Here is the quick scan log:
OTL logfile created on: 2010-11-08 07:42:38 - Run 2
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Propriétaire\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 50,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465,75 Gb Total Space | 400,53 Gb Free Space | 86,00% Space Free | Partition Type: NTFS
Computer Name: FREDERICK | User Name: Propriétaire | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2010-11-07 13:32:15 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Propriétaire\Bureau\OTL.exe
PRC - [2010-08-13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010-08-02 16:10:00 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010-08-02 16:09:55 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010-08-02 16:09:55 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010-07-21 06:43:54 | 000,965,176 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi.exe
PRC - [2010-05-14 10:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
PRC - [2010-05-07 17:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2010-05-07 17:43:52 | 000,651,096 | ---- | M] () -- C:\Program Files\Fichiers communs\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2010-05-07 17:35:22 | 000,165,208 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2010-05-07 17:34:58 | 000,168,792 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
PRC - [2010-04-29 14:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2010-04-29 14:39:32 | 000,437,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2010-02-02 17:31:56 | 000,279,296 | ---- | M] (Motorola) -- C:\Program Files\Motorola\MotoConnectService\MotoConnect.exe
PRC - [2010-01-27 11:37:22 | 000,091,392 | ---- | M] () -- C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe
PRC - [2010-01-14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009-08-18 10:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE
PRC - [2009-08-18 10:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVCM.EXE
PRC - [2009-07-20 10:51:52 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009-02-18 23:33:08 | 000,809,488 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
PRC - [2009-02-18 23:28:52 | 000,076,304 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\KHAL2\KHALMNPR.exe
PRC - [2008-12-10 23:00:00 | 000,016,680 | ---- | M] (Sage Software) -- C:\Program Files\winsim\ConnectionManager\SimplyConnectionManager.exe
PRC - [2008-08-12 15:45:20 | 000,112,640 | ---- | M] (ZeroG Software) -- C:\Program Files\Belkin Automatic Power Management Software\BelkinAPMmonitor.exe
PRC - [2008-08-12 15:45:19 | 000,112,640 | ---- | M] (ZeroG Software) -- C:\Program Files\Belkin Automatic Power Management Software\BelkinAPMRMI.exe
PRC - [2008-08-12 15:45:17 | 000,112,640 | ---- | M] (ZeroG Software) -- C:\Program Files\Belkin Automatic Power Management Software\BelkinAPM.exe
PRC - [2008-08-12 15:44:57 | 000,020,576 | ---- | M] () -- C:\Program Files\Belkin Automatic Power Management Software\jre\bin\javaw.exe
PRC - [2008-08-09 13:21:23 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008-04-13 18:34:14 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Outlook Express\msimn.exe
PRC - [2008-04-13 18:34:04 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-08-23 16:40:48 | 000,079,136 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
PRC - [2003-12-17 08:50:00 | 000,019,968 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\LOGI_MWX.EXE
========== Modules (SafeList) ========== MOD - [2010-11-07 13:32:15 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Propriétaire\Bureau\OTL.exe
MOD - [2010-08-23 11:12:39 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2009-07-12 01:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
MOD - [2009-02-18 23:31:16 | 000,045,584 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\lgscroll.dll
========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- C:\zzz\PEV.cfx -- (PEVSystemStart)
SRV - File not found [Disabled | Stopped] -- -- (NMIndexingService)
SRV - File not found [Auto | Stopped] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - File not found [Auto | Stopped] -- c:\PROGRA~1\mcafee\siteadvisor\mcsacore.exe -- (McAfee SiteAdvisor Service)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010-08-13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010-08-02 16:10:00 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010-08-02 16:09:55 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010-05-07 17:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2010-04-29 14:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010-03-18 15:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2010-03-18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-03-18 12:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2010-01-27 15:18:22 | 000,013,160 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\599\g2aservice.exe -- (GoToAssist)
SRV - [2010-01-27 11:37:22 | 000,091,392 | ---- | M] () [Auto | Running] -- C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe -- (MotoConnect Service)
SRV - [2009-08-18 10:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009-07-20 10:51:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009-02-18 23:30:20 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2008-12-10 23:00:00 | 000,016,680 | ---- | M] (Sage Software) [Auto | Running] -- C:\Program Files\winsim\ConnectionManager\SimplyConnectionManager.exe -- (Gestionnaire de connexion de Simple Comptable)
SRV - [2008-11-04 00:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008-08-12 15:45:21 | 000,112,640 | ---- | M] (ZeroG Software) [On_Demand | Stopped] -- C:\Program Files\Belkin Automatic Power Management Software\BelkinAPMmanager.exe -- (BelkinAPMmanager)
SRV - [2008-08-12 15:45:20 | 000,112,640 | ---- | M] (ZeroG Software) [On_Demand | Running] -- C:\Program Files\Belkin Automatic Power Management Software\BelkinAPMmonitor.exe -- (BelkinAPMmonitor)
SRV - [2008-08-12 15:45:19 | 000,112,640 | ---- | M] (ZeroG Software) [On_Demand | Running] -- C:\Program Files\Belkin Automatic Power Management Software\BelkinAPMRMI.exe -- (BelkinAPMRMI)
SRV - [2008-08-12 15:45:17 | 000,112,640 | ---- | M] (ZeroG Software) [Auto | Running] -- C:\Program Files\Belkin Automatic Power Management Software\BelkinAPM.exe -- (BelkinAPM)
SRV - [2008-08-08 20:28:27 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008-04-10 19:08:44 | 000,212,992 | ---- | M] (IDT, Inc.) [Auto | Stopped] -- C:\WINDOWS\system32\stacsv.exe -- (STacSV)
SRV - [2007-10-25 14:27:54 | 000,266,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc)
SRV - [2007-08-23 16:40:48 | 000,079,136 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2007-03-20 15:41:24 | 000,153,792 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3)
SRV - [2006-10-26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\smserial.sys -- (smserial)
DRV - File not found [File_System | Boot | Stopped] -- C:\WINDOWS\System32\DRIVERS\Lbd.sys -- (Lbd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010-08-02 16:10:08 | 000,126,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010-08-02 16:10:08 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010-07-27 03:15:20 | 000,023,904 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2010-07-27 03:14:58 | 006,842,464 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech QuickCam Pro 9000(UVC)
DRV - [2010-07-27 03:12:50 | 000,282,336 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2010-07-07 09:05:32 | 000,014,904 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2010-06-17 15:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010-06-17 15:27:12 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2010-05-07 17:43:30 | 000,025,824 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2010-04-29 14:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010-04-29 14:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMDrvService)
DRV - [2009-10-27 12:02:14 | 000,023,936 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2008-12-18 22:44:00 | 000,028,816 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2008-12-18 22:43:48 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2008-12-18 22:43:40 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2008-12-18 22:43:18 | 000,010,384 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2008-12-17 01:01:20 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2008-08-08 19:27:56 | 000,006,784 | ---- | M] (OSA Technologies, An Avocent Company) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\osaio.sys -- (osaio)
DRV - [2008-07-04 01:33:33 | 003,230,720 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008-05-23 15:54:38 | 000,030,816 | ---- | M] (Intel Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\iqvw32.sys -- (NAL)
DRV - [2008-04-13 10:45:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Pilote USB audio (WDM)
DRV - [2008-04-13 08:36:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008-04-10 19:10:10 | 001,271,032 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2008-02-06 17:39:32 | 000,242,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel(R)
DRV - [2008-01-31 20:05:04 | 000,054,272 | ---- | M] (Sonic Focus, Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sfng32.sys -- (sfng32)
DRV - [2007-05-11 18:00:14 | 000,045,056 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI) Intel(R)
DRV - [2006-12-28 10:57:00 | 000,045,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\intelsmb.sys -- (smbusp) Intel(R)
DRV - [2003-12-17 08:50:00 | 000,070,801 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouFlt2.Sys -- (LMouFlt2)
DRV - [2003-12-17 08:50:00 | 000,037,887 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHIDUSB.SYS -- (LHidUsb)
DRV - [2003-12-17 08:50:00 | 000,025,505 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidFlt2.Sys -- (LHidFlt2)
DRV - [2003-12-12 18:03:10 | 000,652,689 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5)
DRV - [2003-11-03 15:39:10 | 000,036,484 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SMBios.sys -- (SMBios) Intel (R)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
http://www.cyberpresse.ca/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.sympatico.ca/IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll File not found
IE - HKCU\..\URLSearchHook: {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files\myBabylon_English\tbmyBa.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Secure Search"
FF - prefs.js..browser.search.defaulturl: "http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=10588"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Secure Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/home?AF=10588"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems:
jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.4
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users\Application Data\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2010-02-06 16:31:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010-06-03 14:45:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-10-27 08:05:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-11-07 07:28:51 | 000,000,000 | ---D | M]
[2009-03-29 09:26:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Extensions
[2010-09-21 10:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\vyazh9z2.default\extensions
[2010-09-21 10:59:12 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\vyazh9z2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-06-03 12:33:29 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\vyazh9z2.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010-09-21 10:59:13 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\vyazh9z2.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010-06-03 12:32:56 | 000,001,827 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\vyazh9z2.default\searchplugins\bing.xml
[2010-11-05 11:24:13 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008-08-09 13:23:27 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010-05-05 04:35:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-11-05 11:24:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2008-08-09 13:23:27 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com
[2010-11-05 11:24:01 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-09-21 10:59:27 | 000,002,027 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\McSiteAdvisor.xml
O1 HOSTS File: ([2010-10-31 07:21:35 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll ()
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live ID) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll File not found
O2 - BHO: (myBabylon English Toolbar) - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files\myBabylon_English\tbmyBa.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll File not found
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll ()
O3 - HKLM\..\Toolbar: (myBabylon English Toolbar) - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files\myBabylon_English\tbmyBa.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (myBabylon English Toolbar) - {B2E293EE-FD7E-4C71-A714-5F4750D8D7B7} - C:\Program Files\myBabylon_English\tbmyBa.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Logitech Utility] C:\WINDOWS\LOGI_MWX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunServices: [BelkinAPM] C:\Program Files\Belkin Automatic Power Management Software\BelkinAPM.exe (ZeroG Software)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Outlook Express.lnk = C:\Program Files\Outlook Express\msimn.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage\Secunia PSI.lnk = C:\Program Files\Secunia\PSI\psi.exe (Secunia)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: Ajouter au fichier PDF existant - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir en Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537}
http://gfx2.hotmail.com/mail/w3/pr01/re ... NPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
http://www.update.microsoft.com/microso ... 8230099531 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Fichiers communs\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Propriétaire\Mes documents\Mes images\Papier peint de Internet Explorer.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Propriétaire\Mes documents\Mes images\Papier peint de Internet Explorer.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008-08-07 15:06:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2010-11-08 07:33:42 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010-11-08 07:33:18 | 000,000,000 | ---D | C] -- C:\_OTL
[2010-11-07 13:32:11 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Propriétaire\Bureau\OTL.exe
[2010-11-07 10:59:04 | 002,992,752 | ---- | C] (Safer Networking Limited ) -- C:\Documents and Settings\Propriétaire\Bureau\filealyz.exe
[2010-11-07 10:12:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Application Data\Avira
[2010-11-07 10:06:57 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2010-11-07 10:06:55 | 000,126,856 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010-11-07 10:06:55 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010-11-07 10:06:55 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2010-11-07 10:06:55 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2010-11-07 10:06:55 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010-11-07 10:06:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2010-11-07 09:54:56 | 000,000,000 | --SD | C] -- C:\zzz
[2010-11-07 07:51:05 | 001,329,752 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Propriétaire\Bureau\tdsskiller.exe
[2010-11-07 07:39:43 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Propriétaire\Bureau\TFC.exe
[2010-11-06 21:28:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Application Data\vlc
[2010-11-05 11:35:09 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Propriétaire\Bureau\mbam-setup-1.46.exe
[2010-11-05 05:14:51 | 027,634,824 | ---- | C] ( ) -- C:\Documents and Settings\Propriétaire\Bureau\AdbeRdr940_en_US.exe
[2010-11-04 18:40:01 | 000,000,000 | -H-D | C] -- C:\$AVG
[2010-11-04 17:06:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Bureau\kk
[2010-11-04 17:05:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Bureau\tdsskiller
[2010-11-04 16:57:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Bureau\rectordecryptor
[2010-11-04 11:21:27 | 000,955,272 | ---- | C] (Skype Technologies S.A.) -- C:\Documents and Settings\Propriétaire\Bureau\SkypeSetup.exe
[2010-11-02 19:42:49 | 027,634,824 | ---- | C] ( ) -- C:\Documents and Settings\Propriétaire\Mes documents\AdbeRdr940_en_US.exe
[2010-11-02 07:03:18 | 004,329,496 | ---- | C] (AVG Technologies) -- C:\Documents and Settings\Propriétaire\Mes documents\avg_free_stb_all_2011_1153_cnet.exe
[2010-11-01 21:33:31 | 000,000,000 | ---D | C] -- C:\Program Files\Secunia
[2010-10-31 13:21:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\FixItCenter
[2010-10-31 13:19:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\MATS
[2010-10-31 13:19:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Fix it Center
[2010-10-31 13:00:32 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010-10-31 13:00:30 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010-10-31 13:00:30 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010-10-31 12:17:40 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2010-10-31 11:31:51 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Propriétaire\Mes documents\mbam-setup-1.46.exe
[2010-10-31 11:27:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Temp
[2010-10-31 08:40:44 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\WINDOWS\System32\bootdelete.exe
[2010-10-31 07:37:07 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Propriétaire\Recent
[2010-10-31 06:42:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Bureau\SmitfraudFix
[2010-10-30 14:07:13 | 000,000,000 | ---D | C] -- C:\Program Files\Navilog1
[2010-10-30 14:05:47 | 000,000,000 | ---D | C] -- C:\Navilog1
[2010-10-30 11:59:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\BDOSCAN8
[2010-10-30 00:08:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010-10-29 22:02:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010-10-29 12:33:36 | 000,000,000 | ---D | C] -- C:\rsit
[2010-10-29 10:23:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010-10-28 20:15:06 | 000,098,392 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010-10-28 20:10:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Sunbelt Software
[2010-10-28 19:46:29 | 000,031,552 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe
[2010-10-28 19:46:27 | 000,029,504 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll
[2010-10-28 19:45:52 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2011
[2010-10-28 19:45:34 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2010-10-28 14:09:14 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2010-10-28 10:39:24 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010-10-28 10:36:31 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010-10-28 10:36:31 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010-10-28 10:36:31 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010-10-28 10:36:31 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010-10-28 10:36:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010-10-28 10:13:38 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010-10-26 13:32:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2010-10-19 19:16:00 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Skype
[2010-10-18 11:04:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Mes documents\Mes télécopies
========== Files - Modified Within 30 Days ========== [2010-11-08 07:37:38 | 000,001,000 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010-11-08 07:37:21 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010-11-08 07:37:21 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2000478354-1425521274-839522115-1003.job
[2010-11-08 07:37:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-11-08 07:37:02 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2010-11-08 07:27:53 | 000,000,300 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2000478354-1425521274-839522115-1003.job
[2010-11-08 07:27:00 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010-11-07 16:45:34 | 000,000,436 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{7C65EE39-0893-47DD-AB1C-7C2541AEA912}.job
[2010-11-07 13:32:15 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Propriétaire\Bureau\OTL.exe
[2010-11-07 13:30:06 | 000,075,264 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Bureau\SystemLook.exe
[2010-11-07 10:59:11 | 002,992,752 | ---- | M] (Safer Networking Limited ) -- C:\Documents and Settings\Propriétaire\Bureau\filealyz.exe
[2010-11-07 10:07:11 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Avira AntiVir Control Center.lnk
[2010-11-07 09:44:17 | 053,123,856 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Bureau\avira_antivir_personal_en.exe
[2010-11-07 09:31:38 | 003,904,516 | R--- | M] () -- C:\Documents and Settings\Propriétaire\Bureau\zzz.exe
[2010-11-07 08:47:27 | 000,364,032 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Bureau\rkill.exe
[2010-11-07 07:51:07 | 001,329,752 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Propriétaire\Bureau\tdsskiller.exe
[2010-11-07 07:40:52 | 000,604,720 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2010-11-07 07:40:52 | 000,508,068 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-11-07 07:40:52 | 000,116,306 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2010-11-07 07:40:52 | 000,090,478 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-11-07 07:39:45 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Propriétaire\Bureau\TFC.exe
[2010-11-07 01:40:03 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010-11-06 21:27:45 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\VLC media player.lnk
[2010-11-06 21:25:12 | 019,657,194 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Bureau\vlc-1.1.4-win32.exe
[2010-11-06 16:29:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010-11-06 15:30:46 | 027,634,824 | ---- | M] ( ) -- C:\Documents and Settings\Propriétaire\Bureau\AdbeRdr940_en_US.exe
[2010-11-06 09:44:06 | 000,169,459 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Mes documents\Boatttail Rolls Royce.jpg
[2010-11-05 21:15:49 | 000,088,576 | ---- | M] () -- C:\WINDOWS\MBR.exe
[2010-11-05 11:36:36 | 000,000,732 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010-11-05 11:36:36 | 000,000,714 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010-11-05 11:35:21 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Propriétaire\Bureau\mbam-setup-1.46.exe
[2010-11-05 06:01:34 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010-11-05 06:00:41 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-11-04 17:04:32 | 001,213,675 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Bureau\tdsskiller.zip
[2010-11-04 14:48:14 | 000,001,916 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2010-11-04 11:22:08 | 000,955,272 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\Propriétaire\Bureau\SkypeSetup.exe
[2010-11-03 20:12:06 | 000,002,867 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.lnk
[2010-11-03 20:11:45 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.msi
[2010-11-03 05:53:10 | 000,098,392 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010-11-02 19:45:13 | 019,657,194 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Mes documents\vlc-1.1.4-win32.exe
[2010-11-02 19:42:51 | 027,634,824 | ---- | M] ( ) -- C:\Documents and Settings\Propriétaire\Mes documents\AdbeRdr940_en_US.exe
[2010-11-02 19:41:14 | 003,099,848 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Mes documents\TeamViewer_Setup.exe
[2010-11-02 19:35:55 | 000,000,720 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage\Secunia PSI.lnk
[2010-11-02 18:48:01 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Propriétaire\Mes documents\mbam-setup-1.46.exe
[2010-11-02 17:07:45 | 000,005,632 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-11-02 14:25:13 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010-11-02 14:25:13 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010-11-02 14:19:36 | 001,791,112 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Mes documents\C`estpasduHeinz.wmv
[2010-11-02 07:03:41 | 004,329,496 | ---- | M] (AVG Technologies) -- C:\Documents and Settings\Propriétaire\Mes documents\avg_free_stb_all_2011_1153_cnet.exe
[2010-11-01 22:21:32 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-10-31 13:19:07 | 000,000,736 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Microsoft Fix it Center.lnk
[2010-10-31 13:14:06 | 000,000,218 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Application Data\Microsoft\Internet Explorer\Quick Launch\Puro.url
[2010-10-31 12:47:53 | 000,059,664 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Bureau\mbam-clean.exe
[2010-10-31 11:41:12 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\housecall.guid.cache
[2010-10-31 08:40:45 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\WINDOWS\System32\bootdelete.exe
[2010-10-31 07:21:35 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010-10-30 12:23:12 | 000,000,739 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\ewido anti-malware.lnk
[2010-10-30 11:20:12 | 000,000,332 | RHS- | M] () -- C:\boot.ini
[2010-10-30 00:08:58 | 000,000,732 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Acrobat_com.lnk
[2010-10-28 14:09:23 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\TeamViewer 5.lnk
[2010-10-28 11:12:11 | 000,423,488 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.old
[2010-10-28 10:45:42 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101028-121211.backup
[2010-10-27 17:25:18 | 000,031,552 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe
[2010-10-27 17:21:08 | 000,029,504 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll
[2010-10-20 06:30:06 | 002,855,069 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Bureau\Paolillo4.jpg
[2010-10-20 06:26:51 | 002,037,018 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Bureau\Paolillo3.jpg
[2010-10-20 06:23:55 | 004,070,861 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Bureau\Paolilo2.jpg
[2010-10-20 06:20:42 | 001,525,424 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Bureau\Paolilio 1.jpg
[2010-10-19 19:16:00 | 000,001,878 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Skype.lnk
[2010-10-13 22:18:53 | 001,573,040 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
========== Files Created - No Company Name ========== [2010-11-07 13:30:06 | 000,075,264 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Bureau\SystemLook.exe
[2010-11-07 10:07:10 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Avira AntiVir Control Center.lnk
[2010-11-07 09:44:15 | 053,123,856 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Bureau\avira_antivir_personal_en.exe
[2010-11-07 09:31:31 | 003,904,516 | R--- | C] () -- C:\Documents and Settings\Propriétaire\Bureau\zzz.exe
[2010-11-07 08:47:26 | 000,364,032 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Bureau\rkill.exe
[2010-11-06 21:44:08 | 000,000,292 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2000478354-1425521274-839522115-1003.job
[2010-11-06 21:27:45 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\VLC media player.lnk
[2010-11-06 15:58:08 | 019,657,194 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Bureau\vlc-1.1.4-win32.exe
[2010-11-06 09:44:04 | 000,169,459 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Mes documents\Boatttail Rolls Royce.jpg
[2010-11-03 19:48:32 | 000,002,867 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.lnk
[2010-11-03 19:47:01 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.msi
[2010-11-02 19:45:12 | 019,657,194 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Mes documents\vlc-1.1.4-win32.exe
[2010-11-02 19:41:02 | 003,099,848 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Mes documents\TeamViewer_Setup.exe
[2010-11-02 19:35:55 | 000,000,720 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage\Secunia PSI.lnk
[2010-11-02 14:25:09 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010-11-02 14:19:29 | 001,791,112 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Mes documents\C`estpasduHeinz.wmv
[2010-11-01 22:21:32 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-10-31 13:19:07 | 000,000,736 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Microsoft Fix it Center.lnk
[2010-10-31 13:00:35 | 000,000,732 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010-10-31 12:47:46 | 000,059,664 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Bureau\mbam-clean.exe
[2010-10-31 12:12:35 | 001,213,675 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Bureau\tdsskiller.zip
[2010-10-31 11:41:12 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\housecall.guid.cache
[2010-10-30 12:23:12 | 000,000,739 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\ewido anti-malware.lnk
[2010-10-30 08:10:50 | 000,000,714 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010-10-28 14:09:23 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\TeamViewer 5.lnk
[2010-10-28 11:11:29 | 000,000,408 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010-10-28 10:39:28 | 000,000,216 | ---- | C] () -- C:\Boot.bak
[2010-10-28 10:39:26 | 000,263,488 | RHS- | C] () -- C:\cmldr
[2010-10-28 10:36:31 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010-10-28 10:36:31 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010-10-28 10:36:31 | 000,088,576 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010-10-28 10:36:31 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010-10-28 10:36:31 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010-10-26 10:42:07 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-10-20 06:30:03 | 002,855,069 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Bureau\Paolillo4.jpg
[2010-10-20 06:26:46 | 002,037,018 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Bureau\Paolillo3.jpg
[2010-10-20 06:23:52 | 004,070,861 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Bureau\Paolilo2.jpg
[2010-10-20 06:20:40 | 001,525,424 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Bureau\Paolilio 1.jpg
[2010-09-19 15:48:15 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\fusioncache.dat
[2010-07-27 03:03:20 | 010,829,656 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll
[2010-07-27 03:03:18 | 000,290,648 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll
[2010-05-07 17:46:36 | 000,014,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2010-05-07 17:43:30 | 000,025,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2010-02-15 11:46:56 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Application Data\$_hpcst$.hpc
[2009-02-12 21:59:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2009-02-12 19:03:41 | 000,364,544 | ---- | C] () -- C:\WINDOWS\System32\psCamDat.dll
[2009-01-05 14:44:10 | 000,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2008-12-16 18:06:50 | 000,090,411 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2008-10-31 08:30:11 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\nssckbi.dll
[2008-08-13 12:00:16 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2008-08-12 15:45:27 | 000,056,320 | ---- | C] () -- C:\WINDOWS\System32\smemory.dll
[2008-08-12 15:45:27 | 000,035,992 | ---- | C] () -- C:\WINDOWS\System32\jspWinRnia.DLL
[2008-08-12 15:45:26 | 000,060,156 | ---- | C] () -- C:\WINDOWS\System32\jspWinNm.DLL
[2008-08-12 15:45:26 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\jspWinRni.DLL
[2008-08-12 15:45:26 | 000,051,200 | ---- | C] () -- C:\WINDOWS\System32\TrayIcon12.dll
[2008-08-12 15:45:26 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\jspWin.dll
[2008-08-10 18:04:35 | 000,000,110 | ---- | C] () -- C:\WINDOWS\fiery.ini
[2008-08-10 17:50:04 | 000,000,248 | ---- | C] () -- C:\WINDOWS\efinl.ini
[2008-08-10 09:04:38 | 000,000,241 | ---- | C] () -- C:\WINDOWS\QSync.INI
[2008-08-10 09:01:47 | 000,001,904 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2008-08-09 14:12:05 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat
[2008-08-09 13:41:37 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008-08-09 09:18:58 | 000,000,106 | ---- | C] () -- C:\WINDOWS\Simply.ini
[2008-08-09 02:49:27 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\ventmon.dll
[2008-08-09 02:02:26 | 000,001,916 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008-08-09 01:56:16 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\Implode.dll
[2008-08-08 21:48:47 | 000,002,597 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2008-08-08 20:37:13 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2008-08-07 10:54:40 | 000,004,374 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008-05-26 21:23:32 | 000,016,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008-05-26 21:23:30 | 000,021,596 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008-05-26 21:23:28 | 000,016,036 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2006-05-20 12:44:46 | 000,051,392 | ---- | C] () -- C:\WINDOWS\System32\drivers\atnt40k.sys
[2006-01-30 09:00:00 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\VSHP1018.DLL
[2003-02-26 14:47:14 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\MimicICM.dll
[1999-01-27 12:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997-06-13 06:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
========== LOP Check ========== [2010-06-17 08:04:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2008-08-09 11:09:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avocent AdminWorks
[2010-11-02 12:43:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\COMMON FILES
[2010-02-15 17:24:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Whiz
[2008-08-08 18:34:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2010-11-02 12:40:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2009-07-20 20:54:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2009-03-22 08:45:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2008-08-09 01:57:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sage Software
[2010-10-29 23:52:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010-10-28 19:47:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2010-10-28 19:45:34 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2010-04-03 17:22:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009-09-26 19:44:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009-06-23 17:53:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009-02-14 10:52:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{92E7A367-8E12-4830-AA70-29C32E331A81}
[2010-06-03 12:41:34 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010-10-28 19:35:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\BitTorrent
[2009-02-13 07:44:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Canon
[2010-10-30 00:08:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010-09-21 12:23:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\DNA
[2009-07-22 05:38:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\FDRLab
[2008-09-11 07:17:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\FotoWire
[2008-09-30 18:40:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\InternetCalls
[2009-02-15 10:22:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\IObit
[2008-12-16 10:18:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Leadertech
[2009-07-20 20:53:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\NCH Swift Sound
[2009-02-16 20:01:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\PanoramaStudio
[2010-10-29 21:26:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\TeamViewer
[2010-10-28 19:46:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\TuneUp Software
[2009-02-13 11:12:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Uniblue
[2008-08-09 00:08:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\URSoft
[2008-08-08 19:33:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\USBSafelyRemove
[2008-08-08 16:34:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Windows Desktop Search
[2008-08-08 22:28:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Windows Search
[2010-11-07 01:40:03 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2010-11-07 16:45:34 | 000,000,436 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{7C65EE39-0893-47DD-AB1C-7C2541AEA912}.job
========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Vignoble de la Bauge Logo(76).jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Vignoble de la Bauge Logo 2.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\TecnoLegno Espresso.wpl:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Sydney Morning Herald.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Plan d'implantation.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\PL divisions 002.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Pewter cardholder.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Packard.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Packard wall copy.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Morning Herald.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Manubois letter inc.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Lvejoy rebuild 1.gif:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Lovejoy rebuild 4.gif:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Lovejoy rebuild 3.gif:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Lovejoy rebuild 2.gif:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Lovejoy rebuild 5.gif:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Liste anglaise1 Avril prix de gros.corrected.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\La Sorrentina box front (1).jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\KICX0296.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\frederick page coup de pinceau.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Convertible top 8.png:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Convertible top 7.png:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Convertible top 6.png:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Convertible top 5.png:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\convertible top 4.png:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Convertible top 3.png:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Convertible top 2.png:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Convertible top 1.png:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Carte de voeux de Dorothy.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Brésil 2007 344.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Bovetti Carroussel photoshop001.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\AusCar Collectibles Sunrise.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Atomic British Patent_page5.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Atomic British patent_page4.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Atomic British patent_page3.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Atomic British patent_page2.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Atomic British patent_page1.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Atom instruc.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Atom instruc. 3.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Atom instruc, 2.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\14-07-08_1836.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\1_gtabouret[1].jpg:Roxio EMC Stream
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B3D74A13
< End of report >
I really appreciate this....