Infection trojan RKHIT.SYS

H3bus · le 02 Jan 2011 10:31

Bonjour,

Je suis embêtée depuis hier soir par un message de microsoft windows alors que j'étais en train de supprimer l'alpha virus de mon ordi (je cherchais une solution sur votre site, j'ai alors fais un nouveau scan avec avast pour pouvoir copier le rapport du resultat et avast a réussi à le suprimer : est-il bien supprimé de mon ordi ?)

Donc le message est : "Dell Wireless WLAN Card Wireless Network Controller a cessé de fonctionner"
2 fenêtres de ce message s'ouvrent et si je recherche une solution en ligne, l'ordi réfléchi 10 sec puis rien ne se passe à part qu'une nouvelle fenêtre de se message s'ouvre. Idem si je demande juste à fermer.

Est-ce problématique pour la sécurité de mon ordi ?
Comment je fais pour que ça s'arrête ?

Voici le détail du prob :

Signature du problème :
Nom d’événement de problème: BEX
Nom de l’application: WLTRAY.EXE
Version de l’application: 4.102.15.61
Horodatage de l'application: 45f8a9b7
Nom du module par défaut: StackHash_6bc7
Version du module par défaut: 0.0.0.0
Horodateur du module par défaut: 00000000
Décalage de l’exception: 000a8bbe
Code de l’exception: c0000005
Données d’exception: 00000008
Version du système: 6.0.6002.2.2.0.768.3
Identificateur de paramètres régionaux: 2060
Information supplémentaire n° 1: 6bc7
Information supplémentaire n° 2: f3f6a1403802118ada460cd45530935b
Information supplémentaire n° 3: 6477
Information supplémentaire n° 4: d34edb9b57aa7d1aac3252e1a9591198

Tant que j'y suis j'ai le même problème avec COM Surrogate dès que j'ouvre des images ou des vidéo.

voici le détail :

Signature du problème :
Nom d’événement de problème: BEX
Nom de l’application: DllHost.exe
Version de l’application: 6.0.6000.16386
Horodatage de l'application: 4549b14e
Nom du module par défaut: StackHash_2901
Version du module par défaut: 0.0.0.0
Horodateur du module par défaut: 00000000
Décalage de l’exception: 03a72860
Code de l’exception: c0000005
Données d’exception: 00000008
Version du système: 6.0.6002.2.2.0.768.3
Identificateur de paramètres régionaux: 2060
Information supplémentaire n° 1: 2901
Information supplémentaire n° 2: 768a8da07e0b0e302f0b4295041acb94
Information supplémentaire n° 3: 161b
Information supplémentaire n° 4: 72b26581799a08e7a090f286aa78883b

merci de m'aider

Cordialement

danakil · le 02 Jan 2011 11:51

Salut Lynneth et bienvenue sur PCI!

Applique cette procédure :
preparer-demande-aide-desinfection-vt-54149.html

On y verra plus clair sur les infections de ton PC!

Lynneth · le 03 Jan 2011 21:14

voici les rapport :

-extras

Code: Tout sélectionner: OTL Extras logfile created on: 3/01/2011 20:36:19 - Run 1 OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\Lynneth\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18999) Locale: 0000080C | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 49,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 71,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 210,51 Gb Total Space | 56,24 Gb Free Space | 26,72% Space Free | Partition Type: NTFS Drive D: | 10,00 Gb Total Space | 5,82 Gb Free Space | 58,16% Space Free | Partition Type: NTFS Drive E: | 7,48 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: PC | User Name: Lynneth | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{011AF9D7-34F7-4153-8AA3-98FDC7186CE9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{0769A515-45CF-4CD9-B1BF-D079DB4C7EF2}" = lport=2869 | protocol=6 | dir=in | app=system | "{1EB0D3D1-71C0-45EA-B408-6D78FE1C53C2}" = lport=10243 | protocol=6 | dir=in | app=system | "{2E38975D-2E8D-4FF5-B279-373D1BE077F9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{3E172030-8BFE-413E-B9F2-D30AD9FC93F7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{471437FD-14FE-4763-A0EA-D079B820F6E5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{54D79BBB-BCB3-482B-97A6-74C76C83C26B}" = lport=2869 | protocol=6 | dir=in | app=system | "{68A3DEED-528E-4328-8EAA-F5E2D033C30F}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | "{7C30B1BD-E7E9-4812-B09B-67BA230B22C3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{7D45AC43-5C69-4EAB-BFF4-ABF01C38D346}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{7F2FD2F9-5CB5-4B4B-A07C-88C9FA2165CC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{84A99DA9-89AF-4277-84B1-EAF5573F29CA}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{9E72252D-2A15-4F6D-BA25-211AA7BE71EE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{A49C29FA-EE64-4926-84D0-4503604FBE21}" = lport=2869 | protocol=6 | dir=in | app=system | "{A4F11B49-8F57-4D3D-A977-4D25E3B90813}" = lport=2869 | protocol=6 | dir=in | app=system | "{A99581FF-D8AA-43FA-BD17-6645BB8B2174}" = lport=2869 | protocol=6 | dir=in | app=system | "{B561C263-D0F1-47D8-85E7-4BF074907082}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{B698A189-5927-4C8A-8F74-E4A7A72B62BA}" = lport=2869 | protocol=6 | dir=in | app=system | "{C0B29866-16E3-438F-8423-FD65ACA9BC25}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{C6B5CED8-299E-41D1-8DCD-BFEEA6C72009}" = lport=2869 | protocol=6 | dir=in | app=system | "{EC4357A9-19BA-4722-BD40-85EF75336984}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{EDBB80D4-4623-4FC6-B885-4FE66072C2CC}" = lport=2869 | protocol=6 | dir=in | app=system | "{FA2E7FE9-A513-41E1-B1B1-260895ADBC41}" = rport=10243 | protocol=6 | dir=out | app=system | "{FE3F8E68-552D-43D0-82D8-5DD3C0999A33}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0B18E66D-BC45-4F7A-AD17-4DE374D0D5E6}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | "{0D544241-CA09-4E1D-9965-DC9B4E53BC44}" = protocol=17 | dir=in | app=c:\program files\flagship studios\hellgate london\launcher.exe | "{14154B53-3462-442B-AF0F-BB1E0F52F2AF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{167A373B-629E-46D0-843F-2AF1B40CF2FE}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{16DFFD7F-35EC-4621-887B-3F64B058BA9B}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{1C4920B1-3084-414F-AFC8-B92B1B7913CF}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dmp\clbrowserengine.exe | "{1FC1AD16-2C5A-43A8-990F-98849DDD1C26}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{30319FC5-25D6-4D58-978D-15FB8D018579}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe | "{31E29600-4AE4-4D39-B507-4E41E6DE1090}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | "{4296F1C0-C5AA-41F8-9731-C11E15977F6F}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{47422D21-66A6-4647-88D7-BE976804427B}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{52600A84-474A-45CE-AD37-8B5FA2453301}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{545CAD55-FFAF-4C27-8B60-CA436B2908F4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{5B83DF22-1FF9-4F83-B4E7-15422F2FE95E}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dms\clmsservice.exe | "{5E5A4503-D55E-41D5-AE4F-871B3F3E8E94}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe | "{5E7A4D13-492B-4A9B-8D40-884311161D9D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{683F02E4-2C6D-4BBC-9D77-8E42D50189CF}" = dir=in | app=c:\program files\dell\mediadirect\powercinema.exe | "{6B51A4C5-E9E4-4B1E-AB0E-C32263D6BFEB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{79485176-F8B0-4F33-8590-C63DD05F52A1}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{7B5B435A-5DDC-49F0-90F3-8EDE64406F5E}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{7D05EDC9-A8E4-439B-8E54-A38512257EF2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{7D97807B-CC24-4D7F-8414-2FFA2347C827}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe | "{801D3DAC-503A-4ECF-93B2-0EB8FA93BDB0}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe | "{806A8DDD-BDB2-4577-884C-B918DA128631}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe | "{834FE863-4148-427A-94C4-2B33C6CF3A99}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{872F7757-6E21-4554-9D90-929B201088D0}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{9FAC957E-A1DE-4166-8B49-3087FCDE85A2}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{A65B931D-5F0D-41B8-B9B1-37DE6A98F727}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{A6A7864B-6559-45BB-AFA9-F338FDFE92EF}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{A983AEBE-DBEF-4863-B81D-3E411E10CF15}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe | "{B2A93266-ADDE-45AF-9914-FA4F1D030FA0}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe | "{B7A630DD-0736-4DC8-92E2-45CF714F7E37}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{B854DC5E-0114-45D7-9ED6-9163A3825920}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{BCE9F25B-CEDC-4995-9CB7-A8B673F37B8E}" = dir=in | app=c:\program files\avg\avg8\avgupd.exe | "{C2F424A7-FB1C-4E07-AA1E-533DDA994E6C}" = protocol=6 | dir=out | app=system | "{C2FD3CF8-0734-4CC0-B5A9-3A924E65778B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{C5698F72-AC8E-45E3-A702-36C26EFC5F0B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{CCABF3A3-F473-4A41-A362-A2742F3B8123}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{D6ACC090-466A-4EC2-9436-E94DF276BA1F}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{DDB5675E-C0C1-4862-B707-15536D474445}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{E5BB63ED-CE0D-47A8-B618-31DE74296785}" = protocol=6 | dir=in | app=c:\program files\flagship studios\hellgate london\launcher.exe | "{E772E3FF-32F4-4CCC-AFFA-0896BEAAD761}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{E9CF933A-5450-47B9-B29E-8C922B05810C}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe | "{ED199DD1-CFA0-48C4-8CD7-24ADE564CA6F}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe | "{F7D56753-11AD-4A2B-AD6D-21BCAE47417F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "TCP Query User{8D19AE66-2C22-4107-A663-45D2DA2187BA}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe | "UDP Query User{6885C9D8-5436-4905-8910-E15334D95B81}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{02C85D5D-77CA-7173-5775-AFB9CC835F33}" = CCC Help Finnish "{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools "{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center "{0A331B03-B20D-D63E-7CFA-6DE03CD85972}" = CCC Help Chinese Traditional "{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP140_series" = Canon MP140 series "{179950A7-026A-3F96-9540-3C528A96C5C0}" = Catalyst Control Center Localization Danish "{1882BDBB-0DFD-FAE6-77FA-E3445D821F18}" = CCC Help Norwegian "{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}" = Live! Cam Avatar "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live "{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2452E3E3-B627-7371-F43F-68149C528556}" = CCC Help French "{266517E6-D866-439D-919C-B8B1A52E6080}" = OpenOffice.org 3.2 "{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 23 "{26A24AE4-039D-4CA4-87B4-2F83216020F0}" = Java(TM) 6 Update 20 "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager "{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support "{310A99AD-E8DD-CF60-CDD3-ED197E106A80}" = Catalyst Control Center Localization Russian "{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6 "{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module "{36D252B0-6856-4395-4BBE-DEC2E56DCB24}" = Catalyst Control Center Localization Dutch "{3736E75B-0FD7-F5A3-15F1-EE07B633AEE5}" = Catalyst Control Center Localization Finnish "{393AAD92-9760-9B0D-43C1-C6C5E89EFA67}" = Catalyst Control Center Localization Swedish "{3C79DC59-6099-323B-B27B-90B45542B270}" = Google Talk Plugin "{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting "{4248C264-C1BF-8414-4B16-F61FF0BC49A7}" = Catalyst Control Center Localization Spanish "{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer "{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live "{48FC3614-221A-4272-5AFC-50EC406606FE}" = Catalyst Control Center Localization Chinese Traditional "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A2BD145-6614-B0A5-0E1A-5367A3451691}" = CCC Help Chinese Standard "{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack "{53B20C18-D8D4-4588-8737-9BBFE303C354}" = Windows Live Movie Maker "{55D070A2-9EA5-8C26-5F74-835BAC086523}" = Catalyst Control Center Localization German "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3 "{59361F9F-A413-83EC-E269-6D34CC697878}" = CCC Help Portuguese "{5B9A8ECB-A06B-A5AF-A7AD-B2E1A9B09AE8}" = CCC Help Korean "{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = Guide de l'utilisateur "{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail "{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy "{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector "{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}" = Microsoft Works "{6BAFE5C7-FAAE-7F8C-39C0-BA8BD7A6786F}" = Catalyst Control Center Localization Chinese Standard "{72BBAAE1-61A5-5F40-9BF3-95992B29F8A7}" = Catalyst Control Center Graphics Full Existing "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger "{7A97828F-C89C-C290-E11D-57A33DD523CB}" = Catalyst Control Center Localization Portuguese "{7D3A926D-D61E-6063-1C0D-18A4365D5033}" = ccc-core-static "{7E532356-3BAE-4832-A253-2F1094FE5C40}" = Catalyst Control Center Localization Norwegian "{7F0C4457-8E64-491B-8D7B-991504365D1E}" = QuickSet "{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio "{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin "{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes "{88937F68-8C7A-A5DC-4004-2A2E0ECCC2DB}" = Catalyst Control Center Localization Japanese "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007 "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007 "{90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007 "{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007 "{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007 "{90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007 "{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007 "{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007 "{90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007 "{90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007 "{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007 "{90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007 "{90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2) "{904CCF62-818D-4675-BC76-D37EB399F917}" = Gestionnaire pour appareils Windows Mobile "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95120000-0122-040C-0000-0000000FF1CE}" = Microsoft Office Outlook Connector "{9954484F-6EE4-4040-94E3-4B380646F867}" = Guide de mise en route Dell "{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup "{9C454737-22A5-43F6-B09F-A4B3F7BD3468}" = CCC Help Spanish "{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect "{9C769AD0-00EE-8A6A-8C2A-F51BAABCCE02}" = CCC Help Dutch "{9E3DCAB8-285C-464F-DBCB-0052F92FEEF2}" = Catalyst Control Center Graphics Light "{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}" = WIDCOMM Bluetooth Software 6.0.1.3100 "{A2B4455D-1046-4732-BFBC-0821BEFC07BC}" = Hellgate : London "{A8B9FBF8-7986-6CF7-C31C-20A19E7D1717}" = ccc-utility "{AC76BA86-7AD7-1036-7B44-A82000000003}" = Adobe Reader 8.2.5 - Français "{ACB4C93A-594E-E76A-3349-EEF2D6A723D6}" = Catalyst Control Center Localization Italian "{ACDF5DEF-413F-A546-6F35-66CE215BDCCB}" = Skins "{AEBBFC67-7A03-4DF3-9E71-BA5C9EB4FBEF}" = MobileMe Control Panel "{B131E59D-202C-43C6-84C9-68F0C37541F1}" = Galerie de photos Windows Live "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0 "{B2BFD108-1E93-06C5-F34E-48B92C358EDD}" = CCC Help Swedish "{B970E87C-274D-5ADC-41BB-8C81926AF300}" = CCC Help Russian "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{C6CC1EA6-12E2-219A-F8A1-1058AB678E08}" = CCC Help Italian "{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE "{C99C0593-3B48-41D9-B42F-6E035B320449}" = Broadcom Management Programs "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CF8BA296-55D7-8B51-6C4E-4789A1D003BE}" = Catalyst Control Center Localization French "{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}" = Assistant de connexion Windows Live "{D4936AAF-FFD0-44A1-A7EA-A2DB41CEB5BC}" = iPod for Windows 2005-09-23 "{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}" = Windows Live Contrôle parental "{D62A9D43-39A4-337B-A432-1C6DB13087B8}" = CCC Help English "{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE "{D8210D47-2F24-99C7-9183-E093FBF14D92}" = CCC Help Japanese "{DCDCFE99-36A7-6B89-8329-BAB033D99577}" = CCC Help German "{DE623944-11D0-4CD3-17BE-FDF0F5309FD5}" = CCC Help Danish "{DEE88727-779B-47A9-ACEF-F87CA5F92A65}" = ScanSoft OmniPage SE 4 "{E194308F-9718-7425-BCC1-FAAF46A188CB}" = Catalyst Control Center Core Implementation "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{E314D889-0C82-9F5F-A9EE-699109226856}" = Catalyst Control Center Graphics Full New "{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center "{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect "{E7044E25-3038-4A76-9064-344AC038043E}" = Mise à jour du pilote du Gestionnaire pour appareils Windows Mobile "{E713653C-8312-4BC6-AFC9-ADE1F2F04AB9}" = ATI PCI Express (3GIO) Filter Driver "{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform "{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support "{EFBE2318-89B7-4A5F-8912-23DB04761C31}" = Catalyst Control Center - Branding "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Outil de diagnostic de modem "{F7D27C70-90F5-49B9-B188-0A133C0CE353}" = Windows Live Toolbar "{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour "{FF61246F-8BD1-165A-5F50-B6DFECE53025}" = Catalyst Control Center Localization Korean "Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Advanced Audio FX Engine" = Advanced Audio FX Engine "Advanced Video FX Engine" = Advanced Video FX Engine "avast5" = avast! Free Antivirus "Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card "CANONIJPLM100" = PIXMA Extended Survey Program "CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem "Creative OEM002" = Laptop Integrated Webcam Driver (1.04.01.1011) "Dell Webcam Center" = Dell Webcam Center "Dell Webcam Manager" = Dell Webcam Manager "DVD Shrink_is1" = DVD Shrink 3.2 "Easy-LayoutPrint" = Canon Utilities Easy-LayoutPrint "Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint "Enregistrement utilisateur de Canon MP140 series" = Enregistrement utilisateur de Canon MP140 series "Google Desktop" = Google Desktop "InstallShield_{D4936AAF-FFD0-44A1-A7EA-A2DB41CEB5BC}" = iPod for Windows 2005-09-23 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13) "MP Navigator 3.1" = Canon MP Navigator 3.1 "PROPLUS" = Microsoft Office Professional Plus 2007 "Satsuki Decoder Pack" = Satsuki Decoder Pack "SLD Codec Pack" = SLD Codec Pack "SynTPDeinstKey" = Dell Touchpad "Usbfix" = UsbFix By El Desaparecido & C_XX "UT2003" = Unreal Tournament 2003 "VD Codec Pack" = VD Codec Pack 3.7 "WinLiveSuite_Wave3" = Installation Windows Live "WinRAR archiver" = Archiveur WinRAR [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2/01/2011 12:25:44 | Computer Name = PC | Source = Application Error | ID = 1000 Description = Application défaillante bcmwltry.exe, version 4.102.15.61, horodatage 0x45f8a9d0, module défaillant ntdll.dll, version 6.0.6002.18005, horodatage 0x49e03821, code d’exception 0xc0000005, décalage d’erreur 0x0002998c, ID du processus 0xa64, heure de début de l’application 0x01cbaa99b46521b5. Error - 2/01/2011 12:25:50 | Computer Name = PC | Source = Application Error | ID = 1000 Description = Application défaillante bcmwltry.exe, version 4.102.15.61, horodatage 0x45f8a9d0, module défaillant ntdll.dll, version 6.0.6002.18005, horodatage 0x49e03821, code d’exception 0xc0000005, décalage d’erreur 0x0002998c, ID du processus 0x6f0, heure de début de l’application 0x01cbaa99b7ef80f5. Error - 2/01/2011 12:25:56 | Computer Name = PC | Source = Application Error | ID = 1000 Description = Application défaillante bcmwltry.exe, version 4.102.15.61, horodatage 0x45f8a9d0, module défaillant ntdll.dll, version 6.0.6002.18005, horodatage 0x49e03821, code d’exception 0xc0000005, décalage d’erreur 0x0002998c, ID du processus 0xaf0, heure de début de l’application 0x01cbaa99bb779645. Error - 2/01/2011 12:26:02 | Computer Name = PC | Source = Application Error | ID = 1000 Description = Application défaillante bcmwltry.exe, version 4.102.15.61, horodatage 0x45f8a9d0, module défaillant ntdll.dll, version 6.0.6002.18005, horodatage 0x49e03821, code d’exception 0xc0000005, décalage d’erreur 0x0002998c, ID du processus 0x5c0, heure de début de l’application 0x01cbaa99bf02b8d5. Error - 2/01/2011 12:26:08 | Computer Name = PC | Source = Application Error | ID = 1000 Description = Application défaillante bcmwltry.exe, version 4.102.15.61, horodatage 0x45f8a9d0, module défaillant ntdll.dll, version 6.0.6002.18005, horodatage 0x49e03821, code d’exception 0xc0000005, décalage d’erreur 0x0002998c, ID du processus 0x104, heure de début de l’application 0x01cbaa99c28d1815. Error - 2/01/2011 12:26:14 | Computer Name = PC | Source = Application Error | ID = 1000 Description = Application défaillante bcmwltry.exe, version 4.102.15.61, horodatage 0x45f8a9d0, module défaillant ntdll.dll, version 6.0.6002.18005, horodatage 0x49e03821, code d’exception 0xc0000005, décalage d’erreur 0x0002998c, ID du processus 0xa58, heure de début de l’application 0x01cbaa99c61c0b35. Error - 2/01/2011 12:26:20 | Computer Name = PC | Source = Application Error | ID = 1000 Description = Application défaillante bcmwltry.exe, version 4.102.15.61, horodatage 0x45f8a9d0, module défaillant ntdll.dll, version 6.0.6002.18005, horodatage 0x49e03821, code d’exception 0xc0000005, décalage d’erreur 0x0002998c, ID du processus 0x734, heure de début de l’application 0x01cbaa99c9a04ff5. Error - 2/01/2011 12:26:26 | Computer Name = PC | Source = Application Error | ID = 1000 Description = Application défaillante bcmwltry.exe, version 4.102.15.61, horodatage 0x45f8a9d0, module défaillant ntdll.dll, version 6.0.6002.18005, horodatage 0x49e03821, code d’exception 0xc0000005, décalage d’erreur 0x0002998c, ID du processus 0x7a8, heure de début de l’application 0x01cbaa99cd1f3d85. Error - 2/01/2011 12:26:32 | Computer Name = PC | Source = Application Error | ID = 1000 Description = Application défaillante bcmwltry.exe, version 4.102.15.61, horodatage 0x45f8a9d0, module défaillant ntdll.dll, version 6.0.6002.18005, horodatage 0x49e03821, code d’exception 0xc0000005, décalage d’erreur 0x0002998c, ID du processus 0x448, heure de début de l’application 0x01cbaa99d0c9a7e5. Error - 2/01/2011 12:26:38 | Computer Name = PC | Source = Application Error | ID = 1000 Description = Application défaillante bcmwltry.exe, version 4.102.15.61, horodatage 0x45f8a9d0, module défaillant ntdll.dll, version 6.0.6002.18005, horodatage 0x49e03821, code d’exception 0xc0000005, décalage d’erreur 0x0002998c, ID du processus 0xebc, heure de début de l’application 0x01cbaa99d45a21a5. [ Broadcom Wireless LAN Events ] Error - 15/09/2010 2:22:35 | Computer Name = PC | Source = WLAN-Tray | ID = 0 Description = 08:22:35, Wed, Sep 15, 10 Error - Unable to gain access to user store Error - 2/10/2010 14:59:14 | Computer Name = PC | Source = WLAN-Tray | ID = 0 Description = 20:59:13, Sat, Oct 02, 10 Error - Unable to gain access to user store Error - 4/10/2010 5:36:51 | Computer Name = PC | Source = WLAN-Tray | ID = 0 Description = 11:36:44, Mon, Oct 04, 10 Error - Unable to gain access to user store Error - 21/10/2010 17:05:56 | Computer Name = PC | Source = WLAN-Tray | ID = 0 Description = 23:05:51, Thu, Oct 21, 10 Error - Unable to gain access to user store [ Media Center Events ] Error - 16/04/2008 20:08:24 | Computer Name = PC | Source = MCUpdate | ID = 0 Description = DownloadPackgeTask.SubTasksComplete : échec du téléchargement du package MCESpotlight. Error - 18/04/2008 9:03:32 | Computer Name = PC | Source = MCUpdate | ID = 0 Description = DownloadPackgeTask.SubTasksComplete : échec du téléchargement du package MCESpotlight. [ System Events ] Error - 27/12/2010 3:03:51 | Computer Name = PC | Source = DCOM | ID = 10010 Description = Error - 28/12/2010 14:06:27 | Computer Name = PC | Source = DCOM | ID = 10010 Description = Error - 30/12/2010 18:35:23 | Computer Name = PC | Source = DCOM | ID = 10010 Description = Error - 1/01/2011 19:26:22 | Computer Name = PC | Source = DCOM | ID = 10010 Description = Error - 1/01/2011 19:56:59 | Computer Name = PC | Source = DCOM | ID = 10010 Description = Error - 2/01/2011 5:03:25 | Computer Name = PC | Source = DCOM | ID = 10010 Description = Error - 2/01/2011 6:55:59 | Computer Name = PC | Source = Service Control Manager | ID = 7030 Description = Error - 2/01/2011 7:39:54 | Computer Name = PC | Source = DCOM | ID = 10010 Description = Error - 2/01/2011 18:55:28 | Computer Name = PC | Source = DCOM | ID = 10010 Description = Error - 2/01/2011 18:55:38 | Computer Name = PC | Source = DCOM | ID = 10010 Description = < End of report >

-OTL

Code: Tout sélectionner: OTL logfile created on: 3/01/2011 20:36:19 - Run 1 OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\Lynneth\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18999) Locale: 0000080C | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 49,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 71,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 210,51 Gb Total Space | 56,24 Gb Free Space | 26,72% Space Free | Partition Type: NTFS Drive D: | 10,00 Gb Total Space | 5,82 Gb Free Space | 58,16% Space Free | Partition Type: NTFS Drive E: | 7,48 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: PC | User Name: Lynneth | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011/01/03 20:32:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lynneth\Desktop\OTL.exe PRC - [2010/12/31 21:06:35 | 003,395,600 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2010/12/31 21:06:34 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2010/12/16 22:54:41 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2010/12/16 22:54:35 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010/07/28 21:47:29 | 000,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe PRC - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe PRC - [2009/04/11 07:28:11 | 000,217,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008/01/19 08:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe PRC - [2008/01/19 08:33:35 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wermgr.exe PRC - [2007/09/07 19:25:12 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe PRC - [2007/09/07 19:23:36 | 000,405,504 | ---- | M] (IDT, Inc.) -- C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe PRC - [2007/08/29 22:25:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe PRC - [2007/08/29 06:54:58 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe PRC - [2007/07/27 17:43:34 | 000,118,784 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe PRC - [2007/04/16 17:10:26 | 000,184,320 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe PRC - [2007/02/20 14:01:12 | 001,125,088 | ---- | M] (Dell Inc) -- C:\Program Files\Dell\QuickSet\quickset.exe PRC - [2007/02/04 11:02:14 | 000,079,400 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe PRC - [2006/11/10 07:12:28 | 000,099,936 | ---- | M] () -- C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE PRC - [2006/11/05 12:22:16 | 000,221,184 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe PRC - [2006/11/05 11:55:48 | 000,010,752 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe PRC - [2006/11/03 19:02:14 | 000,050,688 | ---- | M] (Avanquest Software ) -- C:\Program Files\Digital Line Detect\DLG.exe PRC - [2006/11/03 18:55:50 | 000,703,280 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe PRC - [2006/11/03 18:55:48 | 001,583,920 | ---- | M] (Broadcom Corporation.) -- c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011/01/03 20:32:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lynneth\Desktop\OTL.exe MOD - [2010/12/31 21:06:33 | 000,187,144 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll MOD - [2010/08/31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010/12/31 21:06:34 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010/07/28 21:47:29 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-051210-111108) SRV - [2009/08/05 22:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc) SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort) SRV - [2008/01/19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2007/09/07 19:25:12 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV) SRV - [2007/08/29 22:25:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters) SRV - [2007/05/31 10:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007/05/31 10:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) SRV - [2006/11/10 07:12:28 | 000,099,936 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE -- (IJPLMSVC) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RKHit.sys -- (RkHit) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys -- (Lavasoft Kernexplorer) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive) DRV - [2010/12/31 21:00:18 | 000,293,968 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2010/12/31 20:59:23 | 000,047,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2010/12/31 20:56:49 | 000,023,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2010/12/31 20:56:37 | 000,051,280 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2010/12/31 20:56:27 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2009/08/05 22:48:42 | 000,054,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr) DRV - [2009/04/11 05:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) Pilote USB audio (WDM) DRV - [2008/10/29 15:41:50 | 000,105,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea) DRV - [2008/10/29 15:35:32 | 000,007,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter) DRV - [2008/10/15 15:03:00 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbvoice.sys -- (ZTEusbvoice) DRV - [2008/10/15 15:03:00 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k) DRV - [2008/10/15 15:03:00 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k) DRV - [2008/10/13 12:49:14 | 000,110,080 | ---- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnet.sys -- (ZTEusbnet) DRV - [2007/12/30 20:15:22 | 000,020,152 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2007/12/30 20:15:22 | 000,019,128 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2007/12/30 20:15:22 | 000,017,592 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2007/10/10 16:03:00 | 000,235,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev) DRV - [2007/09/07 19:26:04 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA) DRV - [2007/08/29 06:55:06 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx) DRV - [2007/08/14 09:40:52 | 002,593,280 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300) DRV - [2007/08/14 09:40:52 | 002,593,280 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2007/04/28 01:35:56 | 000,182,456 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP) DRV - [2007/03/21 20:33:54 | 000,534,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX) DRV - [2006/11/21 13:25:44 | 000,045,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp) DRV - [2006/11/15 09:16:24 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2006/11/15 04:42:46 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2006/11/15 02:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2006/11/07 02:37:16 | 000,078,128 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio) DRV - [2006/11/07 00:13:52 | 000,016,560 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid) DRV - [2006/11/07 00:13:50 | 000,080,176 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt) DRV - [2006/11/03 03:43:30 | 000,986,624 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV) DRV - [2006/11/03 03:42:18 | 000,206,848 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL) DRV - [2006/11/03 03:42:08 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf) DRV - [2006/11/02 10:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2006/11/02 10:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2006/11/02 10:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2006/11/02 10:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2006/11/02 10:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2006/11/02 10:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2006/11/02 10:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2006/11/02 10:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2006/11/02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2006/11/02 10:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2006/11/02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006/11/02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006/11/02 10:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2006/11/02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006/11/02 10:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2006/11/02 10:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2006/11/02 10:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2) DRV - [2006/11/02 10:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2006/11/02 10:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2006/11/02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006/11/02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006/11/02 10:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2006/11/02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006/11/02 10:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2006/11/02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006/11/02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006/11/02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006/11/02 10:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2006/11/02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006/11/02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006/11/02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006/11/02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006/11/02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006/11/02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006/11/02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006/11/02 08:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Pilote de la connexion réseau Intel(R) DRV - [2006/11/02 08:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R) DRV - [2006/10/30 11:23:12 | 000,007,680 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO) DRV - [2006/08/05 01:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.be/ig/dell?hl=fr&client=dell-row&channel=be&ibd=5071230 IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.be/ig/dell?hl=fr&client=dell-row&channel=be&ibd=5071230 IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ig/dell?hl=fr&client=dell-row&channel=be&ibd=5071230 IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.be/ig/dell?hl=fr&client=dell-row&channel=be&ibd=5071230 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ig/dell?hl=fr&client=dell-row&channel=be&ibd=5071230 IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3747110281-1217179822-659264144-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.be/ig/dell?hl=fr&client=dell-row&channel=be&ibd=5071230 IE - HKU\S-1-5-21-3747110281-1217179822-659264144-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yougoo.fr/france IE - HKU\S-1-5-21-3747110281-1217179822-659264144-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-3747110281-1217179822-659264144-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3747110281-1217179822-659264144-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Bing" FF - prefs.js..browser.search.defaultthis.engineName: "SearchElf 1.2 Customized Web Search" FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2769726&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.selectedEngine: "SearchElf 1.2 Customized Web Search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.google.fr/" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {f4e6547e-325b-403c-a3bb-ad29ed37a92f}:3.2.5.2 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..keyword.URL: "http://fr.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_fr&p=" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/16 22:54:58 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/16 22:54:58 | 000,000,000 | ---D | M] [2008/09/18 09:55:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lynneth\AppData\Roaming\mozilla\Extensions [2011/01/02 22:38:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lynneth\AppData\Roaming\mozilla\Firefox\Profiles\y9w0myhx.default\extensions [2010/04/28 19:59:03 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Lynneth\AppData\Roaming\mozilla\Firefox\Profiles\y9w0myhx.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010/12/23 01:13:25 | 000,000,000 | ---D | M] (SearchElf 1.2 Community Toolbar) -- C:\Users\Lynneth\AppData\Roaming\mozilla\Firefox\Profiles\y9w0myhx.default\extensions\{f4e6547e-325b-403c-a3bb-ad29ed37a92f} [2009/12/03 18:55:08 | 000,004,776 | ---- | M] () -- C:\Users\Lynneth\AppData\Roaming\Mozilla\Firefox\Profiles\y9w0myhx.default\searchplugins\bing.xml [2010/11/23 12:14:58 | 000,000,929 | ---- | M] () -- C:\Users\Lynneth\AppData\Roaming\Mozilla\Firefox\Profiles\y9w0myhx.default\searchplugins\conduit.xml [2009/12/30 19:58:45 | 000,003,707 | ---- | M] () -- C:\Users\Lynneth\AppData\Roaming\Mozilla\Firefox\Profiles\y9w0myhx.default\searchplugins\YouGoo.xml [2011/01/02 09:58:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2010/04/28 20:01:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010/08/30 20:35:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010/11/01 23:41:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011/01/02 09:58:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2008/09/18 09:55:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions\talkback@mozilla.org [2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2010/10/18 20:12:46 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2010/10/18 20:12:47 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/10/18 20:12:47 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2009/12/05 18:51:54 | 000,000,748 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MediaDICO-fr.xml [2010/10/18 20:12:47 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2010/10/18 20:12:47 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll File not found O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.) O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKU\S-1-5-21-3747110281-1217179822-659264144-1000\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [DELL Webcam Manager] C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe (Creative Technology Ltd.) O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( ) O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( ) O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google) O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation) O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.) O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.) O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.) O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions) O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe (IDT, Inc.) O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe () O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-3747110281-1217179822-659264144-1000\..Trusted Domains: localhost ([]http in Local intranet) O15 - HKU\S-1-5-21-3747110281-1217179822-659264144-1000\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (AVGRSSTX.DLL) - File not found O20 - AppInit_DLLs: (C:\PROGRA~1\GOOGLE\GOOGLE~2\GOEC62~1.DLL) - C:\PROGRA~1\GOOGLE\GOOGLE~2\GOEC62~1.DLL (Google) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img11.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img11.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2011/01/02 23:27:44 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2011/01/02 23:27:46 | 000,000,000 | RHSD | M] - D:\Autorun.inf -- [ NTFS ] O33 - MountPoints2\{142e69de-5837-11dd-8f0e-001e4ce89c21}\Shell\Auto\command - "" = AdobeR.exe e O33 - MountPoints2\{36d6fdda-bd7d-11dc-853b-001e4ce89c21}\Shell\Auto\command - "" = AdobeR.exe e O33 - MountPoints2\{6f74ff15-08b9-11dd-92a3-001e4ce89c21}\Shell\Auto\command - "" = F:\AdobeR.exe -- File not found O33 - MountPoints2\{6f74ff18-08b9-11dd-92a3-001e4ce89c21}\Shell - "" = AutoRun O33 - MountPoints2\{6f74ff18-08b9-11dd-92a3-001e4ce89c21}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found O33 - MountPoints2\{b3834a0f-8b5a-11de-886d-001e4ce89c21}\Shell - "" = AutoRun O33 - MountPoints2\{b3834a0f-8b5a-11de-886d-001e4ce89c21}\Shell\AutoRun\command - "" = F:\SFR.exe -- File not found O33 - MountPoints2\{d0196c9c-9736-11de-9fda-001e4ce89c21}\Shell - "" = AutoRun O33 - MountPoints2\{d0196c9c-9736-11de-9fda-001e4ce89c21}\Shell\AutoRun\command - "" = G:\SFR.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootNet: WudfPf - Driver SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32: msacm.l3acm - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.ffds - C:\Windows\System32\ff_vfw.dll () Drivers32: VIDC.IV31 - C:\Windows\System32\ir32_32.dll (Intel(R) Corporation) Drivers32: VIDC.IV32 - C:\Windows\System32\ir32_32.dll (Intel(R) Corporation) Drivers32: vidc.iv40 - C:\Windows\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv41 - C:\Windows\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\Windows\System32\ir50_32.dll (Intel Corporation) Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com) Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com) Drivers32: vidc.VP62 - C:\Windows\System32\vp6vfw.dll (On2.com) Drivers32: vidc.xvid - C:\Windows\System32\xvidvfw.dll () [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011/01/03 20:32:23 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Lynneth\Desktop\OTL.exe [2011/01/02 23:27:44 | 000,000,000 | RHSD | C] -- C:\Autorun.inf [2011/01/02 23:27:22 | 000,000,000 | ---D | C] -- C:\UsbFix [2011/01/02 23:25:59 | 001,217,985 | ---- | C] (El Desaparecido & C_XX) -- C:\Users\Lynneth\Desktop\UsbFix.exe [2011/01/02 11:56:08 | 000,000,000 | ---D | C] -- C:\Users\Lynneth\AppData\Local\Sunbelt Software [2011/01/02 11:54:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft [2011/01/02 11:29:03 | 000,000,000 | ---D | C] -- C:\Program Files\Toolbar Uninstaller [2011/01/02 09:58:54 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2011/01/02 09:58:54 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2011/01/02 09:58:54 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2011/01/02 09:56:13 | 000,000,000 | ---D | C] -- C:\Users\Lynneth\Documents\cuisine [2010/12/17 22:58:32 | 000,000,000 | ---D | C] -- C:\Users\Lynneth\Desktop\mp [2010/12/16 18:28:50 | 002,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2010/12/16 18:28:38 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll [2010/12/16 18:28:38 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll [2010/12/16 18:28:38 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll [2010/12/16 18:28:33 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe [2010/12/16 18:28:29 | 000,292,352 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2010/12/16 18:28:29 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll [2010/12/16 18:28:29 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2010/12/16 18:28:17 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010/12/16 18:28:07 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2010/12/16 18:28:06 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2010/12/16 18:28:06 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010/12/16 18:28:06 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2010/12/16 18:28:05 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2010/12/16 18:28:05 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2010/12/16 18:28:05 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2010/12/16 18:28:05 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2010/12/16 18:28:05 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2010/12/16 18:28:05 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2010/12/16 18:28:05 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2010/12/16 18:28:05 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2010/12/16 18:28:05 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2010/12/16 18:28:04 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2010/12/16 18:28:04 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2010/12/16 18:28:04 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010/12/16 18:27:44 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2010/12/15 22:38:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2010/12/15 22:37:22 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2010/12/15 22:25:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2010/12/15 22:24:56 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime [2010/12/06 22:32:31 | 000,000,000 | ---D | C] -- C:\Users\Lynneth\Desktop\2010_12_06 [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011/01/03 20:32:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lynneth\Desktop\OTL.exe [2011/01/03 20:19:07 | 000,669,566 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2011/01/03 20:19:07 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011/01/03 20:19:07 | 000,123,556 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2011/01/03 20:19:07 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011/01/03 20:07:16 | 000,001,084 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3747110281-1217179822-659264144-1000UA.job [2011/01/03 20:06:28 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job [2011/01/03 20:06:26 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011/01/03 20:06:26 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011/01/03 20:06:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/01/03 20:05:18 | 000,001,076 | ---- | M] () -- C:\Windows\bthservsdp.dat [2011/01/02 23:29:39 | 000,162,816 | ---- | M] () -- C:\Users\Lynneth\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/01/02 23:26:04 | 001,217,985 | ---- | M] (El Desaparecido & C_XX) -- C:\Users\Lynneth\Desktop\UsbFix.exe [2011/01/02 22:07:10 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3747110281-1217179822-659264144-1000Core.job [2011/01/02 10:17:21 | 000,011,767 | ---- | M] () -- C:\Users\Lynneth\Desktop\prob ordi.odt [2011/01/01 23:10:52 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [2010/12/31 21:06:36 | 000,038,848 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2010/12/31 21:06:33 | 000,188,216 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe [2010/12/31 21:00:18 | 000,293,968 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys [2010/12/31 20:59:23 | 000,047,440 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys [2010/12/31 20:56:49 | 000,023,632 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys [2010/12/31 20:56:37 | 000,051,280 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys [2010/12/31 20:56:27 | 000,017,744 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys [2010/12/22 19:08:45 | 000,000,042 | ---- | M] () -- C:\Windows\System32\scud.udf [2010/12/17 19:07:48 | 000,442,544 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010/12/15 22:38:36 | 000,001,666 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2010/12/09 08:20:48 | 013,460,492 | ---- | M] () -- C:\Users\Lynneth\Documents\appareil photo.pdf [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011/01/02 12:44:46 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job [2011/01/02 10:17:19 | 000,011,767 | ---- | C] () -- C:\Users\Lynneth\Desktop\prob ordi.odt [2010/12/22 19:08:45 | 000,000,042 | ---- | C] () -- C:\Windows\System32\scud.udf [2010/12/15 22:38:36 | 000,001,666 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2010/12/09 08:20:42 | 013,460,492 | ---- | C] () -- C:\Users\Lynneth\Documents\appareil photo.pdf [2010/02/11 18:10:20 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll [2008/08/30 22:35:27 | 000,000,412 | ---- | C] () -- C:\Windows\MAXLINK.INI [2008/02/24 00:14:17 | 000,000,680 | ---- | C] () -- C:\Users\Lynneth\AppData\Local\d3d9caps.dat [2008/01/08 01:02:26 | 000,000,026 | ---- | C] () -- C:\Windows\System32\satsukidecodersettings.ini [2008/01/07 21:31:11 | 000,162,816 | ---- | C] () -- C:\Users\Lynneth\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007/12/30 20:15:58 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2007/12/30 20:15:56 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll [2007/12/30 20:15:46 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2007/12/30 12:39:20 | 000,065,536 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll [2007/02/21 21:00:28 | 000,010,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2006/11/07 20:25:58 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini [2006/11/03 18:25:56 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll [2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006/09/17 00:36:50 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll [2006/09/17 00:36:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll [2004/12/20 11:08:28 | 000,155,648 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2004/12/20 11:03:26 | 000,679,936 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2002/12/14 22:46:02 | 000,237,568 | ---- | C] () -- C:\Windows\System32\oggDS.dll [2002/12/14 22:46:02 | 000,188,416 | ---- | C] () -- C:\Windows\System32\vorbis.dll [2002/12/14 22:46:02 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ogg.dll [2002/12/14 21:46:04 | 000,921,600 | ---- | C] () -- C:\Windows\System32\vorbisenc.dll [2002/11/15 13:11:26 | 000,077,824 | ---- | C] () -- C:\Windows\System32\MMSwitch.dll [2001/11/14 13:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll [color=#E56717]========== LOP Check ==========[/color] [2008/09/05 11:41:36 | 000,000,000 | ---D | M] -- C:\Users\Lynneth\AppData\Roaming\Canon [2010/11/02 19:45:54 | 000,000,000 | ---D | M] -- C:\Users\Lynneth\AppData\Roaming\OpenOffice.org [2008/08/30 22:34:43 | 000,000,000 | ---D | M] -- C:\Users\Lynneth\AppData\Roaming\ScanSoft [2009/09/01 21:40:23 | 000,000,000 | ---D | M] -- C:\Users\Lynneth\AppData\Roaming\SFR [2011/01/03 20:06:28 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job [2011/01/03 20:05:17 | 000,032,556 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color] [color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color] [color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color] [color=#A23BEC]< %APPDATA%\*. >[/color] [2008/01/12 15:27:54 | 000,000,000 | ---D | M] -- C:\Users\Lynneth\AppData\Roaming\Adobe [2010/10/02 20:26:44 | 000,000,000 | ---D | M] -- C:\Users\Lynneth\AppData\Roaming\Apple Computer [2008/01/07 21:14:42 | 000,000,000 | ---D | M] -- C:\Users\Lynneth\AppData\Roaming\ATI [2008/09/05 11:41:36 | 000,000,000 | ---D | M] -- C:\Users\Lynneth\AppData\Roaming\Canon [2008/01/12 20:53:23 | 000,000,000 | ---D | M] -- C:\Users\Lynneth\AppData\Roaming\Creative [2009/06/06 18:29:02 | 000,000,000 | ---D | M] -- C:\Users\Lynneth\AppData\Roaming\CyberLink [2008/01/07 22:14:55 | 000,000,000 | ---D | M] -- C:\Users\Lynneth\AppData\Roaming\Google [2008/01/07 21:13:00 | 000,000,000 | ---D | M] -- C:\Users\Lynneth\AppData\Roaming\Identities [2008/01/08 00:50:28 | 000,000,000 | ---D | M] -- C:\Users\Lynneth\AppData\Roaming\Macromedia [2006/11/02 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\Lynneth\AppData\Roaming\Media Center Programs [2008/01/08 01:07:35 | 000,000,000 | ---D | M] -- C:\Users\Lynneth\AppData\Roaming\Media Player Classic [2010/10/20 21:41:21 | 000,000,000 | --SD | M] -- C:\Users\Lynneth\AppData\Roaming\Microsoft [2010/12/11 10:07:43 | 000,000,000 | ---D | M] -- C:\Users\Lynneth\AppData\Roaming\Mozilla [2010/11/02 19:45:54 | 000,000,000 | ---D | M] -- C:\Users\Lynneth\AppData\Roaming\OpenOffice.org [2008/01/07 22:04:49 | 000,000,000 | ---D | M] -- C:\Users\Lynneth\AppData\Roaming\Roxio [2008/08/30 22:34:43 | 000,000,000 | ---D | M] -- C:\Users\Lynneth\AppData\Roaming\ScanSoft [2008/01/08 18:18:44 | 000,000,000 | RH-D | M] -- C:\Users\Lynneth\AppData\Roaming\SecuROM [2009/09/01 21:40:23 | 000,000,000 | ---D | M] -- C:\Users\Lynneth\AppData\Roaming\SFR [2008/01/09 11:07:02 | 000,000,000 | ---D | M] -- C:\Users\Lynneth\AppData\Roaming\WinRAR [color=#A23BEC]< %APPDATA%\*.exe /s >[/color] [2009/11/02 19:14:22 | 001,924,440 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\Lynneth\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe [2008/05/28 22:28:38 | 000,141,352 | ---- | M] (Microsoft Corporation) -- C:\Users\Lynneth\AppData\Roaming\Microsoft\Live Search\Suppression-Live-Search.exe [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color] [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008/01/19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys [2008/01/19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008/01/19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008/01/19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2007/12/30 20:02:09 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -- C:\Windows\System32\drivers\AGP440.sys [2007/12/30 20:02:09 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_8ed06b47\AGP440.sys [2007/12/30 20:02:09 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.16400_none_b82caac9c18a4e3b\AGP440.sys [2007/12/30 20:02:09 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=BF34B4A0E0B64440C5389AA6B902F4AD -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20496_none_b85af81edaeb8461\AGP440.sys [2006/11/02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys [2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys [2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008/01/19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008/01/19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2007/12/30 20:03:00 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=3E39E69F31F95D056703212E94320899 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_e6b2949c\atapi.sys [2007/12/30 20:03:00 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=3E39E69F31F95D056703212E94320899 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20544_none_dbb443eb3d9db847\atapi.sys [2006/11/02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys [2007/12/30 20:02:45 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=5653737BAD8C6C10136451C195C19881 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20485_none_db8a029f3dbd443b\atapi.sys [2007/12/30 20:15:22 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=61CA2C1E145809813C28752298CF9843 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_5da5d093\atapi.sys [2007/12/30 20:15:22 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=61CA2C1E145809813C28752298CF9843 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20580_none_db8503133dc1c2af\atapi.sys [2007/12/30 20:15:22 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=7EB55F6BEFB392BD312CD0CD5263305D -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_6c3af7d3\atapi.sys [2007/12/30 20:15:22 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=7EB55F6BEFB392BD312CD0CD5263305D -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16470_none_db063634249c06f4\atapi.sys [2007/12/30 20:02:05 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=9E7E85EC61D1C9C3171CC08427108863 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_5a9555b4\atapi.sys [2007/12/30 20:02:05 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=9E7E85EC61D1C9C3171CC08427108863 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20509_none_dbe4850d3d78c736\atapi.sys [2007/12/30 20:02:45 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=A779CA2C76DA4FCB595E692C05E8E4EB -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_82339ef2\atapi.sys [2007/12/30 20:02:45 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=A779CA2C76DA4FCB595E692C05E8E4EB -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16391_none_daf194c024ab5b06\atapi.sys [2008/01/19 06:06:48 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys [2008/01/19 06:06:48 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys [2008/01/19 05:33:23 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_64dfd8ea\atapi.sys [2008/01/19 05:33:23 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008/01/19 06:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys [2008/01/19 06:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys [2009/04/11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys [2009/04/11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys [2009/04/11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys [2006/11/02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys [color=#A23BEC]< MD5 for: CNGAUDIT.DLL >[/color] [2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll [2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll [color=#A23BEC]< MD5 for: DISK.SYS >[/color] [2009/04/11 07:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\System32\drivers\disk.sys [2009/04/11 07:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_5c850fad\disk.sys [2009/04/11 07:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6002.18005_none_fbb1faf0714e4ea6\disk.sys [2008/01/19 08:42:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_90722180\disk.sys [2008/01/19 08:42:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_f9c681e4742c835a\disk.sys [2006/11/02 10:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_e0b0b355\disk.sys [color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color] [2008/10/29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe [2008/10/29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe [2008/10/30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe [2007/08/27 04:10:03 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe [2007/08/27 03:01:58 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe [2008/10/28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe [2006/11/02 10:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe [2008/01/19 08:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe [color=#A23BEC]< MD5 for: IASTORV.SYS >[/color] [2008/01/19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys [2008/01/19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys [2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys [2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009/04/11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys [2009/04/11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys [2006/11/02 10:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_a59069cb1f23fc44\ndis.sys [2008/01/19 08:43:31 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys [color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color] [2006/11/02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll [2009/04/11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll [2009/04/11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll [2008/01/19 08:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll [color=#A23BEC]< MD5 for: NVSTOR.SYS >[/color] [2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys [2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys [2008/01/19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys [2008/01/19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys [color=#A23BEC]< MD5 for: RASACD.SYS >[/color] [2008/01/19 06:56:31 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=147D7F9C556D259924351FEB0DE606C3 -- C:\Windows\System32\drivers\rasacd.sys [2008/01/19 06:56:31 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=147D7F9C556D259924351FEB0DE606C3 -- C:\Windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6001.18000_none_0fd9feb665531f63\rasacd.sys [2006/11/02 09:58:13 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=BD7B30F55B3649506DD8B3D38F571D2A -- C:\Windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6000.16386_none_0da33cba68680e8f\rasacd.sys [color=#A23BEC]< MD5 for: RDPWD.SYS >[/color] [2009/04/11 05:51:27 | 000,180,736 | ---- | M] (Microsoft Corporation) MD5=30BFBDFB7F95559EDE971F9DDB9A00BA -- C:\Windows\System32\drivers\rdpwd.sys [2009/04/11 05:51:27 | 000,180,736 | ---- | M] (Microsoft Corporation) MD5=30BFBDFB7F95559EDE971F9DDB9A00BA -- C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.0.6002.18005_none_4d610153d22453a6\rdpwd.sys [2006/11/02 10:02:15 | 000,160,256 | ---- | M] (Microsoft Corporation) MD5=8830E790A74A96605FABA74F9665BB3C -- C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.0.6000.16386_none_493ec64bd8177786\rdpwd.sys [2008/01/19 07:01:21 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=E1C18F4097A5ABCEC941DC4B2F99DB7E -- C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.0.6001.18000_none_4b758847d502885a\rdpwd.sys [2007/12/30 20:01:54 | 000,161,280 | ---- | M] (Microsoft Corporation) MD5=E2AFAC98FC6CA2AD2D09F2DE1BC71AD9 -- C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.0.6000.20670_none_49cd3512f1325da3\rdpwd.sys [color=#A23BEC]< MD5 for: SCECLI.DLL >[/color] [2008/01/19 08:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll [2006/11/02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll [2009/04/11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll [2009/04/11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll [color=#A23BEC]< MD5 for: SFLOPPY.SYS >[/color] [2006/11/02 09:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=46ED8E91793B2E6F848015445A0AC188 -- C:\Windows\System32\drivers\sfloppy.sys [2006/11/02 09:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=46ED8E91793B2E6F848015445A0AC188 -- C:\Windows\System32\DriverStore\FileRepository\flpydisk.inf_7a4ca8e4\sfloppy.sys [2008/01/19 06:49:48 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=C33BFBD6E9E41FCD9FFEF9729E9FAED6 -- C:\Windows\System32\DriverStore\FileRepository\flpydisk.inf_36da1340\sfloppy.sys [2008/01/19 06:49:48 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=C33BFBD6E9E41FCD9FFEF9729E9FAED6 -- C:\Windows\winsxs\x86_flpydisk.inf_31bf3856ad364e35_6.0.6001.18000_none_e70a102d7a7bbf43\sfloppy.sys [color=#A23BEC]< MD5 for: TCPIP.SYS >[/color] [2008/04/26 09:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys [2008/01/09 17:58:27 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=028061C7F6D2D03068C72E2A27E4228A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16567_none_5f6577ce925d75a7\tcpip.sys [2009/04/11 07:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys [2007/12/30 20:01:54 | 000,803,840 | ---- | M] (Microsoft Corporation) MD5=1915A0B89583583A87563750A543D221 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20597_none_5fcea2efab936c1d\tcpip.sys [2009/12/08 21:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys [2009/08/15 22:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys [2009/08/14 18:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys [2010/02/18 12:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys [2010/02/18 15:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys [2009/08/14 15:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys [2008/01/09 17:58:27 | 000,804,352 | ---- | M] (Microsoft Corporation) MD5=43EAE40B50FE3E60D194DD9C97EBB1FD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20689_none_5fdb7555ab898001\tcpip.sys [2009/12/08 21:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys [2010/02/18 15:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys [2010/02/18 13:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys [2008/02/14 08:53:39 | 000,806,400 | ---- | M] (Microsoft Corporation) MD5=52A8BD6294F7D1443C6184C67AE13AF4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_5ff4e4f9ab7777f4\tcpip.sys [2009/12/08 21:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys [2008/02/14 08:53:40 | 000,803,328 | ---- | M] (Microsoft Corporation) MD5=5DF77458AA92FDB36FCE79C60F74AB5D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_5f90b964923d030a\tcpip.sys [2010/06/16 16:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys [2009/08/14 17:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys [2010/06/16 17:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys [2010/06/16 16:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys [2008/04/26 09:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys [2009/12/08 18:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys [2009/08/14 18:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys [2010/02/18 18:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys [2010/06/16 17:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\System32\drivers\tcpip.sys [2010/06/16 17:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys [2009/12/08 18:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys [2006/11/02 09:58:38 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=D944522B048A5FEB7700B5170D3D9423 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys [2010/02/18 15:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys [2009/12/08 21:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys [2008/01/19 08:43:39 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys [2009/08/14 17:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys [color=#A23BEC]< MD5 for: TDPIPE.SYS >[/color] [2008/01/19 07:01:07 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=5DCF5E267BE67A1AE926F2DF77FBCC56 -- C:\Windows\System32\drivers\tdpipe.sys [2008/01/19 07:01:07 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=5DCF5E267BE67A1AE926F2DF77FBCC56 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.0.6001.18000_none_dbac376c44b742d7\tdpipe.sys [2006/11/02 10:02:01 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=964248AEF49C31FA6A93201A73FFAF50 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.0.6000.16386_none_d975757047cc3203\tdpipe.sys [color=#A23BEC]< MD5 for: TDTCP.SYS >[/color] [2008/01/19 07:01:08 | 000,029,184 | ---- | M] (Microsoft Corporation) MD5=389C63E32B3CEFED425B61ED92D3F021 -- C:\Windows\System32\drivers\tdtcp.sys [2008/01/19 07:01:08 | 000,029,184 | ---- | M] (Microsoft Corporation) MD5=389C63E32B3CEFED425B61ED92D3F021 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.0.6001.18000_none_dbac376c44b742d7\tdtcp.sys [2006/11/02 10:02:01 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=7D2C1AE1648A60FCE4AA0F7982E419D3 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.0.6000.16386_none_d975757047cc3203\tdtcp.sys [color=#A23BEC]< MD5 for: USBPRINT.SYS >[/color] [2006/11/02 10:14:58 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=B51E52ACF758BE00EF3A58EA452FE360 -- C:\Windows\System32\DriverStore\FileRepository\usbprint.inf_35521f61\usbprint.sys [2008/01/19 07:14:40 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\Windows\System32\drivers\usbprint.sys [2008/01/19 07:14:40 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\Windows\System32\DriverStore\FileRepository\usbprint.inf_29f90369\usbprint.sys [2008/01/19 07:14:40 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\Windows\winsxs\x86_usbprint.inf_31bf3856ad364e35_6.0.6001.18000_none_32f9c26ac169fb1e\usbprint.sys [color=#A23BEC]< MD5 for: USBSCAN.SYS >[/color] [2008/01/19 07:14:09 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\System32\drivers\usbscan.sys [2008/01/19 07:14:09 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_0bb72b9f\usbscan.sys [2008/01/19 07:14:09 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_67b3f94c\usbscan.sys [2008/01/19 07:14:09 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6001.18000_none_59ded168e0c6a0d3\usbscan.sys [2008/01/19 07:14:09 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6002.18005_none_5bca4a74dde86c1f\usbscan.sys [2006/11/02 10:14:17 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=B1F95285C08DDFE00C0B955462637EC7 -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_727905e0\usbscan.sys [color=#A23BEC]< MD5 for: USERINIT.EXE >[/color] [2008/01/19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe [2008/01/19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe [2006/11/02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe [color=#A23BEC]< MD5 for: WININIT.EXE >[/color] [2008/01/19 08:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe [2008/01/19 08:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe [2006/11/02 10:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe [2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2006/11/02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe [2008/01/19 08:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [2007/08/14 09:40:52 | 000,319,488 | ---- | M] (Advanced Micro Devices, Inc.)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\ATIDEMGX.dll [2007/03/21 20:33:50 | 000,065,536 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\Windows\System32\bcmwlrmt.dll [2006/11/02 10:46:04 | 000,380,957 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\expsrv.dll [2009/04/11 07:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\rsaenh.dll [2009/04/11 07:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\SLC.dll [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 76 bytes -> C:\Users\Lynneth\Documents\voiture:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Lynneth\Documents\travail - administratif:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Lynneth\Documents\reprises concours:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Lynneth\Documents\pole emploi:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Lynneth\Documents\OpenOffice.org 3.2 (fr) Installation Files:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Lynneth\Documents\My Stationery:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Lynneth\Documents\My Games:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Lynneth\Documents\lambermont:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Lynneth\Documents\équitation france:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Lynneth\Documents\équitation belgique:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Lynneth\Documents\Dell Webcam Center:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Lynneth\Documents\cuisine:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Lynneth\Documents\crois rouge:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Lynneth\Documents\commune belgique:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Lynneth\Desktop\mp:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Lynneth\Desktop\imprimante:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Lynneth\Desktop\cours bpjeps:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Lynneth\Desktop\2010_12_06:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Lynneth\Desktop\2010_11_02:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Lynneth\Desktop\2010_10_09:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Lynneth\Desktop\2010_09_07:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Lynneth\Desktop\2010_09_03:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Lynneth\Desktop\2010_08_12:Roxio EMC Stream < End of report >

J'ajouterais que j'ai une partition de sauvegarde et je crois avoir un cd mais ne l'ai pas sur moi (il est dans le carton de l'ordi chez mes parents), je ne pense pas pouvoir le récupérer avant ce we.

merci

danakil · le 04 Jan 2011 06:38

Salut!

Tu vas réaliser 2 étapes dans cette ordre :

#1 Renommer le titre de ton sujet.
Reviens sur ton premier post, celui commencant par :

Bonjour,

Je suis embêtée depuis hier soir par un message de ...

> Clique sur le bouton EDITER
> Remplace le titre de ton sujet --> "Dell Wireless WLAN .... à cessé de fonctionner" par celui-ci :

Infection trojan RKHIT.SYS

> Poste ensuite normalement.

#2 Suppression de l'infection.
> Fais un double-clic sur l'icône d'OTL pour le lancer.
(Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur")
> Assure toi d'avoir fermé toutes les applications en court de fonctionnement.
> Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) que la case "Rapport minimal" soit cochée.
*> Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"

Code: Tout sélectionner: :Files C:\WINDOWS\System32\drivers\RKHit.sys :OTL DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RKHit.sys -- (RkHit) :Commands [clearrestorepoints] [emptytemp] [emptyflash] [resethosts]

> Cliques sur l'icône "Correction" (en haut à gauche) .
> Laisse le scan aller à son terme sans te servir du PC
> A la fin du scan un rapport va s'ouvrir "OTL.Txt"
> Copie et colle le rapports dans ta réponse stp...
> Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés

/!\ Si tu n'arrives pas à exécuter une des étapes - Stoppes tout et viens m'en avertir.

... Prochaine étape, nettoyage des périphériques ...

Lynneth · le 04 Jan 2011 19:24

Bonsoir,

J'ai exécuté la 2ème ( j'ai oubliée d'exécuter en tant qu'anministrteur : est-ce grave ? OTL s'est ouvert, je l'avait déjà ouvert de cette manière pour les 1er rapports).
A la fin de la correction, OTL m'a demandé de redémarrer l'ordi et le rapport obtenu de s'appelait pas OTL.txt mais le titre est une succession de chiffres.
voila le rapport :

Code: Tout sélectionner: All processes killed ========== FILES ========== File\Folder C:\WINDOWS\System32\drivers\RKHit.sys not found. ========== OTL ========== Service RkHit stopped successfully! Service RkHit deleted successfully! File C:\Windows\System32\drivers\RKHit.sys not found. ========== COMMANDS ========== Error: Unable to interpret <[clearrestorepoints]> in the current context! [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Invité ->Temp folder emptied: 4927958 bytes ->Temporary Internet Files folder emptied: 239354 bytes ->FireFox cache emptied: 46096459 bytes ->Flash cache emptied: 1316 bytes User: Lynneth ->Temp folder emptied: 15824851 bytes ->Temporary Internet Files folder emptied: 6538711 bytes ->Java cache emptied: 14213543 bytes ->FireFox cache emptied: 68539306 bytes ->Apple Safari cache emptied: 920576 bytes ->Flash cache emptied: 1941796 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 45921203 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 196,00 mb [EMPTYFLASH] User: All Users User: Default User: Default User User: Invité ->Flash cache emptied: 0 bytes User: Lynneth ->Flash cache emptied: 0 bytes User: Public Total Flash Files Cleaned = 0,00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.20.1 log created on 01042011_190149 Files\Folders moved on Reboot... File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot. C:\Windows\temp\JETAE86.tmp moved successfully. Registry entries deleted on Reboot...

De plus quand j'ai démarré mon ordi en rentrant il y avait plein de dossier inconnus en transparence sur le bureau, dans C:/,.... Ils ont disparus après que OTL est redémarré l'ordi. Est-ce normal?

Merci

danakil · le 04 Jan 2011 23:28

De plus quand j'ai démarré mon ordi en rentrant il y avait plein de dossier inconnus en transparence sur le bureau, dans C:/,.... Ils ont disparus après que OTL est redémarré l'ordi. Est-ce normal?

Oui!
Le PC était en attente d'un raffraichissement de son environnement par un redémarrage.

Maintenant applique les procédures en images comme indiquées sur le lien ci-dessous :
tutoriel-malwarebytes-anti-malware-vt-46564.html
> Poste moi le rapport de suppression.

Lynneth · le 04 Jan 2011 23:39

salut

Voila le rapport :

Code: Tout sélectionner: Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Version de la base de données: 5460 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18999 5/01/2011 1:26:11 mbam-log-2011-01-05 (01-26-11).txt Type d'examen: Examen complet (C:\|D:\|) Elément(s) analysé(s): 321079 Temps écoulé: 1 heure(s), 33 minute(s), 54 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 1 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\Software\Winsudate (Adware.GibMedia) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)

merci

H3bus · le 05 Jan 2011 00:26

Surtout pas, c'est une arnaque. Télécharges le dans notre logithèque, le lien est sur (et il faut réfléchir un peu avant de cliquer)...

http://www.pc-infopratique.com/telechar ... lware.html

De manière générale, ne télécharges des logiciels que sur des sites de confiance (ici même, PCInpact, Clubic, et bien d'autres), ou sur le site officiel du logiciel.

Lynneth · le 05 Jan 2011 01:32

Salut H3bus

Effectivement je me doutait que c'était pas ça alors je l'ai pas téléchargé là.
En fait je suis allé le chercher sur google en tapant le nom et la version et je suis tombée sur le site "officiel" (http://www.malwarebytes.org).
Je suis juste un peu bête je ne suis pas allée jusqu'au bout de la page et ai pas vu le lien de téléchargement (comme quoi c'est un peu vrai ce qu'on dit sur les blondes)

merci

danakil · le 05 Jan 2011 12:32

Salut à tous!

... (comme quoi c'est un peu vrai ce qu'on dit sur les blondes)

Je vais te rassurer, cela n'arrive pas qu'à cette charmante catégorie de la gente féminine. :wink:

Fais ceci maintenant :
• Télécharge Dial-a-fix sur ton Bureau.

• Décompresse le > Clic droit dessus > Extraire ici.

• Ouvre le dossier Dial-a-fix qui vient d'être créé.

• Double clique sur le fichier Dial-a-fix.exe
(Vista et Seven > Clic droit dessus > Exécuter en tant qu'Administrateur)

• Clique sur le bouton vert pour tout sélectionner.

• Clique sur le bouton Go et laisse Dial-a-fix travailler.

• Ensuite clique sur le bouton Flush SoftwareDistribution

• Quand le logiciel a fini de travailler, ferme le et redémarre ton PC.

• Confirme moi la bonne réalisation de cette procédure.

Lynneth · le 05 Jan 2011 19:39

Salut,

J'ai pas encore réalisé la procédure mais j'ai rencontré un petit souci depuis hier soir quand j'ouvre ma boite mail.
Une fenêtre s'ouvre et me dis :

Un script sur cette page est peut-être occupé ou ne répond plus. Vous pouvez arrêter le script maintenant ou attendre pour voir si le script se terminera.

Script : https://mail.google.com/mail/?ui=2&view ... 87E&fri:73

Est-ce en rapport avec le problème que l'on est en train de traiter?

Merci

Lynneth · le 05 Jan 2011 20:07

Re,

J'ai voulu appliquer la procédure mais, une fois le dossier décompressé, je ne peux pas l'ouvrir. Pourtant j'ai bien exécuté en tant qu'administrateur.
Il me dit (traduction approximative) : Dial-a-fix n'est pas (encore) prêt pour Vista. Il y a beaucoup de changement dans Vista qui empêche le bon fonctionnement de Dial-a-fix. "Check the Dial-a-fix website after Windows Vista has been released in the retail market"

J'attends de tes nouvelles pour savoir quoi faire

Merci

danakil · le 06 Jan 2011 16:54

C'est de ma faute, je n'ai pas vérifié la compatibilité du tool avec Vista.

Une question :
Tu as une connexion en Wifi sur ton PC?

Lynneth · le 06 Jan 2011 19:54

Salut,

effectivement j'ai une connexion wifi. Pourquoi ?

a+

danakil · le 07 Jan 2011 08:19

Lynneth a écrit:Salut,

effectivement j'ai une connexion wifi. Pourquoi ?

a+

Dell Wireless WLAN .... à cessé de fonctionner
Un problème avec l'utilisation de la Wifi serait la source de ce message ... J'étudie actuellement une procédure pour régler ce souci.
Pour l'infection c'est Résolu! Plus de souci de ce côté.

Question :
Ta Wifi fonctionne-t-elle?
(Je cherche à déterminer si cela est une notification d'erreur ou alors si on doit effectuer une réparation).

Infection trojan RKHIT.SYS

Infection trojan RKHIT.SYS

Re: Dell Wireless WLAN .... à cessé de fonctionner

Re: Dell Wireless WLAN .... à cessé de fonctionner

Re: Dell Wireless WLAN .... à cessé de fonctionner

Re: Infection trojan RKHIT.SYS

Re: Infection trojan RKHIT.SYS

Re: Infection trojan RKHIT.SYS

Re: Infection trojan RKHIT.SYS

Re: Infection trojan RKHIT.SYS

Re: Infection trojan RKHIT.SYS

Re: Infection trojan RKHIT.SYS

Re: Infection trojan RKHIT.SYS

Re: Infection trojan RKHIT.SYS

Re: Infection trojan RKHIT.SYS

Re: Infection trojan RKHIT.SYS

Sujets similaires

Qui est en ligne