[RESOLU]Désinstalation d'Acronis True Image Home

Tous les problèmes de Windows : message d'erreur, BSOD et écran bleu, erreur Windows Update ou d'installation, etc

Modérateur : Mods Windows

gad

[RESOLU]Désinstalation d'Acronis True Image Home

par gad »

[RESOLU]Bonjour

Je n'arrive pas a désinstaller "Acronis" via le panneau de configuration.Y a t-il un risque de le faire avec "Ccleaner" ?

Merci d'avance
Dernière modification par gad le 13 mars 2013 20:33, modifié 1 fois.
SkyTech

Re: Désinstalation d'Acronis True Image Home

par SkyTech »

'soir,

Non aucun.

Mais ça risque de ne pas changer grand chose.

Tente plutôt :
  • Télécharge et installe Revo Uninstaller,
  • Une fois que Revo Uninstaller installé, règle-le comme ici :
    Image
  • Ferme toutes tes applications (Navigateur, Lecteur audio\vidéo, ...)
  • Ouvre Revo, cherche Acronis,
  • Clique sur Désinstaller, Oui, Suivant,
  • Laisse le désinstallateur de Acronis faire puis ensuite supprime les restes.

    PS : Si le désinstalleur de Acronis ne se lance pas ou qu'un message d'erreur apparaît continue quand même.
gad

Re: Désinstalation d'Acronis True Image Home

par gad »

Bonsoir

"Ccleaner" na pas pu le supprimer,j'ai pu le faire avec "Revo uninstaller mais mon pc c'est éteint juste après avoir supprimer les caractère gras !
J'ai pas eu le temps de terminer l'étape suivante (liste d'acronis "Programme files)
Comment je peut refaire l'opération ?

Encore merci pour votre aide
SkyTech

Re: Désinstalation d'Acronis True Image Home

par SkyTech »

Supprime le dossier : C:\Program Files\Acronis...
Et éventuellemebt le dossier restant dans le Menu Démarrer.

Ca devrait être bon.
gad

Re: Désinstalation d'Acronis True Image Home

par gad »

Ok c'est fait merci,j'ai eu le meme soussi (ecran bleu) en plein dans la désinstalation de "Nero Multimedia" via le panneau de configuration !
Comment je peut savoir si le désinstalation s'est faite,je ne le vois plus dans mes programmes,y a t-il des reste ?
J'ai voulu faire une restauration système ( pour recommencer)mais j'ai eu un doute car la case "W7(J:) (Système) n'est pas bien cocher par rapport au autre ? C'est normal ?
Capture Restauration.JPG
Merci d'avance pour l'aide
Vous ne pouvez pas consulter les pièces jointes insérées à ce message.
SkyTech

Re: Désinstalation d'Acronis True Image Home

par SkyTech »

gad a écrit :Comment je peut savoir si le désinstalation s'est faite,je ne le vois plus dans mes programmes,y a t-il des reste ?

* Télécharge >> OTL <<sur ton bureau.

* Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%temp%\*.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
wininit.exe
/md5stop
HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s
CREATERESTOREPOINT
nslookup http://www.google.fr /c
SAVEMBR:0
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs

* Cliques sur l'icône "Analyse" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés
gad a écrit :J'ai voulu faire une restauration système ( pour recommencer)mais j'ai eu un doute car la case "W7(J:) (Système) n'est pas bien cocher par rapport au autre ? C'est normal ?
Tout est OK.
gad

Re: Désinstalation d'Acronis True Image Home

par gad »

Ok merci pour la restauration
Voici le rapport OTL
OTL logfile created on: 01/02/2013 18:13:22 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = J:\Users\GA\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,25 Gb Total Physical Memory | 2,27 Gb Available Physical Memory | 69,77% Memory free
6,49 Gb Paging File | 5,20 Gb Available in Paging File | 80,10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = J: | %SystemRoot% = J:\Windows | %ProgramFiles% = J:\Program Files
Drive C: | 25,70 Gb Total Space | 17,93 Gb Free Space | 69,80% Space Free | Partition Type: NTFS
Drive F: | 48,83 Gb Total Space | 6,25 Gb Free Space | 12,80% Space Free | Partition Type: NTFS
Drive J: | 78,13 Gb Total Space | 32,00 Gb Free Space | 40,96% Space Free | Partition Type: NTFS
Drive K: | 201,33 Gb Total Space | 4,02 Gb Free Space | 2,00% Space Free | Partition Type: NTFS
Drive L: | 1863,01 Gb Total Space | 111,69 Gb Free Space | 5,99% Space Free | Partition Type: NTFS
Drive Z: | 465,76 Gb Total Space | 343,24 Gb Free Space | 73,69% Space Free | Partition Type: NTFS

Computer Name: GA-PC | User Name: GA | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - J:\Users\GA\Desktop\OTL.exe (OldTimer Tools)
PRC - J:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO)
PRC - J:\Windows\System32\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe (Adobe Systems Incorporated)
PRC - J:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - J:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - J:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
PRC - J:\Windows\explorer.exe (Microsoft Corporation)
PRC - J:\Windows\System32\audiodg.exe (Microsoft Corporation)
PRC - J:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe (ASUSTeK Computer Inc.)


========== Modules (No Company Name) ==========

MOD - J:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll ()
MOD - J:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf ()
MOD - J:\Program Files\ASUS\EPU-4 Engine\AsSpindownTimeout.dll ()
MOD - J:\Program Files\ASUS\EPU-4 Engine\pngio.dll ()
MOD - J:\Program Files\FileZilla FTP Client\fzshellext.dll ()
MOD - J:\Windows\System32\AsIO.dll ()
MOD - J:\Program Files\WinRAR\rarext.dll ()


========== Services (SafeList) ==========

SRV - (SBSDWSCService) -- J:\Program Files\Spybot File not found
SRV - (LMIMaint) -- J:\Program Files\LogMeIn\x86\RaMaint.exe File not found
SRV - (AVP) -- J:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO)
SRV - (TeamViewer8) -- J:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (SkypeUpdate) -- J:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Microsoft SharePoint Workspace Audit Service) -- J:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (WatAdminSvc) -- J:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (TomTomHOMEService) -- J:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (rpcapd) -- J:\Program Files\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV - (AMD External Events Utility) -- J:\Windows\System32\atiesrxx.exe (AMD)
SRV - (O&O Defrag) -- J:\Program Files\OO Software\Defrag\oodag.exe (O&O Software GmbH)
SRV - (Nero BackItUp Scheduler 4.0) -- J:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (AcrSch2Svc) -- J:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (DvmMDES) -- J:\ASUS.SYS\config\DVMExportService.exe (DeviceVM, Inc.)
SRV - (SensrSvc) -- J:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- J:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- J:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (VMnetAdapter) -- system32\DRIVERS\vmnetadapter.sys File not found
DRV - (VGPU) -- System32\drivers\rdvgkmd.sys File not found
DRV - (tsusbhub) -- system32\drivers\tsusbhub.sys File not found
DRV - (Synth3dVsc) -- System32\drivers\synth3dvsc.sys File not found
DRV - (LMIInfo) -- J:\Program Files\LogMeIn\x86\RaInfo.sys File not found
DRV - (kltdi) -- J:\Windows\System32\drivers\kltdi.sys (Kaspersky Lab)
DRV - (klmouflt) -- J:\Windows\System32\drivers\klmouflt.sys (Kaspersky Lab)
DRV - (klkbdflt) -- J:\Windows\System32\drivers\klkbdflt.sys (Kaspersky Lab)
DRV - (KLIF) -- J:\Windows\System32\drivers\klif.sys (Kaspersky Lab)
DRV - (kneps) -- J:\Windows\System32\drivers\kneps.sys (Kaspersky Lab)
DRV - (KLIM6) -- J:\Windows\System32\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV - (LMIRfsClientNP) -- J:\Windows\System32\LMIRfsClientNP.dll (LogMeIn, Inc.)
DRV - (kl1) -- J:\Windows\System32\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV - (vmbus) -- J:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- J:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- J:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- J:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (RdpVideoMiniport) -- J:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (WinUsb) -- J:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (VMBusHID) -- J:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- J:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (NPF) -- J:\Windows\System32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (snapman) -- J:\Windows\System32\drivers\snapman.sys (Acronis)
DRV - (atikmdag) -- J:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdag) -- J:\Windows\System32\drivers\atipmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdap) -- J:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (LMIRfsDriver) -- J:\Windows\System32\drivers\LMIRfsDriver.sys (LogMeIn, Inc.)
DRV - (csr_a2dp) -- J:\Windows\System32\drivers\bthav.sys (CSR, plc)
DRV - (VIAHdAudAddService) -- J:\Windows\System32\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV - (BthAvrcp) -- J:\Windows\System32\drivers\BthAvrcp.sys (CSR, plc)
DRV - (MTsensor) -- J:\Windows\System32\drivers\ASACPI.sys ()
DRV - (AsUpIO) -- J:\Windows\System32\drivers\AsUpIO.sys ()
DRV - (AtiPcie) -- J:\Windows\System32\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
DRV - (hotcore3) -- J:\Windows\System32\drivers\hotcore3.sys (Paragon Software Group)
DRV - (TEAM) -- J:\Windows\System32\drivers\RtTeam60.sys (Realtek Corporation)
DRV - (RTTEAMPT) -- J:\Windows\System32\drivers\RtTeam60.sys (Realtek Corporation)
DRV - (LVUSBSta) -- J:\Windows\System32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (LVRS) -- J:\Windows\System32\drivers\lvrs.sys (Logitech Inc.)
DRV - (PID_PEPI) -- J:\Windows\System32\drivers\LV302V32.SYS (Logitech Inc.)
DRV - (pepifilter) -- J:\Windows\System32\drivers\lv302af.sys (Logitech Inc.)
DRV - (LUsbFilt) -- J:\Windows\System32\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV - (AsIO) -- J:\Windows\System32\drivers\AsIO.sys ()
DRV - (RtNdPt60) -- J:\Windows\System32\drivers\RtNdPt60.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (RTVLANPT) -- J:\Windows\System32\drivers\RtVlan60.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (ss_mdm) -- J:\Windows\System32\drivers\ss_mdm.sys (MCCI Corporation)
DRV - (ss_mdfl) -- J:\Windows\System32\drivers\ss_mdfl.sys (MCCI Corporation)
DRV - (ss_bus) -- J:\Windows\System32\drivers\ss_bus.sys (MCCI Corporation)
DRV - (StarOpen) -- J:\Windows\System32\drivers\StarOpen.sys ()
DRV - (ZSMC302) -- J:\Windows\System32\drivers\usbvm302.sys (VM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKCU\..\SearchScopes,DefaultScope = {D2473667-F7C9-4E3B-A511-4D06DCC5E526}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://search.searchcompletion.com/?si= ... earchTerms}
IE - HKCU\..\SearchScopes\{80D79A02-6E51-48FF-B1C1-F40CABF2D038}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2504091
IE - HKCU\..\SearchScopes\{D2473667-F7C9-4E3B-A511-4D06DCC5E526}: "URL" = http://www.google.com/search?hl=en&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: J:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@comrade.gamespy.com/comrade: J:\Program Files\GameSpy\Comrade\npcomrade.dll (IGN Entertainment)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: J:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: J:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: J:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: J:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: J:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: J:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: J:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: J:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: J:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: J:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: j:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: j:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: J:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: J:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: j:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: J:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: J:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: J:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: J:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: J:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: J:\Users\GA\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: J:\Users\GA\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: J:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/04/09 14:24:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: J:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/06/10 02:05:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: J:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/06/10 02:05:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: J:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected] [2013/02/01 05:06:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: J:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected] [2013/02/01 05:06:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: J:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected] [2013/02/01 05:06:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: J:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected] [2013/02/01 05:06:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: J:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected] [2013/02/01 05:06:42 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: J:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/04/09 14:24:31 | 000,000,000 | ---D | M]

[2011/10/15 00:43:04 | 000,002,048 | ---- | M] () -- J:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml

========== Chrome ==========

CHR - homepage: http://www.google.fr/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.fr/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = J:\Users\GA\AppData\Local\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = J:\Users\GA\AppData\Local\Google\Chrome\Application\24.0.1312.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = J:\Users\GA\AppData\Local\Google\Chrome\Application\24.0.1312.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = J:\Users\GA\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = J:\Users\GA\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = J:\Users\GA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\plugin/npVKPlugin.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = J:\Users\GA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = J:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = J:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = J:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = J:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = J:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = J:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = J:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = J:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = J:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = J:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Comrade Plugin (Enabled) = J:\Program Files\GameSpy\Comrade\npcomrade.dll
CHR - plugin: Google Earth Plugin (Enabled) = J:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = J:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = J:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = J:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: VLC Web Plugin (Enabled) = J:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = J:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = J:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = J:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = J:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = j:\program files\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = j:\program files\real\realplayer\Netscape6\nprpjplug.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = j:\program files\real\realplayer\Netscape6\nprjplug.dll
CHR - Extension: YouTube = J:\Users\GA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Recherche Google = J:\Users\GA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Analyse des liens (URL Advisor) = J:\Users\GA\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_0\
CHR - Extension: Protection des transactions bancaires = J:\Users\GA\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.1.4190_0\
CHR - Extension: Clavier virtuel = J:\Users\GA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4190_0\
CHR - Extension: Vuze Remote = J:\Users\GA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk\10.14.250.13_0\
CHR - Extension: Gmail = J:\Users\GA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: Anti-banni\u00E8re = J:\Users\GA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.1.4190_0\

O1 HOSTS File: ([2010/04/09 13:58:01 | 000,385,990 | R--- | M]) - J:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.123fporn.info
O1 - Hosts: 13311 more lines...
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - J:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - No CLSID value found.
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - J:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - J:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - J:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - J:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - J:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - J:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Complitly) - {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} - J:\Users\GA\AppData\Roaming\ComplitlyEngine\ComplitlyEngine.dll (SimplyGen)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - J:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - J:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AVP] J:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] J:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Ajouter dans l'Anti-bannière - J:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm ()
O9 - Extra Button: Clavier virtuel - {0C4CC089-D306-440D-9772-464E226F6539} - J:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - J:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - J:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - J:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - J:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Analyse des liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - J:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - J:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: cree-av.de ([www] * is out of zone range - 8196)
O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/products/plugin/aut ... s-i586.cab (Java Plug-in 1.7.0_09)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BA9ADEDD-3E3E-46CA-B72F-571E3DA18442}: DhcpNameServer = 212.27.40.241 212.27.40.240
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - J:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - J:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (J:\Windows\system32\userinit.exe) - J:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - J:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - J:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - J:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{01d7c044-253d-11e0-86b2-e0cb4e4300c5}\Shell - "" = AutoRun
O33 - MountPoints2\{01d7c044-253d-11e0-86b2-e0cb4e4300c5}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (OODBS)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - J:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
gad

Re: Désinstalation d'Acronis True Image Home

par gad »

OTL suite
MsConfig - StartUpFolder: J:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk - J:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe - (Hewlett-Packard Co.)
MsConfig - StartUpFolder: J:^Users^GA^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk - J:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE - ()
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - J:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - J:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: APSDaemon - hkey= - key= - J:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
MsConfig - StartUpReg: BCSSync - hkey= - key= - J:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
MsConfig - StartUpReg: BigDogPath - hkey= - key= - J:\Windows\VM_STI.EXE (VM.)
MsConfig - StartUpReg: Google Update - hkey= - key= - J:\Users\GA\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
MsConfig - StartUpReg: HDAudDeck - hkey= - key= - J:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
MsConfig - StartUpReg: HP Software Update - hkey= - key= - J:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
MsConfig - StartUpReg: hpqSRMon - hkey= - key= - J:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe (Hewlett-Packard)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - J:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: LogMeIn GUI - hkey= - key= - File not found
MsConfig - StartUpReg: msnmsgr - hkey= - key= - J:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
MsConfig - StartUpReg: NBAgent - hkey= - key= - File not found
MsConfig - StartUpReg: OODefragTray - hkey= - key= - J:\Program Files\OO Software\Defrag\oodtray.exe (O&O Software GmbH)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - J:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: Service Scheduler2 Acronis - hkey= - key= - J:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
MsConfig - StartUpReg: Sidebar - hkey= - key= - J:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
MsConfig - StartUpReg: Skype - hkey= - key= - J:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig - StartUpReg: StartCCC - hkey= - key= - J:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - J:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: TkBellExe - hkey= - key= - j:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
MsConfig - StartUpReg: TomTomHOME.exe - hkey= - key= - J:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
MsConfig - StartUpReg: TrueImageMonitor.exe - hkey= - key= - File not found
MsConfig - StartUpReg: VirtualCloneDrive - hkey= - key= - J:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
MsConfig - StartUpReg: WinampAgent - hkey= - key= - J:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
MsConfig - State: "startup" - 2
MsConfig - State: "services" - 2

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - J:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - J:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - J:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - J:\Windows\system32\Rundll32.exe J:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - J:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "J:\Windows\System32\rundll32.exe" "J:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.ac3acm - J:\Windows\System32\AC3ACM.acm (fccHandler)
Drivers32: msacm.alf2cd - J:\Windows\System32\alf2cd.acm (NCT Company)
Drivers32: msacm.l3acm - J:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.scg726 - J:\Windows\System32\Scg726.acm (SHARP Corporation)
Drivers32: msacm.voxacm160 - J:\Windows\System32\vct3216.acm (Voxware, Inc.)
Drivers32: MSVideo - J:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - J:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: VIDC.ACDV - ACDV.dll File not found
Drivers32: vidc.cvid - J:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - J:\Windows\System32\divx.dll (DivXNetworks, Inc.)
Drivers32: vidc.dvsd - J:\Windows\System32\mcdvd_32.dll (MainConcept)
Drivers32: VIDC.I420 - J:\Windows\System32\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.xvid - J:\Windows\System32\xvidvfw.dll ()

CREATERESTOREPOINT
Restore point Set: OTL Restore Point
PhysicalDisk0 MBR saved to J:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013/02/01 17:46:38 | 000,602,112 | ---- | C] (OldTimer Tools) -- J:\Users\GA\Desktop\OTL.exe
[2013/02/01 14:25:02 | 000,000,000 | ---D | C] -- J:\Users\GA\AppData\Local\{9813E5A2-75E9-4B1D-9938-2CFDFF056E12}
[2013/02/01 14:19:19 | 000,000,000 | ---D | C] -- J:\Program Files\Common Files\Java
[2013/02/01 14:16:57 | 000,261,024 | ---- | C] (Oracle Corporation) -- J:\Windows\System32\javaws.exe
[2013/02/01 14:16:32 | 000,174,496 | ---- | C] (Oracle Corporation) -- J:\Windows\System32\javaw.exe
[2013/02/01 14:16:32 | 000,174,496 | ---- | C] (Oracle Corporation) -- J:\Windows\System32\java.exe
[2013/02/01 14:16:32 | 000,094,112 | ---- | C] (Oracle Corporation) -- J:\Windows\System32\WindowsAccessBridge.dll
[2013/02/01 14:16:13 | 000,000,000 | ---D | C] -- J:\Program Files\Java
[2013/02/01 04:00:41 | 000,000,000 | ---D | C] -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2013
[2013/02/01 04:00:03 | 000,000,000 | ---D | C] -- J:\Windows\ELAMBKUP
[2013/02/01 03:59:56 | 000,000,000 | ---D | C] -- J:\ProgramData\Kaspersky Lab
[2013/02/01 03:59:56 | 000,000,000 | ---D | C] -- J:\Program Files\Kaspersky Lab
[2013/02/01 03:59:44 | 000,589,144 | ---- | C] (Kaspersky Lab) -- J:\Windows\System32\drivers\klif.sys
[2013/02/01 03:59:44 | 000,075,096 | ---- | C] (Kaspersky Lab) -- J:\Windows\System32\drivers\klflt.sys
[2013/02/01 03:29:40 | 166,436,168 | ---- | C] (Kaspersky Lab) -- J:\Users\GA\Desktop\kis13.0.1.4190fr-fr_3876.exe
[2013/02/01 03:27:00 | 004,870,584 | ---- | C] (Kaspersky Lab ZAO) -- J:\Users\GA\Desktop\kavremover.exe
[2013/02/01 02:31:38 | 000,000,000 | ---D | C] -- J:\Users\GA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2013/02/01 02:31:37 | 000,000,000 | ---D | C] -- J:\Program Files\VS Revo Group
[2013/02/01 02:24:34 | 000,000,000 | ---D | C] -- J:\Users\GA\AppData\Local\{3C62392F-723C-4C23-9F08-2BB855F7837B}
[2013/02/01 02:23:17 | 000,000,000 | ---D | C] -- J:\Users\GA\AppData\Local\Nero_AG
[2013/02/01 02:02:01 | 002,617,648 | ---- | C] (VS Revo Group Ltd.) -- J:\Users\GA\Desktop\revosetup.exe
[2013/01/31 14:24:03 | 000,000,000 | ---D | C] -- J:\Users\GA\AppData\Local\{D3C29452-64FA-40DA-A2CE-58E22C4DD1EA}
[2013/01/31 01:36:21 | 000,000,000 | ---D | C] -- J:\Users\GA\Desktop\GetSystemInfo_GA-PC_GA_2013_01_30_16_31_37
[2013/01/30 18:39:32 | 000,688,992 | R--- | C] (Swearware) -- J:\Users\GA\Desktop\dds.scr
[2013/01/30 16:17:10 | 000,708,960 | ---- | C] (Kaspersky Lab) -- J:\Users\GA\Desktop\GetSystemInfo.exe
[2013/01/30 14:34:09 | 000,000,000 | ---D | C] -- J:\Users\GA\AppData\Local\{6FB0A556-7145-46EA-97AD-C63A6D6AB7A5}
[2013/01/29 15:20:46 | 000,000,000 | ---D | C] -- J:\Program Files\Common Files\Acronis
[2013/01/29 14:31:07 | 000,000,000 | ---D | C] -- J:\Users\GA\AppData\Local\{EAC61E90-F4D4-472D-8AB8-60E07414FF53}
[2013/01/28 19:14:24 | 000,000,000 | ---D | C] -- J:\Program Files\NirSoft
[2013/01/28 19:12:37 | 000,060,512 | ---- | C] (NirSoft) -- J:\Users\GA\Desktop\BlueScreenView.exe
[2013/01/28 15:06:02 | 000,000,000 | ---D | C] -- J:\Users\GA\AppData\Local\{6338FE26-807F-40A9-8624-3CE3331D1D00}
[2013/01/28 03:45:17 | 000,000,000 | ---D | C] -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013/01/28 03:05:37 | 000,000,000 | ---D | C] -- J:\Users\GA\AppData\Local\{1F7B589A-C9D1-432B-9474-1660FE1FF56B}
[2013/01/27 17:24:28 | 000,000,000 | ---D | C] -- J:\Users\GA\AppData\Roaming\Panda Security
[2013/01/27 17:22:41 | 000,000,000 | ---D | C] -- J:\ProgramData\Panda Security
[2013/01/26 14:06:13 | 000,000,000 | ---D | C] -- J:\Users\GA\AppData\Local\{3ECFB9BF-F982-4FB0-BF16-3EDAE0F9543F}
[2013/01/25 23:46:40 | 000,000,000 | ---D | C] -- J:\Users\GA\AppData\Local\{1843F386-A92A-4905-8353-2BCDB5F9C2B2}
[2013/01/24 18:45:17 | 000,000,000 | ---D | C] -- J:\Users\GA\AppData\Local\{CC56A579-FB62-4569-82C0-29CEA4F7F8D4}
[2013/01/23 14:22:52 | 000,000,000 | ---D | C] -- J:\Users\GA\AppData\Local\{60A42CC3-E804-46AE-9521-EA4F9BC1BB84}
[2013/01/22 14:06:26 | 000,000,000 | ---D | C] -- J:\Users\GA\AppData\Local\{C16460A4-3115-4A9D-A4F0-B89079A2E55E}
[2013/01/21 22:00:51 | 000,000,000 | ---D | C] -- J:\Users\GA\AppData\Local\{2D8EFB8E-155B-435B-9776-0405166BBB8E}
[2013/01/20 22:42:26 | 000,000,000 | ---D | C] -- J:\Users\GA\AppData\Local\{20B19CA5-0E0A-4C96-99DC-3CFA7EDAB564}
[2013/01/19 23:26:07 | 000,000,000 | ---D | C] -- J:\Users\GA\AppData\Local\{3A1D9A5F-12FE-43E0-957F-A7FB9DFA9FD6}
[2013/01/18 15:03:15 | 000,000,000 | ---D | C] -- J:\Users\GA\AppData\Local\{5DFAF882-FAAD-45CE-B68C-BA69AAAA99A2}
[2013/01/18 01:39:59 | 000,000,000 | ---D | C] -- J:\Users\GA\AppData\Local\{8F628FAF-A958-47B1-9E42-2C00BF5AF332}
[2013/01/16 11:15:52 | 000,000,000 | ---D | C] -- J:\Users\GA\AppData\Local\{061EFD65-CE75-407B-A86E-7F20300D6E0D}
[2013/01/15 14:31:05 | 000,271,360 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\conhost.exe
[2013/01/15 14:31:05 | 000,169,984 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\winsrv.dll
[2013/01/15 14:31:04 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- J:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2013/01/15 14:31:04 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- J:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2013/01/15 14:31:04 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- J:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2013/01/15 14:31:04 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- J:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2013/01/15 14:31:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- J:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/01/15 14:31:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- J:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2013/01/15 14:31:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- J:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2013/01/15 14:31:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- J:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2013/01/15 14:31:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- J:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2013/01/15 14:31:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- J:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2013/01/15 14:31:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- J:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/01/15 14:31:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- J:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/01/15 14:31:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- J:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2013/01/15 14:31:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- J:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/15 14:31:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- J:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2013/01/15 14:31:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- J:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2013/01/15 14:31:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- J:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2013/01/15 14:31:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- J:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2013/01/15 14:31:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- J:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/01/15 14:31:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- J:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2013/01/15 14:31:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- J:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2013/01/15 14:31:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- J:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2013/01/15 14:31:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- J:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2013/01/15 14:31:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- J:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/01/15 14:31:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- J:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2013/01/15 14:31:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- J:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2013/01/15 14:31:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- J:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2013/01/15 14:31:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- J:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2013/01/15 14:30:53 | 002,576,384 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\gameux.dll
[2013/01/15 14:30:53 | 000,308,736 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\Wpc.dll
[2013/01/15 14:30:53 | 000,055,296 | ---- | C] (Microsoft) -- J:\Windows\System32\cero.rs
[2013/01/15 14:30:53 | 000,051,712 | ---- | C] (Microsoft) -- J:\Windows\System32\esrb.rs
[2013/01/15 14:30:53 | 000,046,592 | ---- | C] (Microsoft) -- J:\Windows\System32\fpb.rs
[2013/01/15 14:30:53 | 000,045,568 | ---- | C] (Microsoft) -- J:\Windows\System32\oflc-nz.rs
[2013/01/15 14:30:53 | 000,044,544 | ---- | C] (Microsoft) -- J:\Windows\System32\pegibbfc.rs
[2013/01/15 14:30:53 | 000,043,520 | ---- | C] (Microsoft) -- J:\Windows\System32\csrr.rs
[2013/01/15 14:30:53 | 000,040,960 | ---- | C] (Microsoft) -- J:\Windows\System32\cob-au.rs
[2013/01/15 14:30:53 | 000,030,720 | ---- | C] (Microsoft) -- J:\Windows\System32\usk.rs
[2013/01/15 14:30:53 | 000,023,552 | ---- | C] (Microsoft) -- J:\Windows\System32\oflc.rs
[2013/01/15 14:30:53 | 000,021,504 | ---- | C] (Microsoft) -- J:\Windows\System32\grb.rs
[2013/01/15 14:30:53 | 000,020,480 | ---- | C] (Microsoft) -- J:\Windows\System32\pegi-pt.rs
[2013/01/15 14:30:53 | 000,020,480 | ---- | C] (Microsoft) -- J:\Windows\System32\pegi-fi.rs
[2013/01/15 14:30:53 | 000,020,480 | ---- | C] (Microsoft) -- J:\Windows\System32\pegi.rs
[2013/01/15 14:30:53 | 000,015,360 | ---- | C] (Microsoft) -- J:\Windows\System32\djctq.rs
[2013/01/15 14:30:29 | 002,345,984 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\win32k.sys
[2013/01/15 14:30:21 | 000,220,160 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\ncrypt.dll
[2013/01/15 14:26:26 | 000,049,152 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\taskhost.exe
[2013/01/15 14:13:16 | 000,000,000 | ---D | C] -- J:\Users\GA\AppData\Local\{896476E6-0BD9-4BFE-805F-20C03082D828}
[2013/01/13 14:09:45 | 000,000,000 | ---D | C] -- J:\Users\GA\AppData\Local\{5E52B4B7-355C-4DAA-B4A3-E4A3998B41C3}
[2013/01/13 01:55:33 | 000,000,000 | ---D | C] -- J:\Users\GA\AppData\Local\{65C775BE-0497-40A6-9430-548E6A8D7A47}
[2013/01/12 13:55:13 | 000,000,000 | ---D | C] -- J:\Users\GA\AppData\Local\{A8D25286-1B0C-485C-AC25-9AAD6E60B3F1}
[2013/01/12 01:23:17 | 000,000,000 | ---D | C] -- J:\Users\GA\AppData\Local\{21AEB188-53BD-4D9C-A1A4-8F3BE88DF942}
[2013/01/11 13:00:04 | 000,000,000 | ---D | C] -- J:\Users\GA\AppData\Local\{D725A880-2A04-4479-922B-F72D49BC1983}
[2013/01/11 00:59:52 | 000,000,000 | ---D | C] -- J:\Users\GA\AppData\Local\{DF2C8A32-47DD-499B-BAD1-1A797FBF810B}
[2013/01/10 14:19:25 | 000,000,000 | R--D | C] -- J:\Program Files\Skype
[2013/01/10 14:19:25 | 000,000,000 | ---D | C] -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/01/10 14:19:25 | 000,000,000 | ---D | C] -- J:\Program Files\Common Files\Skype
[2013/01/10 12:45:39 | 000,000,000 | ---D | C] -- J:\Users\GA\AppData\Local\{986B18F1-4E5F-4EC2-92A4-F42B51B032E4}
[2013/01/07 18:01:00 | 000,000,000 | ---D | C] -- J:\Users\GA\AppData\Local\{EF997D0E-1B70-4B31-9B11-C8EF9FDE66EF}
[2013/01/07 01:06:26 | 000,000,000 | ---D | C] -- J:\Users\GA\AppData\Local\{B5B661C4-A278-478F-B6A6-39E0D9BFA023}
[2013/01/06 13:05:56 | 000,000,000 | ---D | C] -- J:\Users\GA\AppData\Local\{66D30DA1-ACD5-419E-A907-42AE8FFCE855}
[2013/01/06 00:42:25 | 000,000,000 | ---D | C] -- J:\Users\GA\AppData\Local\{E6A8C5E3-D773-4787-B048-412A94E671DD}
[2013/01/06 00:22:58 | 000,000,000 | ---D | C] -- J:\Users\GA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Suite
[2013/01/05 12:42:00 | 000,000,000 | ---D | C] -- J:\Users\GA\AppData\Local\{48CB4B34-159D-4C79-ABCA-5B18DAEF6128}
[2013/01/04 20:38:34 | 000,000,000 | ---D | C] -- J:\Users\GA\AppData\Local\{68EACDED-C807-441B-A4E2-BF9BF4C85E62}
[2013/01/03 21:30:19 | 000,000,000 | ---D | C] -- J:\Users\GA\Documents\BlackBerry
[2013/01/03 14:47:22 | 000,000,000 | ---D | C] -- J:\Users\GA\AppData\Local\{5238E91E-DBB3-4A2A-9FF4-4F3E29DB66D9}
[2013/01/03 00:12:53 | 000,000,000 | ---D | C] -- J:\Users\GA\AppData\Local\{C5780C0B-4BA2-46F5-B148-58682C636569}
[1 J:\*.tmp files -> J:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/02/01 18:15:12 | 000,000,512 | ---- | M] () -- J:\PhysicalMBR.bin
[2013/02/01 18:09:35 | 000,017,168 | -H-- | M] () -- J:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/02/01 18:09:35 | 000,017,168 | -H-- | M] () -- J:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/02/01 18:02:55 | 000,000,282 | ---- | M] () -- J:\Windows\tasks\DigiraceMMX Updates.job
[2013/02/01 18:02:31 | 000,001,044 | ---- | M] () -- J:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/01 18:02:14 | 000,067,584 | --S- | M] () -- J:\Windows\bootstat.dat
[2013/02/01 18:02:11 | 2615,758,848 | -HS- | M] () -- J:\hiberfil.sys
[2013/02/01 18:02:09 | 001,014,696 | ---- | M] () -- J:\Windows\System32\oodbs.lor
[2013/02/01 17:59:01 | 407,131,229 | ---- | M] () -- J:\Windows\MEMORY.DMP
[2013/02/01 17:46:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- J:\Users\GA\Desktop\OTL.exe
[2013/02/01 16:58:10 | 000,001,066 | ---- | M] () -- J:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-203944833-1044999943-1601114008-1000UA.job
[2013/02/01 16:38:01 | 000,001,048 | ---- | M] () -- J:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/01 14:41:10 | 000,060,564 | ---- | M] () -- J:\Users\GA\Desktop\Capture Restauration.JPG
[2013/02/01 14:16:15 | 000,261,024 | ---- | M] (Oracle Corporation) -- J:\Windows\System32\javaws.exe
[2013/02/01 14:16:15 | 000,174,496 | ---- | M] (Oracle Corporation) -- J:\Windows\System32\javaw.exe
[2013/02/01 14:16:15 | 000,094,112 | ---- | M] (Oracle Corporation) -- J:\Windows\System32\WindowsAccessBridge.dll
[2013/02/01 14:16:14 | 000,859,552 | ---- | M] (Oracle Corporation) -- J:\Windows\System32\npDeployJava1.dll
[2013/02/01 14:16:14 | 000,780,192 | ---- | M] (Oracle Corporation) -- J:\Windows\System32\deployJava1.dll
[2013/02/01 14:16:14 | 000,174,496 | ---- | M] (Oracle Corporation) -- J:\Windows\System32\java.exe
[2013/02/01 05:06:37 | 000,043,608 | ---- | M] (Kaspersky Lab) -- J:\Windows\System32\drivers\kltdi.sys
[2013/02/01 05:06:37 | 000,025,944 | ---- | M] (Kaspersky Lab) -- J:\Windows\System32\drivers\klmouflt.sys
[2013/02/01 05:06:37 | 000,025,944 | ---- | M] (Kaspersky Lab) -- J:\Windows\System32\drivers\klkbdflt.sys
[2013/02/01 05:06:36 | 000,589,144 | ---- | M] (Kaspersky Lab) -- J:\Windows\System32\drivers\klif.sys
[2013/02/01 04:22:11 | 000,002,288 | ---- | M] () -- J:\Users\GA\Desktop\Protection des transactions bancaires.lnk
[2013/02/01 03:35:45 | 166,436,168 | ---- | M] (Kaspersky Lab) -- J:\Users\GA\Desktop\kis13.0.1.4190fr-fr_3876.exe
[2013/02/01 03:27:17 | 004,870,584 | ---- | M] (Kaspersky Lab ZAO) -- J:\Users\GA\Desktop\kavremover.exe
[2013/02/01 02:31:38 | 000,001,224 | ---- | M] () -- J:\Users\GA\Desktop\Revo Uninstaller.lnk
[2013/02/01 02:02:01 | 002,617,648 | ---- | M] (VS Revo Group Ltd.) -- J:\Users\GA\Desktop\revosetup.exe
[2013/01/31 18:58:05 | 000,001,014 | ---- | M] () -- J:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-203944833-1044999943-1601114008-1000Core.job
[2013/01/30 18:39:46 | 000,688,992 | R--- | M] (Swearware) -- J:\Users\GA\Desktop\dds.scr
[2013/01/30 16:29:13 | 000,068,774 | ---- | M] () -- J:\Users\GA\Desktop\Capture Kaspersky2.JPG
[2013/01/30 16:28:49 | 000,073,440 | ---- | M] () -- J:\Users\GA\Desktop\Capture Kaspersky.JPG
[2013/01/30 13:43:48 | 000,001,042 | ---- | M] () -- J:\Users\GA\Desktop\Lannee.du.Zapping.2011 - RaccourciP1h29.lnk
[2013/01/28 21:22:24 | 000,006,640 | ---- | M] () -- J:\bootsqm.dat
[2013/01/28 19:13:28 | 000,140,608 | ---- | M] () -- J:\Users\GA\Desktop\bluescreenview_setup2.exe
[2013/01/28 19:00:06 | 000,439,008 | ---- | M] () -- J:\Windows\System32\FNTCACHE.DAT
[2013/01/28 18:38:02 | 000,000,588 | ---- | M] () -- J:\Windows\tasks\RaimaRadio_Générations 882 Sunday Culture_28_01_2013_02_38_14.job
[2013/01/28 17:53:34 | 000,363,210 | ---- | M] () -- J:\Windows\System32\perfh00C.dat
[2013/01/28 17:53:34 | 000,299,742 | ---- | M] () -- J:\Windows\System32\perfh009.dat
[2013/01/28 17:53:34 | 000,044,960 | ---- | M] () -- J:\Windows\System32\perfc00C.dat
[2013/01/28 17:53:34 | 000,037,606 | ---- | M] () -- J:\Windows\System32\perfc009.dat
[2013/01/28 17:23:32 | 000,074,866 | ---- | M] () -- J:\Users\GA\Desktop\Capture SCAN.JPG
[2013/01/15 14:18:53 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- J:\Windows\System32\FlashPlayerApp.exe
[2013/01/15 14:18:53 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- J:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/01/13 17:22:41 | 000,018,944 | ---- | M] () -- J:\Users\GA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/01/07 19:25:41 | 000,019,775 | ---- | M] () -- J:\Users\GA\Desktop\1357522142228_s.jpg
[2013/01/07 01:29:58 | 000,101,678 | ---- | M] () -- J:\Users\GA\Desktop\Capture Ventilo cbr.JPG
[2013/01/03 21:29:29 | 000,000,000 | -H-- | M] () -- J:\Windows\System32\drivers\Msft_Kernel_RimUsb_01007.Wdf
[1 J:\*.tmp files -> J:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/02/01 17:59:00 | 407,131,229 | ---- | C] () -- J:\Windows\MEMORY.DMP
[2013/02/01 17:54:18 | 000,000,512 | ---- | C] () -- J:\PhysicalMBR.bin
[2013/02/01 14:41:10 | 000,060,564 | ---- | C] () -- J:\Users\GA\Desktop\Capture Restauration.JPG
[2013/02/01 04:22:11 | 000,002,288 | ---- | C] () -- J:\Users\GA\Desktop\Protection des transactions bancaires.lnk
[2013/02/01 02:31:38 | 000,001,224 | ---- | C] () -- J:\Users\GA\Desktop\Revo Uninstaller.lnk
[2013/01/30 16:29:13 | 000,068,774 | ---- | C] () -- J:\Users\GA\Desktop\Capture Kaspersky2.JPG
[2013/01/30 16:28:49 | 000,073,440 | ---- | C] () -- J:\Users\GA\Desktop\Capture Kaspersky.JPG
[2013/01/30 13:43:48 | 000,001,042 | ---- | C] () -- J:\Users\GA\Desktop\Lannee.du.Zapping.2011 - RaccourciP1h29.lnk
[2013/01/28 21:22:24 | 000,006,640 | ---- | C] () -- J:\bootsqm.dat
[2013/01/28 19:13:28 | 000,140,608 | ---- | C] () -- J:\Users\GA\Desktop\bluescreenview_setup2.exe
[2013/01/28 17:23:30 | 000,074,866 | ---- | C] () -- J:\Users\GA\Desktop\Capture SCAN.JPG
[2013/01/28 02:38:14 | 000,000,588 | ---- | C] () -- J:\Windows\tasks\RaimaRadio_Générations 882 Sunday Culture_28_01_2013_02_38_14.job
[2013/01/07 19:24:38 | 000,019,775 | ---- | C] () -- J:\Users\GA\Desktop\1357522142228_s.jpg
[2013/01/07 01:29:55 | 000,101,678 | ---- | C] () -- J:\Users\GA\Desktop\Capture Ventilo cbr.JPG
[2013/01/03 21:29:29 | 000,000,000 | -H-- | C] () -- J:\Windows\System32\drivers\Msft_Kernel_RimUsb_01007.Wdf
[2012/07/28 00:49:04 | 000,000,000 | ---- | C] () -- J:\Users\GA\ipconfig
[2011/12/23 23:22:27 | 000,018,944 | ---- | C] () -- J:\Users\GA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/01 10:29:36 | 000,017,408 | ---- | C] () -- J:\Users\GA\AppData\Local\WebpageIcons.db
[2011/11/02 14:50:02 | 000,080,896 | ---- | C] () -- J:\Windows\System32\RDVGHelper.exe
[2011/11/02 14:48:32 | 000,066,048 | ---- | C] () -- J:\Windows\System32\PrintBrmUi.exe
[2011/04/09 17:55:28 | 000,179,261 | ---- | C] () -- J:\Windows\System32\xlive.dll.cat
[2010/07/03 16:26:59 | 000,000,000 | ---- | C] () -- J:\ProgramData\LauncherAccess.dt

========== ZeroAccess Check ==========

[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- J:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Custom Scans ==========

< >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010/04/09 23:11:47 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\ACD Systems
[2010/04/17 21:09:44 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\Acronis
[2012/02/22 01:05:10 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\Adobe
[2011/12/04 20:22:32 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\Apple Computer
[2010/04/06 17:35:13 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\ATI
[2012/07/08 19:44:29 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\avidemux
[2010/12/14 22:13:20 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\AVSMedia
[2013/02/01 16:56:39 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\Azureus
[2010/06/13 22:09:52 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\BlackBean
[2010/04/17 19:57:53 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\BSplayer PRO
[2012/02/22 01:12:08 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\com.dailymotion.massuploader
[2011/07/02 15:30:10 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\ComplitlyEngine
[2010/11/14 12:47:47 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\CyberLink
[2012/08/06 15:04:28 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\dvdcss
[2012/08/18 02:24:48 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\DVDVideoSoft
[2012/04/23 15:56:02 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\FileZilla
[2011/01/07 21:16:48 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\FreeAudioPack
[2010/04/09 14:29:46 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\HP
[2012/03/20 12:15:06 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\HpUpdate
[2010/04/05 23:03:05 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\Identities
[2011/11/24 17:04:22 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\Leadertech
[2010/04/05 23:46:47 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\Macromedia
[2010/04/06 17:28:01 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\Malwarebytes
[2009/07/14 10:00:32 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\Media Center Programs
[2011/02/28 16:26:05 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\[email protected]ël
[2012/06/02 14:19:20 | 000,000,000 | --SD | M] -- J:\Users\GA\AppData\Roaming\Microsoft
[2010/05/14 00:13:31 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\Nero
[2011/07/05 23:58:17 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\OpenOffice.org
[2013/01/27 17:24:28 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\Panda Security
[2012/08/18 01:29:49 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\Publish Providers
[2012/06/23 23:15:07 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\RaimaRadioPro
[2012/08/10 23:30:56 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\Real
[2012/08/12 00:08:43 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\RealNetworks
[2013/01/02 13:01:45 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\Research In Motion
[2010/07/03 16:30:33 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\Samsung
[2013/02/01 18:06:10 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\Skype
[2012/09/12 01:29:52 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\Sony
[2012/09/25 13:11:24 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\Sony Creative Software Inc
[2013/01/27 17:06:26 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\TeamViewer
[2010/04/12 23:13:51 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\Thinstall
[2011/05/11 17:05:31 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\TomTom
[2013/01/31 18:00:40 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\vlc
[2010/06/01 20:00:15 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\VMware
[2013/01/30 01:31:38 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\Winamp
[2013/01/06 00:04:40 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\WindSolutions
[2011/10/16 20:24:16 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\WinRAR
[2010/04/09 14:24:44 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\Yahoo!

< %APPDATA%\*.exe /s >
[2011/04/05 11:51:44 | 000,091,128 | ---- | M] () -- J:\Users\GA\AppData\Roaming\ComplitlyEngine\KeepMeUpdated.exe
[2011/04/05 11:51:44 | 000,091,128 | ---- | M] () -- J:\Users\GA\AppData\Roaming\ComplitlyEngine\64\KeepMeUpdated.exe
[2012/02/22 01:03:59 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- J:\Users\GA\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2010/04/06 17:37:51 | 000,077,542 | R--- | M] () -- J:\Users\GA\AppData\Roaming\Microsoft\Installer\{095EEF8C-F689-6A5A-0367-15DE9404F5EB}\ARPPRODUCTICON.exe
[2010/04/06 15:56:05 | 000,010,134 | R--- | M] () -- J:\Users\GA\AppData\Roaming\Microsoft\Installer\{351D5F9B-4971-3069-370F-4C150F9FE7CB}\ARPPRODUCTICON.exe
[2011/07/06 00:01:25 | 000,583,168 | ---- | M] () -- J:\Users\GA\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\uno_packages\E573.tmp_\sun-pdfimport.oxt\xpdfimport.exe
[2012/04/21 10:07:02 | 000,374,272 | ---- | M] (RaimaSoft) -- J:\Users\GA\AppData\Roaming\RaimaRadioPro\RaimaTV.exe
[2007/06/01 05:30:56 | 000,053,248 | ---- | M] () -- J:\Users\GA\AppData\Roaming\RaimaRadioPro\Encoders\enc_aacPlus.exe
[2008/04/29 14:15:32 | 000,393,216 | ---- | M] () -- J:\Users\GA\AppData\Roaming\RaimaRadioPro\Encoders\faac.exe
[2005/02/03 21:59:44 | 000,217,088 | ---- | M] () -- J:\Users\GA\AppData\Roaming\RaimaRadioPro\Encoders\flac.exe
[2008/07/04 07:25:48 | 000,544,768 | ---- | M] () -- J:\Users\GA\AppData\Roaming\RaimaRadioPro\Encoders\lame.exe
[2008/03/16 13:51:12 | 001,470,464 | ---- | M] () -- J:\Users\GA\AppData\Roaming\RaimaRadioPro\Encoders\oggenc2.exe
[2012/09/30 20:43:57 | 000,450,712 | ---- | M] (RealNetworks, Inc.) -- J:\Users\GA\AppData\Roaming\Real\Update\temp\~Upg0\rnupgagent.exe
[2012/12/27 18:15:31 | 000,450,712 | ---- | M] (RealNetworks, Inc.) -- J:\Users\GA\AppData\Roaming\Real\Update\temp\~Upg4\rnupgagent.exe
[2012/09/30 20:43:57 | 000,450,712 | ---- | M] (RealNetworks, Inc.) -- J:\Users\GA\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.20\agent\rnupgagent.exe
[2012/12/27 18:15:31 | 000,450,712 | ---- | M] (RealNetworks, Inc.) -- J:\Users\GA\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\rnupgagent.exe
[2012/06/03 19:49:49 | 000,317,080 | ---- | M] (RealNetworks, Inc.) -- J:\Users\GA\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.11\rnupgagent.exe
[2012/06/03 22:52:30 | 028,073,408 | ---- | M] (RealNetworks, Inc.) -- J:\Users\GA\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.11\stub_data\RealPlayer_fr.exe
[2012/06/03 22:50:03 | 000,693,504 | ---- | M] (RealNetworks, Inc.) -- J:\Users\GA\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.11\stub_exe\RealPlayer_fr.exe
[2010/04/12 23:13:56 | 000,053,248 | ---- | M] () -- J:\Users\GA\AppData\Roaming\Thinstall\Microsoft Office Enterprise 2007\300000005700002h\WINWORD.EXE
[2013/01/12 14:53:08 | 008,104,568 | ---- | M] (WindSolutions) -- J:\Users\GA\AppData\Roaming\WindSolutions\CopyTransControlCenter\Applications\CopyTrans.exe
[2013/01/06 00:24:47 | 004,279,440 | ---- | M] (WindSolutions) -- J:\Users\GA\AppData\Roaming\WindSolutions\CopyTransControlCenter\Applications\CopyTransControlCenter.exe
[2013/01/06 00:29:23 | 007,955,968 | ---- | M] (WindSolutions) -- J:\Users\GA\AppData\Roaming\WindSolutions\CopyTransControlCenter\Applications\CopyTransPhoto.exe
[2013/01/06 00:24:11 | 004,279,440 | ---- | M] (WindSolutions) -- J:\Users\GA\AppData\Roaming\WindSolutions\CopyTransControlCenter\Applications\CopyTrans_Suite_v2.370_FR.exe

< %temp%\*.exe /s >
[2013/01/29 23:42:59 | 000,035,224 | ---- | M] () -- J:\Users\GA\AppData\Local\Temp\i4jdel0.exe
[157 J:\Users\GA\AppData\Local\Temp\*.tmp files -> J:\Users\GA\AppData\Local\Temp\*.tmp -> ]
[2013/01/30 21:09:47 | 015,739,912 | ---- | M] (Adobe Systems Incorporated) -- J:\Users\GA\AppData\Local\Temp\{795702C2-FAA1-4B1C-8D94-C23DD5C56A85}\InstallFlashPlayer.exe
[2013/01/31 14:58:05 | 015,739,912 | ---- | M] (Adobe Systems Incorporated) -- J:\Users\GA\AppData\Local\Temp\{ED016A95-F139-4FD2-8351-F073A298B5BF}\InstallFlashPlayer.exe
[2010/11/20 13:17:04 | 000,082,944 | ---- | M] (Microsoft Corporation) -- J:\Users\GA\AppData\Local\Temp\C1091070-A918-4DB4-B1CD-C081525C14F0\DismHost.exe
[2013/01/31 14:43:49 | 000,035,224 | ---- | M] () -- J:\Users\GA\AppData\Local\Temp\e4j4D83.tmp_dir1359639829\i4jdel.exe
[2013/02/01 16:01:32 | 000,035,224 | ---- | M] () -- J:\Users\GA\AppData\Local\Temp\e4jBDD2.tmp_dir1359730892\i4jdel.exe
[2013/01/31 15:31:31 | 000,035,224 | ---- | M] () -- J:\Users\GA\AppData\Local\Temp\e4jFA46.tmp_dir1359642691\i4jdel.exe
[2013/01/31 15:44:07 | 000,035,224 | ---- | M] () -- J:\Users\GA\AppData\Local\Temp\e4jFEA8.tmp_dir1359643447\i4jdel.exe

< %SYSTEMDRIVE%\*.exe >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2011/12/08 11:08:44 | 000,353,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- J:\Windows\system32\dxtmsft.dll
[2011/12/08 11:08:44 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- J:\Windows\system32\dxtrans.dll
[2009/07/14 02:15:36 | 000,226,816 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- J:\Windows\system32\LocationApi.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2012/06/19 17:28:12 | 000,136,024 | ---- | M] (Kaspersky Lab ZAO) Unable to obtain MD5 -- J:\Windows\system32\drivers\kl1.sys
[2012/08/13 18:24:22 | 000,075,096 | ---- | M] (Kaspersky Lab) Unable to obtain MD5 -- J:\Windows\system32\drivers\klflt.sys
[2013/02/01 05:06:36 | 000,589,144 | ---- | M] (Kaspersky Lab) Unable to obtain MD5 -- J:\Windows\system32\drivers\klif.sys
[2012/08/02 15:09:30 | 000,024,408 | ---- | M] (Kaspersky Lab ZAO) Unable to obtain MD5 -- J:\Windows\system32\drivers\klim6.sys
[2013/02/01 05:06:37 | 000,025,944 | ---- | M] (Kaspersky Lab) Unable to obtain MD5 -- J:\Windows\system32\drivers\klkbdflt.sys
[2013/02/01 05:06:37 | 000,025,944 | ---- | M] (Kaspersky Lab) Unable to obtain MD5 -- J:\Windows\system32\drivers\klmouflt.sys
[2013/02/01 05:06:37 | 000,043,608 | ---- | M] (Kaspersky Lab) Unable to obtain MD5 -- J:\Windows\system32\drivers\kltdi.sys
[2012/08/13 16:49:44 | 000,144,344 | ---- | M] (Kaspersky Lab) Unable to obtain MD5 -- J:\Windows\system32\drivers\kneps.sys

< %systemroot%\System32\config\*.sav >

< MD5 for: EXPLORER.EXE >
[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- J:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- J:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- J:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- J:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- J:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- J:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- J:\Windows\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- J:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009/08/03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- J:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- J:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- J:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: WININIT.EXE >
[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- J:\Windows\System32\wininit.exe
[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- J:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

< MD5 for: WINLOGON.EXE >
[2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- J:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- J:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- J:\Windows\System32\winlogon.exe
[2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- J:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- J:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s >

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s >
"Debug" =
"" = mnmsrvc
"Kmode" = \SystemRoot\System32\win32k.sys
"Optional" = Posix [binary data]
"Posix" = %SystemRoot%\system32\psxss.exe
"Required" = DebugWindows [binary data]
"Windows" = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\CSRSS]
"CsrSrvSharedSectionBase" = 2137980928

< nslookup http://www.google.fr /c >
Serveur : dns2.proxad.net
Address: 212.27.40.241

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "J:\Windows\System32\ie4uinit.exe" -show [2011/12/08 11:08:44 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "J:\Windows\System32\ie4uinit.exe" -reinstall [2011/12/08 11:08:44 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "J:\Windows\System32\ie4uinit.exe" -hide [2011/12/08 11:08:44 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "J:\Program Files\Internet Explorer\iexplore.exe" -extoff [2012/11/16 17:33:24 | 000,757,280 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: J:\Program Files\Internet Explorer\iexplore.exe [2012/11/16 17:33:24 | 000,757,280 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "J:\Windows\System32\ie4uinit.exe" -show [2011/12/08 11:08:44 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "J:\Windows\System32\ie4uinit.exe" -reinstall [2011/12/08 11:08:44 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "J:\Windows\System32\ie4uinit.exe" -hide [2011/12/08 11:08:44 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "J:\Program Files\Internet Explorer\iexplore.exe" -extoff [2012/11/16 17:33:24 | 000,757,280 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: J:\Program Files\Internet Explorer\iexplore.exe [2012/11/16 17:33:24 | 000,757,280 | ---- | M] (Microsoft Corporation)

< >

========== Files - Unicode (All) ==========
[2013/01/04 21:12:57 | 000,000,000 | ---D | M](J:\ProgramData\Kaspersky L?b) -- J:\ProgramData\Kaspersky L⁡b
[2013/01/04 21:12:57 | 000,000,000 | ---D | M](J:\ProgramData?Kaspersky Lab) -- J:\ProgramData Kaspersky Lab
[2013/01/04 21:12:57 | 000,000,000 | ---D | M](J:\ProgramData\Kaspersky L?b) -- J:\ProgramData\Kaspersky L⁡b
[2013/01/04 21:12:57 | 000,000,000 | ---D | C](J:\ProgramData?Kaspersky Lab) -- J:\ProgramData Kaspersky Lab
[2013/01/04 21:12:57 | 000,000,000 | ---D | C](J:\ProgramData\Kaspersky L?b) -- J:\ProgramData\Kaspersky L⁡b

========== Alternate Data Streams ==========

@Alternate Data Stream - 123 bytes -> J:\ProgramData\Temp:8CE646EE

< End of report >
gad

Re: Désinstalation d'Acronis True Image Home

par gad »

Rapport "Extra"
OTL Extras logfile created on: 01/02/2013 18:13:22 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = J:\Users\GA\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,25 Gb Total Physical Memory | 2,27 Gb Available Physical Memory | 69,77% Memory free
6,49 Gb Paging File | 5,20 Gb Available in Paging File | 80,10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = J: | %SystemRoot% = J:\Windows | %ProgramFiles% = J:\Program Files
Drive C: | 25,70 Gb Total Space | 17,93 Gb Free Space | 69,80% Space Free | Partition Type: NTFS
Drive F: | 48,83 Gb Total Space | 6,25 Gb Free Space | 12,80% Space Free | Partition Type: NTFS
Drive J: | 78,13 Gb Total Space | 32,00 Gb Free Space | 40,96% Space Free | Partition Type: NTFS
Drive K: | 201,33 Gb Total Space | 4,02 Gb Free Space | 2,00% Space Free | Partition Type: NTFS
Drive L: | 1863,01 Gb Total Space | 111,69 Gb Free Space | 5,99% Space Free | Partition Type: NTFS
Drive Z: | 465,76 Gb Total Space | 343,24 Gb Free Space | 73,69% Space Free | Partition Type: NTFS

Computer Name: GA-PC | User Name: GA | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- J:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- J:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "J:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "J:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Pro 2.5.Browse] -- "J:\Program Files\ACD Systems\ACDSee Pro\2.5\ACDSeeQVPro25.exe" "%1" (ACD Systems)
Directory [AddToPlaylistVLC] -- "J:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "J:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "J:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "J:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "J:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0515EFA4-57FF-47F7-9D88-CABECF2FBA59}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{0CF215D7-B244-415E-94A2-32655221FF84}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{10191690-0F9C-4818-8786-50BCFE6831A8}" = lport=138 | protocol=17 | dir=in | app=system |
"{106C8AC8-8326-467B-ADE6-085DEA870260}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{163433E1-BAB1-43D8-8B66-661D99965FF7}" = lport=6004 | protocol=17 | dir=in | app=j:\program files\microsoft office\office14\outlook.exe |
"{18962804-DD2E-4217-A5DF-2A30976EB4A2}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{4138EB0D-5663-448A-B10F-D33A2DBC8A32}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4E3111F9-407F-434E-A6C0-E4E71A01AC26}" = lport=137 | protocol=17 | dir=in | app=system |
"{54F16B4C-CC6D-4735-A4C0-53FAF252B740}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{567CEB83-8DFC-4B9D-B3A3-F1F163B352DD}" = rport=137 | protocol=17 | dir=out | app=system |
"{67DF0AFD-DC42-44F5-AC97-9CF5CE39A410}" = rport=445 | protocol=6 | dir=out | app=system |
"{76D95059-F268-4CE8-B174-A5F41059D55E}" = lport=139 | protocol=6 | dir=in | app=system |
"{7A3CE59B-76BC-4179-A7E4-1154F90665C4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{80C1BCCB-8D3D-46F8-A76C-9666A7DAEC2E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{860A67F1-8B5E-4FFC-AAA3-65B45555EAD9}" = lport=2869 | protocol=6 | dir=in | app=system |
"{90D9E4A1-321C-40B6-B641-9B99DA9624B1}" = rport=138 | protocol=17 | dir=out | app=system |
"{9455960E-F2AE-4EBC-93C4-0E29A861C329}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9A029234-8BA2-4A9D-87D0-6F629A8792C6}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{B218F0FC-93E9-45B2-B6BE-A0973BCC536E}" = rport=139 | protocol=6 | dir=out | app=system |
"{E786011E-979D-4C24-9F5B-F9B37CA46B76}" = lport=445 | protocol=6 | dir=in | app=system |
"{FD416264-EDBA-4C3A-81AC-28713D1ED47C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{000739A1-E400-435C-8DA4-E08221B48DBD}" = protocol=17 | dir=in | app=j:\program files\bonjour\mdnsresponder.exe |
"{023122F6-8A1A-447F-A316-BB92F32FF41D}" = protocol=58 | dir=in | [email protected],-28545 |
"{0268CEF0-69AE-4C79-801E-601C29C45EAB}" = protocol=17 | dir=in | app=j:\program files\codemasters\f1 2010\f1_2010_game.exe |
"{035D2CEA-20DF-45E5-9CF2-764990527F24}" = protocol=17 | dir=in | app=j:\program files\teamviewer\version8\teamviewer.exe |
"{039C4DA9-ECC8-4174-9682-96BBF78629C8}" = dir=in | app=j:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{05D0E65E-EB13-4DE8-87A3-5CD135F6DE6F}" = protocol=6 | dir=in | app=j:\program files\filezilla ftp client\filezilla.exe |
"{05FDD421-EF98-447F-A9E0-ECC30DD5F659}" = dir=in | app=j:\program files\hp\hp software update\hpwucli.exe |
"{0907ECB8-F82A-46CD-B5D3-10173DBCF605}" = protocol=58 | dir=out | [email protected],-28546 |
"{09398A33-C5DF-48A6-A56A-9C4264C4010C}" = dir=in | app=j:\program files\windows live\sync\windowslivesync.exe |
"{099D05D1-D7E7-4A7D-89EE-FD8A0DF81DAE}" = protocol=6 | dir=in | app=j:\program files\teamviewer\version8\teamviewer_service.exe |
"{13158894-0B16-4EF1-8B0D-91281677B30C}" = protocol=1 | dir=in | [email protected],-28543 |
"{148B2C59-4380-4EBC-99E4-C3DF23471872}" = protocol=17 | dir=in | app=j:\program files\capcom\resident evil 5\re5dx10.exe |
"{1754B0C5-C753-4B04-8D30-D5C8B8736F27}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1BEE13CC-D4BF-4393-8A2B-8A43A98F2BA0}" = dir=in | app=j:\program files\hp\digital imaging\bin\hpofxm08.exe |
"{1F5037C3-0A4F-4255-9C7A-58B7779DAB80}" = dir=in | app=j:\program files\skype\phone\skype.exe |
"{2307752E-E342-4455-AFA9-4420D6EA073E}" = protocol=17 | dir=in | app=j:\program files\teamviewer\version8\teamviewer_service.exe |
"{26FF6E92-CE5C-499B-8742-0765B5986550}" = dir=in | app=j:\program files\windows live\contacts\wlcomm.exe |
"{27B1C911-EFB8-4D4F-8A9E-DFA3409E7172}" = protocol=6 | dir=in | app=j:\program files\teamviewer\version8\teamviewer.exe |
"{2B9DBFDE-6051-4B30-BDDB-91646B38988B}" = protocol=1 | dir=out | [email protected],-28544 |
"{2D583E0C-23C6-46D9-A56C-CE7B73C5AFAB}" = dir=in | app=j:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{365FA684-9187-48D3-BBBB-9E87637F21A8}" = protocol=17 | dir=in | app=j:\program files\microsoft office\office12\onenote.exe |
"{374C4A1D-B46C-4DDE-BC47-2F5C59430F74}" = protocol=6 | dir=in | app=j:\program files\microsoft office\office12\groove.exe |
"{39F68898-FCCB-4E20-891D-066B4FEAFBA8}" = dir=in | app=j:\program files\hp\digital imaging\bin\hpqnrs08.exe |
"{40FA7069-53AB-4C4E-A2DA-D8747080605E}" = protocol=17 | dir=in | app=j:\program files\microsoft office\office14\groove.exe |
"{4369F8B2-8040-408D-A0BB-E2E03D3044AC}" = dir=in | app=j:\program files\windows live\messenger\msnmsgr.exe |
"{437C4417-A54F-4B4E-9935-1B408D5A50DA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{492ADD2F-D369-4DA6-A486-A2CAF824F87E}" = dir=in | app=j:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{4F3E1307-8B0D-4002-8CA1-A58335C6AABD}" = dir=in | app=j:\program files\hp\digital imaging\bin\hposid01.exe |
"{509F6FA3-9D3E-4731-9FFD-CF2B588B5205}" = dir=in | app=j:\program files\hp\digital imaging\bin\hpqsudi.exe |
"{50CF68B6-0080-48B1-9693-D8145105742D}" = dir=in | app=j:\program files\hp\digital imaging\bin\hpoews01.exe |
"{57887605-E8BC-4DAF-851B-01B0FD70E6E1}" = dir=in | app=j:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{57FFED80-B54E-4BAF-9963-D7AA7E710FB6}" = protocol=6 | dir=in | app=j:\program files\research in motion\blackberry desktop\rim.desktop.exe |
"{5CF32295-56A9-49B0-BCF2-870FBA44390A}" = protocol=17 | dir=in | app=j:\program files\vuze\azureus.exe |
"{5EA10222-2703-4274-B56D-6C33A3BC4439}" = dir=in | app=j:\program files\itunes\itunes.exe |
"{61FAA9E4-41DA-4155-976F-E92534C783A0}" = dir=in | app=j:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{66F648EE-0D30-4D92-834A-556A392EC13A}" = dir=in | app=j:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{6A2FF06B-9F13-49AB-AC26-42F883FAE1B6}" = protocol=6 | dir=in | app=j:\program files\vuze\azureus.exe |
"{6A98E737-015A-4EDA-A52A-876C226AF061}" = dir=in | app=j:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{6E547CD8-D741-429C-968A-0E07E0E2D184}" = protocol=17 | dir=in | app=j:\program files\vuze\azureus.exe |
"{78EC325A-1D3B-404C-8127-C0E3CF156D87}" = protocol=17 | dir=in | app=j:\program files\filezilla ftp client\filezilla.exe |
"{79C716F8-5D9E-4B9E-B74E-1CDB8F4899E7}" = protocol=17 | dir=in | app=j:\program files\electronic arts\need for speed(tm) hot pursuit\launcher.exe |
"{7C7528E8-13B9-4623-900A-2DB775753C34}" = protocol=6 | dir=in | app=j:\program files\codemasters\f1 2010\f1_2010_game.exe |
"{7EE70870-9588-499F-9C1E-CADB9ECA3BA0}" = protocol=17 | dir=in | app=j:\program files\capcom\resident evil 5\re5dx9.exe |
"{80F00046-A892-44AD-AAB9-6DE2269676EB}" = protocol=6 | dir=in | app=j:\program files\microsoft office\office14\groove.exe |
"{8720D1D1-274D-4123-A7C3-7FC598282C20}" = protocol=17 | dir=in | app=j:\program files\microsoft office\office12\groove.exe |
"{8786F95A-20D3-42FB-92AB-F7FCE6C8D1A5}" = protocol=17 | dir=in | app=j:\program files\microsoft office\office14\onenote.exe |
"{8C9C907B-387C-4AB2-B797-36E5AB0F0675}" = protocol=6 | dir=in | app=j:\program files\electronic arts\need for speed(tm) hot pursuit\launcher.exe |
"{908A1866-887D-4CAB-88BC-78B7DF6F3D5E}" = dir=in | app=j:\program files\hp\digital imaging\bin\hpzwiz01.exe |
"{914981CB-91D7-466D-B433-732B3DB8750C}" = dir=in | app=j:\program files\hp\digital imaging\bin\hpqfxt08.exe |
"{98117197-8BFF-4AE7-B432-1F26894D7A70}" = protocol=6 | dir=in | app=j:\program files\bonjour\mdnsresponder.exe |
"{9C6E6DA0-9CF0-4FA4-838D-249FD9EB5771}" = dir=in | app=j:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{A1DF37C3-7C81-4CFE-A6C6-94655C08423F}" = protocol=6 | dir=in | app=j:\program files\capcom\resident evil 5\re5dx10.exe |
"{AB1809C7-633D-41CE-AC73-FBE487ADDBA5}" = dir=in | app=j:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{AFCCADC4-2C06-4FBD-B686-CE40BEAD23BE}" = dir=in | app=j:\program files\hp\digital imaging\bin\hpqste08.exe |
"{B56430A4-A8CD-4E25-A021-BE82199B4E6A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BB186636-A579-46F8-B0DD-5BCE7D29469B}" = protocol=17 | dir=in | app=j:\program files\bonjour\mdnsresponder.exe |
"{BB845F6C-7442-4305-8E39-3DAC6D651F7E}" = protocol=17 | dir=in | app=j:\program files\research in motion\blackberry desktop\rim.desktop.exe |
"{C13E7DCF-BFAC-49E4-894F-5F81239F68C3}" = dir=in | app=j:\program files\hp\digital imaging\bin\hpofxs08.exe |
"{C9DA7685-D498-44B8-8B44-6E9B2F7C6A2D}" = dir=in | app=j:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{CEC87ECE-48A2-4F5A-84BA-34F72FAFAED8}" = protocol=6 | dir=in | app=j:\program files\logitech\vid hd\vid.exe |
"{D315B1AD-3D8E-4B83-98CB-D4971D705A13}" = dir=in | app=j:\program files\hp\digital imaging\bin\hpqpsapp.exe |
"{D379B1D2-00AC-44AD-8C91-819C8A0A4D25}" = protocol=6 | dir=in | app=j:\program files\capcom\resident evil 5\re5dx9.exe |
"{D9018CA6-8840-4D34-8B4D-2FEF2AD5B7D9}" = protocol=6 | dir=in | app=j:\program files\microsoft office\office12\onenote.exe |
"{E416838A-F86C-4F95-84C1-424C39B61011}" = dir=in | app=j:\program files\hp\digital imaging\bin\hposfx08.exe |
"{EDFF10F4-6408-49FD-83BC-FF4782CCBA7E}" = protocol=6 | dir=in | app=j:\program files\microsoft office\office14\onenote.exe |
"{F22415D2-04EF-4654-B5EE-0BA64382F7FD}" = protocol=6 | dir=in | app=j:\program files\bonjour\mdnsresponder.exe |
"{F73E950D-9178-49AA-97F2-70966ADAB0C6}" = protocol=6 | dir=in | app=j:\program files\vuze\azureus.exe |
"{F9296583-846F-4726-B8D6-63D25751D745}" = protocol=17 | dir=in | app=j:\program files\logitech\vid hd\vid.exe |
"{F92F3240-EFE9-4311-93A5-16970C2F3550}" = dir=in | app=j:\program files\hp\digital imaging\bin\hpqcopy2.exe |
"{FBFF738B-E7BC-48E9-A919-52E6C60D76A5}" = dir=in | app=j:\program files\hp\digital imaging\bin\hpqpse.exe |
"{FD7BE96C-7056-4A58-9644-D67BBC31C469}" = dir=in | app=j:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"TCP Query User{2376EEA6-56EA-426B-9D5D-177B71D83140}J:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=j:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{46BE192B-193D-458D-901C-B46E39D3E090}J:\users\ga\appdata\local\temp\nsbd3f3.tmp\setup.exe" = protocol=6 | dir=in | app=j:\users\ga\appdata\local\temp\nsbd3f3.tmp\setup.exe |
"UDP Query User{6AB7374C-F7B7-447E-8F6D-5C772DE015F4}J:\users\ga\appdata\local\temp\nsbd3f3.tmp\setup.exe" = protocol=17 | dir=in | app=j:\users\ga\appdata\local\temp\nsbd3f3.tmp\setup.exe |
"UDP Query User{FA340BBC-153C-4952-8012-25FA8F227A86}J:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=j:\program files\java\jre7\bin\javaw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{095EEF8C-F689-6A5A-0367-15DE9404F5EB}" = Application Profiles
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C45F2EE-408E-11E1-A6E5-F04DA23A5C58}" = Vegas Pro 11.0
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
"{0F733E11-408E-11E1-B5FE-F04DA23A5C58}" = MSVCRT Redists
"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}" = Cool & Quiet
"{1D9FBEAF-6480-BFE4-7375-D8115F675988}" = CCC Help English
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{263A4FC3-8BC9-04DE-4E39-CF0737783992}" = Catalyst Control Center Localization All
"{26A24AE4-039D-4CA4-87B4-2F83217011FF}" = Java 7 Update 11
"{28996689-E20A-E63B-2BDA-B662AB807C87}" = ATI Catalyst Install Manager
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2AC37A48-5113-8170-3064-BC33AD664235}" = CCC Help Hungarian
"{2D95950E-6D76-43E7-94A5-D9DBA2FD29E4}" = ACDSee Pro 2.5
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{322AD726-32AE-0D44-21CD-3682D0D38E1C}" = ATI AVIVO Codecs
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{351D5F9B-4971-3069-370F-4C150F9FE7CB}" = Catalyst Control Center InstallProxy
"{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}" = Nero Recode
"{3655670B-9679-6FBD-8D9B-CE74350F9FB5}" = Catalyst Control Center Graphics Light
"{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent
"{36E0C79D-338C-4B6C-BF93-5A1B654F57C6}" = DigiraceMMX
"{38345072-8850-B1F0-0099-CF7495F8ED77}" = Catalyst Control Center Graphics Previews Vista
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{4321AF65-61A5-C82D-528A-B87CCB9A63B5}" = ccc-utility
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{4475560E-9418-4908-A158-472D873AE139}" = LogMeIn
"{459699C3-9430-4381-964B-4248D87B49F9}" = Apple Mobile Device Support
"{4612C522-062B-43E3-951E-D0185D70D41B}" = GameSpy Comrade
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{537F2C3C-FF07-C5DB-F9CB-40FDAB0BC6D3}" = CCC Help French
"{53F1BE42-DEF2-336A-721E-96E9F7ADB4E9}" = Catalyst Control Center Core Implementation
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57AC0D3B-58C1-C291-F5DD-5C5E4A406C3D}" = CCC Help German
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5D2FF191-9CFB-87DA-5B4F-F03A28C297ED}" = Catalyst Control Center HydraVision Full
"{5DB65884-C963-4454-AABA-4CA3089281FA}" = NVIDIA PhysX
"{5F548A02-80BC-404D-BAE6-F05F9BF6B449}" = Nero DiscCopyGadget 10 Help (CHM)
"{6181E68A-DF1E-074C-9753-6D740C6B257F}" = CCC Help Italian
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7236672F-6430-439E-9B27-27EDEAF1D676}" = Diagnostic Utility
"{75247E38-5C9B-45D6-ADF8-E11CB56B4990}" = Network
"{760726E2-BCE6-1F55-A33E-59BCBF2A9655}" = Catalyst Control Center Graphics Previews Common
"{76810709-A7D3-468D-9167-A1780C1E766C}" = Windows Live FolderShare
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7A3E6E1C-CF5A-4CE9-B8D6-A2F9B7BA18FC}" = BlackBerry Desktop Software 7.1
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7E0610A2-E336-40B3-B685-C4905E97EC9A}" = OpenOffice.org 3.3
"{81EF79A8-F332-D5C6-EC1B-B2764FD10AE4}" = Catalyst Control Center Graphics Full Existing
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}" = EPU-4 Engine
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2010
"{90140000-0015-040C-0000-0000000FF1CE}_Office14.PROPLUS_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2010
"{90140000-0016-040C-0000-0000000FF1CE}_Office14.PROPLUS_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2010
"{90140000-0018-040C-0000-0000000FF1CE}_Office14.PROPLUS_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2010
"{90140000-0019-040C-0000-0000000FF1CE}_Office14.PROPLUS_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2010
"{90140000-001A-040C-0000-0000000FF1CE}_Office14.PROPLUS_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2010
"{90140000-001B-040C-0000-0000000FF1CE}_Office14.PROPLUS_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2010
"{90140000-001F-0401-0000-0000000FF1CE}_Office14.PROPLUS_{1A43C155-3DDA-43C9-92C5-0E7D0B2B156D}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2010
"{90140000-001F-0413-0000-0000000FF1CE}_Office14.PROPLUS_{5072FEA2-862C-4BF0-9654-CB0DCBE2BE28}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2010
"{90140000-002C-040C-0000-0000000FF1CE}_Office14.PROPLUS_{C8E4AA87-3E5A-4C70-8CB7-43FE25C99B74}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2010
"{90140000-0044-040C-0000-0000000FF1CE}_Office14.PROPLUS_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2010
"{90140000-006E-040C-0000-0000000FF1CE}_Office14.PROPLUS_{7C5C7E8C-F6D2-43AC-93A4-89E4FF7367E6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2010
"{90140000-00A1-040C-0000-0000000FF1CE}_Office14.PROPLUS_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-040C-0000-0000000FF1CE}" = Microsoft Office Groove MUI (French) 2010
"{90140000-00BA-040C-0000-0000000FF1CE}_Office14.PROPLUS_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{92EC1A84-7FFC-42DF-A8F6-79C21C4765A5}" = Nero DiscCopy Gadget 10
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98F82145-E776-DC9A-A778-98362C75B92B}" = Catalyst Control Center Graphics Full New
"{9994FADE-6E17-DCB4-0392-16FBEB74C3E4}" = CCC Help Portuguese
"{99AD9D6D-A456-49EE-8360-F22EE7AA1272}" = Express Gate
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9BF0F3CE-4964-4E4E-9BF6-DEC77FE86DEA}" = O&O Defrag Professional
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E82B934-9A25-445B-B8DF-8012808074AC}" = Nero PhotoSnap
"{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A209525B-3377-43F4-B886-32F6B6E7356F}" = Nero WaveEditor
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AC76BA86-7AD7-1036-7B44-A95000000001}" = Adobe Reader 9.5.3 - Français
"{ACCD5C00-F1E4-11DD-AA93-005056C00008}" = Paragon Partition Manager™ 10.0 Server
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B0261E53-B6F1-474A-864B-E7C3CBF468E0}" = iTunes
"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B35D74AE-A323-E232-1E11-4C8D961FDA24}" = Dailymotion Mass Uploader
"{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
"{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}" = SoundTrax
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C79A37F3-C076-48BE-B290-F4C8676ABD74}" = Samsung PC Studio 3
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.4 Game
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}" = Nero ShowTime
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{DC302DA1-6440-D072-C9A7-8B409D391039}" = CCC Help Polish
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DD430FCC-8C63-9F99-8CAF-B0791B0756BD}" = HydraVision
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E203A9C9-268D-D164-6314-583AFBB69410}" = CCC Help Spanish
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E498385E-1C51-459A-B45F-1721E37AA1A0}" = Movie Templates - Starter Kit
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E60B8506-DDC7-433d-AF9E-999D0F543C4A}" = 2570_Help
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{E9CFA103-D9B8-E149-8808-4041EEDE8B8E}" = ccc-core-static
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EA7FE7AB-34AE-4e14-84C5-187E6EC0AB9B}" = 2570
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F1861F30-3419-44DB-B2A1-C274825698B3}" = Nero Disc Copy Gadget
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F27BC53B-FBBF-C8B0-8950-F0648D12D329}" = CCC Help Greek
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F66D5732-C2A6-4f88-B8FE-AEDA10355FBD}" = 2570Trb
"{F7338FA3-DAB5-49B2-900D-0AFB5760C166}" = PC Probe II
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{FD9C31B6-F572-414D-81E3-89368C97A125}_is1" = CamStudio OSS Desktop Recorder
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"5513-1208-7298-9440" = JDownloader 0.9
"8461-7759-5462-8226" = Vuze
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Avidemux 2.5" = Avidemux 2.5
"AVS DVDMenu Editor_is1" = AVS DVDMenu Editor 1.2.1.19
"AVS Video Tools 5_is1" = AVS Video Tools 5.6
"BlackBerry_Desktop" = BlackBerry Desktop Software 7.1
"CCleaner" = CCleaner
"CloneSpy" = CloneSpy 2.5
"com.dailymotion.massuploader" = Dailymotion Mass Uploader
"ComplitlyEngine_is1" = ComplitlyEngine
"DigiraceMMX" = DigiraceMMX
"eMule" = eMule
"FileZilla Client" = FileZilla Client 3.0.4
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.91
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Gestionnaire de périphériques de plate-forme
"InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
"Office14.PROPLUS" = Microsoft Office Professionnel Plus 2010
"OpenAL" = OpenAL
"RarmaRadio_is1" = RarmaRadio 2.68.3
"RealPlayer 15.0" = RealPlayer
"Revo Uninstaller" = Revo Uninstaller 1.94
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"Shop for HP Supplies" = Shop for HP Supplies
"TeamViewer 8" = TeamViewer 8
"TomTom HOME" = TomTom HOME 2.8.2.2264
"TubeMaster++" = TubeMaster++ 2.3
"VirtualCloneDrive" = VirtualCloneDrive
"VisiPics_is1" = VisiPics V1.30
"VLC media player" = VLC media player 2.0.5
"Winamp" = Winamp
"WinLiveSuite" = Windows Live
"WinPcapInst" = WinPcap 4.1.2
"WinRAR archiver" = Archiveur WinRAR

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CopyTrans Suite" = CopyTrans Suite désinstallation uniquement
"Google Chrome" = Google Chrome
"Winamp Detect" = Détection de l'application Winamp

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 31/01/2013 22:46:27 | Computer Name = GA-PC | Source = System Restore | ID = 8193
Description =

Error - 31/01/2013 22:50:47 | Computer Name = GA-PC | Source = Application Error | ID = 1000
Description = Nom de l’application défaillante svchost.exe_SysMain, version : 6.1.7600.16385,
horodatage : 0x4a5bc100 Nom du module défaillant : sysmain.dll, version : 6.1.7601.17514,
horodatage : 0x4ce7ba10 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00016d13
ID
du processus défaillant : 0x3d0 Heure de début de l’application défaillante : 0x01ce0026d3ae2dc4
Chemin
d’accès de l’application défaillante : J:\Windows\system32\svchost.exe Chemin d’accès
du module défaillant: j:\windows\system32\sysmain.dll ID de rapport : 2ddd19fd-6c1a-11e2-95a4-0009dd509200

Error - 31/01/2013 22:52:29 | Computer Name = GA-PC | Source = MsiInstaller | ID = 11704
Description =

Error - 31/01/2013 23:32:49 | Computer Name = GA-PC | Source = Application Error | ID = 1000
Description = Nom de l’application défaillante avp.exe, version : 13.0.1.4190, horodatage
: 0x502e7cd0 Nom du module défaillant : cf_facade.dll, version : 13.0.1.4190, horodatage
: 0x502e8181 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00096b74 ID du processus
défaillant : 0x1310 Heure de début de l’application défaillante : 0x01ce002b4445735e
Chemin
d’accès de l’application défaillante : J:\Program Files\Kaspersky Lab\Kaspersky
Internet Security 2013\avp.exe Chemin d’accès du module défaillant: J:\Program Files\Kaspersky
Lab\Kaspersky Internet Security 2013\cf_facade.dll ID de rapport : 0cdead04-6c20-11e2-95a4-0009dd509200

Error - 01/02/2013 09:35:28 | Computer Name = GA-PC | Source = Application Error | ID = 1000
Description = Nom de l’application défaillante iexplore.exe, version : 9.0.8112.16457,
horodatage : 0x50a2f9e3 Nom du module défaillant : jscript9.dll, version : 9.0.8112.16457,
horodatage : 0x50a2fd3d Code d’exception : 0xc0000005 Décalage d’erreur : 0x0007a715
ID
du processus défaillant : 0x1644 Heure de début de l’application défaillante : 0x01ce007f668bad76
Chemin
d’accès de l’application défaillante : J:\Program Files\Internet Explorer\iexplore.exe
Chemin
d’accès du module défaillant: J:\Windows\System32\jscript9.dll ID de rapport : 3d3b6712-6c74-11e2-96b1-0009dd509200

Error - 01/02/2013 09:36:16 | Computer Name = GA-PC | Source = Application Error | ID = 1000
Description = Nom de l’application défaillante iexplore.exe, version : 9.0.8112.16457,
horodatage : 0x50a2f9e3 Nom du module défaillant : jscript9.dll, version : 9.0.8112.16457,
horodatage : 0x50a2fd3d Code d’exception : 0xc0000005 Décalage d’erreur : 0x00016438
ID
du processus défaillant : 0x14b8 Heure de début de l’application défaillante : 0x01ce007f66170a09
Chemin
d’accès de l’application défaillante : J:\Program Files\Internet Explorer\iexplore.exe
Chemin
d’accès du module défaillant: J:\Windows\System32\jscript9.dll ID de rapport : 5a17371e-6c74-11e2-96b1-0009dd509200

Error - 01/02/2013 10:18:33 | Computer Name = GA-PC | Source = Application Error | ID = 1000
Description = Nom de l’application défaillante TeamViewer.exe, version : 8.0.16642.0,
horodatage : 0x50caee47 Nom du module défaillant : ntdll.dll, version : 6.1.7601.17725,
horodatage : 0x4ec49b60 Code d’exception : 0xc0000374 Décalage d’erreur : 0x000c380b
ID
du processus défaillant : 0xf50 Heure de début de l’application défaillante : 0x01ce0087008c31c2
Chemin
d’accès de l’application défaillante : J:\Program Files\TeamViewer\Version8\TeamViewer.exe
Chemin
d’accès du module défaillant: J:\Windows\SYSTEM32\ntdll.dll ID de rapport : 41fcf101-6c7a-11e2-85d1-0009dd509200

Error - 01/02/2013 10:42:24 | Computer Name = GA-PC | Source = ESENT | ID = 465
Description = wuaueng.dll (1600) SUS20ClientDataStore: Des données endommagées ont
été détectées pendant la récupération logicielle dans le fichier journal J:\Windows\SoftwareDistribution\DataStore\Logs\edb.log.
L'enregistrement de total de contrôle qui a échoué se trouve à la position END.
Les données ne correspondant pas au schéma de remplissage du fichier journal sont
apparues pour la première fois dans le secteur 2217 (0x000008A9). Ce fichier journal
ayant été endommagé, il est inutilisable.

Error - 01/02/2013 11:56:51 | Computer Name = GA-PC | Source = Application Error | ID = 1000
Description = Nom de l’application défaillante avp.exe, version : 13.0.1.4210, horodatage
: 0x509157b4 Nom du module défaillant : ntdll.dll, version : 6.1.7601.17725, horodatage
: 0x4ec49b62 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00056bd3 ID du processus
défaillant : 0x7d0 Heure de début de l’application défaillante : 0x01ce008b34c22914
Chemin
d’accès de l’application défaillante : J:\Program Files\Kaspersky Lab\Kaspersky
Internet Security 2013\avp.exe Chemin d’accès du module défaillant: J:\Windows\SYSTEM32\ntdll.dll
ID
de rapport : fd9a8931-6c87-11e2-a07c-0009dd509200

Error - 01/02/2013 11:58:19 | Computer Name = GA-PC | Source = Application Error | ID = 1000
Description = Nom de l’application défaillante svchost.exe_SysMain, version : 6.1.7600.16385,
horodatage : 0x4a5bc100 Nom du module défaillant : sysmain.dll, version : 6.1.7601.17514,
horodatage : 0x4ce7ba10 Code d’exception : 0xc0000005 Décalage d’erreur : 0x000078a1
ID
du processus défaillant : 0x2b0 Heure de début de l’application défaillante : 0x01ce008b367caa7c
Chemin
d’accès de l’application défaillante : J:\Windows\system32\svchost.exe Chemin d’accès
du module défaillant: j:\windows\system32\sysmain.dll ID de rapport : 321ee88c-6c88-11e2-a07c-0009dd509200

Error - 01/02/2013 12:47:44 | Computer Name = GA-PC | Source = Application Error | ID = 1000
Description = Nom de l’application défaillante iexplore.exe, version : 9.0.8112.16457,
horodatage : 0x50a2f9e3 Nom du module défaillant : Flash32_11_5_502_146.ocx, version
: 11.5.502.146, horodatage : 0x50cfc10e Code d’exception : 0xc0000005 Décalage d’erreur
: 0x004a39d6 ID du processus défaillant : 0xae4 Heure de début de l’application défaillante
: 0x01ce009b673d129d Chemin d’accès de l’application défaillante : J:\Program Files\Internet
Explorer\iexplore.exe Chemin d’accès du module défaillant: J:\Windows\system32\Macromed\Flash\Flash32_11_5_502_146.ocx
ID
de rapport : 192f8e0c-6c8f-11e2-a863-0009dd509200

Error - 01/02/2013 12:48:30 | Computer Name = GA-PC | Source = Application Error | ID = 1000
Description = Nom de l’application défaillante Explorer.EXE, version : 6.1.7601.17567,
horodatage : 0x4d6727a7 Nom du module défaillant : ntdll.dll, version : 6.1.7601.17725,
horodatage : 0x4ec49b60 Code d’exception : 0xc0000374 Décalage d’erreur : 0x000c380b
ID
du processus défaillant : 0xcd8 Heure de début de l’application défaillante : 0x01ce009a995db9a2
Chemin
d’accès de l’application défaillante : J:\Windows\Explorer.EXE Chemin d’accès du
module défaillant: J:\Windows\SYSTEM32\ntdll.dll ID de rapport : 349cd2b7-6c8f-11e2-a863-0009dd509200

Error - 01/02/2013 12:50:09 | Computer Name = GA-PC | Source = Application Error | ID = 1000
Description = Nom de l’application défaillante iexplore.exe, version : 9.0.8112.16457,
horodatage : 0x50a2f9e3 Nom du module défaillant : Flash32_11_5_502_146.ocx, version
: 11.5.502.146, horodatage : 0x50cfc10e Code d’exception : 0xc0000005 Décalage d’erreur
: 0x004a8339 ID du processus défaillant : 0x634 Heure de début de l’application défaillante
: 0x01ce009b672a079b Chemin d’accès de l’application défaillante : J:\Program Files\Internet
Explorer\iexplore.exe Chemin d’accès du module défaillant: J:\Windows\system32\Macromed\Flash\Flash32_11_5_502_146.ocx
ID
de rapport : 6f923c23-6c8f-11e2-a863-0009dd509200

Error - 01/02/2013 12:50:40 | Computer Name = GA-PC | Source = Application Error | ID = 1000
Description = Nom de l’application défaillante iexplore.exe, version : 9.0.8112.16457,
horodatage : 0x50a2f9e3 Nom du module défaillant : Flash32_11_5_502_146.ocx, version
: 11.5.502.146, horodatage : 0x50cfc10e Code d’exception : 0xc0000005 Décalage d’erreur
: 0x00518aaa ID du processus défaillant : 0xe6c Heure de début de l’application défaillante
: 0x01ce009b67bb3b8c Chemin d’accès de l’application défaillante : J:\Program Files\Internet
Explorer\iexplore.exe Chemin d’accès du module défaillant: J:\Windows\system32\Macromed\Flash\Flash32_11_5_502_146.ocx
ID
de rapport : 8279b4e6-6c8f-11e2-a863-0009dd509200

[ System Events ]
Error - 01/02/2013 12:38:21 | Computer Name = GA-PC | Source = Service Control Manager | ID = 7000
Description = Le service LogMeIn Maintenance Service n’a pas pu démarrer en raison
de l’erreur : %%2

Error - 01/02/2013 12:38:25 | Computer Name = GA-PC | Source = Service Control Manager | ID = 7000
Description = Le service SBSD Security Center Service n’a pas pu démarrer en raison
de l’erreur : %%2

Error - 01/02/2013 13:00:39 | Computer Name = GA-PC | Source = EventLog | ID = 6008
Description = L’arrêt système précédant à 17:57:09 le ?01/?02/?2013 n’était pas
prévu.

Error - 01/02/2013 13:00:18 | Computer Name = GA-PC | Source = volsnap | ID = 393241
Description = Les clichés instantanés du volume J: ont été supprimés car le stockage
du cliché instantané n’a pas pu s’agrandir à temps. Réduisez la charge d’E/S sur
le système ou choisissez un volume stockage de cliché instantané qui n’est pas
mis en cliché instantané.

Error - 01/02/2013 13:00:44 | Computer Name = GA-PC | Source = Service Control Manager | ID = 7000
Description = Le service LogMeIn Kernel Information Provider n’a pas pu démarrer
en raison de l’erreur : %%3

Error - 01/02/2013 13:00:44 | Computer Name = GA-PC | Source = Service Control Manager | ID = 7000
Description = Le service LogMeIn Maintenance Service n’a pas pu démarrer en raison
de l’erreur : %%2

Error - 01/02/2013 13:00:49 | Computer Name = GA-PC | Source = Service Control Manager | ID = 7000
Description = Le service SBSD Security Center Service n’a pas pu démarrer en raison
de l’erreur : %%2

Error - 01/02/2013 13:02:19 | Computer Name = GA-PC | Source = Service Control Manager | ID = 7000
Description = Le service LogMeIn Kernel Information Provider n’a pas pu démarrer
en raison de l’erreur : %%3

Error - 01/02/2013 13:02:19 | Computer Name = GA-PC | Source = Service Control Manager | ID = 7000
Description = Le service LogMeIn Maintenance Service n’a pas pu démarrer en raison
de l’erreur : %%2

Error - 01/02/2013 13:02:22 | Computer Name = GA-PC | Source = Service Control Manager | ID = 7000
Description = Le service SBSD Security Center Service n’a pas pu démarrer en raison
de l’erreur : %%2


< End of report >
SkyTech

Re: Désinstalation d'Acronis True Image Home

par SkyTech »

Yop,

Téléchargez AdwCleaner( d'Xplode ) sur votre bureau.
Lancez le, cliquez sur [Suppression] puis patientez le temps du scan.
Une fois le scan fini, un rapport s'ouvrira.
Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt
Poste le rapport.

---

Désinstalle via Programmes & fonctionnalités du Panneau de configuration :

Bonjour
O&O Defrag Professional
eMule
HP Customer Participation Program 13.0
Shop for HP Supplies
WinPcap 4.1.2


Et tout ce qui peut se rapporter à Nero.

---

Relance OTL.
o sous Peronnalisation, copie_colle le contenu du cadre ci dessous et clic Correction, un rapport apparraitra suite à l’operation que tu conserveras sur clé usb par exemple afin d’en coller le resultat:
:OTL
SRV - (SBSDWSCService) -- J:\Program Files\Spybot File not found
SRV - (LMIMaint) -- J:\Program Files\LogMeIn\x86\RaMaint.exe File not found
DRV - (VMnetAdapter) -- system32\DRIVERS\vmnetadapter.sys File not found
DRV - (VGPU) -- System32\drivers\rdvgkmd.sys File not found
DRV - (tsusbhub) -- system32\drivers\tsusbhub.sys File not found
DRV - (Synth3dVsc) -- System32\drivers\synth3dvsc.sys File not found
DRV - (LMIInfo) -- J:\Program Files\LogMeIn\x86\RaInfo.sys File not found
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://search.searchcompletion.com/?si= ... me=true&q={searchTerms}
IE - HKCU\..\SearchScopes\{80D79A02-6E51-48FF-B1C1-F40CABF2D038}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2504091
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: J:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: J:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: J:\Users\GA\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: J:\Users\GA\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
MsConfig - StartUpReg: LogMeIn GUI - hkey= - key= - File not found
MsConfig - StartUpReg: NBAgent - hkey= - key= - File not found
MsConfig - StartUpReg: TrueImageMonitor.exe - hkey= - key= - File not found
[2013/01/27 17:24:28 | 000,000,000 | ---D | C] -- J:\Users\GA\AppData\Roaming\Panda Security
[2013/01/27 17:22:41 | 000,000,000 | ---D | C] -- J:\ProgramData\Panda Security
[2013/01/29 15:20:46 | 000,000,000 | ---D | C] -- J:\Program Files\Common Files\Acronis
[1 J:\*.tmp files -> J:\*.tmp -> ]
[2013/02/01 18:02:31 | 000,001,044 | ---- | M] () -- J:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/01 16:58:10 | 000,001,066 | ---- | M] () -- J:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-203944833-1044999943-1601114008-1000UA.job
[2013/02/01 16:38:01 | 000,001,048 | ---- | M] () -- J:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/31 18:58:05 | 000,001,014 | ---- | M] () -- J:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-203944833-1044999943-1601114008-1000Core.job
[2010/04/17 21:09:44 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\Acronis
[2010/05/14 00:13:31 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\Nero
[2011/07/02 15:30:10 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\ComplitlyEngine
[2013/01/27 17:24:28 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\Panda Security
[2013/01/02 13:01:45 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\Research In Motion
[157 J:\Users\GA\AppData\Local\Temp\*.tmp files -> J:\Users\GA\AppData\Local\Temp\*.tmp -> ]
@Alternate Data Stream - 123 bytes -> J:\ProgramData\Temp:8CE646EE
O2 - BHO: (Complitly) - {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} - J:\Users\GA\AppData\Roaming\ComplitlyEngine\ComplitlyEngine.dll (SimplyGen)
:services
gupdate
gupdatem
gusvc
:files
C:\Program Files\Google\Update
C:\Program Files\Google\Common\Google Updater
:commands
[purity]
[emptytemp]
[emptyflash]
[ResetHosts]
* redemarre le pc sous windows et poste le rapport ici
gad

Re: Désinstalation d'Acronis True Image Home

par gad »

Bonjour,
J'ai pu lancer "AdwCleaner" par contre au moment de copier le rapport "Ecran bleue",je l'ai relancer après le redémarrge mais le rapport était beaucoup plus court ! Le voici :

# AdwCleaner v2.109 - Rapport créé le 02/02/2013 à 20:08:21
# Mis à jour le 26/01/2013 par Xplode
# Système d'exploitation : Windows 7 Ultimate Service Pack 1 (32 bits)
# Nom d'utilisateur : GA - GA-PC
# Mode de démarrage : Normal
# Exécuté depuis : J:\Users\GA\Desktop\adwcleaner.exe
# Option [Suppression]


***** [Services] *****


***** [Fichiers / Dossiers] *****


***** [Registre] *****


***** [Navigateurs] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Le registre ne contient aucune entrée illégitime.

-\\ Google Chrome v24.0.1312.57

Fichier : J:\Users\GA\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Le fichier ne contient aucune entrée illégitime.

*************************

AdwCleaner[S1].txt - [4700 octets] - [02/02/2013 19:27:25]
AdwCleaner[S2].txt - [806 octets] - [02/02/2013 20:08:21]

########## EOF - J:\AdwCleaner[S2].txt - [865 octets] ##########



J'ai pu désinstaller :
Bonjour
O&O Defrag Professional
HP Customer Participation Program 13.0
Shop for HP Supplies
WinPcap 4.1.2

J'ai garder emule et 3 Nero.

Voivi le rapport OTL après correction:

All processes killed
Error: Unable to interpret <SRV - (SBSDWSCService) -- J:\Program Files\Spybot File not found> in the current context!
Error: Unable to interpret <SRV - (LMIMaint) -- J:\Program Files\LogMeIn\x86\RaMaint.exe File not found> in the current context!
Error: Unable to interpret <DRV - (VMnetAdapter) -- system32\DRIVERS\vmnetadapter.sys File not found> in the current context!
Error: Unable to interpret <DRV - (VGPU) -- System32\drivers\rdvgkmd.sys File not found> in the current context!
Error: Unable to interpret <DRV - (tsusbhub) -- system32\drivers\tsusbhub.sys File not found> in the current context!
Error: Unable to interpret <DRV - (Synth3dVsc) -- System32\drivers\synth3dvsc.sys File not found> in the current context!
Error: Unable to interpret <DRV - (LMIInfo) -- J:\Program Files\LogMeIn\x86\RaInfo.sys File not found> in the current context!
Error: Unable to interpret <IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}> in the current context!
Error: Unable to interpret <IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve> in the current context!
Error: Unable to interpret <IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4> in the current context!
Error: Unable to interpret <IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://search.searchcompletion.com/?si= ... me=true&q={searchTerms}> in the current context!
Error: Unable to interpret <IE - HKCU\..\SearchScopes\{80D79A02-6E51-48FF-B1C1-F40CABF2D038}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2504091> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: J:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: J:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)> in the current context!
Error: Unable to interpret <FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: J:\Users\GA\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)> in the current context!
Error: Unable to interpret <FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: J:\Users\GA\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)> in the current context!
Error: Unable to interpret <O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.> in the current context!
Error: Unable to interpret <O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - No CLSID value found.> in the current context!
Error: Unable to interpret <O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No CLSID value found.> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [] File not found> in the current context!
Error: Unable to interpret <MsConfig - StartUpReg: LogMeIn GUI - hkey= - key= - File not found> in the current context!
Error: Unable to interpret <MsConfig - StartUpReg: NBAgent - hkey= - key= - File not found> in the current context!
Error: Unable to interpret <MsConfig - StartUpReg: TrueImageMonitor.exe - hkey= - key= - File not found> in the current context!
Error: Unable to interpret <[2013/01/27 17:24:28 | 000,000,000 | ---D | C] -- J:\Users\GA\AppData\Roaming\Panda Security> in the current context!
Error: Unable to interpret <[2013/01/27 17:22:41 | 000,000,000 | ---D | C] -- J:\ProgramData\Panda Security> in the current context!
Error: Unable to interpret <[2013/01/29 15:20:46 | 000,000,000 | ---D | C] -- J:\Program Files\Common Files\Acronis> in the current context!
Error: Unable to interpret <[1 J:\*.tmp files -> J:\*.tmp -> ]> in the current context!
Error: Unable to interpret <[2013/02/01 18:02:31 | 000,001,044 | ---- | M] () -- J:\Windows\tasks\GoogleUpdateTaskMachineCore.job> in the current context!
Error: Unable to interpret <[2013/02/01 16:58:10 | 000,001,066 | ---- | M] () -- J:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-203944833-1044999943-1601114008-1000UA.job> in the current context!
Error: Unable to interpret <[2013/02/01 16:38:01 | 000,001,048 | ---- | M] () -- J:\Windows\tasks\GoogleUpdateTaskMachineUA.job> in the current context!
Error: Unable to interpret <[2013/01/31 18:58:05 | 000,001,014 | ---- | M] () -- J:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-203944833-1044999943-1601114008-1000Core.job> in the current context!
Error: Unable to interpret <[2010/04/17 21:09:44 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\Acronis> in the current context!
Error: Unable to interpret <[2010/05/14 00:13:31 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\Nero> in the current context!
Error: Unable to interpret <[2011/07/02 15:30:10 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\ComplitlyEngine> in the current context!
Error: Unable to interpret <[2013/01/27 17:24:28 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\Panda Security> in the current context!
Error: Unable to interpret <[2013/01/02 13:01:45 | 000,000,000 | ---D | M] -- J:\Users\GA\AppData\Roaming\Research In Motion> in the current context!
Error: Unable to interpret <[157 J:\Users\GA\AppData\Local\Temp\*.tmp files -> J:\Users\GA\AppData\Local\Temp\*.tmp -> ]> in the current context!
Error: Unable to interpret <@Alternate Data Stream - 123 bytes -> J:\ProgramData\Temp:8CE646EE> in the current context!
Error: Unable to interpret <O2 - BHO: (Complitly) - {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} - J:\Users\GA\AppData\Roaming\ComplitlyEngine\ComplitlyEngine.dll (SimplyGen)> in the current context!
========== SERVICES/DRIVERS ==========
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Error: No service named gusvc was found to stop!
Service\Driver key gusvc not found.
========== FILES ==========
File\Folder C:\Program Files\Google\Update not found.
File\Folder C:\Program Files\Google\Common\Google Updater not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56475 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: GA
->Temp folder emptied: 4806814 bytes
->Temporary Internet Files folder emptied: 17600209 bytes
->Java cache emptied: 8067208 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 63196 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 140945 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 29,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: GA
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

J:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.69.0 log created on 02022013_213507

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...


J'ai vu que la liste des programmes ne s'affiche plus en détail ? (y a plus les dates et taille)

Merci bonne soirée
SkyTech

Re: Désinstalation d'Acronis True Image Home

par SkyTech »

Dommage pour AdwCleaner, tu peux le désinstaller.

Pour OTL ce n'est pas exactement ça, tu as dû mettre un espace avant :OTL, réessaye.
gad

Re: Désinstalation d'Acronis True Image Home

par gad »

Ok pour "AdwCleaner"

Bien vu pour "OTL",je l'avais pas bien fait !

Rapport :
All processes killed
========== OTL ==========
Service SBSDWSCService stopped successfully!
Service SBSDWSCService deleted successfully!
File J:\Program Files\Spybot File not found not found.
Service LMIMaint stopped successfully!
Service LMIMaint deleted successfully!
File J:\Program Files\LogMeIn\x86\RaMaint.exe File not found not found.
Service VMnetAdapter stopped successfully!
Service VMnetAdapter deleted successfully!
File system32\DRIVERS\vmnetadapter.sys File not found not found.
Service VGPU stopped successfully!
Service VGPU deleted successfully!
File System32\drivers\rdvgkmd.sys File not found not found.
Service tsusbhub stopped successfully!
Service tsusbhub deleted successfully!
File system32\drivers\tsusbhub.sys File not found not found.
Service Synth3dVsc stopped successfully!
Service Synth3dVsc deleted successfully!
File System32\drivers\synth3dvsc.sys File not found not found.
Service LMIInfo stopped successfully!
Service LMIInfo deleted successfully!
File J:\Program Files\LogMeIn\x86\RaInfo.sys File not found not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0D7562AE-8EF6-416d-A838-AB665251703A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{80D79A02-6E51-48FF-B1C1-F40CABF2D038}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{80D79A02-6E51-48FF-B1C1-F40CABF2D038}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
J:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File J:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll not found.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
J:\Users\GA\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File J:\Users\GA\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53707962-6F74-2D53-2644-206D7942484F}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BA14329E-9550-4989-B3F2-9732E92D17CC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\LogMeIn GUI\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\NBAgent\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\TrueImageMonitor.exe\ deleted successfully.
J:\Users\GA\AppData\Roaming\Panda Security\Panda Cloud Antivirus folder moved successfully.
J:\Users\GA\AppData\Roaming\Panda Security folder moved successfully.
J:\ProgramData\Panda Security\Panda Cloud Antivirus\Upselling folder moved successfully.
J:\ProgramData\Panda Security\Panda Cloud Antivirus\Download\0x04015000 folder moved successfully.
J:\ProgramData\Panda Security\Panda Cloud Antivirus\Download\0x04011000 folder moved successfully.
J:\ProgramData\Panda Security\Panda Cloud Antivirus\Download folder moved successfully.
J:\ProgramData\Panda Security\Panda Cloud Antivirus\CfgData folder moved successfully.
J:\ProgramData\Panda Security\Panda Cloud Antivirus folder moved successfully.
J:\ProgramData\Panda Security folder moved successfully.
J:\Program Files\Common Files\Acronis\UniversalRestore\DriversPack\MSSCSI folder moved successfully.
J:\Program Files\Common Files\Acronis\UniversalRestore\DriversPack folder moved successfully.
J:\Program Files\Common Files\Acronis\UniversalRestore folder moved successfully.
J:\Program Files\Common Files\Acronis\TrueImageHome folder moved successfully.
J:\Program Files\Common Files\Acronis\SnapAPI folder moved successfully.
J:\Program Files\Common Files\Acronis\Schedule2 folder moved successfully.
J:\Program Files\Common Files\Acronis\MediaBuilderHome folder moved successfully.
J:\Program Files\Common Files\Acronis\CDRecord folder moved successfully.
J:\Program Files\Common Files\Acronis\BackupScripts folder moved successfully.
J:\Program Files\Common Files\Acronis folder moved successfully.
File/Folder J:\*.tmp not found.
J:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
J:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-203944833-1044999943-1601114008-1000UA.job moved successfully.
J:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
J:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-203944833-1044999943-1601114008-1000Core.job moved successfully.
J:\Users\GA\AppData\Roaming\Acronis\TrueImageHome folder moved successfully.
J:\Users\GA\AppData\Roaming\Acronis folder moved successfully.
J:\Users\GA\AppData\Roaming\Nero\OnlineServices\MetaData folder moved successfully.
J:\Users\GA\AppData\Roaming\Nero\OnlineServices\FeedManager folder moved successfully.
J:\Users\GA\AppData\Roaming\Nero\OnlineServices folder moved successfully.
J:\Users\GA\AppData\Roaming\Nero\Nero BackItUp 4\Files folder moved successfully.
J:\Users\GA\AppData\Roaming\Nero\Nero BackItUp 4\Cache folder moved successfully.
J:\Users\GA\AppData\Roaming\Nero\Nero BackItUp 4 folder moved successfully.
J:\Users\GA\AppData\Roaming\Nero\Nero 9\Nero StartSmart folder moved successfully.
J:\Users\GA\AppData\Roaming\Nero\Nero 9\Nero Burning ROM folder moved successfully.
J:\Users\GA\AppData\Roaming\Nero\Nero 9 folder moved successfully.
J:\Users\GA\AppData\Roaming\Nero\Nero 10\OnlineServices\MetaData\default folder moved successfully.
J:\Users\GA\AppData\Roaming\Nero\Nero 10\OnlineServices\MetaData folder moved successfully.
J:\Users\GA\AppData\Roaming\Nero\Nero 10\OnlineServices\FeedManager folder moved successfully.
J:\Users\GA\AppData\Roaming\Nero\Nero 10\OnlineServices folder moved successfully.
J:\Users\GA\AppData\Roaming\Nero\Nero 10\Nero StartSmart folder moved successfully.
J:\Users\GA\AppData\Roaming\Nero\Nero 10\Nero Burning ROM folder moved successfully.
J:\Users\GA\AppData\Roaming\Nero\Nero 10\Nero BackItUp\Files folder moved successfully.
J:\Users\GA\AppData\Roaming\Nero\Nero 10\Nero BackItUp\Cache folder moved successfully.
J:\Users\GA\AppData\Roaming\Nero\Nero 10\Nero BackItUp folder moved successfully.
J:\Users\GA\AppData\Roaming\Nero\Nero 10 folder moved successfully.
J:\Users\GA\AppData\Roaming\Nero folder moved successfully.
Folder J:\Users\GA\AppData\Roaming\ComplitlyEngine\ not found.
Folder J:\Users\GA\AppData\Roaming\Panda Security\ not found.
J:\Users\GA\AppData\Roaming\Research In Motion\BlackBerry Media Sync folder moved successfully.
J:\Users\GA\AppData\Roaming\Research In Motion\BlackBerry Desktop\Devices\23314039 folder moved successfully.
J:\Users\GA\AppData\Roaming\Research In Motion\BlackBerry Desktop\Devices folder moved successfully.
J:\Users\GA\AppData\Roaming\Research In Motion\BlackBerry Desktop\DeviceData folder moved successfully.
J:\Users\GA\AppData\Roaming\Research In Motion\BlackBerry Desktop folder moved successfully.
J:\Users\GA\AppData\Roaming\Research In Motion\BlackBerry\Loader XML folder moved successfully.
J:\Users\GA\AppData\Roaming\Research In Motion\BlackBerry\Loader History folder moved successfully.
J:\Users\GA\AppData\Roaming\Research In Motion\BlackBerry\AddinSync\23314039 folder moved successfully.
J:\Users\GA\AppData\Roaming\Research In Motion\BlackBerry\AddinSync folder moved successfully.
J:\Users\GA\AppData\Roaming\Research In Motion\BlackBerry folder moved successfully.
J:\Users\GA\AppData\Roaming\Research In Motion folder moved successfully.
File/Folder J:\Users\GA\AppData\Local\Temp\*.tmp not found.
ADS J:\ProgramData\Temp:8CE646EE deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D27FC31C-6E3D-4305-8D53-ACDAEFA5F862}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27FC31C-6E3D-4305-8D53-ACDAEFA5F862}\ not found.
File J:\Users\GA\AppData\Roaming\ComplitlyEngine\ComplitlyEngine.dll not found.
========== SERVICES/DRIVERS ==========
Error: No service named gupdate was found to stop!
Service\Driver key gupdate not found.
Error: No service named gupdatem was found to stop!
Service\Driver key gupdatem not found.
Error: No service named gusvc was found to stop!
Service\Driver key gusvc not found.
========== FILES ==========
File\Folder C:\Program Files\Google\Update not found.
File\Folder C:\Program Files\Google\Common\Google Updater not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: GA
->Temp folder emptied: 41293 bytes
->Temporary Internet Files folder emptied: 22375539 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 91174903 bytes
->Flash cache emptied: 1175 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 56458 bytes
RecycleBin emptied: 3879393576 bytes

Total Files Cleaned = 3 808,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: GA
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

J:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.69.0 log created on 02032013_025217

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...


Encore merci pour ton aide et ta dispo !
Bon dimanche
SkyTech

Re: Désinstalation d'Acronis True Image Home

par SkyTech »

Relance OTL et clic sur purge outil.

Ca semble OK pour moi.

Encore des problèmes ?
gad

Re: Désinstalation d'Acronis True Image Home

par gad »

Salut
je te tient au courrant dans quelques jours.
Parcontre,j'ai "Kaspersky" qui se désactive au bout de quelque minute ou des fois des heure et impossible de faire la mise a jour sur le moment ?

merci et bonne soirée
  • Sujets similaires
    Réponses
    Vues
    Dernier message

Revenir à « Windows : Résoudre les problèmes »