log.txt
Logfile of random's system information tool 1.06 (written by random/random)
Run by Vamos at 2010-03-26 10:25:52
Microsoft Windows 7 Professionnel
System drive C: has 240 GB (79%) free of 305 GB
Total RAM: 3583 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:26:09, on 26.03.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Fighters\SPYWAREfighter\swproTray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Hamachi\hamachi.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\Vamos\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vamos\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Users\Vamos\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vamos\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Users\Vamos\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vamos\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vamos\Documents\Downloads\RSIT.exe
C:\Program Files\trend micro\Vamos.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.bigseekpro.com/hypercam/%7BF ... C981EE4%7D R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.bigseekpro.com/hypercam/{FF8BA809-851E-4D11-B6C4-F57E2C981EE4}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: [Six Engine] "C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe" -r
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SWPROguard] C:\Program Files\Fighters\SPYWAREfighter\SWPROTray.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Users\Vamos\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Canaveral] rundll32.exe C:\Windows\system32\sshnas21.dll,BackupReadW
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
O4 - Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O8 - Extra context menu item: Ajouter à l'Anti-bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/s ... wflash.cab O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AV Engine Scanning Service - Preventon Technologies Limited - C:/Program Files/Common Files/Common Toolkit Suite/AVEngine/AVScanningService.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: Browser Defender Update Service - Threat Expert Ltd. - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
O23 - Service: Common Toolkit Service - SPAMfighter - C:\Program Files\Common Files\Common Toolkit Suite\FighterSuiteService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe
End of file - 8643 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3011667035-269395239-3036896157-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3011667035-269395239-3036896157-1000UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}]
PC Tools Browser Guard BHO - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll [2010-01-22 567248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll [2009-07-03 68112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-09-02 1175944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-10 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [2010-03-09 264720]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-09-02 1175944]
{472734EA-242A-422B-ADF8-83D1E48CC825} - PC Tools Browser Guard - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll [2010-01-22 567248]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Six Engine"=C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe [2009-03-31 5748736]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-08-14 98304]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-07-03 303376]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-01-11 246504]
"SWPROguard"=C:\Program Files\Fighters\SPYWAREfighter\SWPROTray.exe [2010-03-11 586376]
"ISTray"=C:\Program Files\Spyware Doctor\pctsTray.exe [2010-01-18 1286608]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"Google Update"=C:\Users\Vamos\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-09 135664]
"Steam"=c:\program files\valve\steam\steam.exe [2010-03-16 1217872]
"Canaveral"=C:\Windows\system32\sshnas21.dll [2010-03-25 198144]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]
C:\Users\Vamos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
hamachi.lnk - C:\Program Files\Hamachi\hamachi.exe
LimeWire On Startup.lnk - C:\Program Files\LimeWire\LimeWire.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\Windows\system32\klogon.dll [2009-07-03 219664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Base]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot file system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Browser]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dhcp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DnsCache]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventLog]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\File system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanServer]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanWorkstation]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LmHosts]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Messenger]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS Wrapper]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ndisuio]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOSGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBT]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetDDEGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Netlogon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetMan]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Network]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetworkProvider]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCI Configuration]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PlugPlay]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP_TDI]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Primary disk]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcSs]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCSI Class]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sermouse.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SharedAccess]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Streams Drivers]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\System Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Tcpip]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDI]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vga.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vgasave.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{36FC9E60-C465-11CF-8056-444553540000}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E972-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E973-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E974-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E975-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b699769a-2be5-11df-80fb-806e6f6e6963}]
shell\AutoRun\command - D:\autorun.exe
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-03-26 10:13:23 ----D---- C:\rsit
2010-03-26 10:13:23 ----D---- C:\Program Files\trend micro
2010-03-25 21:53:11 ----D---- C:\Users\Vamos\AppData\Roaming\QuickScan
2010-03-25 18:27:14 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-03-25 18:27:14 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-03-25 16:47:48 ----D---- C:\Users\Vamos\AppData\Roaming\Common Toolkit Suite
2010-03-25 16:47:41 ----D---- C:\ProgramData\clp
2010-03-25 16:47:33 ----D---- C:\ProgramData\Common Toolkit Suite
2010-03-25 16:47:33 ----D---- C:\Program Files\Fighters
2010-03-25 16:47:33 ----D---- C:\Program Files\Common Files\Common Toolkit Suite
2010-03-25 16:47:03 ----HDC---- C:\ProgramData\{88078557-37D5-402B-8B75-49F162ECEDBD}
2010-03-25 16:46:32 ----D---- C:\Users\Vamos\AppData\Roaming\Fighters
2010-03-25 12:09:41 ----A---- C:\Windows\SGDetectionTool.dll
2010-03-25 12:09:41 ----A---- C:\Windows\PCTBDRes.dll
2010-03-25 12:09:41 ----A---- C:\Windows\PCTBDCore.dll.old
2010-03-25 12:09:41 ----A---- C:\Windows\PCTBDCore.dll
2010-03-25 12:09:41 ----A---- C:\Windows\BDTSupport.dll.old
2010-03-25 12:09:41 ----A---- C:\Windows\BDTSupport.dll
2010-03-25 12:07:14 ----D---- C:\Program Files\Common Files\PC Tools
2010-03-25 12:07:13 ----D---- C:\Users\Vamos\AppData\Roaming\PC Tools
2010-03-25 12:07:13 ----D---- C:\ProgramData\PC Tools
2010-03-25 12:07:13 ----D---- C:\Program Files\Spyware Doctor
2010-03-25 12:06:55 ----AD---- C:\ProgramData\TEMP
2010-03-25 11:49:53 ----A---- C:\Windows\system32\sshnas21.dll
2010-03-24 21:46:40 ----D---- C:\Program Files\No-IP
2010-03-23 11:59:34 ----D---- C:\Program Files\CR-TEKnologies
2010-03-18 20:19:23 ----D---- C:\ProgramData\Sony
2010-03-18 20:19:17 ----D---- C:\Program Files\Sony
2010-03-18 19:41:23 ----A---- C:\Windows\system32\d3dx9_32.dll
2010-03-18 19:40:57 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2010-03-18 19:31:37 ----D---- C:\Program Files\Movie Maker 2.6
2010-03-18 18:05:15 ----D---- C:\Program Files\VirtualDJ
2010-03-17 23:00:12 ----A---- C:\Windows\system32\msonpmon.dll
2010-03-17 15:14:17 ----D---- C:\Program Files\HyCam2
2010-03-16 20:26:40 ----A---- C:\Windows\system32\CmdLineExt.dll
2010-03-16 19:59:10 ----D---- C:\Program Files\Eidos
2010-03-16 19:45:52 ----D---- C:\Program Files\SpeedFan
2010-03-16 17:59:59 ----D---- C:\Windows\DF5A03CCD5AA43D8B948D9903F2AF94A.TMP
2010-03-16 17:53:08 ----D---- C:\Program Files\Common Files\Steam
2010-03-16 17:47:14 ----D---- C:\Program Files\Valve
2010-03-15 19:40:52 ----D---- C:\Users\Vamos\AppData\Roaming\TS3Client
2010-03-15 19:39:45 ----D---- C:\Program Files\TeamSpeak 3 Client
2010-03-15 14:56:48 ----D---- C:\Fraps
2010-03-15 13:40:24 ----D---- C:\ProgramData\Office Genuine Advantage
2010-03-15 13:13:27 ----A---- C:\Windows\system32\MRT.exe
2010-03-15 13:13:08 ----D---- C:\Program Files\MSXML 4.0
2010-03-14 14:16:03 ----D---- C:\ProgramData\Age of Empires 3
2010-03-14 14:14:48 ----D---- C:\Program Files\Common Files\Microsoft Games
2010-03-14 14:14:42 ----A---- C:\Windows\system32\d3dx9_26.dll
2010-03-14 14:14:41 ----A---- C:\Windows\system32\d3dx9_25.dll
2010-03-14 14:06:01 ----D---- C:\Program Files\Microsoft Games
2010-03-11 22:38:28 ----D---- C:\Program Files\QS
2010-03-11 22:38:23 ----D---- C:\Users\Vamos\AppData\Roaming\TeamViewer
2010-03-10 22:33:11 ----D---- C:\Program Files\WinSCP
2010-03-10 22:27:52 ----A---- C:\Windows\system32\libmysql_d.dll
2010-03-10 22:27:49 ----D---- C:\Program Files\PremiumSoft
2010-03-10 21:08:26 ----D---- C:\Program Files\Hamachi
2010-03-10 21:06:40 ----HD---- C:\ProgramData\CanonBJ
2010-03-10 21:06:04 ----A---- C:\Windows\system32\CNMLM9E.DLL
2010-03-10 20:07:16 ----A---- C:\Windows\system32\msv1_0.dll
2010-03-10 20:04:10 ----A---- C:\Windows\system32\browserchoice.exe
2010-03-10 19:59:15 ----D---- C:\Windows\system32\appmgmt
2010-03-10 17:08:21 ----D---- C:\Users\Vamos\AppData\Roaming\Hamachi
2010-03-10 17:00:24 ----D---- C:\Program Files\Common Files\PC SOFT
2010-03-10 16:42:38 ----D---- C:\ProgramData\COMODO
2010-03-10 16:37:45 ----D---- C:\ProgramData\Comodo Downloader
2010-03-10 16:17:59 ----D---- C:\Program Files\Microsoft Virtual PC
2010-03-10 15:39:33 ----D---- C:\Program Files\Landwirtschafts-Simulator 2009 Demo
2010-03-10 14:39:28 ----D---- C:\Program Files\Legend of MT2
2010-03-10 14:13:05 ----D---- C:\Users\Vamos\AppData\Roaming\Mozilla
2010-03-10 14:12:58 ----D---- C:\Users\Vamos\AppData\Roaming\LimeWire
2010-03-10 14:09:57 ----D---- C:\ProgramData\Sun
2010-03-10 14:09:56 ----D---- C:\Program Files\Common Files\Java
2010-03-10 14:09:49 ----A---- C:\Windows\system32\javaws.exe
2010-03-10 14:09:49 ----A---- C:\Windows\system32\javaw.exe
2010-03-10 14:09:49 ----A---- C:\Windows\system32\java.exe
2010-03-10 14:09:49 ----A---- C:\Windows\system32\deploytk.dll
2010-03-10 14:09:43 ----D---- C:\Program Files\Java
2010-03-10 14:09:23 ----D---- C:\Program Files\LimeWire
2010-03-10 14:01:51 ----D---- C:\Users\Vamos\AppData\Roaming\WinRAR
2010-03-10 13:54:25 ----D---- C:\Program Files\WinRAR
2010-03-10 13:45:48 ----D---- C:\Program Files\Ask.com
2010-03-10 13:44:33 ----D---- C:\Users\Vamos\AppData\Roaming\uTorrent
2010-03-10 12:29:42 ----D---- C:\Program Files\Windows Virtual PC
2010-03-10 12:28:48 ----A---- C:\Windows\system32\vpchbuspipe.dll
2010-03-10 12:28:45 ----A---- C:\Windows\system32\VPCWizard.exe
2010-03-10 12:28:45 ----A---- C:\Windows\system32\VPCSettings.exe
2010-03-10 12:28:45 ----A---- C:\Windows\system32\VMWindow.exe
2010-03-10 12:28:45 ----A---- C:\Windows\system32\vmsal.exe
2010-03-10 12:28:45 ----A---- C:\Windows\system32\VMCPropertyHandler.dll
2010-03-10 12:28:43 ----A---- C:\Windows\system32\vpc.exe
2010-03-10 12:05:34 ----A---- C:\Windows\system32\msasn1.dll
2010-03-10 12:05:33 ----A---- C:\Windows\system32\wmp.dll
2010-03-10 12:05:33 ----A---- C:\Windows\system32\winresume.exe
2010-03-10 12:05:33 ----A---- C:\Windows\system32\winload.exe
2010-03-10 12:05:33 ----A---- C:\Windows\system32\CertEnroll.dll
2010-03-10 12:05:32 ----A---- C:\Windows\system32\wmploc.DLL
2010-03-10 12:05:20 ----A---- C:\Windows\system32\jscript.dll
2010-03-10 12:05:16 ----A---- C:\Windows\system32\t2embed.dll
2010-03-10 12:05:16 ----A---- C:\Windows\system32\fontsub.dll
2010-03-10 12:05:16 ----A---- C:\Windows\system32\atmfd.dll
2010-03-10 12:05:15 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-03-10 12:05:15 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-03-10 12:05:15 ----A---- C:\Windows\system32\kernel32.dll
2010-03-10 12:05:15 ----A---- C:\Windows\system32\apphelp.dll
2010-03-10 12:05:14 ----A---- C:\Windows\system32\tsbyuv.dll
2010-03-10 12:05:14 ----A---- C:\Windows\system32\quartz.dll
2010-03-10 12:05:14 ----A---- C:\Windows\system32\msyuv.dll
2010-03-10 12:05:14 ----A---- C:\Windows\system32\msvidc32.dll
2010-03-10 12:05:14 ----A---- C:\Windows\system32\msrle32.dll
2010-03-10 12:05:14 ----A---- C:\Windows\system32\mciavi32.dll
2010-03-10 12:05:14 ----A---- C:\Windows\system32\iyuv_32.dll
2010-03-10 12:05:14 ----A---- C:\Windows\system32\avifil32.dll
2010-03-10 12:05:13 ----A---- C:\Windows\system32\mshtml.dll
2010-03-10 12:05:13 ----A---- C:\Windows\system32\ieframe.dll
2010-03-10 12:05:12 ----A---- C:\Windows\system32\wininet.dll
2010-03-10 12:05:12 ----A---- C:\Windows\system32\urlmon.dll
2010-03-10 12:05:12 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-03-10 12:05:12 ----A---- C:\Windows\system32\iedkcs32.dll
2010-03-10 12:05:06 ----A---- C:\Windows\system32\psisdecd.dll
2010-03-10 12:05:06 ----A---- C:\Windows\system32\msdri.dll
2010-03-10 12:05:06 ----A---- C:\Windows\system32\CPFilters.dll
2010-03-10 12:05:02 ----A---- C:\Windows\system32\tzres.dll
2010-03-10 12:04:59 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-03-10 12:04:59 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-03-10 12:04:59 ----A---- C:\Windows\system32\secproc_isv.dll
2010-03-10 12:04:59 ----A---- C:\Windows\system32\secproc.dll
2010-03-10 12:04:59 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-03-10 12:04:59 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-03-10 12:04:59 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-03-10 12:04:59 ----A---- C:\Windows\system32\RMActivate.exe
2010-03-10 12:04:55 ----A---- C:\Windows\system32\winlogon.exe
2010-03-10 12:04:55 ----A---- C:\Windows\explorer.exe
2010-03-10 08:27:47 ----D---- C:\ProgramData\Adobe
2010-03-10 08:27:44 ----D---- C:\Program Files\Common Files\Adobe
2010-03-10 08:27:44 ----D---- C:\Program Files\Adobe
2010-03-10 02:45:04 ----D---- C:\Windows\SoftwareDistribution
2010-03-09 21:12:06 ----D---- C:\Program Files\LogMeIn Hamachi
2010-03-09 21:09:23 ----D---- C:\wamp
2010-03-09 21:07:17 ----D---- C:\Users\Vamos\AppData\Roaming\Notepad++
2010-03-09 21:07:17 ----D---- C:\Program Files\Notepad++
2010-03-09 19:11:49 ----D---- C:\PFiles
2010-03-09 19:05:30 ----D---- C:\Users\Vamos\AppData\Roaming\Macromedia
2010-03-09 19:05:30 ----D---- C:\Users\Vamos\AppData\Roaming\Adobe
2010-03-09 19:04:59 ----D---- C:\Windows\system32\Macromed
2010-03-09 18:54:47 ----D---- C:\Program Files\Microsoft
2010-03-09 18:54:26 ----D---- C:\Program Files\Windows Live SkyDrive
2010-03-09 18:54:09 ----D---- C:\Program Files\Windows Live
2010-03-09 18:51:53 ----D---- C:\ProgramData\Kaspersky Lab
2010-03-09 18:51:53 ----D---- C:\Program Files\Kaspersky Lab
2010-03-09 18:50:53 ----D---- C:\ProgramData\Kaspersky Lab Setup Files
2010-03-09 18:50:50 ----D---- C:\Program Files\Common Files\Windows Live
2010-03-09 18:47:31 ----D---- C:\Users\Vamos\AppData\Roaming\ATI
2010-03-09 18:47:12 ----SD---- C:\Users\Vamos\AppData\Roaming\Microsoft
2010-03-09 18:47:12 ----D---- C:\Users\Vamos\AppData\Roaming\Identities
======List of files/folders modified in the last 1 months======
2010-03-26 10:25:56 ----D---- C:\Windows\Temp
2010-03-26 10:24:49 ----D---- C:\Windows\system32\config
2010-03-26 10:14:36 ----SHD---- C:\System Volume Information
2010-03-26 10:13:23 ----RD---- C:\Program Files
2010-03-26 10:11:07 ----D---- C:\Windows\system32\catroot2
2010-03-25 19:13:23 ----D---- C:\Windows\Tasks
2010-03-25 19:13:23 ----D---- C:\Windows\system32\Tasks
2010-03-25 19:13:23 ----D---- C:\Windows
2010-03-25 18:27:14 ----HD---- C:\ProgramData
2010-03-25 16:47:37 ----D---- C:\Windows\system32\drivers
2010-03-25 16:47:36 ----D---- C:\Windows\system32\catroot
2010-03-25 16:47:35 ----SHD---- C:\Windows\Installer
2010-03-25 16:47:33 ----D---- C:\Program Files\Common Files
2010-03-25 11:49:53 ----D---- C:\Windows\System32
2010-03-24 23:10:23 ----D---- C:\Program Files\Internet Explorer
2010-03-24 23:10:22 ----D---- C:\Windows\winsxs
2010-03-23 11:59:38 ----D---- C:\Windows\Prefetch
2010-03-19 11:51:07 ----D---- C:\Windows\system32\LogFiles
2010-03-19 10:37:15 ----D---- C:\ProgramData\Microsoft Help
2010-03-18 23:27:23 ----D---- C:\Windows\inf
2010-03-18 23:27:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-03-18 20:20:06 ----RSD---- C:\Windows\assembly
2010-03-18 18:05:22 ----RSD---- C:\Windows\Fonts
2010-03-17 22:58:34 ----D---- C:\Program Files\Common Files\microsoft shared
2010-03-16 19:59:21 ----HD---- C:\Program Files\InstallShield Installation Information
2010-03-15 13:14:16 ----D---- C:\Windows\system32\zh-TW
2010-03-15 13:14:16 ----D---- C:\Windows\system32\zh-HK
2010-03-15 13:14:16 ----D---- C:\Windows\system32\tr-TR
2010-03-15 13:14:16 ----D---- C:\Windows\system32\sv-SE
2010-03-15 13:14:16 ----D---- C:\Windows\system32\pt-BR
2010-03-15 13:14:16 ----D---- C:\Windows\system32\nl-NL
2010-03-15 13:14:16 ----D---- C:\Windows\system32\nb-NO
2010-03-15 13:14:16 ----D---- C:\Windows\system32\ko-KR
2010-03-15 13:14:16 ----D---- C:\Windows\system32\it-IT
2010-03-15 13:14:16 ----D---- C:\Windows\system32\he-IL
2010-03-15 13:14:16 ----D---- C:\Windows\system32\fr-FR
2010-03-15 13:14:16 ----D---- C:\Windows\system32\fi-FI
2010-03-15 13:14:16 ----D---- C:\Windows\system32\es-ES
2010-03-15 13:14:16 ----D---- C:\Windows\system32\en-US
2010-03-15 13:14:16 ----D---- C:\Windows\system32\el-GR
2010-03-15 13:14:16 ----D---- C:\Windows\system32\de-DE
2010-03-15 13:14:16 ----D---- C:\Windows\system32\da-DK
2010-03-15 13:14:16 ----D---- C:\Windows\system32\ar-SA
2010-03-15 13:13:28 ----D---- C:\Windows\debug
2010-03-14 14:14:41 ----D---- C:\Windows\Microsoft.NET
2010-03-14 03:24:30 ----D---- C:\Windows\system32\wdi
2010-03-13 17:49:43 ----D---- C:\Windows\rescache
2010-03-13 17:32:10 ----D---- C:\Windows\DigitalLocker
2010-03-13 17:32:09 ----D---- C:\Windows\system32\winrm
2010-03-13 17:32:07 ----D---- C:\Windows\system32\slmgr
2010-03-13 17:32:06 ----D---- C:\Windows\system32\WCN
2010-03-13 17:32:06 ----D---- C:\Windows\system32\MUI
2010-03-13 17:32:00 ----D---- C:\Windows\servicing
2010-03-13 17:32:00 ----D---- C:\Windows\PolicyDefinitions
2010-03-13 17:32:00 ----D---- C:\Windows\IME
2010-03-13 17:32:00 ----D---- C:\Windows\ehome
2010-03-13 17:32:00 ----D---- C:\Program Files\Windows Sidebar
2010-03-13 17:32:00 ----D---- C:\Program Files\Windows Photo Viewer
2010-03-13 17:32:00 ----D---- C:\Program Files\Windows Mail
2010-03-13 17:32:00 ----D---- C:\Program Files\Windows Defender
2010-03-13 17:32:00 ----D---- C:\Program Files\DVD Maker
2010-03-13 17:32:00 ----D---- C:\Program Files\Common Files\System
2010-03-13 17:31:59 ----D---- C:\Windows\system32\sysprep
2010-03-13 17:31:59 ----D---- C:\Windows\system32\Setup
2010-03-13 17:31:59 ----D---- C:\Windows\system32\oobe
2010-03-13 17:31:59 ----D---- C:\Windows\system32\migwiz
2010-03-13 17:31:59 ----D---- C:\Windows\system32\migration
2010-03-13 17:31:59 ----D---- C:\Windows\system32\Boot
2010-03-13 17:31:56 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2010-03-13 17:31:55 ----D---- C:\Windows\system32\wbem
2010-03-13 17:31:55 ----D---- C:\Windows\system32\com
2010-03-13 17:31:55 ----D---- C:\Windows\AppPatch
2010-03-13 15:04:38 ----D---- C:\Windows\system32\Dism
2010-03-13 15:02:19 ----D---- C:\Program Files\Windows Media Player
2010-03-13 15:02:19 ----D---- C:\Program Files\Windows Journal
2010-03-13 15:02:02 ----D---- C:\Windows\system32\XPSViewer
2010-03-13 15:00:14 ----D---- C:\Windows\Logs
2010-03-13 03:13:26 ----D---- C:\Program Files\Microsoft Works
2010-03-13 03:12:15 ----A---- C:\Windows\win.ini
2010-03-10 21:06:20 ----D---- C:\Windows\system32\DriverStore
2010-03-10 21:06:11 ----RSD---- C:\Windows\Media
2010-03-10 21:06:05 ----D---- C:\Windows\twain_32
2010-03-10 12:40:48 ----D---- C:\Windows\Downloaded Program Files
2010-03-10 12:29:45 ----D---- C:\Windows\system32\ro-RO
2010-03-10 12:29:45 ----D---- C:\Windows\system32\pt-PT
2010-03-10 12:29:45 ----D---- C:\Windows\system32\ja-JP
2010-03-10 12:29:45 ----D---- C:\Windows\system32\cs-CZ
2010-03-10 12:29:44 ----D---- C:\Windows\system32\th-TH
2010-03-10 12:29:44 ----D---- C:\Windows\system32\pl-PL
2010-03-10 12:29:44 ----D---- C:\Windows\system32\hu-HU
2010-03-10 12:29:43 ----D---- C:\Windows\system32\zh-CN
2010-03-10 12:29:43 ----D---- C:\Windows\system32\ru-RU
2010-03-09 19:00:34 ----D---- C:\Windows\system32\NDF
2010-03-09 18:50:33 ----SD---- C:\ProgramData\Microsoft
2010-03-09 18:50:26 ----D---- C:\Windows\system32\restore
2010-03-09 18:47:19 ----SHD---- C:\$Recycle.Bin
2010-03-09 18:47:12 ----RD---- C:\Users
2010-03-09 18:46:07 ----D---- C:\Windows\Panther
2010-03-09 18:46:06 ----SHD---- C:\Recovery
2010-03-09 18:46:06 ----D---- C:\Windows\system32\Recovery
Edit: Il peu pas faire l'autre =/ error line 1 etc .. =(