C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\livecall.exe -> C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\EnableFirewall -> 0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\DoNotAllowExceptions -> 0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\DisableNotifications -> 0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\AOL 9.0\aol.exe -> C:\Program Files\AOL 9.0\aol.exe:*:Enabled:AOL ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\system32\sessmgr.exe -> C:\WINDOWS\system32\sessmgr.exe:*:Enabled:@xpsp2res.dll,-22019 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\APPS\Inventime\my.exe -> C:\APPS\Inventime\my.exe:*:Enabled:INVENTIME ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\LimeWire\LimeWire.exe -> C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe -> C:\Program Files\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe:*:Enabled:PANDORA ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\APPS\skype\phone\Skype.exe -> C:\APPS\skype\phone\Skype.exe:*:Enabled:Skype ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\UBISOFT\Splinter Cell Pandora Tomorrow\logo_ubi.exe -> C:\Program Files\UBISOFT\Splinter Cell Pandora Tomorrow\logo_ubi.exe:*:Enabled:SPLINTER CELL PANDORA ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe -> C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\AOL 9.0\waol.exe -> C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\msncall.exe -> C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Messenger\msmsgs.exe -> C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Azureus\Azureus.exe -> C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\Network Diagnostic\xpnetdiag.exe -> %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\msnmsgr.exe -> C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\livecall.exe -> C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE -> C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Microsoft Office\Office12\GROOVE.EXE -> C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE -> C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\iTunes\iTunes.exe -> C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\2869:TCP -> 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\3389:TCP -> 3389:TCP:*:Enabled:@xpsp2res.dll,-22009 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\139:TCP -> 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\445:TCP -> 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\137:UDP -> 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\138:UDP -> 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\1900:UDP -> 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\\ServiceUpgrade -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\All -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\0 -> Root\LEGACY_SHAREDACCESS\0000 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\Count -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\NextInstance -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Type -> 32 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Start -> 2 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ErrorControl -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ImagePath -> %systemroot%\system32\svchost.exe -k netsvcs ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\DisplayName -> Mises à jour automatiques ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ObjectName -> LocalSystem ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Description -> Active le téléchargement et l'installation des mises à jour Windows. Si ce service est désactivé, cet ordinateur ne pourra pas utiliser la fonctionnalité des mises à jour automatiques ou le site Windows Update. ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\\ServiceDll -> C:\WINDOWS\system32\wuauserv.dll ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\\Security -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\0 -> Root\LEGACY_WUAUSERV\0000 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\Count -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\NextInstance -> 1 ->

[Files/Folders - Created Within 30 days]
Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Created Date = 24/06/2007 21:00:08 | Attr = HS]
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 1072222208 bytes | Created Date = 02/01/1601 23:00:00 | Attr = HS]
sqmdata06.sqm -> %SystemDrive%\sqmdata06.sqm -> [Ver = | Size = 268 bytes | Created Date = 14/06/2007 03:42:16 | Attr = H ]
sqmnoopt06.sqm -> %SystemDrive%\sqmnoopt06.sqm -> [Ver = | Size = 244 bytes | Created Date = 14/06/2007 03:42:16 | Attr = H ]
$NtUninstallKB929123$ -> %SystemRoot%\$NtUninstallKB929123$ -> [Folder | Created Date = 13/06/2007 15:32:11 | Attr = H ]
$NtUninstallKB935839$ -> %SystemRoot%\$NtUninstallKB935839$ -> [Folder | Created Date = 13/06/2007 15:29:00 | Attr = H ]
$NtUninstallKB935840$ -> %SystemRoot%\$NtUninstallKB935840$ -> [Folder | Created Date = 13/06/2007 15:32:02 | Attr = H ]
BDOSCAN8 -> %SystemRoot%\BDOSCAN8 -> [Folder | Created Date = 12/06/2007 15:20:03 | Attr = ]
msoffice.ini -> %SystemRoot%\msoffice.ini -> [Ver = | Size = 2 bytes | Created Date = 11/06/2007 06:32:48 | Attr = ]
Vérifier les mises à jour de Windows Live Toolbar.job -> %SystemRoot%\tasks\Vérifier les mises à jour de Windows Live Toolbar.job -> [Ver = | Size = 256 bytes | Created Date = 03/06/2007 02:02:53 | Attr = ]
fhqakduk.dat -> %System32%\fhqakduk.dat -> [Ver = | Size = 6814 bytes | Created Date = 22/06/2007 01:16:50 | Attr = ]
fhqakduk.exe -> %System32%\fhqakduk.exe -> [Ver = | Size = 280064 bytes | Created Date = 22/06/2007 01:16:40 | Attr = ]
fhqakduk_nav.dat -> %System32%\fhqakduk_nav.dat -> [Ver = | Size = 254865 bytes | Created Date = 22/06/2007 01:16:50 | Attr = ]
fhqakduk_navps.dat -> %System32%\fhqakduk_navps.dat -> [Ver = | Size = 1980 bytes | Created Date = 22/06/2007 01:16:50 | Attr = ]
AvgAsCln.sys -> %System32%\drivers\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 10872 bytes | Created Date = 25/06/2007 21:16:46 | Attr = ]
EnterNHelp -> %AllUsersAppData%\EnterNHelp -> [Folder | Created Date = 06/06/2007 08:40:32 | Attr = ]
Grisoft -> %AllUsersAppData%\Grisoft -> [Folder | Created Date = 25/06/2007 21:16:43 | Attr = ]
PKP_DLbz.DAT -> %AllUsersAppData%\PKP_DLbz.DAT -> [Ver = | Size = 0 bytes | Created Date = 06/06/2007 08:40:32 | Attr = ]
Ultima_T15 -> %AllUsersAppData%\Ultima_T15 -> [Folder | Created Date = 06/06/2007 08:40:32 | Attr = ]
Grisoft -> %UserAppData%\Grisoft -> [Folder | Created Date = 25/06/2007 21:17:35 | Attr = ]
Nikon -> %UserAppData%\Nikon -> [Folder | Created Date = 06/06/2007 08:22:40 | Attr = ]
Nikon -> %LocalAppData%\Nikon -> [Folder | Created Date = 25/06/2007 20:05:47 | Attr = ]
bookmark.htm -> %UserDocuments%\bookmark.htm -> [Ver = | Size = 12288 bytes | Created Date = 04/06/2007 17:26:51 | Attr = ]
Adobe Reader 8.lnk -> %AllUsersDesktop%\Adobe Reader 8.lnk -> [Ver = | Size = 1612 bytes | Created Date = 11/06/2007 22:05:42 | Attr = ]
AVG Anti-Spyware.lnk -> %AllUsersDesktop%\AVG Anti-Spyware.lnk -> [Ver = | Size = 728 bytes | Created Date = 25/06/2007 21:16:50 | Attr = ]
iTunes.lnk -> %AllUsersDesktop%\iTunes.lnk -> [Ver = | Size = 2055 bytes | Created Date = 30/05/2007 17:18:36 | Attr = ]
Logitech QuickCam.lnk -> %AllUsersDesktop%\Logitech QuickCam.lnk -> [Ver = | Size = 1547 bytes | Created Date = 12/06/2007 08:31:08 | Attr = ]
My Logitech Pictures.lnk -> %AllUsersDesktop%\My Logitech Pictures.lnk -> [Ver = | Size = 1558 bytes | Created Date = 12/06/2007 08:31:08 | Attr = ]
RegistryBooster 2.lnk -> %AllUsersDesktop%\RegistryBooster 2.lnk -> [Ver = | Size = 659 bytes | Created Date = 24/06/2007 19:56:17 | Attr = ]
Dossier d'archivage AOL sauvegardé -> %UserDesktop%\Dossier d'archivage AOL sauvegardé -> [Folder | Created Date = 11/06/2007 06:32:48 | Attr = ]
Logitech Print Service.lnk -> %UserDesktop%\Logitech Print Service.lnk -> [Ver = | Size = 626 bytes | Created Date = 12/06/2007 08:30:17 | Attr = ]
OT.rtf -> %UserDesktop%\OT.rtf -> [Ver = | Size = 93069 bytes | Created Date = 25/06/2007 10:44:24 | Attr = ]
PCSX2 0.9.2 With BIOS and Memcard -> %UserDesktop%\PCSX2 0.9.2 With BIOS and Memcard -> [Folder | Created Date = 29/05/2007 14:40:59 | Attr = ]
stinger.exe -> %UserDesktop%\stinger.exe -> McAfee Inc. [Ver = 3.4.9 | Size = 1893383 bytes | Created Date = 12/06/2007 16:55:53 | Attr = ]
@Alternate Data Stream - 26 bytes -> %UserDesktop%\stinger.exe:Zone.Identifier ->
stinger.opt -> %UserDesktop%\stinger.opt -> [Ver = | Size = 22 bytes | Created Date = 12/06/2007 22:16:14 | Attr = ]
updater.bmp -> %UserDesktop%\updater.bmp -> [Ver = | Size = 3888054 bytes | Created Date = 12/06/2007 09:19:03 | Attr = ]
WinPFind3u -> %UserDesktop%\WinPFind3u -> [Folder | Created Date = 25/06/2007 07:45:39 | Attr = ]
Nikon -> %CommonProgramFiles%\Nikon -> [Folder | Created Date = 06/06/2007 08:22:02 | Attr = ]
ODBC -> %CommonProgramFiles%\ODBC -> [Folder | Created Date = 13/06/2007 15:28:17 | Attr = ]

[Files/Folders - Modified Within 30 days]
Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Modified Date = 26/06/2007 08:47:16 | Attr = HS]
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 1072222208 bytes | Modified Date = 26/06/2007 08:43:02 | Attr = HS]
hpfr3420.xml -> %SystemDrive%\hpfr3420.xml -> [Ver = | Size = 519 bytes | Modified Date = 25/06/2007 22:12:00 | Attr = ]
Program Files -> %ProgramFiles% -> [Folder | Modified Date = 25/06/2007 22:16:42 | Attr = R ]
sqmdata06.sqm -> %SystemDrive%\sqmdata06.sqm -> [Ver = | Size = 268 bytes | Modified Date = 14/06/2007 04:42:18 | Attr = H ]
sqmnoopt06.sqm -> %SystemDrive%\sqmnoopt06.sqm -> [Ver = | Size = 244 bytes | Modified Date = 14/06/2007 04:42:18 | Attr = H ]
WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 26/06/2007 08:46:40 | Attr = ]
$hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 13/06/2007 04:24:16 | Attr = H ]
$NtUninstallKB929123$ -> %SystemRoot%\$NtUninstallKB929123$ -> [Folder | Modified Date = 13/06/2007 16:32:14 | Attr = H ]
$NtUninstallKB935839$ -> %SystemRoot%\$NtUninstallKB935839$ -> [Folder | Modified Date = 13/06/2007 16:29:02 | Attr = H ]
$NtUninstallKB935840$ -> %SystemRoot%\$NtUninstallKB935840$ -> [Folder | Modified Date = 13/06/2007 16:32:04 | Attr = H ]
assembly -> %SystemRoot%\assembly -> [Folder | Modified Date = 24/06/2007 20:23:48 | Attr = R S]
BDOSCAN8 -> %SystemRoot%\BDOSCAN8 -> [Folder | Modified Date = 14/06/2007 14:53:54 | Attr = ]
bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 26/06/2007 08:43:08 | Attr = S]
Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 22/06/2007 01:46:00 | Attr = ]
ie7updates -> %SystemRoot%\ie7updates -> [Folder | Modified Date = 14/06/2007 06:54:38 | Attr = ]
inf -> %SystemRoot%\inf -> [Folder | Modified Date = 24/06/2007 20:00:48 | Attr = ]
Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 26/06/2007 08:47:04 | Attr = HS]
Minidump -> %SystemRoot%\Minidump -> [Folder | Modified Date = 11/06/2007 07:31:08 | Attr = ]
msoffice.ini -> %SystemRoot%\msoffice.ini -> [Ver = | Size = 2 bytes | Modified Date = 11/06/2007 07:32:50 | Attr = ]
NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = | Size = 116 bytes | Modified Date = 26/06/2007 08:45:36 | Attr = ]
network diagnostic -> %SystemRoot%\network diagnostic -> [Folder | Modified Date = 05/06/2007 23:51:18 | Attr = ]
PREFETCH -> %SystemRoot%\PREFETCH -> [Folder | Modified Date = 25/06/2007 22:22:32 | Attr = ]
Registration -> %SystemRoot%\Registration -> [Folder | Modified Date = 24/06/2007 19:59:34 | Attr = ]
security -> %SystemRoot%\security -> [Folder | Modified Date = 24/06/2007 21:12:52 | Attr = ]
system32 -> %System32% -> [Folder | Modified Date = 25/06/2007 22:11:44 | Attr = ]
Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 22/06/2007 02:21:06 | Attr = ]
Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 26/06/2007 08:47:04 | Attr = ]
win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 883 bytes | Modified Date = 11/06/2007 07:33:04 | Attr = ]
_delis32.ini -> %SystemRoot%\_delis32.ini -> [Ver = | Size = 528 bytes | Modified Date = 12/06/2007 09:30:40 | Attr = ]
1-Klick-Wartung.job -> %SystemRoot%\tasks\1-Klick-Wartung.job -> [Ver = | Size = 406 bytes | Modified Date = 23/06/2007 00:11:00 | Attr = ]
AppleSoftwareUpdate.job -> %SystemRoot%\tasks\AppleSoftwareUpdate.job -> [Ver = | Size = 284 bytes | Modified Date = 20/06/2007 17:07:06 | Attr = ]
Extension de garantie.job -> %SystemRoot%\tasks\Extension de garantie.job -> [Ver = | Size = 230 bytes | Modified Date = 25/06/2007 19:30:04 | Attr = ]
FRU Task #Hewlett-Packard#hp psc 1200 series#1177201252.job -> %SystemRoot%\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1177201252.job -> [Ver = | Size = 392 bytes | Modified Date = 22/06/2007 02:21:06 | Attr = ]
Master CD_DVD Creator.job -> %SystemRoot%\tasks\Master CD_DVD Creator.job -> [Ver = | Size = 230 bytes | Modified Date = 25/06/2007 19:30:08 | Attr = ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 26/06/2007 08:43:20 | Attr = H ]
Vérifier les mises à jour de Windows Live Toolbar.job -> %SystemRoot%\tasks\Vérifier les mises à jour de Windows Live Toolbar.job -> [Ver = | Size = 256 bytes | Modified Date = 25/06/2007 22:37:06 | Attr = ]
ActiveScan -> %System32%\ActiveScan -> [Folder | Modified Date = 12/06/2007 11:24:02 | Attr = ]
CatRoot -> %System32%\CatRoot -> [Folder | Modified Date = 12/06/2007 09:31:56 | Attr = ]
CatRoot2 -> %System32%\CatRoot2 -> [Folder | Modified Date = 26/06/2007 08:44:00 | Attr = ]
dllcache -> %System32%\dllcache -> [Folder | Modified Date = 14/06/2007 06:54:50 | Attr = ]
drivers -> %System32%\drivers -> [Folder | Modified Date = 25/06/2007 22:16:48 | Attr = ]
fhqakduk.dat -> %System32%\fhqakduk.dat -> [Ver = | Size = 6814 bytes | Modified Date = 25/06/2007 23:53:42 | Attr = ]
fhqakduk.exe -> %System32%\fhqakduk.exe -> [Ver = | Size = 280064 bytes | Modified Date = 22/06/2007 02:16:42 | Attr = ]
fhqakduk_nav.dat -> %System32%\fhqakduk_nav.dat -> [Ver = | Size = 254865 bytes | Modified Date = 22/06/2007 02:16:42 | Attr = ]
fhqakduk_navps.dat -> %System32%\fhqakduk_navps.dat -> [Ver = | Size = 1980 bytes | Modified Date = 25/06/2007 23:53:32 | Attr = ]
Help.ico -> %System32%\Help.ico -> [Ver = | Size = 1406 bytes | Modified Date = 12/06/2007 11:31:58 | Attr = ]
Lang -> %System32%\Lang -> [Folder | Modified Date = 26/06/2007 08:45:14 | Attr = ]
nvapps.xml -> %System32%\nvapps.xml -> [Ver = | Size = 51048 bytes | Modified Date = 26/06/2007 08:45:40 | Attr = ]
pavas.ico -> %System32%\pavas.ico -> [Ver = | Size = 30590 bytes | Modified Date = 12/06/2007 11:31:58 | Attr = ]
Uninstall.ico -> %System32%\Uninstall.ico -> [Ver = | Size = 2550 bytes | Modified Date = 12/06/2007 11:31:58 | Attr = ]
wpa.dbl -> %System32%\wpa.dbl -> [Ver = | Size = 1158 bytes | Modified Date = 26/06/2007 08:44:12 | Attr = ]
AvgAsCln.sys -> %System32%\drivers\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 10872 bytes | Modified Date = 30/05/2007 14:10:42 | Attr = ]
fwdrv.err -> %System32%\drivers\fwdrv.err -> [Ver = | Size = 3660844 bytes | Modified Date = 25/06/2007 22:18:54 | Attr = ]
Adobe -> %AllUsersAppData%\Adobe -> [Folder | Modified Date = 11/06/2007 23:05:38 | Attr = ]
AOL -> %AllUsersAppData%\AOL -> [Folder | Modified Date = 11/06/2007 07:33:02 | Attr = ]
EnterNHelp -> %AllUsersAppData%\EnterNHelp -> [Folder | Modified Date = 06/06/2007 09:40:34 | Attr = ]
Grisoft -> %AllUsersAppData%\Grisoft -> [Folder | Modified Date = 25/06/2007 22:16:44 | Attr = ]
Microsoft -> %AllUsersAppData%\Microsoft -> [Folder | Modified Date = 24/06/2007 20:56:18 | Attr = S]
Microsoft Corporation -> %AllUsersAppData%\Microsoft Corporation -> [Folder | Modified Date = 11/06/2007 23:07:26 | Attr = ]
Microsoft Help -> %AllUsersAppData%\Microsoft Help -> [Folder | Modified Date = 13/06/2007 16:32:44 | Attr = ]
PKP_DLbz.DAT -> %AllUsersAppData%\PKP_DLbz.DAT -> [Ver = | Size = 0 bytes | Modified Date = 06/06/2007 09:40:34 | Attr = ]
Ultima_T15 -> %AllUsersAppData%\Ultima_T15 -> [Folder | Modified Date = 06/06/2007 09:40:34 | Attr = ]
Azureus -> %UserAppData%\Azureus -> [Folder | Modified Date = 25/06/2007 23:22:40 | Attr = ]
dvdcss -> %UserAppData%\dvdcss -> [Folder | Modified Date = 22/06/2007 01:38:40 | Attr = ]
Grisoft -> %UserAppData%\Grisoft -> [Folder | Modified Date = 25/06/2007 22:17:36 | Attr = ]
Microsoft -> %UserAppData%\Microsoft -> [Folder | Modified Date = 12/06/2007 10:37:40 | Attr = S]
Nikon -> %UserAppData%\Nikon -> [Folder | Modified Date = 06/06/2007 09:22:42 | Attr = ]
SUPERAntiSpyware.com -> %UserAppData%\SUPERAntiSpyware.com -> [Folder | Modified Date = 24/06/2007 22:00:14 | Attr = ]
Uniblue -> %UserAppData%\Uniblue -> [Folder | Modified Date = 24/06/2007 20:56:28 | Attr = ]
ApplicationHistory -> %LocalAppData%\ApplicationHistory -> [Folder | Modified Date = 24/06/2007 20:49:34 | Attr = ]
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %LocalAppData%\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [Ver = | Size = 76288 bytes | Modified Date = 25/06/2007 21:15:22 | Attr = ]
IconCache.db -> %LocalAppData%\IconCache.db -> [Ver = | Size = 3769106 bytes | Modified Date = 25/06/2007 23:26:08 | Attr = H ]
Nikon -> %LocalAppData%\Nikon -> [Folder | Modified Date = 25/06/2007 21:05:48 | Attr = ]
Téléchargements AOL -> %AllUsersDocuments%\Téléchargements AOL -> [Folder | Modified Date = 11/06/2007 07:32:50 | Attr = ]
bookmark.htm -> %UserDocuments%\bookmark.htm -> [Ver = | Size = 12288 bytes | Modified Date = 04/06/2007 18:26:52 | Attr = ]
elodie -> %UserDocuments%\elodie -> [Folder | Modified Date = 11/06/2007 07:02:08 | Attr = ]
Ma musique -> %UserDocuments%\Ma musique -> [Folder | Modified Date = 25/06/2007 18:13:46 | Attr = R ]
Mes images -> %UserDocuments%\Mes images -> [Folder | Modified Date = 06/06/2007 09:43:58 | Attr = R ]
Mes vidéos -> %UserDocuments%\Mes vidéos -> [Folder | Modified Date = 25/06/2007 18:08:58 | Attr = R ]
My Sharing Folders.lnk -> %UserDocuments%\My Sharing Folders.lnk -> [Ver = | Size = 585 bytes | Modified Date = 25/06/2007 21:29:04 | Attr = ]
My Skype Pictures -> %UserDocuments%\My Skype Pictures -> [Folder | Modified Date = 12/06/2007 08:49:38 | Attr = ]
Neil CREESE -> %UserDocuments%\Neil CREESE -> [Folder | Modified Date = 25/06/2007 23:19:44 | Attr = ]
Updater5 -> %UserDocuments%\Updater5 -> [Folder | Modified Date = 11/06/2007 12:32:14 | Attr = ]
Adobe Reader 8.lnk -> %AllUsersDesktop%\Adobe Reader 8.lnk -> [Ver = | Size = 1612 bytes | Modified Date = 11/06/2007 23:05:44 | Attr = ]
AVG Anti-Spyware.lnk -> %AllUsersDesktop%\AVG Anti-Spyware.lnk -> [Ver = | Size = 728 bytes | Modified Date = 25/06/2007 22:16:52 | Attr = ]
iTunes.lnk -> %AllUsersDesktop%\iTunes.lnk -> [Ver = | Size = 2055 bytes | Modified Date = 25/06/2007 18:10:18 | Attr = ]
Logitech QuickCam.lnk -> %AllUsersDesktop%\Logitech QuickCam.lnk -> [Ver = | Size = 1547 bytes | Modified Date = 12/06/2007 09:31:10 | Attr = ]
My Logitech Pictures.lnk -> %AllUsersDesktop%\My Logitech Pictures.lnk -> [Ver = | Size = 1558 bytes | Modified Date = 12/06/2007 09:31:10 | Attr = ]
RegistryBooster 2.lnk -> %AllUsersDesktop%\RegistryBooster 2.lnk -> [Ver = | Size = 659 bytes | Modified Date = 24/06/2007 20:56:18 | Attr = ]
Dossier d'archivage AOL sauvegardé -> %UserDesktop%\Dossier d'archivage AOL sauvegardé -> [Folder | Modified Date = 11/06/2007 07:32:50 | Attr = ]
Logitech Print Service.lnk -> %UserDesktop%\Logitech Print Service.lnk -> [Ver = | Size = 626 bytes | Modified Date = 12/06/2007 09:30:18 | Attr = ]
OT.rtf -> %UserDesktop%\OT.rtf -> [Ver = | Size = 93069 bytes | Modified Date = 25/06/2007 11:44:26 | Attr = ]
PCSX2 0.9.2 With BIOS and Memcard -> %UserDesktop%\PCSX2 0.9.2 With BIOS and Memcard -> [Folder | Modified Date = 29/05/2007 15:41:12 | Attr = ]
Raccourcis Bureau non utilisés -> %UserDesktop%\Raccourcis Bureau non utilisés -> [Folder | Modified Date = 24/06/2007 21:22:54 | Attr = ]
bleep -> %UserDesktop%\bleep -> [Folder | Modified Date = 11/06/2007 21:54:16 | Attr = ]
stinger.exe -> %UserDesktop%\stinger.exe -> McAfee Inc. [Ver = 3.4.9 | Size = 1893383 bytes | Modified Date = 12/06/2007 17:56:12 | Attr = ]
@Alternate Data Stream - 26 bytes -> %UserDesktop%\stinger.exe:Zone.Identifier ->
stinger.opt -> %UserDesktop%\stinger.opt -> [Ver = | Size = 22 bytes | Modified Date = 12/06/2007 23:16:16 | Attr = ]
updater.bmp -> %UserDesktop%\updater.bmp -> [Ver = | Size = 3888054 bytes | Modified Date = 12/06/2007 10:19:04 | Attr = ]
WinPFind3u -> %UserDesktop%\WinPFind3u -> [Folder | Modified Date = 25/06/2007 23:53:42 | Attr = ]
Adobe -> %CommonProgramFiles%\Adobe -> [Folder | Modified Date = 11/06/2007 23:05:42 | Attr = ]
AOL -> %CommonProgramFiles%\AOL -> [Folder | Modified Date = 11/06/2007 07:33:28 | Attr = ]
FotoWire -> %CommonProgramFiles%\FotoWire -> [Folder | Modified Date = 12/06/2007 09:30:16 | Attr = ]
Nikon -> %CommonProgramFiles%\Nikon -> [Folder | Modified Date = 06/06/2007 09:22:16 | Attr = ]
ODBC -> %CommonProgramFiles%\ODBC -> [Folder | Modified Date = 13/06/2007 16:28:18 | Attr = ]
Symantec Shared -> %CommonProgramFiles%\Symantec Shared -> [Folder | Modified Date = 11/06/2007 07:33:28 | Attr = ]
System -> %CommonProgramFiles%\System -> [Folder | Modified Date = 13/06/2007 16:32:14 | Attr = ]
Wise Installation Wizard -> %CommonProgramFiles%\Wise Installation Wizard -> [Folder | Modified Date = 24/06/2007 22:00:12 | Attr = ]

[File String Scan - Non-Microsoft Only]
UPX! , UPX0 , -> %System32%\aswBoot.exe -> ALWIL Software [Ver = 4, 7, 997, 0 | Size = 745600 bytes | Modified Date = 30/04/2007 17:46:10 | Attr = ]
PEC2 , -> %System32%\dfrg.msc -> [Ver = | Size = 41131 bytes | Modified Date = 10/08/2004 14:00:00 | Attr = ]
UPX! , UPX0 , -> %System32%\pncrt.dll -> Real Networks, Inc [Ver = 6.0.0.0 | Size = 123392 bytes | Modified Date = 26/11/2003 01:32:02 | Attr = ]
Thawte Consulting , -> %System32%\pxdrv.dll -> Sonic Solutions [Ver = 1.01.83a | Size = 464552 bytes | Modified Date = 28/03/2006 11:01:00 | Attr = ]
Thawte Consulting , -> %System32%\rmoc3260.dll -> RealNetworks, Inc. [Ver = 6.0.9.2568 | Size = 185952 bytes | Modified Date = 02/03/2007 17:32:44 | Attr = ]
UPX! , UPX0 , -> %System32%\vbskpro2.ocx -> JB [Ver = 2.01 | Size = 412672 bytes | Modified Date = 09/08/2005 00:07:00 | Attr = ]
winsync , -> %System32%\wbdbase.deu -> [Ver = | Size = 1309184 bytes | Modified Date = 10/08/2004 14:00:00 | Attr = ]
WSUD , UPX0 , -> %System32%\dllcache\hwxjpn.dll -> [Ver = | Size = 13463552 bytes | Modified Date = 10/08/2004 14:00:00 | Attr = ]
File scan skipped for file %UserDocuments%\Sims2_1.daa -> File size too big (665936050 bytes) ->
File scan skipped for file %UserDocuments%\Sims2_2.daa -> File size too big (681615173 bytes) ->
@Alternate Data Stream - 26 bytes -> %UserDesktop%\6773251300-cd.exe:Zone.Identifier ->
File scan skipped for file %UserDesktop%\avl-hlgo.img -> File size too big (403075072 bytes) ->
UPX! , PEC2 , winsync , WSUD , UPX0 , Thawte Consulting , -> %UserDesktop%\OT.rtf -> [Ver = | Size = 93069 bytes | Modified Date = 25/06/2007 11:44:26 | Attr = ]
@Alternate Data Stream - 26 bytes -> %UserDesktop%\stinger.exe:Zone.Identifier ->
UPX! , UPX0 , -> %UserDesktop%\stinger.exe -> McAfee Inc. [Ver = 3.4.9 | Size = 1893383 bytes | Modified Date = 12/06/2007 17:56:12 | Attr = ]

< End of report >

#10 neil

neil
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:11:15 PM

Posted 26 June 2007 - 08:19 AM

hi OT
heres the WinPFind3u report but had to do it in safe mode!!!
hope it dosnt make a difference
neil

WinPFind3 logfile created on: 26/06/2007 09:39:27
WinPFind3U by OldTimer - Version 1.0.39 Folder = D:\Documents and Settings\creese\Bureau\WinPFind3u\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 7.0.5730.11)

1022,48 Mb Total Physical Memory | 771,76 Mb Available Physical Memory | 75,48% Memory free
2,40 Gb Paging File | 2,28 Gb Available in Paging File | 95,13% Paging File free
Paging file location(s): C:\pagefile.sys 0 0;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,99 Gb Total Space | 11,88 Gb Free Space | 39,62% Space Free
Drive D: | 241,65 Gb Total Space | 94,68 Gb Free Space | 39,18% Space Free
E: Drive not present or media not loaded
F: Drive not present or media not loaded

Computer Name: neil
Current User Name: creese
Logged in as Administrator.
Cannot determine boot mode.


[Processes - Non-Microsoft Only]
guard.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 30/05/2007 14:31:10 | Attr = ]
opxpapp.exe -> %SystemDrive%\APPS\Softex\OmniPass\OPXPApp.exe -> [Ver = | Size = 14848 bytes | Modified Date = 30/01/2006 08:47:50 | Attr = ]
winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> OldTimer Tools [Ver = 1.0.38.0 | Size = 322048 bytes | Modified Date = 23/06/2007 15:15:54 | Attr = ]

[Win32 Services - Non-Microsoft Only]
(Adobe LM Service) Adobe LM Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Adobe Systems Shared\Service\Adobelmsvc.exe -> Adobe Systems [Ver = 2.67.010 | Size = 72704 bytes | Modified Date = 17/04/2007 16:18:36 | Attr = ]
(aswUpdSv) avast! iAVS4 Control Service [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> ALWIL Software [Ver = 4, 7, 997, 0 | Size = 16512 bytes | Modified Date = 30/04/2007 17:29:56 | Attr = ]
(avast! Antivirus) avast! Antivirus [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> ALWIL Software [Ver = 4, 7, 997, 0 | Size = 132736 bytes | Modified Date = 30/04/2007 17:42:40 | Attr = ]
(avast! Mail Scanner) avast! Mail Scanner [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 7, 997, 0 | Size = 243328 bytes | Modified Date = 30/04/2007 18:04:38 | Attr = ]
(avast! Web Scanner) avast! Web Scanner [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 7, 997, 0 | Size = 345728 bytes | Modified Date = 30/04/2007 17:41:28 | Attr = ]
(AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 30/05/2007 14:31:10 | Attr = ]
(dmadmin) Service d'administration du Gestionnaire de disque logique [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 225280 bytes | Modified Date = 10/08/2004 14:00:00 | Attr = ]
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 04/04/2005 01:41:10 | Attr = ]
(iPod Service) Service de l'iPod [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Inc. [Ver = 7.2.0.34 | Size = 501312 bytes | Modified Date = 26/05/2007 12:45:46 | Attr = ]
(MSCSPTISRV) MSCSPTISRV [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\AVLib\MSCSPTISRV.exe -> Sony Corporation [Ver = 4.4.00.11241 | Size = 53337 bytes | Modified Date = 24/11/2005 17:03:22 | Attr = ]
(NBService) NBService [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Nero\Nero 7\Nero BackItUp\NBService.exe -> Nero AG [Ver = 2, 6, 6, 0 | Size = 724992 bytes | Modified Date = 09/10/2006 23:11:08 | Attr = ]
(NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Stopped] -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.8466 | Size = 143426 bytes | Modified Date = 28/04/2006 00:47:00 | Attr = ]
(omniserv) Softex OmniPass Service [Win32_Own | Auto | Stopped] -> %SystemDrive%\APPS\Softex\OmniPass\OmniServ.exe -> Softex Inc. [Ver = 1.0.0.1 | Size = 32768 bytes | Modified Date = 30/01/2006 08:47:48 | Attr = ]
(PACSPTISVR) PACSPTISVR [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\AVLib\PACSPTISVR.exe -> Sony Corporation [Ver = 4.4.00.11241 | Size = 53337 bytes | Modified Date = 24/11/2005 16:57:44 | Attr = ]
(Planificateur LiveUpdate automatique) Planificateur LiveUpdate automatique [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Symantec\LiveUpdate\ALUSchedulerSvc.exe -> File not found
(Pml Driver HPZ12) Pml Driver HPZ12 [Win32_Own | On_Demand | Stopped] -> %System32%\HPZipm12.exe -> HP [Ver = 6, 0, 0, 0 | Size = 65795 bytes | Modified Date = 09/03/2003 06:31:02 | Attr = R ]
(SPF4) Sunbelt Personal Firewall 4 [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Sunbelt Software\Personal Firewall\kpf4ss.exe -> Sunbelt Software [Ver = 4.5.916.0 | Size = 1234480 bytes | Modified Date = 26/04/2007 10:21:28 | Attr = ]
(SPTISRV) Sony SPTI Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\AVLib\SPTISRV.exe -> Sony Corporation [Ver = 4.4.00.11241 | Size = 69718 bytes | Modified Date = 24/11/2005 16:47:30 | Attr = ]
(Symantec Core LC) Symantec Core LC [Win32_Own | Auto | Stopped] -> %CommonProgramFiles%\Symantec Shared\CCPD-LC\symlcsvc.exe -> Symantec Corporation [Ver = 1.9.1.762 | Size = 1119888 bytes | Modified Date = 19/07/2006 21:44:50 | Attr = ]
(UleadBurningHelper) Ulead Burning Helper [Win32_Own | Auto | Stopped] -> %CommonProgramFiles%\Ulead Systems\DVD\ULCDRSvr.exe -> Ulead Systems, Inc. [Ver = 1, 0, 0, 4 | Size = 49152 bytes | Modified Date = 31/01/2005 09:45:20 | Attr = ]
(USBDeviceService) USBDeviceService [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe -> [Ver = 1, 0, 0, 1 | Size = 90112 bytes | Modified Date = 20/10/2005 06:15:00 | Attr = ]
(x10nets) X10 Device Network Service [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Common Files\X10\Common\X10nets.exe -> X10 [Ver = 1, 0, 0, 1 | Size = 20480 bytes | Modified Date = 12/11/2001 13:31:48 | Attr = ]

[Driver Services - Non-Microsoft Only]
(3xHybrid) 3xHybrid service [Kernel | On_Demand | Stopped] -> %System32%\drivers\3xHybrid.sys -> Philips Semiconductors GmbH [Ver = 1, 3, 3, 1 | Size = 825600 bytes | Modified Date = 17/04/2006 12:25:00 | Attr = ]
(Aavmker4) avast! Asynchronous Virus Monitor [Kernel | System | Stopped] -> %System32%\drivers\aavmker4.sys -> ALWIL Software [Ver = 4.7.997.0 | Size = 26888 bytes | Modified Date = 30/04/2007 17:37:24 | Attr = ]
(Abiosdsk) Abiosdsk [Kernel | Disabled | Stopped] -> -> File not found
(AFS2K) AFS2K [Kernel | System | Running] -> %System32%\drivers\AFS2K.SYS -> Oak Technology Inc. [Ver = 3.1.14.886 | Size = 82380 bytes | Modified Date = 22/04/2007 02:20:48 | Attr = ]
(AliIde) AliIde [Kernel | Boot | Running] -> %System32%\drivers\aliide.sys -> Acer Laboratories Inc. [Ver = 1.20 | Size = 5248 bytes | Modified Date = 17/08/2001 21:51:56 | Attr = ]
(amdagp) Pilote de filtre du bus AMD AGP [Kernel | Boot | Running] -> %System32%\drivers\AMDAGP.SYS -> Advanced Micro Devices, Inc. [Ver = 5.00 (xpsp_sp2_rtm.040803-2158) | Size = 43008 bytes | Modified Date = 03/08/2004 23:07:44 | Attr = ]
(asc) asc [Kernel | Boot | Running] -> %System32%\drivers\asc.sys -> Advanced System Products, Inc. [Ver = 2.9I-MS (XPClient.010817-1148) | Size = 26496 bytes | Modified Date = 17/08/2001 21:52:00 | Attr = ]
(asc3550) asc3550 [Kernel | Boot | Running] -> %System32%\drivers\asc3550.sys -> Advanced System Products, Inc. [Ver = 3.1E-MS (XPClient.010817-1148) | Size = 14848 bytes | Modified Date = 17/08/2001 21:51:58 | Attr = ]
(Aspi32) Aspi32 [Kernel | Auto | Stopped] -> %System32%\drivers\ASPI32.SYS -> Adaptec [Ver = 4.71 (0002) built by: WinDDK | Size = 16512 bytes | Modified Date = 17/07/2002 03:05:10 | Attr = ]
(aswMon2) avast! Standard Shield Support [File_System | Auto | Stopped] -> %System32%\drivers\aswmon2.sys -> ALWIL Software [Ver = 4.7.997.0 | Size = 94552 bytes | Modified Date = 30/04/2007 17:41:42 | Attr = ]
(aswRdr) aswRdr [Kernel | On_Demand | Stopped] -> %System32%\drivers\aswRdr.sys -> ALWIL Software [Ver = 4.7.997.0 | Size = 23416 bytes | Modified Date = 30/04/2007 17:39:42 | Attr = ]
(aswTdi) avast! Network Shield Support [Kernel | System | Running] -> %System32%\drivers\aswTdi.sys -> ALWIL Software [Ver = 4.7.997.0 | Size = 43176 bytes | Modified Date = 30/04/2007 17:38:52 | Attr = ]
(Atdisk) Atdisk [Kernel | Disabled | Stopped] -> -> File not found
(AVG Anti-Spyware Driver) AVG Anti-Spyware Driver [Kernel | System | Stopped] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.sys -> [Ver = | Size = 11000 bytes | Modified Date = 30/05/2007 14:10:42 | Attr = ]
(AvgAsCln) AVG Anti-Spyware Clean Driver [Kernel | System | Running] -> %System32%\drivers\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 10872 bytes | Modified Date = 30/05/2007 14:10:42 | Attr = ]
(BANTExt) Belarc SMBios Access [Kernel | System | Stopped] -> %System32%\drivers\BANTExt.sys -> [Ver = | Size = 3840 bytes | Modified Date = 07/04/2005 17:18:34 | Attr = ]
(Changer) Changer [Kernel | System | Stopped] -> -> File not found
(CmdIde) CmdIde [Kernel | Boot | Running] -> %System32%\drivers\cmdide.sys -> CMD Technology, Inc. [Ver = 2.0.7 (XPClient.010817-1148) | Size = 6656 bytes | Modified Date = 23/08/2001 17:04:44 | Attr = ]
(dac2w2k) dac2w2k [Kernel | Boot | Running] -> %System32%\drivers\dac2w2k.sys -> Mylex Corporation [Ver = 6.00-21 (XPClient.010817-1148) | Size = 179584 bytes | Modified Date = 17/08/2001 21:52:16 | Attr = ]
(dmboot) dmboot [Kernel | Disabled | Stopped] -> %System32%\drivers\dmboot.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 800256 bytes | Modified Date = 10/08/2004 14:00:00 | Attr = ]
(dmio) Pilote de Gestionnaire de disque logique [Kernel | Boot | Running] -> %System32%\drivers\dmio.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 154496 bytes | Modified Date = 10/08/2004 14:00:00 | Attr = ]
(dmload) dmload [Kernel | Boot | Running] -> %System32%\drivers\dmload.sys -> Microsoft Corp., Veritas Software. [Ver = 2600.0.503.0 | Size = 5888 bytes | Modified Date = 10/08/2004 14:00:00 | Attr = ]
(dtscsi) dtscsi [Kernel | On_Demand | Stopped] -> %System32%\drivers\dtscsi.sys -> DT Soft Ltd. [Ver = 4.03.0.0 built by: WinDDK | Size = 223128 bytes | Modified Date = 23/11/2006 02:28:42 | Attr = ]
(fwdrv) Firewall Driver [Kernel | System | Running] -> %System32%\drivers\fwdrv.sys -> Sunbelt Software [Ver = 4.3.182.0 | Size = 302000 bytes | Modified Date = 26/04/2007 10:21:30 | Attr = ]
(GEARAspiWDM) GEARAspiWDM [Kernel | On_Demand | Running] -> %System32%\drivers\GEARAspiWDM.sys -> GEAR Software Inc. [Ver = 2.0.6.1 | Size = 15664 bytes | Modified Date = 19/09/2006 16:44:04 | Attr = ]
(HdAudAddService) Microsoft UAA Function Driver for High Definition Audio Service [Kernel | On_Demand | Stopped] -> %System32%\drivers\Hdaudio.sys -> Windows ® Server 2003 DDK provider [Ver = 5.10.01.5013 built by: WinDDK | Size = 145920 bytes | Modified Date = 07/01/2005 17:07:16 | Attr = ]
(HDAudBus) Microsoft UAA Bus Driver for High Definition Audio [Kernel | On_Demand | Running] -> %System32%\drivers\Hdaudbus.sys -> Windows ® Server 2003 DDK provider [Ver = 5.10.01.5013 built by: WinDDK | Size = 138752 bytes | Modified Date = 07/01/2005 17:07:18 | Attr = ]
(HPZid412) IEEE-1284.4 Driver HPZid412 [Kernel | On_Demand | Stopped] -> %System32%\drivers\hpzid412.sys -> HP [Ver = 6, 0, 0, 0 | Size = 51024 bytes | Modified Date = 09/03/2003 06:31:00 | Attr = R ]
(HPZipr12) Print Class Driver for IEEE-1284.4 HPZipr12 [Kernel | On_Demand | Stopped] -> %System32%\drivers\HPZipr12.sys -> HP [Ver = 6, 0, 0, 0 | Size = 16080 bytes | Modified Date = 09/03/2003 06:31:02 | Attr = R ]
(HPZius12) USB to IEEE-1284.4 Translation Driver HPZius12 [Kernel | On_Demand | Stopped] -> %System32%\drivers\HPZius12.sys -> HP [Ver = 6, 0, 0, 0 | Size = 21456 bytes | Modified Date = 09/03/2003 06:31:02 | Attr = R ]
(imagedrv) imagedrv [Kernel | Boot | Running] -> %System32%\drivers\imagedrv.sys -> Ahead Software AG [Ver = 2.29.0.0 built by: WinDDK | Size = 5888 bytes | Modified Date = 15/08/2005 13:08:26 | Attr = ]
(imagesrv) imagesrv [Kernel | Boot | Running] -> %System32%\drivers\imagesrv.sys -> Ahead Software AG [Ver = 2.29.0.0 built by: WinDDK | Size = 127488 bytes | Modified Date = 15/08/2005 13:08:26 | Attr = ]
(IntcAzAudAddService) Service for Realtek HD Audio (WDM) [Kernel | On_Demand | Stopped] -> %System32%\drivers\RtkHDAud.Sys -> Realtek Semiconductor Corp. [Ver = 5.10.00.5200 built by: WinDDK | Size = 4123136 bytes | Modified Date = 09/12/2005 17:48:40 | Attr = ]
(khips) Kerio HIPS Driver [Kernel | System | Stopped] -> %System32%\drivers\khips.sys -> Sunbelt Software [Ver = 4.3.182.0 | Size = 72624 bytes | Modified Date = 26/04/2007 10:21:34 | Attr = ]
(lbrtfdc) lbrtfdc [Kernel | System | Stopped] -> -> File not found
(mcdbus) Driver for MagicISO SCSI Host Controller [Kernel | On_Demand | Running] -> %System32%\drivers\mcdbus.sys -> MagicISO, Inc. [Ver = 1.0.0.32 | Size = 92160 bytes | Modified Date = 22/09/2006 14:06:10 | Attr = ]
(mraid35x) mraid35x [Kernel | Boot | Running] -> %System32%\drivers\mraid35x.sys -> American Megatrends Inc. [Ver = 6.19 (XPClient.010817-1148) | Size = 17280 bytes | Modified Date = 17/08/2001 21:52:12 | Attr = ]
(nv) nv [Kernel | On_Demand | Stopped] -> %System32%\drivers\nv4_mini.sys -> NVIDIA Corporation [Ver = 6.14.10.8466 | Size = 3663040 bytes | Modified Date = 28/04/2006 00:47:00 | Attr = ]
(PCANDIS5) PCANDIS5 Protocol Driver [Kernel | On_Demand | Stopped] -> %System32%\PCANDIS5.SYS -> File not found
(PCIDump) PCIDump [Kernel | System | Stopped] -> -> File not found
(PDCOMP) PDCOMP [Kernel | On_Demand | Stopped] -> -> File not found
(PDFRAME) PDFRAME [Kernel | On_Demand | Stopped] -> -> File not found
(PDRELI) PDRELI [Kernel | On_Demand | Stopped] -> -> File not found
(PDRFRAME) PDRFRAME [Kernel | On_Demand | Stopped] -> -> File not found
(PhilCam8116) Logitech QuickCam Pro 3000(PID_08B0) [Kernel | On_Demand | Stopped] -> %System32%\drivers\CamDrL21.sys -> Logitech Inc. [Ver = 8.0.3.1110 | Size = 313216 bytes | Modified Date = 27/06/2003 05:08:38 | Attr = ]
(PLUsbbc2) High-Speed USB Bridge Cable Driver [Kernel | On_Demand | Stopped] -> %System32%\drivers\usbbc2.sys -> Prolific Technology Inc. [Ver = 2.0.0.20 | Size = 8960 bytes | Modified Date = 07/05/2003 15:54:38 | Attr = ]
(Ptilink) Pilote de liaison parallèle directe [Kernel | On_Demand | Running] -> %System32%\drivers\ptilink.sys -> Parallel Technologies, Inc. [Ver = 1.10 (XPClient.010817-1148) | Size = 17792 bytes | Modified Date = 10/08/2004 14:00:00 | Attr = ]
(PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %System32%\drivers\pxhelp20.sys -> Sonic Solutions [Ver = 2.03.32a | Size = 20640 bytes | Modified Date = 25/04/2005 02:03:00 | Attr = ]
(ql1080) ql1080 [Kernel | Boot | Running] -> %System32%\drivers\ql1080.sys -> QLogic Corporation [Ver = 3.04 | Size = 40320 bytes | Modified Date = 17/08/2001 21:52:20 | Attr = ]
(ql12160) ql12160 [Kernel | Boot | Running] -> %System32%\drivers\ql12160.sys -> QLogic Corporation [Ver = 7.13.02 (W64) | Size = 45312 bytes | Modified Date = 17/08/2001 21:52:20 | Attr = ]
(ql1280) ql1280 [Kernel | Boot | Running] -> %System32%\drivers\ql1280.sys -> QLogic Corporation [Ver = 7.13.01 (W2K) | Size = 49024 bytes | Modified Date = 17/08/2001 21:52:18 | Attr = ]
(RTL8023xp) Realtek 10/100/1000 NIC Family all in one NDIS XP Driver [Kernel | On_Demand | Stopped] -> %System32%\drivers\Rtnicxp.sys -> Realtek Semiconductor Corporation [Ver = 5,641,0209,2006 built by: WinDDK | Size = 81408 bytes | Modified Date = 27/02/2006 06:46:20 | Attr = ]
(rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C) [Kernel | On_Demand | Stopped] -> %System32%\drivers\RTL8139.sys -> Realtek Semiconductor Corporation [Ver = 5.398.613.2003 built by: WinDDK | Size = 20992 bytes | Modified Date = 03/08/2004 22:31:34 | Attr = ]
(SCDEmu) SCDEmu [Kernel | System | Stopped] -> %System32%\drivers\scdemu.sys -> PowerISO Computing, Inc. [Ver = 3, 0, 0, 0 | Size = 26844 bytes | Modified Date = 18/03/2006 04:25:00 | Attr = ]
(Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> %System32%\drivers\secdrv.sys -> [Ver = | Size = 27440 bytes | Modified Date = 10/08/2004 14:00:00 | Attr = ]
(SG762_XP) SAGEM 802.11g XG762 1211B Driver [Kernel | On_Demand | Running] -> %System32%\drivers\WlanBZXP.sys -> ZyDAS Technology Corporation [Ver = 6, 3, 0, 0 | Size = 402432 bytes | Modified Date = 22/12/2005 14:45:18 | Attr = ]
(Simbad) Simbad [Kernel | Disabled | Stopped] -> -> File not found
(sisagp) Filtre de bus AGP SIS [Kernel | Boot | Running] -> %System32%\drivers\SISAGP.SYS -> Silicon Integrated Systems Corporation [Ver = 5.12.01.2010 (xpsp_sp2_rtm.040803-2158) | Size = 41088 bytes | Modified Date = 03/08/2004 23:07:44 | Attr = ]
(Sparrow) Sparrow [Kernel | Boot | Running] -> %System32%\drivers\sparrow.sys -> Adaptec, Inc. [Ver = v2.0a (ReleaseBinaries.001205-1804) | Size = 19072 bytes | Modified Date = 17/08/2001 22:07:44 | Attr = ]
(sptd) sptd [Kernel | Boot | Running] -> %System32%\drivers\sptd.sys -> [Ver = | Size = 639224 bytes | Modified Date = 25/11/2006 02:59:50 | Attr = ]
(symc810) symc810 [Kernel | Boot | Running] -> %System32%\drivers\symc810.sys -> Symbios Logic Inc. [Ver = 5.1.2409.1 (ReleaseBinaries.001205-1804) | Size = 16256 bytes | Modified Date = 17/08/2001 22:07:34 | Attr = ]
(symc8xx) symc8xx [Kernel | Boot | Running] -> %System32%\drivers\symc8xx.sys -> LSI Logic [Ver = 5.1.2409.1 (ReleaseBinaries.001205-1804) | Size = 32640 bytes | Modified Date = 17/08/2001 22:07:36 | Attr = ]
(symlcbrd) symlcbrd [Kernel | Auto | Stopped] -> %System32%\drivers\symlcbrd.sys -> Symantec Corporation [Ver = 1.8.54.834 | Size = 10344 bytes | Modified Date = 19/07/2006 21:44:50 | Attr = ]
(sym_hi) sym_hi [Kernel | Boot | Running] -> %System32%\drivers\sym_hi.sys -> LSI Logic [Ver = 5.1.2462.0 (Lab01_N.010309-0027) | Size = 28384 bytes | Modified Date = 17/08/2001 22:07:40 | Attr = ]
(sym_u3) sym_u3 [Kernel | Boot | Running] -> %System32%\drivers\sym_u3.sys -> LSI Logic [Ver = 5.1.2462.0 (Lab01_N.010309-0027) | Size = 30688 bytes | Modified Date = 17/08/2001 22:07:42 | Attr = ]
(ultra) ultra [Kernel | Boot | Running] -> %System32%\drivers\ultra.sys -> Promise Technology, Inc. [Ver = 1.43 (version 0603) | Size = 36736 bytes | Modified Date = 17/08/2001 21:52:22 | Attr = ]
(wanatw) WAN Miniport (ATW) [Kernel | On_Demand | Stopped] -> system32\DRIVERS\wanatw4.sys -> File not found
(WDICA) WDICA [Kernel | On_Demand | Stopped] -> -> File not found
(X10Hid) X10 Hid Device [Kernel | On_Demand | Running] -> %System32%\drivers\x10hid.sys -> X10 Wireless Technology, Inc. [Ver = 3.0.0.198 | Size = 7040 bytes | Modified Date = 28/11/2005 10:45:16 | Attr = ]
(XUIF) X10 USB Wireless Transceiver [Kernel | On_Demand | Running] -> %System32%\drivers\x10ufx2.sys -> X10 Wireless Technology, Inc. [Ver = 3.0.0.187 | Size = 17792 bytes | Modified Date = 19/05/2005 15:52:58 | Attr = ]
(ZDCndis5) ZDCndis5 Protocol Driver [Kernel | On_Demand | Stopped] -> %System32%\ZDCndis5.SYS -> File not found
(ZDPNDIS5) ZDPNDIS5 NDIS Protocol Driver [Kernel | On_Demand | Stopped] -> %System32%\ZDPNDIS5.SYS -> File not found
(ZDPSp50) ZDPSp50 NDIS Protocol Driver [Kernel | On_Demand | Stopped] -> %System32%\drivers\ZDPSp50.sys -> Printing Communications Assoc., Inc. (PCAUSA) [Ver = 5.5.18.02 | Size = 17664 bytes | Modified Date = 18/01/2006 14:09:40 | Attr = ]

[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
!AVG Anti-Spyware -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 43 | Size = 6731312 bytes | Modified Date = 11/06/2007 11:25:42 | Attr = ]
ACTIVBOARD -> %SystemDrive%\APPS\ABOARD\ABOARD.EXE -> NEC Computers International [Ver = 1, 2, 0, 0 | Size = 24576 bytes | Modified Date = 02/05/2003 11:31:50 | Attr = ]
Adobe Reader Speed Launcher -> %ProgramFiles%\Adobe\Reader 8.0\Reader\Reader_sl.exe -> Adobe Systems Incorporated [Ver = 8.0.0.0 | Size = 40048 bytes | Modified Date = 11/05/2007 03:06:32 | Attr = ]
avast! -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe -> ALWIL Software [Ver = 4, 7, 997, 0 | Size = 75392 bytes | Modified Date = 30/04/2007 17:42:48 | Attr = ]
DetectorApp -> %ProgramFiles%\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe -> [Ver = 1, 0, 0, 6 | Size = 102400 bytes | Modified Date = 20/10/2005 06:15:00 | Attr = ]
High Definition Audio Property Page Shortcut -> %System32%\HdAShCut.exe -> Windows ® Server 2003 DDK provider [Ver = 5.10.01.5013 built by: WinDDK | Size = 61952 bytes | Modified Date = 07/01/2005 17:07:16 | Attr = ]
iTunesHelper -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Inc. [Ver = 7.2.0.34 | Size = 257088 bytes | Modified Date = 26/05/2007 12:45:54 | Attr = ]
LogitechGalleryRepair -> %ProgramFiles%\Logitech\Video\ISStart.exe -> Logitech Inc. [Ver = 8.0.3.1112 | Size = 188416 bytes | Modified Date = 30/06/2003 20:56:34 | Attr = ]
LogitechVideoRepair -> %ProgramFiles%\Logitech\Video\ISStart.exe -> Logitech Inc. [Ver = 8.0.3.1112 | Size = 188416 bytes | Modified Date = 30/06/2003 20:56:34 | Attr = ]
LogitechVideoTray -> %ProgramFiles%\Logitech\Video\LogiTray.exe -> Logitech Inc. [Ver = 8.0.3.1112 | Size = 65536 bytes | Modified Date = 30/06/2003 21:00:24 | Attr = ]
NvCplDaemon -> %System32%\nvcpl.dll [RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup] -> NVIDIA Corporation [Ver = 6.14.10.8466 | Size = 7573504 bytes | Modified Date = 28/04/2006 00:47:00 | Attr = ]
NvMediaCenter -> %System32%\nvmctray.dll [RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit] -> NVIDIA Corporation [Ver = 6.14.10.8466 | Size = 86016 bytes | Modified Date = 28/04/2006 00:47:00 | Attr = ]
OmniPass -> %SystemDrive%\APPS\Softex\OmniPass\scureapp.exe -> [Ver = 1, 0, 0, 1 | Size = 1978368 bytes | Modified Date = 30/01/2006 09:56:38 | Attr = ]
QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Inc. [Ver = 7.1.6 | Size = 282624 bytes | Modified Date = 27/04/2007 09:41:54 | Attr = ]
RTHDCPL -> %SystemRoot%\RTHDCPL.exe -> Realtek Semiconductor Corp. [Ver = 2.0.3.2 | Size = 15691264 bytes | Modified Date = 09/12/2005 16:49:42 | Attr = ]
tcactive -> %ProgramFiles%\The Cleaner\tca.exe -> MooSoft Development [Ver = 3.1.0.3073 | Size = 631808 bytes | Modified Date = 09/04/2004 10:26:36 | Attr = ]
tcmonitor -> %ProgramFiles%\The Cleaner\tcm.exe -> MooSoft Development [Ver = 2.1.0.2043 | Size = 388096 bytes | Modified Date = 13/03/2004 14:48:52 | Attr = ]
TkBellExe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.3760 | Size = 185896 bytes | Modified Date = 02/03/2007 17:32:18 | Attr = ]
< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ ->
IMAIL -> Installed = 1 ->
MAPI -> Installed = 1 ->
MSFS -> Installed = 1 ->
< Common Startup > -> D:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage ->
%AllUsersStartup%\hp psc 1000 series.lnk -> %ProgramFiles%\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe -> Hewlett-Packard Co. [Ver = 4.2.0.020 | Size = 147456 bytes | Modified Date = 06/04/2003 01:17:18 | Attr = ]
%AllUsersStartup%\hpoddt01.exe.lnk -> %ProgramFiles%\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe -> Hewlett-Packard [Ver = 1, 0, 0, 1 | Size = 28672 bytes | Modified Date = 06/04/2003 01:06:58 | Attr = ]
%AllUsersStartup%\Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk -> %ProgramFiles%\SAGEM WiFi manager\WLANUTL.EXE -> [Ver = 2, 5, 5, 1 | Size = 925696 bytes | Modified Date = 19/01/2006 16:54:34 | Attr = ]
< User Startup > -> D:\Documents and Settings\creese\Menu Démarrer\Programmes\Démarrage ->
%UserStartup%\Adobe Gamma.lnk -> %CommonProgramFiles%\Adobe\Calibration\Adobe Gamma Loader.exe -> Adobe Systems, Inc. [Ver = 1, 0, 0, 1 | Size = 113664 bytes | Modified Date = 16/03/2005 19:16:50 | Attr = ]
%UserStartup%\MagicDisc.lnk -> %ProgramFiles%\MagicDisc\MagicDisc.exe -> [Ver = | Size = 534016 bytes | Modified Date = 26/09/2006 09:59:14 | Attr = ]
< ShellExecuteHooks [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks ->
{57B86673-276A-48B2-BAE7-C6DBB3020EB8} [HKLM] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> GRISOFT s.r.o. [Ver = 7, 5, 1, 36 | Size = 79408 bytes | Modified Date = 30/05/2007 14:29:58 | Attr = ]
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon\Notify settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
OPXPGina -> %SystemDrive%\APPS\Softex\OmniPass\OPXPGina.dll -> [Ver = | Size = 49152 bytes | Modified Date = 30/01/2006 08:53:44 | Attr = ]
< CurrentVersion Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\InstallVisualStyle -> C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\InstallTheme -> C:\WINDOWS\Resources\Themes\Royale.theme ->
< CurrentVersion Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> •
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 0 ->
< HOSTS File > (31 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
127.0.0.1 localhost -> ->
< Internet Explorer Settings > -> ->
HKLM: Default_Page_URL -> http://uk.yahoo.com ->
HKLM: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKLM: Local Page -> %SystemRoot%\system32\blank.htm ->
HKLM: Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKLM: Start Page -> http://uk.yahoo.com ->
HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKLM: SearchAssistant -> http://www.google.com/ie ->
HKCU: Local Page -> C:\WINDOWS\system32\blank.htm ->
HKCU: Search Bar -> http://www.google.com/ie ->
HKCU: Search Page -> http://www.google.com ->
HKCU: Start Page -> http://www.demonoid.com/ ->
HKCU: URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn0\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2006, 9, 29, 1 | Size = 440384 bytes | Modified Date = 29/09/2006 13:53:18 | Attr = ]
HKCU: ProxyEnable -> 0 ->
HKCU: ProxyOverride -> <local> ->
< Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
msn.com [ - ] -> ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 8.0.0.2006102200 | Size = 62080 bytes | Modified Date = 22/10/2006 23:08:42 | Attr = ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_11\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 440056 bytes | Modified Date = 15/12/2006 04:23:24 | Attr = ]
{7E853D72-626A-48EC-A868-BA8D5E23E045} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> %ProgramFiles%\Google\googletoolbar2.dll [Google Toolbar Helper] -> Google Inc. [Ver = 4, 0, 1020, 6156 | Size = 2133056 bytes | Modified Date = 17/11/2006 16:43:34 | Attr = R ]
< Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
{2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar2.dll [&Google] -> Google Inc. [Ver = 4, 0, 1020, 6156 | Size = 2133056 bytes | Modified Date = 17/11/2006 16:43:34 | Attr = R ]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn0\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2006, 9, 29, 1 | Size = 440384 bytes | Modified Date = 29/09/2006 13:53:18 | Attr = ]
< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar2.dll [&Google] -> Google Inc. [Ver = 4, 0, 1020, 6156 | Size = 2133056 bytes | Modified Date = 17/11/2006 16:43:34 | Attr = R ]
WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn0\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2006, 9, 29, 1 | Size = 440384 bytes | Modified Date = 29/09/2006 13:53:18 | Attr = ]
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_11\bin\npjpi150_11.dll [MenuText: Console Java (Sun)] -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 75528 bytes | Modified Date = 15/12/2006 04:23:26 | Attr = ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKCU] -> %ProgramFiles%\Java\jre1.5.0_11\bin\ssv.dll [MenuText: Console Java (Sun)] -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 440056 bytes | Modified Date = 15/12/2006 04:23:24 | Attr = ]
{2670000A-7350-4f3c-8081-5663EE0C6C49} -> Reg Data - Value does not exist [ButtonText: Send to OneNote] -> File not found
{85d1f590-48f4-11d9-9669-0800200c9a66} [HKLM] -> Reg Data - Key not found [MenuText: Uninstall BitDefender Online Scanner v8] -> File not found
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> Reg Data - Value does not exist [ButtonText: Research] -> File not found
{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -> Reg Data - Value does not exist [ButtonText: Real.com] -> File not found
{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> Reg Data - Key not found [MenuText: @xpsp3res.dll,-20001] -> File not found
{F4430FE8-2638-42e5-B849-800749B94EED} -> %ProgramFiles%\PartyGaming.Net\PartyPokerNet\RunPF.exe [ButtonText: PartyPoker.net] -> File not found
< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
&Windows Live Search -> %ProgramFiles%\Windows Live Toolbar\msntb.dll\search.htm -> File not found
E&xport to Microsoft Excel -> -> File not found
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{30190A9B-4FA1-4E89-AB4C-B1DC80FB2D7D} -> (Carte réseau 1394) ->
{559DE7D7-B76B-448F-9B3B-4F37AF21FFD7} -> (Realtek RTL8139/810x Family Fast Ethernet NIC) ->
{D35D3FA1-AA7A-4FCE-B06B-C9F48709D5EC} -> (SAGEM Wi-Fi 11g USB adapter) ->
{E2BC7829-F509-4E5A-8E73-46F5D037BD49} -> () ->
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
belarc -> %ProgramFiles%\Belarc\Advisor\System\BAVoilaX.dll -> Belarc, Inc. [Ver = 7.2h | Size = 33280 bytes | Modified Date = 16/01/2007 19:30:02 | Attr = ]
bw+0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw+0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw-0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw00 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw00s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw-0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw10 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw10s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw20 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw20s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw30 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw30s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw40 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw40s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw50 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw50s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw60 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw60s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw70 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw70s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw80 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw80s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw90 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw90s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwa0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwa0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwb0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwb0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwc0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwc0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwd0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwd0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwe0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwe0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwf0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwf0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwfile-8876480 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwg0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwg0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwh0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwh0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwi0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwi0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwj0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwj0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwk0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwk0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwl0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwl0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwm0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwm0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwn0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwn0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwo0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwo0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwp0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwp0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwq0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwq0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwr0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwr0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bws0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bws0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwt0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwt0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwu0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwu0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwv0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwv0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bww0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bww0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwx0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwx0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwy0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwy0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwz0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwz0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
ipp -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found
offline-8876480 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} -> CKAVWebScan Object - CodeBase = http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab ->
{166B1BCA-3F9C-11CF-8075-444553540000} -> Shockwave ActiveX Control - CodeBase = http://fpdownload.macromedia.com/get/shock...director/sw.cab ->
{215B8138-A3CF-44C5-803F-8226143CFC0A} -> Trend Micro ActiveX Scan Agent 6.6 - CodeBase = http://eu-housecall.trendmicro-europe.com/...ivex/hcImpl.cab ->
{5C051655-FCD5-4969-9182-770EA5AA5565} -> Solitaire Showdown Class - CodeBase = http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab ->
{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> BDSCANONLINE Control - CodeBase = http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.5.0_11 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->
{9A9307A0-7DA4-4DAF-B042-5009F29E09E1} -> ActiveScan Installer Class - CodeBase = http://acs.pandasoftware.com/activescan/as5free/asinst.cab ->
{A90A5822-F108-45AD-8482-9BC8B12DD539} -> Crucial cpcScan - CodeBase = http://www.crucial.com/controls/cpcScanner.cab ->
{C3F79A2B-B9B4-4A66-B012-3EE46475B072} -> MessengerStatsClient Class - CodeBase = http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab ->
{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_11 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_11 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} -> - CodeBase = http://fpdownload.macromedia.com/get/flash...ent/swflash.cab ->

[Registry - Additional Scans - Non-Microsoft Only]
< Security Settings > -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirstRunDisabled -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusDisableNotify -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallDisableNotify -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\UpdatesDisableNotify -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusOverride -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallOverride -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\\DisableMonitoring -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\\DisableMonitoring -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\Type -> 32 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\Start -> 3 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\ErrorControl -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\ImagePath -> %SystemRoot%\system32\svchost.exe -k netsvcs ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\DisplayName -> Service de transfert intelligent en arrière-plan ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\DependOnService -> RpcSs; ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\DependOnGroup -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\ObjectName -> LocalSystem ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\Description -> Transfère des données entre les clients et les serveurs en tâche de fond. Si le service BITS est désactivé, les fonctionnalités telles que Windows Update ne fonctionneront pas correctement. ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\FailureActions ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Parameters\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Parameters\\ServiceDll -> C:\WINDOWS\system32\qmgr.dll ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Security\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Security\\Security -> _
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\\0 -> Root\LEGACY_BITS\0000 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\\Count -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\\NextInstance -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnGroup -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnService -> Netman;WinMgmt; ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Description -> Assure la traduction d'adresses de réseau, l'adressage, les services de résolution de noms et/ou les services de prévention d'intrusion pour un réseau de petite entreprise ou un réseau domestique. ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DisplayName -> Pare-feu Windows / Partage de connexion Internet ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ErrorControl -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ImagePath -> %SystemRoot%\system32\svchost.exe -k netsvcs ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ObjectName -> LocalSystem ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Start -> 2 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Type -> 32 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\\Epoch -> 5469 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\\ServiceDll -> %SystemRoot%\System32\ipnathlp.dll ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\msncall.exe -> C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe -> C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\AOL 9.0\waol.exe -> C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\Network Diagnostic\xpnetdiag.exe -> %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\msnmsgr.exe -> C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\livecall.exe -> C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\EnableFirewall -> 0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\DoNotAllowExceptions -> 0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\DisableNotifications -> 0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\AOL 9.0\aol.exe -> C:\Program Files\AOL 9.0\aol.exe:*:Enabled:AOL ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\system32\sessmgr.exe -> C:\WINDOWS\system32\sessmgr.exe:*:Enabled:@xpsp2res.dll,-22019 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\APPS\Inventime\my.exe -> C:\APPS\Inventime\my.exe:*:Enabled:INVENTIME ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\LimeWire\LimeWire.exe -> C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe -> C:\Program Files\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe:*:Enabled:PANDORA ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\APPS\skype\phone\Skype.exe -> C:\APPS\skype\phone\Skype.exe:*:Enabled:Skype ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\UBISOFT\Splinter Cell Pandora Tomorrow\logo_ubi.exe -> C:\Program Files\UBISOFT\Splinter Cell Pandora Tomorrow\logo_ubi.exe:*:Enabled:SPLINTER CELL PANDORA ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe -> C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\AOL 9.0\waol.exe -> C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\msncall.exe -> C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Messenger\msmsgs.exe -> C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Azureus\Azureus.exe -> C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\Network Diagnostic\xpnetdiag.exe -> %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\msnmsgr.exe -> C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\livecall.exe -> C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE -> C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Microsoft Office\Office12\GROOVE.EXE -> C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE -> C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\iTunes\iTunes.exe -> C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\2869:TCP -> 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\3389:TCP -> 3389:TCP:*:Enabled:@xpsp2res.dll,-22009 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\139:TCP -> 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\445:TCP -> 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\137:UDP -> 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\138:UDP -> 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\1900:UDP -> 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\\ServiceUpgrade -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\All -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\0 -> Root\LEGACY_SHAREDACCESS\0000 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\Count -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\NextInstance -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Type -> 32 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Start -> 2 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ErrorControl -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ImagePath -> %systemroot%\system32\svchost.exe -k netsvcs ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\DisplayName -> Mises à jour automatiques ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ObjectName -> LocalSystem ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Description -> Active le téléchargement et l'installation des mises à jour Windows. Si ce service est désactivé, cet ordinateur ne pourra pas utiliser la fonctionnalité des mises à jour automatiques ou le site Windows Update. ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\\ServiceDll -> C:\WINDOWS\system32\wuauserv.dll ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\\Security -> _
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\0 -> Root\LEGACY_WUAUSERV\0000 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\Count -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\NextInstance -> 1 ->

[Files/Folders - Created Within 30 days]
sqmdata06.sqm -> %SystemDrive%\sqmdata06.sqm -> [Ver = | Size = 268 bytes | Created Date = 14/06/2007 03:42:16 | Attr = H ]
sqmnoopt06.sqm -> %SystemDrive%\sqmnoopt06.sqm -> [Ver = | Size = 244 bytes | Created Date = 14/06/2007 03:42:16 | Attr = H ]
$NtUninstallKB929123$ -> %SystemRoot%\$NtUninstallKB929123$ -> [Folder | Created Date = 13/06/2007 15:32:11 | Attr = H ]
$NtUninstallKB935839$ -> %SystemRoot%\$NtUninstallKB935839$ -> [Folder | Created Date = 13/06/2007 15:29:00 | Attr = H ]
$NtUninstallKB935840$ -> %SystemRoot%\$NtUninstallKB935840$ -> [Folder | Created Date = 13/06/2007 15:32:02 | Attr = H ]
BDOSCAN8 -> %SystemRoot%\BDOSCAN8 -> [Folder | Created Date = 12/06/2007 15:20:03 | Attr = ]
msoffice.ini -> %SystemRoot%\msoffice.ini -> [Ver = | Size = 2 bytes | Created Date = 11/06/2007 06:32:48 | Attr = ]
Vérifier les mises à jour de Windows Live Toolbar.job -> %SystemRoot%\tasks\Vérifier les mises à jour de Windows Live Toolbar.job -> [Ver = | Size = 256 bytes | Created Date = 03/06/2007 02:02:53 | Attr = ]
fhqakduk.dat -> %System32%\fhqakduk.dat -> [Ver = | Size = 6814 bytes | Created Date = 22/06/2007 01:16:50 | Attr = ]
fhqakduk.exe -> %System32%\fhqakduk.exe -> [Ver = | Size = 280064 bytes | Created Date = 22/06/2007 01:16:40 | Attr = ]
fhqakduk_nav.dat -> %System32%\fhqakduk_nav.dat -> [Ver = | Size = 254865 bytes | Created Date = 22/06/2007 01:16:50 | Attr = ]
fhqakduk_navps.dat -> %System32%\fhqakduk_navps.dat -> [Ver = | Size = 1980 bytes | Created Date = 22/06/2007 01:16:50 | Attr = ]
AvgAsCln.sys -> %System32%\drivers\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 10872 bytes | Created Date = 25/06/2007 21:16:46 | Attr = ]
EnterNHelp -> %AllUsersAppData%\EnterNHelp -> [Folder | Created Date = 06/06/2007 08:40:32 | Attr = ]
Grisoft -> %AllUsersAppData%\Grisoft -> [Folder | Created Date = 25/06/2007 21:16:43 | Attr = ]
PKP_DLbz.DAT -> %AllUsersAppData%\PKP_DLbz.DAT -> [Ver = | Size = 0 bytes | Created Date = 06/06/2007 08:40:32 | Attr = ]
Ultima_T15 -> %AllUsersAppData%\Ultima_T15 -> [Folder | Created Date = 06/06/2007 08:40:32 | Attr = ]
Grisoft -> %UserAppData%\Grisoft -> [Folder | Created Date = 25/06/2007 21:17:35 | Attr = ]
Nikon -> %UserAppData%\Nikon -> [Folder | Created Date = 06/06/2007 08:22:40 | Attr = ]
Nikon -> %LocalAppData%\Nikon -> [Folder | Created Date = 25/06/2007 20:05:47 | Attr = ]
bookmark.htm -> %UserDocuments%\bookmark.htm -> [Ver = | Size = 12288 bytes | Created Date = 04/06/2007 17:26:51 | Attr = ]
Adobe Reader 8.lnk -> %AllUsersDesktop%\Adobe Reader 8.lnk -> [Ver = | Size = 1612 bytes | Created Date = 11/06/2007 22:05:42 | Attr = ]
AVG Anti-Spyware.lnk -> %AllUsersDesktop%\AVG Anti-Spyware.lnk -> [Ver = | Size = 728 bytes | Created Date = 25/06/2007 21:16:50 | Attr = ]
iTunes.lnk -> %AllUsersDesktop%\iTunes.lnk -> [Ver = | Size = 2055 bytes | Created Date = 30/05/2007 17:18:36 | Attr = ]
Logitech QuickCam.lnk -> %AllUsersDesktop%\Logitech QuickCam.lnk -> [Ver = | Size = 1547 bytes | Created Date = 12/06/2007 08:31:08 | Attr = ]
My Logitech Pictures.lnk -> %AllUsersDesktop%\My Logitech Pictures.lnk -> [Ver = | Size = 1558 bytes | Created Date = 12/06/2007 08:31:08 | Attr = ]
RegistryBooster 2.lnk -> %AllUsersDesktop%\RegistryBooster 2.lnk -> [Ver = | Size = 659 bytes | Created Date = 24/06/2007 19:56:17 | Attr = ]
Dossier d'archivage AOL sauvegardé -> %UserDesktop%\Dossier d'archivage AOL sauvegardé -> [Folder | Created Date = 11/06/2007 06:32:48 | Attr = ]
Logitech Print Service.lnk -> %UserDesktop%\Logitech Print Service.lnk -> [Ver = | Size = 626 bytes | Created Date = 12/06/2007 08:30:17 | Attr = ]
OT.rtf -> %UserDesktop%\OT.rtf -> [Ver = | Size = 93069 bytes | Created Date = 25/06/2007 10:44:24 | Attr = ]
PCSX2 0.9.2 With BIOS and Memcard -> %UserDesktop%\PCSX2 0.9.2 With BIOS and Memcard -> [Folder | Created Date = 29/05/2007 14:40:59 | Attr = ]
stinger.exe -> %UserDesktop%\stinger.exe -> McAfee Inc. [Ver = 3.4.9 | Size = 1893383 bytes | Created Date = 12/06/2007 16:55:53 | Attr = ]
@Alternate Data Stream - 26 bytes -> %UserDesktop%\stinger.exe:Zone.Identifier ->
stinger.opt -> %UserDesktop%\stinger.opt -> [Ver = | Size = 22 bytes | Created Date = 12/06/2007 22:16:14 | Attr = ]
updater.bmp -> %UserDesktop%\updater.bmp -> [Ver = | Size = 3888054 bytes | Created Date = 12/06/2007 09:19:03 | Attr = ]
WinPFind3u -> %UserDesktop%\WinPFind3u -> [Folder | Created Date = 25/06/2007 07:45:39 | Attr = ]
Nikon -> %CommonProgramFiles%\Nikon -> [Folder | Created Date = 06/06/2007 08:22:02 | Attr = ]
ODBC -> %CommonProgramFiles%\ODBC -> [Folder | Created Date = 13/06/2007 15:28:17 | Attr = ]

[Files/Folders - Modified Within 30 days]
hpfr3420.xml -> %SystemDrive%\hpfr3420.xml -> [Ver = | Size = 519 bytes | Modified Date = 25/06/2007 22:12:00 | Attr = ]
Program Files -> %ProgramFiles% -> [Folder | Modified Date = 25/06/2007 22:16:42 | Attr = R ]
sqmdata06.sqm -> %SystemDrive%\sqmdata06.sqm -> [Ver = | Size = 268 bytes | Modified Date = 14/06/2007 04:42:18 | Attr = H ]
sqmnoopt06.sqm -> %SystemDrive%\sqmnoopt06.sqm -> [Ver = | Size = 244 bytes | Modified Date = 14/06/2007 04:42:18 | Attr = H ]
WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 26/06/2007 09:33:58 | Attr = ]
$hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 13/06/2007 04:24:16 | Attr = H ]
$NtUninstallKB929123$ -> %SystemRoot%\$NtUninstallKB929123$ -> [Folder | Modified Date = 13/06/2007 16:32:14 | Attr = H ]
$NtUninstallKB935839$ -> %SystemRoot%\$NtUninstallKB935839$ -> [Folder | Modified Date = 13/06/2007 16:29:02 | Attr = H ]
$NtUninstallKB935840$ -> %SystemRoot%\$NtUninstallKB935840$ -> [Folder | Modified Date = 13/06/2007 16:32:04 | Attr = H ]
assembly -> %SystemRoot%\assembly -> [Folder | Modified Date = 24/06/2007 20:23:48 | Attr = R S]
BDOSCAN8 -> %SystemRoot%\BDOSCAN8 -> [Folder | Modified Date = 14/06/2007 14:53:54 | Attr = ]
bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 26/06/2007 09:38:30 | Attr = S]
Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 22/06/2007 01:46:00 | Attr = ]
ie7updates -> %SystemRoot%\ie7updates -> [Folder | Modified Date = 14/06/2007 06:54:38 | Attr = ]
inf -> %SystemRoot%\inf -> [Folder | Modified Date = 24/06/2007 20:00:48 | Attr = ]
Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 26/06/2007 09:34:12 | Attr = HS]
Minidump -> %SystemRoot%\Minidump -> [Folder | Modified Date = 11/06/2007 07:31:08 | Attr = ]
msoffice.ini -> %SystemRoot%\msoffice.ini -> [Ver = | Size = 2 bytes | Modified Date = 11/06/2007 07:32:50 | Attr = ]
NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = | Size = 116 bytes | Modified Date = 26/06/2007 08:45:36 | Attr = ]
network diagnostic -> %SystemRoot%\network diagnostic -> [Folder | Modified Date = 05/06/2007 23:51:18 | Attr = ]
PREFETCH -> %SystemRoot%\PREFETCH -> [Folder | Modified Date = 26/06/2007 08:59:40 | Attr = ]
Registration -> %SystemRoot%\Registration -> [Folder | Modified Date = 24/06/2007 19:59:34 | Attr = ]
security -> %SystemRoot%\security -> [Folder | Modified Date = 24/06/2007 21:12:52 | Attr = ]
system32 -> %System32% -> [Folder | Modified Date = 25/06/2007 22:11:44 | Attr = ]
Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 22/06/2007 02:21:06 | Attr = ]
Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 26/06/2007 08:47:30 | Attr = ]
win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 883 bytes | Modified Date = 11/06/2007 07:33:04 | Attr = ]
_delis32.ini -> %SystemRoot%\_delis32.ini -> [Ver = | Size = 528 bytes | Modified Date = 12/06/2007 09:30:40 | Attr = ]
1-Klick-Wartung.job -> %SystemRoot%\tasks\1-Klick-Wartung.job -> [Ver = | Size = 406 bytes | Modified Date = 23/06/2007 00:11:00 | Attr = ]
AppleSoftwareUpdate.job -> %SystemRoot%\tasks\AppleSoftwareUpdate.job -> [Ver = | Size = 284 bytes | Modified Date = 20/06/2007 17:07:06 | Attr = ]
Extension de garantie.job -> %SystemRoot%\tasks\Extension de garantie.job -> [Ver = | Size = 230 bytes | Modified Date = 26/06/2007 09:30:02 | Attr = ]
FRU Task #Hewlett-Packard#hp psc 1200 series#1177201252.job -> %SystemRoot%\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1177201252.job -> [Ver = | Size = 392 bytes | Modified Date = 22/06/2007 02:21:06 | Attr = ]
Master CD_DVD Creator.job -> %SystemRoot%\tasks\Master CD_DVD Creator.job -> [Ver = | Size = 230 bytes | Modified Date = 26/06/2007 09:30:04 | Attr = ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 26/06/2007 09:36:34 | Attr = H ]
Vérifier les mises à jour de Windows Live Toolbar.job -> %SystemRoot%\tasks\Vérifier les mises à jour de Windows Live Toolbar.job -> [Ver = | Size = 256 bytes | Modified Date = 25/06/2007 22:37:06 | Attr = ]
ActiveScan -> %System32%\ActiveScan -> [Folder | Modified Date = 12/06/2007 11:24:02 | Attr = ]
CatRoot -> %System32%\CatRoot -> [Folder | Modified Date = 12/06/2007 09:31:56 | Attr = ]
CatRoot2 -> %System32%\CatRoot2 -> [Folder | Modified Date = 26/06/2007 08:44:00 | Attr = ]
dllcache -> %System32%\dllcache -> [Folder | Modified Date = 14/06/2007 06:54:50 | Attr = ]
drivers -> %System32%\drivers -> [Folder | Modified Date = 25/06/2007 22:16:48 | Attr = ]
fhqakduk.dat -> %System32%\fhqakduk.dat -> [Ver = | Size = 6814 bytes | Modified Date = 25/06/2007 23:53:42 | Attr = ]
fhqakduk.exe -> %System32%\fhqakduk.exe -> [Ver = | Size = 280064 bytes | Modified Date = 22/06/2007 02:16:42 | Attr = ]
fhqakduk_nav.dat -> %System32%\fhqakduk_nav.dat -> [Ver = | Size = 254865 bytes | Modified Date = 22/06/2007 02:16:42 | Attr = ]
fhqakduk_navps.dat -> %System32%\fhqakduk_navps.dat -> [Ver = | Size = 1980 bytes | Modified Date = 25/06/2007 23:53:32 | Attr = ]
Help.ico -> %System32%\Help.ico -> [Ver = | Size = 1406 bytes | Modified Date = 12/06/2007 11:31:58 | Attr = ]
Lang -> %System32%\Lang -> [Folder | Modified Date = 26/06/2007 08:45:38 | Attr = ]
nvapps.xml -> %System32%\nvapps.xml -> [Ver = | Size = 51048 bytes | Modified Date = 26/06/2007 08:45:40 | Attr = ]
pavas.ico -> %System32%\pavas.ico -> [Ver = | Size = 30590 bytes | Modified Date = 12/06/2007 11:31:58 | Attr = ]
Uninstall.ico -> %System32%\Uninstall.ico -> [Ver = | Size = 2550 bytes | Modified Date = 12/06/2007 11:31:58 | Attr = ]
wpa.dbl -> %System32%\wpa.dbl -> [Ver = | Size = 1158 bytes | Modified Date = 26/06/2007 09:39:00 | Attr = ]
AvgAsCln.sys -> %System32%\drivers\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 10872 bytes | Modified Date = 30/05/2007 14:10:42 | Attr = ]
fwdrv.err -> %System32%\drivers\fwdrv.err -> [Ver = | Size = 3660844 bytes | Modified Date = 25/06/2007 22:18:54 | Attr = ]
Adobe -> %AllUsersAppData%\Adobe -> [Folder | Modified Date = 11/06/2007 23:05:38 | Attr = ]
AOL -> %AllUsersAppData%\AOL -> [Folder | Modified Date = 11/06/2007 07:33:02 | Attr = ]
EnterNHelp -> %AllUsersAppData%\EnterNHelp -> [Folder | Modified Date = 06/06/2007 09:40:34 | Attr = ]
Grisoft -> %AllUsersAppData%\Grisoft -> [Folder | Modified Date = 25/06/2007 22:16:44 | Attr = ]
Microsoft -> %AllUsersAppData%\Microsoft -> [Folder | Modified Date = 24/06/2007 20:56:18 | Attr = S]
Microsoft Corporation -> %AllUsersAppData%\Microsoft Corporation -> [Folder | Modified Date = 11/06/2007 23:07:26 | Attr = ]
Microsoft Help -> %AllUsersAppData%\Microsoft Help -> [Folder | Modified Date = 13/06/2007 16:32:44 | Attr = ]
PKP_DLbz.DAT -> %AllUsersAppData%\PKP_DLbz.DAT -> [Ver = | Size = 0 bytes | Modified Date = 06/06/2007 09:40:34 | Attr = ]
Ultima_T15 -> %AllUsersAppData%\Ultima_T15 -> [Folder | Modified Date = 06/06/2007 09:40:34 | Attr = ]
Azureus -> %UserAppData%\Azureus -> [Folder | Modified Date = 25/06/2007 23:22:40 | Attr = ]
dvdcss -> %UserAppData%\dvdcss -> [Folder | Modified Date = 22/06/2007 01:38:40 | Attr = ]
Grisoft -> %UserAppData%\Grisoft -> [Folder | Modified Date = 25/06/2007 22:17:36 | Attr = ]
Microsoft -> %UserAppData%\Microsoft -> [Folder | Modified Date = 12/06/2007 10:37:40 | Attr = S]
Nikon -> %UserAppData%\Nikon -> [Folder | Modified Date = 06/06/2007 09:22:42 | Attr = ]
SUPERAntiSpyware.com -> %UserAppData%\SUPERAntiSpyware.com -> [Folder | Modified Date = 24/06/2007 22:00:14 | Attr = ]
Uniblue -> %UserAppData%\Uniblue -> [Folder | Modified Date = 24/06/2007 20:56:28 | Attr = ]
ApplicationHistory -> %LocalAppData%\ApplicationHistory -> [Folder | Modified Date = 24/06/2007 20:49:34 | Attr = ]
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %LocalAppData%\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [Ver = | Size = 76288 bytes | Modified Date = 25/06/2007 21:15:22 | Attr = ]
IconCache.db -> %LocalAppData%\IconCache.db -> [Ver = | Size = 3769106 bytes | Modified Date = 25/06/2007 23:26:08 | Attr = H ]
Nikon -> %LocalAppData%\Nikon -> [Folder | Modified Date = 25/06/2007 21:05:48 | Attr = ]
Téléchargements AOL -> %AllUsersDocuments%\Téléchargements AOL -> [Folder | Modified Date = 11/06/2007 07:32:50 | Attr = ]
bookmark.htm -> %UserDocuments%\bookmark.htm -> [Ver = | Size = 12288 bytes | Modified Date = 04/06/2007 18:26:52 | Attr = ]
elodie -> %UserDocuments%\elodie -> [Folder | Modified Date = 11/06/2007 07:02:08 | Attr = ]
Ma musique -> %UserDocuments%\Ma musique -> [Folder | Modified Date = 25/06/2007 18:13:46 | Attr = R ]
Mes images -> %UserDocuments%\Mes images -> [Folder | Modified Date = 06/06/2007 09:43:58 | Attr = R ]
Mes vidéos -> %UserDocuments%\Mes vidéos -> [Folder | Modified Date = 25/06/2007 18:08:58 | Attr = R ]
My Sharing Folders.lnk -> %UserDocuments%\My Sharing Folders.lnk -> [Ver = | Size = 585 bytes | Modified Date = 25/06/2007 21:29:04 | Attr = ]
My Skype Pictures -> %UserDocuments%\My Skype Pictures -> [Folder | Modified Date = 12/06/2007 08:49:38 | Attr = ]
Neil CREESE -> %UserDocuments%\Neil CREESE -> [Folder | Modified Date = 25/06/2007 23:19:44 | Attr = ]
Updater5 -> %UserDocuments%\Updater5 -> [Folder | Modified Date = 11/06/2007 12:32:14 | Attr = ]
Adobe Reader 8.lnk -> %AllUsersDesktop%\Adobe Reader 8.lnk -> [Ver = | Size = 1612 bytes | Modified Date = 11/06/2007 23:05:44 | Attr = ]
AVG Anti-Spyware.lnk -> %AllUsersDesktop%\AVG Anti-Spyware.lnk -> [Ver = | Size = 728 bytes | Modified Date = 25/06/2007 22:16:52 | Attr = ]
iTunes.lnk -> %AllUsersDesktop%\iTunes.lnk -> [Ver = | Size = 2055 bytes | Modified Date = 25/06/2007 18:10:18 | Attr = ]
Logitech QuickCam.lnk -> %AllUsersDesktop%\Logitech QuickCam.lnk -> [Ver = | Size = 1547 bytes | Modified Date = 12/06/2007 09:31:10 | Attr = ]
My Logitech Pictures.lnk -> %AllUsersDesktop%\My Logitech Pictures.lnk -> [Ver = | Size = 1558 bytes | Modified Date = 12/06/2007 09:31:10 | Attr = ]
RegistryBooster 2.lnk -> %AllUsersDesktop%\RegistryBooster 2.lnk -> [Ver = | Size = 659 bytes | Modified Date = 24/06/2007 20:56:18 | Attr = ]
Dossier d'archivage AOL sauvegardé -> %UserDesktop%\Dossier d'archivage AOL sauvegardé -> [Folder | Modified Date = 11/06/2007 07:32:50 | Attr = ]
Logitech Print Service.lnk -> %UserDesktop%\Logitech Print Service.lnk -> [Ver = | Size = 626 bytes | Modified Date = 12/06/2007 09:30:18 | Attr = ]
OT.rtf -> %UserDesktop%\OT.rtf -> [Ver = | Size = 93069 bytes | Modified Date = 25/06/2007 11:44:26 | Attr = ]
PCSX2 0.9.2 With BIOS and Memcard -> %UserDesktop%\PCSX2 0.9.2 With BIOS and Memcard -> [Folder | Modified Date = 29/05/2007 15:41:12 | Attr = ]
Raccourcis Bureau non utilisés -> %UserDesktop%\Raccourcis Bureau non utilisés -> [Folder | Modified Date = 24/06/2007 21:22:54 | Attr = ]
bleep -> %UserDesktop%\bleep -> [Folder | Modified Date = 11/06/2007 21:54:16 | Attr = ]
stinger.exe -> %UserDesktop%\stinger.exe -> McAfee Inc. [Ver = 3.4.9 | Size = 1893383 bytes | Modified Date = 12/06/2007 17:56:12 | Attr = ]
@Alternate Data Stream - 26 bytes -> %UserDesktop%\stinger.exe:Zone.Identifier ->
stinger.opt -> %UserDesktop%\stinger.opt -> [Ver = | Size = 22 bytes | Modified Date = 12/06/2007 23:16:16 | Attr = ]
updater.bmp -> %UserDesktop%\updater.bmp -> [Ver = | Size = 3888054 bytes | Modified Date = 12/06/2007 10:19:04 | Attr = ]
WinPFind3u -> %UserDesktop%\WinPFind3u -> [Folder | Modified Date = 25/06/2007 23:53:42 | Attr = ]
Adobe -> %CommonProgramFiles%\Adobe -> [Folder | Modified Date = 11/06/2007 23:05:42 | Attr = ]
AOL -> %CommonProgramFiles%\AOL -> [Folder | Modified Date = 11/06/2007 07:33:28 | Attr = ]
FotoWire -> %CommonProgramFiles%\FotoWire -> [Folder | Modified Date = 12/06/2007 09:30:16 | Attr = ]
Nikon -> %CommonProgramFiles%\Nikon -> [Folder | Modified Date = 06/06/2007 09:22:16 | Attr = ]
ODBC -> %CommonProgramFiles%\ODBC -> [Folder | Modified Date = 13/06/2007 16:28:18 | Attr = ]
Symantec Shared -> %CommonProgramFiles%\Symantec Shared -> [Folder | Modified Date = 11/06/2007 07:33:28 | Attr = ]
System -> %CommonProgramFiles%\System -> [Folder | Modified Date = 13/06/2007 16:32:14 | Attr = ]
Wise Installation Wizard -> %CommonProgramFiles%\Wise Installation Wizard -> [Folder | Modified Date = 24/06/2007 22:00:12 | Attr = ]

[File String Scan - Non-Microsoft Only]
UPX! , UPX0 , -> %System32%\aswBoot.exe -> ALWIL Software [Ver = 4, 7, 997, 0 | Size = 745600 bytes | Modified Date = 30/04/2007 17:46:10 | Attr = ]
PEC2 , -> %System32%\dfrg.msc -> [Ver = | Size = 41131 bytes | Modified Date = 10/08/2004 14:00:00 | Attr = ]
UPX! , UPX0 , -> %System32%\pncrt.dll -> Real Networks, Inc [Ver = 6.0.0.0 | Size = 123392 bytes | Modified Date = 26/11/2003 01:32:02 | Attr = ]
Thawte Consulting , -> %System32%\pxdrv.dll -> Sonic Solutions [Ver = 1.01.83a | Size = 464552 bytes | Modified Date = 28/03/2006 11:01:00 | Attr = ]
Thawte Consulting , -> %System32%\rmoc3260.dll -> RealNetworks, Inc. [Ver = 6.0.9.2568 | Size = 185952 bytes | Modified Date = 02/03/2007 17:32:44 | Attr = ]
UPX! , UPX0 , -> %System32%\vbskpro2.ocx -> JB [Ver = 2.01 | Size = 412672 bytes | Modified Date = 09/08/2005 00:07:00 | Attr = ]
winsync , -> %System32%\wbdbase.deu -> [Ver = | Size = 1309184 bytes | Modified Date = 10/08/2004 14:00:00 | Attr = ]
WSUD , UPX0 , -> %System32%\dllcache\hwxjpn.dll -> [Ver = | Size = 13463552 bytes | Modified Date = 10/08/2004 14:00:00 | Attr = ]
File scan skipped for file %UserDocuments%\Sims2_1.daa -> File size too big (665936050 bytes) ->
File scan skipped for file %UserDocuments%\Sims2_2.daa -> File size too big (681615173 bytes) ->
@Alternate Data Stream - 26 bytes -> %UserDesktop%\6773251300-cd.exe:Zone.Identifier ->
File scan skipped for file %UserDesktop%\avl-hlgo.img -> File size too big (403075072 bytes) ->
UPX! , PEC2 , winsync , WSUD , UPX0 , Thawte Consulting , -> %UserDesktop%\OT.rtf -> [Ver = | Size = 93069 bytes | Modified Date = 25/06/2007 11:44:26 | Attr = ]
@Alternate Data Stream - 26 bytes -> %UserDesktop%\stinger.exe:Zone.Identifier ->
UPX! , UPX0 , -> %UserDesktop%\stinger.exe -> McAfee Inc. [Ver = 3.4.9 | Size = 1893383 bytes | Modified Date = 12/06/2007 17:56:12 | Attr = ]

< End of report >

#11 neil

neil
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:11:15 PM

Posted 26 June 2007 - 09:21 AM

hi OT

you asked for continuing problems with my computer.
i use a sit called http://www.demonoid.com/ and now my ie wont open the page,
plus i just tryed to open media center an got 2 messages

failure of l'inscription of the component certain essential files to read the radio or video data are missing or damaged l'inscription of the component media center can fail.



Failure d'un process essetiel. A process Media Center essential failed inexplicably. if the problem persists, start again computer and try again, or contact the services d'assistance technical. Code:3

tryed to send som screen shoots but wont paste or upload so the ruf translation above.
havent had any other probs yet.

thanks
neil

#12 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:06:15 PM

Posted 26 June 2007 - 11:35 AM

Hi neil. The log looks pretty good. The only thing I see of any interest are these 4 files:c:\windows\system32\fhqakduk.dat
c:\windows\system32\fhqakduk.exe
c:\windows\system32\fhqakduk_nav.dat
c:\windows\system32\fhqakduk_navps.dat
they don't look like they would be legitimate files but let's get some additional information about them.

Jotti Malware submission

We need to make sure all hidden files are showing so please:
  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View tab.
  • Under the Hidden files and folders heading select Show hidden files and folders.
  • Uncheck the Hide file extensions for known types option.
  • Uncheck the Hide protected operating system files (recommended) option.
  • Click Yes to confirm.
  • Click OK.
Go to the Jotti's malware scan page and use the buttons at the top of the page to browse to the above files on your hard drive and submit each one for a scan:

Several scanning engines will be used to check the file for any threats. Please post the results of the scans back here.

The demonoid.com site is done due to technical difficulties until further notice so that is why you cannot get to it. As for Media Player, once we have everything cleaned up here we will send you over to the AV forum and have them check that out.

Cheers.

OT

Edited by OldTimer, 26 June 2007 - 11:37 AM.

I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#13 neil

neil
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:11:15 PM

Posted 26 June 2007 - 04:38 PM

hi OT
you are the MAN it was fhqakduk.exe!!!

so heres the report

File: fhqakduk.dat Status:
OK MD5: 2c2825eb7a7863cc598ea9d536b3e872 Packers detected:
- Bit9 reports: File not found
Scanner results Scan taken on 26 Jun 2007 21:17:33 (GMT)
A-Squared
Found nothing AntiVir
Found nothing ArcaVir
Found nothing Avast
Found nothing AVG Antivirus
Found nothing BitDefender
Found nothing ClamAV
Found nothing Dr.Web
Found nothing F-Prot Antivirus
Found nothing F-Secure Anti-Virus
Found nothing Fortinet
Found nothing Kaspersky Anti-Virus
Found nothing NOD32
Found nothing Norman Virus Control
Found nothing Panda Antivirus
Found nothing Rising Antivirus
Found nothing VirusBuster
Found nothing VBA32
Found nothing
File: fhqakduk.exe Status:
INFECTED/MALWARE MD5: 7790da6257b204397115a6cea5683e92 Packers detected:
PE_PATCH Bit9 reports: File not found
Scanner results Scan taken on 26 Jun 2007 21:23:03 (GMT)
A-Squared
Found nothing AntiVir
Found nothing ArcaVir
Found Heur.W32
Avast
Found nothing AVG Antivirus
Found nothing BitDefender
Found nothing ClamAV
Found nothing Dr.Web
Found nothing F-Prot Antivirus
Found nothing F-Secure Anti-Virus
Found nothing Fortinet
Found nothing Kaspersky Anti-Virus
Found nothing NOD32
Found nothing Norman Virus Control
Found nothing Panda Antivirus
Found nothing Rising Antivirus
Found nothing VirusBuster
Found nothing VBA32
Found nothing
File: fhqakduk_nav.dat Status:
OK(Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database) MD5: e1aee7885f63e10ed25fff528888d453 Packers detected:
- Bit9 reports: File not found
Scanner results Scan taken on 26 Jun 2007 21:29:35 (GMT)
A-Squared
Found nothing AntiVir
Found nothing ArcaVir
Found nothing Avast
Found nothing AVG Antivirus
Found nothing BitDefender
Found nothing ClamAV
Found nothing Dr.Web
Found nothing F-Prot Antivirus
Found nothing F-Secure Anti-Virus
Found nothing Fortinet
Found nothing Kaspersky Anti-Virus
Found nothing NOD32
Found nothing Norman Virus Control
Found nothing Panda Antivirus
Found nothing Rising Antivirus
Found nothing VirusBuster
Found nothing VBA32
Found nothing

File: fhqakduk_navps.dat Status:
OK MD5: e74065847175b8cdede67122f68839d7 Packers detected:
- Bit9 reports: File not found
Scanner results Scan taken on 26 Jun 2007 21:33:39 (GMT)
A-Squared
Found nothing AntiVir
Found nothing ArcaVir
Found nothing Avast
Found nothing AVG Antivirus
Found nothing BitDefender
Found nothing ClamAV
Found nothing Dr.Web
Found nothing F-Prot Antivirus
Found nothing F-Secure Anti-Virus
Found nothing Fortinet
Found nothing Kaspersky Anti-Virus
Found nothing NOD32
Found nothing Norman Virus Control
Found nothing Panda Antivirus
Found nothing Rising Antivirus
Found nothing VirusBuster
Found nothing VBA32
Found nothing

#14 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:06:15 PM

Posted 26 June 2007 - 06:30 PM

Hi neil. Since we tried to remove them and they would not go away, let's use a special tool that should take care of them.

1. Please download The Avenger by Swandog46 to your Desktop.
  • Click on Avenger.zip to open the file
  • Extract avenger.exe to your desktop
2. Copy all the text contained in the code box below to your Clipboard by highlighting it and pressing (Ctrl+C):

Files to delete:
c:\windows\system32\fhqakduk.dat
c:\windows\system32\fhqakduk.exe
c:\windows\system32\fhqakduk_nav.dat
c:\windows\system32\fhqakduk_navps.dat

Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.


3. Now, start The Avenger program by clicking on its icon on your desktop.
  • Under "Script file to execute" choose "Input Script Manually".
  • Now click on the Magnifying Glass icon which will open a new window titled "View/edit script"
  • Paste the text copied to clipboard into this window by pressing (Ctrl+V).
  • Click Done
  • Now click on the Green Light to begin execution of the script
  • Answer "Yes" twice when prompted.
4. The Avenger will automatically do the following:
  • It will Restart your computer. ( In cases where the code to execute contains "Drivers to Unload", The Avenger will actually restart your system twice.)
  • On reboot, it will briefly open a black command window on your desktop, this is normal.
  • After the restart, it creates a log file that should open with the results of Avenger’s actions. This log file will be located at C:\avenger.txt
  • The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.
5. Please copy/paste the content of c:\avenger.txt into your reply along with a fresh WinPFind3u log by using Add/Reply

I'll review the information when it comes in.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#15 neil

neil
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:11:15 PM

Posted 27 June 2007 - 09:13 AM

Hi OT
did as you said.
but made a misstake with avenger i didn't save the log!!
it asked me in french and i thourght it said to restore the programs so i said no :thumbsup:
WinPFind3u still wont work in normal mode so heres 1 from safe mode

cheer ot for being there
neil
WinPFind3 logfile created on: 27/06/2007 15:56:09
WinPFind3U by OldTimer - Version 1.0.39 Folder = D:\Documents and Settings\creese\Bureau\WinPFind3u\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 7.0.5730.11)

1022,48 Mb Total Physical Memory | 768,55 Mb Available Physical Memory | 75,16% Memory free
2,40 Gb Paging File | 2,28 Gb Available in Paging File | 95,04% Paging File free
Paging file location(s): C:\pagefile.sys 0 0;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,99 Gb Total Space | 11,88 Gb Free Space | 39,62% Space Free
Drive D: | 241,65 Gb Total Space | 99,96 Gb Free Space | 41,36% Space Free
E: Drive not present or media not loaded
F: Drive not present or media not loaded

Computer Name: neil
Current User Name: creese
Logged in as Administrator.
Cannot determine boot mode.


[Processes - Non-Microsoft Only]
guard.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 30/05/2007 14:31:10 | Attr = ]
opxpapp.exe -> %SystemDrive%\APPS\Softex\OmniPass\OPXPApp.exe -> [Ver = | Size = 14848 bytes | Modified Date = 30/01/2006 08:47:50 | Attr = ]
winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> OldTimer Tools [Ver = 1.0.38.0 | Size = 322048 bytes | Modified Date = 23/06/2007 15:15:54 | Attr = ]

[Win32 Services - Non-Microsoft Only]
(Adobe LM Service) Adobe LM Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Adobe Systems Shared\Service\Adobelmsvc.exe -> Adobe Systems [Ver = 2.67.010 | Size = 72704 bytes | Modified Date = 17/04/2007 16:18:36 | Attr = ]
(aswUpdSv) avast! iAVS4 Control Service [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> ALWIL Software [Ver = 4, 7, 997, 0 | Size = 16512 bytes | Modified Date = 30/04/2007 17:29:56 | Attr = ]
(avast! Antivirus) avast! Antivirus [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> ALWIL Software [Ver = 4, 7, 997, 0 | Size = 132736 bytes | Modified Date = 30/04/2007 17:42:40 | Attr = ]
(avast! Mail Scanner) avast! Mail Scanner [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 7, 997, 0 | Size = 243328 bytes | Modified Date = 30/04/2007 18:04:38 | Attr = ]
(avast! Web Scanner) avast! Web Scanner [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 7, 997, 0 | Size = 345728 bytes | Modified Date = 30/04/2007 17:41:28 | Attr = ]
(AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 30/05/2007 14:31:10 | Attr = ]
(dmadmin) Service d'administration du Gestionnaire de disque logique [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 225280 bytes | Modified Date = 10/08/2004 14:00:00 | Attr = ]
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 04/04/2005 01:41:10 | Attr = ]
(iPod Service) Service de l'iPod [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Inc. [Ver = 7.2.0.34 | Size = 501312 bytes | Modified Date = 26/05/2007 12:45:46 | Attr = ]
(MSCSPTISRV) MSCSPTISRV [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\AVLib\MSCSPTISRV.exe -> Sony Corporation [Ver = 4.4.00.11241 | Size = 53337 bytes | Modified Date = 24/11/2005 17:03:22 | Attr = ]
(NBService) NBService [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Nero\Nero 7\Nero BackItUp\NBService.exe -> Nero AG [Ver = 2, 6, 6, 0 | Size = 724992 bytes | Modified Date = 09/10/2006 23:11:08 | Attr = ]
(NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Stopped] -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.8466 | Size = 143426 bytes | Modified Date = 28/04/2006 00:47:00 | Attr = ]
(omniserv) Softex OmniPass Service [Win32_Own | Auto | Stopped] -> %SystemDrive%\APPS\Softex\OmniPass\OmniServ.exe -> Softex Inc. [Ver = 1.0.0.1 | Size = 32768 bytes | Modified Date = 30/01/2006 08:47:48 | Attr = ]
(PACSPTISVR) PACSPTISVR [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\AVLib\PACSPTISVR.exe -> Sony Corporation [Ver = 4.4.00.11241 | Size = 53337 bytes | Modified Date = 24/11/2005 16:57:44 | Attr = ]
(Planificateur LiveUpdate automatique) Planificateur LiveUpdate automatique [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Symantec\LiveUpdate\ALUSchedulerSvc.exe -> File not found
(Pml Driver HPZ12) Pml Driver HPZ12 [Win32_Own | On_Demand | Stopped] -> %System32%\HPZipm12.exe -> HP [Ver = 6, 0, 0, 0 | Size = 65795 bytes | Modified Date = 09/03/2003 06:31:02 | Attr = R ]
(SPF4) Sunbelt Personal Firewall 4 [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Sunbelt Software\Personal Firewall\kpf4ss.exe -> Sunbelt Software [Ver = 4.5.916.0 | Size = 1234480 bytes | Modified Date = 26/04/2007 10:21:28 | Attr = ]
(SPTISRV) Sony SPTI Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\AVLib\SPTISRV.exe -> Sony Corporation [Ver = 4.4.00.11241 | Size = 69718 bytes | Modified Date = 24/11/2005 16:47:30 | Attr = ]
(Symantec Core LC) Symantec Core LC [Win32_Own | Auto | Stopped] -> %CommonProgramFiles%\Symantec Shared\CCPD-LC\symlcsvc.exe -> Symantec Corporation [Ver = 1.9.1.762 | Size = 1119888 bytes | Modified Date = 19/07/2006 21:44:50 | Attr = ]
(UleadBurningHelper) Ulead Burning Helper [Win32_Own | Auto | Stopped] -> %CommonProgramFiles%\Ulead Systems\DVD\ULCDRSvr.exe -> Ulead Systems, Inc. [Ver = 1, 0, 0, 4 | Size = 49152 bytes | Modified Date = 31/01/2005 09:45:20 | Attr = ]
(USBDeviceService) USBDeviceService [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe -> [Ver = 1, 0, 0, 1 | Size = 90112 bytes | Modified Date = 20/10/2005 06:15:00 | Attr = ]
(x10nets) X10 Device Network Service [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Common Files\X10\Common\X10nets.exe -> X10 [Ver = 1, 0, 0, 1 | Size = 20480 bytes | Modified Date = 12/11/2001 13:31:48 | Attr = ]

[Driver Services - Non-Microsoft Only]
(3xHybrid) 3xHybrid service [Kernel | On_Demand | Stopped] -> %System32%\drivers\3xHybrid.sys -> Philips Semiconductors GmbH [Ver = 1, 3, 3, 1 | Size = 825600 bytes | Modified Date = 17/04/2006 12:25:00 | Attr = ]
(Aavmker4) avast! Asynchronous Virus Monitor [Kernel | System | Stopped] -> %System32%\drivers\aavmker4.sys -> ALWIL Software [Ver = 4.7.997.0 | Size = 26888 bytes | Modified Date = 30/04/2007 17:37:24 | Attr = ]
(Abiosdsk) Abiosdsk [Kernel | Disabled | Stopped] -> -> File not found
(AFS2K) AFS2K [Kernel | System | Running] -> %System32%\drivers\AFS2K.SYS -> Oak Technology Inc. [Ver = 3.1.14.886 | Size = 82380 bytes | Modified Date = 22/04/2007 02:20:48 | Attr = ]
(AliIde) AliIde [Kernel | Boot | Running] -> %System32%\drivers\aliide.sys -> Acer Laboratories Inc. [Ver = 1.20 | Size = 5248 bytes | Modified Date = 17/08/2001 21:51:56 | Attr = ]
(amdagp) Pilote de filtre du bus AMD AGP [Kernel | Boot | Running] -> %System32%\drivers\AMDAGP.SYS -> Advanced Micro Devices, Inc. [Ver = 5.00 (xpsp_sp2_rtm.040803-2158) | Size = 43008 bytes | Modified Date = 03/08/2004 23:07:44 | Attr = ]
(asc) asc [Kernel | Boot | Running] -> %System32%\drivers\asc.sys -> Advanced System Products, Inc. [Ver = 2.9I-MS (XPClient.010817-1148) | Size = 26496 bytes | Modified Date = 17/08/2001 21:52:00 | Attr = ]
(asc3550) asc3550 [Kernel | Boot | Running] -> %System32%\drivers\asc3550.sys -> Advanced System Products, Inc. [Ver = 3.1E-MS (XPClient.010817-1148) | Size = 14848 bytes | Modified Date = 17/08/2001 21:51:58 | Attr = ]
(Aspi32) Aspi32 [Kernel | Auto | Stopped] -> %System32%\drivers\ASPI32.SYS -> Adaptec [Ver = 4.71 (0002) built by: WinDDK | Size = 16512 bytes | Modified Date = 17/07/2002 03:05:10 | Attr = ]
(aswMon2) avast! Standard Shield Support [File_System | Auto | Stopped] -> %System32%\drivers\aswmon2.sys -> ALWIL Software [Ver = 4.7.997.0 | Size = 94552 bytes | Modified Date = 30/04/2007 17:41:42 | Attr = ]
(aswRdr) aswRdr [Kernel | On_Demand | Stopped] -> %System32%\drivers\aswRdr.sys -> ALWIL Software [Ver = 4.7.997.0 | Size = 23416 bytes | Modified Date = 30/04/2007 17:39:42 | Attr = ]
(aswTdi) avast! Network Shield Support [Kernel | System | Running] -> %System32%\drivers\aswTdi.sys -> ALWIL Software [Ver = 4.7.997.0 | Size = 43176 bytes | Modified Date = 30/04/2007 17:38:52 | Attr = ]
(Atdisk) Atdisk [Kernel | Disabled | Stopped] -> -> File not found
(AVG Anti-Spyware Driver) AVG Anti-Spyware Driver [Kernel | System | Stopped] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.sys -> [Ver = | Size = 11000 bytes | Modified Date = 30/05/2007 14:10:42 | Attr = ]
(AvgAsCln) AVG Anti-Spyware Clean Driver [Kernel | System | Running] -> %System32%\drivers\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 10872 bytes | Modified Date = 30/05/2007 14:10:42 | Attr = ]
(BANTExt) Belarc SMBios Access [Kernel | System | Stopped] -> %System32%\drivers\BANTExt.sys -> [Ver = | Size = 3840 bytes | Modified Date = 07/04/2005 17:18:34 | Attr = ]
(Changer) Changer [Kernel | System | Stopped] -> -> File not found
(CmdIde) CmdIde [Kernel | Boot | Running] -> %System32%\drivers\cmdide.sys -> CMD Technology, Inc. [Ver = 2.0.7 (XPClient.010817-1148) | Size = 6656 bytes | Modified Date = 23/08/2001 17:04:44 | Attr = ]
(dac2w2k) dac2w2k [Kernel | Boot | Running] -> %System32%\drivers\dac2w2k.sys -> Mylex Corporation [Ver = 6.00-21 (XPClient.010817-1148) | Size = 179584 bytes | Modified Date = 17/08/2001 21:52:16 | Attr = ]
(dmboot) dmboot [Kernel | Disabled | Stopped] -> %System32%\drivers\dmboot.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 800256 bytes | Modified Date = 10/08/2004 14:00:00 | Attr = ]
(dmio) Pilote de Gestionnaire de disque logique [Kernel | Boot | Running] -> %System32%\drivers\dmio.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 154496 bytes | Modified Date = 10/08/2004 14:00:00 | Attr = ]
(dmload) dmload [Kernel | Boot | Running] -> %System32%\drivers\dmload.sys -> Microsoft Corp., Veritas Software. [Ver = 2600.0.503.0 | Size = 5888 bytes | Modified Date = 10/08/2004 14:00:00 | Attr = ]
(dtscsi) dtscsi [Kernel | On_Demand | Stopped] -> %System32%\drivers\dtscsi.sys -> DT Soft Ltd. [Ver = 4.03.0.0 built by: WinDDK | Size = 223128 bytes | Modified Date = 23/11/2006 02:28:42 | Attr = ]
(fwdrv) Firewall Driver [Kernel | System | Running] -> %System32%\drivers\fwdrv.sys -> Sunbelt Software [Ver = 4.3.182.0 | Size = 302000 bytes | Modified Date = 26/04/2007 10:21:30 | Attr = ]
(GEARAspiWDM) GEARAspiWDM [Kernel | On_Demand | Running] -> %System32%\drivers\GEARAspiWDM.sys -> GEAR Software Inc. [Ver = 2.0.6.1 | Size = 15664 bytes | Modified Date = 19/09/2006 16:44:04 | Attr = ]
(HdAudAddService) Microsoft UAA Function Driver for High Definition Audio Service [Kernel | On_Demand | Stopped] -> %System32%\drivers\Hdaudio.sys -> Windows ® Server 2003 DDK provider [Ver = 5.10.01.5013 built by: WinDDK | Size = 145920 bytes | Modified Date = 07/01/2005 17:07:16 | Attr = ]
(HDAudBus) Microsoft UAA Bus Driver for High Definition Audio [Kernel | On_Demand | Running] -> %System32%\drivers\Hdaudbus.sys -> Windows ® Server 2003 DDK provider [Ver = 5.10.01.5013 built by: WinDDK | Size = 138752 bytes | Modified Date = 07/01/2005 17:07:18 | Attr = ]
(HPZid412) IEEE-1284.4 Driver HPZid412 [Kernel | On_Demand | Stopped] -> %System32%\drivers\hpzid412.sys -> HP [Ver = 6, 0, 0, 0 | Size = 51024 bytes | Modified Date = 09/03/2003 06:31:00 | Attr = R ]
(HPZipr12) Print Class Driver for IEEE-1284.4 HPZipr12 [Kernel | On_Demand | Stopped] -> %System32%\drivers\HPZipr12.sys -> HP [Ver = 6, 0, 0, 0 | Size = 16080 bytes | Modified Date = 09/03/2003 06:31:02 | Attr = R ]
(HPZius12) USB to IEEE-1284.4 Translation Driver HPZius12 [Kernel | On_Demand | Stopped] -> %System32%\drivers\HPZius12.sys -> HP [Ver = 6, 0, 0, 0 | Size = 21456 bytes | Modified Date = 09/03/2003 06:31:02 | Attr = R ]
(imagedrv) imagedrv [Kernel | Boot | Running] -> %System32%\drivers\imagedrv.sys -> Ahead Software AG [Ver = 2.29.0.0 built by: WinDDK | Size = 5888 bytes | Modified Date = 15/08/2005 13:08:26 | Attr = ]
(imagesrv) imagesrv [Kernel | Boot | Running] -> %System32%\drivers\imagesrv.sys -> Ahead Software AG [Ver = 2.29.0.0 built by: WinDDK | Size = 127488 bytes | Modified Date = 15/08/2005 13:08:26 | Attr = ]
(IntcAzAudAddService) Service for Realtek HD Audio (WDM) [Kernel | On_Demand | Stopped] -> %System32%\drivers\RtkHDAud.Sys -> Realtek Semiconductor Corp. [Ver = 5.10.00.5200 built by: WinDDK | Size = 4123136 bytes | Modified Date = 09/12/2005 17:48:40 | Attr = ]
(khips) Kerio HIPS Driver [Kernel | System | Stopped] -> %System32%\drivers\khips.sys -> Sunbelt Software [Ver = 4.3.182.0 | Size = 72624 bytes | Modified Date = 26/04/2007 10:21:34 | Attr = ]
(lbrtfdc) lbrtfdc [Kernel | System | Stopped] -> -> File not found
(mcdbus) Driver for MagicISO SCSI Host Controller [Kernel | On_Demand | Running] -> %System32%\drivers\mcdbus.sys -> MagicISO, Inc. [Ver = 1.0.0.32 | Size = 92160 bytes | Modified Date = 22/09/2006 14:06:10 | Attr = ]
(mraid35x) mraid35x [Kernel | Boot | Running] -> %System32%\drivers\mraid35x.sys -> American Megatrends Inc. [Ver = 6.19 (XPClient.010817-1148) | Size = 17280 bytes | Modified Date = 17/08/2001 21:52:12 | Attr = ]
(nv) nv [Kernel | On_Demand | Stopped] -> %System32%\drivers\nv4_mini.sys -> NVIDIA Corporation [Ver = 6.14.10.8466 | Size = 3663040 bytes | Modified Date = 28/04/2006 00:47:00 | Attr = ]
(PCANDIS5) PCANDIS5 Protocol Driver [Kernel | On_Demand | Stopped] -> %System32%\PCANDIS5.SYS -> File not found
(PCIDump) PCIDump [Kernel | System | Stopped] -> -> File not found
(PDCOMP) PDCOMP [Kernel | On_Demand | Stopped] -> -> File not found
(PDFRAME) PDFRAME [Kernel | On_Demand | Stopped] -> -> File not found
(PDRELI) PDRELI [Kernel | On_Demand | Stopped] -> -> File not found
(PDRFRAME) PDRFRAME [Kernel | On_Demand | Stopped] -> -> File not found
(PhilCam8116) Logitech QuickCam Pro 3000(PID_08B0) [Kernel | On_Demand | Stopped] -> %System32%\drivers\CamDrL21.sys -> Logitech Inc. [Ver = 8.0.3.1110 | Size = 313216 bytes | Modified Date = 27/06/2003 05:08:38 | Attr = ]
(PLUsbbc2) High-Speed USB Bridge Cable Driver [Kernel | On_Demand | Stopped] -> %System32%\drivers\usbbc2.sys -> Prolific Technology Inc. [Ver = 2.0.0.20 | Size = 8960 bytes | Modified Date = 07/05/2003 15:54:38 | Attr = ]
(Ptilink) Pilote de liaison parallèle directe [Kernel | On_Demand | Running] -> %System32%\drivers\ptilink.sys -> Parallel Technologies, Inc. [Ver = 1.10 (XPClient.010817-1148) | Size = 17792 bytes | Modified Date = 10/08/2004 14:00:00 | Attr = ]
(PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %System32%\drivers\pxhelp20.sys -> Sonic Solutions [Ver = 2.03.32a | Size = 20640 bytes | Modified Date = 25/04/2005 02:03:00 | Attr = ]
(ql1080) ql1080 [Kernel | Boot | Running] -> %System32%\drivers\ql1080.sys -> QLogic Corporation [Ver = 3.04 | Size = 40320 bytes | Modified Date = 17/08/2001 21:52:20 | Attr = ]
(ql12160) ql12160 [Kernel | Boot | Running] -> %System32%\drivers\ql12160.sys -> QLogic Corporation [Ver = 7.13.02 (W64) | Size = 45312 bytes | Modified Date = 17/08/2001 21:52:20 | Attr = ]
(ql1280) ql1280 [Kernel | Boot | Running] -> %System32%\drivers\ql1280.sys -> QLogic Corporation [Ver = 7.13.01 (W2K) | Size = 49024 bytes | Modified Date = 17/08/2001 21:52:18 | Attr = ]
(RTL8023xp) Realtek 10/100/1000 NIC Family all in one NDIS XP Driver [Kernel | On_Demand | Stopped] -> %System32%\drivers\Rtnicxp.sys -> Realtek Semiconductor Corporation [Ver = 5,641,0209,2006 built by: WinDDK | Size = 81408 bytes | Modified Date = 27/02/2006 06:46:20 | Attr = ]
(rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C) [Kernel | On_Demand | Stopped] -> %System32%\drivers\RTL8139.sys -> Realtek Semiconductor Corporation [Ver = 5.398.613.2003 built by: WinDDK | Size = 20992 bytes | Modified Date = 03/08/2004 22:31:34 | Attr = ]
(SCDEmu) SCDEmu [Kernel | System | Stopped] -> %System32%\drivers\scdemu.sys -> PowerISO Computing, Inc. [Ver = 3, 0, 0, 0 | Size = 26844 bytes | Modified Date = 18/03/2006 04:25:00 | Attr = ]
(Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> %System32%\drivers\secdrv.sys -> [Ver = | Size = 27440 bytes | Modified Date = 10/08/2004 14:00:00 | Attr = ]
(SG762_XP) SAGEM 802.11g XG762 1211B Driver [Kernel | On_Demand | Running] -> %System32%\drivers\WlanBZXP.sys -> ZyDAS Technology Corporation [Ver = 6, 3, 0, 0 | Size = 402432 bytes | Modified Date = 22/12/2005 14:45:18 | Attr = ]
(Simbad) Simbad [Kernel | Disabled | Stopped] -> -> File not found
(sisagp) Filtre de bus AGP SIS [Kernel | Boot | Running] -> %System32%\drivers\SISAGP.SYS -> Silicon Integrated Systems Corporation [Ver = 5.12.01.2010 (xpsp_sp2_rtm.040803-2158) | Size = 41088 bytes | Modified Date = 03/08/2004 23:07:44 | Attr = ]
(Sparrow) Sparrow [Kernel | Boot | Running] -> %System32%\drivers\sparrow.sys -> Adaptec, Inc. [Ver = v2.0a (ReleaseBinaries.001205-1804) | Size = 19072 bytes | Modified Date = 17/08/2001 22:07:44 | Attr = ]
(sptd) sptd [Kernel | Boot | Running] -> %System32%\drivers\sptd.sys -> [Ver = | Size = 639224 bytes | Modified Date = 25/11/2006 02:59:50 | Attr = ]
(symc810) symc810 [Kernel | Boot | Running] -> %System32%\drivers\symc810.sys -> Symbios Logic Inc. [Ver = 5.1.2409.1 (ReleaseBinaries.001205-1804) | Size = 16256 bytes | Modified Date = 17/08/2001 22:07:34 | Attr = ]
(symc8xx) symc8xx [Kernel | Boot | Running] -> %System32%\drivers\symc8xx.sys -> LSI Logic [Ver = 5.1.2409.1 (ReleaseBinaries.001205-1804) | Size = 32640 bytes | Modified Date = 17/08/2001 22:07:36 | Attr = ]
(symlcbrd) symlcbrd [Kernel | Auto | Stopped] -> %System32%\drivers\symlcbrd.sys -> Symantec Corporation [Ver = 1.8.54.834 | Size = 10344 bytes | Modified Date = 19/07/2006 21:44:50 | Attr = ]
(sym_hi) sym_hi [Kernel | Boot | Running] -> %System32%\drivers\sym_hi.sys -> LSI Logic [Ver = 5.1.2462.0 (Lab01_N.010309-0027) | Size = 28384 bytes | Modified Date = 17/08/2001 22:07:40 | Attr = ]
(sym_u3) sym_u3 [Kernel | Boot | Running] -> %System32%\drivers\sym_u3.sys -> LSI Logic [Ver = 5.1.2462.0 (Lab01_N.010309-0027) | Size = 30688 bytes | Modified Date = 17/08/2001 22:07:42 | Attr = ]
(ultra) ultra [Kernel | Boot | Running] -> %System32%\drivers\ultra.sys -> Promise Technology, Inc. [Ver = 1.43 (version 0603) | Size = 36736 bytes | Modified Date = 17/08/2001 21:52:22 | Attr = ]
(wanatw) WAN Miniport (ATW) [Kernel | On_Demand | Stopped] -> system32\DRIVERS\wanatw4.sys -> File not found
(WDICA) WDICA [Kernel | On_Demand | Stopped] -> -> File not found
(X10Hid) X10 Hid Device [Kernel | On_Demand | Running] -> %System32%\drivers\x10hid.sys -> X10 Wireless Technology, Inc. [Ver = 3.0.0.198 | Size = 7040 bytes | Modified Date = 28/11/2005 10:45:16 | Attr = ]
(XUIF) X10 USB Wireless Transceiver [Kernel | On_Demand | Running] -> %System32%\drivers\x10ufx2.sys -> X10 Wireless Technology, Inc. [Ver = 3.0.0.187 | Size = 17792 bytes | Modified Date = 19/05/2005 15:52:58 | Attr = ]
(ZDCndis5) ZDCndis5 Protocol Driver [Kernel | On_Demand | Stopped] -> %System32%\ZDCndis5.SYS -> File not found
(ZDPNDIS5) ZDPNDIS5 NDIS Protocol Driver [Kernel | On_Demand | Stopped] -> %System32%\ZDPNDIS5.SYS -> File not found
(ZDPSp50) ZDPSp50 NDIS Protocol Driver [Kernel | On_Demand | Stopped] -> %System32%\drivers\ZDPSp50.sys -> Printing Communications Assoc., Inc. (PCAUSA) [Ver = 5.5.18.02 | Size = 17664 bytes | Modified Date = 18/01/2006 14:09:40 | Attr = ]

[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
!AVG Anti-Spyware -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 43 | Size = 6731312 bytes | Modified Date = 11/06/2007 11:25:42 | Attr = ]
ACTIVBOARD -> %SystemDrive%\APPS\ABOARD\ABOARD.EXE -> NEC Computers International [Ver = 1, 2, 0, 0 | Size = 24576 bytes | Modified Date = 02/05/2003 11:31:50 | Attr = ]
Adobe Reader Speed Launcher -> %ProgramFiles%\Adobe\Reader 8.0\Reader\Reader_sl.exe -> Adobe Systems Incorporated [Ver = 8.0.0.0 | Size = 40048 bytes | Modified Date = 11/05/2007 03:06:32 | Attr = ]
avast! -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe -> ALWIL Software [Ver = 4, 7, 997, 0 | Size = 75392 bytes | Modified Date = 30/04/2007 17:42:48 | Attr = ]
DetectorApp -> %ProgramFiles%\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe -> [Ver = 1, 0, 0, 6 | Size = 102400 bytes | Modified Date = 20/10/2005 06:15:00 | Attr = ]
High Definition Audio Property Page Shortcut -> %System32%\HdAShCut.exe -> Windows ® Server 2003 DDK provider [Ver = 5.10.01.5013 built by: WinDDK | Size = 61952 bytes | Modified Date = 07/01/2005 17:07:16 | Attr = ]
iTunesHelper -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Inc. [Ver = 7.2.0.34 | Size = 257088 bytes | Modified Date = 26/05/2007 12:45:54 | Attr = ]
LogitechGalleryRepair -> %ProgramFiles%\Logitech\Video\ISStart.exe -> Logitech Inc. [Ver = 8.0.3.1112 | Size = 188416 bytes | Modified Date = 30/06/2003 20:56:34 | Attr = ]
LogitechVideoRepair -> %ProgramFiles%\Logitech\Video\ISStart.exe -> Logitech Inc. [Ver = 8.0.3.1112 | Size = 188416 bytes | Modified Date = 30/06/2003 20:56:34 | Attr = ]
LogitechVideoTray -> %ProgramFiles%\Logitech\Video\LogiTray.exe -> Logitech Inc. [Ver = 8.0.3.1112 | Size = 65536 bytes | Modified Date = 30/06/2003 21:00:24 | Attr = ]
NvCplDaemon -> %System32%\nvcpl.dll [RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup] -> NVIDIA Corporation [Ver = 6.14.10.8466 | Size = 7573504 bytes | Modified Date = 28/04/2006 00:47:00 | Attr = ]
NvMediaCenter -> %System32%\nvmctray.dll [RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit] -> NVIDIA Corporation [Ver = 6.14.10.8466 | Size = 86016 bytes | Modified Date = 28/04/2006 00:47:00 | Attr = ]
OmniPass -> %SystemDrive%\APPS\Softex\OmniPass\scureapp.exe -> [Ver = 1, 0, 0, 1 | Size = 1978368 bytes | Modified Date = 30/01/2006 09:56:38 | Attr = ]
QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Inc. [Ver = 7.1.6 | Size = 282624 bytes | Modified Date = 27/04/2007 09:41:54 | Attr = ]
RTHDCPL -> %SystemRoot%\RTHDCPL.exe -> Realtek Semiconductor Corp. [Ver = 2.0.3.2 | Size = 15691264 bytes | Modified Date = 09/12/2005 16:49:42 | Attr = ]
tcactive -> %ProgramFiles%\The Cleaner\tca.exe -> MooSoft Development [Ver = 3.1.0.3073 | Size = 631808 bytes | Modified Date = 09/04/2004 10:26:36 | Attr = ]
tcmonitor -> %ProgramFiles%\The Cleaner\tcm.exe -> MooSoft Development [Ver = 2.1.0.2043 | Size = 388096 bytes | Modified Date = 13/03/2004 14:48:52 | Attr = ]
TkBellExe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.3760 | Size = 185896 bytes | Modified Date = 02/03/2007 17:32:18 | Attr = ]
< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ ->
IMAIL -> Installed = 1 ->
MAPI -> Installed = 1 ->
MSFS -> Installed = 1 ->
< Common Startup > -> D:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage ->
%AllUsersStartup%\hp psc 1000 series.lnk -> %ProgramFiles%\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe -> Hewlett-Packard Co. [Ver = 4.2.0.020 | Size = 147456 bytes | Modified Date = 06/04/2003 01:17:18 | Attr = ]
%AllUsersStartup%\hpoddt01.exe.lnk -> %ProgramFiles%\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe -> Hewlett-Packard [Ver = 1, 0, 0, 1 | Size = 28672 bytes | Modified Date = 06/04/2003 01:06:58 | Attr = ]
%AllUsersStartup%\Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk -> %ProgramFiles%\SAGEM WiFi manager\WLANUTL.EXE -> [Ver = 2, 5, 5, 1 | Size = 925696 bytes | Modified Date = 19/01/2006 16:54:34 | Attr = ]
< User Startup > -> D:\Documents and Settings\creese\Menu Démarrer\Programmes\Démarrage ->
%UserStartup%\Adobe Gamma.lnk -> %CommonProgramFiles%\Adobe\Calibration\Adobe Gamma Loader.exe -> Adobe Systems, Inc. [Ver = 1, 0, 0, 1 | Size = 113664 bytes | Modified Date = 16/03/2005 19:16:50 | Attr = ]
%UserStartup%\MagicDisc.lnk -> %ProgramFiles%\MagicDisc\MagicDisc.exe -> [Ver = | Size = 534016 bytes | Modified Date = 26/09/2006 09:59:14 | Attr = ]
< ShellExecuteHooks [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks ->
{57B86673-276A-48B2-BAE7-C6DBB3020EB8} [HKLM] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> GRISOFT s.r.o. [Ver = 7, 5, 1, 36 | Size = 79408 bytes | Modified Date = 30/05/2007 14:29:58 | Attr = ]
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon\Notify settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
OPXPGina -> %SystemDrive%\APPS\Softex\OmniPass\OPXPGina.dll -> [Ver = | Size = 49152 bytes | Modified Date = 30/01/2006 08:53:44 | Attr = ]
< CurrentVersion Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\InstallVisualStyle -> C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\InstallTheme -> C:\WINDOWS\Resources\Themes\Royale.theme ->
< CurrentVersion Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> •
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 0 ->
< HOSTS File > (31 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
127.0.0.1 localhost -> ->
< Internet Explorer Settings > -> ->
HKLM: Default_Page_URL -> http://uk.yahoo.com ->
HKLM: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKLM: Local Page -> %SystemRoot%\system32\blank.htm ->
HKLM: Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKLM: Start Page -> http://uk.yahoo.com ->
HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKLM: SearchAssistant -> http://www.google.com/ie ->
HKCU: Local Page -> C:\WINDOWS\system32\blank.htm ->
HKCU: Search Bar -> http://www.google.com/ie ->
HKCU: Search Page -> http://www.google.com ->
HKCU: Start Page -> http://www.demonoid.com/ ->
HKCU: URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn0\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2006, 9, 29, 1 | Size = 440384 bytes | Modified Date = 29/09/2006 13:53:18 | Attr = ]
HKCU: ProxyEnable -> 0 ->
HKCU: ProxyOverride -> <local> ->
< Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
msn.com [ - ] -> ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 8.0.0.2006102200 | Size = 62080 bytes | Modified Date = 22/10/2006 23:08:42 | Attr = ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_11\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 440056 bytes | Modified Date = 15/12/2006 04:23:24 | Attr = ]
{7E853D72-626A-48EC-A868-BA8D5E23E045} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> %ProgramFiles%\Google\googletoolbar2.dll [Google Toolbar Helper] -> Google Inc. [Ver = 4, 0, 1020, 6156 | Size = 2133056 bytes | Modified Date = 17/11/2006 16:43:34 | Attr = R ]
< Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
{2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar2.dll [&Google] -> Google Inc. [Ver = 4, 0, 1020, 6156 | Size = 2133056 bytes | Modified Date = 17/11/2006 16:43:34 | Attr = R ]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn0\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2006, 9, 29, 1 | Size = 440384 bytes | Modified Date = 29/09/2006 13:53:18 | Attr = ]
< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar2.dll [&Google] -> Google Inc. [Ver = 4, 0, 1020, 6156 | Size = 2133056 bytes | Modified Date = 17/11/2006 16:43:34 | Attr = R ]
WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn0\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2006, 9, 29, 1 | Size = 440384 bytes | Modified Date = 29/09/2006 13:53:18 | Attr = ]
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_11\bin\npjpi150_11.dll [MenuText: Console Java (Sun)] -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 75528 bytes | Modified Date = 15/12/2006 04:23:26 | Attr = ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKCU] -> %ProgramFiles%\Java\jre1.5.0_11\bin\ssv.dll [MenuText: Console Java (Sun)] -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 440056 bytes | Modified Date = 15/12/2006 04:23:24 | Attr = ]
{2670000A-7350-4f3c-8081-5663EE0C6C49} -> Reg Data - Value does not exist [ButtonText: Send to OneNote] -> File not found
{85d1f590-48f4-11d9-9669-0800200c9a66} [HKLM] -> Reg Data - Key not found [MenuText: Uninstall BitDefender Online Scanner v8] -> File not found
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> Reg Data - Value does not exist [ButtonText: Research] -> File not found
{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -> Reg Data - Value does not exist [ButtonText: Real.com] -> File not found
{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> Reg Data - Key not found [MenuText: @xpsp3res.dll,-20001] -> File not found
{F4430FE8-2638-42e5-B849-800749B94EED} -> %ProgramFiles%\PartyGaming.Net\PartyPokerNet\RunPF.exe [ButtonText: PartyPoker.net] -> File not found
< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
&Windows Live Search -> %ProgramFiles%\Windows Live Toolbar\msntb.dll\search.htm -> File not found
E&xport to Microsoft Excel -> -> File not found
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{30190A9B-4FA1-4E89-AB4C-B1DC80FB2D7D} -> (Carte réseau 1394) ->
{559DE7D7-B76B-448F-9B3B-4F37AF21FFD7} -> (Realtek RTL8139/810x Family Fast Ethernet NIC) ->
{D35D3FA1-AA7A-4FCE-B06B-C9F48709D5EC} -> (SAGEM Wi-Fi 11g USB adapter) ->
{E2BC7829-F509-4E5A-8E73-46F5D037BD49} -> () ->
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
belarc -> %ProgramFiles%\Belarc\Advisor\System\BAVoilaX.dll -> Belarc, Inc. [Ver = 7.2h | Size = 33280 bytes | Modified Date = 16/01/2007 19:30:02 | Attr = ]
bw+0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw+0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw-0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw00 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw00s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw-0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw10 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw10s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw20 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw20s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw30 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw30s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw40 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw40s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw50 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw50s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw60 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw60s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw70 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw70s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw80 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw80s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw90 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bw90s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwa0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwa0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwb0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwb0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwc0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwc0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwd0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwd0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwe0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwe0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwf0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwf0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwfile-8876480 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwg0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwg0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwh0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwh0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwi0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwi0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwj0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwj0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwk0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwk0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwl0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwl0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwm0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwm0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwn0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwn0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwo0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwo0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwp0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwp0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwq0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwq0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwr0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwr0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bws0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bws0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwt0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwt0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwu0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwu0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwv0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwv0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bww0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bww0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwx0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwx0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwy0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwy0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwz0 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
bwz0s -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
ipp -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found
offline-8876480 -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll -> Logitech [Ver = Version 7.2.0 (Build 157R) | Size = 40999 bytes | Modified Date = 28/10/2006 16:25:24 | Attr = ]
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} -> CKAVWebScan Object - CodeBase = http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab ->
{166B1BCA-3F9C-11CF-8075-444553540000} -> Shockwave ActiveX Control - CodeBase = http://fpdownload.macromedia.com/get/shock...director/sw.cab ->
{215B8138-A3CF-44C5-803F-8226143CFC0A} -> Trend Micro ActiveX Scan Agent 6.6 - CodeBase = http://eu-housecall.trendmicro-europe.com/...ivex/hcImpl.cab ->
{5C051655-FCD5-4969-9182-770EA5AA5565} -> Solitaire Showdown Class - CodeBase = http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab ->
{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> BDSCANONLINE Control - CodeBase = http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.5.0_11 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->
{9A9307A0-7DA4-4DAF-B042-5009F29E09E1} -> ActiveScan Installer Class - CodeBase = http://acs.pandasoftware.com/activescan/as5free/asinst.cab ->
{A90A5822-F108-45AD-8482-9BC8B12DD539} -> Crucial cpcScan - CodeBase = http://www.crucial.com/controls/cpcScanner.cab ->
{C3F79A2B-B9B4-4A66-B012-3EE46475B072} -> MessengerStatsClient Class - CodeBase = http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab ->
{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_11 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_11 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} -> - CodeBase = http://fpdownload.macromedia.com/get/flash...ent/swflash.cab ->

[Registry - Additional Scans - Non-Microsoft Only]
< Security Settings > -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirstRunDisabled -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusDisableNotify -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallDisableNotify -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\UpdatesDisableNotify -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusOverride -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallOverride -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\\DisableMonitoring -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\\DisableMonitoring -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\Type -> 32 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\Start -> 3 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\ErrorControl -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\ImagePath -> %SystemRoot%\system32\svchost.exe -k netsvcs ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\DisplayName -> Service de transfert intelligent en arrière-plan ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\DependOnService -> RpcSs; ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\DependOnGroup -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\ObjectName -> LocalSystem ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\Description -> Transfère des données entre les clients et les serveurs en tâche de fond. Si le service BITS est désactivé, les fonctionnalités telles que Windows Update ne fonctionneront pas correctement. ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\FailureActions ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Parameters\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Parameters\\ServiceDll -> C:\WINDOWS\system32\qmgr.dll ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Security\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Security\\Security -> _
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\\0 -> Root\LEGACY_BITS\0000 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\\Count -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\\NextInstance -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnGroup -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnService -> Netman;WinMgmt; ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Description -> Assure la traduction d'adresses de réseau, l'adressage, les services de résolution de noms et/ou les services de prévention d'intrusion pour un réseau de petite entreprise ou un réseau domestique. ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DisplayName -> Pare-feu Windows / Partage de connexion Internet ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ErrorControl -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ImagePath -> %SystemRoot%\system32\svchost.exe -k netsvcs ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ObjectName -> LocalSystem ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Start -> 2 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Type -> 32 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\\Epoch -> 5488 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\\ServiceDll -> %SystemRoot%\System32\ipnathlp.dll ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\msncall.exe -> C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe -> C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\AOL 9.0\waol.exe -> C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\Network Diagnostic\xpnetdiag.exe -> %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\msnmsgr.exe -> C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\livecall.exe -> C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\EnableFirewall -> 0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\DoNotAllowExceptions -> 0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\DisableNotifications -> 0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\AOL 9.0\aol.exe -> C:\Program Files\AOL 9.0\aol.exe:*:Enabled:AOL ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\system32\sessmgr.exe -> C:\WINDOWS\system32\sessmgr.exe:*:Enabled:@xpsp2res.dll,-22019 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\APPS\Inventime\my.exe -> C:\APPS\Inventime\my.exe:*:Enabled:INVENTIME ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\LimeWire\LimeWire.exe -> C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe -> C:\Program Files\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe:*:Enabled:PANDORA ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\APPS\skype\phone\Skype.exe -> C:\APPS\skype\phone\Skype.exe:*:Enabled:Skype ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\UBISOFT\Splinter Cell Pandora Tomorrow\logo_ubi.exe -> C:\Program Files\UBISOFT\Splinter Cell Pandora Tomorrow\logo_ubi.exe:*:Enabled:SPLINTER CELL PANDORA ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe -> C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\AOL 9.0\waol.exe -> C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\msncall.exe -> C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Messenger\msmsgs.exe -> C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Azureus\Azureus.exe -> C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\Network Diagnostic\xpnetdiag.exe -> %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\msnmsgr.exe -> C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\livecall.exe -> C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE -> C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Microsoft Office\Office12\GROOVE.EXE -> C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE -> C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\iTunes\iTunes.exe -> C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\2869:TCP -> 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\3389:TCP -> 3389:TCP:*:Enabled:@xpsp2res.dll,-22009 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\139:TCP -> 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\445:TCP -> 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\137:UDP -> 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\138:UDP -> 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\1900:UDP -> 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\\ServiceUpgrade -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\All -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\0 -> Root\LEGACY_SHAREDACCESS\0000 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\Count -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\NextInstance -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Type -> 32 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Start -> 2 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ErrorControl -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ImagePath -> %systemroot%\system32\svchost.exe -k netsvcs ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\DisplayName -> Mises à jour automatiques ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ObjectName -> LocalSystem ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Description -> Active le téléchargement et l'installation des mises à jour Windows. Si ce service est désactivé, cet ordinateur ne pourra pas utiliser la fonctionnalité des mises à jour automatiques ou le site Windows Update. ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\\ServiceDll -> C:\WINDOWS\system32\wuauserv.dll ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\\Security -> _
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\0 -> Root\LEGACY_WUAUSERV\0000 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\Count -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\NextInstance -> 1 ->

[Files/Folders - Created Within 30 days]
avenger -> %SystemDrive%\avenger -> [Folder | Created Date = 27/06/2007 08:32:24 | Attr = ]
backup.reg -> %SystemDrive%\backup.reg -> [Ver = | Size = 0 bytes | Created Date = 27/06/2007 08:30:35 | Attr = ]
sqmdata06.sqm -> %SystemDrive%\sqmdata06.sqm -> [Ver = | Size = 268 bytes | Created Date = 14/06/2007 03:42:16 | Attr = H ]
sqmnoopt06.sqm -> %SystemDrive%\sqmnoopt06.sqm -> [Ver = | Size = 244 bytes | Created Date = 14/06/2007 03:42:16 | Attr = H ]
zip.exe -> %SystemDrive%\zip.exe -> [Ver = | Size = 126976 bytes | Created Date = 27/06/2007 08:25:58 | Attr = ]
$NtUninstallKB929123$ -> %SystemRoot%\$NtUninstallKB929123$ -> [Folder | Created Date = 13/06/2007 15:32:11 | Attr = H ]
$NtUninstallKB935839$ -> %SystemRoot%\$NtUninstallKB935839$ -> [Folder | Created Date = 13/06/2007 15:29:00 | Attr = H ]
$NtUninstallKB935840$ -> %SystemRoot%\$NtUninstallKB935840$ -> [Folder | Created Date = 13/06/2007 15:32:02 | Attr = H ]
BDOSCAN8 -> %SystemRoot%\BDOSCAN8 -> [Folder | Created Date = 12/06/2007 15:20:03 | Attr = ]
msoffice.ini -> %SystemRoot%\msoffice.ini -> [Ver = | Size = 2 bytes | Created Date = 11/06/2007 06:32:48 | Attr = ]
Vérifier les mises à jour de Windows Live Toolbar.job -> %SystemRoot%\tasks\Vérifier les mises à jour de Windows Live Toolbar.job -> [Ver = | Size = 256 bytes | Created Date = 03/06/2007 02:02:53 | Attr = ]
AvgAsCln.sys -> %System32%\drivers\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 10872 bytes | Created Date = 25/06/2007 21:16:46 | Attr = ]
EnterNHelp -> %AllUsersAppData%\EnterNHelp -> [Folder | Created Date = 06/06/2007 08:40:32 | Attr = ]
Grisoft -> %AllUsersAppData%\Grisoft -> [Folder | Created Date = 25/06/2007 21:16:43 | Attr = ]
PKP_DLbz.DAT -> %AllUsersAppData%\PKP_DLbz.DAT -> [Ver = | Size = 0 bytes | Created Date = 06/06/2007 08:40:32 | Attr = ]
Ultima_T15 -> %AllUsersAppData%\Ultima_T15 -> [Folder | Created Date = 06/06/2007 08:40:32 | Attr = ]
Grisoft -> %UserAppData%\Grisoft -> [Folder | Created Date = 25/06/2007 21:17:35 | Attr = ]
Nikon -> %UserAppData%\Nikon -> [Folder | Created Date = 06/06/2007 08:22:40 | Attr = ]
Nikon -> %LocalAppData%\Nikon -> [Folder | Created Date = 25/06/2007 20:05:47 | Attr = ]
bookmark.htm -> %UserDocuments%\bookmark.htm -> [Ver = | Size = 12288 bytes | Created Date = 04/06/2007 17:26:51 | Attr = ]
Adobe Reader 8.lnk -> %AllUsersDesktop%\Adobe Reader 8.lnk -> [Ver = | Size = 1612 bytes | Created Date = 11/06/2007 22:05:42 | Attr = ]
AVG Anti-Spyware.lnk -> %AllUsersDesktop%\AVG Anti-Spyware.lnk -> [Ver = | Size = 728 bytes | Created Date = 25/06/2007 21:16:50 | Attr = ]
iTunes.lnk -> %AllUsersDesktop%\iTunes.lnk -> [Ver = | Size = 2055 bytes | Created Date = 30/05/2007 17:18:36 | Attr = ]
Logitech QuickCam.lnk -> %AllUsersDesktop%\Logitech QuickCam.lnk -> [Ver = | Size = 1547 bytes | Created Date = 12/06/2007 08:31:08 | Attr = ]
My Logitech Pictures.lnk -> %AllUsersDesktop%\My Logitech Pictures.lnk -> [Ver = | Size = 1558 bytes | Created Date = 12/06/2007 08:31:08 | Attr = ]
RegistryBooster 2.lnk -> %AllUsersDesktop%\RegistryBooster 2.lnk -> [Ver = | Size = 659 bytes | Created Date = 24/06/2007 19:56:17 | Attr = ]
avenger.exe -> %UserDesktop%\avenger.exe -> [Ver = | Size = 130048 bytes | Created Date = 27/06/2007 08:19:35 | Attr = ]
Dossier d'archivage AOL sauvegardé -> %UserDesktop%\Dossier d'archivage AOL sauvegardé -> [Folder | Created Date = 11/06/2007 06:32:48 | Attr = ]
For OT.rtf -> %UserDesktop%\For OT.rtf -> [Ver = | Size = 5145233 bytes | Created Date = 26/06/2007 15:03:11 | Attr = ]
Logitech Print Service.lnk -> %UserDesktop%\Logitech Print Service.lnk -> [Ver = | Size = 626 bytes | Created Date = 12/06/2007 08:30:17 | Attr = ]
OT 2.rtf -> %UserDesktop%\OT 2.rtf -> [Ver = | Size = 95546 bytes | Created Date = 26/06/2007 08:43:46 | Attr = ]
OT.rtf -> %UserDesktop%\OT.rtf -> [Ver = | Size = 93069 bytes | Created Date = 25/06/2007 10:44:24 | Attr = ]
PCSX2 0.9.2 With BIOS and Memcard -> %UserDesktop%\PCSX2 0.9.2 With BIOS and Memcard -> [Folder | Created Date = 29/05/2007 14:40:59 | Attr = ]
stinger.exe -> %UserDesktop%\stinger.exe -> McAfee Inc. [Ver = 3.4.9 | Size = 1893383 bytes | Created Date = 12/06/2007 16:55:53 | Attr = ]
@Alternate Data Stream - 26 bytes -> %UserDesktop%\stinger.exe:Zone.Identifier ->
stinger.opt -> %UserDesktop%\stinger.opt -> [Ver = | Size = 22 bytes | Created Date = 12/06/2007 22:16:14 | Attr = ]
updater.bmp -> %UserDesktop%\updater.bmp -> [Ver = | Size = 3888054 bytes | Created Date = 12/06/2007 09:19:03 | Attr = ]
WinPFind3u -> %UserDesktop%\WinPFind3u -> [Folder | Created Date = 25/06/2007 07:45:39 | Attr = ]
Nikon -> %CommonProgramFiles%\Nikon -> [Folder | Created Date = 06/06/2007 08:22:02 | Attr = ]
ODBC -> %CommonProgramFiles%\ODBC -> [Folder | Created Date = 13/06/2007 15:28:17 | Attr = ]

[Files/Folders - Modified Within 30 days]
avenger -> %SystemDrive%\avenger -> [Folder | Modified Date = 27/06/2007 09:32:26 | Attr = ]
backup.reg -> %SystemDrive%\backup.reg -> [Ver = | Size = 0 bytes | Modified Date = 27/06/2007 09:30:36 | Attr = ]
Documents and Settings -> %SystemDrive%\Documents and Settings -> [Folder | Modified Date = 27/06/2007 09:27:36 | Attr = ]
hpfr3420.xml -> %SystemDrive%\hpfr3420.xml -> [Ver = | Size = 519 bytes | Modified Date = 25/06/2007 22:12:00 | Attr = ]
Program Files -> %ProgramFiles% -> [Folder | Modified Date = 25/06/2007 22:16:42 | Attr = R ]
sqmdata06.sqm -> %SystemDrive%\sqmdata06.sqm -> [Ver = | Size = 268 bytes | Modified Date = 14/06/2007 04:42:18 | Attr = H ]
sqmnoopt06.sqm -> %SystemDrive%\sqmnoopt06.sqm -> [Ver = | Size = 244 bytes | Modified Date = 14/06/2007 04:42:18 | Attr = H ]
WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 27/06/2007 03:00:56 | Attr = ]
zip.exe -> %SystemDrive%\zip.exe -> [Ver = | Size = 126976 bytes | Modified Date = 27/06/2007 09:26:00 | Attr = ]
$hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 13/06/2007 04:24:16 | Attr = H ]
$NtUninstallKB929123$ -> %SystemRoot%\$NtUninstallKB929123$ -> [Folder | Modified Date = 13/06/2007 16:32:14 | Attr = H ]
$NtUninstallKB935839$ -> %SystemRoot%\$NtUninstallKB935839$ -> [Folder | Modified Date = 13/06/2007 16:29:02 | Attr = H ]
$NtUninstallKB935840$ -> %SystemRoot%\$NtUninstallKB935840$ -> [Folder | Modified Date = 13/06/2007 16:32:04 | Attr = H ]
assembly -> %SystemRoot%\assembly -> [Folder | Modified Date = 24/06/2007 20:23:48 | Attr = R S]
BDOSCAN8 -> %SystemRoot%\BDOSCAN8 -> [Folder | Modified Date = 14/06/2007 14:53:54 | Attr = ]
bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 27/06/2007 15:54:28 | Attr = S]
Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 22/06/2007 01:46:00 | Attr = ]
ie7updates -> %SystemRoot%\ie7updates -> [Folder | Modified Date = 14/06/2007 06:54:38 | Attr = ]
inf -> %SystemRoot%\inf -> [Folder | Modified Date = 24/06/2007 20:00:48 | Attr = ]
Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 27/06/2007 03:01:42 | Attr = HS]
Minidump -> %SystemRoot%\Minidump -> [Folder | Modified Date = 11/06/2007 07:31:08 | Attr = ]
msoffice.ini -> %SystemRoot%\msoffice.ini -> [Ver = | Size = 2 bytes | Modified Date = 11/06/2007 07:32:50 | Attr = ]
NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = | Size = 116 bytes | Modified Date = 27/06/2007 09:30:26 | Attr = ]
network diagnostic -> %SystemRoot%\network diagnostic -> [Folder | Modified Date = 26/06/2007 15:26:52 | Attr = ]
PREFETCH -> %SystemRoot%\PREFETCH -> [Folder | Modified Date = 26/06/2007 16:12:40 | Attr = ]
Registration -> %SystemRoot%\Registration -> [Folder | Modified Date = 26/06/2007 15:30:38 | Attr = ]
security -> %SystemRoot%\security -> [Folder | Modified Date = 24/06/2007 21:12:52 | Attr = ]
system32 -> %System32% -> [Folder | Modified Date = 27/06/2007 09:27:36 | Attr = ]
Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 22/06/2007 02:21:06 | Attr = ]
Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 27/06/2007 13:31:28 | Attr = ]
win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 883 bytes | Modified Date = 11/06/2007 07:33:04 | Attr = ]
_delis32.ini -> %SystemRoot%\_delis32.ini -> [Ver = | Size = 528 bytes | Modified Date = 12/06/2007 09:30:40 | Attr = ]
1-Klick-Wartung.job -> %SystemRoot%\tasks\1-Klick-Wartung.job -> [Ver = | Size = 406 bytes | Modified Date = 23/06/2007 00:11:00 | Attr = ]
AppleSoftwareUpdate.job -> %SystemRoot%\tasks\AppleSoftwareUpdate.job -> [Ver = | Size = 284 bytes | Modified Date = 20/06/2007 17:07:06 | Attr = ]
Extension de garantie.job -> %SystemRoot%\tasks\Extension de garantie.job -> [Ver = | Size = 230 bytes | Modified Date = 27/06/2007 15:30:02 | Attr = ]
FRU Task #Hewlett-Packard#hp psc 1200 series#1177201252.job -> %SystemRoot%\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1177201252.job -> [Ver = | Size = 392 bytes | Modified Date = 22/06/2007 02:21:06 | Attr = ]
Master CD_DVD Creator.job -> %SystemRoot%\tasks\Master CD_DVD Creator.job -> [Ver = | Size = 230 bytes | Modified Date = 27/06/2007 15:30:04 | Attr = ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 27/06/2007 15:51:46 | Attr = H ]
Vérifier les mises à jour de Windows Live Toolbar.job -> %SystemRoot%\tasks\Vérifier les mises à jour de Windows Live Toolbar.job -> [Ver = | Size = 256 bytes | Modified Date = 27/06/2007 15:37:02 | Attr = ]
ActiveScan -> %System32%\ActiveScan -> [Folder | Modified Date = 12/06/2007 11:24:02 | Attr = ]
CatRoot -> %System32%\CatRoot -> [Folder | Modified Date = 12/06/2007 09:31:56 | Attr = ]
CatRoot2 -> %System32%\CatRoot2 -> [Folder | Modified Date = 27/06/2007 09:28:52 | Attr = ]
dllcache -> %System32%\dllcache -> [Folder | Modified Date = 14/06/2007 06:54:50 | Attr = ]
drivers -> %System32%\drivers -> [Folder | Modified Date = 27/06/2007 09:32:26 | Attr = ]
Help.ico -> %System32%\Help.ico -> [Ver = | Size = 1406 bytes | Modified Date = 12/06/2007 11:31:58 | Attr = ]
Lang -> %System32%\Lang -> [Folder | Modified Date = 27/06/2007 09:30:30 | Attr = ]
nvapps.xml -> %System32%\nvapps.xml -> [Ver = | Size = 51048 bytes | Modified Date = 27/06/2007 09:30:34 | Attr = ]
pavas.ico -> %System32%\pavas.ico -> [Ver = | Size = 30590 bytes | Modified Date = 12/06/2007 11:31:58 | Attr = ]
Uninstall.ico -> %System32%\Uninstall.ico -> [Ver = | Size = 2550 bytes | Modified Date = 12/06/2007 11:31:58 | Attr = ]
wpa.dbl -> %System32%\wpa.dbl -> [Ver = | Size = 1158 bytes | Modified Date = 27/06/2007 15:54:58 | Attr = ]
AvgAsCln.sys -> %System32%\drivers\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 10872 bytes | Modified Date = 30/05/2007 14:10:42 | Attr = ]
fwdrv.err -> %System32%\drivers\fwdrv.err -> [Ver = | Size = 3661550 bytes | Modified Date = 27/06/2007 09:26:24 | Attr = ]
Adobe -> %AllUsersAppData%\Adobe -> [Folder | Modified Date = 11/06/2007 23:05:38 | Attr = ]
AOL -> %AllUsersAppData%\AOL -> [Folder | Modified Date = 11/06/2007 07:33:02 | Attr = ]
EnterNHelp -> %AllUsersAppData%\EnterNHelp -> [Folder | Modified Date = 06/06/2007 09:40:34 | Attr = ]
Grisoft -> %AllUsersAppData%\Grisoft -> [Folder | Modified Date = 25/06/2007 22:16:44 | Attr = ]
Microsoft -> %AllUsersAppData%\Microsoft -> [Folder | Modified Date = 24/06/2007 20:56:18 | Attr = S]
Microsoft Corporation -> %AllUsersAppData%\Microsoft Corporation -> [Folder | Modified Date = 11/06/2007 23:07:26 | Attr = ]
Microsoft Help -> %AllUsersAppData%\Microsoft Help -> [Folder | Modified Date = 13/06/2007 16:32:44 | Attr = ]
PKP_DLbz.DAT -> %AllUsersAppData%\PKP_DLbz.DAT -> [Ver = | Size = 0 bytes | Modified Date = 06/06/2007 09:40:34 | Attr = ]
Ultima_T15 -> %AllUsersAppData%\Ultima_T15 -> [Folder | Modified Date = 06/06/2007 09:40:34 | Attr = ]
Azureus -> %UserAppData%\Azureus -> [Folder | Modified Date = 27/06/2007 15:51:34 | Attr = ]
dvdcss -> %UserAppData%\dvdcss -> [Folder | Modified Date = 22/06/2007 01:38:40 | Attr = ]
Grisoft -> %UserAppData%\Grisoft -> [Folder | Modified Date = 25/06/2007 22:17:36 | Attr = ]
Microsoft -> %UserAppData%\Microsoft -> [Folder | Modified Date = 12/06/2007 10:37:40 | Attr = S]
Nikon -> %UserAppData%\Nikon -> [Folder | Modified Date = 06/06/2007 09:22:42 | Attr = ]
SUPERAntiSpyware.com -> %UserAppData%\SUPERAntiSpyware.com -> [Folder | Modified Date = 24/06/2007 22:00:14 | Attr = ]
Uniblue -> %UserAppData%\Uniblue -> [Folder | Modified Date = 24/06/2007 20:56:28 | Attr = ]
ApplicationHistory -> %LocalAppData%\ApplicationHistory -> [Folder | Modified Date = 26/06/2007 23:41:54 | Attr = ]
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %LocalAppData%\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [Ver = | Size = 76288 bytes | Modified Date = 26/06/2007 16:25:44 | Attr = ]
IconCache.db -> %LocalAppData%\IconCache.db -> [Ver = | Size = 3769106 bytes | Modified Date = 25/06/2007 23:26:08 | Attr = H ]
Nikon -> %LocalAppData%\Nikon -> [Folder | Modified Date = 25/06/2007 21:05:48 | Attr = ]
Téléchargements AOL -> %AllUsersDocuments%\Téléchargements AOL -> [Folder | Modified Date = 11/06/2007 07:32:50 | Attr = ]
bookmark.htm -> %UserDocuments%\bookmark.htm -> [Ver = | Size = 12288 bytes | Modified Date = 04/06/2007 18:26:52 | Attr = ]
elodie -> %UserDocuments%\elodie -> [Folder | Modified Date = 11/06/2007 07:02:08 | Attr = ]
Ma musique -> %UserDocuments%\Ma musique -> [Folder | Modified Date = 25/06/2007 18:13:46 | Attr = R ]
Mes images -> %UserDocuments%\Mes images -> [Folder | Modified Date = 06/06/2007 09:43:58 | Attr = R ]
Mes vidéos -> %UserDocuments%\Mes vidéos -> [Folder | Modified Date = 26/06/2007 16:39:54 | Attr = R ]
My Sharing Folders.lnk -> %UserDocuments%\My Sharing Folders.lnk -> [Ver = | Size = 585 bytes | Modified Date = 26/06/2007 23:23:30 | Attr = ]
My Skype Pictures -> %UserDocuments%\My Skype Pictures -> [Folder | Modified Date = 12/06/2007 08:49:38 | Attr = ]
Neil CREESE -> %UserDocuments%\Neil CREESE -> [Folder | Modified Date = 25/06/2007 23:19:44 | Attr = ]
Updater5 -> %UserDocuments%\Updater5 -> [Folder | Modified Date = 11/06/2007 12:32:14 | Attr = ]
Adobe Reader 8.lnk -> %AllUsersDesktop%\Adobe Reader 8.lnk -> [Ver = | Size = 1612 bytes | Modified Date = 11/06/2007 23:05:44 | Attr = ]
AVG Anti-Spyware.lnk -> %AllUsersDesktop%\AVG Anti-Spyware.lnk -> [Ver = | Size = 728 bytes | Modified Date = 25/06/2007 22:16:52 | Attr = ]
iTunes.lnk -> %AllUsersDesktop%\iTunes.lnk -> [Ver = | Size = 2055 bytes | Modified Date = 25/06/2007 18:10:18 | Attr = ]
Logitech QuickCam.lnk -> %AllUsersDesktop%\Logitech QuickCam.lnk -> [Ver = | Size = 1547 bytes | Modified Date = 12/06/2007 09:31:10 | Attr = ]
My Logitech Pictures.lnk -> %AllUsersDesktop%\My Logitech Pictures.lnk -> [Ver = | Size = 1558 bytes | Modified Date = 12/06/2007 09:31:10 | Attr = ]
RegistryBooster 2.lnk -> %AllUsersDesktop%\RegistryBooster 2.lnk -> [Ver = | Size = 659 bytes | Modified Date = 24/06/2007 20:56:18 | Attr = ]
Dossier d'archivage AOL sauvegardé -> %UserDesktop%\Dossier d'archivage AOL sauvegardé -> [Folder | Modified Date = 11/06/2007 07:32:50 | Attr = ]
For OT.rtf -> %UserDesktop%\For OT.rtf -> [Ver = | Size = 5145233 bytes | Modified Date = 26/06/2007 16:03:14 | Attr = ]
Logitech Print Service.lnk -> %UserDesktop%\Logitech Print Service.lnk -> [Ver = | Size = 626 bytes | Modified Date = 12/06/2007 09:30:18 | Attr = ]
OT 2.rtf -> %UserDesktop%\OT 2.rtf -> [Ver = | Size = 95546 bytes | Modified Date = 26/06/2007 09:43:48 | Attr = ]
OT.rtf -> %UserDesktop%\OT.rtf -> [Ver = | Size = 93069 bytes | Modified Date = 25/06/2007 11:44:26 | Attr = ]
PCSX2 0.9.2 With BIOS and Memcard -> %UserDesktop%\PCSX2 0.9.2 With BIOS and Memcard -> [Folder | Modified Date = 29/05/2007 15:41:12 | Attr = ]
Raccourcis Bureau non utilisés -> %UserDesktop%\Raccourcis Bureau non utilisés -> [Folder | Modified Date = 24/06/2007 21:22:54 | Attr = ]
bleep -> %UserDesktop%\bleep -> [Folder | Modified Date = 11/06/2007 21:54:16 | Attr = ]
stinger.exe -> %UserDesktop%\stinger.exe -> McAfee Inc. [Ver = 3.4.9 | Size = 1893383 bytes | Modified Date = 12/06/2007 17:56:12 | Attr = ]
@Alternate Data Stream - 26 bytes -> %UserDesktop%\stinger.exe:Zone.Identifier ->
stinger.opt -> %UserDesktop%\stinger.opt -> [Ver = | Size = 22 bytes | Modified Date = 12/06/2007 23:16:16 | Attr = ]
updater.bmp -> %UserDesktop%\updater.bmp -> [Ver = | Size = 3888054 bytes | Modified Date = 12/06/2007 10:19:04 | Attr = ]
WinPFind3u -> %UserDesktop%\WinPFind3u -> [Folder | Modified Date = 25/06/2007 23:53:42 | Attr = ]
Adobe -> %CommonProgramFiles%\Adobe -> [Folder | Modified Date = 11/06/2007 23:05:42 | Attr = ]
AOL -> %CommonProgramFiles%\AOL -> [Folder | Modified Date = 11/06/2007 07:33:28 | Attr = ]
FotoWire -> %CommonProgramFiles%\FotoWire -> [Folder | Modified Date = 12/06/2007 09:30:16 | Attr = ]
Nikon -> %CommonProgramFiles%\Nikon -> [Folder | Modified Date = 06/06/2007 09:22:16 | Attr = ]
ODBC -> %CommonProgramFiles%\ODBC -> [Folder | Modified Date = 13/06/2007 16:28:18 | Attr = ]
Symantec Shared -> %CommonProgramFiles%\Symantec Shared -> [Folder | Modified Date = 11/06/2007 07:33:28 | Attr = ]
System -> %CommonProgramFiles%\System -> [Folder | Modified Date = 13/06/2007 16:32:14 | Attr = ]
Wise Installation Wizard -> %CommonProgramFiles%\Wise Installation Wizard -> [Folder | Modified Date = 24/06/2007 22:00:12 | Attr = ]

[File String Scan - Non-Microsoft Only]
UPX! , UPX0 , -> %System32%\aswBoot.exe -> ALWIL Software [Ver = 4, 7, 997, 0 | Size = 745600 bytes | Modified Date = 30/04/2007 17:46:10 | Attr = ]
PEC2 , -> %System32%\dfrg.msc -> [Ver = | Size = 41131 bytes | Modified Date = 10/08/2004 14:00:00 | Attr = ]
UPX! , UPX0 , -> %System32%\pncrt.dll -> Real Networks, Inc [Ver = 6.0.0.0 | Size = 123392 bytes | Modified Date = 26/11/2003 01:32:02 | Attr = ]
Thawte Consulting , -> %System32%\pxdrv.dll -> Sonic Solutions [Ver = 1.01.83a | Size = 464552 bytes | Modified Date = 28/03/2006 11:01:00 | Attr = ]
Thawte Consulting , -> %System32%\rmoc3260.dll -> RealNetworks, Inc. [Ver = 6.0.9.2568 | Size = 185952 bytes | Modified Date = 02/03/2007 17:32:44 | Attr = ]
UPX! , UPX0 , -> %System32%\vbskpro2.ocx -> JB [Ver = 2.01 | Size = 412672 bytes | Modified Date = 09/08/2005 00:07:00 | Attr = ]
winsync , -> %System32%\wbdbase.deu -> [Ver = | Size = 1309184 bytes | Modified Date = 10/08/2004 14:00:00 | Attr = ]
WSUD , UPX0 , -> %System32%\dllcache\hwxjpn.dll -> [Ver = | Size = 13463552 bytes | Modified Date = 10/08/2004 14:00:00 | Attr = ]
File scan skipped for file %UserDocuments%\Sims2_1.daa -> File size too big (665936050 bytes) ->
File scan skipped for file %UserDocuments%\Sims2_2.daa -> File size too big (681615173 bytes) ->
@Alternate Data Stream - 26 bytes -> %UserDesktop%\6773251300-cd.exe:Zone.Identifier ->
File scan skipped for file %UserDesktop%\avl-hlgo.img -> File size too big (403075072 bytes) ->
UPX! , PEC2 , winsync , WSUD , UPX0 , Thawte Consulting , -> %UserDesktop%\OT 2.rtf -> [Ver = | Size = 95546 bytes | Modified Date = 26/06/2007 09:43:48 | Attr = ]
UPX! , PEC2 , winsync , WSUD , UPX0 , Thawte Consulting , -> %UserDesktop%\OT.rtf -> [Ver = | Size = 93069 bytes | Modified Date = 25/06/2007 11:44:26 | Attr = ]
@Alternate Data Stream - 26 bytes -> %UserDesktop%\stinger.exe:Zone.Identifier ->
UPX! , UPX0 , -> %UserDesktop%\stinger.exe -> McAfee Inc. [Ver = 3.4.9 | Size = 1893383 bytes | Modified Date = 12/06/2007 17:56:12 | Attr = ]

< End of report >




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users