bagneki

salut et merci beaucoup pour la disponibiliter. VOICI LES CARACTERISTIQUES DE MON PORTABLE. HP. windows seven ultimate PENTIUM® DUAL CORE CPU T4200 @2.00 GHz 2.00GHz installed memory ram 3.00 GB SYSTEM:SYSTEM 32-BIT 2 partition C et D j'enregistre les documents dans le dossier mes documents et les programes sont enregistrer dans le dossier mes programes. le probleme comme je l'ai expliquer plus haut c'est que tous les documents que j'enregistres sont effaccer a chaque redemarage de l'ordinateur.les seuls programes qui restent sont celles qui ont etes installes initialement dans l'ordidinateur. je ne peux non plus desinstaller ou suprimer un programme initialement installer. ce probleme je l'ai depuis que j'ai obtenue cet ordinateur portable. merci de votre aide

bonjour a tous. j'ai un ordinateur portable de marque HP. sous windows 7. depuis que je l'ai acquis, chaque fois que j'enregistre un document ou un programme, il s'efface automatiquement a chaque redémarrage. I l m'est ainsi impossible de télécharger un document , un fichier ou encore un programme et de l'enregistrer sur mon laptop.je ne sais plus quoi faire.

Bonjour à tous, J'ai un ordinateur portable de marque HP. Depuis que je l'ai acquis, chaque fois que j'enregistre un document ou un programme, il s'efface automatiquement à chaque redémarrage. Je ne sais plus quoi faire.

salut NO.PP et merci encore une fois de plus. j'ai pas de probleme consernant l'anglais. voila j'ai commencer la procedure de fin de desinfection en installant update checker et en mettant en jour les programmes repertorier. avant de commencer la procedure de creation de l'image disque, j'ai fais un nouveau scan avec antivir et mbam histoire de voir si mon laptop etait sain. voici le rapport que j'ai eu: je voudrais aussi savoir si la creation de l'image disque avec le probleme windows actuel est sain Avira AntiVir Personal Date de création du fichier de rapport : Sunday, July 04, 2010 22:44 La recherche porte sur 2287529 souches de virus. Détenteur de la licence : Avira AntiVir Personal - FREE Antivirus Numéro de série : 0000149996-ADJIE-0000001 Plateforme : Windows Vista Version de Windows : (Service Pack 2) [6.0.6002] Mode Boot : Démarré normalement Identifiant : SYSTEM Nom de l'ordinateur : HUGUES-PC Informations de version : BUILD.DAT : 9.0.0.77 21698 Bytes 6/9/2010 12:01:00 AVSCAN.EXE : 9.0.3.10 466689 Bytes 10/13/2009 19:25:46 AVSCAN.DLL : 9.0.3.0 49409 Bytes 3/3/2009 18:21:02 LUKE.DLL : 9.0.3.2 209665 Bytes 2/20/2009 19:35:11 LUKERES.DLL : 9.0.2.0 13569 Bytes 3/3/2009 18:21:31 VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 15:35:52 VBASE001.VDF : 7.10.1.0 1372672 Bytes 11/19/2009 15:01:24 VBASE002.VDF : 7.10.3.1 3143680 Bytes 1/20/2010 15:01:37 VBASE003.VDF : 7.10.3.75 996864 Bytes 1/26/2010 15:01:44 VBASE004.VDF : 7.10.4.203 1579008 Bytes 3/5/2010 15:01:52 VBASE005.VDF : 7.10.6.82 2494464 Bytes 4/15/2010 15:02:03 VBASE006.VDF : 7.10.7.218 2294784 Bytes 6/2/2010 15:02:12 VBASE007.VDF : 7.10.7.219 2048 Bytes 6/2/2010 15:02:12 VBASE008.VDF : 7.10.7.220 2048 Bytes 6/2/2010 15:02:12 VBASE009.VDF : 7.10.7.221 2048 Bytes 6/2/2010 15:02:13 VBASE010.VDF : 7.10.7.222 2048 Bytes 6/2/2010 15:02:13 VBASE011.VDF : 7.10.7.223 2048 Bytes 6/2/2010 15:02:13 VBASE012.VDF : 7.10.7.224 2048 Bytes 6/2/2010 15:02:13 VBASE013.VDF : 7.10.8.37 270336 Bytes 6/10/2010 15:02:14 VBASE014.VDF : 7.10.8.69 138752 Bytes 6/14/2010 15:02:15 VBASE015.VDF : 7.10.8.102 130560 Bytes 6/16/2010 15:02:16 VBASE016.VDF : 7.10.8.135 152064 Bytes 6/21/2010 15:02:17 VBASE017.VDF : 7.10.8.163 432128 Bytes 6/23/2010 15:02:19 VBASE018.VDF : 7.10.8.194 133632 Bytes 6/27/2010 05:13:38 VBASE019.VDF : 7.10.8.220 134656 Bytes 6/29/2010 05:44:56 VBASE020.VDF : 7.10.8.221 2048 Bytes 6/29/2010 05:44:56 VBASE021.VDF : 7.10.8.222 2048 Bytes 6/29/2010 05:44:56 VBASE022.VDF : 7.10.8.223 2048 Bytes 6/29/2010 05:44:57 VBASE023.VDF : 7.10.8.224 2048 Bytes 6/29/2010 05:44:57 VBASE024.VDF : 7.10.8.225 2048 Bytes 6/29/2010 05:44:57 VBASE025.VDF : 7.10.8.226 2048 Bytes 6/29/2010 05:44:58 VBASE026.VDF : 7.10.8.227 2048 Bytes 6/29/2010 05:44:58 VBASE027.VDF : 7.10.8.228 2048 Bytes 6/29/2010 05:44:58 VBASE028.VDF : 7.10.8.229 2048 Bytes 6/29/2010 05:44:59 VBASE029.VDF : 7.10.8.230 2048 Bytes 6/29/2010 05:44:59 VBASE030.VDF : 7.10.8.231 2048 Bytes 6/29/2010 05:44:59 VBASE031.VDF : 7.10.8.247 115712 Bytes 7/2/2010 06:57:14 Version du moteur : 8.2.4.2 AEVDF.DLL : 8.1.2.0 106868 Bytes 6/25/2010 15:02:44 AESCRIPT.DLL : 8.1.3.33 1356155 Bytes 6/25/2010 15:02:44 AESCN.DLL : 8.1.6.1 127347 Bytes 6/25/2010 15:02:42 AESBX.DLL : 8.1.3.1 254324 Bytes 6/25/2010 15:02:45 AERDL.DLL : 8.1.4.6 541043 Bytes 6/25/2010 15:02:41 AEPACK.DLL : 8.2.2.5 430453 Bytes 6/25/2010 15:02:39 AEOFFICE.DLL : 8.1.1.0 201081 Bytes 6/25/2010 15:02:38 AEHEUR.DLL : 8.1.1.38 2724214 Bytes 6/25/2010 15:02:37 AEHELP.DLL : 8.1.11.6 242038 Bytes 6/25/2010 15:02:29 AEGEN.DLL : 8.1.3.12 377204 Bytes 6/25/2010 15:02:28 AEEMU.DLL : 8.1.2.0 393588 Bytes 6/25/2010 15:02:27 AECORE.DLL : 8.1.15.3 192886 Bytes 6/25/2010 15:02:26 AEBB.DLL : 8.1.1.0 53618 Bytes 6/25/2010 15:02:26 AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 16:47:30 AVPREF.DLL : 9.0.3.0 44289 Bytes 8/26/2009 23:13:31 AVREP.DLL : 8.0.0.7 159784 Bytes 6/25/2010 15:02:46 AVREG.DLL : 9.0.0.0 36609 Bytes 11/7/2008 23:24:42 AVARKT.DLL : 9.0.0.3 292609 Bytes 3/24/2009 23:05:22 AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 1/30/2009 18:36:37 SQLITE3.DLL : 3.6.1.0 326401 Bytes 1/28/2009 23:03:49 SMTPLIB.DLL : 9.2.0.25 28417 Bytes 2/2/2009 16:20:57 NETNT.DLL : 9.0.0.0 11521 Bytes 11/7/2008 23:40:59 RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 6/17/2009 21:44:26 RCTEXT.DLL : 9.0.73.0 88321 Bytes 11/3/2009 00:58:32 Configuration pour la recherche actuelle : Nom de la tâche...............................: Contrôle intégral du système Fichier de configuration......................: c:\program files\avira\antivir desktop\sysscan.avp Documentation.................................: bas Action principale.............................: interactif Action secondaire.............................: ignorer Recherche sur les secteurs d'amorçage maître..: marche Recherche sur les secteurs d'amorçage.........: marche Secteurs d'amorçage...........................: C:, D:, Recherche dans les programmes actifs..........: marche Recherche en cours sur l'enregistrement.......: marche Recherche de Rootkits.........................: marche Contrôle d'intégrité de fichiers système......: arrêt Fichier mode de recherche.....................: Tous les fichiers Recherche sur les archives....................: marche Limiter la profondeur de récursivité..........: 20 Archive Smart Extensions......................: marche Heuristique de macrovirus.....................: marche Heuristique fichier...........................: moyen Début de la recherche : Sunday, July 04, 2010 22:44 La recherche d'objets cachés commence. '133098' objets ont été contrôlés, '0' objets cachés ont été trouvés. La recherche sur les processus démarrés commence : Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés Processus de recherche 'iexplore.exe' - '1' module(s) sont contrôlés Processus de recherche 'OfficeLiveSignIn.exe' - '1' module(s) sont contrôlés Processus de recherche 'WINWORD.EXE' - '1' module(s) sont contrôlés Processus de recherche 'AdobeARM.exe' - '1' module(s) sont contrôlés Processus de recherche 'UpdateChecker.exe' - '1' module(s) sont contrôlés Processus de recherche 'LimeWire.exe' - '1' module(s) sont contrôlés Processus de recherche 'taskeng.exe' - '1' module(s) sont contrôlés Processus de recherche 'hpswp_clipbook.exe' - '1' module(s) sont contrôlés Processus de recherche 'msntask.exe' - '1' module(s) sont contrôlés Processus de recherche 'jusched.exe' - '1' module(s) sont contrôlés Processus de recherche 'HPHC_Service.exe' - '1' module(s) sont contrôlés Processus de recherche 'symlcsvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'SynTPHelper.exe' - '1' module(s) sont contrôlés Processus de recherche 'CCC.exe' - '1' module(s) sont contrôlés Processus de recherche 'HpqToaster.exe' - '1' module(s) sont contrôlés Processus de recherche 'WiFiMsg.exe' - '1' module(s) sont contrôlés Processus de recherche 'Com4QLBEx.exe' - '1' module(s) sont contrôlés Processus de recherche 'unsecapp.exe' - '1' module(s) sont contrôlés Processus de recherche 'internetcalls.exe' - '1' module(s) sont contrôlés Processus de recherche 'wmpnetwk.exe' - '1' module(s) sont contrôlés Processus de recherche 'GoogleToolbarNotifier.exe' - '1' module(s) sont contrôlés Processus de recherche 'wmpnscfg.exe' - '1' module(s) sont contrôlés Processus de recherche 'LightScribeControlPanel.exe' - '1' module(s) sont contrôlés Processus de recherche 'MOM.exe' - '1' module(s) sont contrôlés Processus de recherche 'sidebar.exe' - '1' module(s) sont contrôlés Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés Processus de recherche 'hpqwmiex.exe' - '1' module(s) sont contrôlés Processus de recherche 'GrooveMonitor.exe' - '1' module(s) sont contrôlés Processus de recherche 'ICO.EXE' - '1' module(s) sont contrôlés Processus de recherche 'HPWAMain.exe' - '1' module(s) sont contrôlés Processus de recherche 'hpwuSchd2.exe' - '1' module(s) sont contrôlés Processus de recherche 'HPKBDAPP.exe' - '1' module(s) sont contrôlés Processus de recherche 'QLBCTRL.exe' - '1' module(s) sont contrôlés Processus de recherche 'QPService.exe' - '1' module(s) sont contrôlés Processus de recherche 'SynTPEnh.exe' - '1' module(s) sont contrôlés Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés Processus de recherche 'dwm.exe' - '1' module(s) sont contrôlés Processus de recherche 'AluSchedulerSvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'WmiPrvSE.exe' - '1' module(s) sont contrôlés Processus de recherche 'taskeng.exe' - '1' module(s) sont contrôlés Processus de recherche 'WLIDSVCM.EXE' - '1' module(s) sont contrôlés Processus de recherche 'taskeng.exe' - '1' module(s) sont contrôlés Processus de recherche 'YahooAUService.exe' - '1' module(s) sont contrôlés Processus de recherche 'SearchIndexer.exe' - '1' module(s) sont contrôlés Processus de recherche 'WLIDSVC.EXE' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'ViewpointService.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'RichVideo.exe' - '1' module(s) sont contrôlés Processus de recherche 'BLService.exe' - '1' module(s) sont contrôlés Processus de recherche 'QPSched.exe' - '1' module(s) sont contrôlés Processus de recherche 'QPCapSvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'LSSrvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés Processus de recherche 'agrsmsvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'AEstSrv.exe' - '1' module(s) sont contrôlés Processus de recherche 'ACService.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés Processus de recherche 'CCSVCHST.EXE' - '1' module(s) sont contrôlés Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés Processus de recherche 'wlanext.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'hpservice.exe' - '1' module(s) sont contrôlés Processus de recherche 'Ati2evxx.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'SLsvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'audiodg.exe' - '0' module(s) sont contrôlés Processus de recherche 'stacsv.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'Ati2evxx.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'lsm.exe' - '1' module(s) sont contrôlés Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés Processus de recherche 'services.exe' - '1' module(s) sont contrôlés Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés Processus de recherche 'wininit.exe' - '1' module(s) sont contrôlés Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés '88' processus ont été contrôlés avec '88' modules La recherche sur les secteurs d'amorçage maître commence : Secteur d'amorçage maître HD0 [iNFO] Aucun virus trouvé ! La recherche sur les secteurs d'amorçage commence : Secteur d'amorçage 'C:\' [iNFO] Aucun virus trouvé ! Secteur d'amorçage 'D:\' [iNFO] Aucun virus trouvé ! La recherche sur les renvois aux fichiers exécutables (registre) commence : Le registre a été contrôlé ( '57' fichiers). La recherche sur les fichiers sélectionnés commence : Recherche débutant dans 'C:\' C:\hiberfil.sys [AVERTISSEMENT] Impossible d'ouvrir le fichier ! [REMARQUE] Ce fichier est un fichier système Windows. [REMARQUE] Il est correct que ce fichier ne puisse pas être ouvert pour la recherche. C:\pagefile.sys [AVERTISSEMENT] Impossible d'ouvrir le fichier ! [REMARQUE] Ce fichier est un fichier système Windows. [REMARQUE] Il est correct que ce fichier ne puisse pas être ouvert pour la recherche. C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll [AVERTISSEMENT] Impossible d'ouvrir le fichier ! C:\System Volume Information\SystemRestore\FRStaging\Users\hugues\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\Setup.exe [RESULTAT] Contient le modèle de détection du logiciel espion ou publicitaire ADSPY/DoubleD.A.44 --> OFFLINE/75918810/B94081D6/mvbapp.exe [RESULTAT] Contient le cheval de Troie TR/Dldr.Agent.cxye --> OFFLINE/93CE9E2B/B94081D6/mvbasst.exe [RESULTAT] Contient le cheval de Troie TR/Dldr.Agent.cxye --> OFFLINE/53CCABA1/B94081D6/mvbdl.exe [RESULTAT] Contient le cheval de Troie TR/Dldr.Agent.cxye --> OFFLINE/mFileBagIDE.dll/bag/mvbpx.exe [RESULTAT] Contient le cheval de Troie TR/Dldr.Agent.cxye --> OFFLINE/3A0AAFF0/B94081D6/mvbsvc.exe [RESULTAT] Contient le cheval de Troie TR/Dldr.Agent.cxye --> OFFLINE/mFileBagIDE.dll/bag/LRI.dll [RESULTAT] Contient le cheval de Troie TR/Buzus.M.116 --> OFFLINE/mFileBagIDE.dll/bag/mvbsh.dll [RESULTAT] Contient le modèle de détection du logiciel publicitaire ADWARE/DoubleD.A.1 C:\System Volume Information\SystemRestore\FRStaging\Users\hugues\Documents\hugo\attachments.13zip\Keygen.exe [RESULTAT] Contient le cheval de Troie TR/Trash.Gen C:\System Volume Information\SystemRestore\FRStaging\Users\hugues\Documents\hugo - Copy\attachments.13zip\Keygen.exe [RESULTAT] Contient le cheval de Troie TR/Trash.Gen Recherche débutant dans 'D:\' <HP_RECOVERY> Début de la désinfection : C:\System Volume Information\SystemRestore\FRStaging\Users\hugues\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\Setup.exe [RESULTAT] Contient le modèle de détection du logiciel espion ou publicitaire ADSPY/DoubleD.A.44 [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4ca59f96.qua' ! C:\System Volume Information\SystemRestore\FRStaging\Users\hugues\Documents\hugo\attachments.13zip\Keygen.exe [RESULTAT] Contient le cheval de Troie TR/Trash.Gen [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4caa9f96.qua' ! C:\System Volume Information\SystemRestore\FRStaging\Users\hugues\Documents\hugo - Copy\attachments.13zip\Keygen.exe [RESULTAT] Contient le cheval de Troie TR/Trash.Gen [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4bbe7e8f.qua' ! Fin de la recherche : Monday, July 05, 2010 02:00 Temps nécessaire: 2:27:22 Heure(s) La recherche a été effectuée intégralement 31737 Les répertoires ont été contrôlés 712607 Des fichiers ont été contrôlés 10 Des virus ou programmes indésirables ont été trouvés 0 Des fichiers ont été classés comme suspects 0 Des fichiers ont été supprimés 0 Des virus ou programmes indésirables ont été réparés 3 Les fichiers ont été déplacés dans la quarantaine 0 Les fichiers ont été renommés 3 Impossible de contrôler des fichiers 712594 Fichiers non infectés 6377 Les archives ont été contrôlées 3 Avertissements 5 Consignes 133098 Des objets ont été contrôlés lors du Rootkitscan 0 Des objets cachés ont été trouvés voici le nouveau rapport mbam Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4217 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18928 7/5/2010 8:39:55 AM mbam-log-2010-07-05 (08-39-55).txt Scan type: Full scan (C:\|D:\|) Objects scanned: 356703 Time elapsed: 2 hour(s), 34 minute(s), 33 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\System Volume Information\SystemRestore\FRStaging\ProgramData\~0\Setup.exe (Adware.DoubleD) -> Quarantined and deleted successfully.

salut NO.PP et encore merci une fois de plus pour tes conseils. apres avoir suivi les recommendations faites dans les differents sites que tu m'as sugerer, mon probleme persiste toujours. quand je fais la Mise à jour pour Windows Vista (KB931573), ils disent que cette mise a jour ne s'applique pas sur mon system. je ne sais plus quoi faire. merci des eventuels conseils.

salut et merci une fois de plus NO.PP concernant le produit key. je n'ai pas cette cle d'activation. je ne connais pas les chiffres correspondant aux valeurs ****. j'ai acheter ce laptop dans un magasin avec windows preablement installes et sans cd d'installation. j;ai fais une copie de sauvegarde des fichiers juste apres avoir mis en marche l'appareil la premiere fois. je ne sais plus quoi faire. merci une fois de plus.

salut et encore merci une fois de plus .j'ai effectivement lu le tutorial sur microsoft. je suis un debutant dans ces techniques informatiques. voici le diagnostic report que j'ai obtenue apres download and run the Microsoft Genuine Advantage Diagnostics Tool. Diagnostic Report (1.9.0027.0): ----------------------------------------- Windows Validation Data--> Validation Status: Invalid License Validation Code: 50 Cached Online Validation Code: N/A, hr = 0xc004f012 Windows Product Key: *****-*****-27HYQ-XTKW2-WQD8Q Windows Product Key Hash: U8YEZzymoD4DMyaMb32rPrNIS90= Windows Product ID: 89578-OEM-7332157-00061 Windows Product ID Type: 2 Windows License Type: OEM SLP Windows OS version: 6.0.6002.2.00010300.2.0.003 ID: {D1A88D79-653D-4D0D-B3E9-4ED3C4DF7B5C}(1) Is Admin: Yes TestCab: 0x0 LegitcheckControl ActiveX: N/A, hr = 0x80070002 Signed By: N/A, hr = 0x80070002 Product Name: Windows Vista Home Premium Architecture: 0x00000000 Build lab: 6002.vistasp2_gdr.100218-0019 TTS Error: T:20100624031824597- Validation Diagnostic: Resolution Status: N/A Vista WgaER Data--> ThreatID(s): N/A, hr = 0x80070002 Version: 6.0.6002.16398 Windows XP Notifications Data--> Cached Result: N/A, hr = 0x80070002 File Exists: No Version: N/A, hr = 0x80070002 WgaTray.exe Signed By: N/A, hr = 0x80070002 WgaLogon.dll Signed By: N/A, hr = 0x80070002 OGA Notifications Data--> Cached Result: N/A, hr = 0x80070002 Version: N/A, hr = 0x80070002 OGAExec.exe Signed By: N/A, hr = 0x80070002 OGAAddin.dll Signed By: N/A, hr = 0x80070002 OGA Data--> Office Status: 108 Invalid VLK Microsoft Office Enterprise 2007 - 108 Invalid VLK Microsoft Office Home and Student 2007 - 100 Genuine OGA Version: N/A, 0x80070002 Signed By: N/A, hr = 0x80070002 Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3_E2AD56EA-765-d003_E2AD56EA-766-0_E2AD56EA-134-80004005_E2AD56EA-765-d003_E2AD56EA-766-0_E2AD56EA-134-80004005 Browser Data--> Proxy settings: N/A User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32) Default Browser: C:\Program Files\Google\Chrome\Application\chrome.exe Download signed ActiveX controls: Prompt Download unsigned ActiveX controls: Disabled Run ActiveX controls and plug-ins: Allowed Initialize and script ActiveX controls not marked as safe: Disabled Allow scripting of Internet Explorer Webbrowser control: Disabled Active scripting: Allowed Script ActiveX controls marked as safe for scripting: Allowed File Scan Data--> Other data--> Office Details: <GenuineResults><MachineData><UGUID>{D1A88D79-653D-4D0D-B3E9-4ED3C4DF7B5C}</UGUID><Version>1.9.0027.0</Version><OS>6.0.6002.2.00010300.2.0.003</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-WQD8Q</PKey><PID>89578-OEM-7332157-00061</PID><PIDType>2</PIDType><SID>S-1-5-21-1286651634-2638253971-3409342703</SID><SYSTEM><Manufacturer>Hewlett-Packard</Manufacturer><Model>HP Pavilion dv5 Notebook PC</Model></SYSTEM><BIOS><Manufacturer>Hewlett-Packard</Manufacturer><Version>F.07</Version><SMBIOSVersion major="2" minor="4"/><Date>20080717000000.000000+000</Date></BIOS><HWID>D9333507018400F6</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Pacific Standard Time(GMT-08:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>HPQOEM</OEMID><OEMTableID>SLIC-MPC</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>108</Result><Products><Product GUID="{90120000-0030-0000-0000-0000000FF1CE}"><LegitResult>108</LegitResult><Name>Microsoft Office Enterprise 2007</Name><Ver>12</Ver><Val>7A1654262DD7D86</Val><Hash>H9BN8wmuijfBV1RWmcz3vSjhaxk=</Hash><Pid>89388-707-2642232-65194</Pid><PidType>14</PidType></Product><Product GUID="{91120000-002F-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Home and Student 2007</Name><Ver>12</Ver><Val>9064050AA1DCAC6</Val><Hash>GwDP0sPo0zDnOBti7fP4fJQcsfE=</Hash><Pid>81602-355-1492973-68316</Pid><PidType>10</PidType></Product></Products><Applications><App Id="15" Version="12" Result="108"/><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="108"/><App Id="1A" Version="12" Result="108"/><App Id="1B" Version="12" Result="100"/><App Id="44" Version="12" Result="108"/><App Id="A1" Version="12" Result="100"/><App Id="BA" Version="12" Result="108"/></Applications></Office></Software></GenuineResults> Spsys.log Content: U1BMRwEAAAAAAQAABAAAAE4JAAAAAAAAYWECAOQf5qsTb57LyxHLASPvOhE4aiPWkIrToHXwxdqsqsJoMvIeNuEkng0wK1BFJjwfYSxvAgZUWRE7OGw7zzOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAw2LChCixnhclyLKxemNGWeURsGauRK3ZJSyA0LRFG9/+JchmejEjav4HMlCofyvfozkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMI+86EThqI9aQitOgdfDF2sMDZusORI0SdDTyMZGHGdngbNdxHMwE33WzAAnBHGwRM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDYsKEKLGeFyXIsrF6Y0ZZ5i5aUFE3lnHm+vWTn/kVajjpja3QVOfq7yjz+bL0V3nDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwj7zoROGoj1pCK06B18MXaFA3tkhEsiJb6atMPkltAGc0pCh3SfLqHudGQimJUQkczkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMNiwoQosZ4XJciysXpjRlnr3CnZWoxk7KqPbeUpyhxrKIYVddzKaqKrOJ9K7Vd5xAM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDA== Licensing Data--> Windows Activation Technologies--> N/A HWID Data--> HWID Hash Current: OAAAAAEAAgABAAEAAwACAAAAAwABAAEAeqjmw5rUZBYQM3ANuGGe7vL04I/qRaL5KEb4k6xWfig= OEM Activation 1.0 Data--> N/A OEM Activation 2.0 Data--> BIOS valid for OA 2.0: yes Windows marker version: 0x20000 OEMID and OEMTableID Consistent: yes BIOS Information: ACPI Table Name OEMID Value OEMTableID Value APIC HP 30F2 FACP HP 30F2 HPET HP 30F2 BOOT HP 30F2 MCFG HP 30F2 SLIC HPQOEM SLIC-MPC SSDT AMD PowerNow merci de m'eclairer et @+++++++++++++++++

salut NO.PP Apres avoir lu le tutorial, j'ai fais une restauration du systeme a une date anterieure a la date ou le probleme d'activation de windows vista s'est posee ( rappel c'etait apres la deuxieme analyse du system par OTL). meme apres cette restauration le probleme d'activation persite. attente des conseils. a part ce probleme, mon laptop parait revivre . merci beaucoup.

merci une fois de plus pour tous ces tutorials. ils sont vraiment tres utiles. je consulte et je te dis la suite. @++++++++++++++++++++++

merci une fois de plus NO.PP pour tout ce que vous faites pour m'aider a resoudre mon probleme. le fameux message de security warning n'apparait plus. j'ai de nouveau acces a internet dans ma section administrateur les pages semblent s'ouvrir plus rapidement.mais j'ai le laptop qui rame . de plus j'ai toujours un ecran noir sur mon bureau et ce message de windows qui me demande d'activer a nouveau mon windows vista car " an unauthorized change was made to windows"; et de verifier l'authenticite de mon software online. en consultant les information de mon laptop dans control panel, je vois un product ID de 20 caracteres.je ne sais pas si c'ette cle qu'ils demandent. merci une fois de plus de tes conseils. @+++++++++++++++++++++++++

salut NO.PP et merci une fois de plus. voici le rapport de ESET ONLINE SCANNER C:\HP\HPQWare\aim_icq\triton_de_de\setup.exe probably a variant of Win32/Agent trojan C:\HP\HPQWare\aim_icq\triton_en_gb\setup.exe probably a variant of Win32/Agent trojan C:\HP\HPQWare\aim_icq\triton_es_es\setup.exe probably a variant of Win32/Agent trojan C:\HP\HPQWare\aim_icq\triton_fr_fr\setup.exe probably a variant of Win32/Agent trojan C:\HP\HPQWare\aim_icq\triton_it_it\setup.exe probably a variant of Win32/Agent trojan C:\HP\HPQWare\aim_icq\triton_nl_nl\setup.exe probably a variant of Win32/Agent trojan merci une fois de plus

salut NO.PP quand je lance le processus de ESET ONLINE,a un moment ils me donne les options suivants a cocher remove found threats scan archive. dois je cocher les deux cases ou seulement scan archive? il y'a aussi une option advance setting. de plus ils disent que la presence des autres antivirus may affect the performance and the quality of the scan. dans la liste qu'il presente il y'a : AVIRA WINDOWS DEFENDER NORTON ANTIVIRUS 2004 ( celui ci etait une version d'evaluation qui est venue preablement installer quand j'ai acheter le laptop.) ils me recommande ceci: disable the real-time protection components of your other security software before running the ESET Online Scanner because they may intercept the scan being performed by the ESET Online Scanner and slow it down. Remember to turn them back on after you are finished! que dois-je faire? merci de m'eclairer. @+++++++++++++++++++++++++++++++++

salut NO.PP et une fois de plus merci. j'ai pu finalement installer Antivir tel que demander. mais pour le faire j'ai du turn off mon windows defender. dois je turn on windows defender maintenant? quand je redemarre en mode sans echec et j'ouvre le gestionnaire des tâches je ne vois pas de processus "Kernel Veryfier". je vois plutot System NT Kernel. et quand je me rends ici : "C:\Users\hugues\AppData\Local" je ne vois pas de SysSvc et asam. et quand j'ouvre Internet Explorer > Outils > Options Internet > Connexions > Paramètres LAN et décoche "utiliser un proxy..." puis redémarre normalement j'ai de nouveau internet operationel qui s'ouvre dans mon compte administrateur. voici les differents rapports demandes rapport avira Avira AntiVir Personal Date de création du fichier de rapport : Friday, June 25, 2010 08:43 La recherche porte sur 2268885 souches de virus. Détenteur de la licence : Avira AntiVir Personal - FREE Antivirus Numéro de série : 0000149996-ADJIE-0000001 Plateforme : Windows Vista Version de Windows : (Service Pack 2) [6.0.6002] Mode Boot : Démarré normalement Identifiant : SYSTEM Nom de l'ordinateur : HUGUES-PC Informations de version : BUILD.DAT : 9.0.0.77 21698 Bytes 6/9/2010 12:01:00 AVSCAN.EXE : 9.0.3.10 466689 Bytes 10/13/2009 19:25:46 AVSCAN.DLL : 9.0.3.0 49409 Bytes 3/3/2009 18:21:02 LUKE.DLL : 9.0.3.2 209665 Bytes 2/20/2009 19:35:11 LUKERES.DLL : 9.0.2.0 13569 Bytes 3/3/2009 18:21:31 VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 15:35:52 VBASE001.VDF : 7.10.1.0 1372672 Bytes 11/19/2009 15:01:24 VBASE002.VDF : 7.10.3.1 3143680 Bytes 1/20/2010 15:01:37 VBASE003.VDF : 7.10.3.75 996864 Bytes 1/26/2010 15:01:44 VBASE004.VDF : 7.10.4.203 1579008 Bytes 3/5/2010 15:01:52 VBASE005.VDF : 7.10.6.82 2494464 Bytes 4/15/2010 15:02:03 VBASE006.VDF : 7.10.7.218 2294784 Bytes 6/2/2010 15:02:12 VBASE007.VDF : 7.10.7.219 2048 Bytes 6/2/2010 15:02:12 VBASE008.VDF : 7.10.7.220 2048 Bytes 6/2/2010 15:02:12 VBASE009.VDF : 7.10.7.221 2048 Bytes 6/2/2010 15:02:13 VBASE010.VDF : 7.10.7.222 2048 Bytes 6/2/2010 15:02:13 VBASE011.VDF : 7.10.7.223 2048 Bytes 6/2/2010 15:02:13 VBASE012.VDF : 7.10.7.224 2048 Bytes 6/2/2010 15:02:13 VBASE013.VDF : 7.10.8.37 270336 Bytes 6/10/2010 15:02:14 VBASE014.VDF : 7.10.8.69 138752 Bytes 6/14/2010 15:02:15 VBASE015.VDF : 7.10.8.102 130560 Bytes 6/16/2010 15:02:16 VBASE016.VDF : 7.10.8.135 152064 Bytes 6/21/2010 15:02:17 VBASE017.VDF : 7.10.8.163 432128 Bytes 6/23/2010 15:02:19 VBASE018.VDF : 7.10.8.164 2048 Bytes 6/23/2010 15:02:20 VBASE019.VDF : 7.10.8.165 2048 Bytes 6/23/2010 15:02:20 VBASE020.VDF : 7.10.8.166 2048 Bytes 6/23/2010 15:02:20 VBASE021.VDF : 7.10.8.167 2048 Bytes 6/23/2010 15:02:21 VBASE022.VDF : 7.10.8.168 2048 Bytes 6/23/2010 15:02:21 VBASE023.VDF : 7.10.8.169 2048 Bytes 6/23/2010 15:02:21 VBASE024.VDF : 7.10.8.170 2048 Bytes 6/23/2010 15:02:22 VBASE025.VDF : 7.10.8.171 2048 Bytes 6/23/2010 15:02:22 VBASE026.VDF : 7.10.8.172 2048 Bytes 6/23/2010 15:02:22 VBASE027.VDF : 7.10.8.173 2048 Bytes 6/23/2010 15:02:23 VBASE028.VDF : 7.10.8.174 2048 Bytes 6/23/2010 15:02:23 VBASE029.VDF : 7.10.8.175 2048 Bytes 6/23/2010 15:02:23 VBASE030.VDF : 7.10.8.176 2048 Bytes 6/23/2010 15:02:24 VBASE031.VDF : 7.10.8.188 103424 Bytes 6/25/2010 15:02:25 Version du moteur : 8.2.4.2 AEVDF.DLL : 8.1.2.0 106868 Bytes 6/25/2010 15:02:44 AESCRIPT.DLL : 8.1.3.33 1356155 Bytes 6/25/2010 15:02:44 AESCN.DLL : 8.1.6.1 127347 Bytes 6/25/2010 15:02:42 AESBX.DLL : 8.1.3.1 254324 Bytes 6/25/2010 15:02:45 AERDL.DLL : 8.1.4.6 541043 Bytes 6/25/2010 15:02:41 AEPACK.DLL : 8.2.2.5 430453 Bytes 6/25/2010 15:02:39 AEOFFICE.DLL : 8.1.1.0 201081 Bytes 6/25/2010 15:02:38 AEHEUR.DLL : 8.1.1.38 2724214 Bytes 6/25/2010 15:02:37 AEHELP.DLL : 8.1.11.6 242038 Bytes 6/25/2010 15:02:29 AEGEN.DLL : 8.1.3.12 377204 Bytes 6/25/2010 15:02:28 AEEMU.DLL : 8.1.2.0 393588 Bytes 6/25/2010 15:02:27 AECORE.DLL : 8.1.15.3 192886 Bytes 6/25/2010 15:02:26 AEBB.DLL : 8.1.1.0 53618 Bytes 6/25/2010 15:02:26 AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 16:47:30 AVPREF.DLL : 9.0.3.0 44289 Bytes 8/26/2009 23:13:31 AVREP.DLL : 8.0.0.7 159784 Bytes 6/25/2010 15:02:46 AVREG.DLL : 9.0.0.0 36609 Bytes 11/7/2008 23:24:42 AVARKT.DLL : 9.0.0.3 292609 Bytes 3/24/2009 23:05:22 AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 1/30/2009 18:36:37 SQLITE3.DLL : 3.6.1.0 326401 Bytes 1/28/2009 23:03:49 SMTPLIB.DLL : 9.2.0.25 28417 Bytes 2/2/2009 16:20:57 NETNT.DLL : 9.0.0.0 11521 Bytes 11/7/2008 23:40:59 RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 6/17/2009 21:44:26 RCTEXT.DLL : 9.0.73.0 88321 Bytes 11/3/2009 00:58:32 Configuration pour la recherche actuelle : Nom de la tâche...............................: Contrôle intégral du système Fichier de configuration......................: c:\program files\avira\antivir desktop\sysscan.avp Documentation.................................: bas Action principale.............................: interactif Action secondaire.............................: ignorer Recherche sur les secteurs d'amorçage maître..: marche Recherche sur les secteurs d'amorçage.........: marche Secteurs d'amorçage...........................: C:, D:, Recherche dans les programmes actifs..........: marche Recherche en cours sur l'enregistrement.......: marche Recherche de Rootkits.........................: marche Contrôle d'intégrité de fichiers système......: arrêt Fichier mode de recherche.....................: Tous les fichiers Recherche sur les archives....................: marche Limiter la profondeur de récursivité..........: 20 Archive Smart Extensions......................: marche Heuristique de macrovirus.....................: marche Heuristique fichier...........................: moyen Début de la recherche : Friday, June 25, 2010 08:43 La recherche d'objets cachés commence. '122734' objets ont été contrôlés, '0' objets cachés ont été trouvés. La recherche sur les processus démarrés commence : Processus de recherche 'WmiPrvSE.exe' - '1' module(s) sont contrôlés Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés Processus de recherche 'notepad.exe' - '1' module(s) sont contrôlés Processus de recherche 'notepad.exe' - '1' module(s) sont contrôlés Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés Processus de recherche 'iexplore.exe' - '1' module(s) sont contrôlés Processus de recherche 'iexplore.exe' - '1' module(s) sont contrôlés Processus de recherche 'symlcsvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'iexplore.exe' - '1' module(s) sont contrôlés Processus de recherche 'iexplore.exe' - '1' module(s) sont contrôlés Processus de recherche 'FlashUtil10d.exe' - '1' module(s) sont contrôlés Processus de recherche 'hpswp_clipbook.exe' - '1' module(s) sont contrôlés Processus de recherche 'msntask.exe' - '1' module(s) sont contrôlés Processus de recherche 'iexplore.exe' - '1' module(s) sont contrôlés Processus de recherche 'iexplore.exe' - '1' module(s) sont contrôlés Processus de recherche 'iexplore.exe' - '1' module(s) sont contrôlés Processus de recherche 'iexplore.exe' - '1' module(s) sont contrôlés Processus de recherche 'iexplore.exe' - '1' module(s) sont contrôlés Processus de recherche 'iexplore.exe' - '1' module(s) sont contrôlés Processus de recherche 'iexplore.exe' - '1' module(s) sont contrôlés Processus de recherche 'iexplore.exe' - '1' module(s) sont contrôlés Processus de recherche 'SynTPHelper.exe' - '1' module(s) sont contrôlés Processus de recherche 'CCC.exe' - '1' module(s) sont contrôlés Processus de recherche 'Com4QLBEx.exe' - '1' module(s) sont contrôlés Processus de recherche 'sidebar.exe' - '1' module(s) sont contrôlés Processus de recherche 'HpqToaster.exe' - '1' module(s) sont contrôlés Processus de recherche 'WiFiMsg.exe' - '1' module(s) sont contrôlés Processus de recherche 'WmiPrvSE.exe' - '1' module(s) sont contrôlés Processus de recherche 'hpqwmiex.exe' - '1' module(s) sont contrôlés Processus de recherche 'HPHC_Service.exe' - '1' module(s) sont contrôlés Processus de recherche 'MOM.exe' - '1' module(s) sont contrôlés Processus de recherche 'AluSchedulerSvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'LightScribeControlPanel.exe' - '1' module(s) sont contrôlés Processus de recherche 'sidebar.exe' - '1' module(s) sont contrôlés Processus de recherche 'GrooveMonitor.exe' - '1' module(s) sont contrôlés Processus de recherche 'ICO.EXE' - '1' module(s) sont contrôlés Processus de recherche 'jusched.exe' - '1' module(s) sont contrôlés Processus de recherche 'HPWAMain.exe' - '1' module(s) sont contrôlés Processus de recherche 'hpwuSchd2.exe' - '1' module(s) sont contrôlés Processus de recherche 'HPKBDAPP.exe' - '1' module(s) sont contrôlés Processus de recherche 'QLBCTRL.exe' - '1' module(s) sont contrôlés Processus de recherche 'QPService.exe' - '1' module(s) sont contrôlés Processus de recherche 'SynTPEnh.exe' - '1' module(s) sont contrôlés Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés Processus de recherche 'dwm.exe' - '1' module(s) sont contrôlés Processus de recherche 'taskeng.exe' - '1' module(s) sont contrôlés Processus de recherche 'taskeng.exe' - '1' module(s) sont contrôlés Processus de recherche 'YahooAUService.exe' - '1' module(s) sont contrôlés Processus de recherche 'SearchIndexer.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'ViewpointService.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'RichVideo.exe' - '1' module(s) sont contrôlés Processus de recherche 'BLService.exe' - '1' module(s) sont contrôlés Processus de recherche 'QPSched.exe' - '1' module(s) sont contrôlés Processus de recherche 'QPCapSvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'LSSrvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'agrsmsvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'AEstSrv.exe' - '1' module(s) sont contrôlés Processus de recherche 'ACService.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'CCSVCHST.EXE' - '1' module(s) sont contrôlés Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés Processus de recherche 'wlanext.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'Ati2evxx.exe' - '1' module(s) sont contrôlés Processus de recherche 'hpservice.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'SLsvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'audiodg.exe' - '0' module(s) sont contrôlés Processus de recherche 'stacsv.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'Ati2evxx.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés Processus de recherche 'lsm.exe' - '1' module(s) sont contrôlés Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés Processus de recherche 'services.exe' - '1' module(s) sont contrôlés Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés Processus de recherche 'wininit.exe' - '1' module(s) sont contrôlés Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés '91' processus ont été contrôlés avec '91' modules La recherche sur les secteurs d'amorçage maître commence : Secteur d'amorçage maître HD0 [iNFO] Aucun virus trouvé ! La recherche sur les secteurs d'amorçage commence : Secteur d'amorçage 'C:\' [iNFO] Aucun virus trouvé ! Secteur d'amorçage 'D:\' [iNFO] Aucun virus trouvé ! La recherche sur les renvois aux fichiers exécutables (registre) commence : Le registre a été contrôlé ( '48' fichiers). La recherche sur les fichiers sélectionnés commence : Recherche débutant dans 'C:\' C:\hiberfil.sys [AVERTISSEMENT] Impossible d'ouvrir le fichier ! [REMARQUE] Ce fichier est un fichier système Windows. [REMARQUE] Il est correct que ce fichier ne puisse pas être ouvert pour la recherche. C:\pagefile.sys [AVERTISSEMENT] Impossible d'ouvrir le fichier ! [REMARQUE] Ce fichier est un fichier système Windows. [REMARQUE] Il est correct que ce fichier ne puisse pas être ouvert pour la recherche. C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll [AVERTISSEMENT] Impossible d'ouvrir le fichier ! Recherche débutant dans 'D:\' <HP_RECOVERY> Fin de la recherche : Friday, June 25, 2010 11:07 Temps nécessaire: 2:24:10 Heure(s) La recherche a été effectuée intégralement 32378 Les répertoires ont été contrôlés 697749 Des fichiers ont été contrôlés 0 Des virus ou programmes indésirables ont été trouvés 0 Des fichiers ont été classés comme suspects 0 Des fichiers ont été supprimés 0 Des virus ou programmes indésirables ont été réparés 0 Les fichiers ont été déplacés dans la quarantaine 0 Les fichiers ont été renommés 3 Impossible de contrôler des fichiers 697746 Fichiers non infectés 6278 Les archives ont été contrôlées 3 Avertissements 2 Consignes 122734 Des objets ont été contrôlés lors du Rootkitscan 0 Des objets cachés ont été trouvés rapport OTL All processes killed ========== FILES ========== File C:\_OTL_MovedFiles\06212010_222449\C_Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 not found. File C:\_OTL_MovedFiles\06212010_222449\C_Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 not found. File\Folder C:\Users\hugues\AppData\Local\owddcxwut not found. ========== REGISTRY ========== Registry value HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\hugues\AppData\Local\owddcxwut\kvqrbxgtssd.exe deleted successfully. Registry value HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\hugues\AppData\Local\owddcxwut\kvqrbxgtssd.exe not found. Registry value HKEY_USERS\S-1-5-21-1286651634-2638253971-3409342703-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\hugues\AppData\Local\owddcxwut\kvqrbxgtssd.exe not found. Registry value HKEY_USERS\S-1-5-21-1286651634-2638253971-3409342703-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\hugues\AppData\Local\owddcxwut\kvqrbxgtssd.exe not found. Registry value HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\hugues\AppData\Local\owddcxwut\kvqrbxgtssd.exe not found. Registry value HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\hugues\AppData\Local\owddcxwut\kvqrbxgtssd.exe not found. Registry value HKEY_USERS\S-1-5-21-1286651634-2638253971-3409342703-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\hugues\AppData\Local\owddcxwut\kvqrbxgtssd.exe not found. Registry value HKEY_USERS\S-1-5-21-1286651634-2638253971-3409342703-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\hugues\AppData\Local\owddcxwut\kvqrbxgtssd.exe not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: b ->Temp folder emptied: 1020364 bytes ->Temporary Internet Files folder emptied: 65673831 bytes ->Flash cache emptied: 1697 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Guest ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: hugues ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 4758543 bytes ->Java cache emptied: 0 bytes ->Google Chrome cache emptied: 0 bytes ->Flash cache emptied: 623 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 3056084 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 71.00 mb [EMPTYFLASH] User: All Users User: b ->Flash cache emptied: 0 bytes User: Default ->Flash cache emptied: 0 bytes User: Default User ->Flash cache emptied: 0 bytes User: Guest ->Flash cache emptied: 0 bytes User: hugues ->Flash cache emptied: 0 bytes User: Public Total Flash Files Cleaned = 0.00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.6.0 log created on 06252010_235403 OTL by OldTimer - Version 3.2.6.0 log created on 06252010_235403 merci beaucoup

salut et merci beaucoup pour les conseils. j'ai desinstaller avast. maintenant quand j'essaie d'installer antivir, un message d'incompatibaliter avec windows apparait. "THIS PROGRAM HAS KNOWN COMPATIBILITY ISSUES.Avira Antivir is incompatible with this version of windows." que dois -je faire maintenant? continuer avec l'installation? comment faire pour Ouvrir le gestionnaire des tâches et terminer les processus en rapport avec "Kernel Veryfier? merci beaucoup et @ ++++

salut et merci une fois de plus pour les conseils voici les deux procedures que tu demandes: voici les resultats de SEAF 1. ========================= SEAF 1.0.0.7 - C_XX 2. 3. Commencé à: 16:11:38 le 23/06/2010 4. 5. Valeur(s) recherchée(s): 6. 7. owddcxwut 8. kvqrbxgtssd 9. luduvupf 10. 11. (!) --- Calcul du Hash "MD5" 12. (!) --- Informations supplémentaires 13. (!) --- Recherche registre 14. 15. ====== Fichier(s) (TC: Date de création, TM: Date de modification, DA, Dernier accès) ====== 16. 17. Aucun fichier trouvé 18. 19. ====== Dossier(s) (TC: Date de création, TM: Date de modification, DA, Dernier accès) ====== 20. 21. "c:\_OTL\MovedFiles\06212010_060542\C_Users\hugues\AppData\Local\owddcxwut" [ ----D---- ] 22. TC: 19/06/2010,10:04:39 | TM: 21/06/2010,02:16:50 | DA: 21/06/2010,02:16:50 23. 24. ========================= 25. 26. 27. ====== Entrée(s) du registre ====== 28. 29. 30. 31. [HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] 32. "C:\Users\hugues\AppData\Local\owddcxwut\kvqrbxgtssd.exe"="Kernel Veryfier" 33. 34. [HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] 35. "C:\Users\hugues\AppData\Local\owddcxwut\kvqrbxgtssd.exe"="Kernel Veryfier" 36. 37. [HKEY_USERS\S-1-5-21-1286651634-2638253971-3409342703-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] 38. "C:\Users\hugues\AppData\Local\owddcxwut\kvqrbxgtssd.exe"="Kernel Veryfier" 39. 40. [HKEY_USERS\S-1-5-21-1286651634-2638253971-3409342703-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] 41. "C:\Users\hugues\AppData\Local\owddcxwut\kvqrbxgtssd.exe"="Kernel Veryfier" 42. 43. 44. 45. [HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] 46. "C:\Users\hugues\AppData\Local\owddcxwut\kvqrbxgtssd.exe"="Kernel Veryfier" 47. 48. [HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] 49. "C:\Users\hugues\AppData\Local\owddcxwut\kvqrbxgtssd.exe"="Kernel Veryfier" 50. 51. [HKEY_USERS\S-1-5-21-1286651634-2638253971-3409342703-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] 52. "C:\Users\hugues\AppData\Local\owddcxwut\kvqrbxgtssd.exe"="Kernel Veryfier" 53. 54. [HKEY_USERS\S-1-5-21-1286651634-2638253971-3409342703-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] 55. "C:\Users\hugues\AppData\Local\owddcxwut\kvqrbxgtssd.exe"="Kernel Veryfier" 56. 57. 58. 59. ========================= 60. 61. Fin à: 16:18:29 le 23/06/2010 ( E.O.F ) voici le nouveau rapport OTL avec les nouveaux parametres demandes. OTL logfile created on: 6/23/2010 7:20:35 PM - Run 4 OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\b\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18928) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 52.00% Memory free 6.00 Gb Paging File | 4.00 Gb Available in Paging File | 74.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 222.84 Gb Total Space | 134.81 Gb Free Space | 60.50% Space Free | Partition Type: NTFS Drive D: | 10.04 Gb Total Space | 1.72 Gb Free Space | 17.09% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: HUGUES-PC Current User Name: hugues Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2010/06/20 12:55:08 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\b\Desktop\OTL.scr PRC - [2010/05/06 13:59:42 | 002,815,192 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2010/05/06 13:59:38 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2009/11/02 17:24:58 | 000,257,440 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10d.exe PRC - [2009/09/28 09:42:50 | 000,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008/12/04 13:29:32 | 000,131,928 | ---- | M] (Microsoft Corp.) -- C:\Program Files\MSN\Toolbar\3.0.0988.2\msntask.exe PRC - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe PRC - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\CCSVCHST.EXE PRC - [2008/05/22 18:10:42 | 001,245,064 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe PRC - [2008/04/16 11:55:02 | 000,221,239 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\stacsv.exe PRC - [2008/03/26 15:26:56 | 000,341,328 | ---- | M] () -- C:\Windows\SMINST\BLService.exe PRC - [2008/02/11 22:05:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\AEstSrv.exe PRC - [2008/02/09 15:06:00 | 000,238,968 | ---- | M] (Symantec Corporation) -- c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe PRC - [2008/02/06 12:10:00 | 000,051,576 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\NPC\2.0\HSLoader.exe PRC - [2007/12/11 12:15:04 | 000,012,800 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe PRC - [2007/01/05 04:10:26 | 000,154,432 | R--- | M] (Primax Electronics Ltd.) -- C:\Windows\System32\PELMICED.EXE PRC - [2007/01/04 14:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe PRC - [2006/11/03 02:32:00 | 000,049,152 | R--- | M] (Primax Electronics Ltd.) -- C:\Windows\System32\ICO.EXE ========== Modules (SafeList) ========== MOD - [2010/06/20 12:55:08 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\b\Desktop\OTL.scr MOD - [2009/04/10 23:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll MOD - [2008/01/20 19:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx ========== Win32 Services (SafeList) ========== SRV - [2010/05/06 13:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner) SRV - [2010/05/06 13:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner) SRV - [2010/05/06 13:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2009/09/28 09:42:50 | 000,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2009/09/24 18:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService) SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice) SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService) SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr) SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr) SRV - [2008/09/05 11:52:32 | 003,220,856 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate) SRV - [2008/05/22 18:10:42 | 001,245,064 | ---- | M] () [On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC) SRV - [2008/04/16 11:55:02 | 000,221,239 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\stacsv.exe -- (STacSV) SRV - [2008/03/26 15:26:56 | 000,341,328 | ---- | M] () [Auto | Running] -- C:\Windows\SMINST\BLService.exe -- (Recovery Service for Windows) SRV - [2008/02/11 22:05:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\AEstSrv.exe -- (AESTFilters) SRV - [2008/02/09 15:06:00 | 000,238,968 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler) SRV - [2008/01/20 19:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007/12/11 12:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio) SRV - [2007/08/22 00:21:00 | 000,055,640 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost) SRV - [2007/01/04 14:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service) ========== Driver Services (SafeList) ========== DRV - [2010/05/06 13:39:23 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2010/05/06 13:39:00 | 000,164,048 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2010/05/06 13:34:27 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2010/05/06 13:34:10 | 000,051,792 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2010/05/06 13:33:47 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - [2010/02/26 21:34:18 | 000,025,656 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\hpdskflt.sys -- (hpdskflt) DRV - [2010/02/26 21:33:56 | 000,033,848 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer) DRV - [2009/12/30 12:21:16 | 000,027,192 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\revoflt.sys -- (Revoflt) DRV - [2009/09/30 02:00:00 | 001,323,568 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20090930.002\NAVEX15.SYS -- (NAVEX15) DRV - [2009/09/30 02:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2009/09/30 02:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2009/09/30 02:00:00 | 000,084,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20090930.002\NAVENG.SYS -- (NAVENG) DRV - [2009/09/02 04:09:24 | 000,176,128 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2009/07/17 05:40:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2009/02/19 12:31:42 | 000,024,112 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM) DRV - [2009/02/19 12:31:18 | 000,041,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMNDISV.SYS -- (SYMNDISV) DRV - [2009/02/19 12:31:16 | 000,184,496 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI) DRV - [2009/02/19 12:31:16 | 000,096,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMFW.SYS -- (SYMFW) DRV - [2009/02/19 12:31:16 | 000,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV) DRV - [2009/02/19 12:31:16 | 000,013,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMDNS.SYS -- (SYMDNS) DRV - [2009/01/10 09:17:09 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent) DRV - [2008/11/21 22:53:40 | 001,204,128 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2008/09/12 00:33:24 | 000,270,384 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20081106.001\IDSvix86.sys -- (IDSvix86) DRV - [2008/09/05 14:31:42 | 000,447,024 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv) DRV - [2008/07/30 17:42:12 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\COH_Mon.sys -- (COH_Mon) DRV - [2008/04/27 11:07:44 | 000,909,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2008/04/21 20:59:04 | 000,062,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTSTOR.sys -- (RTSTOR) DRV - [2008/04/16 11:58:24 | 000,379,904 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA) DRV - [2008/04/14 15:56:18 | 000,170,000 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\ahcix86s.sys -- (ahcix86s) DRV - [2008/03/28 04:24:16 | 003,544,064 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2008/01/31 16:51:00 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL) DRV - [2008/01/31 16:51:00 | 000,279,088 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP) DRV - [2008/01/31 16:51:00 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX) DRV - [2008/01/23 14:23:12 | 000,052,736 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir) DRV - [2008/01/20 19:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR) DRV - [2008/01/20 19:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2008/01/20 19:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2008/01/20 19:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2008/01/20 19:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2008/01/20 19:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2008/01/20 19:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2008/01/20 19:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2008/01/20 19:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2008/01/20 19:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel® DRV - [2008/01/20 19:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2008/01/20 19:23:23 | 000,654,336 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (winachsf) DRV - [2008/01/20 19:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2008/01/20 19:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2008/01/20 19:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2008/01/20 19:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2008/01/20 19:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2008/01/20 19:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2008/01/20 19:23:22 | 000,987,648 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (HSF_DPV) DRV - [2008/01/20 19:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2008/01/20 19:23:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL) DRV - [2008/01/20 19:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2008/01/20 19:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2008/01/20 19:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2008/01/20 19:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2008/01/20 19:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008/01/20 19:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2008/01/20 19:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2008/01/17 12:31:26 | 000,196,784 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP) DRV - [2008/01/07 13:42:04 | 000,015,416 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\Amddfltr.sys -- (Amddfltr) DRV - [2007/08/08 16:39:00 | 000,036,056 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\CO_Mon.sys -- (CO_Mon) DRV - [2007/07/11 10:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HpqRemHid.sys -- (HpqRemHid) DRV - [2007/07/03 16:58:20 | 000,106,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm) DRV - [2007/07/03 16:57:24 | 000,011,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl) DRV - [2007/07/03 16:54:24 | 000,080,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM) DRV - [2007/06/18 17:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV - [2007/05/02 11:12:36 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssm_mdm.sys -- (ssm_mdm) DRV - [2007/05/02 11:12:36 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssm_mdfl.sys -- (ssm_mdfl) DRV - [2007/05/02 11:12:34 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssm_bus.sys -- (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM) DRV - [2006/11/03 02:33:00 | 000,016,512 | R--- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PELMOUSE.SYS -- (pelmouse) DRV - [2006/11/03 02:33:00 | 000,013,184 | R--- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PELUSBlf.SYS -- (pelusblf) DRV - [2006/11/02 02:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006/11/02 02:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006/11/02 02:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006/11/02 02:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006/11/02 02:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006/11/02 02:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006/11/02 02:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006/11/02 02:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006/11/02 02:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006/11/02 02:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006/11/02 02:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006/11/02 01:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006/11/02 01:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006/11/02 01:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006/11/02 01:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006/11/02 01:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006/11/02 01:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006/11/02 00:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006/11/02 00:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm60x32.sys -- (NVENETFD) DRV - [2006/11/02 00:30:53 | 000,464,384 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XV) DRV - [2006/10/29 13:23:12 | 000,007,680 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO) DRV - [2004/02/04 11:27:56 | 000,049,536 | ---- | M] (Texas Instruments Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tiehdusb.sys -- (TIEHDUSB) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = AOL.com - Welcome to AOL IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = AOL.com - Welcome to AOL IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = {searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Search the Web IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = AOL.com - Welcome to AOL IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = AOL.com - Welcome to AOL IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = {searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Search the Web IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555 FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008/11/05 00:58:53 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/02/08 08:42:11 | 000,000,000 | ---D | M] [2010/01/15 01:45:19 | 000,000,000 | ---D | M] -- C:\Users\hugues\AppData\Roaming\Mozilla\Extensions [2010/01/15 01:45:19 | 000,000,000 | ---D | M] -- C:\Users\hugues\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org O1 HOSTS File: ([2010/06/21 22:40:56 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.) O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll (Symantec Corporation) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.) O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll (Yahoo! Inc) O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (&Browsertools by imediacentral.com) - {46BA7FF1-D32A-4369-88BF-882830A8FA67} - C:\Windows\System32\imediacentral_com_browsertools.dll () O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll (Symantec Corporation) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software) O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard) O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [Mouse Suite 98 Daemon] C:\Windows\System32\ICO.EXE (Primax Electronics Ltd.) O4 - HKLM..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [imediacentral.com] File not found O4 - HKCU..\Run: [internetCalls] C:\Program Files\InternetCalls.com\InternetCalls\internetcalls.exe (InternetCalls) O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKLM..\RunOnce: [] File not found O4 - HKLM..\RunOnce: [*WerKernelReporting] C:\Windows\System32\WerFault.exe (Microsoft Corporation) O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKCU..\RunOnce: [shockwave Updater] C:\Windows\System32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -Mozilla\4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident\4.0; File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet) O16 - DPF: {44990B00-3C9D-426D-81DF-AAB636FA4345} https://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlcm.cab (Symantec Configuration Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 68.87.73.246 68.87.71.230 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\hugues\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O24 - Desktop BackupWallPaper: C:\Users\hugues\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008/05/22 19:20:45 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{63c3d3ce-aa61-11de-89d9-001e68ce36a8}\Shell - "" = AutoRun O33 - MountPoints2\{63c3d3ce-aa61-11de-89d9-001e68ce36a8}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010/06/23 15:01:34 | 000,000,000 | ---D | C] -- C:\Program Files\SEAF [2010/06/21 06:05:42 | 000,000,000 | ---D | C] -- C:\_OTL [2010/06/20 09:23:20 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010/06/20 09:23:19 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010/06/20 09:23:19 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010/06/09 04:15:29 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll [2010/06/09 04:15:26 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2010/06/09 04:15:26 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2010/06/09 04:15:12 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010/06/09 04:15:12 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2010/06/09 04:15:12 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010/06/09 04:15:11 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2010/06/09 04:15:10 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2010/06/09 04:15:10 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2010/06/09 04:15:10 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2010/06/09 04:15:09 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2010/06/09 04:15:09 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2010/06/09 04:15:09 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010/06/09 04:15:05 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2010/06/09 04:15:05 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2010/06/09 04:15:05 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2010/06/09 04:15:05 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2010/06/09 04:15:05 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2010/06/09 04:15:03 | 002,037,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2010/06/07 22:12:14 | 000,164,048 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys [2010/06/07 22:12:14 | 000,019,024 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys [2010/06/07 22:12:12 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys [2010/06/07 22:12:10 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys [2010/06/07 22:12:09 | 000,051,792 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys [2010/06/07 22:11:29 | 000,165,032 | ---- | C] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe [2010/06/07 22:11:29 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\System32\avastSS.scr [2010/06/07 18:45:43 | 000,000,000 | ---D | C] -- C:\Users\hugues\Documents\New Folder [2010/05/26 02:32:29 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [8 C:\Users\hugues\Documents\*.tmp files -> C:\Users\hugues\Documents\*.tmp -> ] [6 C:\Users\hugues\Desktop\*.tmp files -> C:\Users\hugues\Desktop\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010/06/23 19:09:44 | 005,242,880 | -HS- | M] () -- C:\Users\hugues\ntuser.dat [2010/06/23 19:07:49 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010/06/23 19:07:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010/06/23 15:21:56 | 000,524,288 | -HS- | M] () -- C:\Users\hugues\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms [2010/06/23 15:21:56 | 000,065,536 | -HS- | M] () -- C:\Users\hugues\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf [2010/06/23 15:13:18 | 000,000,267 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini [2010/06/23 15:11:26 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010/06/23 15:08:14 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010/06/23 15:08:07 | 000,000,736 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010/06/23 15:08:07 | 000,000,736 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010/06/23 15:07:58 | 2950,520,832 | -HS- | M] () -- C:\hiberfil.sys [2010/06/23 15:04:59 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2010/06/23 07:18:28 | 006,291,456 | -H-- | M] () -- C:\Users\hugues\AppData\Local\IconCache.db [2010/06/22 22:51:47 | 345,746,458 | ---- | M] () -- C:\Windows\MEMORY.DMP [2010/06/22 21:47:12 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{4FF765DE-3D32-47CA-86EB-2C70321932C3}.job [2010/06/22 04:14:01 | 000,011,415 | ---- | M] () -- C:\Users\Public\Documents\Malwarebytes.docx [2010/06/21 22:40:56 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts [2010/06/21 21:54:16 | 000,000,548 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - hugues.job [2010/06/20 09:23:24 | 000,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010/06/19 22:59:49 | 000,000,632 | RHS- | M] () -- C:\Users\hugues\ntuser.pol [2010/06/17 08:13:43 | 000,035,840 | ---- | M] () -- C:\Users\hugues\Desktop\gc hugues.doc [2010/06/17 08:13:03 | 000,035,840 | ---- | M] () -- C:\Users\hugues\Desktop\GC lab gaelle.doc [2010/06/17 04:46:33 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$ lab gaelle.doc [2010/06/17 04:45:58 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$ hugues.doc [2010/06/17 04:45:30 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$C lab 2.docx [2010/06/13 22:10:56 | 002,614,028 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 09 ch203 organic.pptx [2010/06/13 12:34:15 | 002,614,028 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 09 ch 203 orga.pptx [2010/06/13 12:18:50 | 005,805,056 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 08 ch203 orga.ppt [2010/06/13 12:17:40 | 003,503,964 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 07 ch203 orga.pptx [2010/06/13 12:15:47 | 006,023,586 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 06 ch203 orga.pptx [2010/06/13 12:14:55 | 003,945,009 | ---- | M] () -- C:\Users\hugues\Desktop\chapter ch203 orga.pptx [2010/06/13 12:12:46 | 005,711,819 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 04 ch 203 orga.pptx [2010/06/13 12:10:28 | 003,787,717 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 03 ch203 orga.pptx [2010/06/13 12:07:49 | 007,697,442 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 02 ch203 orga.pptx [2010/06/13 12:05:09 | 009,198,158 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 01 ch203 orga.pptx [2010/06/12 09:09:05 | 000,121,856 | ---- | M] () -- C:\Users\hugues\Desktop\answer exam 1 organic.ppt [2010/06/10 21:47:20 | 000,402,984 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010/06/10 05:32:01 | 000,000,402 | ---- | M] () -- C:\Windows\tasks\EasyShare Registration Task.job [2010/06/09 22:51:53 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2010/06/09 05:56:44 | 000,011,218 | ---- | M] () -- C:\Users\hugues\Desktop\post lab.docx [2010/06/07 22:12:15 | 000,001,840 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2010/06/07 22:12:09 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [2010/06/07 01:49:26 | 000,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010/06/07 01:49:26 | 000,595,684 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010/06/07 01:49:26 | 000,101,350 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010/06/06 09:02:08 | 000,010,553 | ---- | M] () -- C:\Users\hugues\Documents\On your birthday.docx [2010/06/06 08:56:41 | 000,000,430 | ---- | M] () -- C:\Windows\tasks\Driver Robot.job [2010/06/05 07:05:45 | 000,000,000 | ---- | M] () -- C:\ProgramData\LauncherAccess.dt [2010/06/05 07:02:27 | 000,029,184 | ---- | M] () -- C:\Users\hugues\Desktop\Melting Point hugues.doc [2010/06/05 07:01:57 | 000,040,960 | ---- | M] () -- C:\Users\hugues\Desktop\tlc hugues.doc [2010/06/05 07:01:06 | 000,264,704 | ---- | M] () -- C:\Users\hugues\Documents\example lab Report tlc.doc [2010/06/03 00:56:04 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForhugues.job [2010/06/03 00:28:25 | 000,014,299 | ---- | M] () -- C:\Users\hugues\Desktop\TLC lab 2.docx [2010/06/01 00:21:16 | 000,059,982 | ---- | M] () -- C:\Users\hugues\Documents\conversa with ga.docx [2010/05/31 02:56:09 | 000,015,737 | ---- | M] () -- C:\Users\hugues\Documents\Selam gaell1.docx [2010/05/27 13:47:40 | 000,021,950 | ---- | M] () -- C:\Users\hugues\Documents\selam gaelle.docx [2010/05/27 10:13:14 | 000,014,782 | ---- | M] () -- C:\Users\hugues\Documents\selam gaelle 1(Autosaved).docx [2010/05/27 10:13:14 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Documents\~$lam gaelle 1(Autosaved).docx [2010/05/26 16:55:16 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Documents\~$lam gaelle.docx [2010/05/26 15:52:00 | 000,164,955 | ---- | M] () -- C:\Users\hugues\Documents\si l'amitie.docx [2010/05/26 14:23:03 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Documents\~$ l'amitie.docx [2010/05/26 13:27:01 | 000,028,514 | ---- | M] () -- C:\Users\hugues\Documents\excuse moi pour today.docx [2010/05/26 12:31:41 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Documents\~$cuse moi pour today.docx [2010/05/26 10:06:41 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2010/05/26 08:58:25 | 000,012,493 | ---- | M] () -- C:\Users\hugues\Documents\tu sais quoi.docx [2010/05/26 07:47:41 | 000,289,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [8 C:\Users\hugues\Documents\*.tmp files -> C:\Users\hugues\Documents\*.tmp -> ] [6 C:\Users\hugues\Desktop\*.tmp files -> C:\Users\hugues\Desktop\*.tmp -> ] ========== Files Created - No Company Name ========== [2010/06/22 04:14:00 | 000,011,415 | ---- | C] () -- C:\Users\Public\Documents\Malwarebytes.docx [2010/06/20 09:23:24 | 000,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010/06/19 22:59:49 | 000,000,632 | RHS- | C] () -- C:\Users\hugues\ntuser.pol [2010/06/17 04:46:33 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$ lab gaelle.doc [2010/06/17 04:45:58 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$ hugues.doc [2010/06/17 04:45:56 | 000,035,840 | ---- | C] () -- C:\Users\hugues\Desktop\gc hugues.doc [2010/06/17 04:45:30 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$C lab 2.docx [2010/06/17 04:22:13 | 000,035,840 | ---- | C] () -- C:\Users\hugues\Desktop\GC lab gaelle.doc [2010/06/13 22:10:39 | 002,614,028 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 09 ch203 organic.pptx [2010/06/13 12:34:00 | 002,614,028 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 09 ch 203 orga.pptx [2010/06/13 12:18:46 | 005,805,056 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 08 ch203 orga.ppt [2010/06/13 12:17:24 | 003,503,964 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 07 ch203 orga.pptx [2010/06/13 12:15:43 | 006,023,586 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 06 ch203 orga.pptx [2010/06/13 12:14:37 | 003,945,009 | ---- | C] () -- C:\Users\hugues\Desktop\chapter ch203 orga.pptx [2010/06/13 12:12:42 | 005,711,819 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 04 ch 203 orga.pptx [2010/06/13 12:10:24 | 003,787,717 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 03 ch203 orga.pptx [2010/06/13 12:07:44 | 007,697,442 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 02 ch203 orga.pptx [2010/06/13 12:05:05 | 009,198,158 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 01 ch203 orga.pptx [2010/06/12 09:08:59 | 000,121,856 | ---- | C] () -- C:\Users\hugues\Desktop\answer exam 1 organic.ppt [2010/06/09 05:44:17 | 000,011,218 | ---- | C] () -- C:\Users\hugues\Desktop\post lab.docx [2010/06/07 22:13:05 | 000,001,971 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2010/06/07 22:12:15 | 000,001,840 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2010/06/06 09:02:00 | 000,010,553 | ---- | C] () -- C:\Users\hugues\Documents\On your birthday.docx [2010/06/05 07:01:05 | 000,264,704 | ---- | C] () -- C:\Users\hugues\Documents\example lab Report tlc.doc [2010/06/03 00:28:24 | 000,014,299 | ---- | C] () -- C:\Users\hugues\Desktop\TLC lab 2.docx [2010/06/02 23:11:37 | 000,040,960 | ---- | C] () -- C:\Users\hugues\Desktop\tlc hugues.doc [2010/06/02 23:05:41 | 000,012,814 | ---- | C] () -- C:\Users\hugues\Documents\physics (2).docx [2010/06/02 23:05:30 | 000,069,120 | ---- | C] () -- C:\Users\hugues\Documents\BIOL_4501_F04_exam2.doc [2010/06/02 23:05:30 | 000,057,344 | ---- | C] () -- C:\Users\hugues\Documents\ch_11_instructor_guide micro.doc [2010/06/02 23:05:30 | 000,050,688 | ---- | C] () -- C:\Users\hugues\Documents\PH204_Practice_Final_Exam.doc [2010/06/02 23:05:30 | 000,024,819 | ---- | C] () -- C:\Users\hugues\Documents\gaelle micro.docx [2010/06/02 23:05:30 | 000,001,871 | ---- | C] () -- C:\Users\hugues\Documents\HP Help and Support.lnk [2010/06/02 23:05:29 | 000,298,496 | ---- | C] () -- C:\Users\hugues\Documents\ch_14_test_bank micro.doc [2010/06/02 23:05:29 | 000,219,136 | ---- | C] () -- C:\Users\hugues\Documents\Chapter17web.doc [2010/06/02 23:05:29 | 000,196,096 | ---- | C] () -- C:\Users\hugues\Documents\Lect Notes 203.doc [2010/06/02 23:05:29 | 000,133,120 | ---- | C] () -- C:\Users\hugues\Documents\Chapter16web.doc [2010/06/02 23:05:29 | 000,076,288 | ---- | C] () -- C:\Users\hugues\Documents\ch_14_instructor_guide.doc [2010/06/02 23:05:29 | 000,074,240 | ---- | C] () -- C:\Users\hugues\Documents\BI 203 Test 16.doc [2010/06/02 23:05:29 | 000,062,976 | ---- | C] () -- C:\Users\hugues\Documents\ch_15_test_bank biology.doc [2010/06/02 23:05:29 | 000,055,296 | ---- | C] () -- C:\Users\hugues\Documents\BI 203 Test 17.doc [2010/06/02 23:05:29 | 000,021,346 | ---- | C] () -- C:\Users\hugues\Documents\harmonic.docx [2010/06/02 23:05:29 | 000,018,180 | ---- | C] () -- C:\Users\hugues\Documents\vocabulary for microbiology chapter 14.docx [2010/06/02 23:05:28 | 001,743,872 | ---- | C] () -- C:\Users\hugues\Documents\chapter11book.doc [2010/06/02 23:05:28 | 000,251,904 | ---- | C] () -- C:\Users\hugues\Documents\Energy-in-Thermal-Processes.ppt [2010/06/02 23:05:28 | 000,070,926 | ---- | C] () -- C:\Users\hugues\Documents\heat and fusion lab.docx [2010/06/02 23:05:28 | 000,054,272 | ---- | C] () -- C:\Users\hugues\Documents\Unknown Lab Report.doc [2010/06/02 23:05:28 | 000,048,128 | ---- | C] () -- C:\Users\hugues\Documents\Exam2 F2006.doc [2010/06/02 23:05:28 | 000,045,568 | ---- | C] () -- C:\Users\hugues\Documents\objective chapter micro.doc [2010/06/02 23:05:28 | 000,013,972 | ---- | C] () -- C:\Users\hugues\Documents\Jean Emmanuel Durace Professor Steve Microbiology Unknown.docx [2010/06/02 23:05:27 | 001,728,000 | ---- | C] () -- C:\Users\hugues\Documents\Vibrations-and-Waves.ppt [2010/06/02 23:05:27 | 000,234,496 | ---- | C] () -- C:\Users\hugues\Documents\Fluid.doc [2010/06/02 23:05:27 | 000,167,424 | ---- | C] () -- C:\Users\hugues\Documents\Archimedes.doc [2010/06/02 23:05:27 | 000,096,768 | ---- | C] () -- C:\Users\hugues\Documents\ACS Practice Test 1.doc [2010/06/02 23:05:27 | 000,062,464 | ---- | C] () -- C:\Users\hugues\Documents\212Lab01_Archimedes.doc [2010/06/02 23:05:27 | 000,046,592 | ---- | C] () -- C:\Users\hugues\Documents\me313-5W08.doc [2010/06/02 23:05:27 | 000,037,376 | ---- | C] () -- C:\Users\hugues\Documents\Answer Key acs Test 2.doc [2010/06/02 23:05:27 | 000,033,792 | ---- | C] () -- C:\Users\hugues\Documents\Answer Key acsTest 1.doc [2010/06/02 23:05:27 | 000,032,979 | ---- | C] () -- C:\Users\hugues\Documents\Cinchona and its Product.docx [2010/06/02 23:05:27 | 000,029,757 | ---- | C] () -- C:\Users\hugues\Documents\GNLD Online Store.docx [2010/06/02 23:05:26 | 005,795,840 | ---- | C] () -- C:\Users\hugues\Documents\Chapter17_LEC.ppt [2010/06/02 23:05:26 | 000,062,281 | ---- | C] () -- C:\Users\hugues\Documents\archimed.docx [2010/06/02 23:05:25 | 010,184,192 | ---- | C] () -- C:\Users\hugues\Documents\Chapter15_LEC.ppt [2010/06/02 23:05:23 | 012,636,160 | ---- | C] () -- C:\Users\hugues\Documents\Chapter16_ chemistry.ppt [2010/06/02 23:05:23 | 000,378,373 | ---- | C] () -- C:\Users\hugues\Documents\A block of cherry wood that is 20 cm long.docx [2010/06/02 23:05:23 | 000,011,353 | ---- | C] () -- C:\Users\hugues\Documents\Problem1.docx [2010/06/02 23:05:22 | 006,416,896 | ---- | C] () -- C:\Users\hugues\Documents\sln chapter7 prof.doc [2010/06/02 23:05:22 | 005,068,288 | ---- | C] () -- C:\Users\hugues\Documents\sln chapter9 prof.doc [2010/06/02 23:05:22 | 002,890,240 | ---- | C] () -- C:\Users\hugues\Documents\prob chapter9 prof.doc [2010/06/02 23:05:22 | 002,040,832 | ---- | C] () -- C:\Users\hugues\Documents\problem chapter7 prof.doc [2010/06/02 23:05:22 | 001,886,208 | ---- | C] () -- C:\Users\hugues\Documents\Rotational-Equilibrium-and-dynamics.ppt [2010/06/02 23:05:22 | 000,055,770 | ---- | C] () -- C:\Users\hugues\Documents\lab equilibruim.docx [2010/06/02 23:05:22 | 000,011,316 | ---- | C] () -- C:\Users\hugues\Documents\physics lab 7.docx [2010/06/02 23:05:21 | 000,947,200 | ---- | C] () -- C:\Users\hugues\Documents\exam biolo.doc [2010/06/02 23:05:21 | 000,196,096 | ---- | C] () -- C:\Users\hugues\Documents\Lect Notes 203.doc [2010/06/02 05:22:59 | 000,029,184 | ---- | C] () -- C:\Users\hugues\Desktop\Melting Point hugues.doc [2010/06/01 00:21:14 | 000,059,982 | ---- | C] () -- C:\Users\hugues\Documents\conversa with ga.docx [2010/05/31 01:40:55 | 000,015,737 | ---- | C] () -- C:\Users\hugues\Documents\Selam gaell1.docx [2010/05/27 10:13:14 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Documents\~$lam gaelle 1(Autosaved).docx [2010/05/27 10:13:13 | 000,014,782 | ---- | C] () -- C:\Users\hugues\Documents\selam gaelle 1(Autosaved).docx [2010/05/26 16:55:16 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Documents\~$lam gaelle.docx [2010/05/26 14:23:03 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Documents\~$ l'amitie.docx [2010/05/26 14:23:02 | 000,164,955 | ---- | C] () -- C:\Users\hugues\Documents\si l'amitie.docx [2010/05/26 12:31:41 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Documents\~$cuse moi pour today.docx [2010/05/26 12:31:39 | 000,028,514 | ---- | C] () -- C:\Users\hugues\Documents\excuse moi pour today.docx [2010/05/26 08:58:23 | 000,012,493 | ---- | C] () -- C:\Users\hugues\Documents\tu sais quoi.docx [2010/05/26 08:58:06 | 000,021,950 | ---- | C] () -- C:\Users\hugues\Documents\selam gaelle.docx [2009/09/18 07:33:28 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009/06/13 08:36:24 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2009/05/30 23:05:15 | 000,719,360 | ---- | C] () -- C:\Windows\System32\imediacentral_com_browsertools.dll [2009/05/30 23:05:15 | 000,343,040 | ---- | C] () -- C:\Windows\System32\browsertools_helper.dll [2009/03/05 07:54:58 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2009/02/22 14:33:20 | 000,001,208 | ---- | C] () -- C:\Windows\Radio_Fr.ini [2008/10/12 05:07:08 | 000,008,771 | ---- | C] () -- C:\Windows\System32\Setup2k.ini [2008/10/12 05:07:08 | 000,000,184 | ---- | C] () -- C:\Windows\System32\presetup.ini [2008/03/28 02:19:10 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2006/11/02 05:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 00:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006/03/08 10:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll ========== Custom Scans ========== < :OTL > < dir /s C:\_OTL\MovedFiles /c > Volume in drive C has no label. Volume Serial Number is 4179-A3DD Directory of C:\_OTL\MOVEDFILES 06/21/2010 10:40 PM <DIR> . 06/21/2010 10:40 PM <DIR> .. 06/21/2010 06:05 AM <DIR> 06212010_060541 06/21/2010 06:05 AM <DIR> 06212010_060542 06/21/2010 10:23 PM 13,048 06212010_060542.log 06/21/2010 10:36 PM <DIR> 06212010_222449 06/21/2010 10:36 PM 13,318 06212010_222449.log 06/23/2010 07:08 PM <DIR> 06212010_223844 06/23/2010 07:09 PM 14,422 06212010_223844.log 3 File(s) 40,788 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060541 06/21/2010 06:05 AM <DIR> . 06/21/2010 06:05 AM <DIR> .. 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542 06/21/2010 06:05 AM <DIR> . 06/21/2010 06:05 AM <DIR> .. 06/21/2010 10:23 PM <DIR> C_Users 06/21/2010 10:23 PM <DIR> C_Windows 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Users 06/21/2010 10:23 PM <DIR> . 06/21/2010 10:23 PM <DIR> .. 06/21/2010 10:23 PM <DIR> b 06/21/2010 06:05 AM <DIR> hugues 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Users\b 06/21/2010 10:23 PM <DIR> . 06/21/2010 10:23 PM <DIR> .. 06/21/2010 10:23 PM <DIR> AppData 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Users\b\AppData 06/21/2010 10:23 PM <DIR> . 06/21/2010 10:23 PM <DIR> .. 06/21/2010 10:23 PM <DIR> Local 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Users\b\AppData\Local 06/21/2010 10:23 PM <DIR> . 06/21/2010 10:23 PM <DIR> .. 06/21/2010 10:23 PM <DIR> Microsoft 06/21/2010 10:23 PM <DIR> Temp 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Users\b\AppData\Local\Microsoft 06/21/2010 10:23 PM <DIR> . 06/21/2010 10:23 PM <DIR> .. 06/21/2010 10:23 PM <DIR> Windows 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Users\b\AppData\Local\Microsoft\Windows 06/21/2010 10:23 PM <DIR> . 06/21/2010 10:23 PM <DIR> .. 06/21/2010 10:23 PM <DIR> Temporary Internet Files 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files 06/21/2010 10:23 PM <DIR> . 06/21/2010 10:23 PM <DIR> .. 06/21/2010 10:23 PM <DIR> Content.IE5 06/21/2010 10:23 PM <DIR> Low 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 06/21/2010 10:23 PM <DIR> . 06/21/2010 10:23 PM <DIR> .. 06/21/2010 10:23 PM <DIR> PA65AMD5 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PA65AMD5 06/21/2010 10:23 PM <DIR> . 06/21/2010 10:23 PM <DIR> .. 06/21/2010 07:23 AM 1,494 data[6].aspx 1 File(s) 1,494 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low 06/21/2010 10:23 PM <DIR> . 06/21/2010 10:23 PM <DIR> .. 06/21/2010 10:23 PM <DIR> Content.IE5 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 06/21/2010 10:23 PM <DIR> . 06/21/2010 10:23 PM <DIR> .. 06/21/2010 10:23 PM <DIR> BVI0N832 06/21/2010 10:23 PM <DIR> LZCSSH2I 06/21/2010 10:23 PM <DIR> OGZS410X 06/21/2010 10:23 PM <DIR> X9S8N15T 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BVI0N832 06/21/2010 10:23 PM <DIR> . 06/21/2010 10:23 PM <DIR> .. 06/21/2010 05:56 AM 5,836 ads[6].txt 06/21/2010 05:56 AM 978 afr[3].php 06/21/2010 05:56 AM 981 afr[4].php 06/20/2010 07:22 PM 1,215 povh[1].htm 06/21/2010 05:56 AM 600,662 security-warning-application-cannot-be-executed-the-file-t177544[1].html 5 File(s) 609,672 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LZCSSH2I 06/21/2010 10:23 PM <DIR> . 06/21/2010 10:23 PM <DIR> .. 06/20/2010 07:22 PM 622 ban_home_728x90[1].htm 1 File(s) 622 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OGZS410X 06/21/2010 10:23 PM <DIR> . 06/21/2010 10:23 PM <DIR> .. 06/21/2010 05:59 AM 2,601 229f14[1].txt 06/21/2010 05:56 AM 0 img[5].txt 06/21/2010 05:56 AM 0 img[6].txt 3 File(s) 2,601 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X9S8N15T 06/21/2010 10:23 PM <DIR> . 06/21/2010 10:23 PM <DIR> .. 06/20/2010 07:22 PM 390 AP_ADV_300x250[1].htm 06/20/2010 07:22 PM 406 AP_ADV_728x90[1].htm 06/20/2010 07:22 PM 623 rectangle_300x250[1].htm 3 File(s) 1,419 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Users\b\AppData\Local\Temp 06/21/2010 10:23 PM <DIR> . 06/21/2010 10:23 PM <DIR> .. 06/21/2010 10:23 PM <DIR> Low 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Users\b\AppData\Local\Temp\Low 06/21/2010 10:23 PM <DIR> . 06/21/2010 10:23 PM <DIR> .. 06/21/2010 05:58 AM 16,384 ~DF5BCF.tmp 06/21/2010 05:53 AM 16,384 ~DFEBFD.tmp 2 File(s) 32,768 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Users\hugues 06/21/2010 06:05 AM <DIR> . 06/21/2010 06:05 AM <DIR> .. 06/21/2010 06:05 AM <DIR> AppData 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Users\hugues\AppData 06/21/2010 06:05 AM <DIR> . 06/21/2010 06:05 AM <DIR> .. 06/21/2010 06:05 AM <DIR> Local 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Users\hugues\AppData\Local 06/21/2010 06:05 AM <DIR> . 06/21/2010 06:05 AM <DIR> .. 06/21/2010 02:16 AM <DIR> owddcxwut 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Users\hugues\AppData\Local\owddcxwut 06/21/2010 02:16 AM <DIR> . 06/21/2010 02:16 AM <DIR> .. 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Windows 06/21/2010 10:23 PM <DIR> . 06/21/2010 10:23 PM <DIR> .. 06/21/2010 10:28 PM <DIR> System32 06/21/2010 10:23 PM <DIR> temp 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Windows\System32 06/21/2010 10:28 PM <DIR> . 06/21/2010 10:28 PM <DIR> .. 06/21/2010 08:04 AM <DIR> drivers 05/12/2009 01:31 PM 666,112 recctrl2.exe 1 File(s) 666,112 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Windows\System32\drivers 06/21/2010 08:04 AM <DIR> . 06/21/2010 08:04 AM <DIR> .. 06/21/2010 08:04 AM <DIR> etc 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Windows\System32\drivers\etc 06/21/2010 08:04 AM <DIR> . 06/21/2010 08:04 AM <DIR> .. 09/18/2006 02:41 PM 761 hosts 1 File(s) 761 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Windows\temp 06/21/2010 10:23 PM <DIR> . 06/21/2010 10:23 PM <DIR> .. 06/21/2010 10:23 PM <DIR> _avast5_ 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Windows\temp\_avast5_ 06/21/2010 10:23 PM <DIR> . 06/21/2010 10:23 PM <DIR> .. 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449 06/21/2010 10:36 PM <DIR> . 06/21/2010 10:36 PM <DIR> .. 06/21/2010 10:36 PM <DIR> C_Users 06/21/2010 10:36 PM <DIR> C_Windows 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449\C_Users 06/21/2010 10:36 PM <DIR> . 06/21/2010 10:36 PM <DIR> .. 06/21/2010 10:36 PM <DIR> b 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449\C_Users\b 06/21/2010 10:36 PM <DIR> . 06/21/2010 10:36 PM <DIR> .. 06/21/2010 10:36 PM <DIR> AppData 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449\C_Users\b\AppData 06/21/2010 10:36 PM <DIR> . 06/21/2010 10:36 PM <DIR> .. 06/21/2010 10:36 PM <DIR> Local 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449\C_Users\b\AppData\Local 06/21/2010 10:36 PM <DIR> . 06/21/2010 10:36 PM <DIR> .. 06/21/2010 10:36 PM <DIR> Microsoft 06/21/2010 10:36 PM <DIR> Temp 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449\C_Users\b\AppData\Local\Microsoft 06/21/2010 10:36 PM <DIR> . 06/21/2010 10:36 PM <DIR> .. 06/21/2010 10:36 PM <DIR> Windows 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449\C_Users\b\AppData\Local\Microsoft\Windows 06/21/2010 10:36 PM <DIR> . 06/21/2010 10:36 PM <DIR> .. 06/21/2010 10:36 PM <DIR> Temporary Internet Files 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files 06/21/2010 10:36 PM <DIR> . 06/21/2010 10:36 PM <DIR> .. 06/21/2010 10:36 PM <DIR> Content.IE5 06/21/2010 10:36 PM <DIR> Low 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 06/21/2010 10:36 PM <DIR> . 06/21/2010 10:36 PM <DIR> .. 06/21/2010 10:36 PM <DIR> E8NUGQAA 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8NUGQAA 06/21/2010 10:36 PM <DIR> . 06/21/2010 10:36 PM <DIR> .. 06/21/2010 09:59 PM 1,473 data[1].aspx 1 File(s) 1,473 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low 06/21/2010 10:36 PM <DIR> . 06/21/2010 10:36 PM <DIR> .. 06/21/2010 10:36 PM <DIR> Content.IE5 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 06/21/2010 10:36 PM <DIR> . 06/21/2010 10:36 PM <DIR> .. 06/21/2010 10:36 PM <DIR> 3TL1A01F 06/21/2010 10:36 PM <DIR> U5TLSIFY 06/21/2010 10:36 PM <DIR> W3H0925M 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3TL1A01F 06/21/2010 10:36 PM <DIR> . 06/21/2010 10:36 PM <DIR> .. 06/21/2010 10:06 PM 5,719 ads[2].txt 06/21/2010 10:06 PM 978 afr[1].php 06/21/2010 10:06 PM 981 afr[2].php 06/21/2010 10:00 PM 622 ban_home_728x90[1].htm 06/21/2010 10:00 PM 1,215 povh[1].htm 06/21/2010 10:00 PM 623 rectangle_300x250[1].htm 06/21/2010 10:06 PM 600,662 security-warning-application-cannot-be-executed-the-file-t177544[1].html 7 File(s) 610,800 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U5TLSIFY 06/21/2010 10:36 PM <DIR> . 06/21/2010 10:36 PM <DIR> .. 06/21/2010 10:08 PM 2,601 229f14[1].txt 06/21/2010 10:00 PM 390 AP_ADV_300x250[1].htm 06/21/2010 10:00 PM 406 AP_ADV_728x90[1].htm 3 File(s) 3,397 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\W3H0925M 06/21/2010 10:36 PM <DIR> . 06/21/2010 10:36 PM <DIR> .. 06/21/2010 10:21 PM 3,105 6eacf79a[1].txt 06/21/2010 10:06 PM 0 img[2].txt 06/21/2010 10:06 PM 0 img[3].txt 3 File(s) 3,105 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449\C_Users\b\AppData\Local\Temp 06/21/2010 10:36 PM <DIR> . 06/21/2010 10:36 PM <DIR> .. 06/21/2010 10:36 PM <DIR> Low 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449\C_Users\b\AppData\Local\Temp\Low 06/21/2010 10:36 PM <DIR> . 06/21/2010 10:36 PM <DIR> .. 06/21/2010 10:08 PM 16,384 ~DF4314.tmp 06/21/2010 10:19 PM 16,384 ~DFADB4.tmp 06/21/2010 09:59 PM 16,384 ~DFF3C9.tmp 3 File(s) 49,152 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449\C_Windows 06/21/2010 10:36 PM <DIR> . 06/21/2010 10:36 PM <DIR> .. 06/21/2010 10:42 PM <DIR> System32 06/21/2010 10:36 PM <DIR> temp 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449\C_Windows\System32 06/21/2010 10:42 PM <DIR> . 06/21/2010 10:42 PM <DIR> .. 06/21/2010 10:26 PM <DIR> drivers 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449\C_Windows\System32\drivers 06/21/2010 10:26 PM <DIR> . 06/21/2010 10:26 PM <DIR> .. 06/21/2010 10:26 PM <DIR> etc 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449\C_Windows\System32\drivers\etc 06/21/2010 10:26 PM <DIR> . 06/21/2010 10:26 PM <DIR> .. 06/21/2010 08:04 AM 98 Hosts 1 File(s) 98 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449\C_Windows\temp 06/21/2010 10:36 PM <DIR> . 06/21/2010 10:36 PM <DIR> .. 06/21/2010 10:36 PM <DIR> _avast5_ 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449\C_Windows\temp\_avast5_ 06/21/2010 10:36 PM <DIR> . 06/21/2010 10:36 PM <DIR> .. 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844 06/23/2010 07:08 PM <DIR> . 06/23/2010 07:08 PM <DIR> .. 06/23/2010 07:08 PM <DIR> C_Users 06/23/2010 07:08 PM <DIR> C_Windows 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Users 06/23/2010 07:08 PM <DIR> . 06/23/2010 07:08 PM <DIR> .. 06/23/2010 07:08 PM <DIR> b 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Users\b 06/23/2010 07:08 PM <DIR> . 06/23/2010 07:08 PM <DIR> .. 06/23/2010 07:08 PM <DIR> AppData 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Users\b\AppData 06/23/2010 07:08 PM <DIR> . 06/23/2010 07:08 PM <DIR> .. 06/23/2010 07:08 PM <DIR> Local 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Users\b\AppData\Local 06/23/2010 07:08 PM <DIR> . 06/23/2010 07:08 PM <DIR> .. 06/23/2010 07:08 PM <DIR> Microsoft 06/23/2010 07:08 PM <DIR> Temp 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Users\b\AppData\Local\Microsoft 06/23/2010 07:08 PM <DIR> . 06/23/2010 07:08 PM <DIR> .. 06/23/2010 07:08 PM <DIR> Windows 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Users\b\AppData\Local\Microsoft\Windows 06/23/2010 07:08 PM <DIR> . 06/23/2010 07:08 PM <DIR> .. 06/23/2010 07:08 PM <DIR> Temporary Internet Files 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files 06/23/2010 07:08 PM <DIR> . 06/23/2010 07:08 PM <DIR> .. 06/23/2010 07:08 PM <DIR> Content.IE5 06/23/2010 07:08 PM <DIR> Low 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 06/23/2010 07:08 PM <DIR> . 06/23/2010 07:08 PM <DIR> .. 06/23/2010 07:08 PM <DIR> W7OAOV16 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W7OAOV16 06/23/2010 07:08 PM <DIR> . 06/23/2010 07:08 PM <DIR> .. 06/21/2010 10:32 PM 1,471 data[1].aspx 1 File(s) 1,471 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low 06/23/2010 07:08 PM <DIR> . 06/23/2010 07:08 PM <DIR> .. 06/23/2010 07:08 PM <DIR> Content.IE5 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 06/23/2010 07:08 PM <DIR> . 06/23/2010 07:08 PM <DIR> .. 06/23/2010 07:08 PM <DIR> MCYFFOV9 06/23/2010 07:08 PM <DIR> N9P8MH59 06/23/2010 07:08 PM <DIR> U180IM7M 06/23/2010 07:08 PM <DIR> XU7NS0LQ 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MCYFFOV9 06/23/2010 07:08 PM <DIR> . 06/23/2010 07:08 PM <DIR> .. 06/21/2010 10:33 PM 406 AP_ADV_728x90[1].htm 06/21/2010 10:33 PM 622 ban_home_728x90[1].htm 06/21/2010 10:32 PM 135,842 hp-laptop_aol_com[2].htm 06/21/2010 10:33 PM 0 img[1].txt 4 File(s) 136,870 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N9P8MH59 06/23/2010 07:08 PM <DIR> . 06/23/2010 07:08 PM <DIR> .. 06/21/2010 10:33 PM 5,790 ads[1].txt 06/21/2010 10:33 PM 0 img[1].txt 06/21/2010 10:32 PM 1,210 load_v6[1].htm 3 File(s) 7,000 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U180IM7M 06/23/2010 07:08 PM <DIR> . 06/23/2010 07:08 PM <DIR> .. 06/21/2010 10:33 PM 981 afr[1].php 06/21/2010 10:33 PM 623 rectangle_300x250[1].htm 06/21/2010 10:32 PM 600,674 security-warning-application-cannot-be-executed-the-file-t177544[1].html 06/21/2010 10:33 PM 886 tcodewads_at[1].htm 4 File(s) 603,164 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\XU7NS0LQ 06/23/2010 07:08 PM <DIR> . 06/23/2010 07:08 PM <DIR> .. 06/21/2010 10:32 PM 978 afr[1].php 06/21/2010 10:33 PM 390 AP_ADV_300x250[1].htm 06/21/2010 10:32 PM 1,210 load_v6[1].htm 06/21/2010 10:32 PM 1,215 povh[1].htm 4 File(s) 3,793 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Users\b\AppData\Local\Temp 06/23/2010 07:08 PM <DIR> . 06/23/2010 07:08 PM <DIR> .. 06/23/2010 07:08 PM <DIR> Low 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Users\b\AppData\Local\Temp\Low 06/23/2010 07:08 PM <DIR> . 06/23/2010 07:08 PM <DIR> .. 06/21/2010 10:32 PM 16,384 ~DF3DE7.tmp 06/21/2010 10:32 PM 16,384 ~DF3E61.tmp 2 File(s) 32,768 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Windows 06/23/2010 07:08 PM <DIR> . 06/23/2010 07:08 PM <DIR> .. 06/21/2010 10:40 PM <DIR> System32 06/23/2010 07:08 PM <DIR> temp 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Windows\System32 06/21/2010 10:40 PM <DIR> . 06/21/2010 10:40 PM <DIR> .. 06/21/2010 10:40 PM <DIR> drivers 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Windows\System32\drivers 06/21/2010 10:40 PM <DIR> . 06/21/2010 10:40 PM <DIR> .. 06/21/2010 10:40 PM <DIR> etc 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Windows\System32\drivers\etc 06/21/2010 10:40 PM <DIR> . 06/21/2010 10:40 PM <DIR> .. 06/21/2010 10:26 PM 98 Hosts 1 File(s) 98 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Windows\temp 06/23/2010 07:08 PM <DIR> . 06/23/2010 07:08 PM <DIR> .. 06/23/2010 07:08 PM <DIR> _avast5_ 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Windows\temp\_avast5_ 06/23/2010 07:08 PM <DIR> . 06/23/2010 07:08 PM <DIR> .. 0 File(s) 0 bytes Total Files Listed: 57 File(s) 2,809,426 bytes 230 Dir(s) 144,755,142,656 bytes free < > < > < > < > <End of report > merci NO.PP! et @++++++

salut et merci beaucoup NO.PP pour tous tes conseils. qu'en est -il de la presence de ALUREON que Mbam avait signaler apres analyse par TDSKILLER ET GMER? voici les resultats de SEAF 1. ========================= SEAF 1.0.0.7 - C_XX 2. 3. Commencé à: 16:11:38 le 23/06/2010 4. 5. Valeur(s) recherchée(s): 6. 7. owddcxwut 8. kvqrbxgtssd 9. luduvupf 10. 11. (!) --- Calcul du Hash "MD5" 12. (!) --- Informations supplémentaires 13. (!) --- Recherche registre 14. 15. ====== Fichier(s) (TC: Date de création, TM: Date de modification, DA, Dernier accès) ====== 16. 17. Aucun fichier trouvé 18. 19. ====== Dossier(s) (TC: Date de création, TM: Date de modification, DA, Dernier accès) ====== 20. 21. "c:\_OTL\MovedFiles\06212010_060542\C_Users\hugues\AppData\Local\owddcxwut" [ ----D---- ] 22. TC: 19/06/2010,10:04:39 | TM: 21/06/2010,02:16:50 | DA: 21/06/2010,02:16:50 23. 24. ========================= 25. 26. 27. ====== Entrée(s) du registre ====== 28. 29. 30. 31. [HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] 32. "C:\Users\hugues\AppData\Local\owddcxwut\kvqrbxgtssd.exe"="Kernel Veryfier" 33. 34. [HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] 35. "C:\Users\hugues\AppData\Local\owddcxwut\kvqrbxgtssd.exe"="Kernel Veryfier" 36. 37. [HKEY_USERS\S-1-5-21-1286651634-2638253971-3409342703-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] 38. "C:\Users\hugues\AppData\Local\owddcxwut\kvqrbxgtssd.exe"="Kernel Veryfier" 39. 40. [HKEY_USERS\S-1-5-21-1286651634-2638253971-3409342703-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] 41. "C:\Users\hugues\AppData\Local\owddcxwut\kvqrbxgtssd.exe"="Kernel Veryfier" 42. 43. 44. 45. [HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] 46. "C:\Users\hugues\AppData\Local\owddcxwut\kvqrbxgtssd.exe"="Kernel Veryfier" 47. 48. [HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] 49. "C:\Users\hugues\AppData\Local\owddcxwut\kvqrbxgtssd.exe"="Kernel Veryfier" 50. 51. [HKEY_USERS\S-1-5-21-1286651634-2638253971-3409342703-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] 52. "C:\Users\hugues\AppData\Local\owddcxwut\kvqrbxgtssd.exe"="Kernel Veryfier" 53. 54. [HKEY_USERS\S-1-5-21-1286651634-2638253971-3409342703-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] 55. "C:\Users\hugues\AppData\Local\owddcxwut\kvqrbxgtssd.exe"="Kernel Veryfier" 56. 57. 58. 59. ========================= 60. 61. Fin à: 16:18:29 le 23/06/2010 ( E.O.F ) voici le nouveau rapport OTL avec les nouveaux parametres demandes. OTL logfile created on: 6/23/2010 7:20:35 PM - Run 4 OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\b\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18928) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 52.00% Memory free 6.00 Gb Paging File | 4.00 Gb Available in Paging File | 74.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 222.84 Gb Total Space | 134.81 Gb Free Space | 60.50% Space Free | Partition Type: NTFS Drive D: | 10.04 Gb Total Space | 1.72 Gb Free Space | 17.09% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: HUGUES-PC Current User Name: hugues Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2010/06/20 12:55:08 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\b\Desktop\OTL.scr PRC - [2010/05/06 13:59:42 | 002,815,192 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2010/05/06 13:59:38 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2009/11/02 17:24:58 | 000,257,440 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10d.exe PRC - [2009/09/28 09:42:50 | 000,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008/12/04 13:29:32 | 000,131,928 | ---- | M] (Microsoft Corp.) -- C:\Program Files\MSN\Toolbar\3.0.0988.2\msntask.exe PRC - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe PRC - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\CCSVCHST.EXE PRC - [2008/05/22 18:10:42 | 001,245,064 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe PRC - [2008/04/16 11:55:02 | 000,221,239 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\stacsv.exe PRC - [2008/03/26 15:26:56 | 000,341,328 | ---- | M] () -- C:\Windows\SMINST\BLService.exe PRC - [2008/02/11 22:05:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\AEstSrv.exe PRC - [2008/02/09 15:06:00 | 000,238,968 | ---- | M] (Symantec Corporation) -- c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe PRC - [2008/02/06 12:10:00 | 000,051,576 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\NPC\2.0\HSLoader.exe PRC - [2007/12/11 12:15:04 | 000,012,800 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe PRC - [2007/01/05 04:10:26 | 000,154,432 | R--- | M] (Primax Electronics Ltd.) -- C:\Windows\System32\PELMICED.EXE PRC - [2007/01/04 14:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe PRC - [2006/11/03 02:32:00 | 000,049,152 | R--- | M] (Primax Electronics Ltd.) -- C:\Windows\System32\ICO.EXE ========== Modules (SafeList) ========== MOD - [2010/06/20 12:55:08 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\b\Desktop\OTL.scr MOD - [2009/04/10 23:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll MOD - [2008/01/20 19:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx ========== Win32 Services (SafeList) ========== SRV - [2010/05/06 13:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner) SRV - [2010/05/06 13:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner) SRV - [2010/05/06 13:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2009/09/28 09:42:50 | 000,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2009/09/24 18:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService) SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice) SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService) SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr) SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr) SRV - [2008/09/05 11:52:32 | 003,220,856 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate) SRV - [2008/05/22 18:10:42 | 001,245,064 | ---- | M] () [On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC) SRV - [2008/04/16 11:55:02 | 000,221,239 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\stacsv.exe -- (STacSV) SRV - [2008/03/26 15:26:56 | 000,341,328 | ---- | M] () [Auto | Running] -- C:\Windows\SMINST\BLService.exe -- (Recovery Service for Windows) SRV - [2008/02/11 22:05:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\AEstSrv.exe -- (AESTFilters) SRV - [2008/02/09 15:06:00 | 000,238,968 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler) SRV - [2008/01/20 19:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007/12/11 12:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio) SRV - [2007/08/22 00:21:00 | 000,055,640 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost) SRV - [2007/01/04 14:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service) ========== Driver Services (SafeList) ========== DRV - [2010/05/06 13:39:23 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2010/05/06 13:39:00 | 000,164,048 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2010/05/06 13:34:27 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2010/05/06 13:34:10 | 000,051,792 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2010/05/06 13:33:47 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - [2010/02/26 21:34:18 | 000,025,656 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\hpdskflt.sys -- (hpdskflt) DRV - [2010/02/26 21:33:56 | 000,033,848 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer) DRV - [2009/12/30 12:21:16 | 000,027,192 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\revoflt.sys -- (Revoflt) DRV - [2009/09/30 02:00:00 | 001,323,568 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20090930.002\NAVEX15.SYS -- (NAVEX15) DRV - [2009/09/30 02:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2009/09/30 02:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2009/09/30 02:00:00 | 000,084,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20090930.002\NAVENG.SYS -- (NAVENG) DRV - [2009/09/02 04:09:24 | 000,176,128 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2009/07/17 05:40:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2009/02/19 12:31:42 | 000,024,112 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM) DRV - [2009/02/19 12:31:18 | 000,041,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMNDISV.SYS -- (SYMNDISV) DRV - [2009/02/19 12:31:16 | 000,184,496 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI) DRV - [2009/02/19 12:31:16 | 000,096,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMFW.SYS -- (SYMFW) DRV - [2009/02/19 12:31:16 | 000,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV) DRV - [2009/02/19 12:31:16 | 000,013,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMDNS.SYS -- (SYMDNS) DRV - [2009/01/10 09:17:09 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent) DRV - [2008/11/21 22:53:40 | 001,204,128 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2008/09/12 00:33:24 | 000,270,384 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20081106.001\IDSvix86.sys -- (IDSvix86) DRV - [2008/09/05 14:31:42 | 000,447,024 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv) DRV - [2008/07/30 17:42:12 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\COH_Mon.sys -- (COH_Mon) DRV - [2008/04/27 11:07:44 | 000,909,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2008/04/21 20:59:04 | 000,062,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTSTOR.sys -- (RTSTOR) DRV - [2008/04/16 11:58:24 | 000,379,904 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA) DRV - [2008/04/14 15:56:18 | 000,170,000 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\ahcix86s.sys -- (ahcix86s) DRV - [2008/03/28 04:24:16 | 003,544,064 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2008/01/31 16:51:00 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL) DRV - [2008/01/31 16:51:00 | 000,279,088 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP) DRV - [2008/01/31 16:51:00 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX) DRV - [2008/01/23 14:23:12 | 000,052,736 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir) DRV - [2008/01/20 19:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR) DRV - [2008/01/20 19:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2008/01/20 19:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2008/01/20 19:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2008/01/20 19:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2008/01/20 19:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2008/01/20 19:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2008/01/20 19:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2008/01/20 19:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2008/01/20 19:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel® DRV - [2008/01/20 19:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2008/01/20 19:23:23 | 000,654,336 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (winachsf) DRV - [2008/01/20 19:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2008/01/20 19:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2008/01/20 19:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2008/01/20 19:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2008/01/20 19:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2008/01/20 19:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2008/01/20 19:23:22 | 000,987,648 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (HSF_DPV) DRV - [2008/01/20 19:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2008/01/20 19:23:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL) DRV - [2008/01/20 19:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2008/01/20 19:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2008/01/20 19:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2008/01/20 19:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2008/01/20 19:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008/01/20 19:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2008/01/20 19:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2008/01/17 12:31:26 | 000,196,784 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP) DRV - [2008/01/07 13:42:04 | 000,015,416 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\Amddfltr.sys -- (Amddfltr) DRV - [2007/08/08 16:39:00 | 000,036,056 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\CO_Mon.sys -- (CO_Mon) DRV - [2007/07/11 10:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HpqRemHid.sys -- (HpqRemHid) DRV - [2007/07/03 16:58:20 | 000,106,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm) DRV - [2007/07/03 16:57:24 | 000,011,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl) DRV - [2007/07/03 16:54:24 | 000,080,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM) DRV - [2007/06/18 17:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV - [2007/05/02 11:12:36 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssm_mdm.sys -- (ssm_mdm) DRV - [2007/05/02 11:12:36 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssm_mdfl.sys -- (ssm_mdfl) DRV - [2007/05/02 11:12:34 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssm_bus.sys -- (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM) DRV - [2006/11/03 02:33:00 | 000,016,512 | R--- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PELMOUSE.SYS -- (pelmouse) DRV - [2006/11/03 02:33:00 | 000,013,184 | R--- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PELUSBlf.SYS -- (pelusblf) DRV - [2006/11/02 02:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006/11/02 02:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006/11/02 02:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006/11/02 02:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006/11/02 02:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006/11/02 02:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006/11/02 02:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006/11/02 02:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006/11/02 02:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006/11/02 02:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006/11/02 02:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006/11/02 01:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006/11/02 01:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006/11/02 01:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006/11/02 01:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006/11/02 01:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006/11/02 01:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006/11/02 00:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006/11/02 00:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm60x32.sys -- (NVENETFD) DRV - [2006/11/02 00:30:53 | 000,464,384 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XV) DRV - [2006/10/29 13:23:12 | 000,007,680 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO) DRV - [2004/02/04 11:27:56 | 000,049,536 | ---- | M] (Texas Instruments Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tiehdusb.sys -- (TIEHDUSB) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cnnb'>http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cnnb'>http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cnnb'>http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cnnb IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cnnb IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.internetscout.biz/google/?q={searchTerms}'>http://www.internetscout.biz/google/?q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.internetscout.info/google/iesearch.php'>http://www.internetscout.info/google/iesearch.php IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cnnb IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cnnb IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.internetscout.biz/google/?q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.internetscout.info/google/iesearch.php IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555 FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008/11/05 00:58:53 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/02/08 08:42:11 | 000,000,000 | ---D | M] [2010/01/15 01:45:19 | 000,000,000 | ---D | M] -- C:\Users\hugues\AppData\Roaming\Mozilla\Extensions [2010/01/15 01:45:19 | 000,000,000 | ---D | M] -- C:\Users\hugues\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org O1 HOSTS File: ([2010/06/21 22:40:56 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.) O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll (Symantec Corporation) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.) O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll (Yahoo! Inc) O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (&Browsertools by imediacentral.com) - {46BA7FF1-D32A-4369-88BF-882830A8FA67} - C:\Windows\System32\imediacentral_com_browsertools.dll () O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll (Symantec Corporation) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software) O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard) O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [Mouse Suite 98 Daemon] C:\Windows\System32\ICO.EXE (Primax Electronics Ltd.) O4 - HKLM..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [imediacentral.com] File not found O4 - HKCU..\Run: [internetCalls] C:\Program Files\InternetCalls.com\InternetCalls\internetcalls.exe (InternetCalls) O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKLM..\RunOnce: [] File not found O4 - HKLM..\RunOnce: [*WerKernelReporting] C:\Windows\System32\WerFault.exe (Microsoft Corporation) O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKCU..\RunOnce: [shockwave Updater] C:\Windows\System32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -Mozilla\4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident\4.0; File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet) O16 - DPF: {44990B00-3C9D-426D-81DF-AAB636FA4345} https://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlcm.cab (Symantec Configuration Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 68.87.73.246 68.87.71.230 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\hugues\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O24 - Desktop BackupWallPaper: C:\Users\hugues\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008/05/22 19:20:45 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{63c3d3ce-aa61-11de-89d9-001e68ce36a8}\Shell - "" = AutoRun O33 - MountPoints2\{63c3d3ce-aa61-11de-89d9-001e68ce36a8}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010/06/23 15:01:34 | 000,000,000 | ---D | C] -- C:\Program Files\SEAF [2010/06/21 06:05:42 | 000,000,000 | ---D | C] -- C:\_OTL [2010/06/20 09:23:20 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010/06/20 09:23:19 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010/06/20 09:23:19 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010/06/09 04:15:29 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll [2010/06/09 04:15:26 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2010/06/09 04:15:26 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2010/06/09 04:15:12 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010/06/09 04:15:12 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2010/06/09 04:15:12 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010/06/09 04:15:11 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2010/06/09 04:15:10 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2010/06/09 04:15:10 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2010/06/09 04:15:10 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2010/06/09 04:15:09 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2010/06/09 04:15:09 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2010/06/09 04:15:09 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010/06/09 04:15:05 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2010/06/09 04:15:05 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2010/06/09 04:15:05 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2010/06/09 04:15:05 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2010/06/09 04:15:05 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2010/06/09 04:15:03 | 002,037,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2010/06/07 22:12:14 | 000,164,048 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys [2010/06/07 22:12:14 | 000,019,024 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys [2010/06/07 22:12:12 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys [2010/06/07 22:12:10 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys [2010/06/07 22:12:09 | 000,051,792 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys [2010/06/07 22:11:29 | 000,165,032 | ---- | C] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe [2010/06/07 22:11:29 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\System32\avastSS.scr [2010/06/07 18:45:43 | 000,000,000 | ---D | C] -- C:\Users\hugues\Documents\New Folder [2010/05/26 02:32:29 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [8 C:\Users\hugues\Documents\*.tmp files -> C:\Users\hugues\Documents\*.tmp -> ] [6 C:\Users\hugues\Desktop\*.tmp files -> C:\Users\hugues\Desktop\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010/06/23 19:09:44 | 005,242,880 | -HS- | M] () -- C:\Users\hugues\ntuser.dat [2010/06/23 19:07:49 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010/06/23 19:07:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010/06/23 15:21:56 | 000,524,288 | -HS- | M] () -- C:\Users\hugues\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms [2010/06/23 15:21:56 | 000,065,536 | -HS- | M] () -- C:\Users\hugues\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf [2010/06/23 15:13:18 | 000,000,267 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini [2010/06/23 15:11:26 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010/06/23 15:08:14 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010/06/23 15:08:07 | 000,000,736 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010/06/23 15:08:07 | 000,000,736 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010/06/23 15:07:58 | 2950,520,832 | -HS- | M] () -- C:\hiberfil.sys [2010/06/23 15:04:59 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2010/06/23 07:18:28 | 006,291,456 | -H-- | M] () -- C:\Users\hugues\AppData\Local\IconCache.db [2010/06/22 22:51:47 | 345,746,458 | ---- | M] () -- C:\Windows\MEMORY.DMP [2010/06/22 21:47:12 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{4FF765DE-3D32-47CA-86EB-2C70321932C3}.job [2010/06/22 04:14:01 | 000,011,415 | ---- | M] () -- C:\Users\Public\Documents\Malwarebytes.docx [2010/06/21 22:40:56 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts [2010/06/21 21:54:16 | 000,000,548 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - hugues.job [2010/06/20 09:23:24 | 000,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010/06/19 22:59:49 | 000,000,632 | RHS- | M] () -- C:\Users\hugues\ntuser.pol [2010/06/17 08:13:43 | 000,035,840 | ---- | M] () -- C:\Users\hugues\Desktop\gc hugues.doc [2010/06/17 08:13:03 | 000,035,840 | ---- | M] () -- C:\Users\hugues\Desktop\GC lab gaelle.doc [2010/06/17 04:46:33 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$ lab gaelle.doc [2010/06/17 04:45:58 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$ hugues.doc [2010/06/17 04:45:30 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$C lab 2.docx [2010/06/13 22:10:56 | 002,614,028 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 09 ch203 organic.pptx [2010/06/13 12:34:15 | 002,614,028 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 09 ch 203 orga.pptx [2010/06/13 12:18:50 | 005,805,056 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 08 ch203 orga.ppt [2010/06/13 12:17:40 | 003,503,964 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 07 ch203 orga.pptx [2010/06/13 12:15:47 | 006,023,586 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 06 ch203 orga.pptx [2010/06/13 12:14:55 | 003,945,009 | ---- | M] () -- C:\Users\hugues\Desktop\chapter ch203 orga.pptx [2010/06/13 12:12:46 | 005,711,819 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 04 ch 203 orga.pptx [2010/06/13 12:10:28 | 003,787,717 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 03 ch203 orga.pptx [2010/06/13 12:07:49 | 007,697,442 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 02 ch203 orga.pptx [2010/06/13 12:05:09 | 009,198,158 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 01 ch203 orga.pptx [2010/06/12 09:09:05 | 000,121,856 | ---- | M] () -- C:\Users\hugues\Desktop\answer exam 1 organic.ppt [2010/06/10 21:47:20 | 000,402,984 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010/06/10 05:32:01 | 000,000,402 | ---- | M] () -- C:\Windows\tasks\EasyShare Registration Task.job [2010/06/09 22:51:53 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2010/06/09 05:56:44 | 000,011,218 | ---- | M] () -- C:\Users\hugues\Desktop\post lab.docx [2010/06/07 22:12:15 | 000,001,840 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2010/06/07 22:12:09 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [2010/06/07 01:49:26 | 000,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010/06/07 01:49:26 | 000,595,684 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010/06/07 01:49:26 | 000,101,350 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010/06/06 09:02:08 | 000,010,553 | ---- | M] () -- C:\Users\hugues\Documents\On your birthday.docx [2010/06/06 08:56:41 | 000,000,430 | ---- | M] () -- C:\Windows\tasks\Driver Robot.job [2010/06/05 07:05:45 | 000,000,000 | ---- | M] () -- C:\ProgramData\LauncherAccess.dt [2010/06/05 07:02:27 | 000,029,184 | ---- | M] () -- C:\Users\hugues\Desktop\Melting Point hugues.doc [2010/06/05 07:01:57 | 000,040,960 | ---- | M] () -- C:\Users\hugues\Desktop\tlc hugues.doc [2010/06/05 07:01:06 | 000,264,704 | ---- | M] () -- C:\Users\hugues\Documents\example lab Report tlc.doc [2010/06/03 00:56:04 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForhugues.job [2010/06/03 00:28:25 | 000,014,299 | ---- | M] () -- C:\Users\hugues\Desktop\TLC lab 2.docx [2010/06/01 00:21:16 | 000,059,982 | ---- | M] () -- C:\Users\hugues\Documents\conversa with ga.docx [2010/05/31 02:56:09 | 000,015,737 | ---- | M] () -- C:\Users\hugues\Documents\Selam gaell1.docx [2010/05/27 13:47:40 | 000,021,950 | ---- | M] () -- C:\Users\hugues\Documents\selam gaelle.docx [2010/05/27 10:13:14 | 000,014,782 | ---- | M] () -- C:\Users\hugues\Documents\selam gaelle 1(Autosaved).docx [2010/05/27 10:13:14 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Documents\~$lam gaelle 1(Autosaved).docx [2010/05/26 16:55:16 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Documents\~$lam gaelle.docx [2010/05/26 15:52:00 | 000,164,955 | ---- | M] () -- C:\Users\hugues\Documents\si l'amitie.docx [2010/05/26 14:23:03 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Documents\~$ l'amitie.docx [2010/05/26 13:27:01 | 000,028,514 | ---- | M] () -- C:\Users\hugues\Documents\excuse moi pour today.docx [2010/05/26 12:31:41 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Documents\~$cuse moi pour today.docx [2010/05/26 10:06:41 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2010/05/26 08:58:25 | 000,012,493 | ---- | M] () -- C:\Users\hugues\Documents\tu sais quoi.docx [2010/05/26 07:47:41 | 000,289,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [8 C:\Users\hugues\Documents\*.tmp files -> C:\Users\hugues\Documents\*.tmp -> ] [6 C:\Users\hugues\Desktop\*.tmp files -> C:\Users\hugues\Desktop\*.tmp -> ] ========== Files Created - No Company Name ========== [2010/06/22 04:14:00 | 000,011,415 | ---- | C] () -- C:\Users\Public\Documents\Malwarebytes.docx [2010/06/20 09:23:24 | 000,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010/06/19 22:59:49 | 000,000,632 | RHS- | C] () -- C:\Users\hugues\ntuser.pol [2010/06/17 04:46:33 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$ lab gaelle.doc [2010/06/17 04:45:58 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$ hugues.doc [2010/06/17 04:45:56 | 000,035,840 | ---- | C] () -- C:\Users\hugues\Desktop\gc hugues.doc [2010/06/17 04:45:30 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$C lab 2.docx [2010/06/17 04:22:13 | 000,035,840 | ---- | C] () -- C:\Users\hugues\Desktop\GC lab gaelle.doc [2010/06/13 22:10:39 | 002,614,028 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 09 ch203 organic.pptx [2010/06/13 12:34:00 | 002,614,028 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 09 ch 203 orga.pptx [2010/06/13 12:18:46 | 005,805,056 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 08 ch203 orga.ppt [2010/06/13 12:17:24 | 003,503,964 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 07 ch203 orga.pptx [2010/06/13 12:15:43 | 006,023,586 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 06 ch203 orga.pptx [2010/06/13 12:14:37 | 003,945,009 | ---- | C] () -- C:\Users\hugues\Desktop\chapter ch203 orga.pptx [2010/06/13 12:12:42 | 005,711,819 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 04 ch 203 orga.pptx [2010/06/13 12:10:24 | 003,787,717 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 03 ch203 orga.pptx [2010/06/13 12:07:44 | 007,697,442 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 02 ch203 orga.pptx [2010/06/13 12:05:05 | 009,198,158 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 01 ch203 orga.pptx [2010/06/12 09:08:59 | 000,121,856 | ---- | C] () -- C:\Users\hugues\Desktop\answer exam 1 organic.ppt [2010/06/09 05:44:17 | 000,011,218 | ---- | C] () -- C:\Users\hugues\Desktop\post lab.docx [2010/06/07 22:13:05 | 000,001,971 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2010/06/07 22:12:15 | 000,001,840 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2010/06/06 09:02:00 | 000,010,553 | ---- | C] () -- C:\Users\hugues\Documents\On your birthday.docx [2010/06/05 07:01:05 | 000,264,704 | ---- | C] () -- C:\Users\hugues\Documents\example lab Report tlc.doc [2010/06/03 00:28:24 | 000,014,299 | ---- | C] () -- C:\Users\hugues\Desktop\TLC lab 2.docx [2010/06/02 23:11:37 | 000,040,960 | ---- | C] () -- C:\Users\hugues\Desktop\tlc hugues.doc [2010/06/02 23:05:41 | 000,012,814 | ---- | C] () -- C:\Users\hugues\Documents\physics (2).docx [2010/06/02 23:05:30 | 000,069,120 | ---- | C] () -- C:\Users\hugues\Documents\BIOL_4501_F04_exam2.doc [2010/06/02 23:05:30 | 000,057,344 | ---- | C] () -- C:\Users\hugues\Documents\ch_11_instructor_guide micro.doc [2010/06/02 23:05:30 | 000,050,688 | ---- | C] () -- C:\Users\hugues\Documents\PH204_Practice_Final_Exam.doc [2010/06/02 23:05:30 | 000,024,819 | ---- | C] () -- C:\Users\hugues\Documents\gaelle micro.docx [2010/06/02 23:05:30 | 000,001,871 | ---- | C] () -- C:\Users\hugues\Documents\HP Help and Support.lnk [2010/06/02 23:05:29 | 000,298,496 | ---- | C] () -- C:\Users\hugues\Documents\ch_14_test_bank micro.doc [2010/06/02 23:05:29 | 000,219,136 | ---- | C] () -- C:\Users\hugues\Documents\Chapter17web.doc [2010/06/02 23:05:29 | 000,196,096 | ---- | C] () -- C:\Users\hugues\Documents\Lect Notes 203.doc [2010/06/02 23:05:29 | 000,133,120 | ---- | C] () -- C:\Users\hugues\Documents\Chapter16web.doc [2010/06/02 23:05:29 | 000,076,288 | ---- | C] () -- C:\Users\hugues\Documents\ch_14_instructor_guide.doc [2010/06/02 23:05:29 | 000,074,240 | ---- | C] () -- C:\Users\hugues\Documents\BI 203 Test 16.doc [2010/06/02 23:05:29 | 000,062,976 | ---- | C] () -- C:\Users\hugues\Documents\ch_15_test_bank biology.doc [2010/06/02 23:05:29 | 000,055,296 | ---- | C] () -- C:\Users\hugues\Documents\BI 203 Test 17.doc [2010/06/02 23:05:29 | 000,021,346 | ---- | C] () -- C:\Users\hugues\Documents\harmonic.docx [2010/06/02 23:05:29 | 000,018,180 | ---- | C] () -- C:\Users\hugues\Documents\vocabulary for microbiology chapter 14.docx [2010/06/02 23:05:28 | 001,743,872 | ---- | C] () -- C:\Users\hugues\Documents\chapter11book.doc [2010/06/02 23:05:28 | 000,251,904 | ---- | C] () -- C:\Users\hugues\Documents\Energy-in-Thermal-Processes.ppt [2010/06/02 23:05:28 | 000,070,926 | ---- | C] () -- C:\Users\hugues\Documents\heat and fusion lab.docx [2010/06/02 23:05:28 | 000,054,272 | ---- | C] () -- C:\Users\hugues\Documents\Unknown Lab Report.doc [2010/06/02 23:05:28 | 000,048,128 | ---- | C] () -- C:\Users\hugues\Documents\Exam2 F2006.doc [2010/06/02 23:05:28 | 000,045,568 | ---- | C] () -- C:\Users\hugues\Documents\objective chapter micro.doc [2010/06/02 23:05:28 | 000,013,972 | ---- | C] () -- C:\Users\hugues\Documents\Jean Emmanuel Durace Professor Steve Microbiology Unknown.docx [2010/06/02 23:05:27 | 001,728,000 | ---- | C] () -- C:\Users\hugues\Documents\Vibrations-and-Waves.ppt [2010/06/02 23:05:27 | 000,234,496 | ---- | C] () -- C:\Users\hugues\Documents\Fluid.doc [2010/06/02 23:05:27 | 000,167,424 | ---- | C] () -- C:\Users\hugues\Documents\Archimedes.doc [2010/06/02 23:05:27 | 000,096,768 | ---- | C] () -- C:\Users\hugues\Documents\ACS Practice Test 1.doc [2010/06/02 23:05:27 | 000,062,464 | ---- | C] () -- C:\Users\hugues\Documents\212Lab01_Archimedes.doc [2010/06/02 23:05:27 | 000,046,592 | ---- | C] () -- C:\Users\hugues\Documents\me313-5W08.doc [2010/06/02 23:05:27 | 000,037,376 | ---- | C] () -- C:\Users\hugues\Documents\Answer Key acs Test 2.doc [2010/06/02 23:05:27 | 000,033,792 | ---- | C] () -- C:\Users\hugues\Documents\Answer Key acsTest 1.doc [2010/06/02 23:05:27 | 000,032,979 | ---- | C] () -- C:\Users\hugues\Documents\Cinchona and its Product.docx [2010/06/02 23:05:27 | 000,029,757 | ---- | C] () -- C:\Users\hugues\Documents\GNLD Online Store.docx [2010/06/02 23:05:26 | 005,795,840 | ---- | C] () -- C:\Users\hugues\Documents\Chapter17_LEC.ppt [2010/06/02 23:05:26 | 000,062,281 | ---- | C] () -- C:\Users\hugues\Documents\archimed.docx [2010/06/02 23:05:25 | 010,184,192 | ---- | C] () -- C:\Users\hugues\Documents\Chapter15_LEC.ppt [2010/06/02 23:05:23 | 012,636,160 | ---- | C] () -- C:\Users\hugues\Documents\Chapter16_ chemistry.ppt [2010/06/02 23:05:23 | 000,378,373 | ---- | C] () -- C:\Users\hugues\Documents\A block of cherry wood that is 20 cm long.docx [2010/06/02 23:05:23 | 000,011,353 | ---- | C] () -- C:\Users\hugues\Documents\Problem1.docx [2010/06/02 23:05:22 | 006,416,896 | ---- | C] () -- C:\Users\hugues\Documents\sln chapter7 prof.doc [2010/06/02 23:05:22 | 005,068,288 | ---- | C] () -- C:\Users\hugues\Documents\sln chapter9 prof.doc [2010/06/02 23:05:22 | 002,890,240 | ---- | C] () -- C:\Users\hugues\Documents\prob chapter9 prof.doc [2010/06/02 23:05:22 | 002,040,832 | ---- | C] () -- C:\Users\hugues\Documents\problem chapter7 prof.doc [2010/06/02 23:05:22 | 001,886,208 | ---- | C] () -- C:\Users\hugues\Documents\Rotational-Equilibrium-and-dynamics.ppt [2010/06/02 23:05:22 | 000,055,770 | ---- | C] () -- C:\Users\hugues\Documents\lab equilibruim.docx [2010/06/02 23:05:22 | 000,011,316 | ---- | C] () -- C:\Users\hugues\Documents\physics lab 7.docx [2010/06/02 23:05:21 | 000,947,200 | ---- | C] () -- C:\Users\hugues\Documents\exam biolo.doc [2010/06/02 23:05:21 | 000,196,096 | ---- | C] () -- C:\Users\hugues\Documents\Lect Notes 203.doc [2010/06/02 05:22:59 | 000,029,184 | ---- | C] () -- C:\Users\hugues\Desktop\Melting Point hugues.doc [2010/06/01 00:21:14 | 000,059,982 | ---- | C] () -- C:\Users\hugues\Documents\conversa with ga.docx [2010/05/31 01:40:55 | 000,015,737 | ---- | C] () -- C:\Users\hugues\Documents\Selam gaell1.docx [2010/05/27 10:13:14 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Documents\~$lam gaelle 1(Autosaved).docx [2010/05/27 10:13:13 | 000,014,782 | ---- | C] () -- C:\Users\hugues\Documents\selam gaelle 1(Autosaved).docx [2010/05/26 16:55:16 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Documents\~$lam gaelle.docx [2010/05/26 14:23:03 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Documents\~$ l'amitie.docx [2010/05/26 14:23:02 | 000,164,955 | ---- | C] () -- C:\Users\hugues\Documents\si l'amitie.docx [2010/05/26 12:31:41 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Documents\~$cuse moi pour today.docx [2010/05/26 12:31:39 | 000,028,514 | ---- | C] () -- C:\Users\hugues\Documents\excuse moi pour today.docx [2010/05/26 08:58:23 | 000,012,493 | ---- | C] () -- C:\Users\hugues\Documents\tu sais quoi.docx [2010/05/26 08:58:06 | 000,021,950 | ---- | C] () -- C:\Users\hugues\Documents\selam gaelle.docx [2009/09/18 07:33:28 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009/06/13 08:36:24 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2009/05/30 23:05:15 | 000,719,360 | ---- | C] () -- C:\Windows\System32\imediacentral_com_browsertools.dll [2009/05/30 23:05:15 | 000,343,040 | ---- | C] () -- C:\Windows\System32\browsertools_helper.dll [2009/03/05 07:54:58 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2009/02/22 14:33:20 | 000,001,208 | ---- | C] () -- C:\Windows\Radio_Fr.ini [2008/10/12 05:07:08 | 000,008,771 | ---- | C] () -- C:\Windows\System32\Setup2k.ini [2008/10/12 05:07:08 | 000,000,184 | ---- | C] () -- C:\Windows\System32\presetup.ini [2008/03/28 02:19:10 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2006/11/02 05:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 00:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006/03/08 10:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll ========== Custom Scans ========== < :OTL > < dir /s C:\_OTL\MovedFiles /c > Volume in drive C has no label. Volume Serial Number is 4179-A3DD Directory of C:\_OTL\MOVEDFILES 06/21/2010 10:40 PM <DIR> . 06/21/2010 10:40 PM <DIR> .. 06/21/2010 06:05 AM <DIR> 06212010_060541 06/21/2010 06:05 AM <DIR> 06212010_060542 06/21/2010 10:23 PM 13,048 06212010_060542.log 06/21/2010 10:36 PM <DIR> 06212010_222449 06/21/2010 10:36 PM 13,318 06212010_222449.log 06/23/2010 07:08 PM <DIR> 06212010_223844 06/23/2010 07:09 PM 14,422 06212010_223844.log 3 File(s) 40,788 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060541 06/21/2010 06:05 AM <DIR> . 06/21/2010 06:05 AM <DIR> .. 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542 06/21/2010 06:05 AM <DIR> . 06/21/2010 06:05 AM <DIR> .. 06/21/2010 10:23 PM <DIR> C_Users 06/21/2010 10:23 PM <DIR> C_Windows 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Users 06/21/2010 10:23 PM <DIR> . 06/21/2010 10:23 PM <DIR> .. 06/21/2010 10:23 PM <DIR> b 06/21/2010 06:05 AM <DIR> hugues 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Users\b 06/21/2010 10:23 PM <DIR> . 06/21/2010 10:23 PM <DIR> .. 06/21/2010 10:23 PM <DIR> AppData 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Users\b\AppData 06/21/2010 10:23 PM <DIR> . 06/21/2010 10:23 PM <DIR> .. 06/21/2010 10:23 PM <DIR> Local 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Users\b\AppData\Local 06/21/2010 10:23 PM <DIR> . 06/21/2010 10:23 PM <DIR> .. 06/21/2010 10:23 PM <DIR> Microsoft 06/21/2010 10:23 PM <DIR> Temp 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Users\b\AppData\Local\Microsoft 06/21/2010 10:23 PM <DIR> . 06/21/2010 10:23 PM <DIR> .. 06/21/2010 10:23 PM <DIR> Windows 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Users\b\AppData\Local\Microsoft\Windows 06/21/2010 10:23 PM <DIR> . 06/21/2010 10:23 PM <DIR> .. 06/21/2010 10:23 PM <DIR> Temporary Internet Files 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files 06/21/2010 10:23 PM <DIR> . 06/21/2010 10:23 PM <DIR> .. 06/21/2010 10:23 PM <DIR> Content.IE5 06/21/2010 10:23 PM <DIR> Low 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 06/21/2010 10:23 PM <DIR> . 06/21/2010 10:23 PM <DIR> .. 06/21/2010 10:23 PM <DIR> PA65AMD5 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PA65AMD5 06/21/2010 10:23 PM <DIR> . 06/21/2010 10:23 PM <DIR> .. 06/21/2010 07:23 AM 1,494 data[6].aspx 1 File(s) 1,494 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low 06/21/2010 10:23 PM <DIR> . 06/21/2010 10:23 PM <DIR> .. 06/21/2010 10:23 PM <DIR> Content.IE5 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 06/21/2010 10:23 PM <DIR> . 06/21/2010 10:23 PM <DIR> .. 06/21/2010 10:23 PM <DIR> BVI0N832 06/21/2010 10:23 PM <DIR> LZCSSH2I 06/21/2010 10:23 PM <DIR> OGZS410X 06/21/2010 10:23 PM <DIR> X9S8N15T 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BVI0N832 06/21/2010 10:23 PM <DIR> . 06/21/2010 10:23 PM <DIR> .. 06/21/2010 05:56 AM 5,836 ads[6].txt 06/21/2010 05:56 AM 978 afr[3].php 06/21/2010 05:56 AM 981 afr[4].php 06/20/2010 07:22 PM 1,215 povh[1].htm 06/21/2010 05:56 AM 600,662 security-warning-application-cannot-be-executed-the-file-t177544[1].html 5 File(s) 609,672 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LZCSSH2I 06/21/2010 10:23 PM <DIR> . 06/21/2010 10:23 PM <DIR> .. 06/20/2010 07:22 PM 622 ban_home_728x90[1].htm 1 File(s) 622 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OGZS410X 06/21/2010 10:23 PM <DIR> . 06/21/2010 10:23 PM <DIR> .. 06/21/2010 05:59 AM 2,601 229f14[1].txt 06/21/2010 05:56 AM 0 img[5].txt 06/21/2010 05:56 AM 0 img[6].txt 3 File(s) 2,601 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X9S8N15T 06/21/2010 10:23 PM <DIR> . 06/21/2010 10:23 PM <DIR> .. 06/20/2010 07:22 PM 390 AP_ADV_300x250[1].htm 06/20/2010 07:22 PM 406 AP_ADV_728x90[1].htm 06/20/2010 07:22 PM 623 rectangle_300x250[1].htm 3 File(s) 1,419 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Users\b\AppData\Local\Temp 06/21/2010 10:23 PM <DIR> . 06/21/2010 10:23 PM <DIR> .. 06/21/2010 10:23 PM <DIR> Low 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Users\b\AppData\Local\Temp\Low 06/21/2010 10:23 PM <DIR> . 06/21/2010 10:23 PM <DIR> .. 06/21/2010 05:58 AM 16,384 ~DF5BCF.tmp 06/21/2010 05:53 AM 16,384 ~DFEBFD.tmp 2 File(s) 32,768 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Users\hugues 06/21/2010 06:05 AM <DIR> . 06/21/2010 06:05 AM <DIR> .. 06/21/2010 06:05 AM <DIR> AppData 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Users\hugues\AppData 06/21/2010 06:05 AM <DIR> . 06/21/2010 06:05 AM <DIR> .. 06/21/2010 06:05 AM <DIR> Local 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Users\hugues\AppData\Local 06/21/2010 06:05 AM <DIR> . 06/21/2010 06:05 AM <DIR> .. 06/21/2010 02:16 AM <DIR> owddcxwut 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Users\hugues\AppData\Local\owddcxwut 06/21/2010 02:16 AM <DIR> . 06/21/2010 02:16 AM <DIR> .. 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Windows 06/21/2010 10:23 PM <DIR> . 06/21/2010 10:23 PM <DIR> .. 06/21/2010 10:28 PM <DIR> System32 06/21/2010 10:23 PM <DIR> temp 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Windows\System32 06/21/2010 10:28 PM <DIR> . 06/21/2010 10:28 PM <DIR> .. 06/21/2010 08:04 AM <DIR> drivers 05/12/2009 01:31 PM 666,112 recctrl2.exe 1 File(s) 666,112 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Windows\System32\drivers 06/21/2010 08:04 AM <DIR> . 06/21/2010 08:04 AM <DIR> .. 06/21/2010 08:04 AM <DIR> etc 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Windows\System32\drivers\etc 06/21/2010 08:04 AM <DIR> . 06/21/2010 08:04 AM <DIR> .. 09/18/2006 02:41 PM 761 hosts 1 File(s) 761 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Windows\temp 06/21/2010 10:23 PM <DIR> . 06/21/2010 10:23 PM <DIR> .. 06/21/2010 10:23 PM <DIR> _avast5_ 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_060542\C_Windows\temp\_avast5_ 06/21/2010 10:23 PM <DIR> . 06/21/2010 10:23 PM <DIR> .. 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449 06/21/2010 10:36 PM <DIR> . 06/21/2010 10:36 PM <DIR> .. 06/21/2010 10:36 PM <DIR> C_Users 06/21/2010 10:36 PM <DIR> C_Windows 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449\C_Users 06/21/2010 10:36 PM <DIR> . 06/21/2010 10:36 PM <DIR> .. 06/21/2010 10:36 PM <DIR> b 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449\C_Users\b 06/21/2010 10:36 PM <DIR> . 06/21/2010 10:36 PM <DIR> .. 06/21/2010 10:36 PM <DIR> AppData 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449\C_Users\b\AppData 06/21/2010 10:36 PM <DIR> . 06/21/2010 10:36 PM <DIR> .. 06/21/2010 10:36 PM <DIR> Local 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449\C_Users\b\AppData\Local 06/21/2010 10:36 PM <DIR> . 06/21/2010 10:36 PM <DIR> .. 06/21/2010 10:36 PM <DIR> Microsoft 06/21/2010 10:36 PM <DIR> Temp 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449\C_Users\b\AppData\Local\Microsoft 06/21/2010 10:36 PM <DIR> . 06/21/2010 10:36 PM <DIR> .. 06/21/2010 10:36 PM <DIR> Windows 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449\C_Users\b\AppData\Local\Microsoft\Windows 06/21/2010 10:36 PM <DIR> . 06/21/2010 10:36 PM <DIR> .. 06/21/2010 10:36 PM <DIR> Temporary Internet Files 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files 06/21/2010 10:36 PM <DIR> . 06/21/2010 10:36 PM <DIR> .. 06/21/2010 10:36 PM <DIR> Content.IE5 06/21/2010 10:36 PM <DIR> Low 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 06/21/2010 10:36 PM <DIR> . 06/21/2010 10:36 PM <DIR> .. 06/21/2010 10:36 PM <DIR> E8NUGQAA 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8NUGQAA 06/21/2010 10:36 PM <DIR> . 06/21/2010 10:36 PM <DIR> .. 06/21/2010 09:59 PM 1,473 data[1].aspx 1 File(s) 1,473 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low 06/21/2010 10:36 PM <DIR> . 06/21/2010 10:36 PM <DIR> .. 06/21/2010 10:36 PM <DIR> Content.IE5 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 06/21/2010 10:36 PM <DIR> . 06/21/2010 10:36 PM <DIR> .. 06/21/2010 10:36 PM <DIR> 3TL1A01F 06/21/2010 10:36 PM <DIR> U5TLSIFY 06/21/2010 10:36 PM <DIR> W3H0925M 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3TL1A01F 06/21/2010 10:36 PM <DIR> . 06/21/2010 10:36 PM <DIR> .. 06/21/2010 10:06 PM 5,719 ads[2].txt 06/21/2010 10:06 PM 978 afr[1].php 06/21/2010 10:06 PM 981 afr[2].php 06/21/2010 10:00 PM 622 ban_home_728x90[1].htm 06/21/2010 10:00 PM 1,215 povh[1].htm 06/21/2010 10:00 PM 623 rectangle_300x250[1].htm 06/21/2010 10:06 PM 600,662 security-warning-application-cannot-be-executed-the-file-t177544[1].html 7 File(s) 610,800 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U5TLSIFY 06/21/2010 10:36 PM <DIR> . 06/21/2010 10:36 PM <DIR> .. 06/21/2010 10:08 PM 2,601 229f14[1].txt 06/21/2010 10:00 PM 390 AP_ADV_300x250[1].htm 06/21/2010 10:00 PM 406 AP_ADV_728x90[1].htm 3 File(s) 3,397 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\W3H0925M 06/21/2010 10:36 PM <DIR> . 06/21/2010 10:36 PM <DIR> .. 06/21/2010 10:21 PM 3,105 6eacf79a[1].txt 06/21/2010 10:06 PM 0 img[2].txt 06/21/2010 10:06 PM 0 img[3].txt 3 File(s) 3,105 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449\C_Users\b\AppData\Local\Temp 06/21/2010 10:36 PM <DIR> . 06/21/2010 10:36 PM <DIR> .. 06/21/2010 10:36 PM <DIR> Low 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449\C_Users\b\AppData\Local\Temp\Low 06/21/2010 10:36 PM <DIR> . 06/21/2010 10:36 PM <DIR> .. 06/21/2010 10:08 PM 16,384 ~DF4314.tmp 06/21/2010 10:19 PM 16,384 ~DFADB4.tmp 06/21/2010 09:59 PM 16,384 ~DFF3C9.tmp 3 File(s) 49,152 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449\C_Windows 06/21/2010 10:36 PM <DIR> . 06/21/2010 10:36 PM <DIR> .. 06/21/2010 10:42 PM <DIR> System32 06/21/2010 10:36 PM <DIR> temp 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449\C_Windows\System32 06/21/2010 10:42 PM <DIR> . 06/21/2010 10:42 PM <DIR> .. 06/21/2010 10:26 PM <DIR> drivers 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449\C_Windows\System32\drivers 06/21/2010 10:26 PM <DIR> . 06/21/2010 10:26 PM <DIR> .. 06/21/2010 10:26 PM <DIR> etc 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449\C_Windows\System32\drivers\etc 06/21/2010 10:26 PM <DIR> . 06/21/2010 10:26 PM <DIR> .. 06/21/2010 08:04 AM 98 Hosts 1 File(s) 98 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449\C_Windows\temp 06/21/2010 10:36 PM <DIR> . 06/21/2010 10:36 PM <DIR> .. 06/21/2010 10:36 PM <DIR> _avast5_ 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_222449\C_Windows\temp\_avast5_ 06/21/2010 10:36 PM <DIR> . 06/21/2010 10:36 PM <DIR> .. 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844 06/23/2010 07:08 PM <DIR> . 06/23/2010 07:08 PM <DIR> .. 06/23/2010 07:08 PM <DIR> C_Users 06/23/2010 07:08 PM <DIR> C_Windows 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Users 06/23/2010 07:08 PM <DIR> . 06/23/2010 07:08 PM <DIR> .. 06/23/2010 07:08 PM <DIR> b 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Users\b 06/23/2010 07:08 PM <DIR> . 06/23/2010 07:08 PM <DIR> .. 06/23/2010 07:08 PM <DIR> AppData 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Users\b\AppData 06/23/2010 07:08 PM <DIR> . 06/23/2010 07:08 PM <DIR> .. 06/23/2010 07:08 PM <DIR> Local 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Users\b\AppData\Local 06/23/2010 07:08 PM <DIR> . 06/23/2010 07:08 PM <DIR> .. 06/23/2010 07:08 PM <DIR> Microsoft 06/23/2010 07:08 PM <DIR> Temp 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Users\b\AppData\Local\Microsoft 06/23/2010 07:08 PM <DIR> . 06/23/2010 07:08 PM <DIR> .. 06/23/2010 07:08 PM <DIR> Windows 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Users\b\AppData\Local\Microsoft\Windows 06/23/2010 07:08 PM <DIR> . 06/23/2010 07:08 PM <DIR> .. 06/23/2010 07:08 PM <DIR> Temporary Internet Files 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files 06/23/2010 07:08 PM <DIR> . 06/23/2010 07:08 PM <DIR> .. 06/23/2010 07:08 PM <DIR> Content.IE5 06/23/2010 07:08 PM <DIR> Low 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 06/23/2010 07:08 PM <DIR> . 06/23/2010 07:08 PM <DIR> .. 06/23/2010 07:08 PM <DIR> W7OAOV16 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W7OAOV16 06/23/2010 07:08 PM <DIR> . 06/23/2010 07:08 PM <DIR> .. 06/21/2010 10:32 PM 1,471 data[1].aspx 1 File(s) 1,471 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low 06/23/2010 07:08 PM <DIR> . 06/23/2010 07:08 PM <DIR> .. 06/23/2010 07:08 PM <DIR> Content.IE5 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 06/23/2010 07:08 PM <DIR> . 06/23/2010 07:08 PM <DIR> .. 06/23/2010 07:08 PM <DIR> MCYFFOV9 06/23/2010 07:08 PM <DIR> N9P8MH59 06/23/2010 07:08 PM <DIR> U180IM7M 06/23/2010 07:08 PM <DIR> XU7NS0LQ 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MCYFFOV9 06/23/2010 07:08 PM <DIR> . 06/23/2010 07:08 PM <DIR> .. 06/21/2010 10:33 PM 406 AP_ADV_728x90[1].htm 06/21/2010 10:33 PM 622 ban_home_728x90[1].htm 06/21/2010 10:32 PM 135,842 hp-laptop_aol_com[2].htm 06/21/2010 10:33 PM 0 img[1].txt 4 File(s) 136,870 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\N9P8MH59 06/23/2010 07:08 PM <DIR> . 06/23/2010 07:08 PM <DIR> .. 06/21/2010 10:33 PM 5,790 ads[1].txt 06/21/2010 10:33 PM 0 img[1].txt 06/21/2010 10:32 PM 1,210 load_v6[1].htm 3 File(s) 7,000 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U180IM7M 06/23/2010 07:08 PM <DIR> . 06/23/2010 07:08 PM <DIR> .. 06/21/2010 10:33 PM 981 afr[1].php 06/21/2010 10:33 PM 623 rectangle_300x250[1].htm 06/21/2010 10:32 PM 600,674 security-warning-application-cannot-be-executed-the-file-t177544[1].html 06/21/2010 10:33 PM 886 tcodewads_at[1].htm 4 File(s) 603,164 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\XU7NS0LQ 06/23/2010 07:08 PM <DIR> . 06/23/2010 07:08 PM <DIR> .. 06/21/2010 10:32 PM 978 afr[1].php 06/21/2010 10:33 PM 390 AP_ADV_300x250[1].htm 06/21/2010 10:32 PM 1,210 load_v6[1].htm 06/21/2010 10:32 PM 1,215 povh[1].htm 4 File(s) 3,793 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Users\b\AppData\Local\Temp 06/23/2010 07:08 PM <DIR> . 06/23/2010 07:08 PM <DIR> .. 06/23/2010 07:08 PM <DIR> Low 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Users\b\AppData\Local\Temp\Low 06/23/2010 07:08 PM <DIR> . 06/23/2010 07:08 PM <DIR> .. 06/21/2010 10:32 PM 16,384 ~DF3DE7.tmp 06/21/2010 10:32 PM 16,384 ~DF3E61.tmp 2 File(s) 32,768 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Windows 06/23/2010 07:08 PM <DIR> . 06/23/2010 07:08 PM <DIR> .. 06/21/2010 10:40 PM <DIR> System32 06/23/2010 07:08 PM <DIR> temp 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Windows\System32 06/21/2010 10:40 PM <DIR> . 06/21/2010 10:40 PM <DIR> .. 06/21/2010 10:40 PM <DIR> drivers 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Windows\System32\drivers 06/21/2010 10:40 PM <DIR> . 06/21/2010 10:40 PM <DIR> .. 06/21/2010 10:40 PM <DIR> etc 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Windows\System32\drivers\etc 06/21/2010 10:40 PM <DIR> . 06/21/2010 10:40 PM <DIR> .. 06/21/2010 10:26 PM 98 Hosts 1 File(s) 98 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Windows\temp 06/23/2010 07:08 PM <DIR> . 06/23/2010 07:08 PM <DIR> .. 06/23/2010 07:08 PM <DIR> _avast5_ 0 File(s) 0 bytes Directory of C:\_OTL\MOVEDFILES\06212010_223844\C_Windows\temp\_avast5_ 06/23/2010 07:08 PM <DIR> . 06/23/2010 07:08 PM <DIR> .. 0 File(s) 0 bytes Total Files Listed: 57 File(s) 2,809,426 bytes 230 Dir(s) 144,755,142,656 bytes free < > < > < > < > < End of report > une fois de plus merci beaucoup.

salut et merci beaucoup NO.PP POUR TOUT consernant le le message de security warning, il apparaissait dans mon compte administrateur et avait completement tout bloquer. j'ai ete obliger de creer un nouveau compte afin de pouvoir effectuer toutes les operations que vous me demandier de faire. maintenant quand je rentre de nouveau dans ma section administrateur qui etait infecter, ce message de security warning n'apparait plus; mais je ne peux pas acceder a internet. aucune page web ne s'ouvre; ce qui fait que je suis obliger de repasser par un autre compte afin de pouvoir acceder sur internet. l'autre probleme reveler c'est celui de windows qui me redemande d'activer a nouveau mon windows vista avec un message qui apparait " an unautorized change was made to windows. you must retype your windows vista home to activate it" voila ou j'en suis. concernant l'antivirus je le fais maintenant ou j'attends que la fin du probleme? merci beaucoup NO.PP @++++++++++++++++

merci NO.PP pour tous les conseils et tout ce quevous faites pour m'aider a resoudre mon probleme. je m'excuse pour avoir attendu si longtemps avant de poster mon rapport. voici les rapports demandes. voici le rapport de TDSSKILLER 06:05:13:664 4372 TDSS rootkit removing tool 2.3.2.0 May 31 2010 10:39:48 06:05:13:664 4372 ================================================================================ 06:05:13:664 4372 SystemInfo: 06:05:13:664 4372 OS Version: 6.0.6002 ServicePack: 2.0 06:05:13:664 4372 Product type: Workstation 06:05:13:665 4372 ComputerName: HUGUES-PC 06:05:13:665 4372 UserName: hugues 06:05:13:665 4372 Windows directory: C:\Windows 06:05:13:665 4372 Processor architecture: Intel x86 06:05:13:665 4372 Number of processors: 2 06:05:13:665 4372 Page size: 0x1000 06:05:13:668 4372 Boot type: Normal boot 06:05:13:668 4372 ================================================================================ 06:05:14:541 4372 Initialize success 06:05:14:542 4372 06:05:14:543 4372 Scanning Services ... 06:05:15:602 4372 Raw services enum returned 486 services 06:05:15:617 4372 06:05:15:617 4372 Scanning Drivers ... 06:05:16:980 4372 Accelerometer (5c41679e1a2e0830069e45d288fa8499) C:\Windows\system32\DRIVERS\Accelerometer.sys 06:05:17:026 4372 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys 06:05:17:071 4372 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys 06:05:17:103 4372 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys 06:05:17:135 4372 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys 06:05:17:163 4372 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys 06:05:17:225 4372 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys 06:05:17:344 4372 AgereSoftModem (3712986cc3abf0dc656b43525b9d1279) C:\Windows\system32\DRIVERS\AGRSM.sys 06:05:17:410 4372 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys 06:05:17:454 4372 ahcix86s (e331924fdf522cd7cea1b647503784e8) C:\Windows\system32\DRIVERS\ahcix86s.sys 06:05:17:484 4372 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 06:05:17:514 4372 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys 06:05:17:552 4372 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys 06:05:17:580 4372 Amddfltr (bafec23fc76ab781dfe9169f9b8dbebb) C:\Windows\system32\DRIVERS\Amddfltr.sys 06:05:17:596 4372 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys 06:05:17:629 4372 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys 06:05:17:657 4372 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys 06:05:17:682 4372 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys 06:05:17:698 4372 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys 06:05:17:744 4372 aswFsBlk (1b6ed99291ddf5d2501554cc5757aab6) C:\Windows\system32\drivers\aswFsBlk.sys 06:05:17:791 4372 aswMonFlt (58254e06b36b984e33ae314c0ea8f1a5) C:\Windows\system32\drivers\aswMonFlt.sys 06:05:17:817 4372 aswRdr (3e2b6112d2766f87eda8466fde86a986) C:\Windows\system32\drivers\aswRdr.sys 06:05:17:840 4372 aswSP (d78b644816db540e103d0b0766fd9967) C:\Windows\system32\drivers\aswSP.sys 06:05:17:862 4372 aswTdi (606d731008d98b6ef946730c597c1642) C:\Windows\system32\drivers\aswTdi.sys 06:05:17:889 4372 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 06:05:17:917 4372 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys 06:05:17:967 4372 athr (600efe56f37adbd65a0fb076b50d1b8d) C:\Windows\system32\DRIVERS\athr.sys 06:05:18:126 4372 atikmdag (5000e60040e45b3e72791b19e1ced1e9) C:\Windows\system32\DRIVERS\atikmdag.sys 06:05:18:246 4372 AtiPcie (4aa1eb65481c392955939e735d27118b) C:\Windows\system32\DRIVERS\AtiPcie.sys 06:05:18:290 4372 BCM43XV (cf6a67c90951e3e763d2135dede44b85) C:\Windows\system32\DRIVERS\bcmwl6.sys 06:05:18:332 4372 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 06:05:18:360 4372 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys 06:05:18:397 4372 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys 06:05:18:437 4372 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 06:05:18:460 4372 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 06:05:18:491 4372 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 06:05:18:513 4372 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 06:05:18:537 4372 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 06:05:18:562 4372 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 06:05:18:617 4372 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys 06:05:18:649 4372 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 06:05:18:720 4372 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys 06:05:18:780 4372 BTHPORT (5a3abaa2f8eece7aefb942773766e3db) C:\Windows\system32\Drivers\BTHport.sys 06:05:18:840 4372 BTHUSB (94e2941280e3756a5e0bcb467865c43a) C:\Windows\system32\Drivers\BTHUSB.sys 06:05:18:870 4372 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 06:05:18:915 4372 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys 06:05:18:943 4372 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys 06:05:19:004 4372 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys 06:05:19:066 4372 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys 06:05:19:114 4372 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys 06:05:19:155 4372 COH_Mon (6186b6b953bdc884f0f379b84b3e3a98) C:\Windows\system32\Drivers\COH_Mon.sys 06:05:19:180 4372 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys 06:05:19:216 4372 CO_Mon (73f5d6835bfa66019c03e316d99649da) C:\Windows\system32\drivers\CO_Mon.sys 06:05:19:251 4372 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys 06:05:19:291 4372 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys 06:05:19:346 4372 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys 06:05:19:400 4372 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys 06:05:19:450 4372 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 06:05:19:530 4372 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys 06:05:19:575 4372 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys 06:05:19:625 4372 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys 06:05:19:710 4372 eeCtrl (96bcd90ed9235a21629effde5e941fb1) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys 06:05:19:813 4372 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys 06:05:19:878 4372 enecir (4cd6b056c5fd9e97c06fe74c81479517) C:\Windows\system32\DRIVERS\enecir.sys 06:05:19:965 4372 EraserUtilRebootDrv (392c86f6b45c0bc696c32c27f51e749f) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 06:05:20:028 4372 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys 06:05:20:085 4372 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys 06:05:20:158 4372 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys 06:05:20:190 4372 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys 06:05:20:218 4372 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 06:05:20:250 4372 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 06:05:20:282 4372 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys 06:05:20:329 4372 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys 06:05:20:362 4372 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys 06:05:20:397 4372 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys 06:05:20:472 4372 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys 06:05:20:549 4372 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys 06:05:20:618 4372 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 06:05:20:665 4372 HidIr (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys 06:05:20:709 4372 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys 06:05:20:747 4372 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys 06:05:20:788 4372 hpdskflt (cc2148a432c351b9b0d289cde198b530) C:\Windows\system32\DRIVERS\hpdskflt.sys 06:05:20:838 4372 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys 06:05:20:884 4372 HpqRemHid (115c0933b3ed51dfbec4449348c8065b) C:\Windows\system32\DRIVERS\HpqRemHid.sys 06:05:20:940 4372 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS 06:05:21:028 4372 HSF_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS 06:05:21:150 4372 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys 06:05:21:218 4372 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys 06:05:21:254 4372 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 06:05:21:288 4372 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys 06:05:21:395 4372 IDSvix86 (ce5d5aaba62949b9bfa44d0eaf2d93e5) C:\PROGRA~2\Symantec\DEFINI~1\SymcData\ipsdefs\20081106.001\IDSvix86.sys 06:05:21:477 4372 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 06:05:21:506 4372 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys 06:05:21:548 4372 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 06:05:21:594 4372 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 06:05:21:651 4372 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys 06:05:21:690 4372 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 06:05:21:732 4372 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 06:05:21:760 4372 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys 06:05:21:810 4372 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys 06:05:21:842 4372 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 06:05:21:862 4372 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 06:05:21:889 4372 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 06:05:21:943 4372 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys 06:05:22:029 4372 klmd23 (67e1faa88fb397b3d56909d7e04f4dd3) C:\Windows\system32\drivers\klmd.sys 06:05:22:094 4372 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys 06:05:22:182 4372 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 06:05:22:218 4372 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys 06:05:22:245 4372 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys 06:05:22:304 4372 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys 06:05:22:324 4372 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 06:05:22:366 4372 MBAMSwissArmy (c7dd7d9739785bd3a6b8499eec1dee7e) C:\Windows\system32\drivers\mbamswissarmy.sys 06:05:22:391 4372 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys 06:05:22:426 4372 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys 06:05:22:464 4372 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 06:05:22:492 4372 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 06:05:22:515 4372 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 06:05:22:535 4372 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 06:05:22:564 4372 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 06:05:22:585 4372 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys 06:05:22:613 4372 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 06:05:22:652 4372 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 06:05:22:697 4372 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys 06:05:22:756 4372 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys 06:05:22:789 4372 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys 06:05:22:814 4372 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys 06:05:22:847 4372 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys 06:05:22:868 4372 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys 06:05:22:898 4372 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 06:05:22:926 4372 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 06:05:22:965 4372 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 06:05:22:989 4372 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 06:05:23:019 4372 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 06:05:23:071 4372 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys 06:05:23:114 4372 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 06:05:23:150 4372 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 06:05:23:189 4372 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys 06:05:23:250 4372 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys 06:05:23:393 4372 NAVENG (78d629767dbcdbb1ee888f4fda841acd) C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20090930.002\NAVENG.SYS 06:05:23:464 4372 NAVEX15 (6176ce576509ee71bac1b61fc8f1f138) C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20090930.002\NAVEX15.SYS 06:05:23:683 4372 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys 06:05:23:746 4372 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 06:05:23:780 4372 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 06:05:23:836 4372 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys 06:05:23:878 4372 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 06:05:23:916 4372 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 06:05:23:980 4372 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys 06:05:24:053 4372 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 06:05:24:104 4372 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys 06:05:24:149 4372 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 06:05:24:248 4372 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys 06:05:24:315 4372 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 06:05:24:350 4372 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 06:05:24:404 4372 NVENETFD (1657f3fbd9061526c14ff37e79306f98) C:\Windows\system32\DRIVERS\nvm60x32.sys 06:05:24:471 4372 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys 06:05:24:496 4372 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys 06:05:24:530 4372 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys 06:05:24:597 4372 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys 06:05:24:633 4372 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 06:05:24:667 4372 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys 06:05:24:702 4372 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 06:05:24:756 4372 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys 06:05:24:806 4372 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys 06:05:24:848 4372 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys 06:05:24:916 4372 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 06:05:24:990 4372 pelmouse (670824151bf5a291d395f57ef2999cbf) C:\Windows\system32\DRIVERS\pelmouse.sys 06:05:25:029 4372 pelusblf (ee8c61ce8a018a6ad1dfbd90b452e845) C:\Windows\system32\DRIVERS\pelusblf.sys 06:05:25:072 4372 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 06:05:25:111 4372 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\DRIVERS\processr.sys 06:05:25:166 4372 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys 06:05:25:202 4372 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\Windows\system32\Drivers\PxHelp20.sys 06:05:25:251 4372 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys 06:05:25:304 4372 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 06:05:25:328 4372 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 06:05:25:348 4372 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 06:05:25:367 4372 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 06:05:25:400 4372 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys 06:05:25:418 4372 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys 06:05:25:474 4372 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys 06:05:25:500 4372 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 06:05:25:540 4372 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys 06:05:25:566 4372 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 06:05:25:600 4372 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys 06:05:25:674 4372 Revoflt (b9bb8e2093c1615ad6ea55ad96214354) C:\Windows\system32\DRIVERS\revoflt.sys 06:05:25:792 4372 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys 06:05:25:833 4372 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 06:05:25:913 4372 RTL8169 (a1adc7b4c074744662207da6edcdfbb0) C:\Windows\system32\DRIVERS\Rtlh86.sys 06:05:25:951 4372 RTSTOR (e64fe039c7b35ccdc0fff05db544ee58) C:\Windows\system32\drivers\RTSTOR.SYS 06:05:25:987 4372 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 06:05:26:018 4372 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 06:05:26:053 4372 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys 06:05:26:085 4372 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys 06:05:26:122 4372 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 06:05:26:158 4372 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys 06:05:26:187 4372 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys 06:05:26:223 4372 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys 06:05:26:251 4372 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 06:05:26:278 4372 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys 06:05:26:309 4372 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys 06:05:26:333 4372 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys 06:05:26:378 4372 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys 06:05:26:468 4372 SPBBCDrv (dc4dc886d3779c446f9b0e9d6b006e72) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys 06:05:26:534 4372 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 06:05:26:592 4372 SRTSP (e0e54a571d4323567e95e11fe76a5ff3) C:\Windows\system32\Drivers\SRTSP.SYS 06:05:26:647 4372 SRTSPL (4e44f0e22df824d318988caa6f321c30) C:\Windows\system32\Drivers\SRTSPL.SYS 06:05:26:683 4372 SRTSPX (d3bb40427cf3d02e56bba97feda0a3aa) C:\Windows\system32\Drivers\SRTSPX.SYS 06:05:26:738 4372 srv (0debafcc0e3591fca34f077cab62f7f7) C:\Windows\system32\DRIVERS\srv.sys 06:05:26:783 4372 srv2 (6b6f3658e0a58c6c50c5f7fbdf3df633) C:\Windows\system32\DRIVERS\srv2.sys 06:05:26:843 4372 srvnet (0c5ab1892ae0fa504218db094bf6d041) C:\Windows\system32\DRIVERS\srvnet.sys 06:05:26:909 4372 sscdbus (d6870895fe46a464a19141440eb6cc1e) C:\Windows\system32\DRIVERS\sscdbus.sys 06:05:26:956 4372 sscdmdfl (0fe167362e4689b716cdc8d93adedda8) C:\Windows\system32\DRIVERS\sscdmdfl.sys 06:05:26:984 4372 sscdmdm (55a15707e32b6709242ad127e62ca55a) C:\Windows\system32\DRIVERS\sscdmdm.sys 06:05:27:051 4372 ssm_bus (14622ae81c72b08691eedaabc1d4a129) C:\Windows\system32\DRIVERS\ssm_bus.sys 06:05:27:113 4372 ssm_mdfl (43ee5e9fda61a5e0eac4c1de699e6e4d) C:\Windows\system32\DRIVERS\ssm_mdfl.sys 06:05:27:216 4372 ssm_mdm (918cfd32c7feb174f356a0a6fad11f4b) C:\Windows\system32\DRIVERS\ssm_mdm.sys 06:05:27:292 4372 StarOpen (306521935042fc0a6988d528643619b3) C:\Windows\system32\drivers\StarOpen.sys 06:05:27:351 4372 STHDA (2449940565c8590961b4b1e9402ea43e) C:\Windows\system32\DRIVERS\stwrt.sys 06:05:27:398 4372 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 06:05:27:425 4372 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 06:05:27:477 4372 SYMDNS (fe9f8b3a8bc22d85332b42e92308ddf9) C:\Windows\System32\Drivers\SYMDNS.SYS 06:05:27:530 4372 SymEvent (06b95820df51502099a8a15c93e87986) C:\Windows\system32\Drivers\SYMEVENT.SYS 06:05:27:565 4372 SYMFW (a0ea9d273889e53cfaabf2444692ccbf) C:\Windows\System32\Drivers\SYMFW.SYS 06:05:27:588 4372 SymIM (8eab28dd6cd25355b951ae460fa86b48) C:\Windows\system32\DRIVERS\SymIMv.sys 06:05:27:616 4372 SYMNDISV (c94eaca4b522012ee0691f1e79c42a7d) C:\Windows\System32\Drivers\SYMNDISV.SYS 06:05:27:678 4372 SYMREDRV (7c6505ea598e58099d3b7e1f70426864) C:\Windows\System32\Drivers\SYMREDRV.SYS 06:05:27:750 4372 SYMTDI (e6ff7ace71d07ca90119f2c6ab592ba4) C:\Windows\System32\Drivers\SYMTDI.SYS 06:05:27:794 4372 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 06:05:27:813 4372 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 06:05:27:860 4372 SynTP (bf7aa84d5af0faa0978c840e63b17dbf) C:\Windows\system32\DRIVERS\SynTP.sys 06:05:27:998 4372 Tcpip (48cbe6d53632d0067c2d6b20f90d84ca) C:\Windows\system32\drivers\tcpip.sys 06:05:28:087 4372 Tcpip6 (48cbe6d53632d0067c2d6b20f90d84ca) C:\Windows\system32\DRIVERS\tcpip.sys 06:05:28:159 4372 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys 06:05:28:208 4372 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 06:05:28:238 4372 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 06:05:28:287 4372 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys 06:05:28:333 4372 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys 06:05:28:391 4372 TIEHDUSB (a1124ebc672aa3ae1b327096c1dcc346) C:\Windows\system32\drivers\tiehdusb.sys 06:05:28:423 4372 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 06:05:28:444 4372 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 06:05:28:493 4372 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys 06:05:28:539 4372 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys 06:05:28:597 4372 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys 06:05:28:663 4372 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys 06:05:28:708 4372 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys 06:05:28:748 4372 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 06:05:28:783 4372 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 06:05:28:824 4372 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 06:05:28:886 4372 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys 06:05:28:934 4372 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 06:05:28:998 4372 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys 06:05:29:039 4372 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys 06:05:29:085 4372 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys 06:05:29:143 4372 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys 06:05:29:175 4372 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS 06:05:29:206 4372 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys 06:05:29:251 4372 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys 06:05:29:290 4372 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys 06:05:29:320 4372 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 06:05:29:357 4372 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys 06:05:29:383 4372 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys 06:05:29:416 4372 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys 06:05:29:452 4372 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 06:05:29:502 4372 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys 06:05:29:557 4372 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys 06:05:29:601 4372 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys 06:05:29:637 4372 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 06:05:29:666 4372 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 06:05:29:674 4372 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 06:05:29:713 4372 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys 06:05:29:760 4372 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys 06:05:29:855 4372 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS 06:05:29:935 4372 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys 06:05:30:013 4372 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys 06:05:30:047 4372 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 06:05:30:080 4372 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 06:05:30:088 4372 06:05:30:089 4372 Completed 06:05:30:090 4372 06:05:30:092 4372 Results: 06:05:30:093 4372 Registry objects infected / cured / cured on reboot: 0 / 0 / 0 06:05:30:094 4372 File objects infected / cured / cured on reboot: 0 / 0 / 0 06:05:30:095 4372 06:05:30:109 4372 KLMD(ARK) unloaded successfully et voici celui de Gmer GMER 1.0.15.15281 - GMER - Rootkit Detector and Remover Rootkit scan 2010-06-22 23:02:37 Windows 6.0.6002 Service Pack 2 Running: gmer.exe; Driver: C:\Users\hugues\AppData\Local\Temp\uwryrpog.sys ---- Kernel code sections - GMER 1.0.15 ---- .text ntkrnlpa.exe!KeSetEvent + 11D 828FE880 8 Bytes [08, 30, 6E, 88, 58, 92, 6D, ...] .text ntkrnlpa.exe!KeSetEvent + 131 828FE894 4 Bytes [98, 87, 6B, 88] {CWDE ; XCHG [EBX-0x78], EBP} .text ntkrnlpa.exe!KeSetEvent + 13D 828FE8A0 4 Bytes [F8, 54, 5E, 88] .text ntkrnlpa.exe!KeSetEvent + 1F5 828FE958 4 Bytes [08, A7, 6D, 88] .text ntkrnlpa.exe!KeSetEvent + 221 828FE984 4 Bytes [F0, 88, 6B, 88] .text ... PAGE ntkrnlpa.exe!ZwLoadDriver 829BDDF0 7 Bytes JMP A0EEEA28 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) PAGE ntkrnlpa.exe!ObMakeTemporaryObject 82A2928F 5 Bytes JMP A0EEA536 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) PAGE ntkrnlpa.exe!ObInsertObject 82A82038 5 Bytes JMP A0EEBEC2 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) PAGE ntkrnlpa.exe!NtCreateSection 82A838C3 7 Bytes JMP A0EEE8EE \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) PAGE ntkrnlpa.exe!ZwCreateProcessEx 82AE3892 7 Bytes JMP A0EEEACA \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) .text C:\Windows\system32\DRIVERS\atikmdag.sys section is writeable [0x9F80F000, 0x1FA4DA, 0xE8000020] ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\Internet Explorer\iexplore.exe[4828] USER32.dll!CreateWindowExW 767E1305 5 Bytes JMP 6E6DDB1C C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4828] USER32.dll!DialogBoxParamW 768010B0 5 Bytes JMP 6E6054C5 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4828] USER32.dll!DialogBoxIndirectParamW 76802EF5 5 Bytes JMP 6E7D480F C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4828] USER32.dll!DialogBoxParamA 76818152 5 Bytes JMP 6E7D47AC C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4828] USER32.dll!DialogBoxIndirectParamA 7681847D 5 Bytes JMP 6E7D4872 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4828] USER32.dll!MessageBoxIndirectA 7682D4D9 5 Bytes JMP 6E7D4741 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4828] USER32.dll!MessageBoxIndirectW 7682D5D3 5 Bytes JMP 6E7D46D6 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4828] USER32.dll!MessageBoxExA 7682D639 5 Bytes JMP 6E7D4674 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4828] USER32.dll!MessageBoxExW 7682D65D 5 Bytes JMP 6E7D4612 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4844] USER32.dll!CreateWindowExW 767E1305 5 Bytes JMP 6E6DDB1C C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4844] USER32.dll!DialogBoxParamW 768010B0 5 Bytes JMP 6E6054C5 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4844] USER32.dll!DialogBoxIndirectParamW 76802EF5 5 Bytes JMP 6E7D480F C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4844] USER32.dll!DialogBoxParamA 76818152 5 Bytes JMP 6E7D47AC C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4844] USER32.dll!DialogBoxIndirectParamA 7681847D 5 Bytes JMP 6E7D4872 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4844] USER32.dll!MessageBoxIndirectA 7682D4D9 5 Bytes JMP 6E7D4741 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4844] USER32.dll!MessageBoxIndirectW 7682D5D3 5 Bytes JMP 6E7D46D6 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4844] USER32.dll!MessageBoxExA 7682D639 5 Bytes JMP 6E7D4674 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4844] USER32.dll!MessageBoxExW 7682D65D 5 Bytes JMP 6E7D4612 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5136] USER32.dll!CreateDialogParamW 767D72A2 5 Bytes JMP 6E6DDEA8 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5136] USER32.dll!GetAsyncKeyState 767D863C 5 Bytes JMP 6E5F8EFF C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5136] USER32.dll!SetWindowsHookExW 767D87AD 5 Bytes JMP 6E6D9AC9 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5136] USER32.dll!CallNextHookEx 767D8E3B 5 Bytes JMP 6E6CD0ED C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5136] USER32.dll!UnhookWindowsHookEx 767D98DB 5 Bytes JMP 6E64467C C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5136] USER32.dll!EnableWindow 767DCD8B 5 Bytes JMP 6E6DDD35 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5136] USER32.dll!CreateWindowExW 767E1305 5 Bytes JMP 6E6DDB1C C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5136] USER32.dll!GetKeyState 767E8CB1 5 Bytes JMP 6E6DD2E3 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5136] USER32.dll!IsDialogMessageW 767F0745 5 Bytes JMP 6E6059D7 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5136] USER32.dll!CreateDialogParamA 767F17AA 5 Bytes JMP 6E7D547B C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5136] USER32.dll!IsDialogMessage 767F1847 5 Bytes JMP 6E7D4D17 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5136] USER32.dll!CreateDialogIndirectParamA 767F26F1 5 Bytes JMP 6E7D54B2 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5136] USER32.dll!CreateDialogIndirectParamW 767F9A62 5 Bytes JMP 6E7D54E9 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5136] USER32.dll!SetKeyboardState 76800987 5 Bytes JMP 6E7D5086 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5136] USER32.dll!DialogBoxParamW 768010B0 5 Bytes JMP 6E6054C5 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5136] USER32.dll!DialogBoxIndirectParamW 76802EF5 5 Bytes JMP 6E7D480F C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5136] USER32.dll!SendInput 76802F75 5 Bytes JMP 6E7D5C43 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5136] USER32.dll!EndDialog 7680326E 5 Bytes JMP 6E607E7E C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5136] USER32.dll!SetCursorPos 76816FB2 5 Bytes JMP 6E7D5C97 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5136] USER32.dll!DialogBoxParamA 76818152 5 Bytes JMP 6E7D47AC C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5136] USER32.dll!DialogBoxIndirectParamA 7681847D 5 Bytes JMP 6E7D4872 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5136] USER32.dll!MessageBoxIndirectA 7682D4D9 5 Bytes JMP 6E7D4741 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5136] USER32.dll!MessageBoxIndirectW 7682D5D3 5 Bytes JMP 6E7D46D6 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5136] USER32.dll!MessageBoxExA 7682D639 5 Bytes JMP 6E7D4674 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5136] USER32.dll!MessageBoxExW 7682D65D 5 Bytes JMP 6E7D4612 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5136] USER32.dll!keybd_event 7682D972 5 Bytes JMP 6E7D5FC7 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5136] SHELL32.dll!SHRestricted + D95 75BC8988 4 Bytes [4D, 30, 51, 65] {DEC EBP; XOR [ECX+0x65], DL} .text C:\Program Files\Internet Explorer\iexplore.exe[5136] SHELL32.dll!SHRestricted + D9D 75BC8990 8 Bytes [57, 2F, 51, 65, 9C, 5B, 50, ...] .text C:\Program Files\Internet Explorer\iexplore.exe[5136] ole32.dll!OleLoadFromStream 76B71E12 5 Bytes JMP 6E7D4B77 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5136] ole32.dll!CoCreateInstance 76BA9EA6 5 Bytes JMP 6E6DDB78 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5148] USER32.dll!CreateDialogParamW 767D72A2 5 Bytes JMP 6E6DDEA8 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5148] USER32.dll!GetAsyncKeyState 767D863C 5 Bytes JMP 6E5F8EFF C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5148] USER32.dll!SetWindowsHookExW 767D87AD 5 Bytes JMP 6E6D9AC9 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5148] USER32.dll!CallNextHookEx 767D8E3B 5 Bytes JMP 6E6CD0ED C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5148] USER32.dll!UnhookWindowsHookEx 767D98DB 5 Bytes JMP 6E64467C C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5148] USER32.dll!EnableWindow 767DCD8B 5 Bytes JMP 6E6DDD35 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5148] USER32.dll!CreateWindowExW 767E1305 5 Bytes JMP 6E6DDB1C C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5148] USER32.dll!GetKeyState 767E8CB1 5 Bytes JMP 6E6DD2E3 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5148] USER32.dll!IsDialogMessageW 767F0745 5 Bytes JMP 6E6059D7 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5148] USER32.dll!CreateDialogParamA 767F17AA 5 Bytes JMP 6E7D547B C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5148] USER32.dll!IsDialogMessage 767F1847 5 Bytes JMP 6E7D4D17 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5148] USER32.dll!CreateDialogIndirectParamA 767F26F1 5 Bytes JMP 6E7D54B2 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5148] USER32.dll!CreateDialogIndirectParamW 767F9A62 5 Bytes JMP 6E7D54E9 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5148] USER32.dll!SetKeyboardState 76800987 5 Bytes JMP 6E7D5086 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5148] USER32.dll!DialogBoxParamW 768010B0 5 Bytes JMP 6E6054C5 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5148] USER32.dll!DialogBoxIndirectParamW 76802EF5 5 Bytes JMP 6E7D480F C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5148] USER32.dll!SendInput 76802F75 5 Bytes JMP 6E7D5C43 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5148] USER32.dll!EndDialog 7680326E 5 Bytes JMP 6E607E7E C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5148] USER32.dll!SetCursorPos 76816FB2 5 Bytes JMP 6E7D5C97 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5148] USER32.dll!DialogBoxParamA 76818152 5 Bytes JMP 6E7D47AC C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5148] USER32.dll!DialogBoxIndirectParamA 7681847D 5 Bytes JMP 6E7D4872 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5148] USER32.dll!MessageBoxIndirectA 7682D4D9 5 Bytes JMP 6E7D4741 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5148] USER32.dll!MessageBoxIndirectW 7682D5D3 5 Bytes JMP 6E7D46D6 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5148] USER32.dll!MessageBoxExA 7682D639 5 Bytes JMP 6E7D4674 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5148] USER32.dll!MessageBoxExW 7682D65D 5 Bytes JMP 6E7D4612 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5148] USER32.dll!keybd_event 7682D972 5 Bytes JMP 6E7D5FC7 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5148] SHELL32.dll!SHRestricted + D95 75BC8988 4 Bytes [4D, 30, 51, 65] {DEC EBP; XOR [ECX+0x65], DL} .text C:\Program Files\Internet Explorer\iexplore.exe[5148] SHELL32.dll!SHRestricted + D9D 75BC8990 8 Bytes [57, 2F, 51, 65, 9C, 5B, 50, ...] .text C:\Program Files\Internet Explorer\iexplore.exe[5148] ole32.dll!OleLoadFromStream 76B71E12 5 Bytes JMP 6E7D4B77 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[5148] ole32.dll!CoCreateInstance 76BA9EA6 5 Bytes JMP 6E6DDB78 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) ---- EOF - GMER 1.0.15 ---- une fois de plus merci beaucoup NO.PP. @++++++++++++

merci No.pp pour tes conseils. je pense que j'ai retrouver le rapport du scan text dans OTL moved file le voici All processes killed ========== OTL ========== Registry value HKEY_USERS\S-1-5-21-1286651634-2638253971-3409342703-1000\Software\Microsoft\Windows\CurrentVersion\Run\\imediacentral.com not found. File C:\Windows\System32\recctrl2.exe not found. Registry value HKEY_USERS\S-1-5-21-1286651634-2638253971-3409342703-1000\Software\Microsoft\Windows\CurrentVersion\Run\\luduvupf not found. File C:\Users\hugues\AppData\Local\owddcxwut\kvqrbxgtssd.exe not found. Folder C:\Users\hugues\AppData\Local\owddcxwut\ not found. File move failed. C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 scheduled to be moved on reboot. File move failed. C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 scheduled to be moved on reboot. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2BCE8-EC1F-44C5-A187-5CFE9A09D893}}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2BCE8-EC1F-44C5-A187-5CFE9A09D893}}\ not found. Registry value HKEY_USERS\S-1-5-21-1286651634-2638253971-3409342703-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C}\ not found. Registry value HKEY_USERS\S-1-5-21-1286651634-2638253971-3409342703-1000\Software\Microsoft\Windows\CurrentVersion\Run\\imediacentral.com not found. File C:\Windows\System32\recctrl2.exe not found. Registry value HKEY_USERS\S-1-5-21-1286651634-2638253971-3409342703-1000\Software\Microsoft\Windows\CurrentVersion\Run\\luduvupf not found. File C:\Users\hugues\AppData\Local\owddcxwut\kvqrbxgtssd.exe not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: b ->Temp folder emptied: 181070 bytes ->Temporary Internet Files folder emptied: 11763791 bytes ->Flash cache emptied: 635 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Guest ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: hugues ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 69264 bytes ->Java cache emptied: 0 bytes ->Google Chrome cache emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 823800 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 12.00 mb [EMPTYFLASH] User: All Users User: b ->Flash cache emptied: 0 bytes User: Default ->Flash cache emptied: 0 bytes User: Default User ->Flash cache emptied: 0 bytes User: Guest ->Flash cache emptied: 0 bytes User: hugues ->Flash cache emptied: 0 bytes User: Public Total Flash Files Cleaned = 0.00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.6.0 log created on 06212010_222449 Files\Folders moved on Reboot... File move failed. C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 scheduled to be moved on reboot. File move failed. C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 scheduled to be moved on reboot. C:\Users\b\AppData\Local\Temp\Low\~DF4314.tmp moved successfully. C:\Users\b\AppData\Local\Temp\Low\~DFADB4.tmp moved successfully. C:\Users\b\AppData\Local\Temp\Low\~DFF3C9.tmp moved successfully. File\Folder C:\Users\b\AppData\Local\Temp\~DF8AB9.tmp not found! File\Folder C:\Users\b\AppData\Local\Temp\~DF8B08.tmp not found! File\Folder C:\Users\b\AppData\Local\Temp\~DF8CE1.tmp not found! File\Folder C:\Users\b\AppData\Local\Temp\~DF8CF1.tmp not found! File\Folder C:\Users\b\AppData\Local\Temp\~DF8D4D.tmp not found! File\Folder C:\Users\b\AppData\Local\Temp\~DF8D5D.tmp not found! C:\Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\W3H0925M\6eacf79a[1].txt moved successfully. C:\Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\W3H0925M\img[2].txt moved successfully. C:\Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\W3H0925M\img[3].txt moved successfully. C:\Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U5TLSIFY\229f14[1].txt moved successfully. C:\Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U5TLSIFY\AP_ADV_300x250[1].htm moved successfully. C:\Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U5TLSIFY\AP_ADV_728x90[1].htm moved successfully. C:\Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3TL1A01F\ads[2].txt moved successfully. C:\Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3TL1A01F\afr[1].php moved successfully. C:\Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3TL1A01F\afr[2].php moved successfully. C:\Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3TL1A01F\ban_home_728x90[1].htm moved successfully. C:\Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3TL1A01F\povh[1].htm moved successfully. C:\Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3TL1A01F\rectangle_300x250[1].htm moved successfully. C:\Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3TL1A01F\security-warning-application-cannot-be-executed-the-file-t177544[1].html moved successfully. File\Folder C:\Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\fla1DD1.tmp not found! C:\Users\b\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E8NUGQAA\data[1].aspx moved successfully. File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot. File\Folder C:\Windows\temp\JETC8CA.tmp not found! Registry entries deleted on Reboot... des que je finis d'effectuer les tests avec TDS KILLER ET GMER je te poste le @+++++++++++++++++++++++++

bonjour No.pp et une fois de plus merci. comme je le disais dans mon precedent post, apres avoir effectuer le process de correction tel que demander, je me retrouve dans cette situation 1- au redemerage windows me demande la cle d'activation de mon vista pretestant que c'est qui est installer n'est pas authentique. l'ecran de mon bureau est devenue noir 2- je ne sais pas quoi faire pour retrouver le rapport de scan text effectuer avec OTL correction. j'ai fais aussi une analyse avec mbam avec le nouveau compte utulisateur que j'ai ouvert afin d'acceder a internet et de pouvoir communiquer avec vous, voici le rapportt que j'obtiens Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4217 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18928 6/22/2010 3:52:52 AM mbam-log-2010-06-22 (03-52-52).txt Scan type: Full scan (C:\|D:\|) Objects scanned: 343658 Time elapsed: 2 hour(s), 36 minute(s), 43 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 6 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 5 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CLASSES_ROOT\Interface\{629cd6c2-e4c5-4554-aeb8-12e4e2cd40ff} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{f5b8c69c-9b45-4a6a-9380-df225c546ae7} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{342168f8-ae4a-41e8-a6b5-8fb9fecbef37} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Gameztar Toolbar (Adware.Gameztar) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\ProgramData\~0\Setup.exe (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Users\hugues\AppData\Local\Temp\030e1c11.exe (Trojan.Alureon) -> Quarantined and deleted successfully. C:\Users\hugues\AppData\Local\Temp\6ed50c20.exe (Trojan.Dropper) -> Quarantined and deleted successfully. C:\Users\hugues\Documents\hugo\attachments.13zip\Keygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully. C:\Users\hugues\Documents\hugo - Copy\attachments.13zip\Keygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully. merci une fois de plus pour votre aide.

bonsoir no.pp et merci pour tous tes conseils. apres avoirs suivis les detail tel que tu l'a dis, a la fin du process de correction un message est apparut me demandant de redemarrer l'ordinateur ; ce que j'ai fais. mais apres cela, un message de windows apparait au demarrage me demandant la cle d'activation de mon windows vista. j'ai acheter cet ordinateur portable dans un magasin il y'a deux ans avec le systeme vista deja preablement installer. je ne sais pas quoi faire maintenant . quand j'accede a mon bureau je n'arrive pas a trouver le rapport d'analyse que tu demandes. quand je clique sur le fichier OTL j'ai le rapport que je t'ai envoyer precedement dans mon post.de meme qund je clique sur scan note j'ai toujours le rapport precedent. je ne sais pas comment faire pour retrouver les nouveaux rapports

salut no.pp et a vous tous. voici le rapport TDSSKILLER 21:39:24:947 4324 TDSS rootkit removing tool 2.3.2.0 May 31 2010 10:39:48 21:39:24:947 4324 ================================================================================ 21:39:24:947 4324 SystemInfo: 21:39:24:947 4324 OS Version: 6.0.6002 ServicePack: 2.0 21:39:24:947 4324 Product type: Workstation 21:39:24:948 4324 ComputerName: HUGUES-PC 21:39:24:948 4324 UserName: hugues 21:39:24:948 4324 Windows directory: C:\Windows 21:39:24:948 4324 Processor architecture: Intel x86 21:39:24:948 4324 Number of processors: 2 21:39:24:948 4324 Page size: 0x1000 21:39:24:951 4324 Boot type: Normal boot 21:39:24:951 4324 ================================================================================ 21:39:25:480 4324 Initialize success 21:39:25:482 4324 21:39:25:483 4324 Scanning Services ... 21:39:26:573 4324 Raw services enum returned 486 services 21:39:26:586 4324 21:39:26:587 4324 Scanning Drivers ... 21:39:27:409 4324 Accelerometer (5c41679e1a2e0830069e45d288fa8499) C:\Windows\system32\DRIVERS\Accelerometer.sys 21:39:27:450 4324 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys 21:39:27:488 4324 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys 21:39:27:508 4324 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys 21:39:27:524 4324 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys 21:39:27:545 4324 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys 21:39:27:594 4324 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys 21:39:27:684 4324 AgereSoftModem (3712986cc3abf0dc656b43525b9d1279) C:\Windows\system32\DRIVERS\AGRSM.sys 21:39:27:735 4324 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys 21:39:27:768 4324 ahcix86s (e331924fdf522cd7cea1b647503784e8) C:\Windows\system32\DRIVERS\ahcix86s.sys 21:39:27:787 4324 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 21:39:27:807 4324 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys 21:39:27:837 4324 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys 21:39:27:862 4324 Amddfltr (bafec23fc76ab781dfe9169f9b8dbebb) C:\Windows\system32\DRIVERS\Amddfltr.sys 21:39:27:876 4324 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys 21:39:27:907 4324 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys 21:39:27:931 4324 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys 21:39:27:946 4324 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys 21:39:27:960 4324 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys 21:39:27:993 4324 aswFsBlk (1b6ed99291ddf5d2501554cc5757aab6) C:\Windows\system32\drivers\aswFsBlk.sys 21:39:28:040 4324 aswMonFlt (58254e06b36b984e33ae314c0ea8f1a5) C:\Windows\system32\drivers\aswMonFlt.sys 21:39:28:055 4324 aswRdr (3e2b6112d2766f87eda8466fde86a986) C:\Windows\system32\drivers\aswRdr.sys 21:39:28:078 4324 aswSP (d78b644816db540e103d0b0766fd9967) C:\Windows\system32\drivers\aswSP.sys 21:39:28:099 4324 aswTdi (606d731008d98b6ef946730c597c1642) C:\Windows\system32\drivers\aswTdi.sys 21:39:28:116 4324 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 21:39:28:144 4324 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys 21:39:28:194 4324 athr (600efe56f37adbd65a0fb076b50d1b8d) C:\Windows\system32\DRIVERS\athr.sys 21:39:28:327 4324 atikmdag (5000e60040e45b3e72791b19e1ced1e9) C:\Windows\system32\DRIVERS\atikmdag.sys 21:39:28:372 4324 AtiPcie (4aa1eb65481c392955939e735d27118b) C:\Windows\system32\DRIVERS\AtiPcie.sys 21:39:28:421 4324 BCM43XV (cf6a67c90951e3e763d2135dede44b85) C:\Windows\system32\DRIVERS\bcmwl6.sys 21:39:28:458 4324 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 21:39:28:483 4324 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys 21:39:28:513 4324 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys 21:39:28:537 4324 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 21:39:28:559 4324 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 21:39:28:593 4324 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 21:39:28:619 4324 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 21:39:28:647 4324 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 21:39:28:670 4324 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 21:39:28:717 4324 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys 21:39:28:745 4324 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 21:39:28:800 4324 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys 21:39:28:848 4324 BTHPORT (5a3abaa2f8eece7aefb942773766e3db) C:\Windows\system32\Drivers\BTHport.sys 21:39:28:881 4324 BTHUSB (94e2941280e3756a5e0bcb467865c43a) C:\Windows\system32\Drivers\BTHUSB.sys 21:39:28:907 4324 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 21:39:28:941 4324 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys 21:39:29:002 4324 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys 21:39:29:090 4324 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys 21:39:29:159 4324 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys 21:39:29:185 4324 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys 21:39:29:224 4324 COH_Mon (6186b6b953bdc884f0f379b84b3e3a98) C:\Windows\system32\Drivers\COH_Mon.sys 21:39:29:238 4324 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys 21:39:29:276 4324 CO_Mon (73f5d6835bfa66019c03e316d99649da) C:\Windows\system32\drivers\CO_Mon.sys 21:39:29:300 4324 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys 21:39:29:329 4324 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys 21:39:29:371 4324 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys 21:39:29:403 4324 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys 21:39:29:431 4324 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 21:39:29:491 4324 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys 21:39:29:526 4324 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys 21:39:29:562 4324 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys 21:39:29:643 4324 eeCtrl (96bcd90ed9235a21629effde5e941fb1) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys 21:39:29:695 4324 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys 21:39:29:729 4324 enecir (4cd6b056c5fd9e97c06fe74c81479517) C:\Windows\system32\DRIVERS\enecir.sys 21:39:29:780 4324 EraserUtilRebootDrv (392c86f6b45c0bc696c32c27f51e749f) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 21:39:29:826 4324 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys 21:39:29:872 4324 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys 21:39:29:926 4324 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys 21:39:29:963 4324 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys 21:39:29:997 4324 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 21:39:30:032 4324 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 21:39:30:066 4324 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys 21:39:30:113 4324 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys 21:39:30:155 4324 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys 21:39:30:189 4324 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys 21:39:30:254 4324 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys 21:39:30:332 4324 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys 21:39:30:384 4324 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 21:39:30:420 4324 HidIr (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys 21:39:30:466 4324 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys 21:39:30:518 4324 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys 21:39:30:547 4324 hpdskflt (cc2148a432c351b9b0d289cde198b530) C:\Windows\system32\DRIVERS\hpdskflt.sys 21:39:30:587 4324 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys 21:39:30:613 4324 HpqRemHid (115c0933b3ed51dfbec4449348c8065b) C:\Windows\system32\DRIVERS\HpqRemHid.sys 21:39:30:652 4324 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS 21:39:30:725 4324 HSF_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS 21:39:30:815 4324 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys 21:39:30:846 4324 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys 21:39:30:880 4324 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 21:39:30:916 4324 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys 21:39:31:034 4324 IDSvix86 (ce5d5aaba62949b9bfa44d0eaf2d93e5) C:\PROGRA~2\Symantec\DEFINI~1\SymcData\ipsdefs\20081106.001\IDSvix86.sys 21:39:31:070 4324 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 21:39:31:099 4324 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys 21:39:31:136 4324 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 21:39:31:172 4324 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 21:39:31:230 4324 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys 21:39:31:283 4324 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 21:39:31:329 4324 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 21:39:31:365 4324 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys 21:39:31:415 4324 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys 21:39:31:502 4324 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 21:39:31:528 4324 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 21:39:31:560 4324 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 21:39:31:612 4324 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys 21:39:31:672 4324 klmd23 (67e1faa88fb397b3d56909d7e04f4dd3) C:\Windows\system32\drivers\klmd.sys 21:39:31:753 4324 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys 21:39:31:801 4324 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 21:39:31:834 4324 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys 21:39:31:861 4324 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys 21:39:31:900 4324 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys 21:39:31:926 4324 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 21:39:31:970 4324 MBAMSwissArmy (c7dd7d9739785bd3a6b8499eec1dee7e) C:\Windows\system32\drivers\mbamswissarmy.sys 21:39:32:007 4324 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys 21:39:32:047 4324 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys 21:39:32:091 4324 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 21:39:32:119 4324 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 21:39:32:145 4324 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 21:39:32:167 4324 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 21:39:32:191 4324 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 21:39:32:219 4324 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys 21:39:32:251 4324 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 21:39:32:289 4324 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 21:39:32:336 4324 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys 21:39:32:395 4324 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys 21:39:32:440 4324 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys 21:39:32:470 4324 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys 21:39:32:507 4324 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys 21:39:32:532 4324 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys 21:39:32:569 4324 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 21:39:32:597 4324 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 21:39:32:636 4324 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 21:39:32:685 4324 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 21:39:32:718 4324 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 21:39:32:777 4324 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys 21:39:32:814 4324 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 21:39:32:853 4324 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 21:39:32:893 4324 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys 21:39:32:952 4324 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys 21:39:33:087 4324 NAVENG (78d629767dbcdbb1ee888f4fda841acd) C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20090930.002\NAVENG.SYS 21:39:33:165 4324 NAVEX15 (6176ce576509ee71bac1b61fc8f1f138) C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20090930.002\NAVEX15.SYS 21:39:33:258 4324 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys 21:39:33:317 4324 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 21:39:33:352 4324 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 21:39:33:407 4324 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys 21:39:33:455 4324 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 21:39:33:493 4324 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 21:39:33:539 4324 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys 21:39:33:577 4324 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 21:39:33:604 4324 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys 21:39:33:637 4324 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 21:39:33:743 4324 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys 21:39:33:792 4324 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 21:39:33:821 4324 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 21:39:33:872 4324 NVENETFD (1657f3fbd9061526c14ff37e79306f98) C:\Windows\system32\DRIVERS\nvm60x32.sys 21:39:33:917 4324 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys 21:39:33:937 4324 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys 21:39:33:968 4324 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys 21:39:34:020 4324 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys 21:39:34:046 4324 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 21:39:34:071 4324 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys 21:39:34:099 4324 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 21:39:34:145 4324 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys 21:39:34:366 4324 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys 21:39:34:401 4324 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys 21:39:34:484 4324 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 21:39:34:535 4324 pelmouse (670824151bf5a291d395f57ef2999cbf) C:\Windows\system32\DRIVERS\pelmouse.sys 21:39:34:584 4324 pelusblf (ee8c61ce8a018a6ad1dfbd90b452e845) C:\Windows\system32\DRIVERS\pelusblf.sys 21:39:34:633 4324 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 21:39:34:670 4324 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\DRIVERS\processr.sys 21:39:34:738 4324 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys 21:39:34:785 4324 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\Windows\system32\Drivers\PxHelp20.sys 21:39:34:862 4324 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys 21:39:34:921 4324 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 21:39:34:954 4324 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 21:39:34:986 4324 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 21:39:35:017 4324 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 21:39:35:057 4324 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys 21:39:35:102 4324 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys 21:39:35:157 4324 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys 21:39:35:182 4324 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 21:39:35:229 4324 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys 21:39:35:258 4324 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 21:39:35:305 4324 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys 21:39:35:381 4324 Revoflt (b9bb8e2093c1615ad6ea55ad96214354) C:\Windows\system32\DRIVERS\revoflt.sys 21:39:35:449 4324 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys 21:39:35:527 4324 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 21:39:35:607 4324 RTL8169 (a1adc7b4c074744662207da6edcdfbb0) C:\Windows\system32\DRIVERS\Rtlh86.sys 21:39:35:655 4324 RTSTOR (e64fe039c7b35ccdc0fff05db544ee58) C:\Windows\system32\drivers\RTSTOR.SYS 21:39:35:714 4324 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 21:39:35:754 4324 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 21:39:35:793 4324 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys 21:39:35:832 4324 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys 21:39:35:871 4324 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 21:39:35:909 4324 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys 21:39:35:938 4324 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys 21:39:35:969 4324 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys 21:39:36:002 4324 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 21:39:36:039 4324 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys 21:39:36:070 4324 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys 21:39:36:105 4324 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys 21:39:36:150 4324 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys 21:39:36:265 4324 SPBBCDrv (dc4dc886d3779c446f9b0e9d6b006e72) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys 21:39:36:317 4324 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 21:39:36:368 4324 SRTSP (e0e54a571d4323567e95e11fe76a5ff3) C:\Windows\system32\Drivers\SRTSP.SYS 21:39:36:428 4324 SRTSPL (4e44f0e22df824d318988caa6f321c30) C:\Windows\system32\Drivers\SRTSPL.SYS 21:39:36:499 4324 SRTSPX (d3bb40427cf3d02e56bba97feda0a3aa) C:\Windows\system32\Drivers\SRTSPX.SYS 21:39:36:567 4324 srv (0debafcc0e3591fca34f077cab62f7f7) C:\Windows\system32\DRIVERS\srv.sys 21:39:36:622 4324 srv2 (6b6f3658e0a58c6c50c5f7fbdf3df633) C:\Windows\system32\DRIVERS\srv2.sys 21:39:36:669 4324 srvnet (0c5ab1892ae0fa504218db094bf6d041) C:\Windows\system32\DRIVERS\srvnet.sys 21:39:36:711 4324 sscdbus (d6870895fe46a464a19141440eb6cc1e) C:\Windows\system32\DRIVERS\sscdbus.sys 21:39:36:757 4324 sscdmdfl (0fe167362e4689b716cdc8d93adedda8) C:\Windows\system32\DRIVERS\sscdmdfl.sys 21:39:36:791 4324 sscdmdm (55a15707e32b6709242ad127e62ca55a) C:\Windows\system32\DRIVERS\sscdmdm.sys 21:39:36:832 4324 ssm_bus (14622ae81c72b08691eedaabc1d4a129) C:\Windows\system32\DRIVERS\ssm_bus.sys 21:39:36:878 4324 ssm_mdfl (43ee5e9fda61a5e0eac4c1de699e6e4d) C:\Windows\system32\DRIVERS\ssm_mdfl.sys 21:39:36:932 4324 ssm_mdm (918cfd32c7feb174f356a0a6fad11f4b) C:\Windows\system32\DRIVERS\ssm_mdm.sys 21:39:36:984 4324 StarOpen (306521935042fc0a6988d528643619b3) C:\Windows\system32\drivers\StarOpen.sys 21:39:37:025 4324 STHDA (2449940565c8590961b4b1e9402ea43e) C:\Windows\system32\DRIVERS\stwrt.sys 21:39:37:062 4324 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 21:39:37:086 4324 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 21:39:37:126 4324 SYMDNS (fe9f8b3a8bc22d85332b42e92308ddf9) C:\Windows\System32\Drivers\SYMDNS.SYS 21:39:37:181 4324 SymEvent (06b95820df51502099a8a15c93e87986) C:\Windows\system32\Drivers\SYMEVENT.SYS 21:39:37:228 4324 SYMFW (a0ea9d273889e53cfaabf2444692ccbf) C:\Windows\System32\Drivers\SYMFW.SYS 21:39:37:270 4324 SymIM (8eab28dd6cd25355b951ae460fa86b48) C:\Windows\system32\DRIVERS\SymIMv.sys 21:39:37:302 4324 SYMNDISV (c94eaca4b522012ee0691f1e79c42a7d) C:\Windows\System32\Drivers\SYMNDISV.SYS 21:39:37:361 4324 SYMREDRV (7c6505ea598e58099d3b7e1f70426864) C:\Windows\System32\Drivers\SYMREDRV.SYS 21:39:37:422 4324 SYMTDI (e6ff7ace71d07ca90119f2c6ab592ba4) C:\Windows\System32\Drivers\SYMTDI.SYS 21:39:37:476 4324 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 21:39:37:498 4324 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 21:39:37:533 4324 SynTP (bf7aa84d5af0faa0978c840e63b17dbf) C:\Windows\system32\DRIVERS\SynTP.sys 21:39:37:633 4324 Tcpip (48cbe6d53632d0067c2d6b20f90d84ca) C:\Windows\system32\drivers\tcpip.sys 21:39:37:722 4324 Tcpip6 (48cbe6d53632d0067c2d6b20f90d84ca) C:\Windows\system32\DRIVERS\tcpip.sys 21:39:37:798 4324 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys 21:39:37:829 4324 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 21:39:37:867 4324 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 21:39:37:926 4324 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys 21:39:37:969 4324 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys 21:39:38:015 4324 TIEHDUSB (a1124ebc672aa3ae1b327096c1dcc346) C:\Windows\system32\drivers\tiehdusb.sys 21:39:38:057 4324 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 21:39:38:094 4324 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 21:39:38:162 4324 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys 21:39:38:202 4324 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys 21:39:38:265 4324 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys 21:39:38:320 4324 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys 21:39:38:356 4324 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys 21:39:38:384 4324 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 21:39:38:404 4324 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 21:39:38:450 4324 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 21:39:38:489 4324 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys 21:39:38:513 4324 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 21:39:38:558 4324 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys 21:39:38:584 4324 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys 21:39:38:609 4324 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys 21:39:38:638 4324 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys 21:39:38:675 4324 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS 21:39:38:714 4324 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys 21:39:38:766 4324 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys 21:39:38:808 4324 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys 21:39:38:847 4324 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 21:39:38:885 4324 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys 21:39:38:918 4324 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys 21:39:38:954 4324 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys 21:39:38:990 4324 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 21:39:39:041 4324 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys 21:39:39:094 4324 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys 21:39:39:126 4324 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys 21:39:39:165 4324 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 21:39:39:204 4324 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 21:39:39:210 4324 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 21:39:39:238 4324 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys 21:39:39:286 4324 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys 21:39:39:399 4324 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS 21:39:39:462 4324 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys 21:39:39:521 4324 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys 21:39:39:559 4324 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 21:39:39:583 4324 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 21:39:39:586 4324 21:39:39:587 4324 Completed 21:39:39:587 4324 21:39:39:588 4324 Results: 21:39:39:588 4324 Registry objects infected / cured / cured on reboot: 0 / 0 / 0 21:39:39:589 4324 File objects infected / cured / cured on reboot: 0 / 0 / 0 21:39:39:589 4324 21:39:39:593 4324 KLMD(ARK) unloaded successfully

salut et encore merci une fois de plus. je n'ai pas pu avoir le rapport OTL avec extra.test voici le rapport rkill.log This log file is located at C:\rkill.log. Please post this only if requested to by the person helping you. Otherwise you can close this log when you wish. Ran as hugues on 06/20/2010 at 21:12:04. Processes terminated by Rkill or while it was running: C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe Rkill completed on 06/20/2010 at 21:12:12. merci une fois de plus pour vos conseils.

salut et merci beaucoup pour ce que vous faites pour trouver une solution a mon probleme voici le premier rapport demande OTL logfile created on: 6/20/2010 7:47:28 PM - Run 2 OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\b\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18928) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 58.00% Memory free 6.00 Gb Paging File | 4.00 Gb Available in Paging File | 78.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 222.84 Gb Total Space | 133.78 Gb Free Space | 60.04% Space Free | Partition Type: NTFS Drive D: | 10.04 Gb Total Space | 1.72 Gb Free Space | 17.09% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: HUGUES-PC Current User Name: hugues Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 90 Days Output = Standard Quick Scan ========== Processes (SafeList) ========== PRC - [2010/06/20 12:55:08 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\b\Desktop\OTL.scr PRC - [2010/06/20 12:53:59 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Users\b\Desktop\OTH.scr PRC - [2010/05/06 13:59:42 | 002,815,192 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2010/05/06 13:59:38 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2009/11/02 17:24:58 | 000,257,440 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10d.exe PRC - [2009/09/28 09:42:50 | 000,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2008/12/04 13:29:32 | 000,131,928 | ---- | M] (Microsoft Corp.) -- C:\Program Files\MSN\Toolbar\3.0.0988.2\msntask.exe PRC - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe PRC - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\CCSVCHST.EXE PRC - [2008/04/16 11:55:02 | 000,221,239 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\stacsv.exe PRC - [2008/03/26 15:26:56 | 000,341,328 | ---- | M] () -- C:\Windows\SMINST\BLService.exe PRC - [2008/02/11 22:05:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\AEstSrv.exe PRC - [2008/02/09 15:06:00 | 000,238,968 | ---- | M] (Symantec Corporation) -- c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe PRC - [2007/12/11 12:15:04 | 000,012,800 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe PRC - [2007/01/04 14:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe ========== Modules (SafeList) ========== MOD - [2010/06/20 12:55:08 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\b\Desktop\OTL.scr MOD - [2010/01/06 13:35:54 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcr80.dll MOD - [2009/09/24 19:10:10 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll MOD - [2009/07/28 05:12:58 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.dll MOD - [2009/04/10 23:28:24 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll MOD - [2009/04/10 23:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLC.dll MOD - [2009/04/10 23:28:22 | 000,231,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll MOD - [2009/04/10 23:28:19 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\EhStorShell.dll MOD - [2009/04/10 23:28:18 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscapi.dll MOD - [2009/04/10 23:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll MOD - [2009/04/10 23:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll MOD - [2009/03/06 05:33:26 | 000,961,888 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll MOD - [2009/02/12 16:19:38 | 000,178,040 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll MOD - [2009/02/12 16:19:32 | 002,217,848 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll MOD - [2008/10/25 12:44:34 | 000,022,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveNew.dll MOD - [2008/01/20 19:25:01 | 000,183,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\duser.dll MOD - [2008/01/20 19:24:56 | 000,326,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\actxprxy.dll MOD - [2008/01/20 19:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx MOD - [2008/01/20 19:23:50 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\thumbcache.dll ========== Win32 Services (SafeList) ========== SRV - [2010/05/06 13:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner) SRV - [2010/05/06 13:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner) SRV - [2010/05/06 13:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2009/09/28 09:42:50 | 000,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2009/09/24 18:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService) SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice) SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService) SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr) SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr) SRV - [2008/09/05 11:52:32 | 003,220,856 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate) SRV - [2008/05/22 18:10:42 | 001,245,064 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC) SRV - [2008/04/16 11:55:02 | 000,221,239 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\stacsv.exe -- (STacSV) SRV - [2008/03/26 15:26:56 | 000,341,328 | ---- | M] () [Auto | Running] -- C:\Windows\SMINST\BLService.exe -- (Recovery Service for Windows) SRV - [2008/02/11 22:05:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\AEstSrv.exe -- (AESTFilters) SRV - [2008/02/09 15:06:00 | 000,238,968 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler) SRV - [2008/01/20 19:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007/12/11 12:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio) SRV - [2007/08/22 00:21:00 | 000,055,640 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost) SRV - [2007/01/04 14:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service) ========== Driver Services (SafeList) ========== DRV - [2010/05/06 13:39:23 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2010/05/06 13:39:00 | 000,164,048 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2010/05/06 13:34:27 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2010/05/06 13:34:10 | 000,051,792 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2010/05/06 13:33:47 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - [2010/02/26 21:34:18 | 000,025,656 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\hpdskflt.sys -- (hpdskflt) DRV - [2010/02/26 21:33:56 | 000,033,848 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer) DRV - [2009/12/30 12:21:16 | 000,027,192 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\revoflt.sys -- (Revoflt) DRV - [2009/09/30 02:00:00 | 001,323,568 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20090930.002\NAVEX15.SYS -- (NAVEX15) DRV - [2009/09/30 02:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2009/09/30 02:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2009/09/30 02:00:00 | 000,084,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20090930.002\NAVENG.SYS -- (NAVENG) DRV - [2009/09/02 04:09:24 | 000,176,128 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2009/07/17 05:40:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2009/02/19 12:31:42 | 000,024,112 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM) DRV - [2009/02/19 12:31:18 | 000,041,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMNDISV.SYS -- (SYMNDISV) DRV - [2009/02/19 12:31:16 | 000,184,496 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI) DRV - [2009/02/19 12:31:16 | 000,096,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMFW.SYS -- (SYMFW) DRV - [2009/02/19 12:31:16 | 000,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV) DRV - [2009/02/19 12:31:16 | 000,013,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMDNS.SYS -- (SYMDNS) DRV - [2009/01/10 09:17:09 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent) DRV - [2008/11/21 22:53:40 | 001,204,128 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2008/09/12 00:33:24 | 000,270,384 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20081106.001\IDSvix86.sys -- (IDSvix86) DRV - [2008/09/05 14:31:42 | 000,447,024 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv) DRV - [2008/07/30 17:42:12 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\COH_Mon.sys -- (COH_Mon) DRV - [2008/04/27 11:07:44 | 000,909,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2008/04/21 20:59:04 | 000,062,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTSTOR.sys -- (RTSTOR) DRV - [2008/04/16 11:58:24 | 000,379,904 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA) DRV - [2008/04/14 15:56:18 | 000,170,000 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\ahcix86s.sys -- (ahcix86s) DRV - [2008/03/28 04:24:16 | 003,544,064 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2008/01/31 16:51:00 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL) DRV - [2008/01/31 16:51:00 | 000,279,088 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP) DRV - [2008/01/31 16:51:00 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX) DRV - [2008/01/23 14:23:12 | 000,052,736 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir) DRV - [2008/01/20 19:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR) DRV - [2008/01/20 19:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2008/01/20 19:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2008/01/20 19:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2008/01/20 19:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2008/01/20 19:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2008/01/20 19:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2008/01/20 19:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2008/01/20 19:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2008/01/20 19:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel® DRV - [2008/01/20 19:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2008/01/20 19:23:23 | 000,654,336 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (winachsf) DRV - [2008/01/20 19:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2008/01/20 19:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2008/01/20 19:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2008/01/20 19:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2008/01/20 19:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2008/01/20 19:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2008/01/20 19:23:22 | 000,987,648 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (HSF_DPV) DRV - [2008/01/20 19:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2008/01/20 19:23:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL) DRV - [2008/01/20 19:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2008/01/20 19:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2008/01/20 19:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2008/01/20 19:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2008/01/20 19:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008/01/20 19:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2008/01/20 19:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2008/01/17 12:31:26 | 000,196,784 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP) DRV - [2008/01/07 13:42:04 | 000,015,416 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\Amddfltr.sys -- (Amddfltr) DRV - [2007/08/08 16:39:00 | 000,036,056 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\CO_Mon.sys -- (CO_Mon) DRV - [2007/07/11 10:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HpqRemHid.sys -- (HpqRemHid) DRV - [2007/07/03 16:58:20 | 000,106,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm) DRV - [2007/07/03 16:57:24 | 000,011,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl) DRV - [2007/07/03 16:54:24 | 000,080,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM) DRV - [2007/06/18 17:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV - [2007/05/02 11:12:36 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssm_mdm.sys -- (ssm_mdm) DRV - [2007/05/02 11:12:36 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssm_mdfl.sys -- (ssm_mdfl) DRV - [2007/05/02 11:12:34 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssm_bus.sys -- (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM) DRV - [2006/11/03 02:33:00 | 000,016,512 | R--- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PELMOUSE.SYS -- (pelmouse) DRV - [2006/11/03 02:33:00 | 000,013,184 | R--- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PELUSBlf.SYS -- (pelusblf) DRV - [2006/11/02 02:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006/11/02 02:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006/11/02 02:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006/11/02 02:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006/11/02 02:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006/11/02 02:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006/11/02 02:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006/11/02 02:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006/11/02 02:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006/11/02 02:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006/11/02 02:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006/11/02 01:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006/11/02 01:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006/11/02 01:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006/11/02 01:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006/11/02 01:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006/11/02 01:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006/11/02 00:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006/11/02 00:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm60x32.sys -- (NVENETFD) DRV - [2006/11/02 00:30:53 | 000,464,384 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XV) DRV - [2006/10/29 13:23:12 | 000,007,680 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO) DRV - [2004/02/04 11:27:56 | 000,049,536 | ---- | M] (Texas Instruments Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tiehdusb.sys -- (TIEHDUSB) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = AOL.com - Welcome to AOL IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = AOL.com - Welcome to AOL IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = {searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Search the Web IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = AOL.com - Welcome to AOL IE - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = AOL.com - Welcome to AOL IE - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = {searchTerms} IE - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Search the Web IE - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.) IE - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> IE - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555 IE - HKU\S-1-5-21-1286651634-2638253971-3409342703-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = AOL.com - Welcome to AOL IE - HKU\S-1-5-21-1286651634-2638253971-3409342703-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = AOL.com - Welcome to AOL IE - HKU\S-1-5-21-1286651634-2638253971-3409342703-1002\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = {searchTerms} IE - HKU\S-1-5-21-1286651634-2638253971-3409342703-1002\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Search the Web IE - HKU\S-1-5-21-1286651634-2638253971-3409342703-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008/11/05 00:58:53 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/02/08 08:42:11 | 000,000,000 | ---D | M] [2010/01/15 01:45:19 | 000,000,000 | ---D | M] -- C:\Users\hugues\AppData\Roaming\Mozilla\Extensions [2010/01/15 01:45:19 | 000,000,000 | ---D | M] -- C:\Users\hugues\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org O1 HOSTS File: ([2006/09/18 14:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.) O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (no name) - {3CA2BCE8-EC1F-44C5-A187-5CFE9A09D893}} - No CLSID value found. O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll (Symantec Corporation) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.) O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll (Yahoo! Inc) O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (&Browsertools by imediacentral.com) - {46BA7FF1-D32A-4369-88BF-882830A8FA67} - C:\Windows\System32\imediacentral_com_browsertools.dll () O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.) O3 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll (Symantec Corporation) O3 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1002\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found. O3 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1002\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll (Symantec Corporation) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software) O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard) O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [Mouse Suite 98 Daemon] C:\Windows\System32\ICO.EXE (Primax Electronics Ltd.) O4 - HKLM..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000..\Run: [imediacentral.com] C:\Windows\System32\recctrl2.exe () O4 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000..\Run: [internetCalls] C:\Program Files\InternetCalls.com\InternetCalls\internetcalls.exe (InternetCalls) O4 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000..\Run: [luduvupf] C:\Users\hugues\AppData\Local\owddcxwut\kvqrbxgtssd.exe (eSXi) O4 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1002..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000..\RunOnce: [shockwave Updater] C:\Windows\System32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -Mozilla\4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident\4.0; File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1 O7 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O7 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) O13 - gopher Prefix: missing O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet) O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet) O15 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\..Trusted Ranges: Range1 ([http] in Local intranet) O15 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1002\..Trusted Ranges: Range1 ([http] in Local intranet) O16 - DPF: {44990B00-3C9D-426D-81DF-AAB636FA4345} https://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlcm.cab (Symantec Configuration Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 68.87.73.246 68.87.71.230 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\hugues\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O24 - Desktop BackupWallPaper: C:\Users\hugues\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008/05/22 19:20:45 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{63c3d3ce-aa61-11de-89d9-001e68ce36a8}\Shell - "" = AutoRun O33 - MountPoints2\{63c3d3ce-aa61-11de-89d9-001e68ce36a8}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [CREATERESTOREPOINT] Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 90 Days ========== [2010/06/20 09:23:20 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010/06/20 09:23:19 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010/06/20 09:23:19 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010/06/19 10:04:39 | 000,000,000 | ---D | C] -- C:\Users\hugues\AppData\Local\owddcxwut [2010/06/07 22:12:14 | 000,164,048 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys [2010/06/07 22:12:14 | 000,019,024 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys [2010/06/07 22:12:12 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys [2010/06/07 22:12:10 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys [2010/06/07 22:12:09 | 000,051,792 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys [2010/06/07 22:11:29 | 000,165,032 | ---- | C] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe [2010/06/07 22:11:29 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\System32\avastSS.scr [2010/06/07 18:45:43 | 000,000,000 | ---D | C] -- C:\Users\hugues\Documents\New Folder [2010/05/22 15:53:15 | 000,000,000 | ---D | C] -- C:\Users\hugues\Documents\graduation [2010/04/24 08:22:22 | 000,000,000 | ---D | C] -- C:\Users\hugues\Documents\award [2010/03/30 04:36:10 | 000,000,000 | ---D | C] -- C:\Users\hugues\Documents\ph204 hugues [2010/03/30 04:36:00 | 000,000,000 | ---D | C] -- C:\Users\hugues\Documents\ch 203 hugues [2010/03/30 04:35:57 | 000,000,000 | ---D | C] -- C:\Users\hugues\Documents\ch204 hugues [2010/03/30 04:35:11 | 000,000,000 | ---D | C] -- C:\Users\hugues\Documents\ch102 hugues [2010/03/30 04:35:10 | 000,000,000 | ---D | C] -- C:\Users\hugues\Documents\bi 204 hugues [2010/03/30 04:35:02 | 000,000,000 | ---D | C] -- C:\Users\hugues\Documents\ph 203 hugues [8 C:\Users\hugues\Documents\*.tmp files -> C:\Users\hugues\Documents\*.tmp -> ] [6 C:\Users\hugues\Desktop\*.tmp files -> C:\Users\hugues\Desktop\*.tmp -> ] ========== Files - Modified Within 90 Days ========== [2010/06/20 19:52:00 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{4FF765DE-3D32-47CA-86EB-2C70321932C3}.job [2010/06/20 19:46:47 | 005,242,880 | -HS- | M] () -- C:\Users\hugues\ntuser.dat [2010/06/20 19:38:55 | 000,524,288 | -HS- | M] () -- C:\Users\hugues\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms [2010/06/20 19:38:55 | 000,065,536 | -HS- | M] () -- C:\Users\hugues\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf [2010/06/20 19:18:06 | 000,000,267 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini [2010/06/20 19:16:46 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010/06/20 19:14:31 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010/06/20 19:14:31 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010/06/20 19:14:31 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010/06/20 19:14:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010/06/20 19:14:14 | 2950,520,832 | -HS- | M] () -- C:\hiberfil.sys [2010/06/20 19:06:37 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010/06/20 09:23:24 | 000,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010/06/20 08:59:45 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2010/06/20 00:10:32 | 003,320,255 | -H-- | M] () -- C:\Users\hugues\AppData\Local\IconCache.db [2010/06/19 22:59:49 | 000,000,632 | RHS- | M] () -- C:\Users\hugues\ntuser.pol [2010/06/17 08:13:43 | 000,035,840 | ---- | M] () -- C:\Users\hugues\Desktop\gc hugues.doc [2010/06/17 08:13:03 | 000,035,840 | ---- | M] () -- C:\Users\hugues\Desktop\GC lab gaelle.doc [2010/06/17 04:46:33 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$ lab gaelle.doc [2010/06/17 04:45:58 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$ hugues.doc [2010/06/17 04:45:30 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$C lab 2.docx [2010/06/13 22:10:56 | 002,614,028 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 09 ch203 organic.pptx [2010/06/13 12:34:15 | 002,614,028 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 09 ch 203 orga.pptx [2010/06/13 12:18:50 | 005,805,056 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 08 ch203 orga.ppt [2010/06/13 12:17:40 | 003,503,964 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 07 ch203 orga.pptx [2010/06/13 12:15:47 | 006,023,586 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 06 ch203 orga.pptx [2010/06/13 12:14:55 | 003,945,009 | ---- | M] () -- C:\Users\hugues\Desktop\chapter ch203 orga.pptx [2010/06/13 12:12:46 | 005,711,819 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 04 ch 203 orga.pptx [2010/06/13 12:10:28 | 003,787,717 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 03 ch203 orga.pptx [2010/06/13 12:07:49 | 007,697,442 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 02 ch203 orga.pptx [2010/06/13 12:05:09 | 009,198,158 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 01 ch203 orga.pptx [2010/06/12 09:09:05 | 000,121,856 | ---- | M] () -- C:\Users\hugues\Desktop\answer exam 1 organic.ppt [2010/06/10 21:47:20 | 000,402,984 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010/06/10 05:32:01 | 000,000,402 | ---- | M] () -- C:\Windows\tasks\EasyShare Registration Task.job [2010/06/09 22:51:53 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2010/06/09 05:56:44 | 000,011,218 | ---- | M] () -- C:\Users\hugues\Desktop\post lab.docx [2010/06/07 22:12:15 | 000,001,840 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2010/06/07 22:12:09 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [2010/06/07 01:49:26 | 000,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010/06/07 01:49:26 | 000,595,684 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010/06/07 01:49:26 | 000,101,350 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010/06/06 09:02:08 | 000,010,553 | ---- | M] () -- C:\Users\hugues\Documents\On your birthday.docx [2010/06/06 08:56:41 | 000,000,430 | ---- | M] () -- C:\Windows\tasks\Driver Robot.job [2010/06/05 07:05:45 | 000,000,000 | ---- | M] () -- C:\ProgramData\LauncherAccess.dt [2010/06/05 07:02:27 | 000,029,184 | ---- | M] () -- C:\Users\hugues\Desktop\Melting Point hugues.doc [2010/06/05 07:01:57 | 000,040,960 | ---- | M] () -- C:\Users\hugues\Desktop\tlc hugues.doc [2010/06/05 07:01:06 | 000,264,704 | ---- | M] () -- C:\Users\hugues\Documents\example lab Report tlc.doc [2010/06/03 00:56:04 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForhugues.job [2010/06/03 00:28:25 | 000,014,299 | ---- | M] () -- C:\Users\hugues\Desktop\TLC lab 2.docx [2010/06/01 00:21:16 | 000,059,982 | ---- | M] () -- C:\Users\hugues\Documents\conversa with ga.docx [2010/05/31 22:48:33 | 000,000,548 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - hugues.job [2010/05/31 02:56:09 | 000,015,737 | ---- | M] () -- C:\Users\hugues\Documents\Selam gaell1.docx [2010/05/27 13:47:40 | 000,021,950 | ---- | M] () -- C:\Users\hugues\Documents\selam gaelle.docx [2010/05/27 10:13:14 | 000,014,782 | ---- | M] () -- C:\Users\hugues\Documents\selam gaelle 1(Autosaved).docx [2010/05/27 10:13:14 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Documents\~$lam gaelle 1(Autosaved).docx [2010/05/26 16:55:16 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Documents\~$lam gaelle.docx [2010/05/26 15:52:00 | 000,164,955 | ---- | M] () -- C:\Users\hugues\Documents\si l'amitie.docx [2010/05/26 14:23:03 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Documents\~$ l'amitie.docx [2010/05/26 13:27:01 | 000,028,514 | ---- | M] () -- C:\Users\hugues\Documents\excuse moi pour today.docx [2010/05/26 12:31:41 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Documents\~$cuse moi pour today.docx [2010/05/26 08:58:25 | 000,012,493 | ---- | M] () -- C:\Users\hugues\Documents\tu sais quoi.docx [2010/05/15 07:34:23 | 000,050,688 | ---- | M] () -- C:\Users\hugues\Documents\PH204_Practice_Final_Exam.doc [2010/05/12 18:23:13 | 000,021,346 | ---- | M] () -- C:\Users\hugues\Documents\harmonic.docx [2010/05/11 21:26:22 | 000,024,819 | ---- | M] () -- C:\Users\hugues\Documents\gaelle micro.docx [2010/05/10 14:21:24 | 000,069,120 | ---- | M] () -- C:\Users\hugues\Documents\BIOL_4501_F04_exam2.doc [2010/05/10 13:30:12 | 000,219,136 | ---- | M] () -- C:\Users\hugues\Documents\Chapter17web.doc [2010/05/10 13:24:23 | 000,133,120 | ---- | M] () -- C:\Users\hugues\Documents\Chapter16web.doc [2010/05/10 13:14:25 | 000,055,296 | ---- | M] () -- C:\Users\hugues\Documents\BI 203 Test 17.doc [2010/05/10 13:12:06 | 000,074,240 | ---- | M] () -- C:\Users\hugues\Documents\BI 203 Test 16.doc [2010/05/10 13:00:15 | 000,062,976 | ---- | M] () -- C:\Users\hugues\Documents\ch_15_test_bank biology.doc [2010/05/10 12:34:07 | 000,196,096 | ---- | M] () -- C:\Users\hugues\Documents\Lect Notes 203.doc [2010/05/10 11:37:15 | 000,298,496 | ---- | M] () -- C:\Users\hugues\Documents\ch_14_test_bank micro.doc [2010/05/09 12:26:43 | 000,018,180 | ---- | M] () -- C:\Users\hugues\Documents\vocabulary for microbiology chapter 14.docx [2010/05/09 12:26:43 | 000,018,180 | ---- | M] () -- C:\Users\hugues\Desktop\vocabulary for microbiology chapter 14.docx [2010/05/08 13:06:35 | 000,076,288 | ---- | M] () -- C:\Users\hugues\Documents\ch_14_instructor_guide.doc [2010/05/08 13:03:26 | 000,045,568 | ---- | M] () -- C:\Users\hugues\Documents\objective chapter micro.doc [2010/05/06 21:40:35 | 000,048,128 | ---- | M] () -- C:\Users\hugues\Documents\Exam2 F2006.doc [2010/05/06 13:59:57 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\Windows\System32\avastSS.scr [2010/05/06 13:59:36 | 000,165,032 | ---- | M] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe [2010/05/06 13:53:13 | 000,054,272 | ---- | M] () -- C:\Users\hugues\Documents\Unknown Lab Report.doc [2010/05/06 13:53:04 | 000,013,972 | ---- | M] () -- C:\Users\hugues\Documents\Jean Emmanuel Durace Professor Steve Microbiology Unknown.docx [2010/05/06 13:39:23 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys [2010/05/06 13:39:00 | 000,164,048 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys [2010/05/06 13:34:27 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys [2010/05/06 13:34:10 | 000,051,792 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys [2010/05/06 13:33:47 | 000,019,024 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys [2010/05/06 12:12:50 | 000,068,096 | ---- | M] () -- C:\Users\hugues\Documents\unknown 10.doc [2010/05/05 18:22:29 | 000,070,926 | ---- | M] () -- C:\Users\hugues\Documents\heat and fusion lab.docx [2010/05/05 07:06:29 | 001,743,872 | ---- | M] () -- C:\Users\hugues\Documents\chapter11book.doc [2010/05/05 04:49:56 | 000,212,480 | ---- | M] () -- C:\Users\hugues\Documents\chapter10 book pb.doc [2010/05/05 04:36:14 | 000,251,904 | ---- | M] () -- C:\Users\hugues\Documents\Energy-in-Thermal-Processes.ppt [2010/05/05 04:35:47 | 001,728,000 | ---- | M] () -- C:\Users\hugues\Documents\Vibrations-and-Waves.ppt [2010/05/03 09:06:27 | 000,032,979 | ---- | M] () -- C:\Users\hugues\Documents\Cinchona and its Product.docx [2010/05/03 07:56:06 | 000,015,608 | ---- | M] () -- C:\Users\hugues\Documents\conversation with sylvie.docx [2010/05/02 10:08:05 | 000,029,757 | ---- | M] () -- C:\Users\hugues\Documents\GNLD Online Store.docx [2010/05/01 05:30:01 | 000,037,376 | ---- | M] () -- C:\Users\hugues\Documents\Answer Key acs Test 2.doc [2010/05/01 05:29:02 | 000,033,792 | ---- | M] () -- C:\Users\hugues\Documents\Answer Key acsTest 1.doc [2010/05/01 05:27:41 | 000,096,768 | ---- | M] () -- C:\Users\hugues\Documents\ACS Practice Test 1.doc [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010/04/28 17:19:48 | 000,062,281 | ---- | M] () -- C:\Users\hugues\Documents\archimed.docx [2010/04/28 16:36:21 | 000,062,464 | ---- | M] () -- C:\Users\hugues\Documents\212Lab01_Archimedes.doc [2010/04/28 16:02:55 | 000,167,424 | ---- | M] () -- C:\Users\hugues\Documents\Archimedes.doc [2010/04/28 16:02:49 | 000,046,592 | ---- | M] () -- C:\Users\hugues\Documents\me313-5W08.doc [2010/04/28 16:02:49 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$313-5W08.doc [2010/04/28 07:38:12 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$chimedes.doc [2010/04/28 07:33:58 | 000,234,496 | ---- | M] () -- C:\Users\hugues\Documents\Fluid.doc [2010/04/28 07:33:58 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$Fluid.doc [2010/04/28 07:29:05 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$2Lab01_Archimedes.doc [2010/04/28 05:51:18 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$chimed.docx [2010/04/28 05:01:40 | 005,795,840 | ---- | M] () -- C:\Users\hugues\Documents\Chapter17_LEC.ppt [2010/04/28 04:55:31 | 010,184,192 | ---- | M] () -- C:\Users\hugues\Documents\Chapter15_LEC.ppt [2010/04/28 04:54:58 | 012,636,160 | ---- | M] () -- C:\Users\hugues\Documents\Chapter16_ chemistry.ppt [2010/04/26 06:46:42 | 000,378,373 | ---- | M] () -- C:\Users\hugues\Documents\A block of cherry wood that is 20 cm long.docx [2010/04/25 20:26:38 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$oblem1.docx [2010/04/25 20:26:35 | 000,011,353 | ---- | M] () -- C:\Users\hugues\Documents\Problem1.docx [2010/04/25 16:55:57 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$block of cherry wood that is 20 cm long.docx [2010/04/25 16:54:30 | 002,040,832 | ---- | M] () -- C:\Users\hugues\Documents\problem chapter7 prof.doc [2010/04/25 16:54:30 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$oblem chapter7 prof.doc [2010/04/25 16:53:48 | 002,890,240 | ---- | M] () -- C:\Users\hugues\Documents\prob chapter9 prof.doc [2010/04/25 16:53:48 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$ob chapter9 prof.doc [2010/04/25 16:52:28 | 005,068,288 | ---- | M] () -- C:\Users\hugues\Documents\sln chapter9 prof.doc [2010/04/25 16:52:28 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$n chapter9 prof.doc [2010/04/25 16:51:37 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$n chapter7 prof.doc [2010/04/25 16:51:36 | 006,416,896 | ---- | M] () -- C:\Users\hugues\Documents\sln chapter7 prof.doc [2010/04/25 16:48:25 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Documents\~$n chapter8 problem prof.doc [2010/04/25 16:48:24 | 019,233,280 | ---- | M] () -- C:\Users\hugues\Documents\sln chapter8 problem prof.doc [2010/04/25 16:47:39 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$apter8 physic problems prof.doc [2010/04/21 17:11:22 | 000,055,770 | ---- | M] () -- C:\Users\hugues\Documents\lab equilibruim.docx [2010/04/21 15:19:46 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$b equilibruim.docx [2010/04/21 10:42:37 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$ysics lab 7.docx [2010/04/21 10:42:36 | 000,011,316 | ---- | M] () -- C:\Users\hugues\Documents\physics lab 7.docx [2010/04/21 10:41:51 | 000,012,814 | ---- | M] () -- C:\Users\hugues\Documents\physics (2).docx [2010/04/19 08:15:33 | 001,886,208 | ---- | M] () -- C:\Users\hugues\Documents\Rotational-Equilibrium-and-dynamics.ppt [2010/04/19 07:41:41 | 000,947,200 | ---- | M] () -- C:\Users\hugues\Documents\exam biolo.doc [2010/04/19 07:32:37 | 000,196,096 | ---- | M] () -- C:\Users\hugues\Documents\Lect Notes 203.doc [2010/04/18 22:28:19 | 000,057,344 | ---- | M] () -- C:\Users\hugues\Documents\ch_11_instructor_guide micro.doc [2010/04/14 09:54:20 | 000,124,928 | ---- | M] () -- C:\Users\hugues\Documents\Centripetal Force Lab.doc [2010/04/14 09:54:18 | 000,084,480 | ---- | M] () -- C:\Users\hugues\Documents\Centf.doc [2010/04/14 09:54:15 | 000,076,800 | ---- | M] () -- C:\Users\hugues\Documents\centrip force.doc [2010/04/14 09:54:13 | 000,086,528 | ---- | M] () -- C:\Users\hugues\Documents\cenf-inquiry.doc [2010/04/14 09:46:30 | 000,106,976 | ---- | M] () -- C:\Users\hugues\Documents\momentum lab.docx [2010/04/14 09:46:30 | 000,106,976 | ---- | M] () -- C:\Users\hugues\Documents\momentum lab (2).docx [2010/04/14 05:17:50 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$Centf.doc [2010/04/14 05:17:06 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$ntripetal Force Lab.doc [2010/04/14 05:16:31 | 000,396,800 | ---- | M] () -- C:\Users\hugues\Documents\5centrip.doc [2010/04/14 05:16:31 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$entrip.doc [2010/04/14 05:15:55 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$nf-inquiry.doc [2010/04/14 05:07:38 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Documents\~$ntrip force.doc [2010/04/14 04:58:33 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$mentum lab.docx [2010/04/14 04:08:51 | 001,241,267 | ---- | M] () -- C:\Users\hugues\Documents\J presentation psychology 203.pptx [2010/04/13 07:47:05 | 000,039,936 | ---- | M] () -- C:\Users\hugues\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/04/13 04:29:59 | 002,408,960 | ---- | M] () -- C:\Users\hugues\Documents\presentation psychology 203.ppt [2010/04/12 06:44:35 | 004,642,304 | ---- | M] () -- C:\Users\hugues\Documents\SENTENC FRAGMENTS powerpoint.ppt [2010/04/12 06:18:30 | 001,015,808 | ---- | M] () -- C:\Users\hugues\Documents\presentation0280.ppt [2010/04/12 06:17:15 | 000,841,216 | ---- | M] () -- C:\Users\hugues\Documents\07WorldDataSheet_presentation.ppt [2010/04/12 06:13:22 | 004,029,440 | ---- | M] () -- C:\Users\hugues\Documents\BioMalnutritionP1.ppt [2010/04/12 06:10:49 | 000,391,168 | ---- | M] () -- C:\Users\hugues\Documents\obesity and malnutrition.ppt [2010/04/12 06:10:01 | 000,894,976 | ---- | M] () -- C:\Users\hugues\Documents\Malnutrition.ppt [2010/04/12 06:09:34 | 003,162,112 | ---- | M] () -- C:\Users\hugues\Documents\Malnutrition as the Neglected Disease_Davidson.ppt [2010/04/08 07:26:18 | 000,037,442 | ---- | M] () -- C:\Users\hugues\Documents\practicetest3.pdf [2010/04/08 07:25:18 | 000,242,250 | ---- | M] () -- C:\Users\hugues\Documents\Quiz%203%20stat[1].docx [2010/04/08 07:25:18 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Documents\~$iz 3 stat[1].docx [2010/04/04 23:35:11 | 000,011,936 | ---- | M] () -- C:\Users\hugues\Documents\happy easter.docx [2010/04/04 13:25:59 | 000,026,112 | ---- | M] () -- C:\Users\hugues\Documents\agnes1.doc [2010/04/04 13:25:15 | 000,026,624 | ---- | M] () -- C:\Users\hugues\Documents\agnes.doc [2010/03/31 17:54:14 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Documents\~$gues exam.docx [2010/03/31 17:54:12 | 008,835,402 | ---- | M] () -- C:\Users\hugues\Documents\hugues exam.docx [2010/03/31 17:47:48 | 003,130,576 | ---- | M] () -- C:\Users\hugues\Documents\exammm physique 3.docx [2010/03/31 17:43:18 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Documents\~$am2 de physic.docx [2010/03/31 16:57:43 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Documents\~$ammm physique 3.docx [2010/03/31 16:51:27 | 002,976,736 | ---- | M] () -- C:\Users\hugues\Documents\exam2 de physic.docx [2010/03/31 09:07:40 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Documents\~$r08adysaprojesi-10642.doc [2010/03/31 08:57:16 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Documents\~$ojectile motionn.doc [2010/03/31 05:49:01 | 002,760,351 | ---- | M] () -- C:\Users\hugues\Documents\exam2 physic.docx [2010/03/28 23:13:19 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Documents\~$am2 physic.docx [2010/03/28 11:00:19 | 000,025,088 | ---- | M] () -- C:\Users\hugues\Documents\lab report 5 gaelle.doc [2010/03/28 11:00:19 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Documents\~$b report 5 gaelle.doc [2010/03/28 10:09:01 | 000,029,915 | ---- | M] () -- C:\Users\hugues\Documents\hug atwood.docx [2010/03/28 10:05:26 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Documents\~$g atwood.docx [2010/03/28 09:34:08 | 000,011,224 | ---- | M] () -- C:\Users\hugues\Documents\modication essay UM.docx [2010/03/28 09:33:56 | 000,012,139 | ---- | M] () -- C:\Users\hugues\Documents\essay of university of maryland..docx [2010/03/28 09:33:44 | 000,011,241 | ---- | M] () -- C:\Users\hugues\Documents\essay numero deux de l universite de MD.docx [2010/03/27 15:03:24 | 000,010,099 | ---- | M] () -- C:\Users\hugues\Documents\9278 adelphi road hyastville.docx [2010/03/27 10:10:40 | 000,228,538 | ---- | M] () -- C:\Users\hugues\Documents\NEWPORT.dotx [2010/03/24 10:23:45 | 000,028,756 | ---- | M] () -- C:\Users\hugues\Documents\lab report 4.docx [2010/03/24 07:23:30 | 000,011,081 | ---- | M] () -- C:\Users\hugues\Documents\physics lab 5..docx [2010/03/24 05:12:41 | 000,041,984 | ---- | M] () -- C:\Users\hugues\Documents\Atwood.doc [2010/03/24 05:12:04 | 000,033,280 | ---- | M] () -- C:\Users\hugues\Documents\Lab 7-Atwood's Machine.doc [2010/03/24 05:11:35 | 000,039,936 | ---- | M] () -- C:\Users\hugues\Documents\atwoodx.doc [8 C:\Users\hugues\Documents\*.tmp files -> C:\Users\hugues\Documents\*.tmp -> ] [6 C:\Users\hugues\Desktop\*.tmp files -> C:\Users\hugues\Desktop\*.tmp -> ] ========== Files Created - No Company Name ========== [2010/06/20 09:23:24 | 000,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010/06/19 22:59:49 | 000,000,632 | RHS- | C] () -- C:\Users\hugues\ntuser.pol [2010/06/17 04:46:33 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$ lab gaelle.doc [2010/06/17 04:45:58 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$ hugues.doc [2010/06/17 04:45:56 | 000,035,840 | ---- | C] () -- C:\Users\hugues\Desktop\gc hugues.doc [2010/06/17 04:45:30 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$C lab 2.docx [2010/06/17 04:22:13 | 000,035,840 | ---- | C] () -- C:\Users\hugues\Desktop\GC lab gaelle.doc [2010/06/13 22:10:39 | 002,614,028 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 09 ch203 organic.pptx [2010/06/13 12:34:00 | 002,614,028 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 09 ch 203 orga.pptx [2010/06/13 12:18:46 | 005,805,056 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 08 ch203 orga.ppt [2010/06/13 12:17:24 | 003,503,964 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 07 ch203 orga.pptx [2010/06/13 12:15:43 | 006,023,586 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 06 ch203 orga.pptx [2010/06/13 12:14:37 | 003,945,009 | ---- | C] () -- C:\Users\hugues\Desktop\chapter ch203 orga.pptx [2010/06/13 12:12:42 | 005,711,819 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 04 ch 203 orga.pptx [2010/06/13 12:10:24 | 003,787,717 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 03 ch203 orga.pptx [2010/06/13 12:07:44 | 007,697,442 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 02 ch203 orga.pptx [2010/06/13 12:05:05 | 009,198,158 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 01 ch203 orga.pptx [2010/06/12 09:08:59 | 000,121,856 | ---- | C] () -- C:\Users\hugues\Desktop\answer exam 1 organic.ppt [2010/06/09 05:44:17 | 000,011,218 | ---- | C] () -- C:\Users\hugues\Desktop\post lab.docx [2010/06/07 22:13:05 | 000,001,971 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2010/06/07 22:12:15 | 000,001,840 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2010/06/06 09:02:00 | 000,010,553 | ---- | C] () -- C:\Users\hugues\Documents\On your birthday.docx [2010/06/05 07:01:05 | 000,264,704 | ---- | C] () -- C:\Users\hugues\Documents\example lab Report tlc.doc [2010/06/03 00:28:24 | 000,014,299 | ---- | C] () -- C:\Users\hugues\Desktop\TLC lab 2.docx [2010/06/02 23:11:37 | 000,040,960 | ---- | C] () -- C:\Users\hugues\Desktop\tlc hugues.doc [2010/06/02 23:05:41 | 000,012,814 | ---- | C] () -- C:\Users\hugues\Documents\physics (2).docx [2010/06/02 23:05:30 | 000,069,120 | ---- | C] () -- C:\Users\hugues\Documents\BIOL_4501_F04_exam2.doc [2010/06/02 23:05:30 | 000,057,344 | ---- | C] () -- C:\Users\hugues\Documents\ch_11_instructor_guide micro.doc [2010/06/02 23:05:30 | 000,050,688 | ---- | C] () -- C:\Users\hugues\Documents\PH204_Practice_Final_Exam.doc [2010/06/02 23:05:30 | 000,024,819 | ---- | C] () -- C:\Users\hugues\Documents\gaelle micro.docx [2010/06/02 23:05:30 | 000,001,871 | ---- | C] () -- C:\Users\hugues\Documents\HP Help and Support.lnk [2010/06/02 23:05:29 | 000,298,496 | ---- | C] () -- C:\Users\hugues\Documents\ch_14_test_bank micro.doc [2010/06/02 23:05:29 | 000,219,136 | ---- | C] () -- C:\Users\hugues\Documents\Chapter17web.doc [2010/06/02 23:05:29 | 000,196,096 | ---- | C] () -- C:\Users\hugues\Documents\Lect Notes 203.doc [2010/06/02 23:05:29 | 000,133,120 | ---- | C] () -- C:\Users\hugues\Documents\Chapter16web.doc [2010/06/02 23:05:29 | 000,076,288 | ---- | C] () -- C:\Users\hugues\Documents\ch_14_instructor_guide.doc [2010/06/02 23:05:29 | 000,074,240 | ---- | C] () -- C:\Users\hugues\Documents\BI 203 Test 16.doc [2010/06/02 23:05:29 | 000,062,976 | ---- | C] () -- C:\Users\hugues\Documents\ch_15_test_bank biology.doc [2010/06/02 23:05:29 | 000,055,296 | ---- | C] () -- C:\Users\hugues\Documents\BI 203 Test 17.doc [2010/06/02 23:05:29 | 000,021,346 | ---- | C] () -- C:\Users\hugues\Documents\harmonic.docx [2010/06/02 23:05:29 | 000,018,180 | ---- | C] () -- C:\Users\hugues\Documents\vocabulary for microbiology chapter 14.docx [2010/06/02 23:05:28 | 001,743,872 | ---- | C] () -- C:\Users\hugues\Documents\chapter11book.doc [2010/06/02 23:05:28 | 000,251,904 | ---- | C] () -- C:\Users\hugues\Documents\Energy-in-Thermal-Processes.ppt [2010/06/02 23:05:28 | 000,070,926 | ---- | C] () -- C:\Users\hugues\Documents\heat and fusion lab.docx [2010/06/02 23:05:28 | 000,054,272 | ---- | C] () -- C:\Users\hugues\Documents\Unknown Lab Report.doc [2010/06/02 23:05:28 | 000,048,128 | ---- | C] () -- C:\Users\hugues\Documents\Exam2 F2006.doc [2010/06/02 23:05:28 | 000,045,568 | ---- | C] () -- C:\Users\hugues\Documents\objective chapter micro.doc [2010/06/02 23:05:28 | 000,013,972 | ---- | C] () -- C:\Users\hugues\Documents\Jean Emmanuel Durace Professor Steve Microbiology Unknown.docx [2010/06/02 23:05:27 | 001,728,000 | ---- | C] () -- C:\Users\hugues\Documents\Vibrations-and-Waves.ppt [2010/06/02 23:05:27 | 000,234,496 | ---- | C] () -- C:\Users\hugues\Documents\Fluid.doc [2010/06/02 23:05:27 | 000,167,424 | ---- | C] () -- C:\Users\hugues\Documents\Archimedes.doc [2010/06/02 23:05:27 | 000,096,768 | ---- | C] () -- C:\Users\hugues\Documents\ACS Practice Test 1.doc [2010/06/02 23:05:27 | 000,062,464 | ---- | C] () -- C:\Users\hugues\Documents\212Lab01_Archimedes.doc [2010/06/02 23:05:27 | 000,046,592 | ---- | C] () -- C:\Users\hugues\Documents\me313-5W08.doc [2010/06/02 23:05:27 | 000,037,376 | ---- | C] () -- C:\Users\hugues\Documents\Answer Key acs Test 2.doc [2010/06/02 23:05:27 | 000,033,792 | ---- | C] () -- C:\Users\hugues\Documents\Answer Key acsTest 1.doc [2010/06/02 23:05:27 | 000,032,979 | ---- | C] () -- C:\Users\hugues\Documents\Cinchona and its Product.docx [2010/06/02 23:05:27 | 000,029,757 | ---- | C] () -- C:\Users\hugues\Documents\GNLD Online Store.docx [2010/06/02 23:05:26 | 005,795,840 | ---- | C] () -- C:\Users\hugues\Documents\Chapter17_LEC.ppt [2010/06/02 23:05:26 | 000,062,281 | ---- | C] () -- C:\Users\hugues\Documents\archimed.docx [2010/06/02 23:05:25 | 010,184,192 | ---- | C] () -- C:\Users\hugues\Documents\Chapter15_LEC.ppt [2010/06/02 23:05:23 | 012,636,160 | ---- | C] () -- C:\Users\hugues\Documents\Chapter16_ chemistry.ppt [2010/06/02 23:05:23 | 000,378,373 | ---- | C] () -- C:\Users\hugues\Documents\A block of cherry wood that is 20 cm long.docx [2010/06/02 23:05:23 | 000,011,353 | ---- | C] () -- C:\Users\hugues\Documents\Problem1.docx [2010/06/02 23:05:22 | 006,416,896 | ---- | C] () -- C:\Users\hugues\Documents\sln chapter7 prof.doc [2010/06/02 23:05:22 | 005,068,288 | ---- | C] () -- C:\Users\hugues\Documents\sln chapter9 prof.doc [2010/06/02 23:05:22 | 002,890,240 | ---- | C] () -- C:\Users\hugues\Documents\prob chapter9 prof.doc [2010/06/02 23:05:22 | 002,040,832 | ---- | C] () -- C:\Users\hugues\Documents\problem chapter7 prof.doc [2010/06/02 23:05:22 | 001,886,208 | ---- | C] () -- C:\Users\hugues\Documents\Rotational-Equilibrium-and-dynamics.ppt [2010/06/02 23:05:22 | 000,055,770 | ---- | C] () -- C:\Users\hugues\Documents\lab equilibruim.docx [2010/06/02 23:05:22 | 000,011,316 | ---- | C] () -- C:\Users\hugues\Documents\physics lab 7.docx [2010/06/02 23:05:21 | 000,947,200 | ---- | C] () -- C:\Users\hugues\Documents\exam biolo.doc [2010/06/02 23:05:21 | 000,196,096 | ---- | C] () -- C:\Users\hugues\Documents\Lect Notes 203.doc [2010/06/02 05:22:59 | 000,029,184 | ---- | C] () -- C:\Users\hugues\Desktop\Melting Point hugues.doc [2010/06/01 00:21:14 | 000,059,982 | ---- | C] () -- C:\Users\hugues\Documents\conversa with ga.docx [2010/05/31 01:40:55 | 000,015,737 | ---- | C] () -- C:\Users\hugues\Documents\Selam gaell1.docx [2010/05/27 10:13:14 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Documents\~$lam gaelle 1(Autosaved).docx [2010/05/27 10:13:13 | 000,014,782 | ---- | C] () -- C:\Users\hugues\Documents\selam gaelle 1(Autosaved).docx [2010/05/26 16:55:16 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Documents\~$lam gaelle.docx [2010/05/26 14:23:03 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Documents\~$ l'amitie.docx [2010/05/26 14:23:02 | 000,164,955 | ---- | C] () -- C:\Users\hugues\Documents\si l'amitie.docx [2010/05/26 12:31:41 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Documents\~$cuse moi pour today.docx [2010/05/26 12:31:39 | 000,028,514 | ---- | C] () -- C:\Users\hugues\Documents\excuse moi pour today.docx [2010/05/26 08:58:23 | 000,012,493 | ---- | C] () -- C:\Users\hugues\Documents\tu sais quoi.docx [2010/05/26 08:58:06 | 000,021,950 | ---- | C] () -- C:\Users\hugues\Documents\selam gaelle.docx [2010/05/09 12:26:41 | 000,018,180 | ---- | C] () -- C:\Users\hugues\Desktop\vocabulary for microbiology chapter 14.docx [2010/05/06 04:23:33 | 000,068,096 | ---- | C] () -- C:\Users\hugues\Documents\unknown 10.doc [2010/05/05 04:49:50 | 000,212,480 | ---- | C] () -- C:\Users\hugues\Documents\chapter10 book pb.doc [2010/05/03 07:56:05 | 000,015,608 | ---- | C] () -- C:\Users\hugues\Documents\conversation with sylvie.docx [2010/04/28 16:02:49 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$313-5W08.doc [2010/04/28 07:38:12 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$chimedes.doc [2010/04/28 07:33:58 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$Fluid.doc [2010/04/28 07:29:05 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$2Lab01_Archimedes.doc [2010/04/28 05:51:18 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$chimed.docx [2010/04/25 20:26:38 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$oblem1.docx [2010/04/25 16:55:57 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$block of cherry wood that is 20 cm long.docx [2010/04/25 16:54:30 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$oblem chapter7 prof.doc [2010/04/25 16:53:48 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$ob chapter9 prof.doc [2010/04/25 16:52:28 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$n chapter9 prof.doc [2010/04/25 16:51:37 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$n chapter7 prof.doc [2010/04/25 16:48:25 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Documents\~$n chapter8 problem prof.doc [2010/04/25 16:48:09 | 019,233,280 | ---- | C] () -- C:\Users\hugues\Documents\sln chapter8 problem prof.doc [2010/04/25 16:47:39 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$apter8 physic problems prof.doc [2010/04/21 15:19:46 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$b equilibruim.docx [2010/04/21 10:42:37 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$ysics lab 7.docx [2010/04/15 05:23:40 | 000,106,976 | ---- | C] () -- C:\Users\hugues\Documents\momentum lab (2).docx [2010/04/15 05:23:25 | 000,000,104 | ---- | C] () -- C:\Users\hugues\Documents\Internet - Shortcut.lnk [2010/04/15 05:22:17 | 000,894,976 | ---- | C] () -- C:\Users\hugues\Documents\Malnutrition.ppt [2010/04/15 05:22:17 | 000,391,168 | ---- | C] () -- C:\Users\hugues\Documents\obesity and malnutrition.ppt [2010/04/15 05:22:16 | 004,642,304 | ---- | C] () -- C:\Users\hugues\Documents\SENTENC FRAGMENTS powerpoint.ppt [2010/04/15 05:22:16 | 004,029,440 | ---- | C] () -- C:\Users\hugues\Documents\BioMalnutritionP1.ppt [2010/04/15 05:22:16 | 003,162,112 | ---- | C] () -- C:\Users\hugues\Documents\Malnutrition as the Neglected Disease_Davidson.ppt [2010/04/15 05:22:16 | 002,408,960 | ---- | C] () -- C:\Users\hugues\Documents\presentation psychology 203.ppt [2010/04/15 05:22:16 | 001,241,267 | ---- | C] () -- C:\Users\hugues\Documents\J presentation psychology 203.pptx [2010/04/15 05:22:16 | 001,015,808 | ---- | C] () -- C:\Users\hugues\Documents\presentation0280.ppt [2010/04/15 05:22:16 | 000,841,216 | ---- | C] () -- C:\Users\hugues\Documents\07WorldDataSheet_presentation.ppt [2010/04/15 05:22:16 | 000,396,800 | ---- | C] () -- C:\Users\hugues\Documents\5centrip.doc [2010/04/15 05:22:16 | 000,124,928 | ---- | C] () -- C:\Users\hugues\Documents\Centripetal Force Lab.doc [2010/04/15 05:22:16 | 000,106,976 | ---- | C] () -- C:\Users\hugues\Documents\momentum lab.docx [2010/04/15 05:22:16 | 000,086,528 | ---- | C] () -- C:\Users\hugues\Documents\cenf-inquiry.doc [2010/04/15 05:22:16 | 000,084,480 | ---- | C] () -- C:\Users\hugues\Documents\Centf.doc [2010/04/15 05:22:16 | 000,026,624 | ---- | C] () -- C:\Users\hugues\Documents\agnes.doc [2010/04/15 05:22:16 | 000,026,112 | ---- | C] () -- C:\Users\hugues\Documents\agnes1.doc [2010/04/14 05:17:50 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$Centf.doc [2010/04/14 05:17:06 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$ntripetal Force Lab.doc [2010/04/14 05:16:31 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$entrip.doc [2010/04/14 05:15:55 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$nf-inquiry.doc [2010/04/14 05:07:38 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Documents\~$ntrip force.doc [2010/04/14 05:07:36 | 000,076,800 | ---- | C] () -- C:\Users\hugues\Documents\centrip force.doc [2010/04/14 04:58:33 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$mentum lab.docx [2010/04/08 07:26:18 | 000,037,442 | ---- | C] () -- C:\Users\hugues\Documents\practicetest3.pdf [2010/04/08 07:25:18 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Documents\~$iz 3 stat[1].docx [2010/04/08 07:25:14 | 000,242,250 | ---- | C] () -- C:\Users\hugues\Documents\Quiz%203%20stat[1].docx [2010/04/04 23:35:09 | 000,011,936 | ---- | C] () -- C:\Users\hugues\Documents\happy easter.docx [2010/03/31 17:54:14 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Documents\~$gues exam.docx [2010/03/31 17:53:54 | 008,835,402 | ---- | C] () -- C:\Users\hugues\Documents\hugues exam.docx [2010/03/31 17:43:18 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Documents\~$am2 de physic.docx [2010/03/31 16:57:43 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Documents\~$ammm physique 3.docx [2010/03/31 16:57:37 | 003,130,576 | ---- | C] () -- C:\Users\hugues\Documents\exammm physique 3.docx [2010/03/31 15:14:30 | 002,976,736 | ---- | C] () -- C:\Users\hugues\Documents\exam2 de physic.docx [2010/03/31 09:07:40 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Documents\~$r08adysaprojesi-10642.doc [2010/03/31 08:57:16 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Documents\~$ojectile motionn.doc [2010/03/28 23:13:19 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Documents\~$am2 physic.docx [2010/03/28 23:13:16 | 002,760,351 | ---- | C] () -- C:\Users\hugues\Documents\exam2 physic.docx [2010/03/28 11:00:19 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Documents\~$b report 5 gaelle.doc [2010/03/28 11:00:17 | 000,025,088 | ---- | C] () -- C:\Users\hugues\Documents\lab report 5 gaelle.doc [2010/03/28 10:05:26 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Documents\~$g atwood.docx [2010/03/28 10:05:25 | 000,029,915 | ---- | C] () -- C:\Users\hugues\Documents\hug atwood.docx [2010/03/28 09:34:08 | 000,011,224 | ---- | C] () -- C:\Users\hugues\Documents\modication essay UM.docx [2010/03/28 09:33:56 | 000,012,139 | ---- | C] () -- C:\Users\hugues\Documents\essay of university of maryland..docx [2010/03/28 09:33:42 | 000,011,241 | ---- | C] () -- C:\Users\hugues\Documents\essay numero deux de l universite de MD.docx [2010/03/27 15:03:22 | 000,010,099 | ---- | C] () -- C:\Users\hugues\Documents\9278 adelphi road hyastville.docx [2010/03/27 07:51:53 | 000,228,538 | ---- | C] () -- C:\Users\hugues\Documents\NEWPORT.dotx [2010/03/24 07:23:28 | 000,011,081 | ---- | C] () -- C:\Users\hugues\Documents\physics lab 5..docx [2010/03/24 05:12:38 | 000,041,984 | ---- | C] () -- C:\Users\hugues\Documents\Atwood.doc [2010/03/24 05:12:20 | 000,028,756 | ---- | C] () -- C:\Users\hugues\Documents\lab report 4.docx [2010/03/24 05:12:02 | 000,033,280 | ---- | C] () -- C:\Users\hugues\Documents\Lab 7-Atwood's Machine.doc [2010/03/24 05:11:32 | 000,039,936 | ---- | C] () -- C:\Users\hugues\Documents\atwoodx.doc [2009/09/18 07:33:28 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009/06/13 08:36:24 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2009/05/30 23:05:15 | 000,719,360 | ---- | C] () -- C:\Windows\System32\imediacentral_com_browsertools.dll [2009/05/30 23:05:15 | 000,343,040 | ---- | C] () -- C:\Windows\System32\browsertools_helper.dll [2009/03/05 07:54:58 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2009/02/22 14:33:20 | 000,001,208 | ---- | C] () -- C:\Windows\Radio_Fr.ini [2008/10/12 05:07:08 | 000,008,771 | ---- | C] () -- C:\Windows\System32\Setup2k.ini [2008/10/12 05:07:08 | 000,000,184 | ---- | C] () -- C:\Windows\System32\presetup.ini [2008/03/28 02:19:10 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2006/11/02 05:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 00:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006/03/08 10:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll ========== LOP Check ========== [2010/01/05 11:17:05 | 000,000,000 | ---D | M] -- C:\Users\hugues\AppData\Roaming\BitDefender [2010/01/30 14:17:57 | 000,000,000 | ---D | M] -- C:\Users\hugues\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2009/05/30 23:03:36 | 000,000,000 | ---D | M] -- C:\Users\hugues\AppData\Roaming\FlashMediaStation [2009/06/10 08:56:02 | 000,000,000 | ---D | M] -- C:\Users\hugues\AppData\Roaming\Freeradiorecorder [2009/12/03 22:39:36 | 000,000,000 | ---D | M] -- C:\Users\hugues\AppData\Roaming\InternetCalls [2010/01/15 02:01:58 | 000,000,000 | ---D | M] -- C:\Users\hugues\AppData\Roaming\LimeWire [2009/06/15 04:48:49 | 000,000,000 | ---D | M] -- C:\Users\hugues\AppData\Roaming\Samsung [2008/11/29 15:53:03 | 000,000,000 | ---D | M] -- C:\Users\hugues\AppData\Roaming\Skinux [2008/11/30 13:46:19 | 000,000,000 | ---D | M] -- C:\Users\hugues\AppData\Roaming\Template [2010/03/06 15:17:37 | 000,000,000 | ---D | M] -- C:\Users\hugues\AppData\Roaming\VS Revo Group [2008/12/28 13:42:42 | 000,000,000 | ---D | M] -- C:\Users\hugues\AppData\Roaming\WebCallDirect [2010/06/06 08:56:41 | 000,000,430 | ---- | M] () -- C:\Windows\Tasks\Driver Robot.job [2010/06/10 05:32:01 | 000,000,402 | ---- | M] () -- C:\Windows\Tasks\EasyShare Registration Task.job [2010/06/20 08:59:46 | 000,032,578 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2010/06/20 19:52:00 | 000,000,420 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{4FF765DE-3D32-47CA-86EB-2C70321932C3}.job ========== Purity Check ========== ========== Custom Scans ========== < :OTL > < O4 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000..\Run: [imediacentral.com] C:\Windows\System32\recctrl2.exe () > < O4 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000..\Run: [luduvupf] C:\Users\hugues\AppData\Local\owddcxwut\kvqrbxgtssd.exe (eSXi) > < [2010/06/19 10:04:39 | 000,000,000 | ---D | C] -- C:\Users\hugues\AppData\Local\owddcxwut > Invalid Switch: 19 10:04:39 | 000,000,000 | ---D | C] -- C:\Users\hugues\AppData\Local\owddcxwut < [2010/06/20 13:01:06 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 > Invalid Switch: 20 13:01:06 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 < [2010/06/20 13:01:06 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 > Invalid Switch: 20 13:01:06 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 < O2 - BHO: (no name) - {3CA2BCE8-EC1F-44C5-A187-5CFE9A09D893}} - No CLSID value found. > < O3 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1002\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found. > < O4 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000..\Run: [imediacentral.com] C:\Windows\System32\recctrl2.exe () > < O4 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000..\Run: [luduvupf] C:\Users\hugues\AppData\Local\owddcxwut\kvqrbxgtssd.exe (eSXi) > < > < :commands > < [EmptyTemp] > < [EmptyFlash] > < [Purity] > < [ResetHosts] > < [Reboot] > < End of report >

merci une fois de plus pour les conseils. voici les rapports demandes OTL Extras logfile created on: 6/20/2010 1:03:05 PM - Run 1 OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\b\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18928) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 57.00% Memory free 6.00 Gb Paging File | 5.00 Gb Available in Paging File | 79.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 222.84 Gb Total Space | 135.12 Gb Free Space | 60.63% Space Free | Partition Type: NTFS Drive D: | 10.04 Gb Total Space | 1.72 Gb Free Space | 17.09% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: HUGUES-PC Current User Name: hugues Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 90 Days Output = Standard Quick Scan ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_USERS\S-1-5-21-1286651634-2638253971-3409342703-1000\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "UacDisableNotify" = 1 "InternetSettingsDisableNotify" = 1 "AutoUpdateDisableNotify" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{F9A768F4-7352-4D80-AAD4-7CBD6F0225BC}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{075D2698-6FEA-4215-9DB9-544BF642A00E}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe | "{1385C703-F841-4772-9035-CDAB98289543}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe | "{1DD3AEF4-3D94-47E5-B620-4E3A5F5E6E54}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe | "{27CEC20A-0329-40B3-B10A-CE8C301B8685}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe | "{29AAF573-F7A5-4CB7-9EAC-979E8BB1FF27}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | "{2AD4B328-EA31-4D32-92FE-517A5572CE9F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe | "{3889531F-3ADA-4352-8475-41A29D9B6E97}" = protocol=6 | dir=in | app=c:\program files\internetcalls.com\internetcalls\internetcalls.exe | "{3A861D53-5BE6-4078-A9E1-265C98D8ECCA}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe | "{47E46446-99F5-48FA-B6B0-175FDEE4B5EB}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | "{52F0D097-4A39-437B-96FF-F6EA98DC6ADA}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{5663A4A3-24E6-4B39-8B5D-14D6B4AEFC18}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe | "{64A49911-DE35-4B32-8BBB-E65B625FF0C6}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe | "{6BECDA31-65CA-405A-9278-D6F9B4C45346}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe | "{6DA02DFF-D876-4B12-8F0F-4929E25B4B7B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | "{7A547978-ABCC-4969-ACDC-96DC01DEA26D}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe | "{94170171-A155-482E-BE0A-BDDBE5D61C70}" = protocol=17 | dir=in | app=c:\program files\internetcalls.com\internetcalls\internetcalls.exe | "{9B04CD62-979C-42C8-BC42-585DAC9D2369}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{AC903B03-6561-4B6B-91D1-0CB48F9F947F}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe | "{AFB81D35-0D10-430F-9C6F-5A7D081D905C}" = dir=in | app=c:\program files\hp\quickplay\qp.exe | "{D33A50E3-225F-4211-9AF4-9661A6C54A8E}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe | "{EEBAD989-3564-4AC5-8B85-0D4334EE82CF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe | "TCP Query User{CA189F15-C498-4DB5-92E2-6490ECB85051}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{E0B3774B-81B6-43A5-929E-5D9C87F496B9}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer "{007B37D9-0C45-4202-834B-DD5FAAE99D63}" = ArcSoft Print Creations - Slimline Card "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "{024D1716-9F42-0039-06E5-F4279D6C4382}" = CCC Help Russian "{03EDED24-8375-407D-A721-4643D9768BE1}" = kgchlwn "{04556846-E511-3FE9-E824-3588075C8036}" = Catalyst Control Center Graphics Full Existing "{05CD72BE-7783-AAB9-0C05-2D8DBD2DD444}" = Catalyst Control Center Localization Dutch "{0612E132-33FF-4488-9C31-F8D485D6866D}" = Catalyst Control Center Graphics Light "{06E74B9B-631F-4378-BF3A-40D868450C05}" = HPPhotoSmartPhotobookHolidayPack1 "{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer "{0B3DB1B2-404C-AAA8-B32E-E65520EDE74D}" = CCC Help Polish "{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0 "{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}" = Adobe Flash Player 10 Plugin "{10504622-2818-C312-55CC-A72D36A31DBC}" = CCC Help Swedish "{10C69612-017B-45F5-B986-7D113D5A2EA3}" = MSN Toolbar "{11F3F858-4131-4FFA-A560-3FE282933B6E}" = kgchday "{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1 "{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD "{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works "{172AEB5E-CBB2-4CDD-A4CF-388600825839}" = HPPhotoSmartPhotobookPlayfulPack1 "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check for Health Check "{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 11 "{2A34320A-56F9-9C4F-D325-77AC8A54C8B6}" = Catalyst Control Center Localization Japanese "{2C9FF444-79C0-C0C4-7B21-0E77C872AF53}" = CCC Help Danish "{2CA3E0A5-9281-6E67-1843-A6CC0B00BD74}" = Catalyst Control Center Localization French "{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt "{30DAA715-5032-40F9-A0AE-95C9AEBB3E3F}" = HP QuickTouch 1.00 D2 "{31216452-5540-4C96-B754-94890A63D5AB}" = HP Help and Support "{31478BE1-CDE5-4753-A8B2-F6D4BC1FBE09}" = Component Framework "{31775690-0E29-2AB1-75DE-C406152CBD1D}" = Catalyst Control Center Localization Chinese Standard "{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java 6 Update 5 "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7 "{3466C4D1-508A-0E36-EB05-2E53766F27E0}" = CCC Help Italian "{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 D3 "{35F83303-C0C0-46B7-B8A8-ADA7C2AC5645}" = muvee autoProducer 6.1 "{3672B097-EA69-4BFE-B92F-29AE6D9D2B34}" = Norton Internet Security "{38DCD6F5-C4DC-25E5-C113-0A909558FC2C}" = CCC Help Norwegian "{38EAC694-0D90-445F-8C17-8B50ADFE3162}" = Slingbox Flash Tour "{3FA160E2-066B-8D77-FCF4-F001F236E8E7}" = CCC Help Spanish "{3FA93E4C-CB3B-4B25-B091-9DB0FCC56A74}" = Catalyst Control Center - Branding "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module "{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore "{431CED44-A6D3-4E4A-2B76-04D1A861FCCE}" = Catalyst Control Center Localization Swedish "{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg "{45A136EC-88BF-4B95-99F5-C45D3930E1CC}" = HP MULTIPLE MODEM INSTALLER for VISTA "{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.7 "{475144D0-A4D6-C553-42B5-7BB60FCEF9EC}" = Catalyst Control Center Localization German "{49BA6327-744C-3D20-16DB-6E98BF66D0FD}" = Catalyst Control Center Localization Danish "{4B4D411D-E363-7E6B-68C3-C8E2EF02B7C6}" = CCC Help Chinese Traditional "{4BFA6EEB-AAED-4334-8E98-A907DE4DD5CF}" = AMD Driver Support for HP 3D DriverGuard "{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout "{50DB0F17-4180-31F7-F26B-B40CBA8BA6E0}" = CCC Help German "{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001 "{5396C246-53B5-4BBA-62DC-8308C7357EFE}" = Catalyst Control Center Localization Polish "{54CAEF60-0258-2D8E-F01F-24BC689EA8A9}" = Catalyst Control Center Localization Portuguese "{55A6283C-638A-4EE0-B491-51118554BDA2}" = Norton Confidential Core "{560BB29B-41C5-88E4-4847-B4B1DDB47B9B}" = Catalyst Control Center Localization Czech "{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book "{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3 "{582287DA-0806-4AC0-BF19-C15E3A466034}" = LightScribe System Software 1.12.33.2 "{59748B12-406B-7EA4-355D-3BBD62E97C69}" = Catalyst Control Center Localization Turkish "{5B4E5823-7265-9A19-A871-36E75824F7BE}" = CCC Help French "{5EBC76DA-573E-7D96-A6F8-F4B9DE97A15F}" = Catalyst Control Center Localization Greek "{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA "{608D2A3C-6889-4C11-9B54-A42F45ACBFDB}" = fflink "{62120008-8E1E-4807-860D-A8B48F8552DB}" = Norton Protection Center "{623AD94E-1621-5AA1-BD6D-0EF08C9D7851}" = Catalyst Control Center Core Implementation "{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com "{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check "{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.1.1 "{693C08A7-9E76-43FF-B11E-9A58175474C4}" = kgckids "{6DBCFFF6-2A7B-4AE4-8FC8-1216442E2814}" = CCC Help Korean "{6FCBD7F7-6A29-089F-E5DB-E33EFCF306CD}" = Catalyst Control Center Localization Spanish "{762D9F20-593B-436E-CAC3-B3D9F4DA7A90}" = Catalyst Control Center Localization Chinese Traditional "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit "{77FFBA7E-0973-4F39-BBDB-AC2F537578D2}" = Norton AntiVirus "{80C2AD19-97A2-C829-38DE-5FD5B47F122B}" = ATI Catalyst Install Manager "{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8436F8D7-AA62-83DA-3BC5-E04871BF5F61}" = CCC Help Portuguese "{84F40C39-1E61-B3A7-833A-3A376AB53394}" = CCC Help Japanese "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver "{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr "{89E052B2-5CA5-4B7A-AF0C-28CA2836B030}" = HPPhotoSmartPhotobookModernPack1 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS "{8A8664E1-84C8-4936-891C-BC1F07797549}" = kgcvday "{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini "{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007 "{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007 "{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007 "{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007 "{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007 "{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007 "{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007 "{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui "{931FB38C-D5D4-4DBD-3723-50140A67F276}" = CCC Help Turkish "{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant "{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English) "{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse "{96A959C9-51E1-C920-A9FA-269BB462A940}" = CCC Help Czech "{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BD54685-1496-46A5-AB62-357CD140ED8B}" = kgcinvt "{9E2CCD5E-1990-4EF2-9B61-32F0BBACC29B}" = HP Active Support Library "{A07840FC-CE63-4CB8-8030-EF4B9805925A}" = HPPhotoSmartDiscLabel_PaperLabel "{A102E7E3-2A4E-F509-3EF6-019F45C83196}" = CCC Help Dutch "{A1588373-1D86-4D44-86C9-78ABD190F9CC}" = kgcmove "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A57222BD-51E3-7765-A008-9B6428402A59}" = CCC Help Hungarian "{A5CE7175-080D-49AC-B5A3-E7E3502428F5}" = HP Wireless Assistant "{A8ACD338-255C-B53D-7F19-ED7293B291E8}" = Catalyst Control Center Localization Norwegian "{A8B94669-8654-4126-BD28-D0D2412CDED6}" = TI Connect 1.6 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AAD72731-807A-4B79-AE05-9190B7002B7B}" = ProtectSmart Hard Drive Protection "{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3 "{AC95121F-1576-45B8-82F7-3911D27882E6}" = HPPhotoSmartPhotobookScrapbookPack1 "{ADFB9653-F44C-460C-BF58-189CC552DFFE}" = hpphotosmartdisclabelplugin "{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK "{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook "{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI "{B24E05CC-46FF-4787-BBB8-5CD516AFB118}" = ccCommon "{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore "{B4E91E95-A5BA-4E50-A465-DB7EFEB176E8}" = HPPhotoSmartDiscLabel_PrintOnDisc "{B61DFA72-EE09-49D6-B05E-DD166E86B104}" = SymNet "{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5 "{BD41A0CF-79B4-98D8-B9B9-3DE8BEC8A861}" = Catalyst Control Center Localization Finnish "{BFD96B89-B769-4CD6-B11E-E79FFD46F067}" = QuickTime "{C1C185CA-C531-49F5-A6FA-B838405A049D}" = Norton Internet Security "{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}" = HP Customer Experience Enhancements "{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program "{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3 "{C4B2636B-D76D-7C23-3010-99E96693F0B5}" = Catalyst Control Center Graphics Previews Vista "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{C7888C3F-0506-555F-7907-CDD3F81719A5}" = Adobe Media Player "{C87E0D98-7955-4BF0-A6B0-5D81146A9CB8}" = Samsung PC Studio 3 "{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update "{C9E9386A-7E81-796A-3465-8471A239A8A0}" = CCC Help Chinese Standard "{CA4498C8-5146-E527-27A7-1B4F81C9BF05}" = CCC Help Thai "{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar "{CAE8A0F1-B498-4C23-95FA-55047E730C8F}" = ArcSoft Print Creations "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Logiciel Kodak EasyShare "{D6E6FA4A-5445-4850-8365-CF216C1CBB7A}" = Symantec Real Time Storage Protection Component "{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR "{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader "{DD3C88A0-C53C-41D0-A21B-6D021981D23E}" = HPPhotoSmartDiscLabelContent1 "{DEC3A80C-49D3-2885-2A03-3FBA61A5D40F}" = Catalyst Control Center Localization Italian "{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01 "{E0B276B1-97D7-7AD2-548F-248A7745A1ED}" = CCC Help Greek "{E18B549C-5D15-45DA-8D8F-8FD2BD946344}" = kgcbaby "{E2ADC6FA-4233-54E6-29EC-E60EAD096A50}" = Catalyst Control Center Localization Hungarian "{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio "{E3EA025D-29A0-530C-9CA7-DBB5C49BB6DB}" = Skins "{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton AntiVirus Help "{E5C07137-7A9C-45B8-A982-FFED7A0AB456}" = REA's TESTware for the PCAT (Premium Edition) "{E6B4117F-AC59-4B13-9274-EB136E8897EE}" = ArcSoft Print Creations - Album Page "{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips "{E80F62FF-5D3C-4A19-8409-9721F2928206}" = LiveUpdate (Symantec Corporation) "{E96FFA19-E94B-D32B-E103-E78A0877245A}" = Catalyst Control Center Localization Thai "{EAE4AD65-89F2-3DE8-DF46-CCB34393CAA0}" = Catalyst Control Center Localization Russian "{EE3D717C-D93F-2A2B-F641-F59F48E11895}" = ccc-utility "{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore "{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card "{f32502b5-5b64-4882-bf61-77f23edcac4f}" = HP Total Care Advisor "{F447BD4C-65C3-A6D9-8A5F-5E822E32E1BC}" = Catalyst Control Center Localization Korean "{F48098CD-2D66-4861-85EC-DC1D4D09D5F9}" = HP User Guides 0102 "{F48FEA7A-2B87-8270-927C-20A0E7E5EBC2}" = CCC Help English "{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK "{F636EE9A-F9EC-4606-BCFA-77DD0E210788}" = HPPhotoSmartDiscLabel_Tattoo "{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS "{FA3B34BE-4246-4062-90A3-34CBBEA12B72}" = HPTCSSetup "{FCC92CBC-F520-A906-C002-9A6236308916}" = Catalyst Control Center Graphics Full New "{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock "{FEC99680-66C4-C8C7-084B-2FB1B257777C}" = CCC Help Finnish "{FEEDAB32-F937-8319-D3F1-FFFC98C2111E}" = ccc-core-static "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Agere Systems Soft Modem" = Agere Systems HDA Modem "AIM_6" = AIM 6 "avast5" = avast! Free Antivirus "Browsertools by imediacentral.com_is1" = Browsertools by imediacentral.com v2.8.4 "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com "Desktop Media Player by Wishlistradio.com_is1" = Desktop Media Player by Wishlistradio.com v2.0.9 "ENTERPRISE" = Microsoft Office Enterprise 2007 "Google Chrome" = Google Chrome "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "HP Photosmart Essential" = HP Photosmart Essential 2.5 "HP Smart Web Printing" = HP Smart Web Printing 4.60 "InstallShield_{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "InternetCalls_is1" = InternetCalls "LimeWire" = LimeWire 5.4.6 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "MouseSuite98" = Mouse Suite "PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation) "Radio_Fr" = Radio Fr Solo 2.1 "RealPlayer 6.0" = RealPlayer "SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set "Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software "SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software "SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software "SlingMedia.QPSlingPlayer_is1" = QuickPlay SlingPlayer 0.4.6 "SymSetup.{C1C185CA-C531-49F5-A6FA-B838405A049D}" = Norton Internet Security (Symantec Corporation) "SynTPDeinstKey" = Synaptics Pointing Device Driver "ViewpointMediaPlayer" = Viewpoint Media Player "WildTangent hp Master Uninstall" = My HP Games "Yahoo! Companion" = Yahoo! Toolbar "Yahoo! Messenger" = Yahoo! Messenger "Yahoo! Software Update" = Yahoo! Software Update ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1286651634-2638253971-3409342703-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Move Media Player" = Move Media Player "Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 12/26/2009 11:20:30 PM | Computer Name = hugues-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 12/26/2009 11:20:32 PM | Computer Name = hugues-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 12/26/2009 11:20:32 PM | Computer Name = hugues-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 12/26/2009 11:20:32 PM | Computer Name = hugues-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 12/26/2009 11:20:32 PM | Computer Name = hugues-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 12/26/2009 11:20:32 PM | Computer Name = hugues-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 12/26/2009 11:21:10 PM | Computer Name = hugues-PC | Source = WinMgmt | ID = 10 Description = Error - 12/26/2009 11:21:45 PM | Computer Name = hugues-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 12/26/2009 11:21:46 PM | Computer Name = hugues-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 12/26/2009 11:22:16 PM | Computer Name = hugues-PC | Source = WinDefendRtp | ID = 3003 Description = %%827 Real-Time Protection checkpoint has encountered an error and failed to start. User: hugues-PC\hugues Checkpoint ID: 57 Error Code: 0x80070005 Error description: Access is denied. [ OSession Events ] Error - 7/29/2009 10:38:46 AM | Computer Name = hugues-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 33681 seconds with 4860 seconds of active time. This session ended with a crash. Error - 8/1/2009 3:43:10 PM | Computer Name = hugues-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 5195 seconds with 0 seconds of active time. This session ended with a crash. Error - 12/25/2009 4:42:53 AM | Computer Name = hugues-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 15688 seconds with 2820 seconds of active time. This session ended with a crash. Error - 5/28/2010 2:40:29 PM | Computer Name = hugues-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 92254 seconds with 11940 seconds of active time. This session ended with a crash. [ System Events ] Error - 6/20/2010 3:19:29 AM | Computer Name = hugues-PC | Source = Service Control Manager | ID = 7000 Description = Error - 6/20/2010 3:34:35 AM | Computer Name = hugues-PC | Source = hpdskflt | ID = 263145 Description = An unsupported disk adapter was found. Error - 6/20/2010 3:36:26 AM | Computer Name = hugues-PC | Source = Service Control Manager | ID = 7000 Description = Error - 6/20/2010 10:15:26 AM | Computer Name = hugues-PC | Source = hpdskflt | ID = 263145 Description = An unsupported disk adapter was found. Error - 6/20/2010 10:17:18 AM | Computer Name = hugues-PC | Source = Service Control Manager | ID = 7000 Description = Error - 6/20/2010 11:42:13 AM | Computer Name = hugues-PC | Source = hpdskflt | ID = 263145 Description = An unsupported disk adapter was found. Error - 6/20/2010 11:44:15 AM | Computer Name = hugues-PC | Source = Service Control Manager | ID = 7000 Description = Error - 6/20/2010 12:00:37 PM | Computer Name = hugues-PC | Source = hpdskflt | ID = 263145 Description = An unsupported disk adapter was found. Error - 6/20/2010 12:01:55 PM | Computer Name = hugues-PC | Source = Service Control Manager | ID = 7000 Description = Error - 6/20/2010 3:57:07 PM | Computer Name = hugues-PC | Source = Service Control Manager | ID = 7034 Description = < End of report > rapport OTL OTL logfile created on: 6/20/2010 1:03:05 PM - Run 1 OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\b\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18928) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 57.00% Memory free 6.00 Gb Paging File | 5.00 Gb Available in Paging File | 79.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 222.84 Gb Total Space | 135.12 Gb Free Space | 60.63% Space Free | Partition Type: NTFS Drive D: | 10.04 Gb Total Space | 1.72 Gb Free Space | 17.09% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: HUGUES-PC Current User Name: hugues Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 90 Days Output = Standard Quick Scan ========== Processes (SafeList) ========== PRC - [2010/06/20 12:55:08 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\b\Desktop\OTL.scr PRC - [2010/06/20 12:53:59 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Users\b\Desktop\OTH.scr PRC - [2010/05/06 13:59:42 | 002,815,192 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2010/05/06 13:59:38 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2009/11/02 17:24:58 | 000,257,440 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10d.exe PRC - [2009/09/28 09:42:50 | 000,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2008/12/04 13:29:32 | 000,131,928 | ---- | M] (Microsoft Corp.) -- C:\Program Files\MSN\Toolbar\3.0.0988.2\msntask.exe PRC - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe PRC - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\CCSVCHST.EXE PRC - [2008/05/22 18:10:42 | 001,245,064 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe PRC - [2008/04/16 11:55:02 | 000,221,239 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\stacsv.exe PRC - [2008/03/26 15:26:56 | 000,341,328 | ---- | M] () -- C:\Windows\SMINST\BLService.exe PRC - [2008/02/11 22:05:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\AEstSrv.exe PRC - [2008/02/09 15:06:00 | 000,238,968 | ---- | M] (Symantec Corporation) -- c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe PRC - [2007/12/11 12:15:04 | 000,012,800 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe PRC - [2007/01/04 14:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe ========== Modules (SafeList) ========== MOD - [2010/06/20 12:55:08 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\b\Desktop\OTL.scr MOD - [2009/04/10 23:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll MOD - [2008/01/20 19:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx ========== Win32 Services (SafeList) ========== SRV - [2010/05/06 13:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner) SRV - [2010/05/06 13:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner) SRV - [2010/05/06 13:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2009/09/28 09:42:50 | 000,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2009/09/24 18:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService) SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice) SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService) SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr) SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr) SRV - [2008/09/05 11:52:32 | 003,220,856 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate) SRV - [2008/05/22 18:10:42 | 001,245,064 | ---- | M] () [On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC) SRV - [2008/04/16 11:55:02 | 000,221,239 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\stacsv.exe -- (STacSV) SRV - [2008/03/26 15:26:56 | 000,341,328 | ---- | M] () [Auto | Running] -- C:\Windows\SMINST\BLService.exe -- (Recovery Service for Windows) SRV - [2008/02/11 22:05:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\AEstSrv.exe -- (AESTFilters) SRV - [2008/02/09 15:06:00 | 000,238,968 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler) SRV - [2008/01/20 19:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007/12/11 12:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio) SRV - [2007/08/22 00:21:00 | 000,055,640 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost) SRV - [2007/01/04 14:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service) ========== Driver Services (SafeList) ========== DRV - [2010/05/06 13:39:23 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2010/05/06 13:39:00 | 000,164,048 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2010/05/06 13:34:27 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2010/05/06 13:34:10 | 000,051,792 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2010/05/06 13:33:47 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - [2010/02/26 21:34:18 | 000,025,656 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\hpdskflt.sys -- (hpdskflt) DRV - [2010/02/26 21:33:56 | 000,033,848 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer) DRV - [2009/12/30 12:21:16 | 000,027,192 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\revoflt.sys -- (Revoflt) DRV - [2009/09/30 02:00:00 | 001,323,568 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20090930.002\NAVEX15.SYS -- (NAVEX15) DRV - [2009/09/30 02:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2009/09/30 02:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2009/09/30 02:00:00 | 000,084,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20090930.002\NAVENG.SYS -- (NAVENG) DRV - [2009/09/02 04:09:24 | 000,176,128 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2009/07/17 05:40:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2009/02/19 12:31:42 | 000,024,112 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM) DRV - [2009/02/19 12:31:18 | 000,041,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMNDISV.SYS -- (SYMNDISV) DRV - [2009/02/19 12:31:16 | 000,184,496 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI) DRV - [2009/02/19 12:31:16 | 000,096,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMFW.SYS -- (SYMFW) DRV - [2009/02/19 12:31:16 | 000,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV) DRV - [2009/02/19 12:31:16 | 000,013,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMDNS.SYS -- (SYMDNS) DRV - [2009/01/10 09:17:09 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent) DRV - [2008/11/21 22:53:40 | 001,204,128 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2008/09/12 00:33:24 | 000,270,384 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20081106.001\IDSvix86.sys -- (IDSvix86) DRV - [2008/09/05 14:31:42 | 000,447,024 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv) DRV - [2008/07/30 17:42:12 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\COH_Mon.sys -- (COH_Mon) DRV - [2008/04/27 11:07:44 | 000,909,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2008/04/21 20:59:04 | 000,062,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTSTOR.sys -- (RTSTOR) DRV - [2008/04/16 11:58:24 | 000,379,904 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA) DRV - [2008/04/14 15:56:18 | 000,170,000 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\ahcix86s.sys -- (ahcix86s) DRV - [2008/03/28 04:24:16 | 003,544,064 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2008/01/31 16:51:00 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL) DRV - [2008/01/31 16:51:00 | 000,279,088 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP) DRV - [2008/01/31 16:51:00 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX) DRV - [2008/01/23 14:23:12 | 000,052,736 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir) DRV - [2008/01/20 19:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR) DRV - [2008/01/20 19:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2008/01/20 19:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2008/01/20 19:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2008/01/20 19:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2008/01/20 19:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2008/01/20 19:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2008/01/20 19:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2008/01/20 19:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2008/01/20 19:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel® DRV - [2008/01/20 19:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2008/01/20 19:23:23 | 000,654,336 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (winachsf) DRV - [2008/01/20 19:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2008/01/20 19:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2008/01/20 19:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2008/01/20 19:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2008/01/20 19:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2008/01/20 19:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2008/01/20 19:23:22 | 000,987,648 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (HSF_DPV) DRV - [2008/01/20 19:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2008/01/20 19:23:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL) DRV - [2008/01/20 19:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2008/01/20 19:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2008/01/20 19:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2008/01/20 19:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2008/01/20 19:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008/01/20 19:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2008/01/20 19:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2008/01/17 12:31:26 | 000,196,784 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP) DRV - [2008/01/07 13:42:04 | 000,015,416 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\Amddfltr.sys -- (Amddfltr) DRV - [2007/08/08 16:39:00 | 000,036,056 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\CO_Mon.sys -- (CO_Mon) DRV - [2007/07/11 10:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HpqRemHid.sys -- (HpqRemHid) DRV - [2007/07/03 16:58:20 | 000,106,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm) DRV - [2007/07/03 16:57:24 | 000,011,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl) DRV - [2007/07/03 16:54:24 | 000,080,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM) DRV - [2007/06/18 17:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV - [2007/05/02 11:12:36 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssm_mdm.sys -- (ssm_mdm) DRV - [2007/05/02 11:12:36 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssm_mdfl.sys -- (ssm_mdfl) DRV - [2007/05/02 11:12:34 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssm_bus.sys -- (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM) DRV - [2006/11/03 02:33:00 | 000,016,512 | R--- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PELMOUSE.SYS -- (pelmouse) DRV - [2006/11/03 02:33:00 | 000,013,184 | R--- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PELUSBlf.SYS -- (pelusblf) DRV - [2006/11/02 02:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006/11/02 02:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006/11/02 02:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006/11/02 02:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006/11/02 02:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006/11/02 02:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006/11/02 02:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006/11/02 02:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006/11/02 02:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006/11/02 02:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006/11/02 02:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006/11/02 01:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006/11/02 01:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006/11/02 01:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006/11/02 01:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006/11/02 01:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006/11/02 01:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006/11/02 00:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006/11/02 00:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm60x32.sys -- (NVENETFD) DRV - [2006/11/02 00:30:53 | 000,464,384 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XV) DRV - [2006/10/29 13:23:12 | 000,007,680 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO) DRV - [2004/02/04 11:27:56 | 000,049,536 | ---- | M] (Texas Instruments Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tiehdusb.sys -- (TIEHDUSB) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = AOL.com - Welcome to AOL IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = AOL.com - Welcome to AOL IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = {searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Search the Web IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = AOL.com - Welcome to AOL IE - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = AOL.com - Welcome to AOL IE - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = {searchTerms} IE - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Search the Web IE - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.) IE - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> IE - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555 IE - HKU\S-1-5-21-1286651634-2638253971-3409342703-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = AOL.com - Welcome to AOL IE - HKU\S-1-5-21-1286651634-2638253971-3409342703-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = AOL.com - Welcome to AOL IE - HKU\S-1-5-21-1286651634-2638253971-3409342703-1002\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = {searchTerms} IE - HKU\S-1-5-21-1286651634-2638253971-3409342703-1002\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Search the Web IE - HKU\S-1-5-21-1286651634-2638253971-3409342703-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008/11/05 00:58:53 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/02/08 08:42:11 | 000,000,000 | ---D | M] [2010/01/15 01:45:19 | 000,000,000 | ---D | M] -- C:\Users\hugues\AppData\Roaming\Mozilla\Extensions [2010/01/15 01:45:19 | 000,000,000 | ---D | M] -- C:\Users\hugues\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org O1 HOSTS File: ([2006/09/18 14:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.) O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (no name) - {3CA2BCE8-EC1F-44C5-A187-5CFE9A09D893}} - No CLSID value found. O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll (Symantec Corporation) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.) O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll (Yahoo! Inc) O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (&Browsertools by imediacentral.com) - {46BA7FF1-D32A-4369-88BF-882830A8FA67} - C:\Windows\System32\imediacentral_com_browsertools.dll () O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.) O3 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll (Symantec Corporation) O3 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1002\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found. O3 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1002\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll (Symantec Corporation) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software) O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard) O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [Mouse Suite 98 Daemon] C:\Windows\System32\ICO.EXE (Primax Electronics Ltd.) O4 - HKLM..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000..\Run: [imediacentral.com] C:\Windows\System32\recctrl2.exe () O4 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000..\Run: [internetCalls] C:\Program Files\InternetCalls.com\InternetCalls\internetcalls.exe (InternetCalls) O4 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000..\Run: [luduvupf] C:\Users\hugues\AppData\Local\owddcxwut\kvqrbxgtssd.exe (eSXi) O4 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1002..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000..\RunOnce: [shockwave Updater] C:\Windows\System32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -Mozilla\4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident\4.0; File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1 O7 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O7 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) O13 - gopher Prefix: missing O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet) O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet) O15 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\..Trusted Ranges: Range1 ([http] in Local intranet) O15 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1002\..Trusted Ranges: Range1 ([http] in Local intranet) O16 - DPF: {44990B00-3C9D-426D-81DF-AAB636FA4345} https://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlcm.cab (Symantec Configuration Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 68.87.73.246 68.87.71.230 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\hugues\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O24 - Desktop BackupWallPaper: C:\Users\hugues\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008/05/22 19:20:45 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{63c3d3ce-aa61-11de-89d9-001e68ce36a8}\Shell - "" = AutoRun O33 - MountPoints2\{63c3d3ce-aa61-11de-89d9-001e68ce36a8}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 90 Days ========== [2010/06/20 09:23:20 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010/06/20 09:23:19 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010/06/20 09:23:19 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010/06/19 10:04:39 | 000,000,000 | ---D | C] -- C:\Users\hugues\AppData\Local\owddcxwut [2010/06/07 22:12:14 | 000,164,048 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys [2010/06/07 22:12:14 | 000,019,024 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys [2010/06/07 22:12:12 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys [2010/06/07 22:12:10 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys [2010/06/07 22:12:09 | 000,051,792 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys [2010/06/07 22:11:29 | 000,165,032 | ---- | C] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe [2010/06/07 22:11:29 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\System32\avastSS.scr [2010/06/07 18:45:43 | 000,000,000 | ---D | C] -- C:\Users\hugues\Documents\New Folder [2010/05/22 15:53:15 | 000,000,000 | ---D | C] -- C:\Users\hugues\Documents\graduation [2010/04/24 08:22:22 | 000,000,000 | ---D | C] -- C:\Users\hugues\Documents\award [2010/03/30 04:36:10 | 000,000,000 | ---D | C] -- C:\Users\hugues\Documents\ph204 hugues [2010/03/30 04:36:00 | 000,000,000 | ---D | C] -- C:\Users\hugues\Documents\ch 203 hugues [2010/03/30 04:35:57 | 000,000,000 | ---D | C] -- C:\Users\hugues\Documents\ch204 hugues [2010/03/30 04:35:11 | 000,000,000 | ---D | C] -- C:\Users\hugues\Documents\ch102 hugues [2010/03/30 04:35:10 | 000,000,000 | ---D | C] -- C:\Users\hugues\Documents\bi 204 hugues [2010/03/30 04:35:02 | 000,000,000 | ---D | C] -- C:\Users\hugues\Documents\ph 203 hugues [8 C:\Users\hugues\Documents\*.tmp files -> C:\Users\hugues\Documents\*.tmp -> ] [6 C:\Users\hugues\Desktop\*.tmp files -> C:\Users\hugues\Desktop\*.tmp -> ] ========== Files - Modified Within 90 Days ========== [2010/06/20 13:07:00 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{4FF765DE-3D32-47CA-86EB-2C70321932C3}.job [2010/06/20 13:01:06 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010/06/20 13:01:06 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010/06/20 12:59:26 | 005,242,880 | -HS- | M] () -- C:\Users\hugues\ntuser.dat [2010/06/20 12:56:01 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010/06/20 09:23:24 | 000,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010/06/20 09:06:48 | 000,524,288 | -HS- | M] () -- C:\Users\hugues\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms [2010/06/20 09:06:48 | 000,065,536 | -HS- | M] () -- C:\Users\hugues\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf [2010/06/20 09:02:01 | 000,000,267 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini [2010/06/20 09:01:27 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010/06/20 09:01:11 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010/06/20 09:00:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010/06/20 09:00:53 | 2950,520,832 | -HS- | M] () -- C:\hiberfil.sys [2010/06/20 08:59:45 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2010/06/20 00:10:32 | 003,320,255 | -H-- | M] () -- C:\Users\hugues\AppData\Local\IconCache.db [2010/06/19 22:59:49 | 000,000,632 | RHS- | M] () -- C:\Users\hugues\ntuser.pol [2010/06/17 08:13:43 | 000,035,840 | ---- | M] () -- C:\Users\hugues\Desktop\gc hugues.doc [2010/06/17 08:13:03 | 000,035,840 | ---- | M] () -- C:\Users\hugues\Desktop\GC lab gaelle.doc [2010/06/17 04:46:33 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$ lab gaelle.doc [2010/06/17 04:45:58 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$ hugues.doc [2010/06/17 04:45:30 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$C lab 2.docx [2010/06/13 22:10:56 | 002,614,028 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 09 ch203 organic.pptx [2010/06/13 12:34:15 | 002,614,028 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 09 ch 203 orga.pptx [2010/06/13 12:18:50 | 005,805,056 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 08 ch203 orga.ppt [2010/06/13 12:17:40 | 003,503,964 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 07 ch203 orga.pptx [2010/06/13 12:15:47 | 006,023,586 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 06 ch203 orga.pptx [2010/06/13 12:14:55 | 003,945,009 | ---- | M] () -- C:\Users\hugues\Desktop\chapter ch203 orga.pptx [2010/06/13 12:12:46 | 005,711,819 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 04 ch 203 orga.pptx [2010/06/13 12:10:28 | 003,787,717 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 03 ch203 orga.pptx [2010/06/13 12:07:49 | 007,697,442 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 02 ch203 orga.pptx [2010/06/13 12:05:09 | 009,198,158 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 01 ch203 orga.pptx [2010/06/12 09:09:05 | 000,121,856 | ---- | M] () -- C:\Users\hugues\Desktop\answer exam 1 organic.ppt [2010/06/10 21:47:20 | 000,402,984 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010/06/10 05:32:01 | 000,000,402 | ---- | M] () -- C:\Windows\tasks\EasyShare Registration Task.job [2010/06/09 22:51:53 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2010/06/09 05:56:44 | 000,011,218 | ---- | M] () -- C:\Users\hugues\Desktop\post lab.docx [2010/06/07 22:12:15 | 000,001,840 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2010/06/07 22:12:09 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [2010/06/07 01:49:26 | 000,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010/06/07 01:49:26 | 000,595,684 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010/06/07 01:49:26 | 000,101,350 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010/06/06 09:02:08 | 000,010,553 | ---- | M] () -- C:\Users\hugues\Documents\On your birthday.docx [2010/06/06 08:56:41 | 000,000,430 | ---- | M] () -- C:\Windows\tasks\Driver Robot.job [2010/06/05 07:05:45 | 000,000,000 | ---- | M] () -- C:\ProgramData\LauncherAccess.dt [2010/06/05 07:02:27 | 000,029,184 | ---- | M] () -- C:\Users\hugues\Desktop\Melting Point hugues.doc [2010/06/05 07:01:57 | 000,040,960 | ---- | M] () -- C:\Users\hugues\Desktop\tlc hugues.doc [2010/06/05 07:01:06 | 000,264,704 | ---- | M] () -- C:\Users\hugues\Documents\example lab Report tlc.doc [2010/06/03 00:56:04 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForhugues.job [2010/06/03 00:28:25 | 000,014,299 | ---- | M] () -- C:\Users\hugues\Desktop\TLC lab 2.docx [2010/06/01 00:21:16 | 000,059,982 | ---- | M] () -- C:\Users\hugues\Documents\conversa with ga.docx [2010/05/31 22:48:33 | 000,000,548 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - hugues.job [2010/05/31 02:56:09 | 000,015,737 | ---- | M] () -- C:\Users\hugues\Documents\Selam gaell1.docx [2010/05/27 13:47:40 | 000,021,950 | ---- | M] () -- C:\Users\hugues\Documents\selam gaelle.docx [2010/05/27 10:13:14 | 000,014,782 | ---- | M] () -- C:\Users\hugues\Documents\selam gaelle 1(Autosaved).docx [2010/05/27 10:13:14 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Documents\~$lam gaelle 1(Autosaved).docx [2010/05/26 16:55:16 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Documents\~$lam gaelle.docx [2010/05/26 15:52:00 | 000,164,955 | ---- | M] () -- C:\Users\hugues\Documents\si l'amitie.docx [2010/05/26 14:23:03 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Documents\~$ l'amitie.docx [2010/05/26 13:27:01 | 000,028,514 | ---- | M] () -- C:\Users\hugues\Documents\excuse moi pour today.docx [2010/05/26 12:31:41 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Documents\~$cuse moi pour today.docx [2010/05/26 08:58:25 | 000,012,493 | ---- | M] () -- C:\Users\hugues\Documents\tu sais quoi.docx [2010/05/15 07:34:23 | 000,050,688 | ---- | M] () -- C:\Users\hugues\Documents\PH204_Practice_Final_Exam.doc [2010/05/12 18:23:13 | 000,021,346 | ---- | M] () -- C:\Users\hugues\Documents\harmonic.docx [2010/05/11 21:26:22 | 000,024,819 | ---- | M] () -- C:\Users\hugues\Documents\gaelle micro.docx [2010/05/10 14:21:24 | 000,069,120 | ---- | M] () -- C:\Users\hugues\Documents\BIOL_4501_F04_exam2.doc [2010/05/10 13:30:12 | 000,219,136 | ---- | M] () -- C:\Users\hugues\Documents\Chapter17web.doc [2010/05/10 13:24:23 | 000,133,120 | ---- | M] () -- C:\Users\hugues\Documents\Chapter16web.doc [2010/05/10 13:14:25 | 000,055,296 | ---- | M] () -- C:\Users\hugues\Documents\BI 203 Test 17.doc [2010/05/10 13:12:06 | 000,074,240 | ---- | M] () -- C:\Users\hugues\Documents\BI 203 Test 16.doc [2010/05/10 13:00:15 | 000,062,976 | ---- | M] () -- C:\Users\hugues\Documents\ch_15_test_bank biology.doc [2010/05/10 12:34:07 | 000,196,096 | ---- | M] () -- C:\Users\hugues\Documents\Lect Notes 203.doc [2010/05/10 11:37:15 | 000,298,496 | ---- | M] () -- C:\Users\hugues\Documents\ch_14_test_bank micro.doc [2010/05/09 12:26:43 | 000,018,180 | ---- | M] () -- C:\Users\hugues\Documents\vocabulary for microbiology chapter 14.docx [2010/05/09 12:26:43 | 000,018,180 | ---- | M] () -- C:\Users\hugues\Desktop\vocabulary for microbiology chapter 14.docx [2010/05/08 13:06:35 | 000,076,288 | ---- | M] () -- C:\Users\hugues\Documents\ch_14_instructor_guide.doc [2010/05/08 13:03:26 | 000,045,568 | ---- | M] () -- C:\Users\hugues\Documents\objective chapter micro.doc [2010/05/06 21:40:35 | 000,048,128 | ---- | M] () -- C:\Users\hugues\Documents\Exam2 F2006.doc [2010/05/06 13:59:57 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\Windows\System32\avastSS.scr [2010/05/06 13:59:36 | 000,165,032 | ---- | M] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe [2010/05/06 13:53:13 | 000,054,272 | ---- | M] () -- C:\Users\hugues\Documents\Unknown Lab Report.doc [2010/05/06 13:53:04 | 000,013,972 | ---- | M] () -- C:\Users\hugues\Documents\Jean Emmanuel Durace Professor Steve Microbiology Unknown.docx [2010/05/06 13:39:23 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys [2010/05/06 13:39:00 | 000,164,048 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys [2010/05/06 13:34:27 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys [2010/05/06 13:34:10 | 000,051,792 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys [2010/05/06 13:33:47 | 000,019,024 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys [2010/05/06 12:12:50 | 000,068,096 | ---- | M] () -- C:\Users\hugues\Documents\unknown 10.doc [2010/05/05 18:22:29 | 000,070,926 | ---- | M] () -- C:\Users\hugues\Documents\heat and fusion lab.docx [2010/05/05 07:06:29 | 001,743,872 | ---- | M] () -- C:\Users\hugues\Documents\chapter11book.doc [2010/05/05 04:49:56 | 000,212,480 | ---- | M] () -- C:\Users\hugues\Documents\chapter10 book pb.doc [2010/05/05 04:36:14 | 000,251,904 | ---- | M] () -- C:\Users\hugues\Documents\Energy-in-Thermal-Processes.ppt [2010/05/05 04:35:47 | 001,728,000 | ---- | M] () -- C:\Users\hugues\Documents\Vibrations-and-Waves.ppt [2010/05/03 09:06:27 | 000,032,979 | ---- | M] () -- C:\Users\hugues\Documents\Cinchona and its Product.docx [2010/05/03 07:56:06 | 000,015,608 | ---- | M] () -- C:\Users\hugues\Documents\conversation with sylvie.docx [2010/05/02 10:08:05 | 000,029,757 | ---- | M] () -- C:\Users\hugues\Documents\GNLD Online Store.docx [2010/05/01 05:30:01 | 000,037,376 | ---- | M] () -- C:\Users\hugues\Documents\Answer Key acs Test 2.doc [2010/05/01 05:29:02 | 000,033,792 | ---- | M] () -- C:\Users\hugues\Documents\Answer Key acsTest 1.doc [2010/05/01 05:27:41 | 000,096,768 | ---- | M] () -- C:\Users\hugues\Documents\ACS Practice Test 1.doc [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010/04/28 17:19:48 | 000,062,281 | ---- | M] () -- C:\Users\hugues\Documents\archimed.docx [2010/04/28 16:36:21 | 000,062,464 | ---- | M] () -- C:\Users\hugues\Documents\212Lab01_Archimedes.doc [2010/04/28 16:02:55 | 000,167,424 | ---- | M] () -- C:\Users\hugues\Documents\Archimedes.doc [2010/04/28 16:02:49 | 000,046,592 | ---- | M] () -- C:\Users\hugues\Documents\me313-5W08.doc [2010/04/28 16:02:49 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$313-5W08.doc [2010/04/28 07:38:12 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$chimedes.doc [2010/04/28 07:33:58 | 000,234,496 | ---- | M] () -- C:\Users\hugues\Documents\Fluid.doc [2010/04/28 07:33:58 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$Fluid.doc [2010/04/28 07:29:05 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$2Lab01_Archimedes.doc [2010/04/28 05:51:18 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$chimed.docx [2010/04/28 05:01:40 | 005,795,840 | ---- | M] () -- C:\Users\hugues\Documents\Chapter17_LEC.ppt [2010/04/28 04:55:31 | 010,184,192 | ---- | M] () -- C:\Users\hugues\Documents\Chapter15_LEC.ppt [2010/04/28 04:54:58 | 012,636,160 | ---- | M] () -- C:\Users\hugues\Documents\Chapter16_ chemistry.ppt [2010/04/26 06:46:42 | 000,378,373 | ---- | M] () -- C:\Users\hugues\Documents\A block of cherry wood that is 20 cm long.docx [2010/04/25 20:26:38 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$oblem1.docx [2010/04/25 20:26:35 | 000,011,353 | ---- | M] () -- C:\Users\hugues\Documents\Problem1.docx [2010/04/25 16:55:57 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$block of cherry wood that is 20 cm long.docx [2010/04/25 16:54:30 | 002,040,832 | ---- | M] () -- C:\Users\hugues\Documents\problem chapter7 prof.doc [2010/04/25 16:54:30 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$oblem chapter7 prof.doc [2010/04/25 16:53:48 | 002,890,240 | ---- | M] () -- C:\Users\hugues\Documents\prob chapter9 prof.doc [2010/04/25 16:53:48 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$ob chapter9 prof.doc [2010/04/25 16:52:28 | 005,068,288 | ---- | M] () -- C:\Users\hugues\Documents\sln chapter9 prof.doc [2010/04/25 16:52:28 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$n chapter9 prof.doc [2010/04/25 16:51:37 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$n chapter7 prof.doc [2010/04/25 16:51:36 | 006,416,896 | ---- | M] () -- C:\Users\hugues\Documents\sln chapter7 prof.doc [2010/04/25 16:48:25 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Documents\~$n chapter8 problem prof.doc [2010/04/25 16:48:24 | 019,233,280 | ---- | M] () -- C:\Users\hugues\Documents\sln chapter8 problem prof.doc [2010/04/25 16:47:39 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$apter8 physic problems prof.doc [2010/04/21 17:11:22 | 000,055,770 | ---- | M] () -- C:\Users\hugues\Documents\lab equilibruim.docx [2010/04/21 15:19:46 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$b equilibruim.docx [2010/04/21 10:42:37 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$ysics lab 7.docx [2010/04/21 10:42:36 | 000,011,316 | ---- | M] () -- C:\Users\hugues\Documents\physics lab 7.docx [2010/04/21 10:41:51 | 000,012,814 | ---- | M] () -- C:\Users\hugues\Documents\physics (2).docx [2010/04/19 08:15:33 | 001,886,208 | ---- | M] () -- C:\Users\hugues\Documents\Rotational-Equilibrium-and-dynamics.ppt [2010/04/19 07:41:41 | 000,947,200 | ---- | M] () -- C:\Users\hugues\Documents\exam biolo.doc [2010/04/19 07:32:37 | 000,196,096 | ---- | M] () -- C:\Users\hugues\Documents\Lect Notes 203.doc [2010/04/18 22:28:19 | 000,057,344 | ---- | M] () -- C:\Users\hugues\Documents\ch_11_instructor_guide micro.doc [2010/04/14 09:54:20 | 000,124,928 | ---- | M] () -- C:\Users\hugues\Documents\Centripetal Force Lab.doc [2010/04/14 09:54:18 | 000,084,480 | ---- | M] () -- C:\Users\hugues\Documents\Centf.doc [2010/04/14 09:54:15 | 000,076,800 | ---- | M] () -- C:\Users\hugues\Documents\centrip force.doc [2010/04/14 09:54:13 | 000,086,528 | ---- | M] () -- C:\Users\hugues\Documents\cenf-inquiry.doc [2010/04/14 09:46:30 | 000,106,976 | ---- | M] () -- C:\Users\hugues\Documents\momentum lab.docx [2010/04/14 09:46:30 | 000,106,976 | ---- | M] () -- C:\Users\hugues\Documents\momentum lab (2).docx [2010/04/14 05:17:50 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$Centf.doc [2010/04/14 05:17:06 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$ntripetal Force Lab.doc [2010/04/14 05:16:31 | 000,396,800 | ---- | M] () -- C:\Users\hugues\Documents\5centrip.doc [2010/04/14 05:16:31 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$entrip.doc [2010/04/14 05:15:55 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$nf-inquiry.doc [2010/04/14 05:07:38 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Documents\~$ntrip force.doc [2010/04/14 04:58:33 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$mentum lab.docx [2010/04/14 04:08:51 | 001,241,267 | ---- | M] () -- C:\Users\hugues\Documents\J presentation psychology 203.pptx [2010/04/13 07:47:05 | 000,039,936 | ---- | M] () -- C:\Users\hugues\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/04/13 04:29:59 | 002,408,960 | ---- | M] () -- C:\Users\hugues\Documents\presentation psychology 203.ppt [2010/04/12 06:44:35 | 004,642,304 | ---- | M] () -- C:\Users\hugues\Documents\SENTENC FRAGMENTS powerpoint.ppt [2010/04/12 06:18:30 | 001,015,808 | ---- | M] () -- C:\Users\hugues\Documents\presentation0280.ppt [2010/04/12 06:17:15 | 000,841,216 | ---- | M] () -- C:\Users\hugues\Documents\07WorldDataSheet_presentation.ppt [2010/04/12 06:13:22 | 004,029,440 | ---- | M] () -- C:\Users\hugues\Documents\BioMalnutritionP1.ppt [2010/04/12 06:10:49 | 000,391,168 | ---- | M] () -- C:\Users\hugues\Documents\obesity and malnutrition.ppt [2010/04/12 06:10:01 | 000,894,976 | ---- | M] () -- C:\Users\hugues\Documents\Malnutrition.ppt [2010/04/12 06:09:34 | 003,162,112 | ---- | M] () -- C:\Users\hugues\Documents\Malnutrition as the Neglected Disease_Davidson.ppt [2010/04/08 07:26:18 | 000,037,442 | ---- | M] () -- C:\Users\hugues\Documents\practicetest3.pdf [2010/04/08 07:25:18 | 000,242,250 | ---- | M] () -- C:\Users\hugues\Documents\Quiz%203%20stat[1].docx [2010/04/08 07:25:18 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Documents\~$iz 3 stat[1].docx [2010/04/04 23:35:11 | 000,011,936 | ---- | M] () -- C:\Users\hugues\Documents\happy easter.docx [2010/04/04 13:25:59 | 000,026,112 | ---- | M] () -- C:\Users\hugues\Documents\agnes1.doc [2010/04/04 13:25:15 | 000,026,624 | ---- | M] () -- C:\Users\hugues\Documents\agnes.doc [2010/03/31 17:54:14 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Documents\~$gues exam.docx [2010/03/31 17:54:12 | 008,835,402 | ---- | M] () -- C:\Users\hugues\Documents\hugues exam.docx [2010/03/31 17:47:48 | 003,130,576 | ---- | M] () -- C:\Users\hugues\Documents\exammm physique 3.docx [2010/03/31 17:43:18 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Documents\~$am2 de physic.docx [2010/03/31 16:57:43 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Documents\~$ammm physique 3.docx [2010/03/31 16:51:27 | 002,976,736 | ---- | M] () -- C:\Users\hugues\Documents\exam2 de physic.docx [2010/03/31 09:07:40 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Documents\~$r08adysaprojesi-10642.doc [2010/03/31 08:57:16 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Documents\~$ojectile motionn.doc [2010/03/31 05:49:01 | 002,760,351 | ---- | M] () -- C:\Users\hugues\Documents\exam2 physic.docx [2010/03/28 23:13:19 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Documents\~$am2 physic.docx [2010/03/28 11:00:19 | 000,025,088 | ---- | M] () -- C:\Users\hugues\Documents\lab report 5 gaelle.doc [2010/03/28 11:00:19 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Documents\~$b report 5 gaelle.doc [2010/03/28 10:09:01 | 000,029,915 | ---- | M] () -- C:\Users\hugues\Documents\hug atwood.docx [2010/03/28 10:05:26 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Documents\~$g atwood.docx [2010/03/28 09:34:08 | 000,011,224 | ---- | M] () -- C:\Users\hugues\Documents\modication essay UM.docx [2010/03/28 09:33:56 | 000,012,139 | ---- | M] () -- C:\Users\hugues\Documents\essay of university of maryland..docx [2010/03/28 09:33:44 | 000,011,241 | ---- | M] () -- C:\Users\hugues\Documents\essay numero deux de l universite de MD.docx [2010/03/27 15:03:24 | 000,010,099 | ---- | M] () -- C:\Users\hugues\Documents\9278 adelphi road hyastville.docx [2010/03/27 10:10:40 | 000,228,538 | ---- | M] () -- C:\Users\hugues\Documents\NEWPORT.dotx [2010/03/24 10:23:45 | 000,028,756 | ---- | M] () -- C:\Users\hugues\Documents\lab report 4.docx [2010/03/24 07:23:30 | 000,011,081 | ---- | M] () -- C:\Users\hugues\Documents\physics lab 5..docx [2010/03/24 05:12:41 | 000,041,984 | ---- | M] () -- C:\Users\hugues\Documents\Atwood.doc [2010/03/24 05:12:04 | 000,033,280 | ---- | M] () -- C:\Users\hugues\Documents\Lab 7-Atwood's Machine.doc [2010/03/24 05:11:35 | 000,039,936 | ---- | M] () -- C:\Users\hugues\Documents\atwoodx.doc [8 C:\Users\hugues\Documents\*.tmp files -> C:\Users\hugues\Documents\*.tmp -> ] [6 C:\Users\hugues\Desktop\*.tmp files -> C:\Users\hugues\Desktop\*.tmp -> ] ========== Files Created - No Company Name ========== [2010/06/20 09:23:24 | 000,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010/06/19 22:59:49 | 000,000,632 | RHS- | C] () -- C:\Users\hugues\ntuser.pol [2010/06/17 04:46:33 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$ lab gaelle.doc [2010/06/17 04:45:58 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$ hugues.doc [2010/06/17 04:45:56 | 000,035,840 | ---- | C] () -- C:\Users\hugues\Desktop\gc hugues.doc [2010/06/17 04:45:30 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$C lab 2.docx [2010/06/17 04:22:13 | 000,035,840 | ---- | C] () -- C:\Users\hugues\Desktop\GC lab gaelle.doc [2010/06/13 22:10:39 | 002,614,028 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 09 ch203 organic.pptx [2010/06/13 12:34:00 | 002,614,028 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 09 ch 203 orga.pptx [2010/06/13 12:18:46 | 005,805,056 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 08 ch203 orga.ppt [2010/06/13 12:17:24 | 003,503,964 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 07 ch203 orga.pptx [2010/06/13 12:15:43 | 006,023,586 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 06 ch203 orga.pptx [2010/06/13 12:14:37 | 003,945,009 | ---- | C] () -- C:\Users\hugues\Desktop\chapter ch203 orga.pptx [2010/06/13 12:12:42 | 005,711,819 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 04 ch 203 orga.pptx [2010/06/13 12:10:24 | 003,787,717 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 03 ch203 orga.pptx [2010/06/13 12:07:44 | 007,697,442 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 02 ch203 orga.pptx [2010/06/13 12:05:05 | 009,198,158 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 01 ch203 orga.pptx [2010/06/12 09:08:59 | 000,121,856 | ---- | C] () -- C:\Users\hugues\Desktop\answer exam 1 organic.ppt [2010/06/09 05:44:17 | 000,011,218 | ---- | C] () -- C:\Users\hugues\Desktop\post lab.docx [2010/06/07 22:13:05 | 000,001,971 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2010/06/07 22:12:15 | 000,001,840 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2010/06/06 09:02:00 | 000,010,553 | ---- | C] () -- C:\Users\hugues\Documents\On your birthday.docx [2010/06/05 07:01:05 | 000,264,704 | ---- | C] () -- C:\Users\hugues\Documents\example lab Report tlc.doc [2010/06/03 00:28:24 | 000,014,299 | ---- | C] () -- C:\Users\hugues\Desktop\TLC lab 2.docx [2010/06/02 23:11:37 | 000,040,960 | ---- | C] () -- C:\Users\hugues\Desktop\tlc hugues.doc [2010/06/02 23:05:41 | 000,012,814 | ---- | C] () -- C:\Users\hugues\Documents\physics (2).docx [2010/06/02 23:05:30 | 000,069,120 | ---- | C] () -- C:\Users\hugues\Documents\BIOL_4501_F04_exam2.doc [2010/06/02 23:05:30 | 000,057,344 | ---- | C] () -- C:\Users\hugues\Documents\ch_11_instructor_guide micro.doc [2010/06/02 23:05:30 | 000,050,688 | ---- | C] () -- C:\Users\hugues\Documents\PH204_Practice_Final_Exam.doc [2010/06/02 23:05:30 | 000,024,819 | ---- | C] () -- C:\Users\hugues\Documents\gaelle micro.docx [2010/06/02 23:05:30 | 000,001,871 | ---- | C] () -- C:\Users\hugues\Documents\HP Help and Support.lnk [2010/06/02 23:05:29 | 000,298,496 | ---- | C] () -- C:\Users\hugues\Documents\ch_14_test_bank micro.doc [2010/06/02 23:05:29 | 000,219,136 | ---- | C] () -- C:\Users\hugues\Documents\Chapter17web.doc [2010/06/02 23:05:29 | 000,196,096 | ---- | C] () -- C:\Users\hugues\Documents\Lect Notes 203.doc [2010/06/02 23:05:29 | 000,133,120 | ---- | C] () -- C:\Users\hugues\Documents\Chapter16web.doc [2010/06/02 23:05:29 | 000,076,288 | ---- | C] () -- C:\Users\hugues\Documents\ch_14_instructor_guide.doc [2010/06/02 23:05:29 | 000,074,240 | ---- | C] () -- C:\Users\hugues\Documents\BI 203 Test 16.doc [2010/06/02 23:05:29 | 000,062,976 | ---- | C] () -- C:\Users\hugues\Documents\ch_15_test_bank biology.doc [2010/06/02 23:05:29 | 000,055,296 | ---- | C] () -- C:\Users\hugues\Documents\BI 203 Test 17.doc [2010/06/02 23:05:29 | 000,021,346 | ---- | C] () -- C:\Users\hugues\Documents\harmonic.docx [2010/06/02 23:05:29 | 000,018,180 | ---- | C] () -- C:\Users\hugues\Documents\vocabulary for microbiology chapter 14.docx [2010/06/02 23:05:28 | 001,743,872 | ---- | C] () -- C:\Users\hugues\Documents\chapter11book.doc [2010/06/02 23:05:28 | 000,251,904 | ---- | C] () -- C:\Users\hugues\Documents\Energy-in-Thermal-Processes.ppt [2010/06/02 23:05:28 | 000,070,926 | ---- | C] () -- C:\Users\hugues\Documents\heat and fusion lab.docx [2010/06/02 23:05:28 | 000,054,272 | ---- | C] () -- C:\Users\hugues\Documents\Unknown Lab Report.doc [2010/06/02 23:05:28 | 000,048,128 | ---- | C] () -- C:\Users\hugues\Documents\Exam2 F2006.doc [2010/06/02 23:05:28 | 000,045,568 | ---- | C] () -- C:\Users\hugues\Documents\objective chapter micro.doc [2010/06/02 23:05:28 | 000,013,972 | ---- | C] () -- C:\Users\hugues\Documents\Jean Emmanuel Durace Professor Steve Microbiology Unknown.docx [2010/06/02 23:05:27 | 001,728,000 | ---- | C] () -- C:\Users\hugues\Documents\Vibrations-and-Waves.ppt [2010/06/02 23:05:27 | 000,234,496 | ---- | C] () -- C:\Users\hugues\Documents\Fluid.doc [2010/06/02 23:05:27 | 000,167,424 | ---- | C] () -- C:\Users\hugues\Documents\Archimedes.doc [2010/06/02 23:05:27 | 000,096,768 | ---- | C] () -- C:\Users\hugues\Documents\ACS Practice Test 1.doc [2010/06/02 23:05:27 | 000,062,464 | ---- | C] () -- C:\Users\hugues\Documents\212Lab01_Archimedes.doc [2010/06/02 23:05:27 | 000,046,592 | ---- | C] () -- C:\Users\hugues\Documents\me313-5W08.doc [2010/06/02 23:05:27 | 000,037,376 | ---- | C] () -- C:\Users\hugues\Documents\Answer Key acs Test 2.doc [2010/06/02 23:05:27 | 000,033,792 | ---- | C] () -- C:\Users\hugues\Documents\Answer Key acsTest 1.doc [2010/06/02 23:05:27 | 000,032,979 | ---- | C] () -- C:\Users\hugues\Documents\Cinchona and its Product.docx [2010/06/02 23:05:27 | 000,029,757 | ---- | C] () -- C:\Users\hugues\Documents\GNLD Online Store.docx [2010/06/02 23:05:26 | 005,795,840 | ---- | C] () -- C:\Users\hugues\Documents\Chapter17_LEC.ppt [2010/06/02 23:05:26 | 000,062,281 | ---- | C] () -- C:\Users\hugues\Documents\archimed.docx [2010/06/02 23:05:25 | 010,184,192 | ---- | C] () -- C:\Users\hugues\Documents\Chapter15_LEC.ppt [2010/06/02 23:05:23 | 012,636,160 | ---- | C] () -- C:\Users\hugues\Documents\Chapter16_ chemistry.ppt [2010/06/02 23:05:23 | 000,378,373 | ---- | C] () -- C:\Users\hugues\Documents\A block of cherry wood that is 20 cm long.docx [2010/06/02 23:05:23 | 000,011,353 | ---- | C] () -- C:\Users\hugues\Documents\Problem1.docx [2010/06/02 23:05:22 | 006,416,896 | ---- | C] () -- C:\Users\hugues\Documents\sln chapter7 prof.doc [2010/06/02 23:05:22 | 005,068,288 | ---- | C] () -- C:\Users\hugues\Documents\sln chapter9 prof.doc [2010/06/02 23:05:22 | 002,890,240 | ---- | C] () -- C:\Users\hugues\Documents\prob chapter9 prof.doc [2010/06/02 23:05:22 | 002,040,832 | ---- | C] () -- C:\Users\hugues\Documents\problem chapter7 prof.doc [2010/06/02 23:05:22 | 001,886,208 | ---- | C] () -- C:\Users\hugues\Documents\Rotational-Equilibrium-and-dynamics.ppt [2010/06/02 23:05:22 | 000,055,770 | ---- | C] () -- C:\Users\hugues\Documents\lab equilibruim.docx [2010/06/02 23:05:22 | 000,011,316 | ---- | C] () -- C:\Users\hugues\Documents\physics lab 7.docx [2010/06/02 23:05:21 | 000,947,200 | ---- | C] () -- C:\Users\hugues\Documents\exam biolo.doc [2010/06/02 23:05:21 | 000,196,096 | ---- | C] () -- C:\Users\hugues\Documents\Lect Notes 203.doc [2010/06/02 05:22:59 | 000,029,184 | ---- | C] () -- C:\Users\hugues\Desktop\Melting Point hugues.doc [2010/06/01 00:21:14 | 000,059,982 | ---- | C] () -- C:\Users\hugues\Documents\conversa with ga.docx [2010/05/31 01:40:55 | 000,015,737 | ---- | C] () -- C:\Users\hugues\Documents\Selam gaell1.docx [2010/05/27 10:13:14 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Documents\~$lam gaelle 1(Autosaved).docx [2010/05/27 10:13:13 | 000,014,782 | ---- | C] () -- C:\Users\hugues\Documents\selam gaelle 1(Autosaved).docx [2010/05/26 16:55:16 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Documents\~$lam gaelle.docx [2010/05/26 14:23:03 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Documents\~$ l'amitie.docx [2010/05/26 14:23:02 | 000,164,955 | ---- | C] () -- C:\Users\hugues\Documents\si l'amitie.docx [2010/05/26 12:31:41 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Documents\~$cuse moi pour today.docx [2010/05/26 12:31:39 | 000,028,514 | ---- | C] () -- C:\Users\hugues\Documents\excuse moi pour today.docx [2010/05/26 08:58:23 | 000,012,493 | ---- | C] () -- C:\Users\hugues\Documents\tu sais quoi.docx [2010/05/26 08:58:06 | 000,021,950 | ---- | C] () -- C:\Users\hugues\Documents\selam gaelle.docx [2010/05/09 12:26:41 | 000,018,180 | ---- | C] () -- C:\Users\hugues\Desktop\vocabulary for microbiology chapter 14.docx [2010/05/06 04:23:33 | 000,068,096 | ---- | C] () -- C:\Users\hugues\Documents\unknown 10.doc [2010/05/05 04:49:50 | 000,212,480 | ---- | C] () -- C:\Users\hugues\Documents\chapter10 book pb.doc [2010/05/03 07:56:05 | 000,015,608 | ---- | C] () -- C:\Users\hugues\Documents\conversation with sylvie.docx [2010/04/28 16:02:49 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$313-5W08.doc [2010/04/28 07:38:12 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$chimedes.doc [2010/04/28 07:33:58 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$Fluid.doc [2010/04/28 07:29:05 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$2Lab01_Archimedes.doc [2010/04/28 05:51:18 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$chimed.docx [2010/04/25 20:26:38 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$oblem1.docx [2010/04/25 16:55:57 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$block of cherry wood that is 20 cm long.docx [2010/04/25 16:54:30 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$oblem chapter7 prof.doc [2010/04/25 16:53:48 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$ob chapter9 prof.doc [2010/04/25 16:52:28 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$n chapter9 prof.doc [2010/04/25 16:51:37 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$n chapter7 prof.doc [2010/04/25 16:48:25 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Documents\~$n chapter8 problem prof.doc [2010/04/25 16:48:09 | 019,233,280 | ---- | C] () -- C:\Users\hugues\Documents\sln chapter8 problem prof.doc [2010/04/25 16:47:39 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$apter8 physic problems prof.doc [2010/04/21 15:19:46 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$b equilibruim.docx [2010/04/21 10:42:37 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$ysics lab 7.docx [2010/04/15 05:23:40 | 000,106,976 | ---- | C] () -- C:\Users\hugues\Documents\momentum lab (2).docx [2010/04/15 05:23:25 | 000,000,104 | ---- | C] () -- C:\Users\hugues\Documents\Internet - Shortcut.lnk [2010/04/15 05:22:17 | 000,894,976 | ---- | C] () -- C:\Users\hugues\Documents\Malnutrition.ppt [2010/04/15 05:22:17 | 000,391,168 | ---- | C] () -- C:\Users\hugues\Documents\obesity and malnutrition.ppt [2010/04/15 05:22:16 | 004,642,304 | ---- | C] () -- C:\Users\hugues\Documents\SENTENC FRAGMENTS powerpoint.ppt [2010/04/15 05:22:16 | 004,029,440 | ---- | C] () -- C:\Users\hugues\Documents\BioMalnutritionP1.ppt [2010/04/15 05:22:16 | 003,162,112 | ---- | C] () -- C:\Users\hugues\Documents\Malnutrition as the Neglected Disease_Davidson.ppt [2010/04/15 05:22:16 | 002,408,960 | ---- | C] () -- C:\Users\hugues\Documents\presentation psychology 203.ppt [2010/04/15 05:22:16 | 001,241,267 | ---- | C] () -- C:\Users\hugues\Documents\J presentation psychology 203.pptx [2010/04/15 05:22:16 | 001,015,808 | ---- | C] () -- C:\Users\hugues\Documents\presentation0280.ppt [2010/04/15 05:22:16 | 000,841,216 | ---- | C] () -- C:\Users\hugues\Documents\07WorldDataSheet_presentation.ppt [2010/04/15 05:22:16 | 000,396,800 | ---- | C] () -- C:\Users\hugues\Documents\5centrip.doc [2010/04/15 05:22:16 | 000,124,928 | ---- | C] () -- C:\Users\hugues\Documents\Centripetal Force Lab.doc [2010/04/15 05:22:16 | 000,106,976 | ---- | C] () -- C:\Users\hugues\Documents\momentum lab.docx [2010/04/15 05:22:16 | 000,086,528 | ---- | C] () -- C:\Users\hugues\Documents\cenf-inquiry.doc [2010/04/15 05:22:16 | 000,084,480 | ---- | C] () -- C:\Users\hugues\Documents\Centf.doc [2010/04/15 05:22:16 | 000,026,624 | ---- | C] () -- C:\Users\hugues\Documents\agnes.doc [2010/04/15 05:22:16 | 000,026,112 | ---- | C] () -- C:\Users\hugues\Documents\agnes1.doc [2010/04/14 05:17:50 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$Centf.doc [2010/04/14 05:17:06 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$ntripetal Force Lab.doc [2010/04/14 05:16:31 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$entrip.doc [2010/04/14 05:15:55 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$nf-inquiry.doc [2010/04/14 05:07:38 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Documents\~$ntrip force.doc [2010/04/14 05:07:36 | 000,076,800 | ---- | C] () -- C:\Users\hugues\Documents\centrip force.doc [2010/04/14 04:58:33 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$mentum lab.docx [2010/04/08 07:26:18 | 000,037,442 | ---- | C] () -- C:\Users\hugues\Documents\practicetest3.pdf [2010/04/08 07:25:18 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Documents\~$iz 3 stat[1].docx [2010/04/08 07:25:14 | 000,242,250 | ---- | C] () -- C:\Users\hugues\Documents\Quiz%203%20stat[1].docx [2010/04/04 23:35:09 | 000,011,936 | ---- | C] () -- C:\Users\hugues\Documents\happy easter.docx [2010/03/31 17:54:14 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Documents\~$gues exam.docx [2010/03/31 17:53:54 | 008,835,402 | ---- | C] () -- C:\Users\hugues\Documents\hugues exam.docx [2010/03/31 17:43:18 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Documents\~$am2 de physic.docx [2010/03/31 16:57:43 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Documents\~$ammm physique 3.docx [2010/03/31 16:57:37 | 003,130,576 | ---- | C] () -- C:\Users\hugues\Documents\exammm physique 3.docx [2010/03/31 15:14:30 | 002,976,736 | ---- | C] () -- C:\Users\hugues\Documents\exam2 de physic.docx [2010/03/31 09:07:40 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Documents\~$r08adysaprojesi-10642.doc [2010/03/31 08:57:16 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Documents\~$ojectile motionn.doc [2010/03/28 23:13:19 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Documents\~$am2 physic.docx [2010/03/28 23:13:16 | 002,760,351 | ---- | C] () -- C:\Users\hugues\Documents\exam2 physic.docx [2010/03/28 11:00:19 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Documents\~$b report 5 gaelle.doc [2010/03/28 11:00:17 | 000,025,088 | ---- | C] () -- C:\Users\hugues\Documents\lab report 5 gaelle.doc [2010/03/28 10:05:26 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Documents\~$g atwood.docx [2010/03/28 10:05:25 | 000,029,915 | ---- | C] () -- C:\Users\hugues\Documents\hug atwood.docx [2010/03/28 09:34:08 | 000,011,224 | ---- | C] () -- C:\Users\hugues\Documents\modication essay UM.docx [2010/03/28 09:33:56 | 000,012,139 | ---- | C] () -- C:\Users\hugues\Documents\essay of university of maryland..docx [2010/03/28 09:33:42 | 000,011,241 | ---- | C] () -- C:\Users\hugues\Documents\essay numero deux de l universite de MD.docx [2010/03/27 15:03:22 | 000,010,099 | ---- | C] () -- C:\Users\hugues\Documents\9278 adelphi road hyastville.docx [2010/03/27 07:51:53 | 000,228,538 | ---- | C] () -- C:\Users\hugues\Documents\NEWPORT.dotx [2010/03/24 07:23:28 | 000,011,081 | ---- | C] () -- C:\Users\hugues\Documents\physics lab 5..docx [2010/03/24 05:12:38 | 000,041,984 | ---- | C] () -- C:\Users\hugues\Documents\Atwood.doc [2010/03/24 05:12:20 | 000,028,756 | ---- | C] () -- C:\Users\hugues\Documents\lab report 4.docx [2010/03/24 05:12:02 | 000,033,280 | ---- | C] () -- C:\Users\hugues\Documents\Lab 7-Atwood's Machine.doc [2010/03/24 05:11:32 | 000,039,936 | ---- | C] () -- C:\Users\hugues\Documents\atwoodx.doc [2009/09/18 07:33:28 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009/06/13 08:36:24 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2009/05/30 23:05:15 | 000,719,360 | ---- | C] () -- C:\Windows\System32\imediacentral_com_browsertools.dll [2009/05/30 23:05:15 | 000,343,040 | ---- | C] () -- C:\Windows\System32\browsertools_helper.dll [2009/03/05 07:54:58 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2009/02/22 14:33:20 | 000,001,208 | ---- | C] () -- C:\Windows\Radio_Fr.ini [2008/10/12 05:07:08 | 000,008,771 | ---- | C] () -- C:\Windows\System32\Setup2k.ini [2008/10/12 05:07:08 | 000,000,184 | ---- | C] () -- C:\Windows\System32\presetup.ini [2008/03/28 02:19:10 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2006/11/02 05:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 00:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006/03/08 10:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll ========== LOP Check ========== [2010/01/05 11:17:05 | 000,000,000 | ---D | M] -- C:\Users\hugues\AppData\Roaming\BitDefender [2010/01/30 14:17:57 | 000,000,000 | ---D | M] -- C:\Users\hugues\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2009/05/30 23:03:36 | 000,000,000 | ---D | M] -- C:\Users\hugues\AppData\Roaming\FlashMediaStation [2009/06/10 08:56:02 | 000,000,000 | ---D | M] -- C:\Users\hugues\AppData\Roaming\Freeradiorecorder [2009/12/03 22:39:36 | 000,000,000 | ---D | M] -- C:\Users\hugues\AppData\Roaming\InternetCalls [2010/01/15 02:01:58 | 000,000,000 | ---D | M] -- C:\Users\hugues\AppData\Roaming\LimeWire [2009/06/15 04:48:49 | 000,000,000 | ---D | M] -- C:\Users\hugues\AppData\Roaming\Samsung [2008/11/29 15:53:03 | 000,000,000 | ---D | M] -- C:\Users\hugues\AppData\Roaming\Skinux [2008/11/30 13:46:19 | 000,000,000 | ---D | M] -- C:\Users\hugues\AppData\Roaming\Template [2010/03/06 15:17:37 | 000,000,000 | ---D | M] -- C:\Users\hugues\AppData\Roaming\VS Revo Group [2008/12/28 13:42:42 | 000,000,000 | ---D | M] -- C:\Users\hugues\AppData\Roaming\WebCallDirect [2010/06/06 08:56:41 | 000,000,430 | ---- | M] () -- C:\Windows\Tasks\Driver Robot.job [2010/06/10 05:32:01 | 000,000,402 | ---- | M] () -- C:\Windows\Tasks\EasyShare Registration Task.job [2010/06/20 08:59:46 | 000,032,578 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2010/06/20 13:07:00 | 000,000,420 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{4FF765DE-3D32-47CA-86EB-2C70321932C3}.job ========== Purity Check ========== < End of report > PRC - [2010/06/20 12:55:08 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\b\Desktop\OTL.scr PRC - [2010/06/20 12:53:59 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Users\b\Desktop\OTH.scr PRC - [2010/05/06 13:59:42 | 002,815,192 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe ========== Modules (SafeList) ========== MOD - [2010/06/20 12:55:08 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\b\Desktop\OTL.scr MOD - [2009/04/10 23:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll MOD - [2008/01/20 19:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx ========== Win32 Services (SafeList) ========== SRV - [2010/05/06 13:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner) SRV - [2010/05/06 13:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner) SRV - [2010/05/06 13:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2009/09/28 09:42:50 | 000,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2009/09/24 18:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService) SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice) SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService) SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr) SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr) SRV - [2008/09/05 11:52:32 | 003,220,856 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate) SRV - [2008/05/22 18:10:42 | 001,245,064 | ---- | M] () [On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC) SRV - [2008/04/16 11:55:02 | 000,221,239 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\stacsv.exe -- (STacSV) SRV - [2008/03/26 15:26:56 | 000,341,328 | ---- | M] () [Auto | Running] -- C:\Windows\SMINST\BLService.exe -- (Recovery Service for Windows) SRV - [2008/02/11 22:05:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\AEstSrv.exe -- (AESTFilters) SRV - [2008/02/09 15:06:00 | 000,238,968 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler) SRV - [2008/01/20 19:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007/12/11 12:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio) SRV - [2007/08/22 00:21:00 | 000,055,640 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost) SRV - [2007/01/04 14:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service) ========== Driver Services (SafeList) ========== DRV - [2010/05/06 13:39:23 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2010/05/06 13:39:00 | 000,164,048 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2010/05/06 13:34:27 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2010/05/06 13:34:10 | 000,051,792 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2010/05/06 13:33:47 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - [2010/02/26 21:34:18 | 000,025,656 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\hpdskflt.sys -- (hpdskflt) DRV - [2010/02/26 21:33:56 | 000,033,848 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer) DRV - [2009/12/30 12:21:16 | 000,027,192 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\revoflt.sys -- (Revoflt) DRV - [2009/09/30 02:00:00 | 001,323,568 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20090930.002\NAVEX15.SYS -- (NAVEX15) DRV - [2009/09/30 02:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2009/09/30 02:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2009/09/30 02:00:00 | 000,084,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20090930.002\NAVENG.SYS -- (NAVENG) DRV - [2009/09/02 04:09:24 | 000,176,128 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2009/07/17 05:40:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2009/02/19 12:31:42 | 000,024,112 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM) DRV - [2009/02/19 12:31:18 | 000,041,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMNDISV.SYS -- (SYMNDISV) DRV - [2009/02/19 12:31:16 | 000,184,496 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI) DRV - [2009/02/19 12:31:16 | 000,096,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMFW.SYS -- (SYMFW) DRV - [2009/02/19 12:31:16 | 000,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV) DRV - [2009/02/19 12:31:16 | 000,013,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMDNS.SYS -- (SYMDNS) DRV - [2009/01/10 09:17:09 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent) DRV - [2008/11/21 22:53:40 | 001,204,128 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2008/09/12 00:33:24 | 000,270,384 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20081106.001\IDSvix86.sys -- (IDSvix86) DRV - [2008/09/05 14:31:42 | 000,447,024 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv) DRV - [2008/07/30 17:42:12 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\COH_Mon.sys -- (COH_Mon) DRV - [2008/04/27 11:07:44 | 000,909,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2008/04/21 20:59:04 | 000,062,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTSTOR.sys -- (RTSTOR) DRV - [2008/04/16 11:58:24 | 000,379,904 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA) DRV - [2008/04/14 15:56:18 | 000,170,000 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\ahcix86s.sys -- (ahcix86s) DRV - [2008/03/28 04:24:16 | 003,544,064 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2008/01/31 16:51:00 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL) DRV - [2008/01/31 16:51:00 | 000,279,088 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP) DRV - [2008/01/31 16:51:00 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX) DRV - [2008/01/23 14:23:12 | 000,052,736 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir) DRV - [2008/01/20 19:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR) DRV - [2008/01/20 19:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2008/01/20 19:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2008/01/20 19:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2008/01/20 19:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2008/01/20 19:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2008/01/20 19:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2008/01/20 19:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2008/01/20 19:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2008/01/20 19:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel® DRV - [2008/01/20 19:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2008/01/20 19:23:23 | 000,654,336 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (winachsf) DRV - [2008/01/20 19:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2008/01/20 19:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2008/01/20 19:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2008/01/20 19:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2008/01/20 19:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2008/01/20 19:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2008/01/20 19:23:22 | 000,987,648 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (HSF_DPV) DRV - [2008/01/20 19:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2008/01/20 19:23:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL) DRV - [2008/01/20 19:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2008/01/20 19:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2008/01/20 19:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2008/01/20 19:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2008/01/20 19:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008/01/20 19:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2008/01/20 19:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2008/01/17 12:31:26 | 000,196,784 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP) DRV - [2008/01/07 13:42:04 | 000,015,416 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\Amddfltr.sys -- (Amddfltr) DRV - [2007/08/08 16:39:00 | 000,036,056 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\CO_Mon.sys -- (CO_Mon) DRV - [2007/07/11 10:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HpqRemHid.sys -- (HpqRemHid) DRV - [2007/07/03 16:58:20 | 000,106,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm) DRV - [2007/07/03 16:57:24 | 000,011,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl) DRV - [2007/07/03 16:54:24 | 000,080,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM) DRV - [2007/06/18 17:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV - [2007/05/02 11:12:36 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssm_mdm.sys -- (ssm_mdm) DRV - [2007/05/02 11:12:36 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssm_mdfl.sys -- (ssm_mdfl) DRV - [2007/05/02 11:12:34 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssm_bus.sys -- (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM) DRV - [2006/11/03 02:33:00 | 000,016,512 | R--- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PELMOUSE.SYS -- (pelmouse) DRV - [2006/11/03 02:33:00 | 000,013,184 | R--- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PELUSBlf.SYS -- (pelusblf) DRV - [2006/11/02 02:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006/11/02 02:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006/11/02 02:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006/11/02 02:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006/11/02 02:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006/11/02 02:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006/11/02 02:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006/11/02 02:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006/11/02 02:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006/11/02 02:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006/11/02 02:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006/11/02 01:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006/11/02 01:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006/11/02 01:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006/11/02 01:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006/11/02 01:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006/11/02 01:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006/11/02 00:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006/11/02 00:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm60x32.sys -- (NVENETFD) DRV - [2006/11/02 00:30:53 | 000,464,384 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XV) DRV - [2006/10/29 13:23:12 | 000,007,680 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO) DRV - [2004/02/04 11:27:56 | 000,049,536 | ---- | M] (Texas Instruments Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tiehdusb.sys -- (TIEHDUSB) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = AOL.com - Welcome to AOL IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = AOL.com - Welcome to AOL IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = {searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Search the Web IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = AOL.com - Welcome to AOL IE - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = AOL.com - Welcome to AOL IE - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = {searchTerms} IE - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Search the Web IE - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.) IE - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> IE - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555 IE - HKU\S-1-5-21-1286651634-2638253971-3409342703-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = AOL.com - Welcome to AOL IE - HKU\S-1-5-21-1286651634-2638253971-3409342703-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = AOL.com - Welcome to AOL IE - HKU\S-1-5-21-1286651634-2638253971-3409342703-1002\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = {searchTerms} IE - HKU\S-1-5-21-1286651634-2638253971-3409342703-1002\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Search the Web IE - HKU\S-1-5-21-1286651634-2638253971-3409342703-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008/11/05 00:58:53 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/02/08 08:42:11 | 000,000,000 | ---D | M] [2010/01/15 01:45:19 | 000,000,000 | ---D | M] -- C:\Users\hugues\AppData\Roaming\Mozilla\Extensions [2010/01/15 01:45:19 | 000,000,000 | ---D | M] -- C:\Users\hugues\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org O1 HOSTS File: ([2006/09/18 14:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.) O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (no name) - {3CA2BCE8-EC1F-44C5-A187-5CFE9A09D893}} - No CLSID value found. O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll (Symantec Corporation) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.) O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll (Yahoo! Inc) O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (&Browsertools by imediacentral.com) - {46BA7FF1-D32A-4369-88BF-882830A8FA67} - C:\Windows\System32\imediacentral_com_browsertools.dll () O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.) O3 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll (Symantec Corporation) O3 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1002\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found. O3 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1002\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll (Symantec Corporation) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software) O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard) O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [Mouse Suite 98 Daemon] C:\Windows\System32\ICO.EXE (Primax Electronics Ltd.) O4 - HKLM..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000..\Run: [imediacentral.com] C:\Windows\System32\recctrl2.exe () O4 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000..\Run: [internetCalls] C:\Program Files\InternetCalls.com\InternetCalls\internetcalls.exe (InternetCalls) O4 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000..\Run: [luduvupf] C:\Users\hugues\AppData\Local\owddcxwut\kvqrbxgtssd.exe (eSXi) O4 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1002..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000..\RunOnce: [shockwave Updater] C:\Windows\System32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -Mozilla\4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident\4.0; File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1 O7 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O7 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) O13 - gopher Prefix: missing O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet) O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet) O15 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1000\..Trusted Ranges: Range1 ([http] in Local intranet) O15 - HKU\S-1-5-21-1286651634-2638253971-3409342703-1002\..Trusted Ranges: Range1 ([http] in Local intranet) O16 - DPF: {44990B00-3C9D-426D-81DF-AAB636FA4345} https://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlcm.cab (Symantec Configuration Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 68.87.73.246 68.87.71.230 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\hugues\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O24 - Desktop BackupWallPaper: C:\Users\hugues\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008/05/22 19:20:45 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{63c3d3ce-aa61-11de-89d9-001e68ce36a8}\Shell - "" = AutoRun O33 - MountPoints2\{63c3d3ce-aa61-11de-89d9-001e68ce36a8}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 90 Days ========== [2010/06/20 09:23:20 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010/06/20 09:23:19 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010/06/20 09:23:19 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010/06/19 10:04:39 | 000,000,000 | ---D | C] -- C:\Users\hugues\AppData\Local\owddcxwut [2010/06/09 04:15:29 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll [2010/06/09 04:15:26 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2010/06/09 04:15:26 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2010/06/09 04:15:12 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010/06/09 04:15:12 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2010/06/09 04:15:12 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010/06/09 04:15:11 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2010/06/09 04:15:10 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2010/06/09 04:15:10 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2010/06/09 04:15:10 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2010/06/09 04:15:09 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2010/06/09 04:15:09 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2010/06/09 04:15:09 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010/06/09 04:15:05 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2010/06/09 04:15:05 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2010/06/09 04:15:05 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2010/06/09 04:15:05 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2010/06/09 04:15:05 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2010/06/09 04:15:03 | 002,037,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2010/06/07 22:12:14 | 000,164,048 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys [2010/06/07 22:12:14 | 000,019,024 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys [2010/06/07 22:12:12 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys [2010/06/07 22:12:10 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys [2010/06/07 22:12:09 | 000,051,792 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys [2010/06/07 22:11:29 | 000,165,032 | ---- | C] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe [2010/06/07 22:11:29 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\System32\avastSS.scr [2010/06/07 18:45:43 | 000,000,000 | ---D | C] -- C:\Users\hugues\Documents\New Folder [2010/05/26 02:32:29 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2010/05/22 15:53:15 | 000,000,000 | ---D | C] -- C:\Users\hugues\Documents\graduation [8 C:\Users\hugues\Documents\*.tmp files -> C:\Users\hugues\Documents\*.tmp -> ] [6 C:\Users\hugues\Desktop\*.tmp files -> C:\Users\hugues\Desktop\*.tmp -> ] ========== Files - Modified Within 90 Days ========== [2010/06/20 13:17:00 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{4FF765DE-3D32-47CA-86EB-2C70321932C3}.job [2010/06/20 13:01:06 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010/06/20 13:01:06 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010/06/20 12:59:26 | 005,242,880 | -HS- | M] () -- C:\Users\hugues\ntuser.dat [2010/06/20 12:56:01 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010/06/20 09:23:24 | 000,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010/06/20 09:06:48 | 000,524,288 | -HS- | M] () -- C:\Users\hugues\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms [2010/06/20 09:06:48 | 000,065,536 | -HS- | M] () -- C:\Users\hugues\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf [2010/06/20 09:02:01 | 000,000,267 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini [2010/06/20 09:01:27 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010/06/20 09:01:11 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010/06/20 09:00:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010/06/20 09:00:53 | 2950,520,832 | -HS- | M] () -- C:\hiberfil.sys [2010/06/20 08:59:45 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2010/06/20 00:10:32 | 003,320,255 | -H-- | M] () -- C:\Users\hugues\AppData\Local\IconCache.db [2010/06/19 22:59:49 | 000,000,632 | RHS- | M] () -- C:\Users\hugues\ntuser.pol [2010/06/17 08:13:43 | 000,035,840 | ---- | M] () -- C:\Users\hugues\Desktop\gc hugues.doc [2010/06/17 08:13:03 | 000,035,840 | ---- | M] () -- C:\Users\hugues\Desktop\GC lab gaelle.doc [2010/06/17 04:46:33 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$ lab gaelle.doc [2010/06/17 04:45:58 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$ hugues.doc [2010/06/17 04:45:30 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Desktop\~$C lab 2.docx [2010/06/13 22:10:56 | 002,614,028 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 09 ch203 organic.pptx [2010/06/13 12:34:15 | 002,614,028 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 09 ch 203 orga.pptx [2010/06/13 12:18:50 | 005,805,056 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 08 ch203 orga.ppt [2010/06/13 12:17:40 | 003,503,964 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 07 ch203 orga.pptx [2010/06/13 12:15:47 | 006,023,586 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 06 ch203 orga.pptx [2010/06/13 12:14:55 | 003,945,009 | ---- | M] () -- C:\Users\hugues\Desktop\chapter ch203 orga.pptx [2010/06/13 12:12:46 | 005,711,819 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 04 ch 203 orga.pptx [2010/06/13 12:10:28 | 003,787,717 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 03 ch203 orga.pptx [2010/06/13 12:07:49 | 007,697,442 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 02 ch203 orga.pptx [2010/06/13 12:05:09 | 009,198,158 | ---- | M] () -- C:\Users\hugues\Desktop\chapter 01 ch203 orga.pptx [2010/06/12 09:09:05 | 000,121,856 | ---- | M] () -- C:\Users\hugues\Desktop\answer exam 1 organic.ppt [2010/06/10 21:47:20 | 000,402,984 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010/06/10 05:32:01 | 000,000,402 | ---- | M] () -- C:\Windows\tasks\EasyShare Registration Task.job [2010/06/09 22:51:53 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2010/06/09 05:56:44 | 000,011,218 | ---- | M] () -- C:\Users\hugues\Desktop\post lab.docx [2010/06/07 22:12:15 | 000,001,840 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2010/06/07 22:12:09 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [2010/06/07 01:49:26 | 000,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010/06/07 01:49:26 | 000,595,684 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010/06/07 01:49:26 | 000,101,350 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010/06/06 09:02:08 | 000,010,553 | ---- | M] () -- C:\Users\hugues\Documents\On your birthday.docx [2010/06/06 08:56:41 | 000,000,430 | ---- | M] () -- C:\Windows\tasks\Driver Robot.job [2010/06/05 07:05:45 | 000,000,000 | ---- | M] () -- C:\ProgramData\LauncherAccess.dt [2010/06/05 07:02:27 | 000,029,184 | ---- | M] () -- C:\Users\hugues\Desktop\Melting Point hugues.doc [2010/06/05 07:01:57 | 000,040,960 | ---- | M] () -- C:\Users\hugues\Desktop\tlc hugues.doc [2010/06/05 07:01:06 | 000,264,704 | ---- | M] () -- C:\Users\hugues\Documents\example lab Report tlc.doc [2010/06/03 00:56:04 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForhugues.job [2010/06/03 00:28:25 | 000,014,299 | ---- | M] () -- C:\Users\hugues\Desktop\TLC lab 2.docx [2010/06/01 00:21:16 | 000,059,982 | ---- | M] () -- C:\Users\hugues\Documents\conversa with ga.docx [2010/05/31 22:48:33 | 000,000,548 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - hugues.job [2010/05/31 02:56:09 | 000,015,737 | ---- | M] () -- C:\Users\hugues\Documents\Selam gaell1.docx [2010/05/27 13:47:40 | 000,021,950 | ---- | M] () -- C:\Users\hugues\Documents\selam gaelle.docx [2010/05/27 10:13:14 | 000,014,782 | ---- | M] () -- C:\Users\hugues\Documents\selam gaelle 1(Autosaved).docx [2010/05/27 10:13:14 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Documents\~$lam gaelle 1(Autosaved).docx [2010/05/26 16:55:16 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Documents\~$lam gaelle.docx [2010/05/26 15:52:00 | 000,164,955 | ---- | M] () -- C:\Users\hugues\Documents\si l'amitie.docx [2010/05/26 14:23:03 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Documents\~$ l'amitie.docx [2010/05/26 13:27:01 | 000,028,514 | ---- | M] () -- C:\Users\hugues\Documents\excuse moi pour today.docx [2010/05/26 12:31:41 | 000,000,162 | -H-- | M] () -- C:\Users\hugues\Documents\~$cuse moi pour today.docx [2010/05/26 10:06:41 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2010/05/26 08:58:25 | 000,012,493 | ---- | M] () -- C:\Users\hugues\Documents\tu sais quoi.docx [2010/05/26 07:47:41 | 000,289,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2010/05/21 14:14:28 | 000,221,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [8 C:\Users\hugues\Documents\*.tmp files -> C:\Users\hugues\Documents\*.tmp -> ] [6 C:\Users\hugues\Desktop\*.tmp files -> C:\Users\hugues\Desktop\*.tmp -> ] ========== Files Created - No Company Name ========== [2010/06/20 09:23:24 | 000,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010/06/19 22:59:49 | 000,000,632 | RHS- | C] () -- C:\Users\hugues\ntuser.pol [2010/06/17 04:46:33 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$ lab gaelle.doc [2010/06/17 04:45:58 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$ hugues.doc [2010/06/17 04:45:56 | 000,035,840 | ---- | C] () -- C:\Users\hugues\Desktop\gc hugues.doc [2010/06/17 04:45:30 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Desktop\~$C lab 2.docx [2010/06/17 04:22:13 | 000,035,840 | ---- | C] () -- C:\Users\hugues\Desktop\GC lab gaelle.doc [2010/06/13 22:10:39 | 002,614,028 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 09 ch203 organic.pptx [2010/06/13 12:34:00 | 002,614,028 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 09 ch 203 orga.pptx [2010/06/13 12:18:46 | 005,805,056 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 08 ch203 orga.ppt [2010/06/13 12:17:24 | 003,503,964 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 07 ch203 orga.pptx [2010/06/13 12:15:43 | 006,023,586 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 06 ch203 orga.pptx [2010/06/13 12:14:37 | 003,945,009 | ---- | C] () -- C:\Users\hugues\Desktop\chapter ch203 orga.pptx [2010/06/13 12:12:42 | 005,711,819 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 04 ch 203 orga.pptx [2010/06/13 12:10:24 | 003,787,717 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 03 ch203 orga.pptx [2010/06/13 12:07:44 | 007,697,442 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 02 ch203 orga.pptx [2010/06/13 12:05:05 | 009,198,158 | ---- | C] () -- C:\Users\hugues\Desktop\chapter 01 ch203 orga.pptx [2010/06/12 09:08:59 | 000,121,856 | ---- | C] () -- C:\Users\hugues\Desktop\answer exam 1 organic.ppt [2010/06/09 05:44:17 | 000,011,218 | ---- | C] () -- C:\Users\hugues\Desktop\post lab.docx [2010/06/07 22:13:05 | 000,001,971 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2010/06/07 22:12:15 | 000,001,840 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2010/06/06 09:02:00 | 000,010,553 | ---- | C] () -- C:\Users\hugues\Documents\On your birthday.docx [2010/06/05 07:01:05 | 000,264,704 | ---- | C] () -- C:\Users\hugues\Documents\example lab Report tlc.doc [2010/06/03 00:28:24 | 000,014,299 | ---- | C] () -- C:\Users\hugues\Desktop\TLC lab 2.docx [2010/06/02 23:11:37 | 000,040,960 | ---- | C] () -- C:\Users\hugues\Desktop\tlc hugues.doc [2010/06/02 23:05:41 | 000,012,814 | ---- | C] () -- C:\Users\hugues\Documents\physics (2).docx [2010/06/02 23:05:30 | 000,069,120 | ---- | C] () -- C:\Users\hugues\Documents\BIOL_4501_F04_exam2.doc [2010/06/02 23:05:30 | 000,057,344 | ---- | C] () -- C:\Users\hugues\Documents\ch_11_instructor_guide micro.doc [2010/06/02 23:05:30 | 000,050,688 | ---- | C] () -- C:\Users\hugues\Documents\PH204_Practice_Final_Exam.doc [2010/06/02 23:05:30 | 000,024,819 | ---- | C] () -- C:\Users\hugues\Documents\gaelle micro.docx [2010/06/02 23:05:30 | 000,001,871 | ---- | C] () -- C:\Users\hugues\Documents\HP Help and Support.lnk [2010/06/02 23:05:29 | 000,298,496 | ---- | C] () -- C:\Users\hugues\Documents\ch_14_test_bank micro.doc [2010/06/02 23:05:29 | 000,219,136 | ---- | C] () -- C:\Users\hugues\Documents\Chapter17web.doc [2010/06/02 23:05:29 | 000,196,096 | ---- | C] () -- C:\Users\hugues\Documents\Lect Notes 203.doc [2010/06/02 23:05:29 | 000,133,120 | ---- | C] () -- C:\Users\hugues\Documents\Chapter16web.doc [2010/06/02 23:05:29 | 000,076,288 | ---- | C] () -- C:\Users\hugues\Documents\ch_14_instructor_guide.doc [2010/06/02 23:05:29 | 000,074,240 | ---- | C] () -- C:\Users\hugues\Documents\BI 203 Test 16.doc [2010/06/02 23:05:29 | 000,062,976 | ---- | C] () -- C:\Users\hugues\Documents\ch_15_test_bank biology.doc [2010/06/02 23:05:29 | 000,055,296 | ---- | C] () -- C:\Users\hugues\Documents\BI 203 Test 17.doc [2010/06/02 23:05:29 | 000,021,346 | ---- | C] () -- C:\Users\hugues\Documents\harmonic.docx [2010/06/02 23:05:29 | 000,018,180 | ---- | C] () -- C:\Users\hugues\Documents\vocabulary for microbiology chapter 14.docx [2010/06/02 23:05:28 | 001,743,872 | ---- | C] () -- C:\Users\hugues\Documents\chapter11book.doc [2010/06/02 23:05:28 | 000,251,904 | ---- | C] () -- C:\Users\hugues\Documents\Energy-in-Thermal-Processes.ppt [2010/06/02 23:05:28 | 000,070,926 | ---- | C] () -- C:\Users\hugues\Documents\heat and fusion lab.docx [2010/06/02 23:05:28 | 000,054,272 | ---- | C] () -- C:\Users\hugues\Documents\Unknown Lab Report.doc [2010/06/02 23:05:28 | 000,048,128 | ---- | C] () -- C:\Users\hugues\Documents\Exam2 F2006.doc [2010/06/02 23:05:28 | 000,045,568 | ---- | C] () -- C:\Users\hugues\Documents\objective chapter micro.doc [2010/06/02 23:05:28 | 000,013,972 | ---- | C] () -- C:\Users\hugues\Documents\Jean Emmanuel Durace Professor Steve Microbiology Unknown.docx [2010/06/02 23:05:27 | 001,728,000 | ---- | C] () -- C:\Users\hugues\Documents\Vibrations-and-Waves.ppt [2010/06/02 23:05:27 | 000,234,496 | ---- | C] () -- C:\Users\hugues\Documents\Fluid.doc [2010/06/02 23:05:27 | 000,167,424 | ---- | C] () -- C:\Users\hugues\Documents\Archimedes.doc [2010/06/02 23:05:27 | 000,096,768 | ---- | C] () -- C:\Users\hugues\Documents\ACS Practice Test 1.doc [2010/06/02 23:05:27 | 000,062,464 | ---- | C] () -- C:\Users\hugues\Documents\212Lab01_Archimedes.doc [2010/06/02 23:05:27 | 000,046,592 | ---- | C] () -- C:\Users\hugues\Documents\me313-5W08.doc [2010/06/02 23:05:27 | 000,037,376 | ---- | C] () -- C:\Users\hugues\Documents\Answer Key acs Test 2.doc [2010/06/02 23:05:27 | 000,033,792 | ---- | C] () -- C:\Users\hugues\Documents\Answer Key acsTest 1.doc [2010/06/02 23:05:27 | 000,032,979 | ---- | C] () -- C:\Users\hugues\Documents\Cinchona and its Product.docx [2010/06/02 23:05:27 | 000,029,757 | ---- | C] () -- C:\Users\hugues\Documents\GNLD Online Store.docx [2010/06/02 23:05:26 | 005,795,840 | ---- | C] () -- C:\Users\hugues\Documents\Chapter17_LEC.ppt [2010/06/02 23:05:26 | 000,062,281 | ---- | C] () -- C:\Users\hugues\Documents\archimed.docx [2010/06/02 23:05:25 | 010,184,192 | ---- | C] () -- C:\Users\hugues\Documents\Chapter15_LEC.ppt [2010/06/02 23:05:23 | 012,636,160 | ---- | C] () -- C:\Users\hugues\Documents\Chapter16_ chemistry.ppt [2010/06/02 23:05:23 | 000,378,373 | ---- | C] () -- C:\Users\hugues\Documents\A block of cherry wood that is 20 cm long.docx [2010/06/02 23:05:23 | 000,011,353 | ---- | C] () -- C:\Users\hugues\Documents\Problem1.docx [2010/06/02 23:05:22 | 006,416,896 | ---- | C] () -- C:\Users\hugues\Documents\sln chapter7 prof.doc [2010/06/02 23:05:22 | 005,068,288 | ---- | C] () -- C:\Users\hugues\Documents\sln chapter9 prof.doc [2010/06/02 23:05:22 | 002,890,240 | ---- | C] () -- C:\Users\hugues\Documents\prob chapter9 prof.doc [2010/06/02 23:05:22 | 002,040,832 | ---- | C] () -- C:\Users\hugues\Documents\problem chapter7 prof.doc [2010/06/02 23:05:22 | 001,886,208 | ---- | C] () -- C:\Users\hugues\Documents\Rotational-Equilibrium-and-dynamics.ppt [2010/06/02 23:05:22 | 000,055,770 | ---- | C] () -- C:\Users\hugues\Documents\lab equilibruim.docx [2010/06/02 23:05:22 | 000,011,316 | ---- | C] () -- C:\Users\hugues\Documents\physics lab 7.docx [2010/06/02 23:05:21 | 000,947,200 | ---- | C] () -- C:\Users\hugues\Documents\exam biolo.doc [2010/06/02 23:05:21 | 000,196,096 | ---- | C] () -- C:\Users\hugues\Documents\Lect Notes 203.doc [2010/06/02 05:22:59 | 000,029,184 | ---- | C] () -- C:\Users\hugues\Desktop\Melting Point hugues.doc [2010/06/01 00:21:14 | 000,059,982 | ---- | C] () -- C:\Users\hugues\Documents\conversa with ga.docx [2010/05/31 01:40:55 | 000,015,737 | ---- | C] () -- C:\Users\hugues\Documents\Selam gaell1.docx [2010/05/27 10:13:14 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Documents\~$lam gaelle 1(Autosaved).docx [2010/05/27 10:13:13 | 000,014,782 | ---- | C] () -- C:\Users\hugues\Documents\selam gaelle 1(Autosaved).docx [2010/05/26 16:55:16 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Documents\~$lam gaelle.docx [2010/05/26 14:23:03 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Documents\~$ l'amitie.docx [2010/05/26 14:23:02 | 000,164,955 | ---- | C] () -- C:\Users\hugues\Documents\si l'amitie.docx [2010/05/26 12:31:41 | 000,000,162 | -H-- | C] () -- C:\Users\hugues\Documents\~$cuse moi pour today.docx [2010/05/26 12:31:39 | 000,028,514 | ---- | C] () -- C:\Users\hugues\Documents\excuse moi pour today.docx [2010/05/26 08:58:23 | 000,012,493 | ---- | C] () -- C:\Users\hugues\Documents\tu sais quoi.docx [2010/05/26 08:58:06 | 000,021,950 | ---- | C] () -- C:\Users\hugues\Documents\selam gaelle.docx [2009/09/18 07:33:28 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009/06/13 08:36:24 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2009/05/30 23:05:15 | 000,719,360 | ---- | C] () -- C:\Windows\System32\imediacentral_com_browsertools.dll [2009/05/30 23:05:15 | 000,343,040 | ---- | C] () -- C:\Windows\System32\browsertools_helper.dll [2009/03/05 07:54:58 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2009/02/22 14:33:20 | 000,001,208 | ---- | C] () -- C:\Windows\Radio_Fr.ini [2008/10/12 05:07:08 | 000,008,771 | ---- | C] () -- C:\Windows\System32\Setup2k.ini [2008/10/12 05:07:08 | 000,000,184 | ---- | C] () -- C:\Windows\System32\presetup.ini [2008/03/28 02:19:10 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2006/11/02 05:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 00:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006/03/08 10:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll ========== LOP Check ========== [2010/01/05 11:17:05 | 000,000,000 | ---D | M] -- C:\Users\hugues\AppData\Roaming\BitDefender [2010/01/30 14:17:57 | 000,000,000 | ---D | M] -- C:\Users\hugues\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2009/05/30 23:03:36 | 000,000,000 | ---D | M] -- C:\Users\hugues\AppData\Roaming\FlashMediaStation [2009/06/10 08:56:02 | 000,000,000 | ---D | M] -- C:\Users\hugues\AppData\Roaming\Freeradiorecorder [2009/12/03 22:39:36 | 000,000,000 | ---D | M] -- C:\Users\hugues\AppData\Roaming\InternetCalls [2010/01/15 02:01:58 | 000,000,000 | ---D | M] -- C:\Users\hugues\AppData\Roaming\LimeWire [2009/06/15 04:48:49 | 000,000,000 | ---D | M] -- C:\Users\hugues\AppData\Roaming\Samsung [2008/11/29 15:53:03 | 000,000,000 | ---D | M] -- C:\Users\hugues\AppData\Roaming\Skinux [2008/11/30 13:46:19 | 000,000,000 | ---D | M] -- C:\Users\hugues\AppData\Roaming\Template [2010/03/06 15:17:37 | 000,000,000 | ---D | M] -- C:\Users\hugues\AppData\Roaming\VS Revo Group [2008/12/28 13:42:42 | 000,000,000 | ---D | M] -- C:\Users\hugues\AppData\Roaming\WebCallDirect [2010/06/06 08:56:41 | 000,000,430 | ---- | M] () -- C:\Windows\Tasks\Driver Robot.job [2010/06/10 05:32:01 | 000,000,402 | ---- | M] () -- C:\Windows\Tasks\EasyShare Registration Task.job [2010/06/20 08:59:46 | 000,032,578 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2010/06/20 13:17:00 | 000,000,420 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{4FF765DE-3D32-47CA-86EB-2C70321932C3}.job ========== Purity Check ========== < End of report > MERCI UNE FOIS DE PLUS