Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Blue screens, mostly while using MS products on my laptop


  • Please log in to reply

#1
ChuckBC

ChuckBC

    New Member

  • Member
  • Pip
  • 4 posts
Hello,

2nd time I've used this service.
I have followed all the instructions (with great frustrations, as the computer would crash often (Blue screens, error messages, etc.) but I have managed to get through the list of tasks to run. (Malware and Spyware Cleaning Guide, Please read before starting a new topic)

My laptop is relatively new (October 2008). Acer aspire 4520 running under XP. I was running very well until about a week ago.
Some of the blue screens appear right as the computer starts.
CHKDSK runs very often.

Some malwares and viruses have been caught and eliminated.

Here is the Malwarebytes log
Malwarebytes' Anti-Malware 1.38
Version de la base de données: 2307
Windows 5.1.2600 Service Pack 3

2009-06-19 08:58:33
mbam-log-2009-06-19 (08-58-21).txt

Type de recherche: Examen rapide
Eléments examinés: 89614
Temps écoulé: 1 minute(s), 31 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> No action taken.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)


Here is the OTL log

OTL logfile created on: 2009-06-19 15:57:03 - Run 1
OTL by OldTimer - Version 2.1.1.0 Folder = C:\HiJackThis
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

1,75 Gb Total Physical Memory | 1,24 Gb Available Physical Memory | 70,97% Memory free
3,60 Gb Paging File | 3,17 Gb Available in Paging File | 88,08% Paging File free
Paging file location(s): D:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 69,77 Gb Total Space | 14,88 Gb Free Space | 21,32% Space Free | Partition Type: NTFS
Drive D: | 69,52 Gb Total Space | 6,32 Gb Free Space | 9,09% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: CHIP
Current User Name: Chip Corbeil
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - [2007-04-01 10:02:36 | 00,273,256 | ---- | M] (Broadcom Corporation.) -- D:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
PRC - [2009-02-05 16:01:25 | 00,018,752 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009-02-05 16:08:40 | 00,138,680 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2008-04-13 22:34:03 | 01,037,824 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\Explorer.EXE
PRC - [2009-02-05 16:08:45 | 00,081,000 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2008-11-01 03:04:25 | 00,860,160 | ---- | M] (Synaptics, Inc.) -- D:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2009-04-20 12:07:26 | 00,337,216 | ---- | M] (BillP Studios) -- D:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
PRC - [2008-11-01 02:00:21 | 00,009,216 | ---- | M] (Agere Systems) -- D:\WINDOWS\system32\agrsmsvc.exe
PRC - [2009-03-09 05:19:15 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2003-06-20 00:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
PRC - [2007-07-12 14:54:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- D:\WINDOWS\system32\nvsvc32.exe
PRC - [2007-09-20 20:20:26 | 00,028,672 | ---- | M] (Adobe Systems) -- D:\Program Files\Adobe\RoboSource Control 3\RSO3MiddleTierService.exe
PRC - [2009-05-19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2004-12-04 02:06:14 | 00,106,496 | ---- | M] () -- D:\Program Files\M-Audio Uno\UnoInst.exe
PRC - [2008-09-08 12:10:20 | 00,450,560 | ---- | M] () -- D:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
PRC - [2008-09-08 12:09:40 | 00,184,320 | ---- | M] () -- D:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
PRC - [2009-02-05 16:08:26 | 00,254,040 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009-02-05 16:06:04 | 00,352,920 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009-02-06 06:10:02 | 00,227,840 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2009-03-08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009-03-08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009-02-06 18:21:00 | 00,224,632 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Windows Live\Toolbar\wltuser.exe
PRC - [2009-03-08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009-06-19 15:56:55 | 00,501,760 | ---- | M] (OldTimer Tools) -- C:\HiJackThis\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2008-11-01 02:00:21 | 00,009,216 | ---- | M] (Agere Systems) -- D:\WINDOWS\system32\agrsmsvc.exe -- (AgereModemAudio [Auto | Running])
SRV - [2008-07-25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2009-02-05 16:01:25 | 00,018,752 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])
SRV - [2009-02-05 16:08:40 | 00,138,680 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])
SRV - [2009-02-05 16:08:26 | 00,254,040 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running])
SRV - [2009-02-05 16:06:04 | 00,352,920 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running])
SRV - [2007-04-01 10:02:36 | 00,273,256 | ---- | M] (Broadcom Corporation.) -- D:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe -- (btwdins [Auto | Running])
SRV - [2008-07-25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2005-11-17 15:18:52 | 01,527,900 | ---- | M] (MAGIX®) -- D:\Program Files\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance [On_Demand | Stopped])
SRV - [2009-02-17 10:10:11 | 00,655,624 | ---- | M] (Acresso Software Inc.) -- D:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
SRV - [2008-07-29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2008-09-08 12:10:20 | 00,450,560 | ---- | M] () -- D:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM) [Auto | Running])
SRV - [2009-02-06 18:08:58 | 00,533,360 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc [On_Demand | Stopped])
SRV - [2008-04-13 22:33:38 | 00,038,400 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2008-07-29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2009-03-09 05:19:15 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2003-06-20 00:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM [Auto | Running])
SRV - [2008-07-29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2008-09-08 12:09:40 | 00,184,320 | ---- | M] () -- D:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp [Auto | Running])
SRV - [2007-07-12 14:54:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- D:\WINDOWS\system32\nvsvc32.exe -- (NVSvc [Auto | Running])
SRV - [2003-07-28 21:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2007-09-20 20:20:26 | 00,028,672 | ---- | M] (Adobe Systems) -- D:\Program Files\Adobe\RoboSource Control 3\RSO3MiddleTierService.exe -- (RSO3MiddleTierService [Auto | Running])
SRV - [2009-05-19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort [Auto | Running])
SRV - [2004-12-04 02:06:14 | 00,106,496 | ---- | M] () -- D:\Program Files\M-Audio Uno\UnoInst.exe -- (UnoInstallerService [Auto | Running])
SRV - [2006-11-03 09:59:14 | 00,918,016 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2009-02-05 16:05:11 | 00,026,944 | ---- | M] (ALWIL Software) -- D:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4 [System | Running])
DRV - [2008-11-01 02:00:21 | 01,163,616 | ---- | M] (Agere Systems) -- D:\WINDOWS\system32\DRIVERS\AGRSM.sys -- (AgereSoftModem [On_Demand | Running])
DRV - [2007-04-16 21:46:00 | 00,033,792 | ---- | M] (Advanced Micro Devices) -- D:\WINDOWS\system32\DRIVERS\AmdPPM.sys -- (AmdPPM [System | Running])
DRV - [2005-02-01 21:11:29 | 00,018,048 | ---- | M] (SlySoft, Inc.) -- D:\WINDOWS\System32\Drivers\AnyDVD.sys -- (AnyDVD [On_Demand | Running])
DRV - [2007-07-26 14:19:24 | 00,547,904 | ---- | M] (Atheros Communications, Inc.) -- D:\WINDOWS\system32\DRIVERS\ar5211.sys -- (AR5211 [On_Demand | Stopped])
DRV - [2008-08-14 09:54:18 | 01,318,464 | ---- | M] (Atheros Communications, Inc.) -- D:\WINDOWS\system32\DRIVERS\athw.sys -- (AR5416 [On_Demand | Running])
DRV - [1997-12-09 02:32:00 | 00,003,616 | ---- | M] () -- D:\WINDOWS\System32\drivers\as6eio.sys -- (as6eio [System | Running])
DRV - [2009-02-05 16:07:12 | 00,020,560 | ---- | M] (ALWIL Software) -- D:\WINDOWS\system32\DRIVERS\aswFsBlk.sys -- (aswFsBlk [Auto | Running])
DRV - [2009-02-05 16:08:10 | 00,094,032 | ---- | M] (ALWIL Software) -- D:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2 [Auto | Running])
DRV - [2009-02-05 16:06:10 | 00,023,152 | ---- | M] (ALWIL Software) -- D:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Running])
DRV - [2009-02-05 16:07:23 | 00,114,768 | ---- | M] (ALWIL Software) -- D:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP [System | Running])
DRV - [2009-02-05 16:06:20 | 00,051,376 | ---- | M] (ALWIL Software) -- D:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi [System | Running])
DRV - [2007-05-07 15:16:00 | 00,705,024 | ---- | M] (Atheros Communications, Inc.) -- D:\WINDOWS\system32\DRIVERS\athr.sys -- (athr [On_Demand | Stopped])
DRV - [2008-11-01 03:22:36 | 00,539,072 | ---- | M] (Broadcom Corporation.) -- D:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio [On_Demand | Running])
DRV - [2008-11-01 03:22:37 | 00,037,424 | ---- | M] (Broadcom Corporation.) -- D:\WINDOWS\system32\DRIVERS\btport.sys -- (BTDriver [On_Demand | Running])
DRV - [2008-11-01 03:22:37 | 00,876,384 | ---- | M] (Broadcom Corporation.) -- D:\WINDOWS\system32\DRIVERS\btkrnl.sys -- (BTKRNL [On_Demand | Running])
DRV - [2008-11-01 03:22:38 | 00,149,123 | ---- | M] (Broadcom Corporation.) -- D:\WINDOWS\system32\DRIVERS\btwdndis.sys -- (BTWDNDIS [On_Demand | Stopped])
DRV - [2008-11-01 03:22:38 | 00,055,352 | ---- | M] (Broadcom Corporation.) -- D:\WINDOWS\system32\DRIVERS\btwhid.sys -- (btwhid [On_Demand | Stopped])
DRV - [2005-01-01 21:07:05 | 00,009,728 | ---- | M] (Elaborate Bytes AG) -- D:\WINDOWS\System32\Drivers\ElbyCDIO.sys -- (ElbyCDIO [Auto | Running])
DRV - [2004-10-20 17:50:52 | 00,021,984 | ---- | M] (Evolution Electronics Ltd.) -- D:\WINDOWS\system32\drivers\evolusb.sys -- (EVOLUSB [On_Demand | Stopped])
DRV - [2009-02-06 18:08:42 | 00,055,152 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys -- (fssfltr [Auto | Running])
DRV - [2000-03-31 09:52:00 | 00,016,892 | R--- | M] (Grand Tech Corp.) -- D:\WINDOWS\System32\Drivers\GT680x.SYS -- (GT680x [Auto | Stopped])
DRV - [2008-04-13 12:36:05 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) -- D:\WINDOWS\system32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2008-11-01 01:17:19 | 04,424,192 | ---- | M] (Realtek Semiconductor Corp.) -- D:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2007-01-26 22:09:40 | 00,068,954 | ---- | M] (Windows ® 2000 DDK provider) -- D:\WINDOWS\System32\Drivers\jl2005c.sys -- (JL2005C [On_Demand | Stopped])
DRV - [2008-10-09 15:42:42 | 00,017,408 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- D:\WINDOWS\system32\DRIVERS\KMWDFILTER.sys -- (KMWDFILTER [On_Demand | Running])
DRV - [2009-06-17 11:27:56 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- D:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy [On_Demand | Stopped])
DRV - [2007-07-12 14:52:00 | 06,342,464 | ---- | M] (NVIDIA Corporation) -- D:\WINDOWS\system32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])
DRV - [2008-08-01 12:36:00 | 00,054,784 | ---- | M] (NVIDIA Corporation) -- D:\WINDOWS\system32\DRIVERS\NVENETFD.sys -- (NVENETFD [On_Demand | Running])
DRV - [2008-08-01 12:36:00 | 00,022,016 | ---- | M] (NVIDIA Corporation) -- D:\WINDOWS\system32\DRIVERS\nvnetbus.sys -- (nvnetbus [On_Demand | Running])
DRV - [2008-08-25 04:22:00 | 00,014,208 | ---- | M] (NVIDIA Corporation) -- D:\WINDOWS\system32\DRIVERS\nvsmu.sys -- (nvsmu [On_Demand | Running])
DRV - [2002-09-27 10:36:36 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- D:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2007-02-24 15:42:22 | 00,039,936 | ---- | M] (REDC) -- D:\WINDOWS\system32\DRIVERS\rimmptsk.sys -- (rimmptsk [Auto | Running])
DRV - [2007-01-23 17:40:20 | 00,042,496 | ---- | M] (REDC) -- D:\WINDOWS\system32\DRIVERS\rimsptsk.sys -- (rimsptsk [Auto | Running])
DRV - [2007-03-21 23:02:04 | 00,037,376 | ---- | M] (REDC) -- D:\WINDOWS\system32\DRIVERS\rixdptsk.sys -- (rismxdp [Auto | Running])
DRV - [2008-04-13 12:39:15 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- D:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2008-11-01 03:04:25 | 00,208,064 | ---- | M] (Synaptics, Inc.) -- D:\WINDOWS\system32\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running])
DRV - [2008-04-13 14:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Stopped])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = D:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = D:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - URLSearchHook: - Reg Error: Key error. File not found
IE - URLSearchHook: {85c1dd6e-1181-41f2-9ab2-79d5f46f491b} - D:\Program Files\La barre d'outils AIR MILES\Helper.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Yahoo Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:blank"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {8708ccbb-d7b0-4724-b0f6-379962b7d796}:1.300.199
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.5
FF - prefs.js..keyword.URL: "http://search.freeca...h.yahoo.com&p="

FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: D:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2008-11-01 23:29:45 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: D:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2009-06-19 13:40:25 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.5\extensions\\Components: D:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009-04-15 09:34:59 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.5\extensions\\Plugins: D:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009-04-29 23:58:35 | 00,000,000 | ---D | M]

[2008-12-29 23:54:34 | 00,000,000 | ---D | M] -- D:\Documents and Settings\Chip Corbeil\Application Data\mozilla\Extensions
[2008-12-29 23:54:34 | 00,000,000 | ---D | M] -- D:\Documents and Settings\Chip Corbeil\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009-06-19 08:18:56 | 00,000,000 | ---D | M] -- D:\Documents and Settings\Chip Corbeil\Application Data\mozilla\Firefox\Profiles\mhpl6uvp.default\extensions
[2009-04-24 08:47:08 | 00,000,000 | ---D | M] -- D:\Documents and Settings\Chip Corbeil\Application Data\mozilla\Firefox\Profiles\mhpl6uvp.default\extensions\{8708ccbb-d7b0-4724-b0f6-379962b7d796}
[2009-04-24 08:47:12 | 00,000,655 | ---- | M] () -- D:\Documents and Settings\Chip Corbeil\Application Data\Mozilla\FireFox\Profiles\mhpl6uvp.default\searchplugins\yahoo-search.xml
[2009-06-18 12:45:57 | 00,000,000 | ---D | M] -- D:\Program Files\mozilla firefox\extensions
[2008-12-29 23:54:24 | 00,000,000 | ---D | M] -- D:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009-04-29 23:58:36 | 00,000,000 | ---D | M] -- D:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2008-12-02 17:38:23 | 00,023,032 | ---- | M] (Mozilla Foundation) -- D:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2008-12-02 17:38:24 | 00,134,648 | ---- | M] (Mozilla Foundation) -- D:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2006-09-10 07:35:08 | 00,001,516 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2008-09-28 03:10:26 | 00,000,757 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2008-04-16 00:08:20 | 00,001,706 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\google.xml
[2006-09-10 07:35:08 | 00,000,748 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\MediaDICO-fr.xml
[2008-03-29 09:59:44 | 00,001,426 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2006-09-12 14:49:04 | 00,000,652 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: (27 bytes) - D:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - Reg Error: Key error. File not found
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - D:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Freecause Toolbar BHO) - {76A20DB7-AAD4-4EFD-AE21-57811E5E49E4} - D:\Program Files\La barre d'outils AIR MILES\Toolbar.dll ()
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - D:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - D:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKLM\..\Toolbar: (La barre d'outils AIR MILES) - {DC7A75BF-581D-4675-BDCB-D1B35116EB49} - D:\Program Files\La barre d'outils AIR MILES\Toolbar.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - D:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {DC7A75BF-581D-4675-BDCB-D1B35116EB49} - D:\Program Files\La barre d'outils AIR MILES\Toolbar.dll ()
O4 - HKLM..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [NeroCheck] D:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] nwiz.exe /install File not found
O4 - HKLM..\Run: [SynTPEnh] D:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [WinPatrol] D:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot (BillP Studios)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 (Microsoft Corporation)
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - D:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - D:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - D:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - D:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - D:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - D:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - D:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - D:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - D:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - D:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - D:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - D:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - D:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - D:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - D:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - D:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - D:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - D:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - D:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - D:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - D:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - D:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - D:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - D:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} http://www.nvidia.co.../sysreqlab3.cab (System Requirements Lab Class)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail....es/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1230392265234 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} http://ax.emsisoft.com/asquared.cab (a-squared Scanner)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - D:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - D:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\intu-ir2007 {52BAEC6B-9405-46f9-A131-6D50720A3CC4} - D:\Program Files\ImpotRapide 2007\ic2007pp.dll (Intuit Canada, a general partnership/une société en nom collectif.)
O18 - Protocol\Handler\intu-ir2008 {729D3592-92E7-4cbc-8E44-3C22B3F457B3} - D:\Program Files\ImpotRapide 2008\ic2008pp.dll (Intuit Canada, a general partnership/une société en nom collectif.)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - D:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - D:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - D:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - D:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - D:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - D:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - D:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\Explorer.exe (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 17:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{789325cc-19e2-11de-98ae-001e6882cbbe}\Shell\AutoRun\command - "" = F:\rcaeasyrip_setup.exe -- File not found
O33 - MountPoints2\{789325cc-19e2-11de-98ae-001e6882cbbe}\Shell\install\command - "" = F:\rcaeasyrip_setup.exe -- File not found
O33 - MountPoints2\{789325cc-19e2-11de-98ae-001e6882cbbe}\Shell\usermanualEnglish\command - "" = F:\rcaeasyrip_setup.exe -- File not found
O33 - MountPoints2\{789325cc-19e2-11de-98ae-001e6882cbbe}\Shell\usermanualFrench\command - "" = F:\rcaeasyrip_setup.exe -- File not found
O33 - MountPoints2\{789325cc-19e2-11de-98ae-001e6882cbbe}\Shell\usermanualSpanish\command - "" = F:\rcaeasyrip_setup.exe -- File not found
O33 - MountPoints2\{acb78e0c-ea96-11dd-9822-001e6882cbbe}\Shell\AutoRun\command - "" = F:\rcaeasyrip_setup.exe -- File not found
O33 - MountPoints2\{acb78e0c-ea96-11dd-9822-001e6882cbbe}\Shell\install\command - "" = F:\rcaeasyrip_setup.exe -- File not found
O33 - MountPoints2\{acb78e0c-ea96-11dd-9822-001e6882cbbe}\Shell\usermanualEnglish\command - "" = F:\rcaeasyrip_setup.exe -- File not found
O33 - MountPoints2\{acb78e0c-ea96-11dd-9822-001e6882cbbe}\Shell\usermanualFrench\command - "" = F:\rcaeasyrip_setup.exe -- File not found
O33 - MountPoints2\{acb78e0c-ea96-11dd-9822-001e6882cbbe}\Shell\usermanualSpanish\command - "" = F:\rcaeasyrip_setup.exe -- File not found
O33 - MountPoints2\{f790581a-4d28-11de-9909-001e6882cbbe}\Shell\AutoRun\command - "" = F:\rcaeasyrip_setup.exe -- File not found
O33 - MountPoints2\{f790581a-4d28-11de-9909-001e6882cbbe}\Shell\install\command - "" = F:\rcaeasyrip_setup.exe -- File not found
O33 - MountPoints2\{f790581a-4d28-11de-9909-001e6882cbbe}\Shell\usermanualEnglish\command - "" = F:\rcaeasyrip_setup.exe -- File not found
O33 - MountPoints2\{f790581a-4d28-11de-9909-001e6882cbbe}\Shell\usermanualFrench\command - "" = F:\rcaeasyrip_setup.exe -- File not found
O33 - MountPoints2\{f790581a-4d28-11de-9909-001e6882cbbe}\Shell\usermanualSpanish\command - "" = F:\rcaeasyrip_setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - D:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - * [2009-06-19 08:30:03 | 00,000,000 | ---D | M]

========== Files/Folders - Created Within 30 Days ==========

[3 D:\WINDOWS\System32\*.tmp files]
[2009-06-19 15:55:10 | 00,000,000 | ---D | C] -- D:\Rooter$
[2009-06-19 13:56:08 | 01,089,883 | ---- | C] () -- D:\WINDOWS\System32\dllcache\ntprint.cat
[2009-06-19 13:39:27 | 00,000,000 | ---D | C] -- D:\WINDOWS\System32\XPSViewer
[2009-06-19 13:39:19 | 00,000,000 | ---D | C] -- D:\Program Files\MSBuild
[2009-06-19 13:39:16 | 00,000,000 | ---D | C] -- D:\WINDOWS\System32\en-US
[2009-06-19 13:39:06 | 00,000,000 | ---D | C] -- D:\Program Files\Reference Assemblies
[2009-06-19 13:38:32 | 00,597,504 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2009-06-19 13:38:32 | 00,117,760 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\prntvpt.dll
[2009-06-19 13:38:32 | 00,089,088 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2009-06-19 13:38:31 | 01,676,288 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\xpssvcs.dll
[2009-06-19 13:38:31 | 01,676,288 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\xpssvcs.dll
[2009-06-19 13:38:31 | 00,575,488 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\xpsshhdr.dll
[2009-06-19 13:38:31 | 00,575,488 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2009-06-19 13:33:34 | 00,000,000 | ---D | C] -- D:\WINDOWS\System32\windowspowershell
[2009-06-19 13:31:51 | 00,000,000 | ---D | C] -- D:\WINDOWS\System32\GroupPolicy
[2009-06-19 13:31:51 | 00,000,000 | ---D | C] -- D:\Program Files\Windows Desktop Search
[2009-06-19 13:31:14 | 00,192,000 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\offfilt.dll
[2009-06-19 13:31:14 | 00,098,304 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\nlhtml.dll
[2009-06-19 13:31:14 | 00,029,696 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mimefilt.dll
[2009-06-19 13:31:06 | 00,016,928 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\spmsg.dll
[2009-06-19 13:30:37 | 00,000,000 | ---D | C] -- D:\Program Files\Windows Media Connect 2
[2009-06-19 13:16:47 | 00,000,000 | -HSD | C] -- D:\Config.Msi
[2009-06-19 13:03:29 | 00,012,800 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\xpshims.dll
[2009-06-19 13:03:28 | 00,246,272 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ieproxy.dll
[2009-06-18 12:52:55 | 00,000,000 | ---D | C] -- D:\WINDOWS\ie8updates
[2009-06-18 12:50:22 | 00,000,000 | -H-D | C] -- D:\WINDOWS\ie8
[2009-06-18 12:49:32 | 00,102,912 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iecompat.dll
[2009-06-18 07:21:11 | 00,864,642 | ---- | C] () -- D:\Documents and Settings\Chip Corbeil\Bureau\CP-G-0606-StJohninCanadaToday_Spring2006-F-N.pdf
[2009-06-15 10:47:47 | 00,851,317 | ---- | C] () -- D:\Documents and Settings\Chip Corbeil\Bureau\06565_09-IGA-Collector-coupons_F_2.pdf
[2009-06-15 09:29:26 | 00,000,000 | ---D | C] -- D:\WINDOWS\Minidump
[2009-06-15 09:18:20 | 06,009,840 | ---- | C] (Glarysoft Ltd ) -- D:\Documents and Settings\Chip Corbeil\Bureau\gusetupnew.exe
[2009-06-12 21:32:50 | 00,305,987 | ---- | C] () -- D:\Documents and Settings\Chip Corbeil\Bureau\Regl_1347TarifsApplicablesBiensServices.pdf
[2009-06-12 15:03:01 | 00,000,000 | ---D | C] -- D:\Documents and Settings\Chip Corbeil\Bureau\PG Bal 2008
[2009-06-08 15:53:44 | 00,000,697 | ---- | C] () -- D:\Documents and Settings\All Users\Bureau\Digital Photo Resizer.lnk
[2009-06-08 15:53:44 | 00,000,000 | ---D | C] -- D:\Program Files\Icegiant Software
[2009-06-08 15:44:47 | 00,000,000 | ---D | C] -- D:\Program Files\A.F.5 Rename your files 1.1
[2009-06-08 15:17:05 | 00,000,000 | ---D | C] -- D:\Documents and Settings\Chip Corbeil\Bureau\Micheline
[2009-06-08 15:06:21 | 00,288,768 | ---- | C] () -- D:\Documents and Settings\Chip Corbeil\Bureau\Attention Ours.doc
[2009-06-02 17:51:36 | 00,000,000 | ---D | C] -- D:\Program Files\La barre d'outils AIR MILES
[2009-06-01 20:32:11 | 00,053,090 | ---- | C] () -- D:\Documents and Settings\Chip Corbeil\Bureau\bradford pear tree.jpg
[2009-05-30 16:22:21 | 00,014,720 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\drivers\kbdhid.sys
[2009-05-30 16:22:21 | 00,014,720 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdhid.sys
[2009-05-29 10:43:59 | 00,000,000 | ---D | C] -- D:\Documents and Settings\Chip Corbeil\Mes documents\Leawo
[2009-05-29 10:43:59 | 00,000,000 | ---D | C] -- D:\Documents and Settings\Chip Corbeil\Application Data\Leawo
[2009-05-29 10:43:00 | 00,000,000 | ---D | C] -- D:\Program Files\Leawo
[2009-05-29 10:23:25 | 00,139,264 | ---- | C] () -- D:\WINDOWS\System32\xvidvfw.dll
[2009-05-29 10:23:24 | 00,139,264 | ---- | C] (http://www.xvid.org) -- D:\WINDOWS\System32\xvid.ax
[2009-05-29 10:23:22 | 00,000,000 | ---D | C] -- D:\Program Files\Plato DVD Ripper Professional
[2009-05-29 10:04:39 | 00,000,754 | ---- | C] () -- D:\Documents and Settings\Chip Corbeil\Bureau\OSS Audio MP3 Player.lnk
[2009-05-29 10:04:39 | 00,000,749 | ---- | C] () -- D:\Documents and Settings\Chip Corbeil\Bureau\OSS Audio CD Ripper.lnk
[2009-05-29 10:04:35 | 00,000,000 | ---D | C] -- D:\Program Files\OSS
[2009-05-28 14:22:08 | 02,948,608 | ---- | C] () -- D:\Documents and Settings\Chip Corbeil\Bureau\karaokelistecomplete.xls
[2009-05-24 15:13:58 | 00,010,897 | ---- | C] () -- D:\Documents and Settings\Chip Corbeil\Bureau\bass_vincent.jpg
[2009-05-20 17:11:07 | 02,804,924 | ---- | C] () -- D:\Documents and Settings\Chip Corbeil\Bureau\PlanchersFragilesInstrumental.mp3
[2009-05-20 17:10:56 | 00,376,552 | ---- | C] () -- D:\Documents and Settings\Chip Corbeil\Bureau\PlanchersFragilesInstrumental.pk
[2009-05-20 17:10:53 | 07,774,806 | ---- | C] () -- D:\Documents and Settings\Chip Corbeil\Bureau\PlanchersFragilesInstrumental2.wav
[2009-05-17 19:19:44 | 00,001,065 | ---- | C] () -- D:\WINDOWS\winamp.ini
[2009-05-16 17:00:11 | 00,000,028 | ---- | C] () -- D:\WINDOWS\Robota.INI
[2009-05-16 16:58:18 | 00,053,248 | ---- | C] () -- D:\WINDOWS\System32\mgxasio2.dll
[2009-05-16 16:57:06 | 00,120,200 | ---- | C] () -- D:\WINDOWS\System32\DLLDEV32i.dll
[2009-05-16 16:56:28 | 00,006,211 | ---- | C] () -- D:\WINDOWS\mgxoschk.ini
[2009-03-26 15:44:59 | 00,000,022 | ---- | C] () -- D:\WINDOWS\Kruptos.INI
[2009-03-26 11:42:41 | 04,762,112 | ---- | C] () -- D:\WINDOWS\System32\NCMedia.dll
[2009-03-26 11:42:41 | 00,383,238 | ---- | C] () -- D:\WINDOWS\System32\libmp3lame-0.dll
[2009-02-13 12:13:18 | 00,000,106 | ---- | C] () -- D:\WINDOWS\intuprof.ini
[2008-12-21 10:07:02 | 00,036,609 | ---- | C] () -- D:\WINDOWS\cdplayer.ini
[2008-12-10 09:44:41 | 00,158,720 | ---- | C] () -- D:\WINDOWS\System32\LFCMP62N.DLL
[2008-12-10 09:44:41 | 00,047,616 | ---- | C] () -- D:\WINDOWS\System32\LFTIF62N.DLL
[2008-12-10 09:44:41 | 00,043,008 | ---- | C] () -- D:\WINDOWS\System32\LTFIL62N.DLL
[2008-12-10 09:44:41 | 00,023,552 | ---- | C] () -- D:\WINDOWS\System32\LFPCX62N.DLL
[2008-12-10 09:44:41 | 00,022,528 | ---- | C] () -- D:\WINDOWS\System32\LFEPS62N.DLL
[2008-12-10 09:44:41 | 00,022,016 | ---- | C] () -- D:\WINDOWS\System32\LFPCT62N.DLL
[2008-12-10 09:44:41 | 00,022,016 | ---- | C] () -- D:\WINDOWS\System32\LFGIF62N.DLL
[2008-12-10 09:44:41 | 00,022,016 | ---- | C] () -- D:\WINDOWS\System32\LFBMP62N.DLL
[2008-12-10 09:44:41 | 00,020,480 | ---- | C] () -- D:\WINDOWS\System32\LFPSD62N.DLL
[2008-12-10 09:44:41 | 00,019,968 | ---- | C] () -- D:\WINDOWS\System32\LFWMF62N.DLL
[2008-12-10 09:44:41 | 00,019,968 | ---- | C] () -- D:\WINDOWS\System32\LFTGA62N.DLL
[2008-12-10 09:44:41 | 00,019,456 | ---- | C] () -- D:\WINDOWS\System32\LFWPG62N.DLL
[2008-12-10 09:44:41 | 00,018,944 | ---- | C] () -- D:\WINDOWS\System32\LFIMG62N.DLL
[2008-12-10 09:44:41 | 00,018,432 | ---- | C] () -- D:\WINDOWS\System32\LFRAS62N.DLL
[2008-12-10 09:44:41 | 00,018,432 | ---- | C] () -- D:\WINDOWS\System32\LFMSP62N.DLL
[2008-12-10 09:44:41 | 00,017,920 | ---- | C] () -- D:\WINDOWS\System32\LFMAC62N.DLL
[2008-12-10 09:44:41 | 00,017,408 | ---- | C] () -- D:\WINDOWS\System32\LFPCD62N.DLL
[2008-12-10 09:44:25 | 00,026,624 | ---- | C] () -- D:\WINDOWS\artcomm.dll
[2008-12-10 09:44:23 | 00,172,032 | ---- | C] () -- D:\WINDOWS\AUSBA2.DLL
[2008-12-10 09:44:23 | 00,011,248 | ---- | C] () -- D:\WINDOWS\DUSB2AR.INI
[2008-12-10 09:44:23 | 00,001,612 | ---- | C] () -- D:\WINDOWS\AUSBA2.INI
[2008-12-10 09:44:21 | 00,003,616 | ---- | C] () -- D:\WINDOWS\System32\drivers\As6eio.sys
[2008-12-10 09:38:27 | 00,009,728 | R--- | C] () -- D:\WINDOWS\System32\ARSetup.dll
[2008-12-10 09:38:27 | 00,000,321 | R--- | C] () -- D:\WINDOWS\ARSetup.ini
[2008-12-02 22:37:38 | 00,118,784 | ---- | C] () -- D:\WINDOWS\System32\ncvDS61.dll
[2008-12-02 22:37:38 | 00,098,304 | ---- | C] () -- D:\WINDOWS\System32\nczlib.dll
[2008-12-02 22:37:38 | 00,094,208 | ---- | C] () -- D:\WINDOWS\System32\ncCompress.dll
[2008-12-02 22:37:38 | 00,065,536 | ---- | C] () -- D:\WINDOWS\System32\ncUtil62.dll
[2008-12-02 22:37:37 | 00,053,760 | ---- | C] () -- D:\WINDOWS\System32\zlib32.dll
[2008-11-16 17:03:01 | 00,000,089 | ---- | C] () -- D:\WINDOWS\GSTAR.INI
[2008-11-16 17:02:16 | 00,000,516 | ---- | C] () -- D:\WINDOWS\SCRABOUT.INI
[2008-11-06 09:31:32 | 00,000,000 | ---- | C] () -- D:\WINDOWS\RoboHTML.INI
[2008-11-02 15:37:54 | 00,008,440 | ---- | C] () -- D:\WINDOWS\lviewpro.ini
[2008-11-01 14:14:14 | 00,106,496 | R--- | C] () -- D:\WINDOWS\System32\vshp1020.dll
[2008-11-01 01:43:26 | 00,016,480 | ---- | C] () -- D:\WINDOWS\System32\rixdicon.dll
[2008-10-30 08:54:20 | 00,000,342 | ---- | C] () -- D:\WINDOWS\WHOffice.INI
[2008-10-30 07:47:56 | 00,000,497 | ---- | C] () -- D:\WINDOWS\ODBC.INI
[2008-10-29 18:29:13 | 00,000,008 | RHS- | C] () -- D:\WINDOWS\System32\Desktop_.ini
[2008-03-28 12:49:00 | 01,019,904 | ---- | C] () -- D:\WINDOWS\System32\nvwimg.dll
[2008-03-28 12:48:00 | 01,703,936 | ---- | C] () -- D:\WINDOWS\System32\nvwdmcpl.dll
[2008-03-28 12:39:00 | 00,466,944 | ---- | C] () -- D:\WINDOWS\System32\nvshell.dll
[2008-03-28 12:23:00 | 01,474,560 | ---- | C] () -- D:\WINDOWS\System32\nview.dll
[2007-07-12 14:46:00 | 00,030,721 | ---- | C] () -- D:\WINDOWS\System32\32of32i.dll
[2007-07-12 14:46:00 | 00,029,698 | ---- | C] () -- D:\WINDOWS\System32\orunins.dll
[2007-04-01 10:00:28 | 02,842,624 | ---- | C] () -- D:\WINDOWS\System32\btwicons.dll
[2007-04-01 09:41:52 | 00,090,112 | ---- | C] () -- D:\WINDOWS\System32\btprn2k.dll
[2007-01-03 13:48:24 | 00,049,152 | ---- | C] () -- D:\WINDOWS\System32\dec_jl6.dll
[2006-08-21 09:54:50 | 00,053,248 | ---- | C] () -- D:\WINDOWS\System32\ZLib.dll
[2005-02-17 13:41:32 | 00,000,603 | ---- | C] () -- D:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005-02-17 13:41:30 | 00,000,593 | ---- | C] () -- D:\WINDOWS\System32\btcss.dll.manifest
[2003-04-01 11:58:02 | 00,005,260 | ---- | C] () -- D:\WINDOWS\System32\OUTLPERF.INI
[2003-03-07 03:05:46 | 00,115,712 | ---- | C] () -- D:\WINDOWS\System32\Crush32.dll
[2002-09-27 10:36:58 | 00,000,779 | ---- | C] () -- D:\WINDOWS\win.ini
[2002-09-27 10:36:47 | 00,000,272 | ---- | C] () -- D:\WINDOWS\system.ini
[2001-11-14 14:56:00 | 01,802,240 | ---- | C] () -- D:\WINDOWS\System32\lcppn21.dll
[2001-06-21 20:13:48 | 00,081,332 | ---- | C] () -- D:\WINDOWS\System32\bass.dll
[1995-10-16 18:55:44 | 00,009,136 | ---- | C] () -- D:\WINDOWS\System32\INETWH16.DLL

========== Files - Modified Within 30 Days ==========

[3 D:\WINDOWS\System32\*.tmp files]
[2009-06-19 15:52:01 | 00,002,206 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2009-06-19 15:51:38 | 00,000,006 | -H-- | M] () -- D:\WINDOWS\tasks\SA.DAT
[2009-06-19 15:51:37 | 00,000,062 | -HS- | M] () -- D:\Documents and Settings\Chip Corbeil\Local Settings\desktop.ini
[2009-06-19 15:51:34 | 00,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2009-06-19 15:33:29 | 01,152,308 | ---- | M] () -- D:\WINDOWS\System32\PerfStringBackup.INI
[2009-06-19 15:33:29 | 00,513,650 | ---- | M] () -- D:\WINDOWS\System32\perfh00C.dat
[2009-06-19 15:33:29 | 00,444,540 | ---- | M] () -- D:\WINDOWS\System32\perfh009.dat
[2009-06-19 15:33:29 | 00,085,950 | ---- | M] () -- D:\WINDOWS\System32\perfc00C.dat
[2009-06-19 15:33:29 | 00,072,416 | ---- | M] () -- D:\WINDOWS\System32\perfc009.dat
[2009-06-19 14:21:12 | 00,001,374 | ---- | M] () -- D:\WINDOWS\imsins.BAK
[2009-06-19 13:46:46 | 00,174,672 | ---- | M] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2009-06-19 13:30:49 | 00,023,392 | ---- | M] () -- D:\WINDOWS\System32\nscompat.tlb
[2009-06-19 13:30:49 | 00,016,832 | ---- | M] () -- D:\WINDOWS\System32\amcompat.tlb
[2009-06-19 13:30:44 | 00,000,779 | ---- | M] () -- D:\WINDOWS\win.ini
[2009-06-19 13:29:20 | 00,000,000 | -H-- | M] () -- D:\WINDOWS\System32\drivers\umdf\MsftWdf_user_01_00_00.Wdf
[2009-06-19 09:58:12 | 29,968,0768 | ---- | M] () -- D:\Documents and Settings\Chip Corbeil\Mes documents\Outlook20080311.pst
[2009-06-19 09:02:23 | 00,003,121 | ---- | M] () -- D:\WINDOWS\System32\CONFIG.NT
[2009-06-18 12:54:55 | 00,000,084 | -HS- | M] () -- D:\Documents and Settings\Chip Corbeil\Mes documents\desktop.ini
[2009-06-18 07:21:14 | 00,864,642 | ---- | M] () -- D:\Documents and Settings\Chip Corbeil\Bureau\CP-G-0606-StJohninCanadaToday_Spring2006-F-N.pdf
[2009-06-17 11:27:56 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- D:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009-06-17 11:27:44 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- D:\WINDOWS\System32\drivers\mbam.sys
[2009-06-15 10:47:51 | 00,851,317 | ---- | M] () -- D:\Documents and Settings\Chip Corbeil\Bureau\06565_09-IGA-Collector-coupons_F_2.pdf
[2009-06-15 09:18:20 | 06,009,840 | ---- | M] (Glarysoft Ltd ) -- D:\Documents and Settings\Chip Corbeil\Bureau\gusetupnew.exe
[2009-06-12 21:32:51 | 00,305,987 | ---- | M] () -- D:\Documents and Settings\Chip Corbeil\Bureau\Regl_1347TarifsApplicablesBiensServices.pdf
[2009-06-08 15:53:44 | 00,000,697 | ---- | M] () -- D:\Documents and Settings\All Users\Bureau\Digital Photo Resizer.lnk
[2009-06-08 15:06:21 | 00,288,768 | ---- | M] () -- D:\Documents and Settings\Chip Corbeil\Bureau\Attention Ours.doc
[2009-06-06 16:15:56 | 00,008,440 | ---- | M] () -- D:\WINDOWS\lviewpro.ini
[2009-06-01 20:32:27 | 00,058,880 | -HS- | M] () -- D:\Documents and Settings\Chip Corbeil\Bureau\Thumbs.db
[2009-06-01 20:24:11 | 00,053,090 | ---- | M] () -- D:\Documents and Settings\Chip Corbeil\Bureau\bradford pear tree.jpg
[2009-06-01 12:51:12 | 23,635,392 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\System32\MRT.exe
[2009-05-29 10:04:39 | 00,000,754 | ---- | M] () -- D:\Documents and Settings\Chip Corbeil\Bureau\OSS Audio MP3 Player.lnk
[2009-05-29 10:04:39 | 00,000,749 | ---- | M] () -- D:\Documents and Settings\Chip Corbeil\Bureau\OSS Audio CD Ripper.lnk
[2009-05-28 14:22:11 | 02,948,608 | ---- | M] () -- D:\Documents and Settings\Chip Corbeil\Bureau\karaokelistecomplete.xls
[2009-05-24 15:13:26 | 00,010,897 | ---- | M] () -- D:\Documents and Settings\Chip Corbeil\Bureau\bass_vincent.jpg
[2009-05-20 17:36:56 | 02,804,924 | ---- | M] () -- D:\Documents and Settings\Chip Corbeil\Bureau\PlanchersFragilesInstrumental.mp3
[2009-05-20 17:35:53 | 07,774,806 | ---- | M] () -- D:\Documents and Settings\Chip Corbeil\Bureau\PlanchersFragilesInstrumental2.wav
[2009-05-20 17:10:57 | 00,376,552 | ---- | M] () -- D:\Documents and Settings\Chip Corbeil\Bureau\PlanchersFragilesInstrumental.pk
[2009-05-20 17:01:33 | 00,000,272 | ---- | M] () -- D:\WINDOWS\system.ini
< End of report >



Here is the OTL Extras Log.
OTL Extras logfile created on: 2009-06-19 15:57:03 - Run 1
OTL by OldTimer - Version 2.1.1.0 Folder = C:\HiJackThis
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

1,75 Gb Total Physical Memory | 1,24 Gb Available Physical Memory | 70,97% Memory free
3,60 Gb Paging File | 3,17 Gb Available in Paging File | 88,08% Paging File free
Paging file location(s): D:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 69,77 Gb Total Space | 14,88 Gb Free Space | 21,32% Space Free | Partition Type: NTFS
Drive D: | 69,52 Gb Total Space | 6,32 Gb Free Space | 9,09% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: CHIP
Current User Name: Chip Corbeil
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = htmlfile] -- D:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2008-04-13 14:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
File not found -- D:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
[2009-02-06 18:21:00 | 00,583,024 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
[2009-02-06 18:51:28 | 03,885,408 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
[2009-02-06 18:23:32 | 01,170,272 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2008-04-13 22:34:01 | 00,029,696 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper
[1999-09-14 20:01:24 | 00,827,392 | R--- | M] () -- D:\Program Files\Hasbro Interactive\Scrabble v2.0\Scrabble v2.0.exe:*:Enabled:Scrabble v2.0
[2008-11-05 22:59:00 | 04,347,120 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger
[2008-09-18 14:50:21 | 00,147,456 | ---- | M] (Lime Wire, LLC) -- D:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
[2008-04-13 14:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
File not found -- D:\Program Files\Adobe\Adobe RoboHelp 7\RoboHTML\RoboHTML.exe:*:Enabled:Adobe RoboHelp 7
[2002-05-13 15:32:30 | 12,193,852 | ---- | M] (Macromedia Inc.) -- D:\Program Files\Macromedia\Fireworks MX\Fireworks.exe:*:Enabled:Fireworks MX
[2008-04-13 22:34:03 | 01,037,824 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe:*:Enabled:Explorateur Windows
[2009-02-06 18:21:00 | 00,583,024 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
[2009-02-06 18:51:28 | 03,885,408 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
[2009-02-06 18:23:32 | 01,170,272 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync
[2009-03-24 22:43:02 | 00,096,256 | ---- | M] (FreeCause Inc.) -- D:\Program Files\La barre d'outils AIR MILES\TroubleShooter.exe:*:Enabled:La barre d'outils AIR MILES (Helper)
[2009-05-12 18:58:48 | 00,143,496 | ---- | M] (FreeCause Inc.) -- D:\Program Files\La barre d'outils AIR MILES\ToolbarUpdate.exe:*:Enabled:La barre d'outils AIR MILES (Update)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0024B220-62AE-47BE-9E5D-14AAE920F7EE}" = Dynacom Accounting 11
"{059C042E-796A-4ACC-A81A-ECC2010BB78C}" = Windows Live Messenger
"{167ABF69-A947-4839-856D-3BA2274FCBE9}" = ImpôtRapide 2008
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{2231CE39-B963-4B9D-823A-F412ECA637B1}" = Windows Live Writer
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java™ 6 Update 13
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros for Acer Driver v7.2.0.208_Foxconn Installation Program
"{3156B2FD-5C1D-4649-9FE3-EB6E77320266}" = ImpôtRapide 2007
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3BE480ED-E17A-431A-981C-5C2EDDBCD3BF}" = Macromedia Flash MX
"{3F7924B9-D148-3141-87B1-68F36043A940}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA
"{44E54A81-9D91-4AA1-9417-80AFF134F5FF}" = Galerie de photos Windows Live
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4D826618-59C6-11D4-976E-00C04F8EEB39}" = Macromedia FreeHand 10
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{501451DE-5808-4599-B544-8BD0915B6B24}_is1" = FreeRIP v3.091
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{63DC2DA0-2A6C-4C38-9249-B75395458657}" = Windows Live Mail
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7370DF47-B4F9-4279-BFC3-3F09919F720D}" = Installation Windows Live
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7CB9546E-BF2C-47DE-9DB4-C4364FBE57EC}" = Broadcom Wireless LAN Driver 4.100.15.7_Negative_Foxconn
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = WIDCOMM Bluetooth Software
"{88410D8F-8529-492B-B556-2394A29B811B}" = Broadcom Driver v4.102.28.4_Foxconn Installation Program
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8B4AB829-DFD3-436D-B808-D9733D76C590}" = Macromedia Dreamweaver MX
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{9012040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{903B0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Project Professional 2003
"{930B2432-43D4-11D5-9871-00C04F8EEB39}" = Macromedia Fireworks MX
"{9312E9B8-129A-4025-8F88-8A0581CC7C4C}" = RoboSource Control 3.1
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0120-040C-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{96ABA9A0-EDE3-4390-B0C8-1E582EB91968}" = Module de gestion ImpôtRapide
"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
"{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}" = Windows Live Sync
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2273570-B532-4F8D-892E-14999C591E25}" = Kruptos 2
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5BA14E0-7384-11D4-BAE7-00409631A2C8}" = Macromedia Extension Manager
"{A725C340-77EE-11D6-BBC2-0000CB591583}" = A.F.5 Rename your files 1.1
"{A7E3B245-0798-4F71-9C3F-556C130B60D3}" = Adobe RoboHelp 8
"{AAF4238F-7C29-451D-9925-C753271A5728}" = Microsoft Visual C++ Run Time Lib Setup
"{AC76BA86-1033-F400-7760-000000000001}" = Adobe Acrobat 6.0 Professional - English, Français, Deutsch
"{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C0880630-A6BA-4409-A24E-8083E5E0F92A}" = Digital Photo Resizer
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D13E9EC4-BBB2-49BA-9E4C-10270F542411}" = RoboHelp Office X5.0.2 Update
"{D2EF6D61-EB17-461C-B3AB-24ED025C37C8}" = YAMAHA Digital Music Notebook
"{D6A2DDE3-9D7C-412C-932A-756580D29919}" = Windows Live Contrôle parental
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{ECD5DF04-44C7-43C6-A05A-A43F05344FC0}" = RoboSource Control
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4E74C05-CD77-4422-B5BB-E82693EE2FA3}" = iSpQ VideoChat 8.0
"{F70D5D8C-C1AF-40B3-9E47-3BB5F19EEA3A}" = Atheros for Acer Driver 5.3.0.67_Foxconn Installation Program
"{F7D27C70-90F5-49B9-B188-0A133C0CE353}" = Windows Live Toolbar
"{F8E28912-A7B8-488C-B259-33F9014B9D09}" = Uno
"{FA291352-8B46-4678-B344-C176F28C5C3E}" = RoboHelp Office
"{FCED9B62-34FF-4C15-8A23-F65221F7874D}" = ITECIR Driver
"1236USB+Ultima 2000" = 1236USB+Ultima 2000
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe RoboHelp 8" = Adobe RoboHelp 8
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"AnyDVD" = AnyDVD
"avast!" = avast! Antivirus
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"Bejeweled Deluxe" = Bejeweled Deluxe
"Comptabilité Dynacom 11" = Comptabilité Dynacom 11
"Cool Edit Pro 2.0" = Cool Edit Pro 2.0
"Dual Mode Camera_is1" = Uninstall Dual Mode Camera
"DVD Shrink_is1" = DVD Shrink 3.2
"ERUNT_is1" = ERUNT 1.1j
"Firebird SQL Server US" = Firebird SQL Server - MAGIX Edition
"Freez FLV to MP3 Converter V1.2_is1" = Freez FLV to MP3 Converter
"GOM Player" = GOM Player
"Guitar Pro 5_is1" = Guitar Pro 5.0
"HijackThis" = HijackThis 2.0.2
"HP-LaserJet 1020 series" = LaserJet 1020 series
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"InstallShield_{96ABA9A0-EDE3-4390-B0C8-1E582EB91968}" = Module de gestion ImpôtRapide
"InstallShield_{D13E9EC4-BBB2-49BA-9E4C-10270F542411}" = RoboHelp Office X5.0.2 Update
"InstallShield_{ECD5DF04-44C7-43C6-A05A-A43F05344FC0}" = RoboSource Control
"InstallShield_{FA291352-8B46-4678-B344-C176F28C5C3E}" = RoboHelp Office X5
"La barre d'outils AIR MILES" = La barre d'outils AIR MILES
"LimeWire" = LimeWire 4.18.8
"MAGIX Music Maker 15 Trial US" = MAGIX Music Maker 15 Trial 15.0.1.8 (US)
"MAGIX Screenshare US" = MAGIX Screenshare 4.3.6.1987 (US)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0.5)" = Mozilla Firefox (3.0.5)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"Nero - Burning Rom!UninstallKey" = Ahead Nero 6 Demo
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"OrderReminder HP LaserJet 1020" = OrderReminder HP LaserJet 1020
"OSS Audio CD Ripper N' ID3V2 Tag Editor_is1" = OSS Audio CD Ripper N' ID3V2 Tag Editor 2.2.0.2
"PhoTagsExpress" = PhoTags Express
"Plato DVD Ripper Professional Free_is1" = Plato DVD Ripper Professional Free 10.05.02
"PySolFC Solitaire_is1" = PySolFC Solitaire (a freeware Solitaire Game) version 1.1
"RealAlt_is1" = Real Alternative 1.9.0
"Scrabble v2.0" = Scrabble v2.0
"SynthFont_is1" = SynthFont Version 1.051
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"SystemRequirementsLab" = System Requirements Lab
"VMidi" = vanBasco's Karaoke Player
"Winamp" = Winamp (remove only)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media 11
"Windows XP Service" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Installation Windows Live
"WinPatrol" = WinPatrol 2009
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Messenger" = Yahoo! Messenger
"Zuma Deluxe 1.0" = Zuma Deluxe 1.0

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 2009-06-18 21:35:48 | Computer Name = CHIP | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:\DOCUME~1\CHIPCO~1\Bureau\PGBAL2~1\P1000593.JPG failed, 0000A413.

Error - 2009-06-18 21:35:48 | Computer Name = CHIP | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:\DOCUME~1\CHIPCO~1\Bureau\PGBAL2~1\P1000594.JPG failed, 0000A413.

Error - 2009-06-18 21:35:48 | Computer Name = CHIP | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:\DOCUME~1\CHIPCO~1\Bureau\PGBAL2~1\P1000595.JPG failed, 0000A413.

Error - 2009-06-18 21:35:48 | Computer Name = CHIP | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:\DOCUME~1\CHIPCO~1\Bureau\PGBAL2~1\P1000597.JPG failed, 0000A413.

Error - 2009-06-18 21:35:48 | Computer Name = CHIP | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:\DOCUME~1\CHIPCO~1\Bureau\PGBAL2~1\P1000603.JPG failed, 0000A413.

Error - 2009-06-18 21:35:48 | Computer Name = CHIP | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:\DOCUME~1\CHIPCO~1\Bureau\PGBAL2~1\P1000605.JPG failed, 0000A413.

Error - 2009-06-18 21:35:48 | Computer Name = CHIP | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:\DOCUME~1\CHIPCO~1\Bureau\PGBAL2~1\P1000606.JPG failed, 0000A413.

Error - 2009-06-18 21:35:48 | Computer Name = CHIP | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:\DOCUME~1\CHIPCO~1\Bureau\PGBAL2~1\ZP1000~3.JPG failed, 0000A413.

Error - 2009-06-18 21:35:48 | Computer Name = CHIP | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:\DOCUME~1\CHIPCO~1\Bureau\PGBAL2~1\ZP1000~4.JPG failed, 0000A413.

Error - 2009-06-18 21:35:49 | Computer Name = CHIP | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:\DOCUME~1\CHIPCO~1\Bureau\PGBAL2~1\ZP0D66~1.JPG failed, 0000A413.

[ Application Events ]
Error - 2009-06-19 14:28:19 | Computer Name = CHIP | Source = .NET Runtime | ID = 1023
Description = .NET Runtime version 2.0.50727.3053 - Erreur irrécupérable du moteur
d'exécution (7A097706) (80131506)

Error - 2009-06-19 14:28:20 | Computer Name = CHIP | Source = .NET Runtime 2.0 Error Reporting | ID = 1000
Description = Faulting application mscorsvw.exe, version 2.0.50727.3053, stamp 4889dc4b,
faulting module mscorwks.dll, version 2.0.50727.3053, stamp 4889dc18, debug? 0,
fault address 0x0000f1d0.

Error - 2009-06-19 14:28:35 | Computer Name = CHIP | Source = .NET Runtime Optimization Service | ID = 1101
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Failed to compile: WindowsLive.Writer.Controls, Version=14.0.8064.206, Culture=neutral,
PublicKeyToken=31bf3856ad364e35 . Error code = 0x800706be

Error - 2009-06-19 14:28:44 | Computer Name = CHIP | Source = .NET Runtime Optimization Service | ID = 1101
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Failed to compile: System.Deployment, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
. Error code = 0x80131506

Error - 2009-06-19 14:29:07 | Computer Name = CHIP | Source = .NET Runtime Optimization Service | ID = 1101
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Failed to compile: System.Runtime.Remoting, Version=2.0.0.0, Culture=neutral,
PublicKeyToken=b77a5c561934e089 . Error code = 0x80131506

Error - 2009-06-19 14:29:27 | Computer Name = CHIP | Source = .NET Runtime Optimization Service | ID = 1101
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Failed to compile: Microsoft.Build.Engine, Version=3.5.0.0, Culture=neutral,
PublicKeyToken=b03f5f7f11d50a3a . Error code = 0x80131506

Error - 2009-06-19 14:41:41 | Computer Name = CHIP | Source = Application Error | ID = 1000
Description = Application défaillante mbam.exe, version 1.38.0.0, module défaillant
msvbvm60.dll, version 6.0.98.2, adresse de défaillance 0x000ee176.

Error - 2009-06-19 14:44:20 | Computer Name = CHIP | Source = Application Error | ID = 1000
Description = Application défaillante SearchIndexer.exe, version 7.0.6001.16503,
module défaillant tquery.dll, version 7.0.6001.16503, adresse de défaillance 0x0004c108.

Error - 2009-06-19 15:32:55 | Computer Name = CHIP | Source = Application Hang | ID = 1002
Description = Application bloquée msiexec.exe, version 3.1.4001.5512, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 2009-06-19 15:49:38 | Computer Name = CHIP | Source = ESENT | ID = 474
Description = wuauclt (3920) La lecture de pages de base de données à partir du
fichier "D:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb" à l'adresse relative
24866816 (0x00000000017b7000) de 4096 (0x00001000) octets a échoué lors de la vérification
en raison d'une non-concordance des totaux de contrôle. Le total de contrôle attendu
était 1619436629 (0x6086a455) tandis que le total de contrôle réel était 1620485205
(0x6096a455). L'opération de lecture échouera en indiquant l'erreur -1018 (0xfffffc06).
Si le problème persiste, restaurez la base de données à partir d'une version de
sauvegarde antérieure.

[ System Events ]
Error - 2009-06-19 14:22:45 | Computer Name = CHIP | Source = Tcpip | ID = 4191
Description = IP n'a pas pu ouvrir la clé du registre pour la carte TCPIP\Parameters\Adapters\NDISWANIP.
Les
interfaces sur cette carte ne seront pas initialisées.

Error - 2009-06-19 14:22:49 | Computer Name = CHIP | Source = Service Control Manager | ID = 7000
Description = Le service USB Flatbed Scanner n'a pas pu démarrer en raison de l'erreur :
%%1058

Error - 2009-06-19 14:36:25 | Computer Name = CHIP | Source = Service Control Manager | ID = 7031
Description = Le service Windows Search s'est terminé de manière inattendue. Ceci
s'est produit 1 fois. L'action corrective suivante va être effectuée dans 30000
millisecondes : Redémarrer le service.

Error - 2009-06-19 15:28:28 | Computer Name = CHIP | Source = Service Control Manager | ID = 7031
Description = Le service Windows Search s'est terminé de manière inattendue. Ceci
s'est produit 2 fois. L'action corrective suivante va être effectuée dans 30000
millisecondes : Redémarrer le service.

Error - 2009-06-19 15:33:19 | Computer Name = CHIP | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service WSearch
avec les arguments "" pour démarrer le serveur : {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error - 2009-06-19 15:37:24 | Computer Name = CHIP | Source = Ntfs | ID = 262199
Description = La structure du système de fichiers sur le disque est endommagée et
inutilisable. Veuillez exécuter l'utilitaire chkdsk sur le volume D:.

Error - 2009-06-19 15:48:18 | Computer Name = CHIP | Source = Tcpip | ID = 4191
Description = IP n'a pas pu ouvrir la clé du registre pour la carte TCPIP\Parameters\Adapters\NDISWANIP.
Les
interfaces sur cette carte ne seront pas initialisées.

Error - 2009-06-19 15:48:24 | Computer Name = CHIP | Source = Service Control Manager | ID = 7000
Description = Le service USB Flatbed Scanner n'a pas pu démarrer en raison de l'erreur :
%%1058

Error - 2009-06-19 15:51:54 | Computer Name = CHIP | Source = Tcpip | ID = 4191
Description = IP n'a pas pu ouvrir la clé du registre pour la carte TCPIP\Parameters\Adapters\NDISWANIP.
Les
interfaces sur cette carte ne seront pas initialisées.

Error - 2009-06-19 15:51:58 | Computer Name = CHIP | Source = Service Control Manager | ID = 7000
Description = Le service USB Flatbed Scanner n'a pas pu démarrer en raison de l'erreur :
%%1058


< End of report >


Here is the Rooter Kit log
Rooter.exe (v1.0.1) by Eric_71
¨
Microsoft Windows XP Professional (5.1.2600) Service Pack 3
32_bits - x86 Family 15 Model 104 Stepping 2, AuthenticAMD
¨
C:\ [Fixed-NTFS] .. ( Total:69 Go - Free:14 Go )
D:\ [Fixed-NTFS] .. ( Total:69 Go - Free:6 Go )
E:\ [CD_Rom]
¨
Scan : 15:54.39
Path : C:\HiJackThis\Rooter.exe
User : Chip Corbeil ( Administrator -> YES )
¨
----------------------\\ Processes
¨
Locked [System Process] (0)
______ System (4)
______ \SystemRoot\System32\smss.exe (652)
______ \??\D:\WINDOWS\system32\csrss.exe (712)
______ \??\D:\WINDOWS\system32\winlogon.exe (740)
______ D:\WINDOWS\system32\services.exe (784)
______ D:\WINDOWS\system32\lsass.exe (804)
______ D:\WINDOWS\system32\svchost.exe (968)
______ D:\WINDOWS\system32\svchost.exe (1016)
______ D:\WINDOWS\System32\svchost.exe (1060)
______ D:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (1084)
______ D:\WINDOWS\system32\svchost.exe (1144)
______ D:\WINDOWS\system32\svchost.exe (1212)
______ D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (1420)
______ D:\Program Files\Alwil Software\Avast4\ashServ.exe (1472)
______ D:\WINDOWS\Explorer.EXE (1712)
______ D:\WINDOWS\system32\spoolsv.exe (1928)
______ D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (436)
______ D:\Program Files\Synaptics\SynTP\SynTPEnh.exe (444)
______ D:\WINDOWS\system32\RUNDLL32.EXE (464)
______ D:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (472)
______ D:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe (496)
______ D:\WINDOWS\system32\ctfmon.exe (512)
______ D:\WINDOWS\system32\svchost.exe (1868)
______ D:\WINDOWS\system32\agrsmsvc.exe (1976)
______ D:\Program Files\Java\jre6\bin\jqs.exe (136)
______ D:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (1304)
______ D:\WINDOWS\system32\nvsvc32.exe (164)
______ D:\Program Files\Adobe\RoboSource Control 3\RSO3MiddleTierService.exe (276)
______ D:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (696)
______ D:\WINDOWS\system32\svchost.exe (1104)
______ D:\Program Files\M-Audio Uno\UnoInst.exe (1192)
______ D:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe (1348)
______ D:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe (1360)
______ D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (2176)
______ D:\Program Files\Alwil Software\Avast4\ashWebSv.exe (2316)
______ D:\WINDOWS\system32\wbem\wmiapsrv.exe (2736)
______ D:\WINDOWS\System32\alg.exe (2804)
______ D:\WINDOWS\system32\wbem\wmiprvse.exe (2816)
______ D:\Program Files\Internet Explorer\iexplore.exe (3124)
______ D:\Program Files\Internet Explorer\iexplore.exe (3192)
______ D:\Program Files\Windows Live\Toolbar\wltuser.exe (3476)
______ D:\WINDOWS\System32\svchost.exe (3536)
______ D:\WINDOWS\system32\wuauclt.exe (3968)
______ D:\Program Files\Internet Explorer\iexplore.exe (3200)
______ C:\HiJackThis\Rooter.exe (3844)
¨
----------------------\\ Device\Harddisk0\
¨
\Device\Harddisk0 [Sectors : 63 x 512 Bytes]
¨
\Device\Harddisk0\Partition1 (Start_Offset:32256 | Length:10478974464)
\Device\Harddisk0\Partition2 --[ MBR ]-- (Start_Offset:10479468544 | Length:74918658048)
\Device\Harddisk0\Partition3 (Start_Offset:85398126592 | Length:74641833984)
¨
----------------------\\ Scheduled Tasks
¨
D:\WINDOWS\Tasks\desktop.ini
D:\WINDOWS\Tasks\SA.DAT
¨
----------------------\\ Registry
¨
¨
----------------------\\ Files & Folders
¨
D:\DOCUME~1\CHIPCO~1\Mes documents\Downloads\1ClickDVD\1Click DVD Copy version 3211-crack-and Instructions.rar
D:\DOCUME~1\CHIPCO~1\Mes documents\Downloads\AnyDVD\anydvd 4.5.7.2 plus crack.rar
D:\DOCUME~1\CHIPCO~1\Mes documents\Downloads\Cool Edit Pro V 2.0 with crack ( good editing - recording program,much smaller than cubase, or reason)(wOrKs).zip
D:\DOCUME~1\CHIPCO~1\Mes documents\Downloads\Downloads(Chip)\AnyDVD\anydvd 4.5.7.2 plus crack.rar
D:\DOCUME~1\CHIPCO~1\Mes documents\Downloads\Downloads(Chip)\DVD\1ClickDVD\1Click DVD Copy version 3211-crack-and Instructions.rar
D:\DOCUME~1\CHIPCO~1\Mes documents\Downloads\Downloads(Chip)\DVD\AnyDVD\anydvd 4.5.7.2 plus crack.rar
D:\DOCUME~1\CHIPCO~1\Mes documents\Downloads\Downloads(Chip)\DVD\DVD Copy Plus\DVD Copy Plus 4.2 XP (with Crack DVDx & Smart Ripper)\DVD Copy Plus 4.2 XP (with Crack DVDx & Smart Ripper)\DVD Copy Plus 4.2 XP Plus crack.zip
D:\DOCUME~1\CHIPCO~1\Mes documents\Downloads\Downloads(Chip)\Pducrack.exe
D:\DOCUME~1\CHIPCO~1\Mes documents\Downloads\Pducrack.exe
D:\DOCUME~1\CHIPCO~1\Mes documents\Downloads\Zuma\Zuma Deluxe with crack - Popcap Games\2_PopCap Zuma Deluxe! v1.0 (crack).exe
D:\DOCUME~1\CHIPCO~1\Mes documents\Downloads\Zuma\Zuma Deluxe with crack - Popcap Games.zip
D:\DOCUME~1\CHIPCO~1\Mes documents\Downloads\Downloads(Chip)\PowerVideoKaraoke\POWER VIDEO KARAOKE v 1.2.1.3 + keygen.rar
D:\DOCUME~1\CHIPCO~1\Mes documents\Downloads\PowerVideoKaraoke\POWER VIDEO KARAOKE v 1.2.1.3 + keygen.rar
==> Cracks & Keygens <==
¨
----------------------\\ Scan completed at 15:55.36
¨
D:\Rooter$\Rooter_1.txt - (19/06/2009 | 15:55.36).c


I hope this is complete.
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP