How to remove Trojan:Win32/Vundo.gen!AF [Solved]

Need a geek? Geeks to Go offers free, quality tech support -- in terms anyone can understand. Volunteers are waiting to help, friendly, technology experts who have knowledge to share, and enjoy helping others. Feel free to browse the site as a guest. However, you must log in to reply to existing topics, or to start a new topic of your own. Other benefits of joining include richer forum features, and removal of all advertising. Learn more in our Welcome Guide Infected? Malware and Spyware Cleaning Guide. What are you waiting for? Click here to join for free today!

> Geeks to Go! » Security » Virus, Spyware and Trojan Removal

2 Pages

1 2 >

How to remove Trojan:Win32/Vundo.gen!AF [Solved], Win32

Options

psm343 View Member Profile	Feb 16 2009, 08:15 PM Post #1
Member Posts: 14 OS: xp	Hi all, I need help for remove malware Trojan:Win32/Vundo.gen!AF on my pc. Thanks for looking my Vundofix.txt file. Pete Hijackthis.log Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:29:48, on 2009-02-16 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\UnivLaval\cvpnd.exe C:\WINDOWS\System32\GEARSec.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe C:\WINDOWS\system32\tcpsvcs.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\WINDOWS\Explorer.EXE C:\Program Files\QuickTime\qttask.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\Pierre\Local Settings\Application Data\Google\Update\GoogleUpdate.exe C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe C:\Program Files\TechSmith\SnagIt 9\TSCHelp.exe C:\Program Files\TechSmith\SnagIt 9\SnagPriv.exe C:\Program Files\TechSmith\SnagIt 9\snagiteditor.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.canoe.ca/accueil.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - (no file) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr-ca\msntb.dll O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr-ca\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file) O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Pierre\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [WeatherEye] C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Universite Laval Client VPN ULaval.lnk = C:\Program Files\UnivLaval\vpngui.exe O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: + Offline &Explorer: Download the link - file://C:\Program Files\Offline Explorer Enterprise\Add_UrlO.htm O8 - Extra context menu item: + Offline E&xplorer: Download the current page - file://C:\Program Files\Offline Explorer Enterprise\Add_AllO.htm O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .csm: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .csml: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .cub: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .cube: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .dx: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .emb: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .embl: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .gau: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .jdx: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .mol: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .mop: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .pdb: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .rxn: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .scr: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .skc: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .spt: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .tgf: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .xyz: C:\Program Files\Internet Explorer\Plugins\npchime.dll O15 - Trusted Zone: http://www.radioenergie.com O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} (MeadCo ScriptX Advanced) - https://www.epost.ca/printing/smsx.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.4.3.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} (DeviceEnum Class) - http://h30155.www3.hp.com/ediags/dd/instal...nosticsxp2k.cab O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/Facebo...toUploader3.cab O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.jiwix.com/aurigma/imageuploader...geUploader5.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase6662.cab O16 - DPF: {68A2C3BD-7809-11D3-8ACF-0050046F2F9A} (AXELPlayer Class) - http://www.mindavenue.com/Downloads/AXELPlayerAX_Win32.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1191623643296 O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} - http://pix.futureshop.ca/fr/ImageUploader4.cab O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichier...ion_2_0_4_9.cab O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD5/JSCDL/jre...ows-i586-jc.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {A93B47FD-9BF6-4DA8-97FC-9270B9D64A6C} - http://www.4xem.com/downloads/cab/WLPTG/h263ctrl.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab O16 - DPF: {D1D98C0F-A339-42AB-BD5F-EA0FF5D0E65F} (RockYou Image Uploader Control) - http://www.rockyou.com/RockYouImageUploader.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C1} - http://67.15.101.3/g_bin/eng/billard8_2_0_0_24.cab O18 - Protocol: intu-ir2007 - {52BAEC6B-9405-46F9-A131-6D50720A3CC4} - C:\Program Files\ImpotRapide 2007\ic2007pp.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\UnivLaval\cvpnd.exe O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxLiveShare.exe O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCom\RoxUpnpRenderer.exe O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe -- End of file - 16388 bytes This post has been edited by psm343: Feb 16 2009, 09:34 PM Attached File(s) VundoFix.txt ( 159bytes ) Number of downloads: 152

handhfan View Member Profile	Feb 17 2009, 12:32 AM Post #2
GeekU Moderator Posts: 8,651 From: Massachusetts OS: Windows XP Pro, Windows 7 Pro 64- and 32-bit; Virtual PC	Hello, psm343, and welcome to GeeksToGo! Download OTListIt2 to your desktop. Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted. When the window appears, underneath Output at the top change it to Minimal Output. Check the boxes beside LOP Check and Purity Check. Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long. When the scan completes, it will open two notepad windows. OTListIt.Txt and Extras.Txt. These are saved in the same location as OTListIt2. Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them all in. The log for OTListIt2 will be very long and may not fit in one post, since there is a character limit on posts. Please make sure that it didn't get cut off, and feel free to post the rest of it in a separate reply.

psm343 View Member Profile	Feb 17 2009, 06:39 PM Post #3
Member Posts: 14 OS: xp	Hello handhfan, These files of OTListIt2. OTListIt logfile created on: 2009-02-17 19:22:51 - Run OTListIt2 by OldTimer - Version 2.0.0.16 Folder = C:\Documents and Settings\Pierre\Bureau Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000C0C \| Country: Canada \| Language: FRC \| Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory \| 2,00 Gb Available Physical Memory \| 100,00% Memory free 4,00 Gb Paging File \| 3,97 Gb Available in Paging File \| 99,24% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072; %SystemDrive% = C: \| %SystemRoot% = C:\WINDOWS \| %ProgramFiles% = C:\Program Files Drive C: \| 67,71 Gb Total Space \| 15,72 Gb Free Space \| 23,22% Space Free \| Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Drive J: \| 78,24 Gb Total Space \| 15,10 Gb Free Space \| 19,30% Space Free \| Partition Type: NTFS Computer Name: PIERREDELL Current User Name: Pierre Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Output = Minimal File Age = 30 Days Company Name Whitelist: On ========== Processes (SafeList) ========== PRC - C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.) PRC - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software) PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software) PRC - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.) PRC - C:\Program Files\UnivLaval\cvpnd.exe (Cisco Systems, Inc.) PRC - C:\WINDOWS\system32\gearsec.exe (GEAR Software) PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.) PRC - C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe (Microsoft Corporation) PRC - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe (Symantec Corporation) PRC - C:\WINDOWS\system32\HPZipm12.exe (HP) PRC - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe (Sonic Solutions) PRC - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe (Sonic Solutions) PRC - C:\WINDOWS\system32\tcpsvcs.exe (Microsoft Corporation) PRC - C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.) PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software) PRC - C:\Program Files\Windows Live\Messenger\usnsvc.exe (Microsoft Corporation) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (RealNetworks, Inc.) PRC - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.) PRC - C:\Documents and Settings\Pierre\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.) PRC - C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye.exe (MétéoMédia/The Weather Network) PRC - C:\WINDOWS\system32\wuauclt.exe (Microsoft Corporation) PRC - C:\Documents and Settings\Pierre\Bureau\OTListIt2.exe (OldTimer Tools) ========== Win32 Services (SafeList) ========== SRV - (Apple Mobile Device [Auto \| Running]) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.) SRV - (aspnet_state [On_Demand \| Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation) SRV - (aswUpdSv [Auto \| Running]) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software) SRV - (Ati HotKey Poller [Auto \| Running]) -- C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.) SRV - (avast! Antivirus [Auto \| Running]) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software) SRV - (avast! Mail Scanner [On_Demand \| Running]) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software) SRV - (avast! Web Scanner [On_Demand \| Stopped]) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software) SRV - (Bonjour Service [Auto \| Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.) SRV - (CCALib8 [Auto \| Running]) -- C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.) SRV - (clr_optimization_v2.0.50727_32 [On_Demand \| Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (CVPND [Auto \| Running]) -- C:\Program Files\UnivLaval\cvpnd.exe (Cisco Systems, Inc.) SRV - (FontCache3.0.0.0 [On_Demand \| Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) SRV - (GEARSecurity [Auto \| Running]) -- C:\WINDOWS\system32\gearsec.exe (GEAR Software) SRV - (getPlus® Helper [On_Demand \| Stopped]) -- C:\Program Files\NOS\bin\getPlus_HelperSvc.exe (NOS Microsystems Ltd.) SRV - (gusvc [On_Demand \| Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google) SRV - (helpsvc [Auto \| Running]) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll (Microsoft Corporation) SRV - (IDriverT [On_Demand \| Stopped]) -- C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation) SRV - (idsvc [Unknown \| Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation) SRV - (iPod Service [On_Demand \| Stopped]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.) SRV - (JavaQuickStarterService [Auto \| Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.) SRV - (MDM [Auto \| Running]) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe (Microsoft Corporation) SRV - (MSCSPTISRV [On_Demand \| Stopped]) -- C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation) SRV - (NetSvc [On_Demand \| Stopped]) -- C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe (Intel® Corporation) SRV - (NetTcpPortSharing [Disabled \| Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation) SRV - (Norton Ghost [Auto \| Running]) -- C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe (Symantec Corporation) SRV - (PACSPTISVR [On_Demand \| Stopped]) -- C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe (Sony Corporation) SRV - (Pml Driver HPZ12 [Auto \| Running]) -- C:\WINDOWS\system32\HPZipm12.exe (HP) SRV - (RoxLiveShare [Auto \| Stopped]) -- C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxLiveShare.exe (Sonic Solutions) SRV - (RoxMediaDB [On_Demand \| Running]) -- C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe (Sonic Solutions) SRV - (RoxUPnPRenderer [On_Demand \| Stopped]) -- C:\Program Files\Fichiers communs\Roxio Shared\SharedCom\RoxUpnpRenderer.exe (Sonic Solutions) SRV - (RoxUpnpServer [Auto \| Stopped]) -- C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe (Sonic Solutions) SRV - (RoxWatch [Auto \| Running]) -- C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe (Sonic Solutions) SRV - (SimpTcp [Auto \| Running]) -- C:\WINDOWS\system32\tcpsvcs.exe (Microsoft Corporation) SRV - (SPTISRV [On_Demand \| Stopped]) -- C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation) SRV - (SSScsiSV [On_Demand \| Stopped]) -- C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe (Sony Corporation) SRV - (usnjsvc [On_Demand \| Running]) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe (Microsoft Corporation) SRV - (WinDefend [Auto \| Running]) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) SRV - (WLSetupSvc [On_Demand \| Stopped]) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe (Microsoft Corporation) SRV - (WMPNetworkSvc [On_Demand \| Stopped]) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (WudfSvc [Auto \| Running]) -- C:\WINDOWS\system32\WudfSvc.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (Aavmker4 [System \| Running]) -- C:\WINDOWS\system32\drivers\aavmker4.sys (ALWIL Software) DRV - (AliIde [Disabled \| Stopped]) -- C:\WINDOWS\system32\drivers\aliide.sys (Acer Laboratories Inc.) DRV - (amdagp [Disabled \| Stopped]) -- C:\WINDOWS\system32\drivers\amdagp.sys (Advanced Micro Devices, Inc.) DRV - (asc [Disabled \| Stopped]) -- C:\WINDOWS\system32\drivers\asc.sys (Advanced System Products, Inc.) DRV - (asc3550 [Disabled \| Stopped]) -- C:\WINDOWS\system32\drivers\asc3550.sys (Advanced System Products, Inc.) DRV - (ASPI32 [System \| Running]) -- C:\WINDOWS\system32\drivers\aspi32.sys (Adaptec) DRV - (aswFsBlk [Auto \| Running]) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys (ALWIL Software) DRV - (aswMon2 [Auto \| Running]) -- C:\WINDOWS\system32\drivers\aswmon2.sys (ALWIL Software) DRV - (aswRdr [On_Demand \| Running]) -- C:\WINDOWS\system32\drivers\aswRdr.sys (ALWIL Software) DRV - (aswSP [System \| Running]) -- C:\WINDOWS\system32\drivers\aswSP.sys (ALWIL Software) DRV - (aswTdi [System \| Running]) -- C:\WINDOWS\system32\drivers\aswTdi.sys (ALWIL Software) DRV - (ati2mtag [On_Demand \| Running]) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.) DRV - (cdudf_xp [System \| Running]) -- C:\WINDOWS\system32\drivers\Cdudf_xp.sys (Sonic Solutions) DRV - (CmdIde [Disabled \| Stopped]) -- C:\WINDOWS\system32\drivers\cmdide.sys (CMD Technology, Inc.) DRV - (CVirtA [On_Demand \| Stopped]) -- C:\WINDOWS\system32\drivers\CVirtA.sys (Cisco Systems, Inc.) DRV - (CVPNDRVA [Auto \| Running]) -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys (Cisco Systems, Inc.) DRV - (dac2w2k [Disabled \| Stopped]) -- C:\WINDOWS\system32\drivers\dac2w2k.sys (Mylex Corporation) DRV - (DNE [On_Demand \| Running]) -- C:\WINDOWS\system32\drivers\dne2000.sys (Deterministic Networks, Inc.) DRV - (driverhardwarev2 [On_Demand \| Stopped]) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys (Ma-Config.com) DRV - (drvmcdb [Boot \| Running]) -- C:\WINDOWS\system32\drivers\drvmcdb.sys (Sonic Solutions) DRV - (drvnddm [Auto \| Running]) -- C:\WINDOWS\system32\drivers\drvnddm.sys (Sonic Solutions) DRV - (dvd_2K [On_Demand \| Running]) -- C:\WINDOWS\system32\drivers\dvd_2k.sys (Sonic Solutions) DRV - (E100B [On_Demand \| Running]) -- C:\WINDOWS\system32\drivers\e100b325.sys (Intel Corporation) DRV - (GearAspiWDM [On_Demand \| Running]) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV - (HDAudBus [On_Demand \| Running]) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows ® Server 2003 DDK provider) DRV - (HPZid412 [On_Demand \| Running]) -- C:\WINDOWS\system32\drivers\HPZid412.sys (HP) DRV - (HPZipr12 [On_Demand \| Running]) -- C:\WINDOWS\system32\drivers\HPZipr12.sys (HP) DRV - (HPZius12 [On_Demand \| Running]) -- C:\WINDOWS\system32\drivers\HPZius12.sys (HP) DRV - (kbdhid [System \| Running]) -- C:\WINDOWS\system32\drivers\kbdhid.sys (Microsoft Corporation) DRV - (lgatbus [On_Demand \| Stopped]) -- C:\WINDOWS\system32\drivers\lgatbus.sys (MCCI) DRV - (lgatmdm [On_Demand \| Stopped]) -- C:\WINDOWS\system32\drivers\lgatmdm.sys (MCCI) DRV - (lgatserd [On_Demand \| Stopped]) -- C:\WINDOWS\system32\drivers\lgatserd.sys (MCCI) DRV - (mmc_2K [On_Demand \| Stopped]) -- C:\WINDOWS\system32\drivers\mmc_2k.sys (Sonic Solutions) DRV - (MotDev [On_Demand \| Stopped]) -- C:\WINDOWS\system32\drivers\motodrv.sys (Motorola Inc) DRV - (motmodem [On_Demand \| Stopped]) -- C:\WINDOWS\system32\drivers\motmodem.sys (Motorola) DRV - (mraid35x [Disabled \| Stopped]) -- C:\WINDOWS\system32\drivers\mraid35x.sys (American Megatrends Inc.) DRV - (NETMDUSB [On_Demand \| Stopped]) -- C:\WINDOWS\system32\drivers\NETMDUSB.sys (Sony Corporation) DRV - (nv [On_Demand \| Stopped]) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation) DRV - (pcouffin [On_Demand \| Running]) -- C:\WINDOWS\system32\drivers\pcouffin.sys (VSO Software) DRV - (PD0620VID [On_Demand \| Stopped]) -- C:\WINDOWS\system32\drivers\P0620Vid.sys (Creative Technology Ltd.) DRV - (PQIMount [System \| Running]) -- C:\WINDOWS\system32\drivers\PQIMount.sys (PowerQuest Corporation) DRV - (PQNTDrv [System \| Running]) -- C:\WINDOWS\system32\drivers\PQNTDRV.sys (PowerQuest Corporation) DRV - (PQV2i [Boot \| Running]) -- C:\WINDOWS\system32\drivers\PQV2i.sys (StorageCraft) DRV - (Ptilink [On_Demand \| Running]) -- C:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.) DRV - (pwd_2k [System \| Running]) -- C:\WINDOWS\system32\drivers\Pwd_2k.sys (Sonic Solutions) DRV - (PxHelp20 [Boot \| Running]) -- C:\WINDOWS\system32\drivers\pxhelp20.sys (Sonic Solutions) DRV - (ql1080 [Disabled \| Stopped]) -- C:\WINDOWS\system32\drivers\ql1080.sys (QLogic Corporation) DRV - (ql12160 [Disabled \| Stopped]) -- C:\WINDOWS\system32\drivers\ql12160.sys (QLogic Corporation) DRV - (ql1280 [Disabled \| Stopped]) -- C:\WINDOWS\system32\drivers\ql1280.sys (QLogic Corporation) DRV - (RxFilter [System \| Running]) -- C:\WINDOWS\system32\drivers\RxFilter.sys (Sonic Solutions) DRV - (Secdrv [On_Demand \| Stopped]) -- C:\WINDOWS\system32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) DRV - (Ser2pl [On_Demand \| Running]) -- C:\WINDOWS\system32\drivers\ser2pl.sys (Prolific Technology Inc.) DRV - (sermouse [On_Demand \| Stopped]) -- C:\WINDOWS\system32\drivers\sermouse.sys (Microsoft Corporation) DRV - (sisagp [Disabled \| Stopped]) -- C:\WINDOWS\system32\drivers\sisagp.sys (Silicon Integrated Systems Corporation) DRV - (Sparrow [Disabled \| Stopped]) -- C:\WINDOWS\system32\drivers\sparrow.sys (Adaptec, Inc.) DRV - (sscdbhk5 [System \| Running]) -- C:\WINDOWS\system32\drivers\sscdbhk5.sys (Sonic Solutions) DRV - (ssrtln [System \| Running]) -- C:\WINDOWS\system32\drivers\ssrtln.sys (Sonic Solutions) DRV - (STHDA [On_Demand \| Running]) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.) DRV - (symc810 [Disabled \| Stopped]) -- C:\WINDOWS\system32\drivers\symc810.sys (Symbios Logic Inc.) DRV - (symc8xx [Disabled \| Stopped]) -- C:\WINDOWS\system32\drivers\symc8xx.sys (LSI Logic) DRV - (sym_hi [Disabled \| Stopped]) -- C:\WINDOWS\system32\drivers\sym_hi.sys (LSI Logic) DRV - (sym_u3 [Disabled \| Stopped]) -- C:\WINDOWS\system32\drivers\sym_u3.sys (LSI Logic) DRV - (tfsnboio [Auto \| Running]) -- C:\WINDOWS\system32\dla\tfsnboio.sys (Sonic Solutions) DRV - (tfsncofs [Auto \| Running]) -- C:\WINDOWS\system32\dla\tfsncofs.sys (Sonic Solutions) DRV - (tfsndrct [Auto \| Running]) -- C:\WINDOWS\system32\dla\tfsndrct.sys (Sonic Solutions) DRV - (tfsndres [Auto \| Running]) -- C:\WINDOWS\system32\dla\tfsndres.sys (Sonic Solutions) DRV - (tfsnifs [Auto \| Running]) -- C:\WINDOWS\system32\dla\tfsnifs.sys (Sonic Solutions) DRV - (tfsnopio [Auto \| Running]) -- C:\WINDOWS\system32\dla\tfsnopio.sys (Sonic Solutions) DRV - (tfsnpool [Auto \| Running]) -- C:\WINDOWS\system32\dla\tfsnpool.sys (Sonic Solutions) DRV - (tfsnudf [Auto \| Running]) -- C:\WINDOWS\system32\dla\tfsnudf.sys (Sonic Solutions) DRV - (tfsnudfa [Auto \| Running]) -- C:\WINDOWS\system32\dla\tfsnudfa.sys (Sonic Solutions) DRV - (tmcomm [Auto \| Running]) -- C:\WINDOWS\system32\drivers\tmcomm.sys (Trend Micro Inc.) DRV - (ultra [Disabled \| Stopped]) -- C:\WINDOWS\system32\drivers\ultra.sys (Promise Technology, Inc.) DRV - (USBAAPL [On_Demand \| Stopped]) -- C:\WINDOWS\system32\drivers\usbaapl.sys (Apple, Inc.) DRV - (vsdatant [On_Demand \| Stopped]) -- C:\WINDOWS\system32\vsdatant.sys (Zone Labs LLC) DRV - (Wdf01000 [On_Demand \| Stopped]) -- C:\WINDOWS\system32\drivers\wdf01000.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Reg Error: Invalid data type. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = Reg Error: Invalid data type. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerm...tf8&oe=utf8 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.canoe.ca/accueil.html IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1 O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll (TechSmith Corporation) O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.) O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - Reg Error: Key error. File not found O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions) O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - Reg Error: Key error. File not found O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (ST) - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar3.dll (Google Inc.) O2 - BHO: (MSNToolBandBHO) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr-ca\msntb.dll (Microsoft Corporation) O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar3.dll (Google Inc.) O3 - HKLM\..\Toolbar: (SnagIt) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll (TechSmith Corporation) O3 - HKLM\..\Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - Reg Error: Key error. File not found O3 - HKLM\..\Toolbar: (MSN) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr-ca\msntb.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.) O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar3.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - Reg Error: Key error. File not found O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar3.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key error. File not found O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - Reg Error: Key error. File not found O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr-ca\msntb.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.) O4 - HKLM..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot (RealNetworks, Inc.) O4 - HKCU..\Run: [Google Update] "C:\Documents and Settings\Pierre\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c (Google Inc.) O4 - HKCU..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" (Ahead Software AG) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited) O4 - HKCU..\Run: [WeatherEye] C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye.exe (MétéoMédia/The Weather Network) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Universite Laval Client VPN ULaval.lnk = C:\Program Files\UnivLaval\vpngui.exe (Cisco Systems, Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoComputersNearMe = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: NoActiveDesktopChanges = [binary data] O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: NoActiveDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: NoSaveSettings = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: ClassicShell = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: &Google Search - Reg Error: Value error. O8 - Extra context menu item: &Translate English Word - Reg Error: Value error. O8 - Extra context menu item: + Offline &Explorer: Download the link - file://C:\Program Files\Offline Explorer Enterprise\Add_UrlO.htm O8 - Extra context menu item: + Offline E&xplorer: Download the current page - file://C:\Program Files\Offline Explorer Enterprise\Add_AllO.htm O8 - Extra context menu item: Backward Links - Reg Error: Value error. O8 - Extra context menu item: Cached Snapshot of Page - Reg Error: Value error. O8 - Extra context menu item: E&xport to Microsoft Excel - Reg Error: Value error. O8 - Extra context menu item: Similar Pages - Reg Error: Value error. O8 - Extra context menu item: Translate Page into English - Reg Error: Value error. O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation) O9 - Extra Button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - File not found O9 - Extra 'Tools' menuitem : PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe () O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O12 - Plugin for: .csm - C:\Program Files\Internet Explorer\PLUGINS\npchime.dll (MDL Information Systems, Inc (Elsevier MDL)) O12 - Plugin for: .csml - C:\Program Files\Internet Explorer\PLUGINS\npchime.dll (MDL Information Systems, Inc (Elsevier MDL)) O12 - Plugin for: .cub - C:\Program Files\Internet Explorer\PLUGINS\npchime.dll (MDL Information Systems, Inc (Elsevier MDL)) O12 - Plugin for: .cube - C:\Program Files\Internet Explorer\PLUGINS\npchime.dll (MDL Information Systems, Inc (Elsevier MDL)) O12 - Plugin for: .dx - C:\Program Files\Internet Explorer\PLUGINS\npchime.dll (MDL Information Systems, Inc (Elsevier MDL)) O12 - Plugin for: .emb - C:\Program Files\Internet Explorer\PLUGINS\npchime.dll (MDL Information Systems, Inc (Elsevier MDL)) O12 - Plugin for: .embl - C:\Program Files\Internet Explorer\PLUGINS\npchime.dll (MDL Information Systems, Inc (Elsevier MDL)) O12 - Plugin for: .gau - C:\Program Files\Internet Explorer\PLUGINS\npchime.dll (MDL Information Systems, Inc (Elsevier MDL)) O12 - Plugin for: .jdx - C:\Program Files\Internet Explorer\PLUGINS\npchime.dll (MDL Information Systems, Inc (Elsevier MDL)) O12 - Plugin for: .mol - C:\Program Files\Internet Explorer\PLUGINS\npchime.dll (MDL Information Systems, Inc (Elsevier MDL)) O12 - Plugin for: .mop - C:\Program Files\Internet Explorer\PLUGINS\npchime.dll (MDL Information Systems, Inc (Elsevier MDL)) O12 - Plugin for: .pdb - C:\Program Files\Internet Explorer\PLUGINS\npchime.dll (MDL Information Systems, Inc (Elsevier MDL)) O12 - Plugin for: .rxn - C:\Program Files\Internet Explorer\PLUGINS\npchime.dll (MDL Information Systems, Inc (Elsevier MDL)) O12 - Plugin for: .scr - C:\Program Files\Internet Explorer\PLUGINS\npchime.dll (MDL Information Systems, Inc (Elsevier MDL)) O12 - Plugin for: .skc - C:\Program Files\Internet Explorer\PLUGINS\npchime.dll (MDL Information Systems, Inc (Elsevier MDL)) O12 - Plugin for: .spt - C:\Program Files\Internet Explorer\PLUGINS\npchime.dll (MDL Information Systems, Inc (Elsevier MDL)) O12 - Plugin for: .tgf - C:\Program Files\Internet Explorer\PLUGINS\npchime.dll (MDL Information Systems, Inc (Elsevier MDL)) O12 - Plugin for: .xyz - C:\Program Files\Internet Explorer\PLUGINS\npchime.dll (MDL Information Systems, Inc (Elsevier MDL)) O15 - HKLM\..Trusted Domains: 46 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKCU\..Trusted Domains: radioenergie.com ([www] http in Sites de confiance) O15 - HKCU\..Trusted Domains: 46 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab (Reg Error: Key error.) O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/templates/ieawsdc.cab (Reg Error: Key error.) O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object) O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.1...toUploader5.cab (Facebook Photo Uploader 5 Control) O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} https://www.epost.ca/printing/smsx.cab (MeadCo ScriptX) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool) O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab (Trend Micro ActiveX Scan Agent 6.6) O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {428A9DEF-F057-402B-9F2D-A5887F4544ED} http://download.microsoft.com/download/7/1...tualEarth3D.cab (SentinelProxy Class) O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.4.3.cab (DLM Control) O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab (MSN Photo Upload Tool) O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} http://h30155.www3.hp.com/ediags/dd/instal...nosticsxp2k.cab (DeviceEnum Class) O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} http://www.eset.eu/buxus/docs/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} http://upload.facebook.com/controls/Facebo...toUploader3.cab (Facebook Photo Uploader 4 Control) O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://www.jiwix.com/aurigma/imageuploader...geUploader5.cab (Image Uploader Control) O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/...lscbase6662.cab (Windows Live Safety Center Base Module) O16 - DPF: {68A2C3BD-7809-11D3-8ACF-0050046F2F9A} http://www.mindavenue.com/Downloads/AXELPlayerAX_Win32.cab (AXELPlayer Class) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftu...b?1191623643296 (MUWebControl Class) O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab (Reg Error: Key error.) O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} http://pix.futureshop.ca/fr/ImageUploader4.cab (Reg Error: Key error.) O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab (Reg Error: Key error.) O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://fichiers.touslesdrivers.com/fichier...ion_2_0_4_9.cab (HardwareDetection Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://dl8-cdn-01.sun.com/s/ESD5/JSCDL/jre...ows-i586-jc.cab (Java Plug-in 1.6.0_11) O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab (Reg Error: Key error.) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {A93B47FD-9BF6-4DA8-97FC-9270B9D64A6C} http://www.4xem.com/downloads/cab/WLPTG/h263ctrl.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_06) O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_09) O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_10) O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_11) O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_01) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab (get_atlcom Class) O16 - DPF: {D1D98C0F-A339-42AB-BD5F-EA0FF5D0E65F} http://www.rockyou.com/RockYouImageUploader.cab (RockYou Image Uploader Control) O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab (Reg Error: Key error.) O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C1} http://67.15.101.3/g_bin/eng/billard8_2_0_0_24.cab (Reg Error: Key error.) O18 - Protocol\Handler\intu-ir2007 {52BAEC6B-9405-46f9-A131-6D50720A3CC4} - C:\Program Files\ImpotRapide 2007\ic2007pp.dll (Intuit Canada, a general partnership/une société en nom collectif.) O18 - Protocol\Handler\ipp Reg Error: Value error. - Reg Error: Key error. File not found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp Reg Error: Value error. - Reg Error: Key error. File not found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - Autorun File - C:\AUTOEXEC.BAT () - [ NTFS ] ========== Files/Folders - Created Within 30 Days ========== [2009-02-17 19:19:32 \| 00,491,520 \| ---- \| C] (OldTimer Tools) -- C:\Documents and Settings\Pierre\Bureau\OTListIt2.exe [2009-02-16 19:22:33 \| 00,000,000 \| ---D \| C] -- C:\Program Files\EsetOnlineScanner [2009-02-16 07:38:59 \| 00,001,730 \| ---- \| C] () -- C:\Documents and Settings\Pierre\Bureau\avast! Antivirus.lnk [2009-02-16 00:20:52 \| 00,000,000 \| -HSD \| C] -- C:\RECYCLER [2009-02-15 20:48:37 \| 00,000,216 \| ---- \| C] () -- C:\Boot.bak [2009-02-15 20:48:35 \| 00,263,488 \| ---- \| C] () -- C:\cmldr [2009-02-15 20:48:30 \| 00,000,000 \| RHSD \| C] -- C:\cmdcons [2009-02-15 20:46:00 \| 00,212,480 \| ---- \| C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2009-02-15 20:46:00 \| 00,161,792 \| ---- \| C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2009-02-15 20:46:00 \| 00,136,704 \| ---- \| C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2009-02-15 20:46:00 \| 00,098,816 \| ---- \| C] () -- C:\WINDOWS\sed.exe [2009-02-15 20:46:00 \| 00,089,504 \| ---- \| C] (Smallfrogs Studio) -- C:\WINDOWS\fdsv.exe [2009-02-15 20:46:00 \| 00,080,412 \| ---- \| C] () -- C:\WINDOWS\grep.exe [2009-02-15 20:46:00 \| 00,068,096 \| ---- \| C] () -- C:\WINDOWS\zip.exe [2009-02-15 20:46:00 \| 00,049,152 \| ---- \| C] () -- C:\WINDOWS\VFIND.exe [2009-02-15 20:46:00 \| 00,029,696 \| ---- \| C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2009-02-15 20:45:55 \| 00,000,000 \| ---D \| C] -- C:\Qoobox [2009-02-15 20:44:14 \| 02,923,783 \| R--- \| C] () -- C:\Documents and Settings\Pierre\Bureau\ComboFix.exe [2009-02-15 11:55:17 \| 00,000,424 \| -H-- \| C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{36CBA60C-7524-4747-B31C-EB7757F7E2FD}.job [2009-02-14 08:31:06 \| 16,409,960 \| ---- \| C] (Safer Networking Limited ) -- C:\Documents and Settings\Pierre\Bureau\spybotsd162.exe [2009-02-01 10:36:34 \| 00,218,651 \| ---- \| C] () -- C:\Documents and Settings\Pierre\Bureau\Antivirus2.jpg [2009-02-01 10:34:43 \| 00,214,319 \| ---- \| C] () -- C:\Documents and Settings\Pierre\Bureau\Antivirus.jpg [2009-02-01 09:54:47 \| 00,001,564 \| ---- \| C] () -- C:\Documents and Settings\Pierre\Bureau\Invite de commandes.lnk [2009-01-31 09:13:16 \| 00,000,238 \| ---- \| C] () -- C:\Documents and Settings\Pierre\Bureau\RockYou.com - Photo sharing, MySpace slideshows, MySpace codes, MySpace music.url [2009-01-20 21:53:39 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Pierre\Application Data\Mozilla [2009-01-19 23:36:02 \| 00,102,664 \| ---- \| C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys ========== Files - Modified Within 30 Days ========== [8 C:\WINDOWS\System32\.tmp files] [1 C:\WINDOWS\.tmp files] [2009-02-17 19:19:33 \| 00,491,520 \| ---- \| M] (OldTimer Tools) -- C:\Documents and Settings\Pierre\Bureau\OTListIt2.exe [2009-02-17 19:11:11 \| 00,002,206 \| ---- \| M] () -- C:\WINDOWS\System32\wpa.dbl [2009-02-17 17:30:49 \| 00,000,930 \| ---- \| M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-656630978-2109668801-1941713988-1006.job [2009-02-17 17:04:52 \| 00,000,330 \| -H-- \| M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job [2009-02-17 17:04:34 \| 00,000,424 \| -H-- \| M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{3F8A254C-948A-49BE-9C1E-9E59C86933F2}.job [2009-02-17 17:01:49 \| 00,000,006 \| -H-- \| M] () -- C:\WINDOWS\tasks\SA.DAT [2009-02-17 17:01:40 \| 00,002,048 \| --S- \| M] () -- C:\WINDOWS\bootstat.dat [2009-02-17 17:01:37 \| 32,192,79872 \| -HS- \| M] () -- C:\hiberfil.sys [2009-02-16 21:42:56 \| 00,000,377 \| ---- \| M] () -- C:\Documents and Settings\Pierre\Bureau\Vidéotron Libre-Service Consommation Internet.url [2009-02-16 21:42:45 \| 00,003,745 \| ---- \| M] () -- C:\Documents and Settings\Pierre\Bureau\CaptiveWorks CW-600 - FTABins.NET The Greatest FTA Community on the NET!.url [2009-02-16 19:20:08 \| 00,000,424 \| -H-- \| M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{36CBA60C-7524-4747-B31C-EB7757F7E2FD}.job [2009-02-16 15:54:48 \| 00,000,116 \| ---- \| M] () -- C:\WINDOWS\NeroDigital.ini [2009-02-16 07:38:59 \| 00,001,730 \| ---- \| M] () -- C:\Documents and Settings\Pierre\Bureau\avast! Antivirus.lnk [2009-02-15 21:40:13 \| 00,000,227 \| ---- \| M] () -- C:\WINDOWS\system.ini [2009-02-15 20:55:57 \| 00,000,027 \| ---- \| M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2009-02-15 20:48:37 \| 00,000,286 \| RHS- \| M] () -- C:\boot.ini [2009-02-15 20:44:23 \| 02,923,783 \| R--- \| M] () -- C:\Documents and Settings\Pierre\Bureau\ComboFix.exe [2009-02-15 19:11:09 \| 00,000,244 \| -H-- \| M] () -- C:\sqmnoopt04.sqm [2009-02-15 19:11:09 \| 00,000,232 \| -H-- \| M] () -- C:\sqmdata04.sqm [2009-02-15 19:10:20 \| 00,000,244 \| -H-- \| M] () -- C:\sqmnoopt03.sqm [2009-02-15 19:10:20 \| 00,000,232 \| -H-- \| M] () -- C:\sqmdata03.sqm [2009-02-15 10:21:55 \| 00,002,703 \| ---- \| M] () -- C:\Documents and Settings\Pierre\Bureau\Facebook Home (2).url [2009-02-15 10:09:55 \| 00,045,056 \| ---- \| M] () -- C:\Documents and Settings\Pierre\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-02-15 10:01:23 \| 00,000,277 \| ---- \| M] () -- C:\Documents and Settings\Pierre\Bureau\Blog à Pierre.url [2009-02-15 09:43:15 \| 00,000,201 \| ---- \| M] () -- C:\Documents and Settings\Pierre\Bureau\Poker - Vendredi soir.url [2009-02-14 11:11:05 \| 00,000,297 \| ---- \| M] () -- C:\Documents and Settings\Pierre\Bureau\Expressfr.com • Voir le forum - CW-600S.url [2009-02-14 08:31:47 \| 16,409,960 \| ---- \| M] (Safer Networking Limited ) -- C:\Documents and Settings\Pierre\Bureau\spybotsd162.exe [2009-02-10 21:09:13 \| 00,001,374 \| ---- \| M] () -- C:\WINDOWS\imsins.BAK [2009-02-10 18:27:55 \| 00,003,121 \| ---- \| M] () -- C:\WINDOWS\System32\CONFIG.NT [2009-02-09 18:30:53 \| 00,000,244 \| -H-- \| M] () -- C:\sqmnoopt02.sqm [2009-02-09 18:30:53 \| 00,000,232 \| -H-- \| M] () -- C:\sqmdata02.sqm [2009-02-08 10:51:16 \| 00,000,244 \| -H-- \| M] () -- C:\sqmnoopt01.sqm [2009-02-08 10:51:16 \| 00,000,232 \| -H-- \| M] () -- C:\sqmdata01.sqm [2009-02-07 18:53:01 \| 00,000,284 \| ---- \| M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2009-02-05 17:04:13 \| 00,002,407 \| ---- \| M] () -- C:\Documents and Settings\All Users\Bureau\ZoomBrowser EX.lnk [2009-02-05 16:11:35 \| 01,256,296 \| ---- \| M] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe [2009-02-05 16:08:19 \| 00,093,296 \| ---- \| M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2009-02-05 16:08:10 \| 00,094,032 \| ---- \| M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2009-02-05 16:07:23 \| 00,114,768 \| ---- \| M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2009-02-05 16:07:12 \| 00,020,560 \| ---- \| M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2009-02-05 16:06:20 \| 00,051,376 \| ---- \| M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2009-02-05 16:06:10 \| 00,023,152 \| ---- \| M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2009-02-05 16:05:11 \| 00,026,944 \| ---- \| M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2009-02-05 16:04:45 \| 00,097,480 \| ---- \| M] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr [2009-02-03 21:08:30 \| 00,000,249 \| ---- \| M] () -- C:\Documents and Settings\Pierre\Bureau\Le blog des blogs creer un blog gratuit.url [2009-02-03 18:21:12 \| 21,244,864 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe [2009-02-01 10:37:03 \| 00,218,651 \| ---- \| M] () -- C:\Documents and Settings\Pierre\Bureau\Antivirus2.jpg [2009-02-01 10:36:01 \| 00,214,319 \| ---- \| M] () -- C:\Documents and Settings\Pierre\Bureau\Antivirus.jpg [2009-02-01 09:54:47 \| 00,001,564 \| ---- \| M] () -- C:\Documents and Settings\Pierre\Bureau\Invite de commandes.lnk [2009-01-31 09:13:16 \| 00,000,238 \| ---- \| M] () -- C:\Documents and Settings\Pierre\Bureau\RockYou.com - Photo sharing, MySpace slideshows, MySpace codes, MySpace music.url [2009-01-30 15:27:53 \| 00,000,804 \| ---- \| M] () -- C:\Documents and Settings\Pierre\Bureau\XE - Universal Currency Converter.url [2009-01-30 08:29:47 \| 00,000,244 \| -H-- \| M] () -- C:\sqmnoopt00.sqm [2009-01-30 08:29:47 \| 00,000,232 \| -H-- \| M] () -- C:\sqmdata00.sqm [2009-01-22 21:44:25 \| 00,000,164 \| ---- \| M] () -- C:\Documents and Settings\Pierre\Bureau\Hockey Pool Manager - Free 3 Week Trial.url ========== LOP Check ========== [2009-01-15 16:01:27 \| 00,000,000 \| RH-D \| M] -- C:\Documents and Settings\All Users\Application Data [2009-01-15 16:01:52 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} [2008-11-09 10:48:57 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\Adobe [2008-02-27 17:39:28 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\Apple [2008-02-27 17:42:12 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer [2008-05-25 19:56:44 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software [2007-03-13 18:42:59 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\Civil Engines [2008-11-13 20:10:55 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\DVD Shrink [2006-10-22 17:21:25 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\Google [2006-03-01 22:15:54 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\HP [2008-11-11 19:42:39 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\HP Product Assistant [2005-12-26 19:24:01 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\InstallShield [2008-03-03 13:59:47 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\Intuit Canada [2008-01-17 21:54:57 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\Lavasoft [2008-05-19 19:05:27 \| 00,000,000 \| --SD \| M] -- C:\Documents and Settings\All Users\Application Data\Microsoft [2008-11-09 10:44:59 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\NOS [2006-01-31 21:08:50 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\Roxio [2004-08-20 11:46:34 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\SBSI [2006-03-01 22:14:53 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\Sonic [2006-02-06 22:23:32 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\Sony Corporation [2009-02-14 08:37:01 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy [2006-01-28 21:55:19 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\Symantec [2009-01-02 11:58:16 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\TechSmith [2006-02-05 10:13:27 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint [2005-12-31 21:24:56 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage [2008-08-13 12:06:33 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\WLInstaller [2006-11-25 13:59:06 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion [2009-01-20 21:53:39 \| 00,000,000 \| RH-D \| M] -- C:\Documents and Settings\Pierre\Application Data [2009-01-24 21:29:30 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Adobe [2008-05-29 18:39:38 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\AdobeUM [2007-01-04 22:46:12 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Ahead [2008-08-31 20:40:36 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Apple Computer [2006-01-07 16:38:42 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\ArcSoft [2009-01-09 19:08:51 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\BitTorrent [2005-12-31 22:32:43 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Creative [2006-01-08 20:38:05 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\CyberLink [2007-01-27 15:29:55 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\DivX [2008-10-12 20:39:29 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Download Manager [2008-10-12 19:31:11 \| 00,000,000 \| ---D \|

psm343 View Member Profile	Feb 17 2009, 06:48 PM Post #4
Member Posts: 14 OS: xp	Part two: [2008-10-12 19:31:11 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\GARMIN [2006-01-23 21:01:48 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Google [2006-01-02 12:07:43 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Help [2006-07-21 17:35:35 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\HP [2004-08-20 11:41:54 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Identities [2007-12-28 13:16:09 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Image Zone Express [2008-05-25 19:30:55 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\InstallShield [2008-03-03 14:00:41 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Intuit Canada [2006-01-28 21:56:15 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\IsolatedStorage [2008-01-17 21:53:35 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Lavasoft [2005-12-31 15:57:23 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Leadertech [2007-09-26 21:37:58 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\ma-config.com [2006-01-07 21:55:58 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Macromedia [2008-09-14 14:56:10 \| 00,000,000 \| --SD \| M] -- C:\Documents and Settings\Pierre\Application Data\Microsoft [2006-01-22 17:16:00 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Microsoft Web Folders [2009-01-20 21:53:39 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Mozilla [2005-12-31 15:56:13 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\MSNInstaller [2009-01-17 09:02:31 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\NewspaperDirect [2006-11-25 10:52:56 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Offline Explorer [2007-09-22 13:12:33 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Printer Info Cache [2006-01-16 20:46:05 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Real [2007-01-13 13:31:05 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Roxio [2005-12-31 15:57:42 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Sonic [2006-11-13 17:49:16 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Sony Corporation [2007-02-05 21:41:34 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\SopCast [2005-12-26 19:17:47 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Sun [2005-12-31 10:27:37 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Symantec [2008-05-19 19:05:31 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Uniblue [2006-08-20 20:52:30 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\vlc [2008-11-13 21:38:13 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Vso [2006-10-15 12:40:17 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Windows Live Safety Center [2008-04-17 07:51:15 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\WinRAR [2009-02-07 18:53:01 \| 00,000,284 \| ---- \| M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job [2004-08-05 13:00:00 \| 00,000,065 \| RH-- \| M] () -- C:\WINDOWS\Tasks\desktop.ini [2009-02-17 17:30:49 \| 00,000,930 \| ---- \| M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-656630978-2109668801-1941713988-1006.job [2009-02-17 17:04:52 \| 00,000,330 \| -H-- \| M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job [2009-02-17 17:01:49 \| 00,000,006 \| -H-- \| M] () -- C:\WINDOWS\Tasks\SA.DAT [2009-02-16 19:20:08 \| 00,000,424 \| -H-- \| M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{36CBA60C-7524-4747-B31C-EB7757F7E2FD}.job [2009-02-17 17:04:34 \| 00,000,424 \| -H-- \| M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{3F8A254C-948A-49BE-9C1E-9E59C86933F2}.job ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 894 bytes -> C:\Documents and Settings\Pierre\Bureau\Vidéotron Libre-Service Consommation Internet.url:favicon @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Pierre\Mes documents\moto limo.jpg:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Pierre\Mes documents\Famille2A.jpg:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Pierre\Mes documents\chrcdirect.asx:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Pierre\Bureau\Antivirus2.jpg:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Pierre\Bureau\Antivirus.jpg:Roxio EMC Stream @Alternate Data Stream - 7542 bytes -> C:\Documents and Settings\Pierre\Bureau\MobilityPass provide prepaid or unlimited plan for [viewcountry] and International roaming Internet Access, WiFi hotspot, 3G, Toll Free, Dial-up, Broadband, wireless and mobile internet..url:favicon @Alternate Data Stream - 3638 bytes -> C:\Documents and Settings\Pierre\Bureau\- Caméras Québec Pont Pierre-Laporte - circulationquebec.com.url:favicon @Alternate Data Stream - 322 bytes -> C:\Documents and Settings\Pierre\Bureau\Expressfr.com • Voir le forum - CW-600S.url:favicon @Alternate Data Stream - 322 bytes -> C:\Documents and Settings\Pierre\Bureau\Expressfr - Programmation récepteurs FTA.url:favicon @Alternate Data Stream - 1718 bytes -> C:\Documents and Settings\Pierre\Bureau\Virgin Mobile - mon compte.url:favicon @Alternate Data Stream - 1406 bytes -> C:\Documents and Settings\Pierre\Bureau\Satellite-Montreal.url:favicon @Alternate Data Stream - 1406 bytes -> C:\Documents and Settings\Pierre\Bureau\eBay.ca 2 Tickets for Celine Dion 10-02-09 Quebec (Red-Loges) objet 140289437646 fin).url:favicon @Alternate Data Stream - 1150 bytes -> C:\Documents and Settings\Pierre\Bureau\XE - Universal Currency Converter.url:favicon @Alternate Data Stream - 1150 bytes -> C:\Documents and Settings\Pierre\Bureau\RockYou.com - Photo sharing, MySpace slideshows, MySpace codes, MySpace music.url:favicon @Alternate Data Stream - 1150 bytes -> C:\Documents and Settings\Pierre\Bureau\Le blog des blogs creer un blog gratuit.url:favicon @Alternate Data Stream - 1150 bytes -> C:\Documents and Settings\Pierre\Bureau\Facebook Home (2).url:favicon @Alternate Data Stream - 1150 bytes -> C:\Documents and Settings\Pierre\Bureau\CaptiveWorks CW-600 - FTABins.NET The Greatest FTA Community on the NET!.url:favicon @Alternate Data Stream - 1150 bytes -> C:\Documents and Settings\Pierre\Bureau\Blog à Pierre.url:favicon @Alternate Data Stream - 0 bytes -> C:\WINDOWS\Thumbs.db:encryptable @Alternate Data Stream - 0 bytes -> C:\Documents and Settings\Pierre\Mes documents\Thumbs.db:encryptable < End of report >

psm343 View Member Profile	Feb 17 2009, 06:51 PM Post #5
Member Posts: 14 OS: xp	Part three: OTListIt Extras logfile created on: 2009-02-17 19:22:51 - Run OTListIt2 by OldTimer - Version 2.0.0.16 Folder = C:\Documents and Settings\Pierre\Bureau Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000C0C \| Country: Canada \| Language: FRC \| Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory \| 2,00 Gb Available Physical Memory \| 100,00% Memory free 4,00 Gb Paging File \| 3,97 Gb Available in Paging File \| 99,24% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072; %SystemDrive% = C: \| %SystemRoot% = C:\WINDOWS \| %ProgramFiles% = C:\Program Files Drive C: \| 67,71 Gb Total Space \| 15,72 Gb Free Space \| 23,22% Space Free \| Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Drive J: \| 78,24 Gb Total Space \| 15,10 Gb Free Space \| 19,30% Space Free \| Partition Type: NTFS Computer Name: PIERREDELL Current User Name: Pierre Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Output = Minimal File Age = 30 Days Company Name Whitelist: On ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile "EnableFirewall" = 1 "DoNotAllowExceptions" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\IcmpSettings] ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] %windir%\Network Diagnostic\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation) C:\Program Files\Windows Live\Messenger\msnmsgr.exe::Enabled:Windows Live Messenger (Microsoft Corporation) C:\Program Files\Windows Live\Messenger\livecall.exe::Enabled:Windows Live Messenger (Phone) (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] C:\StubInstaller.exe::Enabled:LimeWire swarmed installer (LimeWire) C:\Documents and Settings\Marie\Bureau\LimeWire\LimeWire.exe::Enabled:LimeWire (Lime Wire, LLC) C:\Program Files\Real\RealPlayer\realplay.exe::Enabled:RealPlayer (RealNetworks, Inc.) C:\WINDOWS\system32\dpvsetup.exe::Enabled:Microsoft DirectPlay Voice Test (Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe::Enabled:Windows Messenger (Microsoft Corporation) C:\Program Files\HP\HP Software Update\HPWUCli.exe::Enabled:HP Software Update Client (Hewlett-Packard) C:\Program Files\BitTorrent\bittorrent.exe::Enabled:BitTorrent (BitTorrent, Inc.) J:\StubInstaller.exe::Enabled:LimeWire swarmed installer (LimeWire) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe::Enabled:hpqtra08.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe::Enabled:hpqste08.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe::Enabled:hpofxm08.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe::Enabled:hposfx08.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe::Enabled:hposid01.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe::Enabled:hpqscnvw.exe () C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe::Enabled:hpqkygrp.exe (Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe::Enabled:hpqcopy.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe::Enabled:hpfccopy.exe (Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe::Enabled:hpzwiz01.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe::Enabled:hpqphunl.exe (Hewlett-Packard) C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe::Enabled:hpqdia.exe ( ) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe::Enabled:hpoews01.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe::Enabled:hpqnrs08.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files\TribalWeb.net\tribalweb.exe::Enabled:TribalWeb.net : Réseau privé sur Internet (ShalSoft) C:\Program Files\SopCast\SopCast.exe::Enabled:SopCast Main Application (www.sopcast.com) C:\Documents and Settings\Pierre\Application Data\SopCast\adv\SopAdver.exe::Enabled:SopCast Adver (www.sopcast.com) C:\Program Files\Civil Netizen\CivilNetizen.exe::Enabled:Civil Netizen (Civil Engines Research) C:\Program Files\Motorola\Software Update\msu.exe::Enabled:msu (Motorola) C:\Program Files\BitPim\bitpimw.exe::Enabled:Open Source Mobile Phone Tool (http://www.bitpim.org) C:\Program Files\DNA\btdna.exe::Enabled:DNA (BitTorrent, Inc.) %windir%\Network Diagnostic\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation) C:\Program Files\Windows Live\Messenger\msnmsgr.exe::Enabled:Windows Live Messenger (Microsoft Corporation) C:\Program Files\Windows Live\Messenger\livecall.exe::Enabled:Windows Live Messenger (Phone) (Microsoft Corporation) C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe::Enabled:Roxio Upnp Service (Sonic Solutions) C:\Documents and Settings\Pierre\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll::Enabled:Google Talk Plugin (Google) C:\Documents and Settings\Pierre\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe::Enabled:Google Talk Plugin (Google) C:\Program Files\Bonjour\mDNSResponder.exe::Enabled:Bonjour (Apple Inc.) C:\Program Files\iTunes\iTunes.exe::Enabled:iTunes (Apple Inc.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{012E1293-EA51-4C22-9573-26E3A0F887C5}" = Channel Master "{03B1B42B-F6DE-41d9-8CFF-DC44E895C7A7}" = PhotoGallery "{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}" = CP_Package_Variety1 "{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data "{0A146245-DB79-4197-BF5D-FE1A699A2CC7}" = Camera Window DS "{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = Panneau de contrôle ATI "{0CA6047C-D28B-4295-834A-07C52BA20C2D}" = Extension de Windows Live Toolbar (Windows Live Toolbar) "{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}" = Menus intelligents (Windows Live Toolbar) "{0ED47137-C071-46CC-A243-E5E33271E10E}" = Windows Live Sign-in Assistant "{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA "{13922F10-BD74-4912-AB11-E34B35062700}" = Microsoft Calculatrice Plus "{14220DB1-DD96-4BCD-B3D5-03A4EA6631C4}" = RemoteCapture 2.7.5 "{151C555A-A9E7-4A2E-B6D7-165D04A3C956}" = Dell Picture Studio - Dell Image Expert "{16BE87BC-69F5-4D36-8CF0-E1CB3ACD5ED3}" = HP Driver Diagnostics "{172975EB-9465-4861-95B5-C7BB6D3DE62A}" = DocumentViewer "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate "{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}" = CP_Package_Variety3 "{1D13221B-42DE-4B3C-A43F-0F6AF3CF3DA2}" = Client Windows Rights Management avec Service Pack 2 "{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth "{1DA07BCA-FD11-406E-89A8-5B4496F43FC5}" = EZ Label Xpress Lite "{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD LE "{21DAFB84-2421-488F-B17D-102FF53396AA}" = Ulead DVD Player "{21DB3D90-D816-4092-A260-CA3F6B55A6DD}" = Sonic_PrimoSDK "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress "{23A7B376-BBEC-4e76-BBD7-0F155E70D74B}" = CP_Panorama1Config "{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 11 "{287E1968-462A-40EB-BA11-A557C5D64F12}" = ImpôtRapide 2006 "{2BA00471-0328-3743-93BD-FA813353A783}" = Microsoft .NET Framework 3.0 Service Pack 1 "{2C0A655C-61E7-428A-8ED2-23A3D20E7DD2}" = Data Lifeguard Tools "{2F151B50-B434-4838-B51D-70442EBA093E}" = OpenMG Secure Module 4.1.00 "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager "{3156B2FD-5C1D-4649-9FE3-EB6E77320266}" = ImpôtRapide 2007 "{318AB667-3230-41B5-A617-CB3BF748D371}" = iTunes "{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6 "{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9 "{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10 "{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11 "{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1 "{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3 "{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5 "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7 "{32BDCCB8-9DC8-496d-9DB1-F77510775BDB}" = InstantShareDevices "{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone "{36E47DA1-10E1-45d9-8B19-14D19607CDCF}" = CP_CalendarTemplates1 "{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant "{3A2AF807-9F9F-43C9-A24A-17B617238B74}" = OpenOffice.org Installer 1.0 "{3C759736-8347-4031-BB9C-D75ADFE6B101}" = Norton Ghost 9.0 "{3CCB26F5-E2A7-4C91-8340-9149D7B7C2BE}" = Virtual Earth 3D (Bêta) "{44E24545-F317-4498-B7CD-240DE7BA8DE2}" = RAW Image Task "{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm "{46761278-BF32-4008-833B-93487FF0A06E}" = MDL Chime/Chime Pro for Internet Explorer "{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Edition Découverte 3.0 "{4DBBF091-FACD-422C-B43C-786335BD5398}" = MovieEdit Task "{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant "{50E25180-3BDC-4B6D-80A2-3F1F0C9CF39D}" = Camera Window DVC "{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder "{5421155F-B033-49DB-9B33-8F80F233D4D5}" = GdiplusUpgrade "{5624C000-B109-11D4-9DB4-00E0290FCAC5}" = VPN Client "{56EE8B17-8274-418d-89AC-C057C5DB251E}" = RandMap "{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool "{59991D18-A988-45AB-B1BF-5ADE6E64CD3F}" = SnagIt 9 "{5A01C58E-B0EC-49b9-AD71-7C0468688087}" = CP_Package_Basic1 "{5B622B7A-60FB-4630-B11D-F121D20BCCD6}" = MarketResearch "{5F26311C-B135-4F7F-B11E-8E650F83651E}" = DeviceFunctionQFolder "{61DE738B-CA77-4B59-B9D3-67226BB7DCE3}" = Motorola Software Update "{64116298-93C5-401D-B06C-39D8E3338508}" = DAO "{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg "{66BA8C26-AFE4-4408-807B-43E76B57EF53}" = SkinsHP1 "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.9 "{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI "{6901DD22-527A-41EF-9059-E81FEDE9E494}" = Windows Presentation Foundation Language Pack (FRA) "{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PartitionMagic "{6C3A75A6-9A90-44A3-A703-82AC1EA6A85D}" = Camera Window MC "{6E179C77-7335-458D-9537-4F4EAC0181ED}" = Photo Click "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03 "{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme "{740DC926-B248-41DF-A38A-0675749E4361}" = ImpôtRapide 2005 "{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore "{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update "{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites pour Windows Live Toolbar "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec "{7C03270C-4FAB-4F5C-B10D-52FEDA190790}" = DocumentViewerQFolder "{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI "{81B5F83F-2291-48B0-8375-36B63A9BF5B0}" = Surligneur (Windows Live Toolbar) "{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status "{83F793B5-8BBF-42FD-A8A6-868CB3E2AAEA}" = Intel® PROSet for Wired Connections "{868901EE-7807-4F89-A134-7C705D34F91F}" = Roxio Easy Media Creator 8 Suite "{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour "{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}" = DocProc "{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player "{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload "{901F8ED7-13E8-43EF-B738-2FE89B0588EB}" = Camera Access Library "{9028040C-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional avec FrontPage "{90AF040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003 "{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy "{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack "{9FC8D8F8-AF3A-4488-98AF-51C6DEC732F2}" = c3100_Help "{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender "{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 3.0 "{A1D0D14A-B776-4907-BC00-5149F2298086}" = Camera Support Core Library "{A2EB8F2E-6D9B-4F8B-96EB-F976D33F416F}" = Camera Window DVC "{A52CA186-4DAF-4096-A993-09C032D3A448}" = PressReader "{A5BB5365-EFB4-44c3-A7E2-EB59B7EFD23D}" = CueTour "{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}" = Windows Defender Signatures "{A9F5421F-DA70-4C77-BB97-8D77EC33ED5E}" = HP Photosmart and Deskjet 7.0.A "{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic Audio module "{AC0EE5B0-A8FB-4D0A-AF03-2EDC518F841B}" = Dell Media Experience "{AC76BA86-7AD7-1036-7B44-A90000000001}" = Adobe Reader 9 - Français "{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B168C59D-5FCF-4EEC-B464-BFA7A8266150}" = Windows Communication Foundation Language Pack - FRA "{B279F2F1-3B2F-3A96-AC11-5743CD43DCCB}" = Google Talk Plugin "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B4E96960-5F6B-48B9-A5BD-6A5A9BB4F027}" = Avery Wizard 3.1 "{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1 "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player "{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}" = CP_Package_Variety2 "{B84C141C-9A13-44BE-9A69-301D7B11D836}" = Windows Workflow Foundation FR Language Pack "{B8EF780F-126C-4CF0-AAB2-1B68BF06BA1C}" = Motorola Driver Installation 3.7.0 "{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}" = Motorola Phone Tools "{BADF6744-3787-48F6-B8C9-4C4995401D65}" = Windows Live Messenger "{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation "{BB406CEB-6207-4512-9BB2-89950DC9D6B6}_is1" = ConvertXtoDVD 2.1.10.209 "{BF85A9D4-030F-4D2A-83CF-D4DDA0D3E68C}" = Ma-Config.com plugin "{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}" = Canon ZoomBrowser EX (F) "{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter "{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA "{C9D96682-5A4D-45FA-BA3E-DDCB2B0CB868}" = Safari "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}" = getPlus® for Adobe "{D6DE02C7-1F47-11D4-9515-00105AE4B89A}" = Paint Shop Pro 7 ESD "{DAFCC5EF-E4D0-47EF-8E4B-168B3644A1E3}" = Garmin City Navigator North America NT 2009 Update "{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp "{DD54CF66-090B-43E7-97C1-110EF526474D}" = ArcSoft Multimedia Email "{E3C080B0-23F5-49AF-89F8-8E8DBC89E659}" = Microsoft .NET Framework 3.0 French Language Pack "{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential "{EB866374-B705-4749-83D9-997AC77146B3}" = LGUsbDriver "{EB8C9964-09AC-48bf-8B98-027609C78251}" = C3100 "{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support "{EC905264-BCFE-423B-9C42-C3A106266790}" = SP2 de compatibilité descendante du client Windows Rights Management "{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC "{F196AC50-7C95-42E1-9947-BDAB18BF3C8C}" = Microsoft .NET Framework 2.0 Language Pack - FRA "{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan "{F49FEF83-45CA-4CE8-8304-A7372BA07AA9}" = Motorola Phone Tools "{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA "{F6970FBD-809A-4C51-BAB3-D94A04C6C8E7}" = Garmin Communicator Plugin "{F958CA02-BB40-4007-894B-258729456EE4}" = QuickTime "{FA61D601-A0FC-48BD-AE7A-54946BCD7FB6}_is1" = BitPim 1.0.5 "{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations "{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA "{FC888095-A35E-4993-A9E0-366BF6F0CCE0}" = ArcSoft PhotoImpression 5 "{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}" = Windows Live installer "{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update "7-Zip" = 7-Zip 4.57 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Shockwave Player" = Adobe Shockwave Player "ATI Display Driver" = ATI Display Driver "avast!" = avast! Antivirus "Avi2Dvd" = Avi2Dvd 0.4.4 beta "AviSynth" = AviSynth 2.5 "Channel Master" = Channel Master "Channel Master SDK" = Channel Master SDK "Civil Netizen (beta-release-8)" = Civil Netizen (beta-release-8) "Creative PD0620" = Creative WebCam Instant Driver (1.01.02.0729) "Creative WebCam Center" = Creative WebCam Center "DivX Content Uploader" = DivX Content Uploader "DVD Decrypter" = DVD Decrypter (Remove Only) "DVD Shrink_is1" = DVD Shrink 3.2 "DVDFab Decrypter_is1" = DVDFab Decrypter 3.0.7.2 "EsetOnlineScanner" = ESET Online Scanner "EVEREST Home Edition_is1" = EVEREST Home Edition v2.20 "ExtractNow_is1" = ExtractNow "FairUse Wizard 2" = FairUse Wizard 2 "FunlightEditor" = Funlight Editor "GoogleVideoPlayer" = Google Video Player "HijackThis" = HijackThis 2.0.2 "HP Document Viewer" = HP Document Viewer 5.3 "HP Imaging Device Functions" = HP Imaging Device Functions 7.0 "HP Photo & Imaging" = HP Image Zone 5.3 "HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0 "HPExtendedCapabilities" = HP Extended Capabilities 5.3 "HPOCR" = OCR Software by I.R.I.S 7.0 "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "InstallShield_{0A146245-DB79-4197-BF5D-FE1A699A2CC7}" = Canon Camera Window DSLR 5 for ZoomBrowser EX "InstallShield_{14220DB1-DD96-4BCD-B3D5-03A4EA6631C4}" = Canon Utilities RemoteCapture 2.7 "InstallShield_{1DA07BCA-FD11-406E-89A8-5B4496F43FC5}" = EZ Label Xpress Lite "InstallShield_{2F151B50-B434-4838-B51D-70442EBA093E}" = OpenMG Secure Module 4.1.00 "InstallShield_{44E24545-F317-4498-B7CD-240DE7BA8DE2}" = Canon RAW Image Task for ZoomBrowser EX "InstallShield_{4DBBF091-FACD-422C-B43C-786335BD5398}" = Canon MovieEdit Task for ZoomBrowser EX "InstallShield_{50E25180-3BDC-4B6D-80A2-3F1F0C9CF39D}" = Canon Camera Window DC_DV 6 for ZoomBrowser EX "InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PowerQuest PartitionMagic 8.0 Demo "InstallShield_{6C3A75A6-9A90-44A3-A703-82AC1EA6A85D}" = Canon Camera Window MC 6 for ZoomBrowser EX "InstallShield_{901F8ED7-13E8-43EF-B738-2FE89B0588EB}" = Canon Camera Access Library "InstallShield_{A1D0D14A-B776-4907-BC00-5149F2298086}" = Canon Camera Support Core Library "InstallShield_{A2EB8F2E-6D9B-4F8B-96EB-F976D33F416F}" = Canon Camera Window DC_DV 5 for ZoomBrowser EX "InterActual Player" = InterActual Player "KeePass Password Safe_is1" = KeePass Password Safe 1.09 "LimeWire" = LimeWire 4.18.8 "LiveUpdate" = LiveUpdate 2.0 (Symantec Corporation) "Manuel d'utilisation de Creative WebCam Instant French" = Manuel d'utilisation de Creative WebCam Instant (Français) "MetaProducts Offline Explorer Enterprise" = MetaProducts Offline Explorer Enterprise "MExplorer" = M-Explorer "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 2.0 Language Pack - FRA" = Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA "Microsoft .NET Framework 3.0 French Language Pack" = Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0 "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "MSN Toolbar" = Barre d'outils MSN "MSNINST" = MSN "Nero - Burning Rom!UninstallKey" = Nero OEM "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "OpenMG HotFix4.1-05-13-31-01" = OpenMG Limited Patch 4.1-05-13-31-01 "PartyPokerNet" = PartyPokerNet "PhotoRecord" = Canon PhotoRecord "Picasa2" = Picasa 2 "PROSet" = Intel® PRO Network Connections Drivers "R for Windows 2.7.2_is1" = R for Windows 2.7.2 "R for Windows_is1" = R for Windows 2.2.1 "RealPlayer 6.0" = RealPlayer "RegistryBooster 2_is1" = Uniblue RegistryBooster 2 "Satellite Antenna Alignment_is1" = Satellite Antenna Alignment v2.37.2 "SereneScreen Marine Aquarium 2 + Time" = SereneScreen Marine Aquarium 2 + Time "ShalSoft.TribalWeb.net_is1" = TribalWeb.net "SopCast" = SopCast 1.1.1 "ST6UNST #1" = 500 From Special K Software "SUPER ©" = SUPER © Version 2007.bld.21 (Jan 4, 2007) "ViewpointMediaPlayer" = Viewpoint Media Player "VLC media player" = VideoLAN VLC media player 0.8.4 "VSO DivxToDVD_is1" = DivxToDVD 0.5.2 "Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 "Weather Services" = Weather Services "WIC" = Windows Imaging Component "WinAce Archiver" = WinAce Archiver "Winamp" = Winamp (remove only) "Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Lecteur Windows Media 11 "Windows XP Service" = Windows XP Service Pack 3 "WinRAR archiver" = Archiveur WinRAR "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 "Yahoo! Companion" = Yahoo! Toolbar "Yahoo! Toolbar" = Yahoo! Toolbar ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "BitTorrent" = BitTorrent "MétéoIMédia" = MétéoIMédia ========== Last 10 Event Log Errors ========== [ Antivirus Events ] Error - 2008-10-14 20:13:07 \| Computer Name = PIERREDELL \| Source = avast! \| ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\DOCUMENTS AND SETTINGS\PASCAL\LOCAL SETTINGS\APPLICATION DATA\MICROSOFT\WINDOWS LIVE CONTACTS\PSMITHY43@HOTMAIL.COM\SHADOW\CONTACTCOLL.CACHE failed, 00000005. Error - 2008-10-14 20:13:07 \| Computer Name = PIERREDELL \| Source = avast! \| ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\DOCUMENTS AND SETTINGS\PASCAL\LOCAL SETTINGS\APPLICATION DATA\MICROSOFT\WINDOWS LIVE CONTACTS\PSMITHY43@HOTMAIL.COM\SHADOW\MEMBERS.STG failed, 00000005. Error - 2008-11-21 22:02:48 \| Computer Name = PIERREDELL \| Source = avast! \| ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\DOCUMENTS AND SETTINGS\MARIE\CONTACTS\MARYEVE04@HOTMAIL.COM\CONTACTCOLL.CACHE failed, 00000005. Error - 2009-02-15 20:55:32 \| Computer Name = PIERREDELL \| Source = avast! \| ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\DOCUMENTS AND SETTINGS\PIERRE\APPLICATION DATA\MICROSOFT\INSTALLER\{16BE87BC-69F5-4D36-8CF0-E1CB3ACD5ED3}\1036.MST failed, 00000005. [ Application Events ] Error - 2009-02-12 18:04:22 \| Computer Name = PIERREDELL \| Source = Application Hang \| ID = 1002 Description = Application bloquée iexplore.exe, version 7.0.6000.16791, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. Error - 2009-02-12 18:04:25 \| Computer Name = PIERREDELL \| Source = Application Hang \| ID = 1001 Description = Détecteur d'erreurs 1110235319. Error - 2009-02-14 09:28:24 \| Computer Name = PIERREDELL \| Source = Application Error \| ID = 1000 Description = Application défaillante ghosttray.exe, version 9.0.0.2583, module défaillant ghosttray.exe, version 9.0.0.2583, adresse de défaillance 0x00095e87. Error - 2009-02-14 09:28:31 \| Computer Name = PIERREDELL \| Source = Application Error \| ID = 1001 Description = Détecteur d'erreurs 127691310. Error - 2009-02-15 20:49:03 \| Computer Name = PIERREDELL \| Source = Application Error \| ID = 1000 Description = Application défaillante iexplore.exe, version 7.0.6000.16791, module défaillant scnrc.dll, version 1.9.6662.1, adresse de défaillance 0x0003c733. Error - 2009-02-15 20:49:18 \| Computer Name = PIERREDELL \| Source = Application Error \| ID = 1001 Description = Détecteur d'erreurs 1138854429. Error - 2009-02-15 21:53:38 \| Computer Name = PIERREDELL \| Source = crypt32 \| ID = 131080 Description = Échec de la récupération de la mise à jour automatique du numéro de séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> avec l'erreur : A connection with the server could not be established Error - 2009-02-15 21:53:38 \| Computer Name = PIERREDELL \| Source = crypt32 \| ID = 131080 Description = Échec de la récupération de la mise à jour automatique du numéro de séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> avec l'erreur : A connection with the server could not be established Error - 2009-02-15 22:14:25 \| Computer Name = PIERREDELL \| Source = Application Hang \| ID = 1002 Description = Application bloquée TeaTimer.exe, version 1.6.4.26, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. Error - 2009-02-15 23:00:24 \| Computer Name = PIERREDELL \| Source = Application Error \| ID = 1000 Description = Application défaillante teatimer.exe, version 1.6.4.26, module défaillant teatimer.exe, version 1.6.4.26, adresse de défaillance 0x0006e60e. [ System Events ] Error - 2009-02-14 11:59:13 \| Computer Name = PIERREDELL \| Source = Print \| ID = 6161 Description = Impossible d'imprimer le document https://ecomm.dell.com/dellstore/PopUps/pop...rify_print_cart appartenant à Pierre sur l'imprimante HP Photosmart C3100 series. Type de données : NT EMF 1.008. Taille du fichier spoule en octets : 338656. Nombre d'octets imprimés : 338656. Nombre de pages dans le document : 3. Nombre de pages imprimées : 0. Ordinateur client : \\PIERREDELL. Le code d'erreur Win32 renvoyé par le processeur d'impression était : 0 (0x0). Error - 2009-02-14 12:17:31 \| Computer Name = PIERREDELL \| Source = Print \| ID = 6161 Description = Impossible d'imprimer le document http://www1.ca.dell.com/content/products/p...details.aspx/la appartenant à Pierre sur l'imprimante HP Photosmart C3100 series. Type de données : NT EMF 1.008. Taille du fichier spoule en octets : 888176. Nombre d'octets imprimés : 888176. Nombre de pages dans le document : 2. Nombre de pages imprimées : 0. Ordinateur client : \\PIERREDELL. Le code d'erreur Win32 renvoyé par le processeur d'impression était : 0 (0x0). Error - 2009-02-15 16:12:44 \| Computer Name = PIERREDELL \| Source = Print \| ID = 6161 Description = Impossible d'imprimer le document Sans titre - Bloc-notes appartenant à Pierre sur l'imprimante HP Photosmart C3100 series. Type de données : NT EMF 1.008. Taille du fichier spoule en octets : 5052. Nombre d'octets imprimés : 5052. Nombre de pages dans le document : 2. Nombre de pages imprimées : 0. Ordinateur client : \\PIERREDELL. Le code d'erreur Win32 renvoyé par le processeur d'impression était : 0 (0x0). Error - 2009-02-16 22:52:04 \| Computer Name = PIERREDELL \| Source = Service Control Manager \| ID = 7006 Description = L'appel ScRegSetValueExW a échoué pour Start avec l'erreur : %%5 Error - 2009-02-16 22:52:07 \| Computer Name = PIERREDELL \| Source = Service Control Manager \| ID = 7006 Description = L'appel ScRegSetValueExW a échoué pour Start avec l'erreur : %%5 Error - 2009-02-16 22:52:39 \| Computer Name = PIERREDELL \| Source = Service Control Manager \| ID = 7006 Description = L'appel ScRegSetValueExW a échoué pour Start avec l'erreur : %%5 Error - 2009-02-16 22:54:01 \| Computer Name = PIERREDELL \| Source = Service Control Manager \| ID = 7006 Description = L'appel ScRegSetValueExW a échoué pour Start avec l'erreur : %%5 Error - 2009-02-16 22:56:26 \| Computer Name = PIERREDELL \| Source = Service Control Manager \| ID = 7006 Description = L'appel ScRegSetValueExW a échoué pour Start avec l'erreur : %%5 Error - 2009-02-16 22:58:01 \| Computer Name = PIERREDELL \| Source = Service Control Manager \| ID = 7006 Description = L'appel ScRegSetValueExW a échoué pour Start avec l'erreur : %%5 Error - 2009-02-16 23:00:38 \| Computer Name = PIERREDELL \| Source = Service Control Manager \| ID = 7006 Description = L'appel ScRegSetValueExW a échoué pour Start avec l'erreur : %%5 < End of report >

handhfan View Member Profile	Feb 17 2009, 10:37 PM Post #6
GeekU Moderator Posts: 8,651 From: Massachusetts OS: Windows XP Pro, Windows 7 Pro 64- and 32-bit; Virtual PC	Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version of Java components and upgrade the application. Beware it is NOT supported for use in 9x or ME and probably will not install in those systems Upgrading Java: Download the latest version of Java SE Runtime Environment (JRE) JRE 6 Update 12. Click the "Download" button to the right. Select your Platform and check the box that says: "I agree to the Java SE Runtime Environment 6 License Agreement.". Click on Continue. Click on the link to download Windows Offline Installation (jre-6u12-windows-i586-p.exe) and save it to your desktop. Do NOT use the Sun Download Manager.. Close any programs you may have running - especially your web browser. Go to Start > Control Panel, double-click on Add/Remove programs and remove all older versions of Java. Check any item with Java Runtime Environment (JRE or J2SE) in the name. Click the Remove or Change/Remove button. Repeat as many times as necessary to remove each Java version. Reboot your computer once all Java components are removed. Then from your desktop double-click on the download to install the newest version.(Vista users, right click on the jre-6u12-windows-i586-p.exe and select "Run as an Administrator.") Please go to Start > Control Panel > Add/Remove Programs and remove the following (if present): J2SE Runtime Environment 5.0 Update 6 J2SE Runtime Environment 5.0 Update 9 J2SE Runtime Environment 5.0 Update 10 J2SE Runtime Environment 5.0 Update 11 Java™ SE Runtime Environment 6 Update 1 Java™ 6 Update 3 Java™ 6 Update 5 Java™ 6 Update 7 Java™ 6 Update 11 Viewpoint Media Player Please double-click OTListIt2.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator). Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy): CODE :Processes explorer.exe :Files C:\Documents and Settings\All Users\Application Data\Viewpoint C:\Program Files\Viewpoint :Commands [emptytemp] [start explorer] [Reboot] Return to OTListIt2, right click in the "Custom Scans/Fixes" window (under the light blue bar) and choose Paste. Click the red Run Fix button. Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply. Close OTListIt2 Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter .log and press the Enter key, navigate to the C:\_OTListIt\MovedFiles* folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post. Please do an online scan with Kaspersky WebScanner Read through the requirements and privacy statement and click on Accept button. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run. When the downloads have finished, click on Settings. Make sure the following is checked. Spyware, Adware, Dialers, and other potentially dangerous programs Archives Mail databases Click on My Computer under Scan. Once the scan is complete, it will display the results. Click on View Scan Report. You will see a list of infected items there. Click on Save Report As.... Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button. Please post this log in your next reply, along with the OTListIt2 Moved Files log, and a new HijackThis log.

psm343 View Member Profile	Feb 18 2009, 09:06 PM Post #7
Member Posts: 14 OS: xp	After JAVA JRE 6 Update 12: ========== PROCESSES ========== Process explorer.exe killed successfully! ========== FILES ========== C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_03 moved successfully. C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_02 moved successfully. C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_01 moved successfully. C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_00 moved successfully. C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources moved successfully. C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology moved successfully. C:\Documents and Settings\All Users\Application Data\Viewpoint\AxMetaStream_Win moved successfully. C:\Documents and Settings\All Users\Application Data\Viewpoint moved successfully. C:\Program Files\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_03 moved successfully. C:\Program Files\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_02 moved successfully. C:\Program Files\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_01 moved successfully. C:\Program Files\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_00 moved successfully. C:\Program Files\Viewpoint\Viewpoint Experience Technology\Resources moved successfully. C:\Program Files\Viewpoint\Viewpoint Experience Technology\NewComponents moved successfully. C:\Program Files\Viewpoint\Viewpoint Experience Technology\DownloadedComponents\AxMetaStream_Win moved successfully. C:\Program Files\Viewpoint\Viewpoint Experience Technology\DownloadedComponents moved successfully. C:\Program Files\Viewpoint\Viewpoint Experience Technology\Components moved successfully. C:\Program Files\Viewpoint\Viewpoint Experience Technology moved successfully. C:\Program Files\Viewpoint moved successfully. ========== COMMANDS ========== File delete failed. C:\Documents and Settings\Pierre\Local Settings\temp\~DF59E7.tmp scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Pierre\Local Settings\temp\~DF5D06.tmp scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Pierre\Local Settings\temp\~DF71DA.tmp scheduled to be deleted on reboot. User's Temp folder emptied. User's Temporary Internet Files folder emptied. User's Internet Explorer cache folder emptied. File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot. Local Service Temp folder emptied. Local Service Temporary Internet Files folder emptied. File delete failed. C:\WINDOWS\temp\JETD580.tmp scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_110.dat scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_d0.dat scheduled to be deleted on reboot. Windows Temp folder emptied. Java cache emptied. Temp folders emptied. Explorer started successfully OTListIt2 by OldTimer - Version 2.0.0.16 log created on 02182009_214735 Files moved on Reboot... File C:\Documents and Settings\Pierre\Local Settings\temp\~DF59E7.tmp not found! File C:\Documents and Settings\Pierre\Local Settings\temp\~DF5D06.tmp not found! File C:\Documents and Settings\Pierre\Local Settings\temp\~DF71DA.tmp not found! File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be moved on reboot. File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be moved on reboot. File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be moved on reboot. C:\WINDOWS\temp\JETD580.tmp moved successfully. File C:\WINDOWS\temp\Perflib_Perfdata_110.dat not found! File C:\WINDOWS\temp\Perflib_Perfdata_d0.dat not found! Registry entries deleted on Reboot... This post has been edited by psm343: Feb 18 2009, 09:10 PM

handhfan View Member Profile	Feb 19 2009, 12:23 AM Post #8
GeekU Moderator Posts: 8,651 From: Massachusetts OS: Windows XP Pro, Windows 7 Pro 64- and 32-bit; Virtual PC	Don't forget Kaspersky as well.

psm343 View Member Profile	Feb 19 2009, 06:25 AM Post #9
Member Posts: 14 OS: xp	After KASPERSKY: -------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER 7 REPORT Thursday, February 19, 2009 Operating System: Microsoft Windows XP Home Edition Service Pack 3 (build 2600) Kaspersky Online Scanner 7 version: 7.0.25.0 Program database last update: Thursday, February 19, 2009 03:01:09 Records in database: 1813698 -------------------------------------------------------------------------------- Scan settings: Scan using the following database: extended Scan archives: yes Scan mail databases: yes Scan area - My Computer: C:\ D:\ E:\ F:\ G:\ H:\ I:\ J:\ M:\ Scan statistics: Files scanned: 133568 Threat name: 5 Infected objects: 7 Suspicious objects: 0 Duration of the scan: 02:03:17 File name / Threat name / Threats count C:\Documents and Settings\Pierre\.housecall\Quarantine\Dummy.class-393d648-1ecd94ef.class.bac_a02876 Infected: Trojan.Java.ClassLoader.Dummy.d 1 C:\Documents and Settings\Pierre\.housecall\Quarantine\Dummy.class-7e4442f4-59a9e750.class.bac_a02876 Infected: Trojan.Java.ClassLoader.Dummy.d 1 C:\Documents and Settings\Pierre\.housecall6.6\Quarantine\2324b7de-47d1d259.bac_a00936 Infected: Trojan-Downloader.Java.OpenStream.ac 1 C:\Documents and Settings\Pierre\.housecall6.6\Quarantine\29b2a95b-4c3b4a85.bac_a02136 Infected: Exploit.Java.Gimsh.a 1 C:\Documents and Settings\Pierre\.housecall6.6\Quarantine\5e752950-21f763ab.bac_a02136 Infected: Exploit.Java.Gimsh.a 1 C:\Documents and Settings\Pierre\.housecall6.6\Quarantine\Dj497.mp3.bac_a05248 Infected: Trojan-Downloader.WMA.GetCodec.c 1 J:\Mes documents\Pierre\download\Motorola\pccd_vista_32.zip Infected: not-a-virus:AdWare.Win32.NewWeb.cl 1 The selected area was scanned.

psm343 View Member Profile	Feb 19 2009, 06:27 AM Post #10
Member Posts: 14 OS: xp	after OTListIt2 OTListIt logfile created on: 2009-02-19 07:20:22 - Run 5 OTListIt2 by OldTimer - Version 2.0.0.16 Folder = C:\Documents and Settings\Pierre\Bureau Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000C0C \| Country: Canada \| Language: FRC \| Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory \| 2,00 Gb Available Physical Memory \| 100,00% Memory free 4,00 Gb Paging File \| 3,53 Gb Available in Paging File \| 88,21% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072; %SystemDrive% = C: \| %SystemRoot% = C:\WINDOWS \| %ProgramFiles% = C:\Program Files Drive C: \| 67,71 Gb Total Space \| 16,30 Gb Free Space \| 24,07% Space Free \| Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Drive J: \| 78,24 Gb Total Space \| 13,82 Gb Free Space \| 17,67% Space Free \| Partition Type: NTFS Computer Name: PIERREDELL Current User Name: Pierre Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Output = Minimal File Age = 30 Days Company Name Whitelist: On ========== Processes (SafeList) ========== PRC - C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.) PRC - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software) PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.) PRC - C:\Program Files\UnivLaval\cvpnd.exe (Cisco Systems, Inc.) PRC - C:\WINDOWS\system32\gearsec.exe (GEAR Software) PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.) PRC - C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe (Microsoft Corporation) PRC - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe (Symantec Corporation) PRC - C:\WINDOWS\system32\HPZipm12.exe (HP) PRC - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe (Sonic Solutions) PRC - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe (Sonic Solutions) PRC - C:\WINDOWS\system32\tcpsvcs.exe (Microsoft Corporation) PRC - C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.) PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software) PRC - C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (RealNetworks, Inc.) PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.) PRC - C:\Documents and Settings\Pierre\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.) PRC - C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye.exe (MétéoMédia/The Weather Network) PRC - C:\WINDOWS\system32\wuauclt.exe (Microsoft Corporation) PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) PRC - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe (Microsoft Corporation) PRC - C:\Program Files\Java\jre6\bin\java.exe (Sun Microsystems, Inc.) PRC - C:\Documents and Settings\Pierre\Local Settings\temp\jkos-Pierre\binaries\ScanningProcess.exe (Kaspersky Lab.) PRC - C:\Documents and Settings\Pierre\Local Settings\temp\jkos-Pierre\binaries\ScanningProcess.exe (Kaspersky Lab.) PRC - C:\Documents and Settings\Pierre\Bureau\OTListIt2.exe (OldTimer Tools) ========== Win32 Services (SafeList) ========== SRV - (Apple Mobile Device [Auto \| Running]) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.) SRV - (aspnet_state [On_Demand \| Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation) SRV - (aswUpdSv [Auto \| Running]) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software) SRV - (Ati HotKey Poller [Auto \| Running]) -- C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.) SRV - (avast! Antivirus [Auto \| Running]) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software) SRV - (avast! Mail Scanner [On_Demand \| Running]) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software) SRV - (avast! Web Scanner [On_Demand \| Stopped]) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software) SRV - (Bonjour Service [Auto \| Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.) SRV - (CCALib8 [Auto \| Running]) -- C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.) SRV - (clr_optimization_v2.0.50727_32 [On_Demand \| Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (CVPND [Auto \| Running]) -- C:\Program Files\UnivLaval\cvpnd.exe (Cisco Systems, Inc.) SRV - (FontCache3.0.0.0 [On_Demand \| Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) SRV - (GEARSecurity [Auto \| Running]) -- C:\WINDOWS\system32\gearsec.exe (GEAR Software) SRV - (getPlus® Helper [On_Demand \| Stopped]) -- C:\Program Files\NOS\bin\getPlus_HelperSvc.exe (NOS Microsystems Ltd.) SRV - (gusvc [On_Demand \| Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google) SRV - (helpsvc [Auto \| Running]) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll (Microsoft Corporation) SRV - (IDriverT [On_Demand \| Stopped]) -- C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation) SRV - (idsvc [Unknown \| Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation) SRV - (iPod Service [On_Demand \| Stopped]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.) SRV - (JavaQuickStarterService [Auto \| Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.) SRV - (MDM [Auto \| Running]) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe (Microsoft Corporation) SRV - (MSCSPTISRV [On_Demand \| Stopped]) -- C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation) SRV - (NetSvc [On_Demand \| Stopped]) -- C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe (Intel® Corporation) SRV - (NetTcpPortSharing [Disabled \| Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation) SRV - (Norton Ghost [Auto \| Running]) -- C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe (Symantec Corporation) SRV - (PACSPTISVR [On_Demand \| Stopped]) -- C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe (Sony Corporation) SRV - (Pml Driver HPZ12 [Auto \| Running]) -- C:\WINDOWS\system32\HPZipm12.exe (HP) SRV - (RoxLiveShare [Auto \| Stopped]) -- C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxLiveShare.exe (Sonic Solutions) SRV - (RoxMediaDB [On_Demand \| Running]) -- C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe (Sonic Solutions) SRV - (RoxUPnPRenderer [On_Demand \| Stopped]) -- C:\Program Files\Fichiers communs\Roxio Shared\SharedCom\RoxUpnpRenderer.exe (Sonic Solutions) SRV - (RoxUpnpServer [Auto \| Stopped]) -- C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe (Sonic Solutions) SRV - (RoxWatch [Auto \| Running]) -- C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe (Sonic Solutions) SRV - (SimpTcp [Auto \| Running]) -- C:\WINDOWS\system32\tcpsvcs.exe (Microsoft Corporation) SRV - (SPTISRV [On_Demand \| Stopped]) -- C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation) SRV - (SSScsiSV [On_Demand \| Stopped]) -- C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe (Sony Corporation) SRV - (usnjsvc [On_Demand \| Stopped]) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe (Microsoft Corporation) SRV - (WinDefend [Auto \| Running]) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) SRV - (WLSetupSvc [On_Demand \| Stopped]) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe (Microsoft Corporation) SRV - (WMPNetworkSvc [On_Demand \| Stopped]) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (WudfSvc [Auto \| Running]) -- C:\WINDOWS\system32\WudfSvc.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (Aavmker4 [System \| Running]) -- C:\WINDOWS\system32\drivers\aavmker4.sys (ALWIL Software) DRV - (AliIde [Disabled \| Stopped]) -- C:\WINDOWS\system32\drivers\aliide.sys (Acer Laboratories Inc.) DRV - (amdagp [Disabled \| Stopped]) -- C:\WINDOWS\system32\drivers\amdagp.sys (Advanced Micro Devices, Inc.) DRV - (asc [Disabled \| Stopped]) -- C:\WINDOWS\system32\drivers\asc.sys (Advanced System Products, Inc.) DRV - (asc3550 [Disabled \| Stopped]) -- C:\WINDOWS\system32\drivers\asc3550.sys (Advanced System Products, Inc.) DRV - (ASPI32 [System \| Running]) -- C:\WINDOWS\system32\drivers\aspi32.sys (Adaptec) DRV - (aswFsBlk [Auto \| Running]) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys (ALWIL Software) DRV - (aswMon2 [Auto \| Running]) -- C:\WINDOWS\system32\drivers\aswmon2.sys (ALWIL Software) DRV - (aswRdr [On_Demand \| Running]) -- C:\WINDOWS\system32\drivers\aswRdr.sys (ALWIL Software) DRV - (aswSP [System \| Running]) -- C:\WINDOWS\system32\drivers\aswSP.sys (ALWIL Software) DRV - (aswTdi [System \| Running]) -- C:\WINDOWS\system32\drivers\aswTdi.sys (ALWIL Software) DRV - (ati2mtag [On_Demand \| Running]) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.) DRV - (cdudf_xp [System \| Running]) -- C:\WINDOWS\system32\drivers\Cdudf_xp.sys (Sonic Solutions) DRV - (CmdIde [Disabled \| Stopped]) -- C:\WINDOWS\system32\drivers\cmdide.sys (CMD Technology, Inc.) DRV - (CVirtA [On_Demand \| Stopped]) -- C:\WINDOWS\system32\drivers\CVirtA.sys (Cisco Systems, Inc.) DRV - (CVPNDRVA [Auto \| Running]) -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys (Cisco Systems, Inc.) DRV - (dac2w2k [Disabled \| Stopped]) -- C:\WINDOWS\system32\drivers\dac2w2k.sys (Mylex Corporation) DRV - (DNE [On_Demand \| Running]) -- C:\WINDOWS\system32\drivers\dne2000.sys (Deterministic Networks, Inc.) DRV - (driverhardwarev2 [On_Demand \| Stopped]) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys (Ma-Config.com) DRV - (drvmcdb [Boot \| Running]) -- C:\WINDOWS\system32\drivers\drvmcdb.sys (Sonic Solutions) DRV - (drvnddm [Auto \| Running]) -- C:\WINDOWS\system32\drivers\drvnddm.sys (Sonic Solutions) DRV - (dvd_2K [On_Demand \| Running]) -- C:\WINDOWS\system32\drivers\dvd_2k.sys (Sonic Solutions) DRV - (E100B [On_Demand \| Running]) -- C:\WINDOWS\system32\drivers\e100b325.sys (Intel Corporation) DRV - (GearAspiWDM [On_Demand \| Running]) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV - (HDAudBus [On_Demand \| Running]) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows ® Server 2003 DDK provider) DRV - (HPZid412 [On_Demand \| Stopped]) -- C:\WINDOWS\system32\drivers\HPZid412.sys (HP) DRV - (HPZipr12 [On_Demand \| Stopped]) -- C:\WINDOWS\system32\drivers\HPZipr12.sys (HP) DRV - (HPZius12 [On_Demand \| Stopped]) -- C:\WINDOWS\system32\drivers\HPZius12.sys (HP) DRV - (kbdhid [System \| Running]) -- C:\WINDOWS\system32\drivers\kbdhid.sys (Microsoft Corporation) DRV - (lgatbus [On_Demand \| Stopped]) -- C:\WINDOWS\system32\drivers\lgatbus.sys (MCCI) DRV - (lgatmdm [On_Demand \| Stopped]) -- C:\WINDOWS\system32\drivers\lgatmdm.sys (MCCI) DRV - (lgatserd [On_Demand \| Stopped]) -- C:\WINDOWS\system32\drivers\lgatserd.sys (MCCI) DRV - (mmc_2K [On_Demand \| Stopped]) -- C:\WINDOWS\system32\drivers\mmc_2k.sys (Sonic Solutions) DRV - (MotDev [On_Demand \| Stopped]) -- C:\WINDOWS\system32\drivers\motodrv.sys (Motorola Inc) DRV - (motmodem [On_Demand \| Stopped]) -- C:\WINDOWS\system32\drivers\motmodem.sys (Motorola) DRV - (mraid35x [Disabled \| Stopped]) -- C:\WINDOWS\system32\drivers\mraid35x.sys (American Megatrends Inc.) DRV - (NETMDUSB [On_Demand \| Stopped]) -- C:\WINDOWS\system32\drivers\NETMDUSB.sys (Sony Corporation) DRV - (nv [On_Demand \| Stopped]) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation) DRV - (pcouffin [On_Demand \| Running]) -- C:\WINDOWS\system32\drivers\pcouffin.sys (VSO Software) DRV - (PD0620VID [On_Demand \| Stopped]) -- C:\WINDOWS\system32\drivers\P0620Vid.sys (Creative Technology Ltd.) DRV - (PQIMount [System \| Running]) -- C:\WINDOWS\system32\drivers\PQIMount.sys (PowerQuest Corporation) DRV - (PQNTDrv [System \| Running]) -- C:\WINDOWS\system32\drivers\PQNTDRV.sys (PowerQuest Corporation) DRV - (PQV2i [Boot \| Running]) -- C:\WINDOWS\system32\drivers\PQV2i.sys (StorageCraft) DRV - (Ptilink [On_Demand \| Running]) -- C:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.) DRV - (pwd_2k [System \| Running]) -- C:\WINDOWS\system32\drivers\Pwd_2k.sys (Sonic Solutions) DRV - (PxHelp20 [Boot \| Running]) -- C:\WINDOWS\system32\drivers\pxhelp20.sys (Sonic Solutions) DRV - (ql1080 [Disabled \| Stopped]) -- C:\WINDOWS\system32\drivers\ql1080.sys (QLogic Corporation) DRV - (ql12160 [Disabled \| Stopped]) -- C:\WINDOWS\system32\drivers\ql12160.sys (QLogic Corporation) DRV - (ql1280 [Disabled \| Stopped]) -- C:\WINDOWS\system32\drivers\ql1280.sys (QLogic Corporation) DRV - (RxFilter [System \| Running]) -- C:\WINDOWS\system32\drivers\RxFilter.sys (Sonic Solutions) DRV - (Secdrv [On_Demand \| Stopped]) -- C:\WINDOWS\system32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) DRV - (Ser2pl [On_Demand \| Running]) -- C:\WINDOWS\system32\drivers\ser2pl.sys (Prolific Technology Inc.) DRV - (sermouse [On_Demand \| Stopped]) -- C:\WINDOWS\system32\drivers\sermouse.sys (Microsoft Corporation) DRV - (sisagp [Disabled \| Stopped]) -- C:\WINDOWS\system32\drivers\sisagp.sys (Silicon Integrated Systems Corporation) DRV - (Sparrow [Disabled \| Stopped]) -- C:\WINDOWS\system32\drivers\sparrow.sys (Adaptec, Inc.) DRV - (sscdbhk5 [System \| Running]) -- C:\WINDOWS\system32\drivers\sscdbhk5.sys (Sonic Solutions) DRV - (ssrtln [System \| Running]) -- C:\WINDOWS\system32\drivers\ssrtln.sys (Sonic Solutions) DRV - (STHDA [On_Demand \| Running]) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.) DRV - (symc810 [Disabled \| Stopped]) -- C:\WINDOWS\system32\drivers\symc810.sys (Symbios Logic Inc.) DRV - (symc8xx [Disabled \| Stopped]) -- C:\WINDOWS\system32\drivers\symc8xx.sys (LSI Logic) DRV - (sym_hi [Disabled \| Stopped]) -- C:\WINDOWS\system32\drivers\sym_hi.sys (LSI Logic) DRV - (sym_u3 [Disabled \| Stopped]) -- C:\WINDOWS\system32\drivers\sym_u3.sys (LSI Logic) DRV - (tfsnboio [Auto \| Running]) -- C:\WINDOWS\system32\dla\tfsnboio.sys (Sonic Solutions) DRV - (tfsncofs [Auto \| Running]) -- C:\WINDOWS\system32\dla\tfsncofs.sys (Sonic Solutions) DRV - (tfsndrct [Auto \| Running]) -- C:\WINDOWS\system32\dla\tfsndrct.sys (Sonic Solutions) DRV - (tfsndres [Auto \| Running]) -- C:\WINDOWS\system32\dla\tfsndres.sys (Sonic Solutions) DRV - (tfsnifs [Auto \| Running]) -- C:\WINDOWS\system32\dla\tfsnifs.sys (Sonic Solutions) DRV - (tfsnopio [Auto \| Running]) -- C:\WINDOWS\system32\dla\tfsnopio.sys (Sonic Solutions) DRV - (tfsnpool [Auto \| Running]) -- C:\WINDOWS\system32\dla\tfsnpool.sys (Sonic Solutions) DRV - (tfsnudf [Auto \| Running]) -- C:\WINDOWS\system32\dla\tfsnudf.sys (Sonic Solutions) DRV - (tfsnudfa [Auto \| Running]) -- C:\WINDOWS\system32\dla\tfsnudfa.sys (Sonic Solutions) DRV - (tmcomm [Auto \| Running]) -- C:\WINDOWS\system32\drivers\tmcomm.sys (Trend Micro Inc.) DRV - (ultra [Disabled \| Stopped]) -- C:\WINDOWS\system32\drivers\ultra.sys (Promise Technology, Inc.) DRV - (USBAAPL [On_Demand \| Stopped]) -- C:\WINDOWS\system32\drivers\usbaapl.sys (Apple, Inc.) DRV - (vsdatant [On_Demand \| Stopped]) -- C:\WINDOWS\system32\vsdatant.sys (Zone Labs LLC) DRV - (Wdf01000 [On_Demand \| Stopped]) -- C:\WINDOWS\system32\drivers\wdf01000.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Reg Error: Invalid data type. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = Reg Error: Invalid data type. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerm...tf8&oe=utf8 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.canoe.ca/accueil.html IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1 O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll (TechSmith Corporation) O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.) O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - Reg Error: Key error. File not found O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions) O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - Reg Error: Key error. File not found O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - Reg Error: Key error. File not found O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (ST) - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar3.dll (Google Inc.) O2 - BHO: (MSNToolBandBHO) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr-ca\msntb.dll (Microsoft Corporation) O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar3.dll (Google Inc.) O3 - HKLM\..\Toolbar: (SnagIt) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll (TechSmith Corporation) O3 - HKLM\..\Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - Reg Error: Key error. File not found O3 - HKLM\..\Toolbar: (MSN) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr-ca\msntb.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.) O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar3.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - Reg Error: Key error. File not found O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar3.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key error. File not found O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - Reg Error: Key error. File not found O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr-ca\msntb.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.) O4 - HKLM..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot (RealNetworks, Inc.) O4 - HKCU..\Run: [Google Update] "C:\Documents and Settings\Pierre\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c (Google Inc.) O4 - HKCU..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" (Ahead Software AG) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited) O4 - HKCU..\Run: [WeatherEye] C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye.exe (MétéoMédia/The Weather Network) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Universite Laval Client VPN ULaval.lnk = C:\Program Files\UnivLaval\vpngui.exe (Cisco Systems, Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoComputersNearMe = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: NoActiveDesktopChanges = [binary data] O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: NoActiveDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: NoSaveSettings = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: ClassicShell = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: &Google Search - Reg Error: Value error. O8 - Extra context menu item: &Translate English Word - Reg Error: Value error. O8 - Extra context menu item: + Offline &Explorer: Download the link - file://C:\Program Files\Offline Explorer Enterprise\Add_UrlO.htm O8 - Extra context menu item: + Offline E&xplorer: Download the current page - file://C:\Program Files\Offline Explorer Enterprise\Add_AllO.htm O8 - Extra context menu item: Backward Links - Reg Error: Value error. O8 - Extra context menu item: Cached Snapshot of Page - Reg Error: Value error. O8 - Extra context menu item: E&xport to Microsoft Excel - Reg Error: Value error. O8 - Extra context menu item: Similar Pages - Reg Error: Value error. O8 - Extra context menu item: Translate Page into English - Reg Error: Value error. O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation) O9 - Extra Button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - File not found O9 - Extra 'Tools' menuitem : PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe () O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O12 - Plugin for: .csm - C:\Program Files\Internet Explorer\PLUGINS\npchime.dll (MDL Information Systems, Inc (Elsevier MDL)) O12 - Plugin for: .csml - C:\Program Files\Internet Explorer\PLUGINS\npchime.dll (MDL Information Systems, Inc (Elsevier MDL)) O12 - Plugin for: .cub - C:\Program Files\Internet Explorer\PLUGINS\npchime.dll (MDL Information Systems, Inc (Elsevier MDL)) O12 - Plugin for: .cube - C:\Program Files\Internet Explorer\PLUGINS\npchime.dll (MDL Information Systems, Inc (Elsevier MDL)) O12 - Plugin for: .dx - C:\Program Files\Internet Explorer\PLUGINS\npchime.dll (MDL Information Systems, Inc (Elsevier MDL)) O12 - Plugin for: .emb - C:\Program Files\Internet Explorer\PLUGINS\npchime.dll (MDL Information Systems, Inc (Elsevier MDL)) O12 - Plugin for: .embl - C:\Program Files\Internet Explorer\PLUGINS\npchime.dll (MDL Information Systems, Inc (Elsevier MDL)) O12 - Plugin for: .gau - C:\Program Files\Internet Explorer\PLUGINS\npchime.dll (MDL Information Systems, Inc (Elsevier MDL)) O12 - Plugin for: .jdx - C:\Program Files\Internet Explorer\PLUGINS\npchime.dll (MDL Information Systems, Inc (Elsevier MDL)) O12 - Plugin for: .mol - C:\Program Files\Internet Explorer\PLUGINS\npchime.dll (MDL Information Systems, Inc (Elsevier MDL)) O12 - Plugin for: .mop - C:\Program Files\Internet Explorer\PLUGINS\npchime.dll (MDL Information Systems, Inc (Elsevier MDL)) O12 - Plugin for: .pdb - C:\Program Files\Internet Explorer\PLUGINS\npchime.dll (MDL Information Systems, Inc (Elsevier MDL)) O12 - Plugin for: .rxn - C:\Program Files\Internet Explorer\PLUGINS\npchime.dll (MDL Information Systems, Inc (Elsevier MDL)) O12 - Plugin for: .scr - C:\Program Files\Internet Explorer\PLUGINS\npchime.dll (MDL Information Systems, Inc (Elsevier MDL)) O12 - Plugin for: .skc - C:\Program Files\Internet Explorer\PLUGINS\npchime.dll (MDL Information Systems, Inc (Elsevier MDL)) O12 - Plugin for: .spt - C:\Program Files\Internet Explorer\PLUGINS\npchime.dll (MDL Information Systems, Inc (Elsevier MDL)) O12 - Plugin for: .tgf - C:\Program Files\Internet Explorer\PLUGINS\npchime.dll (MDL Information Systems, Inc (Elsevier MDL)) O12 - Plugin for: .xyz - C:\Program Files\Internet Explorer\PLUGINS\npchime.dll (MDL Information Systems, Inc (Elsevier MDL)) O15 - HKLM\..Trusted Domains: 46 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKCU\..Trusted Domains: radioenergie.com ([www] http in Sites de confiance) O15 - HKCU\..Trusted Domains: 46 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab (Reg Error: Key error.) O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/templates/ieawsdc.cab (Reg Error: Key error.) O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object) O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.1...toUploader5.cab (Facebook Photo Uploader 5 Control) O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} https://www.epost.ca/printing/smsx.cab (MeadCo ScriptX) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool) O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab (Trend Micro ActiveX Scan Agent 6.6) O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {428A9DEF-F057-402B-9F2D-A5887F4544ED} http://download.microsoft.com/download/7/1...tualEarth3D.cab (SentinelProxy Class) O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.4.3.cab (DLM Control) O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab (MSN Photo Upload Tool) O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} http://h30155.www3.hp.com/ediags/dd/instal...nosticsxp2k.cab (DeviceEnum Class) O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} http://www.eset.eu/buxus/docs/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} http://upload.facebook.com/controls/Facebo...toUploader3.cab (Facebook Photo Uploader 4 Control) O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://www.jiwix.com/aurigma/imageuploader...geUploader5.cab (Image Uploader Control) O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/...lscbase6662.cab (Windows Live Safety Center Base Module) O16 - DPF: {68A2C3BD-7809-11D3-8ACF-0050046F2F9A} http://www.mindavenue.com/Downloads/AXELPlayerAX_Win32.cab (AXELPlayer Class) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftu...b?1191623643296 (MUWebControl Class) O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab (Reg Error: Key error.) O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} http://pix.futureshop.ca/fr/ImageUploader4.cab (Reg Error: Key error.) O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab (Reg Error: Key error.) O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://fichiers.touslesdrivers.com/fichier...ion_2_0_4_9.cab (HardwareDetection Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_12) O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab (Reg Error: Key error.) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {A93B47FD-9BF6-4DA8-97FC-9270B9D64A6C} http://www.4xem.com/downloads/cab/WLPTG/h263ctrl.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_12) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_12) O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab (get_atlcom Class) O16 - DPF: {D1D98C0F-A339-42AB-BD5F-EA0FF5D0E65F} http://www.rockyou.com/RockYouImageUploader.cab (RockYou Image Uploader Control) O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab (Reg Error: Key error.) O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C1} http://67.15.101.3/g_bin/eng/billard8_2_0_0_24.cab (Reg Error: Key error.) O16 - DPF: Garmin Communicator Plug-In https://my.garmin.com/mygarmin/m/GarminAxControl.CAB (Reg Error: Key error.) O18 - Protocol\Handler\intu-ir2007 {52BAEC6B-9405-46f9-A131-6D50720A3CC4} - C:\Program Files\ImpotRapide 2007\ic2007pp.dll (Intuit Canada, a general partnership/une société en nom collectif.) O18 - Protocol\Handler\ipp Reg Error: Value error. - Reg Error: Key error. File not found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp Reg Error: Value error. - Reg Error: Key error. File not found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - Autorun File - C:\AUTOEXEC.BAT () - [ NTFS ] ========== Files/Folders - Created Within 30 Days ========== [2009-02-18 21:47:35 \| 00,000,000 \| ---D \| C] -- C:\_OTListIt [2009-02-18 21:40:05 \| 16,278,936 \| ---- \| C] () -- C:\Documents and Settings\Pierre\Bureau\jre-6u12-windows-i586-p.exe [2009-02-18 20:50:31 \| 00,000,210 \| ---- \| C] () -- C:\Documents and Settings\Pierre\Bureau\Raccourci vers Java.lnk [2009-02-17 21:43:50 \| 00,002,300 \| -H-- \| C] () -- C:\Documents and Settings\Pierre\Bureau\ZbThumbnail.info [2009-02-17 19:19:32 \| 00,491,520 \| ---- \| C] (OldTimer Tools) -- C:\Documents and Settings\Pierre\Bureau\OTListIt2.exe [2009-02-16 19:22:33 \| 00,000,000 \| ---D \| C] -- C:\Program Files\EsetOnlineScanner [2009-02-16 07:38:59 \| 00,001,730 \| ---- \| C] () -- C:\Documents and Settings\Pierre\Bureau\avast! Antivirus.lnk [2009-02-16 00:20:52 \| 00,000,000 \| -HSD \| C] -- C:\RECYCLER [2009-02-15 20:48:37 \| 00,000,216 \| ---- \| C] () -- C:\Boot.bak [2009-02-15 20:48:35 \| 00,263,488 \| ---- \| C] () -- C:\cmldr [2009-02-15 20:48:30 \| 00,000,000 \| RHSD \| C] -- C:\cmdcons [2009-02-15 20:46:00 \| 00,212,480 \| ---- \| C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2009-02-15 20:46:00 \| 00,161,792 \| ---- \| C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2009-02-15 20:46:00 \| 00,136,704 \| ---- \| C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2009-02-15 20:46:00 \| 00,098,816 \| ---- \| C] () -- C:\WINDOWS\sed.exe [2009-02-15 20:46:00 \| 00,089,504 \| ---- \| C] (Smallfrogs Studio) -- C:\WINDOWS\fdsv.exe [2009-02-15 20:46:00 \| 00,080,412 \| ---- \| C] () -- C:\WINDOWS\grep.exe [2009-02-15 20:46:00 \| 00,068,096 \| ---- \| C] () -- C:\WINDOWS\zip.exe [2009-02-15 20:46:00 \| 00,049,152 \| ---- \| C] () -- C:\WINDOWS\VFIND.exe [2009-02-15 20:46:00 \| 00,029,696 \| ---- \| C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2009-02-15 20:45:55 \| 00,000,000 \| ---D \| C] -- C:\Qoobox [2009-02-15 20:44:14 \| 02,923,783 \| R--- \| C] () -- C:\Documents and Settings\Pierre\Bureau\ComboFix.exe [2009-02-15 11:55:17 \| 00,000,424 \| -H-- \| C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{36CBA60C-7524-4747-B31C-EB7757F7E2FD}.job [2009-02-14 08:31:06 \| 16,409,960 \| ---- \| C] (Safer Networking Limited ) -- C:\Documents and Settings\Pierre\Bureau\spybotsd162.exe [2009-02-01 10:36:34 \| 00,218,651 \| ---- \| C] () -- C:\Documents and Settings\Pierre\Bureau\Antivirus2.jpg [2009-02-01 10:34:43 \| 00,214,319 \| ---- \| C] () -- C:\Documents and Settings\Pierre\Bureau\Antivirus.jpg [2009-02-01 09:54:47 \| 00,001,564 \| ---- \| C] () -- C:\Documents and Settings\Pierre\Bureau\Invite de commandes.lnk [2009-01-31 09:13:16 \| 00,000,238 \| ---- \| C] () -- C:\Documents and Settings\Pierre\Bureau\RockYou.com - Photo sharing, MySpace slideshows, MySpace codes, MySpace music.url [2009-01-20 21:53:39 \| 00,000,000 \| ---D \| C] -- C:\Documents and Settings\Pierre\Application Data\Mozilla ========== Files - Modified Within 30 Days ========== [8 C:\WINDOWS\System32\.tmp files] [1 C:\WINDOWS\.tmp files] [2009-02-19 06:36:39 \| 00,000,930 \| ---- \| M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-656630978-2109668801-1941713988-1006.job [2009-02-19 02:04:22 \| 00,000,330 \| -H-- \| M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job [2009-02-18 23:04:28 \| 00,000,424 \| -H-- \| M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{36CBA60C-7524-4747-B31C-EB7757F7E2FD}.job [2009-02-18 21:55:56 \| 00,002,206 \| ---- \| M] () -- C:\WINDOWS\System32\wpa.dbl [2009-02-18 21:55:31 \| 00,000,006 \| -H-- \| M] () -- C:\WINDOWS\tasks\SA.DAT [2009-02-18 21:55:24 \| 00,002,048 \| --S- \| M] () -- C:\WINDOWS\bootstat.dat [2009-02-18 21:55:21 \| 32,192,79872 \| -HS- \| M] () -- C:\hiberfil.sys [2009-02-18 21:40:05 \| 16,278,936 \| ---- \| M] () -- C:\Documents and Settings\Pierre\Bureau\jre-6u12-windows-i586-p.exe [2009-02-18 20:50:31 \| 00,000,210 \| ---- \| M] () -- C:\Documents and Settings\Pierre\Bureau\Raccourci vers Java.lnk [2009-02-18 19:40:20 \| 00,000,424 \| -H-- \| M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{3F8A254C-948A-49BE-9C1E-9E59C86933F2}.job [2009-02-17 21:44:07 \| 00,002,300 \| -H-- \| M] () -- C:\Documents and Settings\Pierre\Mes documents\ZbThumbnail.info [2009-02-17 21:43:50 \| 00,002,300 \| -H-- \| M] () -- C:\Documents and Settings\Pierre\Bureau\ZbThumbnail.info [2009-02-17 19:19:33 \| 00,491,520 \| ---- \| M] (OldTimer Tools) -- C:\Documents and Settings\Pierre\Bureau\OTListIt2.exe [2009-02-16 21:42:56 \| 00,000,377 \| ---- \| M] () -- C:\Documents and Settings\Pierre\Bureau\Vidéotron Libre-Service Consommation Internet.url [2009-02-16 21:42:45 \| 00,003,745 \| ---- \| M] () -- C:\Documents and Settings\Pierre\Bureau\CaptiveWorks CW-600 - FTABins.NET The Greatest FTA Community on the NET!.url [2009-02-16 15:54:48 \| 00,000,116 \| ---- \| M] () -- C:\WINDOWS\NeroDigital.ini [2009-02-16 07:38:59 \| 00,001,730 \| ---- \| M] () -- C:\Documents and Settings\Pierre\Bureau\avast! Antivirus.lnk [2009-02-15 21:40:13 \| 00,000,227 \| ---- \| M] () -- C:\WINDOWS\system.ini [2009-02-15 20:55:57 \| 00,000,027 \| ---- \| M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2009-02-15 20:48:37 \| 00,000,286 \| RHS- \| M] () -- C:\boot.ini [2009-02-15 20:44:23 \| 02,923,783 \| R--- \| M] () -- C:\Documents and Settings\Pierre\Bureau\ComboFix.exe [2009-02-15 19:11:09 \| 00,000,244 \| -H-- \| M] () -- C:\sqmnoopt04.sqm [2009-02-15 19:11:09 \| 00,000,232 \| -H-- \| M] () -- C:\sqmdata04.sqm [2009-02-15 19:10:20 \| 00,000,244 \| -H-- \| M] () -- C:\sqmnoopt03.sqm [2009-02-15 19:10:20 \| 00,000,232 \| -H-- \| M] () -- C:\sqmdata03.sqm [2009-02-15 10:21:55 \| 00,002,703 \| ---- \| M] () -- C:\Documents and Settings\Pierre\Bureau\Facebook Home (2).url [2009-02-15 10:09:55 \| 00,045,056 \| ---- \| M] () -- C:\Documents and Settings\Pierre\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-02-15 10:01:23 \| 00,000,277 \| ---- \| M] () -- C:\Documents and Settings\Pierre\Bureau\Blog à Pierre.url [2009-02-15 09:43:15 \| 00,000,201 \| ---- \| M] () -- C:\Documents and Settings\Pierre\Bureau\Poker - Vendredi soir.url [2009-02-14 11:11:05 \| 00,000,297 \| ---- \| M] () -- C:\Documents and Settings\Pierre\Bureau\Expressfr.com • Voir le forum - CW-600S.url [2009-02-14 08:31:47 \| 16,409,960 \| ---- \| M] (Safer Networking Limited ) -- C:\Documents and Settings\Pierre\Bureau\spybotsd162.exe [2009-02-10 21:09:13 \| 00,001,374 \| ---- \| M] () -- C:\WINDOWS\imsins.BAK [2009-02-10 18:27:55 \| 00,003,121 \| ---- \| M] () -- C:\WINDOWS\System32\CONFIG.NT [2009-02-09 18:30:53 \| 00,000,244 \| -H-- \| M] () -- C:\sqmnoopt02.sqm [2009-02-09 18:30:53 \| 00,000,232 \| -H-- \| M] () -- C:\sqmdata02.sqm [2009-02-08 10:51:16 \| 00,000,244 \| -H-- \| M] () -- C:\sqmnoopt01.sqm [2009-02-08 10:51:16 \| 00,000,232 \| -H-- \| M] () -- C:\sqmdata01.sqm [2009-02-07 18:53:01 \| 00,000,284 \| ---- \| M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2009-02-05 17:04:13 \| 00,002,407 \| ---- \| M] () -- C:\Documents and Settings\All Users\Bureau\ZoomBrowser EX.lnk [2009-02-05 16:11:35 \| 01,256,296 \| ---- \| M] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe [2009-02-05 16:08:19 \| 00,093,296 \| ---- \| M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2009-02-05 16:08:10 \| 00,094,032 \| ---- \| M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2009-02-05 16:07:23 \| 00,114,768 \| ---- \| M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2009-02-05 16:07:12 \| 00,020,560 \| ---- \| M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2009-02-05 16:06:20 \| 00,051,376 \| ---- \| M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2009-02-05 16:06:10 \| 00,023,152 \| ---- \| M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2009-02-05 16:05:11 \| 00,026,944 \| ---- \| M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2009-02-05 16:04:45 \| 00,097,480 \| ---- \| M] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr [2009-02-03 21:08:30 \| 00,000,249 \| ---- \| M] () -- C:\Documents and Settings\Pierre\Bureau\Le blog des blogs creer un blog gratuit.url [2009-02-03 18:21:12 \| 21,244,864 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe [2009-02-01 10:37:03 \| 00,218,651 \| ---- \| M] () -- C:\Documents and Settings\Pierre\Bureau\Antivirus2.jpg [2009-02-01 10:36:01 \| 00,214,319 \| ---- \| M] () -- C:\Documents and Settings\Pierre\Bureau\Antivirus.jpg [2009-02-01 09:54:47 \| 00,001,564 \| ---- \| M] () -- C:\Documents and Settings\Pierre\Bureau\Invite de commandes.lnk [2009-01-31 09:13:16 \| 00,000,238 \| ---- \| M] () -- C:\Documents and Settings\Pierre\Bureau\RockYou.com - Photo sharing, MySpace slideshows, MySpace codes, MySpace music.url [2009-01-30 15:27:53 \| 00,000,804 \| ---- \| M] () -- C:\Documents and Settings\Pierre\Bureau\XE - Universal Currency Converter.url [2009-01-30 08:29:47 \| 00,000,244 \| -H-- \| M] () -- C:\sqmnoopt00.sqm [2009-01-30 08:29:47 \| 00,000,232 \| -H-- \| M] () -- C:\sqmdata00.sqm [2009-01-22 21:44:25 \| 00,000,164 \| ---- \| M] () -- C:\Documents and Settings\Pierre\Bureau\Hockey Pool Manager - Free 3 Week Trial.url ========== LOP Check ========== [2009-02-18 21:47:35 \| 00,000,000 \| RH-D \| M] -- C:\Documents and Settings\All Users\Application Data [2009-01-15 16:01:52 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} [2008-11-09 10:48:57 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\Adobe [2008-02-27 17:39:28 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\Apple [2008-02-27 17:42:12 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer [2008-05-25 19:56:44 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software [2007-03-13 18:42:59 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\Civil Engines [2008-11-13 20:10:55 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\DVD Shrink [2006-10-22 17:21:25 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\Google [2006-03-01 22:15:54 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\HP [2008-11-11 19:42:39 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\HP Product Assistant [2005-12-26 19:24:01 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\InstallShield [2008-03-03 13:59:47 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\Intuit Canada [2008-01-17 21:54:57 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\Lavasoft [2008-05-19 19:05:27 \| 00,000,000 \| --SD \| M] -- C:\Documents and Settings\All Users\Application Data\Microsoft [2008-11-09 10:44:59 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\NOS [2006-01-31 21:08:50 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\Roxio [2004-08-20 11:46:34 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\SBSI [2006-03-01 22:14:53 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\Sonic [2006-02-06 22:23:32 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\Sony Corporation [2009-02-14 08:37:01 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy [2006-01-28 21:55:19 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\Symantec [2009-01-02 11:58:16 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\TechSmith [2005-12-31 21:24:56 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage [2008-08-13 12:06:33 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\WLInstaller [2006-11-25 13:59:06 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion [2009-01-20 21:53:39 \| 00,000,000 \| RH-D \| M] -- C:\Documents and Settings\Pierre\Application Data [2009-01-24 21:29:30 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Adobe [2008-05-29 18:39:38 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\AdobeUM [2007-01-04 22:46:12 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Ahead [2008-08-31 20:40:36 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Apple Computer [2006-01-07 16:38:42 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\ArcSoft [2009-02-17 21:45:12 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\BitTorrent [2005-12-31 22:32:43 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Creative [2006-01-08 20:38:05 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\CyberLink [2007-01-27

psm343 View Member Profile	Feb 19 2009, 06:29 AM Post #11
Member Posts: 14 OS: xp	after OTListIt part 2 [2007-01-27 15:29:55 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\DivX [2008-10-12 20:39:29 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Download Manager [2008-10-12 19:31:11 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\GARMIN [2006-01-23 21:01:48 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Google [2006-01-02 12:07:43 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Help [2006-07-21 17:35:35 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\HP [2004-08-20 11:41:54 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Identities [2007-12-28 13:16:09 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Image Zone Express [2008-05-25 19:30:55 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\InstallShield [2008-03-03 14:00:41 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Intuit Canada [2006-01-28 21:56:15 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\IsolatedStorage [2008-01-17 21:53:35 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Lavasoft [2005-12-31 15:57:23 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Leadertech [2007-09-26 21:37:58 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\ma-config.com [2006-01-07 21:55:58 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Macromedia [2008-09-14 14:56:10 \| 00,000,000 \| --SD \| M] -- C:\Documents and Settings\Pierre\Application Data\Microsoft [2006-01-22 17:16:00 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Microsoft Web Folders [2009-01-20 21:53:39 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Mozilla [2005-12-31 15:56:13 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\MSNInstaller [2009-01-17 09:02:31 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\NewspaperDirect [2006-11-25 10:52:56 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Offline Explorer [2007-09-22 13:12:33 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Printer Info Cache [2006-01-16 20:46:05 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Real [2007-01-13 13:31:05 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Roxio [2005-12-31 15:57:42 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Sonic [2006-11-13 17:49:16 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Sony Corporation [2007-02-05 21:41:34 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\SopCast [2005-12-26 19:17:47 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Sun [2005-12-31 10:27:37 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Symantec [2008-05-19 19:05:31 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Uniblue [2006-08-20 20:52:30 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\vlc [2008-11-13 21:38:13 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Vso [2006-10-15 12:40:17 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\Windows Live Safety Center [2008-04-17 07:51:15 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings\Pierre\Application Data\WinRAR [2009-02-07 18:53:01 \| 00,000,284 \| ---- \| M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job [2004-08-05 13:00:00 \| 00,000,065 \| RH-- \| M] () -- C:\WINDOWS\Tasks\desktop.ini [2009-02-19 06:36:39 \| 00,000,930 \| ---- \| M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-656630978-2109668801-1941713988-1006.job [2009-02-19 02:04:22 \| 00,000,330 \| -H-- \| M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job [2009-02-18 21:55:31 \| 00,000,006 \| -H-- \| M] () -- C:\WINDOWS\Tasks\SA.DAT [2009-02-18 23:04:28 \| 00,000,424 \| -H-- \| M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{36CBA60C-7524-4747-B31C-EB7757F7E2FD}.job [2009-02-18 19:40:20 \| 00,000,424 \| -H-- \| M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{3F8A254C-948A-49BE-9C1E-9E59C86933F2}.job ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 894 bytes -> C:\Documents and Settings\Pierre\Bureau\Vidéotron Libre-Service Consommation Internet.url:favicon @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Pierre\Mes documents\moto limo.jpg:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Pierre\Mes documents\Famille2A.jpg:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Pierre\Mes documents\chrcdirect.asx:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Pierre\Bureau\Antivirus2.jpg:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Pierre\Bureau\Antivirus.jpg:Roxio EMC Stream @Alternate Data Stream - 7542 bytes -> C:\Documents and Settings\Pierre\Bureau\MobilityPass provide prepaid or unlimited plan for [viewcountry] and International roaming Internet Access, WiFi hotspot, 3G, Toll Free, Dial-up, Broadband, wireless and mobile internet..url:favicon @Alternate Data Stream - 3638 bytes -> C:\Documents and Settings\Pierre\Bureau\- Caméras Québec Pont Pierre-Laporte - circulationquebec.com.url:favicon @Alternate Data Stream - 322 bytes -> C:\Documents and Settings\Pierre\Bureau\Expressfr.com • Voir le forum - CW-600S.url:favicon @Alternate Data Stream - 322 bytes -> C:\Documents and Settings\Pierre\Bureau\Expressfr - Programmation récepteurs FTA.url:favicon @Alternate Data Stream - 1718 bytes -> C:\Documents and Settings\Pierre\Bureau\Virgin Mobile - mon compte.url:favicon @Alternate Data Stream - 1406 bytes -> C:\Documents and Settings\Pierre\Bureau\Satellite-Montreal.url:favicon @Alternate Data Stream - 1406 bytes -> C:\Documents and Settings\Pierre\Bureau\eBay.ca 2 Tickets for Celine Dion 10-02-09 Quebec (Red-Loges) objet 140289437646 fin).url:favicon @Alternate Data Stream - 1150 bytes -> C:\Documents and Settings\Pierre\Bureau\XE - Universal Currency Converter.url:favicon @Alternate Data Stream - 1150 bytes -> C:\Documents and Settings\Pierre\Bureau\RockYou.com - Photo sharing, MySpace slideshows, MySpace codes, MySpace music.url:favicon @Alternate Data Stream - 1150 bytes -> C:\Documents and Settings\Pierre\Bureau\Le blog des blogs creer un blog gratuit.url:favicon @Alternate Data Stream - 1150 bytes -> C:\Documents and Settings\Pierre\Bureau\Facebook Home (2).url:favicon @Alternate Data Stream - 1150 bytes -> C:\Documents and Settings\Pierre\Bureau\CaptiveWorks CW-600 - FTABins.NET The Greatest FTA Community on the NET!.url:favicon @Alternate Data Stream - 1150 bytes -> C:\Documents and Settings\Pierre\Bureau\Blog à Pierre.url:favicon @Alternate Data Stream - 0 bytes -> C:\WINDOWS\Thumbs.db:encryptable @Alternate Data Stream - 0 bytes -> C:\Documents and Settings\Pierre\Mes documents\Thumbs.db:encryptable < End of report >

psm343 View Member Profile	Feb 19 2009, 06:31 AM Post #12
Member Posts: 14 OS: xp	after OTListIt Extras OTListIt Extras logfile created on: 2009-02-19 07:20:22 - Run 5 OTListIt2 by OldTimer - Version 2.0.0.16 Folder = C:\Documents and Settings\Pierre\Bureau Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000C0C \| Country: Canada \| Language: FRC \| Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory \| 2,00 Gb Available Physical Memory \| 100,00% Memory free 4,00 Gb Paging File \| 3,53 Gb Available in Paging File \| 88,21% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072; %SystemDrive% = C: \| %SystemRoot% = C:\WINDOWS \| %ProgramFiles% = C:\Program Files Drive C: \| 67,71 Gb Total Space \| 16,30 Gb Free Space \| 24,07% Space Free \| Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Drive J: \| 78,24 Gb Total Space \| 13,82 Gb Free Space \| 17,67% Space Free \| Partition Type: NTFS Computer Name: PIERREDELL Current User Name: Pierre Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Output = Minimal File Age = 30 Days Company Name Whitelist: On ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile "EnableFirewall" = 1 "DoNotAllowExceptions" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\IcmpSettings] ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] %windir%\Network Diagnostic\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation) C:\Program Files\Windows Live\Messenger\msnmsgr.exe::Enabled:Windows Live Messenger (Microsoft Corporation) C:\Program Files\Windows Live\Messenger\livecall.exe::Enabled:Windows Live Messenger (Phone) (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] C:\StubInstaller.exe::Enabled:LimeWire swarmed installer (LimeWire) C:\Documents and Settings\Marie\Bureau\LimeWire\LimeWire.exe::Enabled:LimeWire (Lime Wire, LLC) C:\Program Files\Real\RealPlayer\realplay.exe::Enabled:RealPlayer (RealNetworks, Inc.) C:\WINDOWS\system32\dpvsetup.exe::Enabled:Microsoft DirectPlay Voice Test (Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe::Enabled:Windows Messenger (Microsoft Corporation) C:\Program Files\HP\HP Software Update\HPWUCli.exe::Enabled:HP Software Update Client (Hewlett-Packard) C:\Program Files\BitTorrent\bittorrent.exe::Enabled:BitTorrent (BitTorrent, Inc.) J:\StubInstaller.exe::Enabled:LimeWire swarmed installer (LimeWire) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe::Enabled:hpqtra08.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe::Enabled:hpqste08.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe::Enabled:hpofxm08.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe::Enabled:hposfx08.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe::Enabled:hposid01.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe::Enabled:hpqscnvw.exe () C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe::Enabled:hpqkygrp.exe (Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe::Enabled:hpqcopy.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe::Enabled:hpfccopy.exe (Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe::Enabled:hpzwiz01.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe::Enabled:hpqphunl.exe (Hewlett-Packard) C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe::Enabled:hpqdia.exe ( ) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe::Enabled:hpoews01.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe::Enabled:hpqnrs08.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files\TribalWeb.net\tribalweb.exe::Enabled:TribalWeb.net : Réseau privé sur Internet (ShalSoft) C:\Program Files\SopCast\SopCast.exe::Enabled:SopCast Main Application (www.sopcast.com) C:\Documents and Settings\Pierre\Application Data\SopCast\adv\SopAdver.exe::Enabled:SopCast Adver (www.sopcast.com) C:\Program Files\Civil Netizen\CivilNetizen.exe::Enabled:Civil Netizen (Civil Engines Research) C:\Program Files\Motorola\Software Update\msu.exe::Enabled:msu (Motorola) C:\Program Files\BitPim\bitpimw.exe::Enabled:Open Source Mobile Phone Tool (http://www.bitpim.org) C:\Program Files\DNA\btdna.exe::Enabled:DNA (BitTorrent, Inc.) %windir%\Network Diagnostic\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation) C:\Program Files\Windows Live\Messenger\msnmsgr.exe::Enabled:Windows Live Messenger (Microsoft Corporation) C:\Program Files\Windows Live\Messenger\livecall.exe::Enabled:Windows Live Messenger (Phone) (Microsoft Corporation) C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe::Enabled:Roxio Upnp Service (Sonic Solutions) C:\Documents and Settings\Pierre\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll::Enabled:Google Talk Plugin (Google) C:\Documents and Settings\Pierre\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe::Enabled:Google Talk Plugin (Google) C:\Program Files\Bonjour\mDNSResponder.exe::Enabled:Bonjour (Apple Inc.) C:\Program Files\iTunes\iTunes.exe::Enabled:iTunes (Apple Inc.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{012E1293-EA51-4C22-9573-26E3A0F887C5}" = Channel Master "{03B1B42B-F6DE-41d9-8CFF-DC44E895C7A7}" = PhotoGallery "{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}" = CP_Package_Variety1 "{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data "{0A146245-DB79-4197-BF5D-FE1A699A2CC7}" = Camera Window DS "{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = Panneau de contrôle ATI "{0CA6047C-D28B-4295-834A-07C52BA20C2D}" = Extension de Windows Live Toolbar (Windows Live Toolbar) "{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}" = Menus intelligents (Windows Live Toolbar) "{0ED47137-C071-46CC-A243-E5E33271E10E}" = Windows Live Sign-in Assistant "{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA "{13922F10-BD74-4912-AB11-E34B35062700}" = Microsoft Calculatrice Plus "{14220DB1-DD96-4BCD-B3D5-03A4EA6631C4}" = RemoteCapture 2.7.5 "{151C555A-A9E7-4A2E-B6D7-165D04A3C956}" = Dell Picture Studio - Dell Image Expert "{16BE87BC-69F5-4D36-8CF0-E1CB3ACD5ED3}" = HP Driver Diagnostics "{172975EB-9465-4861-95B5-C7BB6D3DE62A}" = DocumentViewer "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate "{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}" = CP_Package_Variety3 "{1D13221B-42DE-4B3C-A43F-0F6AF3CF3DA2}" = Client Windows Rights Management avec Service Pack 2 "{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth "{1DA07BCA-FD11-406E-89A8-5B4496F43FC5}" = EZ Label Xpress Lite "{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD LE "{21DAFB84-2421-488F-B17D-102FF53396AA}" = Ulead DVD Player "{21DB3D90-D816-4092-A260-CA3F6B55A6DD}" = Sonic_PrimoSDK "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress "{23A7B376-BBEC-4e76-BBD7-0F155E70D74B}" = CP_Panorama1Config "{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java™ 6 Update 12 "{287E1968-462A-40EB-BA11-A557C5D64F12}" = ImpôtRapide 2006 "{2BA00471-0328-3743-93BD-FA813353A783}" = Microsoft .NET Framework 3.0 Service Pack 1 "{2C0A655C-61E7-428A-8ED2-23A3D20E7DD2}" = Data Lifeguard Tools "{2F151B50-B434-4838-B51D-70442EBA093E}" = OpenMG Secure Module 4.1.00 "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager "{3156B2FD-5C1D-4649-9FE3-EB6E77320266}" = ImpôtRapide 2007 "{318AB667-3230-41B5-A617-CB3BF748D371}" = iTunes "{32BDCCB8-9DC8-496d-9DB1-F77510775BDB}" = InstantShareDevices "{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone "{36E47DA1-10E1-45d9-8B19-14D19607CDCF}" = CP_CalendarTemplates1 "{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant "{3A2AF807-9F9F-43C9-A24A-17B617238B74}" = OpenOffice.org Installer 1.0 "{3C759736-8347-4031-BB9C-D75ADFE6B101}" = Norton Ghost 9.0 "{3CCB26F5-E2A7-4C91-8340-9149D7B7C2BE}" = Virtual Earth 3D (Bêta) "{44E24545-F317-4498-B7CD-240DE7BA8DE2}" = RAW Image Task "{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm "{46761278-BF32-4008-833B-93487FF0A06E}" = MDL Chime/Chime Pro for Internet Explorer "{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Edition Découverte 3.0 "{4DBBF091-FACD-422C-B43C-786335BD5398}" = MovieEdit Task "{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant "{50E25180-3BDC-4B6D-80A2-3F1F0C9CF39D}" = Camera Window DVC "{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder "{5421155F-B033-49DB-9B33-8F80F233D4D5}" = GdiplusUpgrade "{5624C000-B109-11D4-9DB4-00E0290FCAC5}" = VPN Client "{56EE8B17-8274-418d-89AC-C057C5DB251E}" = RandMap "{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool "{59991D18-A988-45AB-B1BF-5ADE6E64CD3F}" = SnagIt 9 "{5A01C58E-B0EC-49b9-AD71-7C0468688087}" = CP_Package_Basic1 "{5B622B7A-60FB-4630-B11D-F121D20BCCD6}" = MarketResearch "{5F26311C-B135-4F7F-B11E-8E650F83651E}" = DeviceFunctionQFolder "{61DE738B-CA77-4B59-B9D3-67226BB7DCE3}" = Motorola Software Update "{64116298-93C5-401D-B06C-39D8E3338508}" = DAO "{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg "{66BA8C26-AFE4-4408-807B-43E76B57EF53}" = SkinsHP1 "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.9 "{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI "{6901DD22-527A-41EF-9059-E81FEDE9E494}" = Windows Presentation Foundation Language Pack (FRA) "{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PartitionMagic "{6C3A75A6-9A90-44A3-A703-82AC1EA6A85D}" = Camera Window MC "{6E179C77-7335-458D-9537-4F4EAC0181ED}" = Photo Click "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme "{740DC926-B248-41DF-A38A-0675749E4361}" = ImpôtRapide 2005 "{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore "{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update "{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites pour Windows Live Toolbar "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec "{7C03270C-4FAB-4F5C-B10D-52FEDA190790}" = DocumentViewerQFolder "{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI "{81B5F83F-2291-48B0-8375-36B63A9BF5B0}" = Surligneur (Windows Live Toolbar) "{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status "{83F793B5-8BBF-42FD-A8A6-868CB3E2AAEA}" = Intel® PROSet for Wired Connections "{868901EE-7807-4F89-A134-7C705D34F91F}" = Roxio Easy Media Creator 8 Suite "{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour "{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}" = DocProc "{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player "{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload "{901F8ED7-13E8-43EF-B738-2FE89B0588EB}" = Camera Access Library "{9028040C-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional avec FrontPage "{90AF040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003 "{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy "{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack "{9FC8D8F8-AF3A-4488-98AF-51C6DEC732F2}" = c3100_Help "{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender "{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 3.0 "{A1D0D14A-B776-4907-BC00-5149F2298086}" = Camera Support Core Library "{A2EB8F2E-6D9B-4F8B-96EB-F976D33F416F}" = Camera Window DVC "{A52CA186-4DAF-4096-A993-09C032D3A448}" = PressReader "{A5BB5365-EFB4-44c3-A7E2-EB59B7EFD23D}" = CueTour "{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}" = Windows Defender Signatures "{A9F5421F-DA70-4C77-BB97-8D77EC33ED5E}" = HP Photosmart and Deskjet 7.0.A "{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic Audio module "{AC0EE5B0-A8FB-4D0A-AF03-2EDC518F841B}" = Dell Media Experience "{AC76BA86-7AD7-1036-7B44-A90000000001}" = Adobe Reader 9 - Français "{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B168C59D-5FCF-4EEC-B464-BFA7A8266150}" = Windows Communication Foundation Language Pack - FRA "{B279F2F1-3B2F-3A96-AC11-5743CD43DCCB}" = Google Talk Plugin "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B4E96960-5F6B-48B9-A5BD-6A5A9BB4F027}" = Avery Wizard 3.1 "{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1 "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player "{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}" = CP_Package_Variety2 "{B84C141C-9A13-44BE-9A69-301D7B11D836}" = Windows Workflow Foundation FR Language Pack "{B8EF780F-126C-4CF0-AAB2-1B68BF06BA1C}" = Motorola Driver Installation 3.7.0 "{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}" = Motorola Phone Tools "{BADF6744-3787-48F6-B8C9-4C4995401D65}" = Windows Live Messenger "{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation "{BB406CEB-6207-4512-9BB2-89950DC9D6B6}_is1" = ConvertXtoDVD 2.1.10.209 "{BF85A9D4-030F-4D2A-83CF-D4DDA0D3E68C}" = Ma-Config.com plugin "{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}" = Canon ZoomBrowser EX (F) "{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter "{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA "{C9D96682-5A4D-45FA-BA3E-DDCB2B0CB868}" = Safari "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}" = getPlus® for Adobe "{D6DE02C7-1F47-11D4-9515-00105AE4B89A}" = Paint Shop Pro 7 ESD "{DAFCC5EF-E4D0-47EF-8E4B-168B3644A1E3}" = Garmin City Navigator North America NT 2009 Update "{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp "{DD54CF66-090B-43E7-97C1-110EF526474D}" = ArcSoft Multimedia Email "{E3C080B0-23F5-49AF-89F8-8E8DBC89E659}" = Microsoft .NET Framework 3.0 French Language Pack "{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential "{EB866374-B705-4749-83D9-997AC77146B3}" = LGUsbDriver "{EB8C9964-09AC-48bf-8B98-027609C78251}" = C3100 "{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support "{EC905264-BCFE-423B-9C42-C3A106266790}" = SP2 de compatibilité descendante du client Windows Rights Management "{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC "{F196AC50-7C95-42E1-9947-BDAB18BF3C8C}" = Microsoft .NET Framework 2.0 Language Pack - FRA "{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan "{F49FEF83-45CA-4CE8-8304-A7372BA07AA9}" = Motorola Phone Tools "{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA "{F6970FBD-809A-4C51-BAB3-D94A04C6C8E7}" = Garmin Communicator Plugin "{F958CA02-BB40-4007-894B-258729456EE4}" = QuickTime "{FA61D601-A0FC-48BD-AE7A-54946BCD7FB6}_is1" = BitPim 1.0.5 "{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations "{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA "{FC888095-A35E-4993-A9E0-366BF6F0CCE0}" = ArcSoft PhotoImpression 5 "{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}" = Windows Live installer "{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update "7-Zip" = 7-Zip 4.57 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Shockwave Player" = Adobe Shockwave Player "ATI Display Driver" = ATI Display Driver "avast!" = avast! Antivirus "Avi2Dvd" = Avi2Dvd 0.4.4 beta "AviSynth" = AviSynth 2.5 "Channel Master" = Channel Master "Channel Master SDK" = Channel Master SDK "Civil Netizen (beta-release-8)" = Civil Netizen (beta-release-8) "Creative PD0620" = Creative WebCam Instant Driver (1.01.02.0729) "Creative WebCam Center" = Creative WebCam Center "DivX Content Uploader" = DivX Content Uploader "DVD Decrypter" = DVD Decrypter (Remove Only) "DVD Shrink_is1" = DVD Shrink 3.2 "DVDFab Decrypter_is1" = DVDFab Decrypter 3.0.7.2 "EsetOnlineScanner" = ESET Online Scanner "EVEREST Home Edition_is1" = EVEREST Home Edition v2.20 "ExtractNow_is1" = ExtractNow "FairUse Wizard 2" = FairUse Wizard 2 "FunlightEditor" = Funlight Editor "GoogleVideoPlayer" = Google Video Player "HijackThis" = HijackThis 2.0.2 "HP Document Viewer" = HP Document Viewer 5.3 "HP Imaging Device Functions" = HP Imaging Device Functions 7.0 "HP Photo & Imaging" = HP Image Zone 5.3 "HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0 "HPExtendedCapabilities" = HP Extended Capabilities 5.3 "HPOCR" = OCR Software by I.R.I.S 7.0 "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "InstallShield_{0A146245-DB79-4197-BF5D-FE1A699A2CC7}" = Canon Camera Window DSLR 5 for ZoomBrowser EX "InstallShield_{14220DB1-DD96-4BCD-B3D5-03A4EA6631C4}" = Canon Utilities RemoteCapture 2.7 "InstallShield_{1DA07BCA-FD11-406E-89A8-5B4496F43FC5}" = EZ Label Xpress Lite "InstallShield_{2F151B50-B434-4838-B51D-70442EBA093E}" = OpenMG Secure Module 4.1.00 "InstallShield_{44E24545-F317-4498-B7CD-240DE7BA8DE2}" = Canon RAW Image Task for ZoomBrowser EX "InstallShield_{4DBBF091-FACD-422C-B43C-786335BD5398}" = Canon MovieEdit Task for ZoomBrowser EX "InstallShield_{50E25180-3BDC-4B6D-80A2-3F1F0C9CF39D}" = Canon Camera Window DC_DV 6 for ZoomBrowser EX "InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PowerQuest PartitionMagic 8.0 Demo "InstallShield_{6C3A75A6-9A90-44A3-A703-82AC1EA6A85D}" = Canon Camera Window MC 6 for ZoomBrowser EX "InstallShield_{901F8ED7-13E8-43EF-B738-2FE89B0588EB}" = Canon Camera Access Library "InstallShield_{A1D0D14A-B776-4907-BC00-5149F2298086}" = Canon Camera Support Core Library "InstallShield_{A2EB8F2E-6D9B-4F8B-96EB-F976D33F416F}" = Canon Camera Window DC_DV 5 for ZoomBrowser EX "InterActual Player" = InterActual Player "KeePass Password Safe_is1" = KeePass Password Safe 1.09 "LimeWire" = LimeWire 4.18.8 "LiveUpdate" = LiveUpdate 2.0 (Symantec Corporation) "Manuel d'utilisation de Creative WebCam Instant French" = Manuel d'utilisation de Creative WebCam Instant (Français) "MetaProducts Offline Explorer Enterprise" = MetaProducts Offline Explorer Enterprise "MExplorer" = M-Explorer "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 2.0 Language Pack - FRA" = Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA "Microsoft .NET Framework 3.0 French Language Pack" = Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0 "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "MSN Toolbar" = Barre d'outils MSN "MSNINST" = MSN "Nero - Burning Rom!UninstallKey" = Nero OEM "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "OpenMG HotFix4.1-05-13-31-01" = OpenMG Limited Patch 4.1-05-13-31-01 "PartyPokerNet" = PartyPokerNet "PhotoRecord" = Canon PhotoRecord "Picasa2" = Picasa 2 "PROSet" = Intel® PRO Network Connections Drivers "R for Windows 2.7.2_is1" = R for Windows 2.7.2 "R for Windows_is1" = R for Windows 2.2.1 "RealPlayer 6.0" = RealPlayer "RegistryBooster 2_is1" = Uniblue RegistryBooster 2 "Satellite Antenna Alignment_is1" = Satellite Antenna Alignment v2.37.2 "SereneScreen Marine Aquarium 2 + Time" = SereneScreen Marine Aquarium 2 + Time "ShalSoft.TribalWeb.net_is1" = TribalWeb.net "SopCast" = SopCast 1.1.1 "ST6UNST #1" = 500 From Special K Software "SUPER ©" = SUPER © Version 2007.bld.21 (Jan 4, 2007) "ViewpointMediaPlayer" = Viewpoint Media Player "VLC media player" = VideoLAN VLC media player 0.8.4 "VSO DivxToDVD_is1" = DivxToDVD 0.5.2 "Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 "Weather Services" = Weather Services "WIC" = Windows Imaging Component "WinAce Archiver" = WinAce Archiver "Winamp" = Winamp (remove only) "Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Lecteur Windows Media 11 "Windows XP Service" = Windows XP Service Pack 3 "WinRAR archiver" = Archiveur WinRAR "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 "Yahoo! Companion" = Yahoo! Toolbar "Yahoo! Toolbar" = Yahoo! Toolbar ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "BitTorrent" = BitTorrent "MétéoIMédia" = MétéoIMédia ========== Last 10 Event Log Errors ========== [ Antivirus Events ] Error - 2008-10-14 20:13:07 \| Computer Name = PIERREDELL \| Source = avast! \| ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\DOCUMENTS AND SETTINGS\PASCAL\LOCAL SETTINGS\APPLICATION DATA\MICROSOFT\WINDOWS LIVE CONTACTS\PSMITHY43@HOTMAIL.COM\SHADOW\CONTACTCOLL.CACHE failed, 00000005. Error - 2008-10-14 20:13:07 \| Computer Name = PIERREDELL \| Source = avast! \| ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\DOCUMENTS AND SETTINGS\PASCAL\LOCAL SETTINGS\APPLICATION DATA\MICROSOFT\WINDOWS LIVE CONTACTS\PSMITHY43@HOTMAIL.COM\SHADOW\MEMBERS.STG failed, 00000005. Error - 2008-11-21 22:02:48 \| Computer Name = PIERREDELL \| Source = avast! \| ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\DOCUMENTS AND SETTINGS\MARIE\CONTACTS\MARYEVE04@HOTMAIL.COM\CONTACTCOLL.CACHE failed, 00000005. Error - 2009-02-15 20:55:32 \| Computer Name = PIERREDELL \| Source = avast! \| ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\DOCUMENTS AND SETTINGS\PIERRE\APPLICATION DATA\MICROSOFT\INSTALLER\{16BE87BC-69F5-4D36-8CF0-E1CB3ACD5ED3}\1036.MST failed, 00000005. [ Application Events ] Error - 2009-02-12 18:04:25 \| Computer Name = PIERREDELL \| Source = Application Hang \| ID = 1001 Description = Détecteur d'erreurs 1110235319. Error - 2009-02-14 09:28:24 \| Computer Name = PIERREDELL \| Source = Application Error \| ID = 1000 Description = Application défaillante ghosttray.exe, version 9.0.0.2583, module défaillant ghosttray.exe, version 9.0.0.2583, adresse de défaillance 0x00095e87. Error - 2009-02-14 09:28:31 \| Computer Name = PIERREDELL \| Source = Application Error \| ID = 1001 Description = Détecteur d'erreurs 127691310. Error - 2009-02-15 20:49:03 \| Computer Name = PIERREDELL \| Source = Application Error \| ID = 1000 Description = Application défaillante iexplore.exe, version 7.0.6000.16791, module défaillant scnrc.dll, version 1.9.6662.1, adresse de défaillance 0x0003c733. Error - 2009-02-15 20:49:18 \| Computer Name = PIERREDELL \| Source = Application Error \| ID = 1001 Description = Détecteur d'erreurs 1138854429. Error - 2009-02-15 21:53:38 \| Computer Name = PIERREDELL \| Source = crypt32 \| ID = 131080 Description = Échec de la récupération de la mise à jour automatique du numéro de séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> avec l'erreur : A connection with the server could not be established Error - 2009-02-15 21:53:38 \| Computer Name = PIERREDELL \| Source = crypt32 \| ID = 131080 Description = Échec de la récupération de la mise à jour automatique du numéro de séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> avec l'erreur : A connection with the server could not be established Error - 2009-02-15 22:14:25 \| Computer Name = PIERREDELL \| Source = Application Hang \| ID = 1002 Description = Application bloquée TeaTimer.exe, version 1.6.4.26, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. Error - 2009-02-15 23:00:24 \| Computer Name = PIERREDELL \| Source = Application Error \| ID = 1000 Description = Application défaillante teatimer.exe, version 1.6.4.26, module défaillant teatimer.exe, version 1.6.4.26, adresse de défaillance 0x0006e60e. Error - 2009-02-18 21:52:34 \| Computer Name = PIERREDELL \| Source = MsiInstaller \| ID = 11722 Description = Produit : Java™ 6 Update 11 -- Erreur 1722. Un problème s'est produit sur ce package Windows Installer. Un programme exécuté dans le cadre de l'installation ne s'est pas terminé correctement. Contactez votre service de support ou le distributeur du package. Action FilesInUseDialog, emplacement : C:\WINDOWS\Installer\MSI2F1.tmp, commande : C:\Program Files\Java\jre6\ [ System Events ] Error - 2009-02-18 22:03:50 \| Computer Name = PIERREDELL \| Source = Service Control Manager \| ID = 7023 Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126 Error - 2009-02-18 22:03:50 \| Computer Name = PIERREDELL \| Source = Service Control Manager \| ID = 7023 Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126 Error - 2009-02-18 22:03:50 \| Computer Name = PIERREDELL \| Source = Service Control Manager \| ID = 7023 Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126 Error - 2009-02-18 22:03:50 \| Computer Name = PIERREDELL \| Source = Service Control Manager \| ID = 7023 Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126 Error - 2009-02-18 22:03:50 \| Computer Name = PIERREDELL \| Source = Service Control Manager \| ID = 7023 Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126 Error - 2009-02-18 22:03:50 \| Computer Name = PIERREDELL \| Source = Service Control Manager \| ID = 7023 Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126 Error - 2009-02-18 22:03:51 \| Computer Name = PIERREDELL \| Source = Service Control Manager \| ID = 7023 Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126 Error - 2009-02-18 22:03:51 \| Computer Name = PIERREDELL \| Source = Service Control Manager \| ID = 7023 Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126 Error - 2009-02-18 22:03:51 \| Computer Name = PIERREDELL \| Source = Service Control Manager \| ID = 7023 Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126 Error - 2009-02-18 22:03:51 \| Computer Name = PIERREDELL \| Source = Service Control Manager \| ID = 7023 Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126 < End of report >

psm343 View Member Profile	Feb 19 2009, 06:32 AM Post #13
Member Posts: 14 OS: xp	after new HijackThis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 07:22:17, on 2009-02-19 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\UnivLaval\cvpnd.exe C:\WINDOWS\System32\GEARSec.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe C:\WINDOWS\system32\tcpsvcs.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\Pierre\Local Settings\Application Data\Google\Update\GoogleUpdate.exe C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Java\jre6\bin\java.exe C:\Documents and Settings\Pierre\Local Settings\temp\jkos-Pierre\binaries\ScanningProcess.exe C:\Documents and Settings\Pierre\Local Settings\temp\jkos-Pierre\binaries\ScanningProcess.exe C:\WINDOWS\notepad.exe C:\WINDOWS\notepad.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.canoe.ca/accueil.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - (no file) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr-ca\msntb.dll O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr-ca\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file) O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Pierre\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [WeatherEye] C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Universite Laval Client VPN ULaval.lnk = C:\Program Files\UnivLaval\vpngui.exe O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: + Offline &Explorer: Download the link - file://C:\Program Files\Offline Explorer Enterprise\Add_UrlO.htm O8 - Extra context menu item: + Offline E&xplorer: Download the current page - file://C:\Program Files\Offline Explorer Enterprise\Add_AllO.htm O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .csm: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .csml: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .cub: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .cube: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .dx: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .emb: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .embl: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .gau: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .jdx: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .mol: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .mop: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .pdb: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .rxn: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .scr: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .skc: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .spt: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .tgf: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .xyz: C:\Program Files\Internet Explorer\Plugins\npchime.dll O15 - Trusted Zone: http://www.radioenergie.com O16 - DPF: Garmin Communicator Plug-In - https://my.garmin.com/mygarmin/m/GarminAxControl.CAB O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} (MeadCo ScriptX Advanced) - https://www.epost.ca/printing/smsx.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.4.3.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} (DeviceEnum Class) - http://h30155.www3.hp.com/ediags/dd/instal...nosticsxp2k.cab O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/Facebo...toUploader3.cab O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.jiwix.com/aurigma/imageuploader...geUploader5.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase6662.cab O16 - DPF: {68A2C3BD-7809-11D3-8ACF-0050046F2F9A} (AXELPlayer Class) - http://www.mindavenue.com/Downloads/AXELPlayerAX_Win32.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1191623643296 O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} - http://pix.futureshop.ca/fr/ImageUploader4.cab O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichier...ion_2_0_4_9.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {A93B47FD-9BF6-4DA8-97FC-9270B9D64A6C} - http://www.4xem.com/downloads/cab/WLPTG/h263ctrl.cab O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Plug-in 1.5.0_06) - O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} (Java Plug-in 1.5.0_09) - O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} (Java Plug-in 1.5.0_10) - O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} (Java Plug-in 1.5.0_11) - O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} (Java Plug-in 1.6.0_01) - O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} (Java Plug-in 1.6.0_03) - O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} (Java Plug-in 1.6.0_05) - O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} (Java Plug-in 1.6.0_07) - O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} (Java Plug-in 1.6.0_11) - O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab O16 - DPF: {D1D98C0F-A339-42AB-BD5F-EA0FF5D0E65F} (RockYou Image Uploader Control) - http://www.rockyou.com/RockYouImageUploader.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C1} - http://67.15.101.3/g_bin/eng/billard8_2_0_0_24.cab O18 - Protocol: intu-ir2007 - {52BAEC6B-9405-46F9-A131-6D50720A3CC4} - C:\Program Files\ImpotRapide 2007\ic2007pp.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\UnivLaval\cvpnd.exe O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxLiveShare.exe O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCom\RoxUpnpRenderer.exe O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe -- End of file - 16985 bytes

handhfan View Member Profile	Feb 19 2009, 10:41 AM Post #14
GeekU Moderator Posts: 8,651 From: Massachusetts OS: Windows XP Pro, Windows 7 Pro 64- and 32-bit; Virtual PC	Please re-open HiJackThis and scan. Check the boxes next to all the entries listed below. O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O3 - Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file) Now close all windows other than HiJackThis, then click Fix Checked. Close HiJackThis. Please post a new HijackThis log. Is your computer running better now?

psm343 View Member Profile	Feb 19 2009, 05:47 PM Post #15
Member Posts: 14 OS: xp	After Fix Checked Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:42:35, on 2009-02-19 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\UnivLaval\cvpnd.exe C:\WINDOWS\System32\GEARSec.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe C:\WINDOWS\system32\tcpsvcs.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\Pierre\Local Settings\Application Data\Google\Update\GoogleUpdate.exe C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.canoe.ca/accueil.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - (no file) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr-ca\msntb.dll O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr-ca\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Pierre\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [WeatherEye] C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye.exe O4 - HKUS\S-1-5-21-656630978-2109668801-1941713988-1007\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Pascal') O4 - HKUS\S-1-5-21-656630978-2109668801-1941713988-1007\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Pascal') O4 - HKUS\S-1-5-21-656630978-2109668801-1941713988-1007\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (User 'Pascal') O4 - HKUS\S-1-5-21-656630978-2109668801-1941713988-1007\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1 (User 'Pascal') O4 - HKUS\S-1-5-21-656630978-2109668801-1941713988-1007\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe" (User 'Pascal') O4 - HKUS\S-1-5-21-656630978-2109668801-1941713988-1008\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Marie') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Universite Laval Client VPN ULaval.lnk = C:\Program Files\UnivLaval\vpngui.exe O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: + Offline &Explorer: Download the link - file://C:\Program Files\Offline Explorer Enterprise\Add_UrlO.htm O8 - Extra context menu item: + Offline E&xplorer: Download the current page - file://C:\Program Files\Offline Explorer Enterprise\Add_AllO.htm O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .csm: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .csml: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .cub: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .cube: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .dx: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .emb: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .embl: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .gau: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .jdx: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .mol: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .mop: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .pdb: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .rxn: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .scr: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .skc: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .spt: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .tgf: C:\Program Files\Internet Explorer\Plugins\npchime.dll O12 - Plugin for .xyz: C:\Program Files\Internet Explorer\Plugins\npchime.dll O15 - Trusted Zone: http://www.radioenergie.com O16 - DPF: Garmin Communicator Plug-In - https://my.garmin.com/mygarmin/m/GarminAxControl.CAB O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} (MeadCo ScriptX Advanced) - https://www.epost.ca/printing/smsx.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.4.3.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} (DeviceEnum Class) - http://h30155.www3.hp.com/ediags/dd/instal...nosticsxp2k.cab O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/Facebo...toUploader3.cab O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.jiwix.com/aurigma/imageuploader...geUploader5.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase6662.cab O16 - DPF: {68A2C3BD-7809-11D3-8ACF-0050046F2F9A} (AXELPlayer Class) - http://www.mindavenue.com/Downloads/AXELPlayerAX_Win32.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1191623643296 O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} - http://pix.futureshop.ca/fr/ImageUploader4.cab O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichier...ion_2_0_4_9.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {A93B47FD-9BF6-4DA8-97FC-9270B9D64A6C} - http://www.4xem.com/downloads/cab/WLPTG/h263ctrl.cab O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Plug-in 1.5.0_06) - O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} (Java Plug-in 1.5.0_09) - O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} (Java Plug-in 1.5.0_10) - O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} (Java Plug-in 1.5.0_11) - O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} (Java Plug-in 1.6.0_01) - O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} (Java Plug-in 1.6.0_03) - O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} (Java Plug-in 1.6.0_05) - O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} (Java Plug-in 1.6.0_07) - O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} (Java Plug-in 1.6.0_11) - O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab O16 - DPF: {D1D98C0F-A339-42AB-BD5F-EA0FF5D0E65F} (RockYou Image Uploader Control) - http://www.rockyou.com/RockYouImageUploader.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C1} - http://67.15.101.3/g_bin/eng/billard8_2_0_0_24.cab O18 - Protocol: intu-ir2007 - {52BAEC6B-9405-46F9-A131-6D50720A3CC4} - C:\Program Files\ImpotRapide 2007\ic2007pp.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\UnivLaval\cvpnd.exe O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxLiveShare.exe O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCom\RoxUpnpRenderer.exe O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe -- End of file - 17223 bytes

« Next Oldest · Virus, Spyware and Trojan Removal · Next Newest »

2 Pages

1 2 >

1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)

0 Members:

Topic Title	Replies / Views	Topic Information
Virus, Spyware and Trojan Removal Trojan:Win32/Vundo.gen!G [Solved] 12	19 / 1,320	15th April 2009 - 01:57 AM sellic67 started - last by heir
Virus, Spyware and Trojan Removal Trojan:Win32/Vundo.gen!G problem [Solved]	6 / 455	28th July 2009 - 09:56 PM The Boy Wonder started - last by JSntgRvr
Virus, Spyware and Trojan Removal Can I remove Trojan:Win32/Alureon.gen!U? [Solved] 1234	58 / 1,026	11th November 2009 - 05:39 AM lefthandblack started - last by heir
Virus, Spyware and Trojan Removal How do I remove Trojan:Win32/Alureon.gen!U?	0 / 94	4th November 2009 - 02:32 AM hakimishere started - last by hakimishere