[Dark_Star_Qc]

Not off to a good start, I'm afraid:

This is what Jotti has to say:

"The file you uploaded is 0 bytes. It is very likely a firewall or a piece of malware is prohibiting you from uploading this file"

Shall I continue with the rest of the instructions?

[Advertisements]

do you have a firewall on your system besides the Windows firewall?

If not please go ahead and follow the rest of the fix as posted.

Edited by Efwis, 28 August 2005 - 06:15 PM.

[Dragon]

do you have a firewall on your system besides the Windows firewall?

If not please go ahead and follow the rest of the fix as posted.

Edited by Efwis, 28 August 2005 - 06:15 PM.

[Dark_Star_Qc]

No other firewall. I'll do the rest right away...

[Dark_Star_Qc]

OK... second step - atribune logs:

explorer:


Module information for 'Explorer.EXE'
MODULE BASE SIZE PATH
Explorer.EXE 1000000 1048576 C:\WINDOWS\Explorer.EXE 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Explorateur Windows
ntdll.dll 7c910000 749568 C:\WINDOWS\system32\ntdll.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) DLL Couche NT
kernel32.dll 7c800000 1064960 C:\WINDOWS\system32\kernel32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) DLL du client API BASE Windows NT
msvcrt.dll 77be0000 360448 C:\WINDOWS\system32\msvcrt.dll 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows NT CRT DLL
ADVAPI32.dll 77da0000 704512 C:\WINDOWS\system32\ADVAPI32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) API avancées Windows 32
RPCRT4.dll 77e50000 593920 C:\WINDOWS\system32\RPCRT4.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Remote Procedure Call Runtime
GDI32.dll 77ef0000 286720 C:\WINDOWS\system32\GDI32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) GDI Client DLL
USER32.dll 77d10000 589824 C:\WINDOWS\system32\USER32.dll 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519) DLL client de l'API Utilisateur de Windows XP
SHLWAPI.dll 77f40000 483328 C:\WINDOWS\system32\SHLWAPI.dll 6.00.2900.2713 (xpsp_sp2_gdr.050702-1513) Bibliothèque d'utilitaires légers du Shell
SHELL32.dll 7c9d0000 8527872 C:\WINDOWS\system32\SHELL32.dll 6.00.2900.2620 (xpsp_sp2_gdr.050225-1820) DLL commune du shell Windows
ole32.dll 774a0000 1298432 C:\WINDOWS\system32\ole32.dll 5.1.2600.2665 (xpsp_sp2_gdr.050427-1553) Microsoft OLE pour Windows
OLEAUT32.dll 770e0000 573440 C:\WINDOWS\system32\OLEAUT32.dll 5.1.2600.2180
BROWSEUI.dll 75f10000 1036288 C:\WINDOWS\system32\BROWSEUI.dll 6.00.2900.2713 (xpsp_sp2_gdr.050702-1513) Bibliothèque de l'interface utilisateur du navigateur
SHDOCVW.dll 77720000 1490944 C:\WINDOWS\system32\SHDOCVW.dll 6.00.2900.2713 (xpsp_sp2_gdr.050702-1513) Bibliothèque d'objets et de contrôles de documents de l'environnement
CRYPT32.dll 779e0000 614400 C:\WINDOWS\system32\CRYPT32.dll 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158) Crypto API32
MSASN1.dll 77a80000 73728 C:\WINDOWS\system32\MSASN1.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ASN.1 Runtime APIs
CRYPTUI.dll 76610000 540672 C:\WINDOWS\system32\CRYPTUI.dll 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158) Fournisseur de l'interface Microsoft Trust
WINTRUST.dll 76be0000 188416 C:\WINDOWS\system32\WINTRUST.dll 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158) API Microsoft de vérification de la confiance
IMAGEHLP.dll 76c40000 163840 C:\WINDOWS\system32\IMAGEHLP.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows NT Image Helper
NETAPI32.dll 6fee0000 344064 C:\WINDOWS\system32\NETAPI32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Net Win32 API DLL
WININET.dll 77aa0000 684032 C:\WINDOWS\system32\WININET.dll 6.00.2900.2713 (xpsp_sp2_gdr.050702-1513) Extensions Internet pour Win32
WLDAP32.dll 76f10000 184320 C:\WINDOWS\system32\WLDAP32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) DLL API LDAP Win32
VERSION.dll 77bd0000 32768 C:\WINDOWS\system32\VERSION.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Version Checking and File Installation Libraries
UxTheme.dll 5b090000 229376 C:\WINDOWS\system32\UxTheme.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Bibliothèque de thèmes Ux Microsoft
ShimEng.dll 5cea0000 155648 C:\WINDOWS\system32\ShimEng.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Shim Engine DLL
AcGenral.DLL 595b0000 1875968 C:\WINDOWS\AppPatch\AcGenral.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Compatibility DLL
WINMM.dll 76ae0000 192512 C:\WINDOWS\system32\WINMM.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) DLL API MCI
MSACM32.dll 77bb0000 86016 C:\WINDOWS\system32\MSACM32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Filtre audio ACM Microsoft
USERENV.dll 76960000 741376 C:\WINDOWS\system32\USERENV.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Userenv
comctl32.dll 77390000 1056768 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll 6.0 (xpsp_sp2_rtm.040803-2158) User Experience Controls Library
comctl32.dll 58b50000 618496 C:\WINDOWS\system32\comctl32.dll 5.82 (xpsp_sp2_rtm.040803-2158) Common Controls Library
appHelp.dll 77b50000 139264 C:\WINDOWS\system32\appHelp.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Application Compatibility Client Library
CLBCATQ.DLL 76f80000 520192 C:\WINDOWS\system32\CLBCATQ.DLL 2001.12.4414.258
COMRes.dll 77000000 868352 C:\WINDOWS\system32\COMRes.dll 2001.12.4414.258
cscui.dll 765b0000 352256 C:\WINDOWS\System32\cscui.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) IU de cache côté client
CSCDLL.dll 76590000 118784 C:\WINDOWS\System32\CSCDLL.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Agent réseau hors connexion
themeui.dll 5b950000 471040 C:\WINDOWS\system32\themeui.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) API Windows Theme
Secur32.dll 77fc0000 69632 C:\WINDOWS\system32\Secur32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Security Support Provider Interface
MSIMG32.dll 76310000 20480 C:\WINDOWS\system32\MSIMG32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) GDIEXT Client DLL
xpsp2res.dll 20000000 2990080 C:\WINDOWS\system32\xpsp2res.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Messages Service Pack 2
shellhook.dll 10000000 53248 C:\Program Files\ewido\security suite\shellhook.dll
MSVCR71.dll 7c340000 352256 C:\WINDOWS\system32\MSVCR71.dll 7.10.3052.4 Microsoft® C Runtime Library
urlmon.dll 77170000 647168 C:\WINDOWS\system32\urlmon.dll 6.00.2900.2713 (xpsp_sp2_gdr.050702-1513) Extensions OLE32 pour Win32
msutb.dll 5ffb0000 208896 C:\WINDOWS\system32\msutb.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) DLL MSUTB Server
MSCTF.dll 74690000 307200 C:\WINDOWS\system32\MSCTF.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) DLL de MSCTF Server
wmpband.dll 74a0000 77824 C:\PROGRA~1\WINDOW~2\wmpband.dll 10.00.00.3802 Lecteur Windows Media
MPR.dll 71a60000 73728 C:\WINDOWS\system32\MPR.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) DLL de routeur de fournisseurs multiples
LINKINFO.dll 76920000 32768 C:\WINDOWS\system32\LINKINFO.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Volume Tracking
ntshrui.dll 76930000 155648 C:\WINDOWS\system32\ntshrui.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Extensions de l'interpréteur de commandes pour le partage
ATL.DLL 76ac0000 69632 C:\WINDOWS\system32\ATL.DLL 3.05.2284 ATL Module for Windows XP (Unicode)
SAMLIB.dll 71b50000 77824 C:\WINDOWS\system32\SAMLIB.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) SAM Library DLL
SETUPAPI.dll 778e0000 1015808 C:\WINDOWS\system32\SETUPAPI.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Installation de L'API Windows
WINSTA.dll 762f0000 65536 C:\WINDOWS\system32\WINSTA.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Winstation Library
webcheck.dll 74aa0000 294912 C:\WINDOWS\system32\webcheck.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Contrôleur de site Web
WSOCK32.dll 71a10000 40960 C:\WINDOWS\system32\WSOCK32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) DLL Socket 32-bits Windows
WS2_32.dll 719f0000 94208 C:\WINDOWS\system32\WS2_32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Socket 2.0 32-Bit DLL
WS2HELP.dll 719e0000 32768 C:\WINDOWS\system32\WS2HELP.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Application d'assistance de Windows Socket 2.0 pour Windows NT
stobject.dll 76540000 135168 C:\WINDOWS\system32\stobject.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Objet du service d'environnement Systray
BatMeter.dll 74a60000 40960 C:\WINDOWS\system32\BatMeter.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) DLL d'application d'assistance de Jauge de batterie
POWRPROF.dll 74a40000 32768 C:\WINDOWS\system32\POWRPROF.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Power Profile Helper DLL
WTSAPI32.dll 76f00000 32768 C:\WINDOWS\system32\WTSAPI32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Terminal Server SDK APIs
NETSHELL.dll 76390000 1744896 C:\WINDOWS\system32\NETSHELL.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Noyau des Connexions réseau
rtutils.dll 76e30000 57344 C:\WINDOWS\system32\rtutils.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Routing Utilities
credui.dll 76bb0000 192512 C:\WINDOWS\system32\credui.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Interface utilisateur du gestionnaire d'informations d'identification
iphlpapi.dll 76d10000 102400 C:\WINDOWS\system32\iphlpapi.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) API de l'application d'assistance IP
wdmaud.drv 72c70000 36864 C:\WINDOWS\system32\wdmaud.drv 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) WDM Audio driver mapper
msacm32.drv 72c60000 32768 C:\WINDOWS\system32\msacm32.drv 5.1.2600.0 (xpclient.010817-1148) Mappeur de sons Microsoft
midimap.dll 77ba0000 28672 C:\WINDOWS\system32\midimap.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Mappeur MIDI Microsoft
msi.dll 1520000 2908160 C:\WINDOWS\system32\msi.dll 3.1.4000.2435 Windows Installer
drprov.dll 75ef0000 28672 C:\WINDOWS\System32\drprov.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft Terminal Server Network Provider
ntlanman.dll 71b70000 57344 C:\WINDOWS\System32\ntlanman.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Gestionnaire de réseau local Microsoft®
NETUI0.dll 71c30000 94208 C:\WINDOWS\System32\NETUI0.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Code commun NT LM UI - Classes GUI
NETUI1.dll 71bf0000 262144 C:\WINDOWS\System32\NETUI1.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) NT LM UI Common Code - Networking classes
NETRAP.dll 71be0000 28672 C:\WINDOWS\System32\NETRAP.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Net Remote Admin Protocol DLL
davclnt.dll 75f00000 36864 C:\WINDOWS\System32\davclnt.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Fichier DLL du client DAV pour le Web
rsaenh.dll ffd0000 163840 C:\WINDOWS\system32\rsaenh.dll 5.1.2600.2161 (xpsp.040706-1629) Microsoft Enhanced Cryptographic Provider
SXS.DLL 77210000 724992 C:\WINDOWS\system32\SXS.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Fusion 2.5
shdoclc.dll 17f0000 581632 C:\WINDOWS\system32\shdoclc.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Bibliothèque d'objets et de contrôles de documents de l'environnement
comdlg32.dll 76340000 303104 C:\WINDOWS\system32\comdlg32.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) DLL commune de boîtes de dialogues
browselc.dll 1940000 77824 C:\WINDOWS\system32\browselc.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Bibliothèque de l'interface utilisateur du navigateur Shell
DUSER.dll 6c650000 315392 C:\WINDOWS\system32\DUSER.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows DirectUser Engine
MSGINA.dll 75900000 1019904 C:\WINDOWS\system32\MSGINA.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Ouverture de session Windows NT GINA DLL
ODBC32.dll 74730000 249856 C:\WINDOWS\system32\ODBC32.dll 3.525.1117.0 (xpsp_sp2_rtm.040803-2158) Microsoft Data Access - ODBC Driver Manager
odbcint.dll 2840000 98304 C:\WINDOWS\system32\odbcint.dll 3.525.1117.0 built by: (_sqlbld) Microsoft Data Access - Ressources ODBC
MFC42.DLL 73d20000 1040384 C:\WINDOWS\system32\MFC42.DLL 6.02.4131.0 MFCDLL Shared Library - Retail Version
MFC42LOC.DLL 61d70000 57344 C:\WINDOWS\system32\MFC42LOC.DLL 6.00.8665.0 MFC Language Specific Resources
AlbumUI.dll 2be0000 348160 C:\Program Files\Logitech\ImageStudio\AlbumUI.dll 7.3.0.1113 QuickCam Gallery Activity
QCUI.dll 2c40000 393216 C:\Program Files\Logitech\ImageStudio\QCUI.dll 7.3.0.1113 QuickCam User Interface Library
AVIFIL32.dll 73aa0000 94208 C:\WINDOWS\system32\AVIFIL32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Bibliothèque d'assistance des fichiers AVI Microsoft
MSVFW32.dll 75ba0000 135168 C:\WINDOWS\system32\MSVFW32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) DLL Microsoft Video for Windows
LTWVC12n.dll 2ca0000 876544 C:\Program Files\Logitech\ImageStudio\LTWVC12n.dll 12.1.0.011 LEADTOOLS® DLL for Win32
LTFIL12n.DLL 1ffc0000 147456 C:\Program Files\Logitech\ImageStudio\LTFIL12n.DLL 12.1.0.011 LEADTOOLS® DLL for Win32
LTKRN12n.dll 2d80000 430080 C:\Program Files\Logitech\ImageStudio\LTKRN12n.dll 12.1.0.011 LEADTOOLS® DLL for Win32
LQCUI.dll 2890000 32768 C:\Program Files\Logitech\ImageStudio\LQCUI.dll 7.3.0.1113 QuickCam User Interface Language
LAlbumUI.dll 3af0000 196608 C:\Program Files\Logitech\ImageStudio\LAlbumUI.dll 7.3.0.1113 QuickCam Gallery Language
actxprxy.dll 71ca0000 114688 C:\WINDOWS\system32\actxprxy.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) ActiveX Interface Marshaling Library
MLANG.dll 75d30000 593920 C:\WINDOWS\system32\MLANG.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Multi Language Support DLL
RASAPI32.dll 76e90000 245760 C:\WINDOWS\system32\RASAPI32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) API d'Accès réseau à distance
rasman.dll 76e40000 73728 C:\WINDOWS\system32\rasman.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Remote Access Connection Manager
TAPI32.dll 76e60000 192512 C:\WINDOWS\system32\TAPI32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) DLL Client de l'API Microsoft® Windows™ Téléphonie
msv1_0.dll 77c40000 143360 C:\WINDOWS\system32\msv1_0.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft Authentication Package v1.0
printui.dll 74af0000 589824 C:\WINDOWS\system32\printui.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) DLL de l'IU d'impression
WINSPOOL.DRV 72f50000 155648 C:\WINDOWS\system32\WINSPOOL.DRV 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Pilote de spouleur Windows
ACTIVEDS.dll 77c90000 204800 C:\WINDOWS\system32\ACTIVEDS.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) DLL de la couche de routage AD
adsldpc.dll 76dc0000 151552 C:\WINDOWS\system32\adsldpc.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) DLL C du fournisseur LDAP AD
CFGMGR32.dll 74a50000 28672 C:\WINDOWS\system32\CFGMGR32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Configuration Manager Forwarder DLL
WZSHLSTB.DLL 16200000 24576 C:\PROGRA~1\WINZIP\WZSHLSTB.DLL 4.1 (32-bit) WinZip Shell Extension DLL
ymmapi.dll 64000000 188416 C:\PROGRA~1\Yahoo!\Common\ymmapi.dll 2004, 6, 13, 1 YMMAPI Module
PicaView.dll 1d90000 503808 C:\PROGRA~1\ACDSYS~1\PicaView\PicaView.dll 2, 0, 0, 78 PicaView Shell Extension DLL
IDE_ACDStd.apl 3b20000 1044480 C:\Program Files\Fichiers communs\ACD Systems\PlugIns\IDE_ACDStd.apl 1, 3, 4, 22 IDE_ACDStd
context.dll 1a30000 69632 C:\Program Files\ewido\security suite\context.dll 1.0.0.1 Context-Menu (Shell Extension)
lang.dll 1980000 49152 C:\Program Files\ewido\security suite\lang.dll 1, 0, 0, 1 lang
MSVCP71.dll 7c3a0000 503808 C:\WINDOWS\system32\MSVCP71.dll 7.10.3077.0 Microsoft® C++ Runtime Library
avgse.dll 621a0000 57344 C:\Program Files\Grisoft\AVG Free\avgse.dll 7,1,0,285 AVG Shell Extension
AcroIEHelper.dll 1150000 45056 C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll 6.0.0.2003051500 Adobe Acrobat IE Helper Version 6.0 for ActivieX
BFGTOO~1.DLL 2280000 1273856 C:\PROGRA~1\BFGTOO~1\BFGTOO~1.DLL 3.0.2.10 [[[DESCRIPTION]]]-----------------------------------------------
olepro32.dll 5f140000 94208 C:\WINDOWS\system32\olepro32.dll 5.1.2600.2180
SDHelper.dll 2910000 765952 C:\PROGRA~1\SPYBOT~1\SDHelper.dll 1, 3, 0, 12 Bad download blocker
asfsipc.dll 41f00000 28672 C:\WINDOWS\system32\asfsipc.dll 1.1.00.3917 ASFSipc Object
MSISIP.DLL 60980000 28672 C:\WINDOWS\system32\MSISIP.DLL 3.1.4000.1823 MSI Signature SIP Provider
wshext.dll 74e10000 65536 C:\WINDOWS\system32\wshext.dll 5.6.0.8820 Microsoft ® Shell Extension for Windows Script Host
wshFR.DLL 59000000 57344 C:\WINDOWS\system32\wshFR.DLL 5.6.0.6626 Ressources internationales de Microsoft ® Windows Script Host


*****************

ie:


Module information for 'IEXPLORE.EXE'
MODULE BASE SIZE PATH
IEXPLORE.EXE 400000 102400 C:\Program Files\Internet Explorer\IEXPLORE.EXE 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Internet Explorer
ntdll.dll 7c910000 749568 C:\WINDOWS\system32\ntdll.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) DLL Couche NT
kernel32.dll 7c800000 1064960 C:\WINDOWS\system32\kernel32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) DLL du client API BASE Windows NT
msvcrt.dll 77be0000 360448 C:\WINDOWS\system32\msvcrt.dll 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows NT CRT DLL
USER32.dll 77d10000 589824 C:\WINDOWS\system32\USER32.dll 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519) DLL client de l'API Utilisateur de Windows XP
GDI32.dll 77ef0000 286720 C:\WINDOWS\system32\GDI32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) GDI Client DLL
SHLWAPI.dll 77f40000 483328 C:\WINDOWS\system32\SHLWAPI.dll 6.00.2900.2713 (xpsp_sp2_gdr.050702-1513) Bibliothèque d'utilitaires légers du Shell
ADVAPI32.dll 77da0000 704512 C:\WINDOWS\system32\ADVAPI32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) API avancées Windows 32
RPCRT4.dll 77e50000 593920 C:\WINDOWS\system32\RPCRT4.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Remote Procedure Call Runtime
SHDOCVW.dll 77720000 1490944 C:\WINDOWS\system32\SHDOCVW.dll 6.00.2900.2713 (xpsp_sp2_gdr.050702-1513) Bibliothèque d'objets et de contrôles de documents de l'environnement
CRYPT32.dll 779e0000 614400 C:\WINDOWS\system32\CRYPT32.dll 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158) Crypto API32
MSASN1.dll 77a80000 73728 C:\WINDOWS\system32\MSASN1.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ASN.1 Runtime APIs
CRYPTUI.dll 76610000 540672 C:\WINDOWS\system32\CRYPTUI.dll 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158) Fournisseur de l'interface Microsoft Trust
WINTRUST.dll 76be0000 188416 C:\WINDOWS\system32\WINTRUST.dll 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158) API Microsoft de vérification de la confiance
IMAGEHLP.dll 76c40000 163840 C:\WINDOWS\system32\IMAGEHLP.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows NT Image Helper
OLEAUT32.dll 770e0000 573440 C:\WINDOWS\system32\OLEAUT32.dll 5.1.2600.2180
ole32.dll 774a0000 1298432 C:\WINDOWS\system32\ole32.dll 5.1.2600.2665 (xpsp_sp2_gdr.050427-1553) Microsoft OLE pour Windows
NETAPI32.dll 6fee0000 344064 C:\WINDOWS\system32\NETAPI32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Net Win32 API DLL
WININET.dll 77aa0000 684032 C:\WINDOWS\system32\WININET.dll 6.00.2900.2713 (xpsp_sp2_gdr.050702-1513) Extensions Internet pour Win32
WLDAP32.dll 76f10000 184320 C:\WINDOWS\system32\WLDAP32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) DLL API LDAP Win32
VERSION.dll 77bd0000 32768 C:\WINDOWS\system32\VERSION.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Version Checking and File Installation Libraries
comctl32.dll 77390000 1056768 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll 6.0 (xpsp_sp2_rtm.040803-2158) User Experience Controls Library
SHELL32.dll 7c9d0000 8527872 C:\WINDOWS\system32\SHELL32.dll 6.00.2900.2620 (xpsp_sp2_gdr.050225-1820) DLL commune du shell Windows
comctl32.dll 58b50000 618496 C:\WINDOWS\system32\comctl32.dll 5.82 (xpsp_sp2_rtm.040803-2158) Common Controls Library
MSCTF.dll 74690000 307200 C:\WINDOWS\system32\MSCTF.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) DLL de MSCTF Server
BROWSEUI.dll 75f10000 1036288 C:\WINDOWS\system32\BROWSEUI.dll 6.00.2900.2713 (xpsp_sp2_gdr.050702-1513) Bibliothèque de l'interface utilisateur du navigateur
browselc.dll 20000000 77824 C:\WINDOWS\system32\browselc.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Bibliothèque de l'interface utilisateur du navigateur Shell
appHelp.dll 77b50000 139264 C:\WINDOWS\system32\appHelp.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Application Compatibility Client Library
CLBCATQ.DLL 76f80000 520192 C:\WINDOWS\system32\CLBCATQ.DLL 2001.12.4414.258
COMRes.dll 77000000 868352 C:\WINDOWS\system32\COMRes.dll 2001.12.4414.258
urlmon.dll 77170000 647168 C:\WINDOWS\system32\urlmon.dll 6.00.2900.2713 (xpsp_sp2_gdr.050702-1513) Extensions OLE32 pour Win32
UxTheme.dll 5b090000 229376 C:\WINDOWS\system32\UxTheme.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Bibliothèque de thèmes Ux Microsoft
Secur32.dll 77fc0000 69632 C:\WINDOWS\system32\Secur32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Security Support Provider Interface
SETUPAPI.dll 778e0000 1015808 C:\WINDOWS\system32\SETUPAPI.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Installation de L'API Windows
ycomp5_5_7_0.dll 68000000 331776 C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll 2004, 9, 28, 1 Yahoo! Toolbar 5.5 for Internet Explorer
WSOCK32.dll 71a10000 40960 C:\WINDOWS\system32\WSOCK32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) DLL Socket 32-bits Windows
WS2_32.dll 719f0000 94208 C:\WINDOWS\system32\WS2_32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Socket 2.0 32-Bit DLL
WS2HELP.dll 719e0000 32768 C:\WINDOWS\system32\WS2HELP.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Application d'assistance de Windows Socket 2.0 pour Windows NT
WINMM.dll 76ae0000 192512 C:\WINDOWS\system32\WINMM.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) DLL API MCI
AcroIEHelper.dll 10000000 45056 C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll 6.0.0.2003051500 Adobe Acrobat IE Helper Version 6.0 for ActivieX
BFGTOO~1.DLL 1180000 1273856 C:\PROGRA~1\BFGTOO~1\BFGTOO~1.DLL 3.0.2.10 [[[DESCRIPTION]]]-----------------------------------------------
olepro32.dll 5f140000 94208 C:\WINDOWS\system32\olepro32.dll 5.1.2600.2180
comdlg32.dll 76340000 303104 C:\WINDOWS\system32\comdlg32.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) DLL commune de boîtes de dialogues
SDHelper.dll 13e0000 765952 C:\PROGRA~1\SPYBOT~1\SDHelper.dll 1, 3, 0, 12 Bad download blocker
aoltb.dll 15b0000 532480 C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll 2.0.4239.61 AOL IE Toolbar DLL (UNICODE)
MSVCR71.dll 7c340000 352256 C:\WINDOWS\system32\MSVCR71.dll 7.10.3052.4 Microsoft® C Runtime Library
MSVCP71.dll 7c3a0000 503808 C:\WINDOWS\system32\MSVCP71.dll 7.10.3077.0 Microsoft® C++ Runtime Library
USERENV.dll 76960000 741376 C:\WINDOWS\system32\USERENV.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Userenv
msxml3.dll 748f0000 1245184 C:\WINDOWS\system32\msxml3.dll 8.50.2162.0 MSXML 3.0 SP 5
WINHTTP.dll 4d5e0000 360448 C:\WINDOWS\system32\WINHTTP.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows HTTP Services
mlang.dll 75d30000 593920 C:\WINDOWS\system32\mlang.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Multi Language Support DLL
aoltbres.dll 1cc0000 98304 c:\program files\aol\aol toolbar 2.0\resources\en-US\aoltbres.dll 2.0.4239.61 AOL IE Toolbar Resource Dynamic Link Library
stmain.dll 1ce0000 163840 C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll 01.02.3000.1001 st
SensApi.dll 72220000 20480 C:\WINDOWS\system32\SensApi.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) SENS Connectivity API DLL
mswsock.dll 71990000 262144 C:\WINDOWS\System32\mswsock.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Fournisseur de service Sockets 2.0 de Microsoft Windows
DNSAPI.dll 76ed0000 159744 C:\WINDOWS\system32\DNSAPI.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) DNS Client API DLL
winrnr.dll 76f60000 32768 C:\WINDOWS\System32\winrnr.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) LDAP RnR Provider DLL
rasadhlp.dll 76f70000 24576 C:\WINDOWS\system32\rasadhlp.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Remote Access AutoDial Helper
googletoolbar1.dll 1f60000 708608 c:\program files\google\googletoolbar1.dll 2, 0, 114, 9 Google IE Client Toolbar
msntb.dll 2010000 299008 C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr-ca\msntb.dll 01.02.3000.1001 MSN Toolbar extension
mtbres.dll 2080000 180224 C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr-ca\mtbres.dll 01.02.3000.1001 Bibliothèque de ressources de la Barre d'outils MSN
shdoclc.dll 2110000 581632 C:\WINDOWS\system32\shdoclc.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Bibliothèque d'objets et de contrôles de documents de l'environnement
xpsp2res.dll 21a0000 2990080 C:\WINDOWS\system32\xpsp2res.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Messages Service Pack 2
hnetcfg.dll 62e40000 364544 C:\WINDOWS\system32\hnetcfg.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Gestionnaire de configuration de réseau domestique
wshtcpip.dll 719d0000 32768 C:\WINDOWS\System32\wshtcpip.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Sockets Helper DLL
RASAPI32.DLL 76e90000 245760 C:\WINDOWS\system32\RASAPI32.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) API d'Accès réseau à distance
rasman.dll 76e40000 73728 C:\WINDOWS\system32\rasman.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Remote Access Connection Manager
TAPI32.dll 76e60000 192512 C:\WINDOWS\system32\TAPI32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) DLL Client de l'API Microsoft® Windows™ Téléphonie
rtutils.dll 76e30000 57344 C:\WINDOWS\system32\rtutils.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Routing Utilities
msv1_0.dll 77c40000 143360 C:\WINDOWS\system32\msv1_0.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft Authentication Package v1.0
iphlpapi.dll 76d10000 102400 C:\WINDOWS\system32\iphlpapi.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) API de l'application d'assistance IP
msi.dll 2a80000 2908160 C:\WINDOWS\system32\msi.dll 3.1.4000.2435 Windows Installer
SXS.DLL 77210000 724992 C:\WINDOWS\system32\SXS.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Fusion 2.5
apopup.dll 2ea0000 172032 c:\program files\aol\aol toolbar 2.0\apopup.dll 1, 0, 0, 1 APopup Module
xprt4.dll 40000000 81920 c:\program files\aol\aol toolbar 2.0\xprt4.dll 4.3.2.4320 XPRT Runtime Library
smartbox.dll 2f10000 126976 C:\PROGRA~1\FICHIE~1\AOL\AOLTOO~1\smartbox.dll 1.0.0.11 AOL Smartbox DLL (UNICODE)
mshtml.dll 7d4c0000 3035136 C:\WINDOWS\system32\mshtml.dll 6.00.2900.2722 (xpsp_sp2_gdr.050719-1518) Visionneuse HTML Microsoft ®
msls31.dll 74630000 159744 C:\WINDOWS\system32\msls31.dll 3.10.349.0 Microsoft Line Services library file
IMM32.DLL 76320000 118784 C:\WINDOWS\system32\IMM32.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows XP IMM32 API Client DLL
jscript.dll 75be0000 450560 C:\WINDOWS\system32\jscript.dll 5.6.0.8820 Microsoft ® JScript
pubmod.dll 66000000 126976 C:\Program Files\Yahoo!\Companion\Installs\cpn\pubmod.dll 2004, 7, 19, 1 PopupBlocker Module for Yahoo! Companion
ypubc.dll 65000000 176128 C:\Program Files\Yahoo!\Companion\Installs\cpn\ypubc.dll 2003.10.22.01 Companion Pop-Up Blocker DLL
mshtmled.dll 761c0000 462848 C:\WINDOWS\system32\mshtmled.dll 6.00.2900.2713 (xpsp_sp2_gdr.050702-1513) Composant d'édition HTML Microsoft ®
MPR.dll 71a60000 73728 C:\WINDOWS\system32\MPR.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) DLL de routeur de fournisseurs multiples
drprov.dll 75ef0000 28672 C:\WINDOWS\System32\drprov.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft Terminal Server Network Provider
ntlanman.dll 71b70000 57344 C:\WINDOWS\System32\ntlanman.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Gestionnaire de réseau local Microsoft®
NETUI0.dll 71c30000 94208 C:\WINDOWS\System32\NETUI0.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Code commun NT LM UI - Classes GUI
NETUI1.dll 71bf0000 262144 C:\WINDOWS\System32\NETUI1.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) NT LM UI Common Code - Networking classes
NETRAP.dll 71be0000 28672 C:\WINDOWS\System32\NETRAP.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Net Remote Admin Protocol DLL
SAMLIB.dll 71b50000 77824 C:\WINDOWS\System32\SAMLIB.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) SAM Library DLL
davclnt.dll 75f00000 36864 C:\WINDOWS\System32\davclnt.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Fichier DLL du client DAV pour le Web
MSGINA.dll 75900000 1019904 C:\WINDOWS\system32\MSGINA.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Ouverture de session Windows NT GINA DLL
WINSTA.dll 762f0000 65536 C:\WINDOWS\system32\WINSTA.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Winstation Library
ODBC32.dll 74730000 249856 C:\WINDOWS\system32\ODBC32.dll 3.525.1117.0 (xpsp_sp2_rtm.040803-2158) Microsoft Data Access - ODBC Driver Manager
odbcint.dll 3de0000 98304 C:\WINDOWS\system32\odbcint.dll 3.525.1117.0 built by: (_sqlbld) Microsoft Data Access - Ressources ODBC
dxtrans.dll 6c270000 217088 C:\WINDOWS\system32\dxtrans.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) DirectX Media -- DirectX Transform Core
ATL.DLL 76ac0000 69632 C:\WINDOWS\system32\ATL.DLL 3.05.2284 ATL Module for Windows XP (Unicode)
ddrawex.dll 6d8f0000 40960 C:\WINDOWS\system32\ddrawex.dll 5.03.2600.2180 (xpsp_sp2_rtm.040803-2158) Direct Draw Ex
DDRAW.dll 736b0000 299008 C:\WINDOWS\system32\DDRAW.dll 5.03.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft DirectDraw
DCIMAN32.dll 73b10000 24576 C:\WINDOWS\system32\DCIMAN32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) DCI Manager
dxtmsft.dll 6c2b0000 368640 C:\WINDOWS\system32\dxtmsft.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) DirectX Media -- Image DirectX Transforms
actxprxy.dll 71ca0000 114688 C:\WINDOWS\system32\actxprxy.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) ActiveX Interface Marshaling Library
wdmaud.drv 72c70000 36864 C:\WINDOWS\system32\wdmaud.drv 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) WDM Audio driver mapper
msacm32.drv 72c60000 32768 C:\WINDOWS\system32\msacm32.drv 5.1.2600.0 (xpclient.010817-1148) Mappeur de sons Microsoft
MSACM32.dll 77bb0000 86016 C:\WINDOWS\system32\MSACM32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Filtre audio ACM Microsoft
midimap.dll 77ba0000 28672 C:\WINDOWS\system32\midimap.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Mappeur MIDI Microsoft
corpol.dll 6e980000 49152 C:\WINDOWS\system32\corpol.dll 2003.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft COM Runtime Execution Engine
rsaenh.dll ffd0000 163840 C:\WINDOWS\system32\rsaenh.dll 5.1.2600.2161 (xpsp.040706-1629) Microsoft Enhanced Cryptographic Provider
cryptnet.dll 75ed0000 77824 C:\WINDOWS\system32\cryptnet.dll 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158) Crypto Network Related API
sfc_os.dll 76c10000 172032 C:\WINDOWS\system32\sfc_os.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Protection de fichiers Windows
ADVPACK.DLL 751d0000 167936 C:\WINDOWS\system32\ADVPACK.DLL 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) ADVPACK
Cabinet.dll 750c0000 81920 C:\WINDOWS\system32\Cabinet.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft® Cabinet File API
MFC42.DLL 73d20000 1040384 C:\WINDOWS\system32\MFC42.DLL 6.02.4131.0 MFCDLL Shared Library - Retail Version
MFC42LOC.DLL 61d70000 57344 C:\WINDOWS\system32\MFC42LOC.DLL 6.00.8665.0 MFC Language Specific Resources
vbscript.dll 73250000 421888 C:\WINDOWS\system32\vbscript.dll 5.6.0.8820 Microsoft ® VBScript
Flash.ocx 71c0000 1732608 C:\WINDOWS\system32\macromed\flash\Flash.ocx 7,0,19,0 Macromedia Flash Player 7.0 r19
asinst.dll 8520000 143360 C:\WINDOWS\Downloaded Program Files\asinst.dll 57, 8, 0, 0 Panda ActiveScan Instalador
Psscan.dll ba0000 290816 C:\WINDOWS\system32\ActiveScan\Psscan.dll 7, 1, 9, 0 Panda Scan Module
SHFOLDER.dll 76720000 36864 C:\WINDOWS\system32\SHFOLDER.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Shell Folder Service
pskas.dll c00000 49152 C:\WINDOWS\system32\ActiveScan\pskas.dll 1, 2, 1, 1 pskas
PSKUTIL.dll 24040000 69632 C:\WINDOWS\system32\ActiveScan\PSKUTIL.dll 1, 2, 1, 2 PSKUTIL
PSKVFILE.dll 24020000 28672 C:\WINDOWS\system32\ActiveScan\PSKVFILE.dll 1, 2, 1, 0 PSKVFILE
PSKALLOC.dll 24000000 28672 C:\WINDOWS\system32\ActiveScan\PSKALLOC.dll 1, 2, 1, 1 PSKALLOC
pskvfs.dll 250a0000 69632 C:\WINDOWS\system32\ActiveScan\pskvfs.dll 1, 2, 1, 3 pskvfs
PSKCMP.dll 24200000 372736 C:\WINDOWS\system32\ActiveScan\PSKCMP.dll 1, 2, 1, 1 PSKCMP
PSKPACK.DLL 24060000 45056 C:\WINDOWS\system32\ActiveScan\PSKPACK.DLL 1, 2, 1, 1 PSKPACK
PSKVM.dll c40000 114688 C:\WINDOWS\system32\ActiveScan\PSKVM.dll 1, 2, 1, 3 PSKVM
PSKHTML.dll 24100000 212992 C:\WINDOWS\system32\ActiveScan\PSKHTML.dll 1, 2, 1, 1 PSKHTML
pskscs.dll 25140000 212992 C:\WINDOWS\system32\ActiveScan\pskscs.dll 1, 2, 1, 5 pskscs
pskavs.dll 25500000 1560576 C:\WINDOWS\system32\ActiveScan\pskavs.dll 1, 2, 1, 3 Pskavs
pskfss.dll 250e0000 69632 C:\WINDOWS\system32\ActiveScan\pskfss.dll 1, 2, 1, 2 pskfss
ImgUtil.dll 66cc0000 49152 C:\WINDOWS\system32\ImgUtil.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) IE plugin image decoder support DLL
ntshrui.dll 76930000 155648 C:\WINDOWS\system32\ntshrui.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Extensions de l'interpréteur de commandes pour le partage
plugin.ocx 72a70000 98304 C:\WINDOWS\system32\plugin.ocx 6.00.2600.0000 (xpclient.010817-1148) Plugin
wuapi.dll 506a0000 475136 C:\WINDOWS\system32\wuapi.dll 5.8.0.2469 built by: lab01_n(wmbla) API du client Windows Update

[Dark_Star_Qc]

Well, I have good new and bad news...

The bad first:

I can't run WinPFind...

This is the message I get:

"Access violation at address 0044C31F in module 'WinPFind.exe'. Read of address 00000004."

The good news:

On rebooting in normal mode, I still have my desktop...

[Dragon]

ok, boot back to safe mode and please get the start up list.

[Dark_Star_Qc]

So far, so good... still have the desktop on reboot...

Here's the startup log:

StartupList report, 2005-08-28, 21:38:52
StartupList version: 1.52.2
Started from : C:\Program Files\HijackThis\HijackThis.EXE
Detected: Windows XP SP2 (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 SP2 (6.00.2900.2180)
* Using default options
* Including empty and uninteresting sections
* Showing rarely important sections
==================================================

Running processes:

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\HijackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:\Documents and Settings\Linda\Menu Démarrer\Programmes\Démarrage]
*No files*

Shell folders AltStartup:
*Folder not found*

User shell folders Startup:
*Folder not found*

User shell folders AltStartup:
*Folder not found*

Shell folders Common Startup:
[C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage]
Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

Shell folders Common AltStartup:
*Folder not found*

User shell folders Common Startup:
*Folder not found*

User shell folders Alternate Common Startup:
*Folder not found*

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,

[HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*

[HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
*Registry value not found*

[HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

AdaptecDirectCD = C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C-Media Mixer = Mixer.exe /startup
SunJavaUpdateSched = C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
WinampAgent = C:\Program Files\Winamp\winampa.exe
QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime
AVG7_CC = C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
AVG7_EMC = C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
Lexmark X1100 Series = "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
MSRSRun = C:\Program Files\NCH Swift Sound\MSRS\msrs.exe /logon
LVCOMSX = C:\WINDOWS\system32\LVCOMSX.EXE
LVCOMS = C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
LogitechGalleryRepair = C:\Program Files\Logitech\ImageStudio\ISStart.exe
LogitechImageStudioTray = C:\Program Files\Logitech\ImageStudio\LogiTray.exe
REGSHAVE = C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
TkBellExe = "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
iTunesHelper = C:\Program Files\iTunes\iTunesHelper.exe
HostManager = C:\Program Files\Fichiers communs\AOL\1124860141\ee\AOLHostManager.exe
Mirabilis ICQ = C:\PROGRA~1\ICQ\ICQNet.exe

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

CTFMON.EXE = C:\WINDOWS\system32\ctfmon.exe
Gestionnaire Antidote.exe = C:\Program Files\Druide\Antidote\Antidote\Gestionnaire Antidote.exe
MessengerDiscovery = C:\Program Files\MessengerDiscovery\MessengerDiscovery.exe
MSMSGS = "C:\Program Files\Messenger\msmsgs.exe" /background

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run

*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

[OptionalComponents]
*No values found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*

--------------------------------------------------

File association entry for .EXE:
HKEY_CLASSES_ROOT\exefile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .COM:
HKEY_CLASSES_ROOT\comfile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .BAT:
HKEY_CLASSES_ROOT\batfile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .PIF:
HKEY_CLASSES_ROOT\piffile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .SCR:
HKEY_CLASSES_ROOT\scrfile\shell\open\command

(Default) = "%1" /S

--------------------------------------------------

File association entry for .HTA:
HKEY_CLASSES_ROOT\htafile\shell\open\command

(Default) = C:\WINDOWS\system32\mshta.exe "%1" %*

--------------------------------------------------

File association entry for .TXT:
HKEY_CLASSES_ROOT\txtfile\shell\open\command

(Default) = %SystemRoot%\system32\NOTEPAD.EXE %1

--------------------------------------------------

Enumerating Active Setup stub paths:
HKLM\Software\Microsoft\Active Setup\Installed Components
(* = disabled by HKCU twin)

[>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP

[>{26923b43-4d38-484f-9b9e-de460746276c}] *
StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE

[>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] *
StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

[>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] *
StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

[{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] *
StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

[{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

[{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT

[{5945c046-1e7d-11d1-bc44-00c04fd912be}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser

[{6BF52A52-394A-11d3-B153-00C04F79FAA6}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub

[{7790769C-0471-11d2-AF11-00C04FA35D02}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

[{89820200-ECBD-11cf-8B85-00AA005B4340}] *
StubPath = regsvr32.exe /s /n /i:U shell32.dll

[{89820200-ECBD-11cf-8B85-00AA005B4383}] *
StubPath = %SystemRoot%\system32\ie4uinit.exe

--------------------------------------------------

Enumerating ICQ Agent Autostart apps:
HKCU\Software\Mirabilis\ICQ\Agent\Apps

*Registry key not found*

--------------------------------------------------

Load/Run keys from C:\WINDOWS\WIN.INI:

load=*INI section not found*
run=*INI section not found*

Load/Run keys from Registry:

HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\Windows: load=
HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=Explorer.exe
SCRNSAVE.EXE=C:\WINDOWS\system32\logon.scr
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry value not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------

Checking for EXPLORER.EXE instances:

C:\WINDOWS\Explorer.exe: PRESENT!

C:\Explorer.exe: not present
C:\WINDOWS\Explorer\Explorer.exe: not present
C:\WINDOWS\System\Explorer.exe: not present
C:\WINDOWS\System32\Explorer.exe: not present
C:\WINDOWS\Command\Explorer.exe: not present
C:\WINDOWS\Fonts\Explorer.exe: not present

--------------------------------------------------

Checking for superhidden extensions:

.lnk: HIDDEN! (arrow overlay: yes)
.pif: HIDDEN! (arrow overlay: yes)
.exe: not hidden
.com: not hidden
.bat: not hidden
.hta: not hidden
.scr: not hidden
.shs: HIDDEN!
.shb: HIDDEN!
.vbs: not hidden
.vbe: not hidden
.wsh: not hidden
.scf: HIDDEN! (arrow overlay: NO!)
.url: HIDDEN! (arrow overlay: yes)
.js: not hidden
.jse: not hidden

--------------------------------------------------

Verifying REGEDIT.EXE integrity:

- Regedit.exe found in C:\WINDOWS
- .reg open command is normal (regedit.exe %1)
- Regedit.exe has no CompanyName property! It is either missing or named something else.
- Regedit.exe has no OriginalFilename property! It is either missing or named something else.
- Regedit.exe has no FileDescription property! It is either missing or named something else.

Registry check failed!

--------------------------------------------------

Enumerating Browser Helper Objects:

(no name) - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll - {02478D38-C3F9-4efb-9B51-7695ECA05670}
(no name) - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - C:\PROGRA~1\BFGTOO~1\BFGTOO~1.DLL - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A}
(no name) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F}
AOL Toolbar Launcher - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9}
(no name) - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll - {9394EDE7-C8B5-483E-8773-474BF36AF6E4}
(no name) - c:\program files\google\googletoolbar1.dll - {AA58ED58-01DD-4d91-8333-CF10577473F7}
(no name) - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr-ca\msntb.dll - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}

--------------------------------------------------

Enumerating Task Scheduler jobs:

A31CAB8791872897.job
SDMsgUpdate (SmartDrawTrial).job

--------------------------------------------------

Enumerating Download Program Files:

[QuickTime Object]
InProcServer32 = C:\Program Files\QuickTime\QTPlugin.ocx
CODEBASE = http://www.apple.com...ex/qtplugin.cab

[HouseCall Control]
InProcServer32 = C:\WINDOWS\DOWNLO~1\xscan60.ocx
CODEBASE = http://housecall60.t...all/xscan60.cab

[CPC View ax Control]
InProcServer32 = C:\WINDOWS\DOWNLO~1\CPCVIE~1.OCX
CODEBASE = http://www.registref...X/CpcViewAX.cab

[Shockwave ActiveX Control]
InProcServer32 = C:\WINDOWS\system32\Macromed\Director\SwDir.dll
CODEBASE = http://download.macr...director/sw.cab

[Windows Genuine Advantage Validation Tool]
InProcServer32 = C:\WINDOWS\system32\LegitCheckControl.DLL
CODEBASE = http://go.microsoft....467&clcid=0x409

[Minesweeper Flags Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\minesweeper.dll
CODEBASE = http://messenger.zon...er.cab31267.cab

[MSN Photo Upload Tool]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\MsnPUpld.dll
CODEBASE = http://spaces.msn.co...ad/MsnPUpld.cab

[HouseCall Control]
InProcServer32 = C:\WINDOWS\DOWNLO~1\xscan53.ocx
CODEBASE = http://a840.g.akamai...all/xscan53.cab

[Java Plug-in 1.5.0_04]
InProcServer32 = C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
CODEBASE = http://java.sun.com/...indows-i586.cab

[MessengerStatsClient Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\messengerstatsclient.dll
CODEBASE = http://messenger.zon...nt.cab31267.cab

[ActiveScan Installer Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\asinst.dll
CODEBASE = http://www.pandasoft...free/asinst.cab

[MsnMessengerSetupDownloadControl Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\MsnMessengerSetupDownloader.ocx
CODEBASE = http://messenger.msn...pDownloader.cab

[ZoneIntro Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\ZIntro.ocx
CODEBASE = http://zone.msn.com/...ro.cab34246.cab

[Java Plug-in 1.4.2_05]
InProcServer32 = C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
CODEBASE = http://java.sun.com/...indows-i586.cab

[Java Plug-in 1.5.0_04]
InProcServer32 = C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
CODEBASE = http://java.sun.com/...indows-i586.cab

[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\system32\macromed\flash\Flash.ocx
CODEBASE = http://fpdownload.ma...ash/swflash.cab

[SCEWebLauncherCtl Object]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\SCEWebLauncher.Ocx
CODEBASE = http://zone.msn.com/...WebLauncher.cab

[McFreeScan Class]
InProcServer32 = C:\WINDOWS\McAfee.com\FreeScan\mcfscan.dll
CODEBASE = http://download.mcaf...499/mcfscan.cab

[MSN Chat Control 4.5]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\MSNChat45.ocx
CODEBASE = http://chat.msn.com/bin/msnchat45.cab

[ActiveCGM Control]
InProcServer32 = C:\WINDOWS\system32\Acgm.Dll
CODEBASE = http://www.registref...iveCGM/Acgm.cab

--------------------------------------------------

Enumerating Winsock LSP files:

NameSpace #1: C:\WINDOWS\System32\mswsock.dll
NameSpace #2: C:\WINDOWS\System32\winrnr.dll
NameSpace #3: C:\WINDOWS\System32\mswsock.dll
Protocol #1: C:\WINDOWS\system32\mswsock.dll
Protocol #2: C:\WINDOWS\system32\mswsock.dll
Protocol #3: C:\WINDOWS\system32\mswsock.dll
Protocol #4: C:\WINDOWS\system32\rsvpsp.dll
Protocol #5: C:\WINDOWS\system32\rsvpsp.dll
Protocol #6: C:\WINDOWS\system32\mswsock.dll
Protocol #7: C:\WINDOWS\system32\mswsock.dll
Protocol #8: C:\WINDOWS\system32\mswsock.dll
Protocol #9: C:\WINDOWS\system32\mswsock.dll
Protocol #10: C:\WINDOWS\system32\mswsock.dll
Protocol #11: C:\WINDOWS\system32\mswsock.dll
Protocol #12: C:\WINDOWS\system32\mswsock.dll
Protocol #13: C:\WINDOWS\system32\mswsock.dll

--------------------------------------------------

Enumerating Windows NT/2000/XP services

Pilote ACPI Microsoft: system32\DRIVERS\ACPI.sys (system)
Suppresseur d'écho acoustique (Noyau Microsoft): system32\drivers\aec.sys (manual start)
AFD: \SystemRoot\System32\drivers\afd.sys (system)
Avertissement: %SystemRoot%\system32\svchost.exe -k LocalService (disabled)
Service de la passerelle de la couche Application: %SystemRoot%\System32\alg.exe (manual start)
Gestion d'applications: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
Pilote de média asynchrone RAS: system32\DRIVERS\asyncmac.sys (manual start)
Contrôleur de disque dur IDE/ESDI standard: system32\DRIVERS\atapi.sys (system)
atirage: system32\DRIVERS\atiragem.sys (manual start)
Protocole client ATM ARP: system32\DRIVERS\atmarpc.sys (manual start)
Audio Windows: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Pilote audio Stub: system32\DRIVERS\audstub.sys (manual start)
AVG7 Alert Manager Server: C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe (autostart)
AVG7 Kernel: \SystemRoot\System32\Drivers\avg7core.sys (system)
AVG7 Wrap Driver: \SystemRoot\System32\Drivers\avg7rsw.sys (system)
AVG7 Rezident Driver: \SystemRoot\System32\Drivers\avg7rsxp.sys (system)
AVG7 Update Service: C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe (autostart)
AVG Network Redirector: \??\C:\WINDOWS\System32\Drivers\avgtdi.sys (autostart)
Service de transfert intelligent en arrière-plan: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Explorateur d'ordinateur: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Décodeur sous-titre fermé: system32\DRIVERS\CCDECODE.sys (manual start)
Pilote de CD-ROM: system32\DRIVERS\cdrom.sys (system)
Service d'indexation: %SystemRoot%\system32\cisvc.exe (manual start)
Gestionnaire de l'Album: %SystemRoot%\system32\clipsrv.exe (disabled)
C-Media PCI Audio Driver (WDM): system32\drivers\cmaudio.sys (manual start)
Application système COM+: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start)
Services de cryptographie: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Lanceur de processus serveur DCOM: %SystemRoot%\system32\svchost -k DcomLaunch (autostart)
Client DHCP: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Pilote de disque: system32\DRIVERS\disk.sys (system)
Service d'administration du Gestionnaire de disque logique: %SystemRoot%\System32\dmadmin.exe /com (manual start)
dmboot: System32\drivers\dmboot.sys (disabled)
Pilote de Gestionnaire de disque logique: System32\drivers\dmio.sys (system)
dmload: System32\drivers\dmload.sys (system)
Gestionnaire de disque logique: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Synthétiseur DLS du noyau Microsoft: system32\drivers\DMusic.sys (manual start)
Client DNS: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart)
Filtre de décodeur DRM (Noyau Microsoft): system32\drivers\drmkaud.sys (manual start)
Service de rapport d'erreurs: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Journal des événements: %SystemRoot%\system32\services.exe (autostart)
Système d'événements de COM+: C:\WINDOWS\system32\svchost.exe -k netsvcs (manual start)
ewido security suite control: C:\Program Files\ewido\security suite\ewidoctrl.exe (autostart)
ewido security suite driver: \??\C:\Program Files\ewido\security suite\guard.sys (system)
ewido security suite guard: C:\Program Files\ewido\security suite\ewidoguard.exe (autostart)
Compatibilité avec le Changement rapide d'utilisateur: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Pilote de contrôleur de lecteur de disquettes: system32\DRIVERS\fdc.sys (manual start)
Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet: system32\DRIVERS\fetnd5.sys (manual start)
Pilote de lecteur de disquettes: system32\DRIVERS\flpydisk.sys (manual start)
FltMgr: system32\DRIVERS\fltMgr.sys (system)
Pilote du Gestionnaire de volume: system32\DRIVERS\ftdisk.sys (system)
Énumérateur de port jeu: system32\DRIVERS\gameenum.sys (manual start)
GEAR CDRom Filter: SYSTEM32\DRIVERS\GEARAspiWDM.sys (manual start)
Classificateur de paquets générique: system32\DRIVERS\msgpc.sys (manual start)
Aide et support: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Accès du périphérique d'interface utilisateur: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
Pilote de classe HID Microsoft: system32\DRIVERS\hidusb.sys (manual start)
HTTP: System32\Drivers\HTTP.sys (manual start)
HTTP SSL: %SystemRoot%\System32\svchost.exe -k HTTPFilter (manual start)
Pilote pour clavier i8042 et souris sur port PS/2: system32\DRIVERS\i8042prt.sys (system)
iRiver Internet Audio Player IFP-100: system32\DRIVERS\ifpusb.sys (system)
Pilote de filtre de gravure CD: system32\drivers\Imapi.sys (system)
Service COM de gravage de CD IMAPI: C:\WINDOWS\system32\Imapi.exe (manual start)
Pilote du pare-feu Windows IPv6: system32\DRIVERS\Ip6Fw.sys (manual start)
Pilote de filtre de trafic IP: system32\DRIVERS\ipfltdrv.sys (manual start)
Pilote de tunnelage IP dans IP: system32\DRIVERS\ipinip.sys (manual start)
Traducteur d'adresses réseau IP: system32\DRIVERS\ipnat.sys (manual start)
iPod Service: "C:\Program Files\iPod\bin\iPodService.exe" (manual start)
Pilote IPSEC: system32\DRIVERS\ipsec.sys (system)
Service énumérateur IR: system32\DRIVERS\irenum.sys (manual start)
Pilote de bus Plug-and-Play ISA/EISA: system32\DRIVERS\isapnp.sys (system)
Pilote de la classe Clavier: system32\DRIVERS\kbdclass.sys (system)
Mélangeur audio Wave de noyau Microsoft: system32\drivers\kmixer.sys (manual start)
Serveur: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Station de travail: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
LexBce Server: C:\WINDOWS\system32\LEXBCES.EXE (autostart)
Assistance TCP/IP NetBIOS: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
Logitech USB Microphone: system32\drivers\lvsound2.sys (system)
Affichage des messages: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled)
Partage de Bureau à distance NetMeeting: C:\WINDOWS\system32\mnmsrvc.exe (manual start)
Pilote de la classe Souris: system32\DRIVERS\mouclass.sys (system)
Redirecteur client WebDav: system32\DRIVERS\mrxdav.sys (manual start)
MRXSMB: system32\DRIVERS\mrxsmb.sys (system)
Distributed Transaction Coordinator: C:\WINDOWS\system32\msdtc.exe (manual start)
Windows Installer: C:\WINDOWS\system32\msiexec.exe /V (manual start)
Proxy de service de répartition Microsoft: system32\drivers\MSKSSRV.sys (manual start)
Proxy d'horloge de répartition Microsoft: system32\drivers\MSPCLOCK.sys (manual start)
Proxy de gestion de qualité de répartition Microsoft: system32\drivers\MSPQM.sys (manual start)
MSRS Recording SystemService: C:\Program Files\NCH Swift Sound\MSRS\msrs.exe /service (autostart)
Pilote BIOS de gestion de systèmes Microsoft: system32\DRIVERS\mssmbios.sys (manual start)
Convertisseur en T/site-à-site de répartition Microsoft: system32\drivers\MSTEE.sys (manual start)
Codec NABTS/FEC VBI: system32\DRIVERS\NABTSFEC.sys (manual start)
Connection TV/vidéo Microsoft: system32\DRIVERS\NdisIP.sys (manual start)
Pilote TAPI NDIS d'accès distant: system32\DRIVERS\ndistapi.sys (manual start)
NDIS mode utilisateur E/S Protocole: system32\DRIVERS\ndisuio.sys (manual start)
Pilote réseau étendu NDIS d'accès distant: system32\DRIVERS\ndiswan.sys (manual start)
Interface NetBIOS: system32\DRIVERS\netbios.sys (system)
NetBIOS sur TCP/IP: system32\DRIVERS\netbt.sys (system)
DDE réseau: %SystemRoot%\system32\netdde.exe (disabled)
DSDM DDE réseau: %SystemRoot%\system32\netdde.exe (disabled)
Ouverture de session réseau: %SystemRoot%\system32\lsass.exe (manual start)
Connexions réseau: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
NLA (Network Location Awareness): %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
Fournisseur de la prise en charge de sécurité LM NT: %SystemRoot%\system32\lsass.exe (manual start)
Stockage amovible: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
Pilote de filtre de trafic IPX: system32\DRIVERS\nwlnkflt.sys (manual start)
Pilote de transfert de trafic IPX: system32\DRIVERS\nwlnkfwd.sys (manual start)
Pilote de port parallèle: system32\DRIVERS\parport.sys (manual start)
PCI Bus Driver: system32\DRIVERS\pci.sys (system)
Plug-and-Play: %SystemRoot%\system32\services.exe (autostart)
Services IPSEC: %SystemRoot%\system32\lsass.exe (autostart)
Miniport réseau étendu (PPTP): system32\DRIVERS\raspptp.sys (manual start)
Pilote processeur: system32\DRIVERS\processr.sys (system)
Emplacement protégé: %SystemRoot%\system32\lsass.exe (autostart)
Planificateur de paquets QoS: system32\DRIVERS\psched.sys (manual start)
Pilote de liaison parallèle directe: system32\DRIVERS\ptilink.sys (manual start)
PxHelp20: system32\DRIVERS\PxHelp20.sys (system)
Logitech QuickCam Web(PID_0850): system32\DRIVERS\LVCE.sys (manual start)
Pilote de connexion automatique d'accès distant: system32\DRIVERS\rasacd.sys (system)
Gestionnaire de connexion automatique d'accès distant: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
Miniport réseau étendu (L2TP): system32\DRIVERS\rasl2tp.sys (manual start)
Gestionnaire de connexions d'accès distant: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
Pilote PPPOE d'accès à distance: system32\DRIVERS\raspppoe.sys (manual start)
Parallèle direct: system32\DRIVERS\raspti.sys (manual start)
Rdbss: system32\DRIVERS\rdbss.sys (system)
RDPCDD: System32\DRIVERS\RDPCDD.sys (system)
Pilote de redirecteur de périphérique Terminal Server: system32\DRIVERS\rdpdr.sys (manual start)
Gestionnaire de session d'aide sur le Bureau à distance: C:\WINDOWS\system32\sessmgr.exe (manual start)
Pilote de filtre de lecture digitale de CD audio: system32\DRIVERS\redbook.sys (system)
Routage et accès distant: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled)
Accès à distance au Registre: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
Localisateur d'appels de procédure distante (RPC): %SystemRoot%\system32\locator.exe (manual start)
Appel de procédure distante (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart)
QoS RSVP: %SystemRoot%\system32\rsvp.exe (manual start)
Gestionnaire de comptes de sécurité: %SystemRoot%\system32\lsass.exe (autostart)
SbcpHid: \??\C:\WINDOWS\system32\Drivers\SbcpHid.sys (system)
Carte à puce: %SystemRoot%\System32\SCardSvr.exe (manual start)
Planificateur de tâches: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Secdrv: system32\DRIVERS\secdrv.sys (manual start)
Connexion secondaire: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Notification d'événement système: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Pilote de filtre Serenum: system32\DRIVERS\serenum.sys (manual start)
Pilote de port série: system32\DRIVERS\serial.sys (system)
Pare-feu Windows / Partage de connexion Internet: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Détection matériel noyau: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Détrameur décalage BDA: system32\DRIVERS\SLIP.sys (manual start)
Splitter audio du noyau Microsoft: system32\drivers\splitter.sys (manual start)
Spouleur d'impression: %SystemRoot%\system32\spoolsv.exe (autostart)
Pilote de filtre de restauration système: \SystemRoot\system32\DRIVERS\sr.sys (disabled)
Service de restauration système: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Srv: system32\DRIVERS\srv.sys (manual start)
Service de découvertes SSDP: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
Acquisition d'image Windows (WIA): %SystemRoot%\system32\svchost.exe -k imgsvc (autostart)
BDA IPSink: system32\DRIVERS\StreamIP.sys (manual start)
Pilote de bus logiciel: system32\DRIVERS\swenum.sys (manual start)
Synthétiseur de table de sons GC noyau Microsoft: system32\drivers\swmidi.sys (manual start)
MS Software Shadow Copy Provider: C:\WINDOWS\system32\dllhost.exe /Processid:{D293A31E-8D4A-4350-93D4-FCF3240415B8} (manual start)
Périphérique audio système du noyau Microsoft: system32\drivers\sysaudio.sys (manual start)
Journaux et alertes de performance: %SystemRoot%\system32\smlogsvc.exe (manual start)
Téléphonie: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Pilote du protocole TCP/IP: system32\DRIVERS\tcpip.sys (system)
Pilote de périphérique terminal: system32\DRIVERS\termdd.sys (system)
Services Terminal Server: %SystemRoot%\System32\svchost -k DComLaunch (manual start)
Thèmes: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Telnet: C:\WINDOWS\system32\tlntsvr.exe (disabled)
Client de suivi de lien distribué: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Windows User Mode Driver Framework: C:\WINDOWS\system32\wdfmgr.exe (autostart)
Pilote de mise à jour microcode: system32\DRIVERS\update.sys (manual start)
Hôte de périphérique universel Plug-and-Play: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
Onduleur: %SystemRoot%\System32\ups.exe (manual start)
Pilote parent générique USB Microsoft: system32\DRIVERS\usbccgp.sys (manual start)
Pilote de concentrateur standard USB Microsoft: system32\DRIVERS\usbhub.sys (manual start)
Classe d'imprimantes USB Microsoft: system32\DRIVERS\usbprint.sys (manual start)
Pilote de scanneur USB: system32\DRIVERS\usbscan.sys (manual start)
Pilote de stockage de masse USB: system32\DRIVERS\USBSTOR.SYS (manual start)
Pilote miniport de contrôleur hôte universel USB Microsoft: system32\DRIVERS\usbuhci.sys (manual start)
VgaSave: \SystemRoot\System32\drivers\vga.sys (system)
Filtre de bus AGP VIA: system32\DRIVERS\viaagp.sys (system)
VIA AGP Filter: system32\DRIVERS\viaagp1.sys (system)
ViaIde: system32\DRIVERS\viaide.sys (system)
Cliché instantané de volume: %SystemRoot%\System32\vssvc.exe (manual start)
Horloge Windows: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Pilote ARP IP d'accès distant: system32\DRIVERS\wanarp.sys (manual start)
Microsoft WDM Virtual Wave Driver (WDM): system32\drivers\wdmaud.sys (system)
WebClient: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
Infrastructure de gestion Windows: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Service de numéro de série du lecteur multimédia portable: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Extensions du pilote WMI: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Carte de performance WMI: C:\WINDOWS\system32\wbem\wmiapsrv.exe (manual start)
Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0: \SystemRoot\System32\drivers\ws2ifsl.sys (disabled)
Centre de sécurité: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Codec Teletext standard: system32\DRIVERS\WSTCODEC.SYS (manual start)
Mises à jour automatiques: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Configuration automatique sans fil: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Service d'approvisionnement réseau: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)


--------------------------------------------------

Enumerating Windows NT logon/logoff scripts:
*No scripts set to run*

Windows NT checkdisk command:
BootExecute = autocheck autochk *

Windows NT 'Wininit.ini':
PendingFileRenameOperations: *Registry value not found*

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: *Registry key not found*
WebCheck: C:\WINDOWS\system32\webcheck.dll
SysTray: C:\WINDOWS\system32\stobject.dll

--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

*No values found*

--------------------------------------------------

End of report, 36 398 bytes
Report generated in 0,201 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only

[Dark_Star_Qc]

Is it a problem that part of it is in French???

[Dragon]

no. its not a problem, I have fellow experts looking at this thread, and some of them can read French, for me all I have to do is plug it inot a translator if I need to.

as its 10:30pm here, I will have another response for you tomorrow.

[Dark_Star_Qc]

Good... I was afraid I was going to have to translate all that...

Thank you then... and have a good night.

I'm off too...

[Dragon]

good morning,

you had mentioned earlier that you didn't have the CD for Windows XP with SP2. did your system come with Windows already installed?

[Dark_Star_Qc]

I think it did but I'm not sure since I'm not the one who purchased the computer originally.

What happened is that a couple of years ago, I was working for a small company whose sole owner decided to stop operating and to open another business with a partner. Since they were starting over with all new assets, he gave me the computer. Since he never gave me any CDs or other software, I imagine he'd bought the system with preinstalled software.

The only thing I know for sure is that SP2 was installed later on.

But I could find out, if you want.

[Dragon]

If you have a way to find out about that it would be a big help.

second, when you went to run winpfind, did you unzip that to its own folder?? or did you try to run it from the zipped file?

I talked to the creators and they said that it appears it might have been run without being unzipped first.

if you didn't unzip it, please do so and follow the instructions I provided earlier dealing with that program. and post the log here.

[Dark_Star_Qc]

I'll find out tomorrow and let you know. What do I have to ask for, exactly?

And you were right about WinPFind. Here's the log:

WARNING: not all files found by this scanner are bad. Consult with a knowledgable person before proceeding.

If you see a message in the titlebar saying "Not responding..." you can ignore it. Windows somethimes displays this message due to the high volume of disk I/O. As long as the hard disk light is flashing, the program is still working properly.

»»»»»»»»»»»»»»»»» Windows OS and Versions »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Product Name: Microsoft Windows XP Current Build: Service Pack 2 Current Build Number: 2600
Internet Explorer Version: 6.0.2900.2180

»»»»»»»»»»»»»»»»» Checking Selected Standard Folders »»»»»»»»»»»»»»»»»»»»

Checking %SystemDrive% folder...
UPX! 2005-06-05 16:10:02 1429 C:\log.txt
SAHAgent 2005-06-05 16:10:02 1429 C:\log.txt

Checking %ProgramFilesDir% folder...

Checking %WinDir% folder...

Items found in C:\WINDOWS\hosts

PECompact2 2005-08-25 13:35:16 15677649 C:\WINDOWS\lpt$vpn.803
qoologic 2005-08-25 13:35:16 15677649 C:\WINDOWS\lpt$vpn.803
SAHAgent 2005-08-25 13:35:16 15677649 C:\WINDOWS\lpt$vpn.803
UPX! 2005-05-03 11:44:44 25157 C:\WINDOWS\RMAgentOutput.dll
UPX! 2005-05-29 10:11:50 170053 C:\WINDOWS\tsc.exe
PECompact2 2005-08-25 13:35:16 15677649 C:\WINDOWS\VPTNFILE.803
qoologic 2005-08-25 13:35:16 15677649 C:\WINDOWS\VPTNFILE.803
SAHAgent 2005-08-25 13:35:16 15677649 C:\WINDOWS\VPTNFILE.803
UPX! 2005-05-29 10:11:50 1044560 C:\WINDOWS\vsapi32.dll
aspack 2005-05-29 10:11:50 1044560 C:\WINDOWS\vsapi32.dll

Checking %System% folder...
PEC2 2001-08-28 08:00:00 41131 C:\WINDOWS\SYSTEM32\dfrg.msc
PECompact2 2005-08-04 21:31:54 1455960 C:\WINDOWS\SYSTEM32\MRT.exe
aspack 2005-08-04 21:31:54 1455960 C:\WINDOWS\SYSTEM32\MRT.exe
aspack 2004-08-19 16:09:16 733184 C:\WINDOWS\SYSTEM32\ntdll.dll
Umonitor 2004-08-19 16:09:40 685056 C:\WINDOWS\SYSTEM32\rasdlg.dll
UPX! 1999-04-23 23:22:00 3072 C:\WINDOWS\SYSTEM32\Rsrc32.dll
winsync 2001-08-28 08:00:00 1309184 C:\WINDOWS\SYSTEM32\wbdbase.deu

Checking %System%\Drivers folder and sub-folders...
UPX! 2005-08-24 08:32:14 726016 C:\WINDOWS\SYSTEM32\drivers\avg7core.sys
FSG! 2005-08-24 08:32:14 726016 C:\WINDOWS\SYSTEM32\drivers\avg7core.sys
PEC2 2005-08-24 08:32:14 726016 C:\WINDOWS\SYSTEM32\drivers\avg7core.sys
aspack 2005-08-24 08:32:14 726016 C:\WINDOWS\SYSTEM32\drivers\avg7core.sys

Items found in C:\WINDOWS\SYSTEM32\drivers\etc\hosts


Checking the Windows folder and sub-folders for system and hidden files within the last 60 days...
2005-08-29 18:45:50 S 2048 C:\WINDOWS\bootstat.dat
2005-08-15 19:09:04 H 54156 C:\WINDOWS\QTFont.qfn
2005-07-01 07:18:50 H 0 C:\WINDOWS\inf\oem57.inf
2005-07-08 16:23:26 S 12143 C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB893756.cat
2005-07-19 19:18:04 S 18913 C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB896727.cat
2005-07-02 04:18:08 S 9445 C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB903235.cat
2005-08-29 18:45:38 H 8192 C:\WINDOWS\system32\config\default.LOG
2005-08-29 18:46:44 H 1024 C:\WINDOWS\system32\config\SAM.LOG
2005-08-29 18:45:54 H 12288 C:\WINDOWS\system32\config\SECURITY.LOG
2005-08-29 18:46:06 H 61440 C:\WINDOWS\system32\config\software.LOG
2005-08-29 18:46:02 H 921600 C:\WINDOWS\system32\config\system.LOG
2005-08-10 03:02:20 H 1024 C:\WINDOWS\system32\config\systemprofile\ntuser.dat.LOG
2005-08-19 11:01:44 HS 388 C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\87c8e6a2-0c5a-4cf4-9d9b-837c8c8eb9da
2005-08-19 11:01:44 HS 24 C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\Preferred
2005-08-29 18:00:02 H 264 C:\WINDOWS\Tasks\A31CAB8791872897.job
2005-08-29 18:44:20 H 6 C:\WINDOWS\Tasks\SA.DAT

Checking for CPL files...
Microsoft Corporation 2004-08-19 16:10:06 71680 C:\WINDOWS\SYSTEM32\access.cpl
Microsoft Corporation 2004-08-19 16:10:06 555008 C:\WINDOWS\SYSTEM32\appwiz.cpl
Microsoft Corporation 2004-08-19 16:10:06 110592 C:\WINDOWS\SYSTEM32\bthprops.cpl
Logitech Inc. 2002-12-10 18:30:54 114688 C:\WINDOWS\SYSTEM32\CamCpl.cpl
Microsoft Corporation 2004-08-19 16:10:06 138240 C:\WINDOWS\SYSTEM32\desk.cpl
Microsoft Corporation 2004-08-19 16:10:06 80384 C:\WINDOWS\SYSTEM32\firewall.cpl
Microsoft Corporation 2004-08-19 16:10:06 157184 C:\WINDOWS\SYSTEM32\hdwwiz.cpl
Microsoft Corporation 2004-08-19 16:10:06 359936 C:\WINDOWS\SYSTEM32\inetcpl.cpl
Microsoft Corporation 2004-08-19 16:10:06 134144 C:\WINDOWS\SYSTEM32\intl.cpl
Microsoft Corporation 2004-08-19 16:10:06 380928 C:\WINDOWS\SYSTEM32\irprops.cpl
Microsoft Corporation 2004-08-19 16:10:06 70144 C:\WINDOWS\SYSTEM32\joy.cpl
Sun Microsystems, Inc. 2005-06-03 03:52:54 49265 C:\WINDOWS\SYSTEM32\jpicpl32.cpl
Microsoft Corporation 2001-08-28 08:00:00 189952 C:\WINDOWS\SYSTEM32\main.cpl
Microsoft Corporation 2004-08-19 16:10:06 626176 C:\WINDOWS\SYSTEM32\mmsys.cpl
Microsoft Corporation 2001-08-28 08:00:00 35840 C:\WINDOWS\SYSTEM32\ncpa.cpl
Microsoft Corporation 2004-08-19 16:10:06 25600 C:\WINDOWS\SYSTEM32\netsetup.cpl
Microsoft Corporation 2004-08-19 16:10:06 261120 C:\WINDOWS\SYSTEM32\nusrmgr.cpl
Microsoft Corporation 2001-08-28 08:00:00 38400 C:\WINDOWS\SYSTEM32\nwc.cpl
Microsoft Corporation 2004-08-19 16:10:06 32768 C:\WINDOWS\SYSTEM32\odbccp32.cpl
Microsoft Corporation 2004-08-19 16:10:06 118272 C:\WINDOWS\SYSTEM32\powercfg.cpl
Apple Computer, Inc. 2004-09-30 17:07:26 324608 C:\WINDOWS\SYSTEM32\QuickTime.cpl
Microsoft Corporation 2004-08-19 16:10:06 305152 C:\WINDOWS\SYSTEM32\sysdm.cpl
Microsoft Corporation 2001-08-28 08:00:00 28160 C:\WINDOWS\SYSTEM32\telephon.cpl
Microsoft Corporation 2004-08-19 16:10:06 94208 C:\WINDOWS\SYSTEM32\timedate.cpl
Microsoft Corporation 2004-08-19 16:10:06 148480 C:\WINDOWS\SYSTEM32\wscui.cpl
Microsoft Corporation 2005-05-26 04:16:32 175896 C:\WINDOWS\SYSTEM32\wuaucpl.cpl
Microsoft Corporation 2004-08-19 16:10:06 71680 C:\WINDOWS\SYSTEM32\dllcache\access.cpl
Microsoft Corporation 2004-08-19 16:10:06 555008 C:\WINDOWS\SYSTEM32\dllcache\appwiz.cpl
Microsoft Corporation 2004-08-19 16:10:06 138240 C:\WINDOWS\SYSTEM32\dllcache\desk.cpl
Microsoft Corporation 2004-08-19 16:10:06 80384 C:\WINDOWS\SYSTEM32\dllcache\firewall.cpl
Microsoft Corporation 2004-08-19 16:10:06 157184 C:\WINDOWS\SYSTEM32\dllcache\hdwwiz.cpl
Microsoft Corporation 2004-08-19 16:10:06 359936 C:\WINDOWS\SYSTEM32\dllcache\inetcpl.cpl
Microsoft Corporation 2004-08-19 16:10:06 134144 C:\WINDOWS\SYSTEM32\dllcache\intl.cpl
Microsoft Corporation 2004-08-19 16:10:06 70144 C:\WINDOWS\SYSTEM32\dllcache\joy.cpl
Microsoft Corporation 2001-08-28 08:00:00 189952 C:\WINDOWS\SYSTEM32\dllcache\main.cpl
Microsoft Corporation 2004-08-19 16:10:06 626176 C:\WINDOWS\SYSTEM32\dllcache\mmsys.cpl
Microsoft Corporation 2001-08-28 08:00:00 35840 C:\WINDOWS\SYSTEM32\dllcache\ncpa.cpl
Microsoft Corporation 2004-08-19 16:10:06 25600 C:\WINDOWS\SYSTEM32\dllcache\netsetup.cpl
Microsoft Corporation 2004-08-19 16:10:06 261120 C:\WINDOWS\SYSTEM32\dllcache\nusrmgr.cpl
Microsoft Corporation 2001-08-28 08:00:00 38400 C:\WINDOWS\SYSTEM32\dllcache\nwc.cpl
Microsoft Corporation 2004-08-19 16:10:06 32768 C:\WINDOWS\SYSTEM32\dllcache\odbccp32.cpl
Microsoft Corporation 2004-08-19 16:10:06 118272 C:\WINDOWS\SYSTEM32\dllcache\powercfg.cpl
Microsoft Corporation 2004-08-19 16:10:06 159744 C:\WINDOWS\SYSTEM32\dllcache\sapi.cpl
Microsoft Corporation 2004-08-19 16:10:06 305152 C:\WINDOWS\SYSTEM32\dllcache\sysdm.cpl
Microsoft Corporation 2001-08-28 08:00:00 28160 C:\WINDOWS\SYSTEM32\dllcache\telephon.cpl
Microsoft Corporation 2004-08-19 16:10:06 94208 C:\WINDOWS\SYSTEM32\dllcache\timedate.cpl
Microsoft Corporation 2004-08-19 16:10:06 148480 C:\WINDOWS\SYSTEM32\dllcache\wscui.cpl
Microsoft Corporation 2005-05-26 04:16:32 175896 C:\WINDOWS\SYSTEM32\dllcache\wuaucpl.cpl

»»»»»»»»»»»»»»»»» Checking Selected Startup Folders »»»»»»»»»»»»»»»»»»»»»

Checking files in %ALLUSERSPROFILE%\Startup folder...
2004-11-01 23:45:06 HS 84 C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\desktop.ini
2004-11-01 23:59:50 1735 C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk

Checking files in %ALLUSERSPROFILE%\Application Data folder...
2004-11-01 18:26:06 HS 62 C:\Documents and Settings\All Users\Application Data\desktop.ini

Checking files in %USERPROFILE%\Startup folder...
2004-11-01 23:45:06 HS 84 C:\Documents and Settings\Linda\Menu Démarrer\Programmes\Démarrage\desktop.ini

Checking files in %USERPROFILE%\Application Data folder...
2004-11-01 18:26:06 HS 62 C:\Documents and Settings\Linda\Application Data\desktop.ini

»»»»»»»»»»»»»»»»» Checking Selected Registry Keys »»»»»»»»»»»»»»»»»»»»»»»

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
SV1 =

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]

[HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers]
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\AVG7 Shell Extension
{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = C:\Program Files\Grisoft\AVG Free\avgse.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\ewido
{57BD36D7-CE32-4600-9B1C-1A0C47EFC02E} = C:\Program Files\ewido\security suite\context.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Fichiers hors connexion
{750fdf0e-2a26-11d1-a3ea-080036587f03} = %SystemRoot%\System32\cscui.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With
{09799AFB-AD67-11d1-ABCD-00C04FC30936} = %SystemRoot%\system32\SHELL32.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With EncryptionMenu
{A470F8CF-A1E8-4f65-8335-227475AA5C46} = %SystemRoot%\system32\SHELL32.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\PicaView
{68f32140-2ca3-11d0-acc1-444553540000} = C:\PROGRA~1\ACDSYS~1\PicaView\PicaView.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\WinZip
{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Yahoo! Mail
{5464D816-CF16-4784-B9F3-75C0DB52B499} = C:\PROGRA~1\Yahoo!\Common\ymmapi.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}
Épingle du menu Démarrer = %SystemRoot%\system32\SHELL32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG7 Shell Extension
{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = C:\Program Files\Grisoft\AVG Free\avgse.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinZip
{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\EncryptionMenu
{A470F8CF-A1E8-4f65-8335-227475AA5C46} = %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\ewido
{57BD36D7-CE32-4600-9B1C-1A0C47EFC02E} = C:\Program Files\ewido\security suite\context.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Fichiers hors connexion
{750fdf0e-2a26-11d1-a3ea-080036587f03} = %SystemRoot%\System32\cscui.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Sharing
{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} = ntshrui.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZip
{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{0D2E74C4-3C34-11d2-A27E-00C04FC30871}
= %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F01-7B1C-11d1-838f-0000F80461CF}
= %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F02-7B1C-11d1-838f-0000F80461CF}
= %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{66742402-F9B9-11D1-A202-0000F81FEDEE}
= %SystemRoot%\system32\SHELL32.dll

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}
Yahoo! Companion BHO = C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
AcroIEHlprObj Class = C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A}
Big Fish Games = C:\PROGRA~1\BFGTOO~1\BFGTOO~1.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}
= C:\PROGRA~1\SPYBOT~1\SDHelper.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9394EDE7-C8B5-483E-8773-474BF36AF6E4}
ST = C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}
Google Toolbar Helper = c:\program files\google\googletoolbar1.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}
MSNToolBandBHO = C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr-ca\msntb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4528BBE0-4E08-11D5-AD55-00010333D0AD}
&Yahoo! Messenger = C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4D5C8C25-D075-11d0-B416-00C04FB90376}
&Astuce du jour = %SystemRoot%\system32\shdocvw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} = Yahoo! Companion : C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
{4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} = Big Fish Games : C:\PROGRA~1\BFGTOO~1\BFGTOO~1.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}
MenuText = Console Java (Sun) : C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{4528BBE0-4E08-11D5-AD55-00010333D0AD}
ButtonText = Messenger :
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{6224f700-cba3-4071-b251-47cb894244cd}
ButtonText = ICQ Pro : C:\PROGRA~1\ICQ\ICQ.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45}
ButtonText = AIM : C:\Program Files\AIM95\aim.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683}
ButtonText = Messenger : C:\Program Files\Messenger\msmsgs.exe

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars]
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{4528BBE0-4E08-11D5-AD55-00010333D0AD}
&Yahoo! Messenger = C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{7BED0340-176B-44BC-915E-C21C1DD6F617}
=
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{EFA24E61-B078-11D0-89E4-00C04FC9E26E}
Favorites Band = %SystemRoot%\system32\shdocvw.dll
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{EFA24E64-B078-11D0-89E4-00C04FC9E26E}
Explorer Band = %SystemRoot%\system32\shdocvw.dll

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar]
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser
{01E04581-4EEE-11D0-BFE9-00AA005B4383} = &Adresse : %SystemRoot%\system32\browseui.dll
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
{01E04581-4EEE-11D0-BFE9-00AA005B4383} = &Adresse : %SystemRoot%\system32\browseui.dll
{0E5CBF21-D15F-11D0-8301-00AA005B4383} = &Liens : %SystemRoot%\system32\SHELL32.dll
{EF99BD32-C1FB-11D2-892F-0090271D4F88} = Yahoo! Companion : C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
{4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} = Big Fish Games : C:\PROGRA~1\BFGTOO~1\BFGTOO~1.DLL
{7BED0340-176B-44BC-915E-C21C1DD6F617} = :
{2D51D869-C36B-42BD-AE68-0A81BC771FA5} = :
{86227D9C-0EFE-4F8A-AA55-30386A3F5686} = :

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
AdaptecDirectCD C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C-Media Mixer Mixer.exe /startup
SunJavaUpdateSched C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
WinampAgent C:\Program Files\Winamp\winampa.exe
QuickTime Task "C:\Program Files\QuickTime\qttask.exe" -atboottime
AVG7_CC C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
AVG7_EMC C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
Lexmark X1100 Series "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
MSRSRun C:\Program Files\NCH Swift Sound\MSRS\msrs.exe /logon
LVCOMSX C:\WINDOWS\system32\LVCOMSX.EXE
LVCOMS C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
LogitechGalleryRepair C:\Program Files\Logitech\ImageStudio\ISStart.exe
LogitechImageStudioTray C:\Program Files\Logitech\ImageStudio\LogiTray.exe
REGSHAVE C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
TkBellExe "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
iTunesHelper C:\Program Files\iTunes\iTunesHelper.exe
HostManager C:\Program Files\Fichiers communs\AOL\1124860141\ee\AOLHostManager.exe
Mirabilis ICQ C:\PROGRA~1\ICQ\ICQNet.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
IMAIL Installed = 1
MAPI Installed = 1
MSFS Installed = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
CTFMON.EXE C:\WINDOWS\system32\ctfmon.exe
Gestionnaire Antidote.exe C:\Program Files\Druide\Antidote\Antidote\Gestionnaire Antidote.exe
MessengerDiscovery C:\Program Files\MessengerDiscovery\MessengerDiscovery.exe
MSMSGS "C:\Program Files\Messenger\msmsgs.exe" /background

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\load]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum
{BDEADF00-C265-11D0-BCED-00A0C90AB50F} = C:\PROGRA~1\FICHIE~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} =
{0DF44EAA-FF21-4412-828E-260A8728E7F1} =


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ratings

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system
dontdisplaylastusername 0
legalnoticecaption
legalnoticetext
shutdownwithoutlogon 1
undockwithoutlogon 1
DisableTaskMgr 0


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop
NoChangingWallPaper 0

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
NoDriveTypeAutoRun 145
NoSaveSettings 0
NoThemesTab 0

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
NoColorChoice 0
NoSizeChoice 0
NoDispScrSavPage 0
NoDispCPL 0
NoVisualStyleChoice 0
NoDispSettingsPage 0
DisableTaskMgr 0
NoDispAppearancePage 0
NoDispBackgroundPage 0


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
PostBootReminder {7849596a-48ea-486e-8937-a2a3009f31a9} = %SystemRoot%\system32\SHELL32.dll
CDBurn {fbeb8a05-beee-4442-804e-409d6c4515e9} =
WebCheck {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = %SystemRoot%\system32\webcheck.dll
SysTray {35CEC8A3-2BE6-11D2-8773-92E220524153} = C:\WINDOWS\system32\stobject.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,
Shell = Explorer.exe
System =

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain
= crypt32.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet
= cryptnet.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll
= cscdll.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp
= wlnotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule
= wlnotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy
= sclgntfy.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn
= WlNotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv
= wlnotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon
= wlnotify.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Your Image File Name Here without a path
Debugger = ntsd -d

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
AppInit_DLLs


»»»»»»»»»»»»»»»»»»»»»»»» Scan Complete »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
WinPFind v1.3.1 - Log file written to "WinPFind.Txt" in the WinPFind folder.
Scan completed on 2005-08-29 19:03:11

[Dark_Star_Qc]

Oh my!!!

No wonder my computer's sick...!!!

I have a whole lot of bad stuff in there, don't I???

Edited by Dark_Star_Qc, 29 August 2005 - 05:31 PM.