OTL logfile created on: 02/09/2011 14:35:22 - Run 1
OTL by OldTimer - Version 3.2.27.0     Folder = F:\
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
3,50 Gb Total Physical Memory | 2,67 Gb Available Physical Memory | 76,28% Memory free
5,34 Gb Paging File | 4,47 Gb Available in Paging File | 83,70% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298,08 Gb Total Space | 4,12 Gb Free Space | 1,38% Space Free | Partition Type: NTFS
Drive F: | 978,07 Mb Total Space | 976,96 Mb Free Space | 99,89% Space Free | Partition Type: FAT32
Drive H: | 931,51 Gb Total Space | 21,60 Gb Free Space | 2,32% Space Free | Partition Type: NTFS
 
Computer Name: ETIENNE | User Name: Etienne | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - File not found -- C:\WINDOWS\1502816018:3990383782.exe
PRC - [2011/09/02 14:19:02 | 000,581,120 | ---- | M] (OldTimer Tools) -- F:\OTL.exe
PRC - [2011/08/30 09:50:36 | 001,017,912 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Etienne\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/03/01 18:26:32 | 001,253,376 | ---- | M] (The Scripps Research Institute and IBM Corporation) -- C:\Documents and Settings\All Users\Application Data\BOINC\projects\www.worldcommunitygrid.org\wcg_hfcc_autodock_6.40_windows_intelx86
PRC - [2010/12/11 17:48:54 | 000,101,376 | ---- | M] (Simpo Technologies) -- C:\Program Files\Simpo PDF Creator Pro\SpcProSrv.exe
PRC - [2010/06/26 02:15:32 | 001,311,312 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe
PRC - [2010/06/22 21:09:20 | 000,112,208 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Fichiers communs\Logishrd\KHAL3\KHALMNPR.exe
PRC - [2009/12/17 01:32:26 | 001,310,720 | ---- | M] (Don HO don.h@free.fr) -- C:\Program Files\Notepad++\notepad++.exe
PRC - [2009/10/22 06:00:04 | 000,395,824 | ---- | M] (VMware, Inc.) -- C:\WINDOWS\system32\vmnat.exe
PRC - [2009/10/22 05:59:58 | 000,113,200 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
PRC - [2009/10/22 05:59:48 | 000,334,384 | ---- | M] (VMware, Inc.) -- C:\WINDOWS\system32\vmnetdhcp.exe
PRC - [2009/10/22 04:47:54 | 000,563,760 | ---- | M] (VMware, Inc.) -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
PRC - [2009/09/12 01:34:12 | 001,488,128 | ---- | M] (O&O Software GmbH) -- C:\Program Files\OO Software\Defrag\oodag.exe
PRC - [2009/08/19 21:02:06 | 000,034,816 | ---- | M] (Stefan Sundin) -- C:\Program Files\SuperF4\SuperF4.exe
PRC - [2009/04/22 20:04:14 | 003,921,528 | ---- | M] (Almico Software (www.almico.com)) -- C:\Program Files\SpeedFan\speedfan.exe
PRC - [2008/12/29 12:40:30 | 000,687,560 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\daemon.exe
PRC - [2008/11/17 09:47:10 | 000,058,112 | ---- | M] (Space Sciences Laboratory) -- C:\Program Files\BOINC\boinctray.exe
PRC - [2008/11/17 09:47:08 | 003,916,544 | ---- | M] (World Community Grid) -- C:\Program Files\BOINC\boincmgr.exe
PRC - [2008/11/17 09:47:06 | 000,443,136 | ---- | M] (World Community Grid) -- C:\Program Files\BOINC\boinc.exe
PRC - [2008/07/03 18:16:53 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/06/11 22:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2008/05/02 06:15:46 | 000,015,872 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerAssistant.exe
PRC - [2007/09/04 19:25:44 | 000,131,072 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
PRC - [2007/09/03 00:37:34 | 000,401,408 | ---- | M] (EFD Software) -- C:\Program Files\HD Tune\HDTune.exe
PRC - [2007/07/07 04:09:21 | 000,049,152 | ---- | M] (FreeStone Group) -- C:\Program Files\FG Time Sync\FG Time Sync.exe
PRC - [2006/02/02 15:26:44 | 000,192,512 | ---- | M] () -- C:\Program Files\Volkey\Volkey.exe
PRC - [2005/06/17 20:02:00 | 000,126,976 | ---- | M] (Saitek) -- C:\Program Files\Saitek\Software\SaiMfd.exe
PRC - [2005/06/14 16:23:36 | 000,159,744 | ---- | M] (Saitek) -- C:\Program Files\Saitek\Software\Profiler.exe
PRC - [2005/02/16 16:15:20 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2011/09/02 14:28:54 | 000,192,512 | ---- | M] () -- C:\Documents and Settings\Etienne\Local Settings\Temp\sfamcc00001.dll
MOD - [2011/09/02 14:28:54 | 000,172,032 | ---- | M] () -- C:\Documents and Settings\Etienne\Local Settings\Temp\sfareca00001.dll
MOD - [2011/08/30 09:50:34 | 000,400,440 | ---- | M] () -- C:\Documents and Settings\Etienne\Local Settings\Application Data\Google\Chrome\Application\13.0.782.218\ppgooglenaclpluginchrome.dll
MOD - [2011/08/30 09:50:33 | 004,118,072 | ---- | M] () -- C:\Documents and Settings\Etienne\Local Settings\Application Data\Google\Chrome\Application\13.0.782.218\pdf.dll
MOD - [2011/08/30 09:49:39 | 000,351,288 | ---- | M] () -- C:\Documents and Settings\Etienne\Local Settings\Application Data\Google\Chrome\Application\13.0.782.218\Locales\fr.dll
MOD - [2011/08/30 09:49:01 | 000,104,520 | ---- | M] () -- C:\Documents and Settings\Etienne\Local Settings\Application Data\Google\Chrome\Application\13.0.782.218\avutil-50.dll
MOD - [2011/08/30 09:49:00 | 000,203,848 | ---- | M] () -- C:\Documents and Settings\Etienne\Local Settings\Application Data\Google\Chrome\Application\13.0.782.218\avformat-52.dll
MOD - [2011/08/30 09:48:58 | 001,846,344 | ---- | M] () -- C:\Documents and Settings\Etienne\Local Settings\Application Data\Google\Chrome\Application\13.0.782.218\avcodec-52.dll
MOD - [2011/05/28 22:04:56 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2010/12/11 16:49:40 | 000,118,272 | ---- | M] () -- C:\Program Files\Simpo PDF Creator Pro\SimpoShellExt.dll
MOD - [2009/11/05 08:39:40 | 000,087,552 | ---- | M] () -- C:\WINDOWS\system32\cpwmon2k.dll
MOD - [2009/11/04 02:14:04 | 000,054,272 | ---- | M] () -- C:\Program Files\Notepad++\NppShell_01.dll
MOD - [2009/10/22 05:59:40 | 000,970,288 | ---- | M] () -- C:\Program Files\VMware\VMware Workstation\libxml2.dll
MOD - [2009/10/22 05:59:26 | 000,068,656 | ---- | M] () -- C:\Program Files\VMware\VMware Workstation\zlib1.dll
MOD - [2009/09/14 02:06:12 | 000,204,800 | ---- | M] () -- C:\Program Files\Notepad++\plugins\ComparePlugin.dll
MOD - [2009/02/27 16:37:16 | 000,311,296 | ---- | M] () -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\pdfshell.FRA
MOD - [2008/11/11 19:48:42 | 000,074,240 | ---- | M] () -- C:\Program Files\Notepad++\plugins\NppNetNote.dll
MOD - [2008/09/06 14:51:16 | 000,014,336 | ---- | M] () -- C:\Program Files\Notepad++\plugins\NppExport.dll
MOD - [2008/07/28 15:42:08 | 000,247,808 | ---- | M] () -- \\?\globalroot\systemroot\system32\mswsock.dll
MOD - [2008/05/02 12:23:10 | 000,061,952 | ---- | M] () -- C:\Program Files\BOINC\zlib1.dll
MOD - [2008/05/02 06:15:46 | 000,015,872 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerAssistant.exe
MOD - [2008/05/02 06:15:37 | 000,010,240 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerCOM.dll
MOD - [2008/05/02 06:15:35 | 000,004,608 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerHook.dll
MOD - [2007/08/05 03:10:52 | 000,250,368 | ---- | M] () -- C:\Program Files\Notepad++\plugins\Config\tidy\libTidy.dll
MOD - [2006/02/02 15:26:44 | 000,192,512 | ---- | M] () -- C:\Program Files\Volkey\Volkey.exe
MOD - [2005/06/14 16:20:10 | 000,081,920 | ---- | M] () -- C:\Program Files\Saitek\Software\SAILNK.dll
MOD - [2005/06/14 16:14:50 | 000,147,456 | ---- | M] () -- C:\Program Files\Saitek\Software\SAICFG.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [On_Demand | Stopped] --  -- (fsssvc)
SRV - File not found [Auto | Stopped] --  -- (AcrSch2Svc)
SRV - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/03/31 19:24:41 | 001,803,224 | ---- | M] () [Auto | Stopped] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2011/02/25 09:52:42 | 000,010,240 | ---- | M] (Tenable Network Security, Inc) [On_Demand | Stopped] -- C:\Program Files\Tenable\Nessus\nessus-service.exe -- (Tenable Nessus)
SRV - [2010/06/25 19:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2010/05/06 11:29:12 | 000,293,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2009/12/19 02:06:00 | 000,814,344 | ---- | M] (ABBYY) [Auto | Stopped] -- C:\Program Files\Fichiers communs\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Corporate.10.0)
SRV - [2009/10/22 06:00:04 | 000,395,824 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\WINDOWS\system32\vmnat.exe -- (VMware NAT Service)
SRV - [2009/10/22 05:59:58 | 000,113,200 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService)
SRV - [2009/10/22 05:59:48 | 000,334,384 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\WINDOWS\system32\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2009/10/22 04:47:54 | 000,563,760 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService)
SRV - [2009/10/12 15:32:24 | 000,191,024 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe -- (ufad-ws60)
SRV - [2009/09/12 01:34:12 | 001,488,128 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\Program Files\OO Software\Defrag\oodag.exe -- (O&O Defrag)
SRV - [2009/08/29 14:00:46 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/04/09 15:29:20 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009/04/09 15:19:08 | 000,731,840 | ---- | M] () [Auto | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2008/11/04 01:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/08/15 05:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)
SRV - [2007/09/04 19:25:44 | 000,131,072 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService)
SRV - [2006/11/03 09:59:14 | 000,918,016 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc)
SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/07/02 03:07:06 | 000,038,976 | ---- | M] (microOLAP Technologies LTD) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pssdk42.sys -- (PSSDK42)
DRV - [2011/01/06 17:37:04 | 000,094,784 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect)
DRV - [2011/01/06 17:37:04 | 000,027,576 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2011/01/06 17:37:02 | 000,239,368 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2010/06/25 19:07:14 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2010/03/18 11:02:08 | 000,037,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2010/03/18 11:01:52 | 000,038,864 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2010/03/18 11:01:12 | 000,010,448 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2010/03/18 11:00:56 | 000,020,304 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2009/10/22 06:00:50 | 000,032,688 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV - [2009/10/22 06:00:46 | 000,853,936 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmx86.sys -- (vmx86)
DRV - [2009/10/22 06:00:44 | 000,070,704 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmci.sys -- (vmci)
DRV - [2009/10/22 06:00:44 | 000,026,288 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV - [2009/10/22 06:00:44 | 000,023,216 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMkbd.sys -- (vmkbd)
DRV - [2009/10/22 05:59:48 | 000,014,896 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmparport.sys -- (VMparport)
DRV - [2009/10/22 04:47:52 | 000,032,304 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hcmon.sys -- (hcmon)
DRV - [2009/10/22 01:13:36 | 000,031,280 | R--- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vmusb.sys -- (vmusb)
DRV - [2009/10/22 01:13:32 | 000,016,560 | R--- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV - [2009/10/12 15:31:52 | 000,022,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Program Files\VMware\VMware Workstation\vstor2-ws60.sys -- (vstor2-ws60)
DRV - [2009/05/31 00:01:00 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/04/09 15:21:12 | 000,094,360 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2009/04/09 15:18:02 | 000,107,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009/04/09 15:10:30 | 000,113,960 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2009/02/06 18:08:42 | 000,055,152 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2008/10/30 21:10:48 | 000,117,120 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/07/25 14:09:24 | 000,845,184 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2008/05/21 01:53:36 | 000,093,696 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2008/04/14 14:00:00 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008/02/14 08:12:00 | 001,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\monfilt.sys -- (monfilt)
DRV - [2007/09/04 19:26:32 | 000,029,696 | ---- | M] (NVidia Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\nvoclock.sys -- (NVR0Dev)
DRV - [2007/08/17 01:21:02 | 000,203,520 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\viahdb.sys -- (HdAudAddService)
DRV - [2007/05/14 10:12:28 | 003,526,464 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtHDMI.sys -- (RTHDMIAzAudService)
DRV - [2006/11/10 15:08:50 | 000,024,064 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ATITool.sys -- (ATITool)
DRV - [2006/09/24 20:23:14 | 000,003,584 | ---- | M] (Realtime Soft) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\UltraMonMirror.sys -- (UltraMonMirror)
DRV - [2006/09/24 20:22:52 | 000,011,776 | ---- | M] (Realtime Soft) [Kernel | Auto | Running] -- C:\Program Files\Fichiers communs\Realtime Soft\UltraMonMirrorDrv\x32\UltraMonUtility.sys -- (UltraMonUtility)
DRV - [2006/09/24 15:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2006/07/17 03:53:20 | 000,030,368 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb2vcom.sys -- (usb2vcom)
DRV - [2006/02/26 17:02:48 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2005/07/22 11:38:19 | 000,033,792 | R--- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SaiBus.sys -- (SaiNtBus)
DRV - [2005/07/22 11:38:19 | 000,013,312 | R--- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SaiMini.sys -- (SaiMini)
DRV - [2005/07/22 11:38:14 | 000,176,000 | R--- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SaiHFF0D.sys -- (SaiHFF0D)
DRV - [2005/07/22 11:38:14 | 000,027,136 | R--- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SaiUFF0D.sys -- (SaiUFF0D)
DRV - [2005/07/01 11:54:24 | 000,033,006 | ---- | M] (USB Com port.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser120.sys -- (SER120)
DRV - [2004/12/22 21:05:08 | 000,259,584 | R--- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZD1211U.sys -- (ZD1211U(ZyDAS)) ZyDAS ZD1211 IEEE 802.11b+g Wireless LAN Driver (USB)(ZyDAS)
DRV - [2004/02/04 11:27:56 | 000,049,536 | ---- | M] (Texas Instruments Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tiehdusb.sys -- (TIEHDUSB)
DRV - [2002/09/16 19:07:24 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\PQNTDRV.sys -- (PQNTDrv)
DRV - [2001/08/17 23:05:20 | 000,031,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\OVCE.sys -- (QCEmerald)
DRV - [2001/08/17 23:05:06 | 000,025,216 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\OVSound2.sys -- (lusbaudio)
DRV - [1996/04/03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-1993962763-1326574676-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKU\S-1-5-21-1993962763-1326574676-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1993962763-1326574676-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.selectedEngine: "Web Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.fr/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: savemytabs@dmitriy.khudorozhkov:0.53
FF - prefs.js..extensions.enabledItems: {E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B}:7.4
FF - prefs.js..extensions.enabledItems: kempelton-fx@arvidaxelsson.se:3.2.1
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8064.0206: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Program Files\Google\Google Updater\2.4.1601.7122\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Etienne\Local Settings\Application Data\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Etienne\Local Settings\Application Data\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.21\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/02 02:31:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.21\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/09/02 02:31:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009/05/31 01:29:28 | 000,000,000 | ---D | M]
 
[2011/06/02 12:20:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Etienne\Application Data\Mozilla\Extensions
[2011/09/02 02:48:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Etienne\Application Data\Mozilla\Firefox\Profiles\vvldnc3w.default\extensions
[2011/06/14 01:51:37 | 000,000,000 | ---D | M] (Hyperwords) -- C:\Documents and Settings\Etienne\Application Data\Mozilla\Firefox\Profiles\vvldnc3w.default\extensions\{9A752782-D706-479b-98F8-3F66BF921692}
[2010/02/12 14:29:58 | 000,000,000 | ---D | M] (Tamper Data) -- C:\Documents and Settings\Etienne\Application Data\Mozilla\Firefox\Profiles\vvldnc3w.default\extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}
[2011/08/15 00:45:36 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Etienne\Application Data\Mozilla\Firefox\Profiles\vvldnc3w.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/01/08 21:29:42 | 000,000,000 | ---D | M] (Web Developer) -- C:\Documents and Settings\Etienne\Application Data\Mozilla\Firefox\Profiles\vvldnc3w.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2011/05/30 20:38:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Etienne\Application Data\Mozilla\Firefox\Profiles\vvldnc3w.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2011/08/15 00:45:53 | 000,000,000 | ---D | M] (Memory Fox) -- C:\Documents and Settings\Etienne\Application Data\Mozilla\Firefox\Profiles\vvldnc3w.default\extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B}
[2010/05/07 02:32:41 | 000,000,000 | ---D | M] (Access Me) -- C:\Documents and Settings\Etienne\Application Data\Mozilla\Firefox\Profiles\vvldnc3w.default\extensions\accessme@security.compass
[2011/08/15 00:45:53 | 000,000,000 | ---D | M] (Firebug) -- C:\Documents and Settings\Etienne\Application Data\Mozilla\Firefox\Profiles\vvldnc3w.default\extensions\firebug@software.joehewitt.com
[2010/03/28 12:27:28 | 000,000,000 | ---D | M] (Kempelton) -- C:\Documents and Settings\Etienne\Application Data\Mozilla\Firefox\Profiles\vvldnc3w.default\extensions\kempelton-fx@arvidaxelsson.se
[2011/04/17 12:28:35 | 000,000,000 | ---D | M] (Personas) -- C:\Documents and Settings\Etienne\Application Data\Mozilla\Firefox\Profiles\vvldnc3w.default\extensions\personas@christopher.beard
[2011/09/02 02:48:25 | 000,000,000 | ---D | M] (Yontoo Layers) -- C:\Documents and Settings\Etienne\Application Data\Mozilla\Firefox\Profiles\vvldnc3w.default\extensions\plugin@yontoo.com
[2011/01/13 16:24:35 | 000,000,000 | ---D | M] (Save My Tabs) -- C:\Documents and Settings\Etienne\Application Data\Mozilla\Firefox\Profiles\vvldnc3w.default\extensions\savemytabs@dmitriy.khudorozhkov
[2010/05/07 02:32:42 | 000,000,000 | ---D | M] (SQL Inject Me) -- C:\Documents and Settings\Etienne\Application Data\Mozilla\Firefox\Profiles\vvldnc3w.default\extensions\sqlime@security.compass
[2011/09/02 02:42:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Etienne\Application Data\Mozilla\Firefox\Profiles\vvldnc3w.default\extensions\staged-xpis
[2010/05/07 02:32:46 | 000,000,000 | ---D | M] (XSS Me) -- C:\Documents and Settings\Etienne\Application Data\Mozilla\Firefox\Profiles\vvldnc3w.default\extensions\xssme@security.compass
[2011/05/30 20:38:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Etienne\Application Data\Mozilla\Firefox\Profiles\vvldnc3w.default\extensions\{dc572301-7619-498c-a57d-39143191b318}\modules\extensions
[2010/05/15 02:56:52 | 000,004,440 | ---- | M] () -- C:\Documents and Settings\Etienne\Application Data\Mozilla\Firefox\Profiles\vvldnc3w.default\searchplugins\hyperwords.xml
[2011/09/02 02:42:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/11/06 15:16:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/09/15 05:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2009/09/09 09:45:18 | 000,072,960 | ---- | M] (Foxit Software Company) -- C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
[2007/03/10 01:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll
[2010/11/06 15:09:56 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2010/11/06 15:09:56 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/11/06 15:09:56 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2006/09/10 13:35:08 | 000,000,748 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MediaDICO-fr.xml
[2010/11/06 15:09:56 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2010/11/06 15:09:56 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
 
O1 HOSTS File: ([2011/09/02 12:49:01 | 000,000,000 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O3 - HKU\S-1-5-21-1993962763-1326574676-1801674531-1003\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [boincmgr] C:\Program Files\BOINC\boincmgr.exe (World Community Grid)
O4 - HKLM..\Run: [boinctray] C:\Program Files\BOINC\boinctray.exe (Space Sciences Laboratory)
O4 - HKLM..\Run: [Bonus.SSR.FR10] C:\Program Files\ABBYY FineReader 10\Bonus.ScreenshotReader.exe (ABBYY.)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe ()
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [HD Tune] C:\Program Files\HD Tune\HDTune.exe (EFD Software)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe (O&O Software GmbH)
O4 - HKLM..\Run: [Profiler] C:\Program Files\Saitek\Software\Profiler.exe (Saitek)
O4 - HKLM..\Run: [SaiMfd] C:\Program Files\Saitek\Software\SaiMfd.exe (Saitek)
O4 - HKLM..\Run: [Simpo PDF Creator Pro Server] C:\Program Files\Simpo PDF Creator Pro\SpcProSrv.exe (Simpo Technologies)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - HKLM..\Run: [Volkey] C:\Program Files\Volkey\Volkey.exe ()
O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] C:\Program Files\Fichiers communs\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [DWQueuedReporting] C:\Program Files\Fichiers communs\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-1993962763-1326574676-1801674531-1003..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1993962763-1326574676-1801674531-1003..\Run: [FG Time Sync] C:\Program Files\FG Time Sync\FG Time Sync.exe (FreeStone Group)
O4 - HKU\S-1-5-21-1993962763-1326574676-1801674531-1003..\Run: [NVIDIA nTune] C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe (NVIDIA)
O4 - HKU\S-1-5-21-1993962763-1326574676-1801674531-1003..\Run: [OpAgent]  File not found
O4 - HKU\S-1-5-21-1993962763-1326574676-1801674531-1003..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe ()
O4 - HKU\S-1-5-21-1993962763-1326574676-1801674531-1003..\Run: [SuperF4] C:\Program Files\SuperF4\SuperF4.exe (Stefan Sundin)
O4 - HKU\S-1-5-21-1993962763-1326574676-1801674531-1003..\Run: [WebcamMaxAutoRun] C:\Program Files\WebcamMax\WebcamMax.exe (CoolwareMax)
O4 - HKU\.DEFAULT..\RunOnce: [ShowDeskFix]  File not found
O4 - HKU\S-1-5-18..\RunOnce: [ShowDeskFix]  File not found
O4 - HKU\S-1-5-19..\RunOnce: [ShowDeskFix]  File not found
O4 - HKU\S-1-5-20..\RunOnce: [ShowDeskFix]  File not found
O4 - Startup: C:\Documents and Settings\Etienne\Menu Démarrer\Programmes\Démarrage\SpeedFan.lnk = C:\Program Files\SpeedFan\speedfan.exe (Almico Software (www.almico.com))
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-21-1993962763-1326574676-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1993962763-1326574676-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O7 - HKU\S-1-5-21-1993962763-1326574676-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-21-1993962763-1326574676-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 0
O7 - HKU\S-1-5-21-1993962763-1326574676-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-1993962763-1326574676-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-21-1993962763-1326574676-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-21-1993962763-1326574676-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Ajouter à un fichier PDF existant - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir au format Adobe PDF - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - Reg Error: Key error. File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 -  File not found
O15 - HKU\S-1-5-21-1993962763-1326574676-1801674531-1003\..Trusted Domains: chat-land.org ([]* in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8D3D2993-1079-47E5-BAB2-279CE12D75AE}: DhcpNameServer = 212.27.40.240 212.27.40.241
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\windows\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - AppInit_DLLs: (c:\progra~1\fun4im\bndhook.dll) -  File not found
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Etienne\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Etienne\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O34 - HKLM BootExecute: (OODBS) - C:\WINDOWS\System32\OODBS.exe (O&O Software GmbH)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: 6to4 -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: not found.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\GinaDLL not found.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\TaskMan not found.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet not found.
Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows NT\CurrentVersio -  File not found
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2011/09/02 14:33:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Etienne\Bureau\RK_Quarantine
[2011/09/02 14:26:03 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Etienne\Recent
[2011/09/02 14:23:54 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2011/09/02 14:20:30 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Etienne\Bureau\OTL.exe
[2011/09/02 14:08:38 | 001,406,768 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Etienne\Bureau\TDSSKiller.exe
[2011/09/02 12:37:23 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/09/02 11:52:44 | 007,748,456 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Documents and Settings\Etienne\Bureau\mbam-rules.exe
[2011/09/02 05:13:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\PCHealth
[2011/09/02 05:07:11 | 009,466,208 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Documents and Settings\Etienne\Bureau\mbam-setup-1.51.1.1800.exe
[2011/09/02 04:15:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Etienne\Menu Démarrer\Programmes\Ad-Remover
[2011/09/02 04:15:02 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover
[2011/09/02 03:49:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2011/09/02 03:23:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2011/09/02 03:23:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2011/09/02 03:22:40 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleaut32.dll
[2011/09/02 03:19:47 | 000,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2011/09/02 03:19:45 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys
[2011/09/02 03:17:55 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2011/09/02 03:17:49 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
[2011/09/02 03:17:10 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2009/06/05 17:43:40 | 000,034,816 | ---- | C] ( ) -- C:\WINDOWS\System32\RC00C140.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\Documents and Settings\Etienne\*.tmp files -> C:\Documents and Settings\Etienne\*.tmp -> ]
[2 C:\Documents and Settings\Etienne\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Etienne\Local Settings\Application Data\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2011/09/02 14:31:37 | 000,000,436 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{716426C4-AB8B-4820-A82C-02109A9FD116}.job
[2011/09/02 14:28:33 | 000,229,488 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2011/09/02 14:28:16 | 000,001,000 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011/09/02 14:27:29 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/09/02 14:27:29 | 000,001,052 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/09/02 14:27:28 | 000,000,000 | ---- | M] () -- C:\WINDOWS\1502816018
[2011/09/02 14:27:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/09/02 14:27:21 | 000,042,108 | ---- | M] () -- C:\WINDOWS\System32\oodbs.lor
[2011/09/02 14:19:02 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Etienne\Bureau\OTL.exe
[2011/09/02 12:57:42 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\Etienne\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/09/02 12:49:01 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/09/02 12:39:54 | 000,517,880 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2011/09/02 12:39:54 | 000,448,360 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/09/02 12:39:54 | 000,088,798 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2011/09/02 12:39:54 | 000,074,474 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/09/02 12:18:30 | 000,000,681 | ---- | M] () -- C:\WINDOWS\WININIT.INI
[2011/09/02 11:50:46 | 007,748,456 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Documents and Settings\Etienne\Bureau\mbam-rules.exe
[2011/09/02 05:08:26 | 009,466,208 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Documents and Settings\Etienne\Bureau\mbam-setup-1.51.1.1800.exe
[2011/09/02 05:03:00 | 000,001,056 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/09/02 05:00:30 | 000,043,408 | -HS- | M] () -- C:\WINDOWS\System32\c_33312.nl_
[2011/09/02 04:56:03 | 000,001,156 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1993962763-1326574676-1801674531-1003UA.job
[2011/09/02 04:47:38 | 000,294,216 | ---- | M] () -- C:\Documents and Settings\Etienne\Bureau\gmer.zip
[2011/09/02 04:15:03 | 000,001,554 | ---- | M] () -- C:\Documents and Settings\Etienne\Bureau\Ad-Remover.lnk
[2011/09/02 04:00:41 | 002,345,392 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/09/02 03:54:22 | 001,390,139 | ---- | M] () -- C:\Documents and Settings\Etienne\Bureau\tdsskiller.zip
[2011/09/02 03:53:51 | 000,001,984 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/09/02 02:58:10 | 004,194,304 | ---- | M] () -- C:\WINDOWS\System32\bonlktdi.dll
[2011/09/01 15:56:00 | 000,001,104 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1993962763-1326574676-1801674531-1003Core.job
[2011/09/01 02:04:27 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Etienne\Local Settings\Application Data\PUTTY.RND
[2011/08/29 00:57:15 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/08/22 15:48:36 | 001,406,768 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Etienne\Bureau\TDSSKiller.exe
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\Documents and Settings\Etienne\*.tmp files -> C:\Documents and Settings\Etienne\*.tmp -> ]
[2 C:\Documents and Settings\Etienne\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Etienne\Local Settings\Application Data\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011/09/02 04:49:05 | 000,294,216 | ---- | C] () -- C:\Documents and Settings\Etienne\Bureau\gmer.zip
[2011/09/02 04:15:03 | 000,001,554 | ---- | C] () -- C:\Documents and Settings\Etienne\Bureau\Ad-Remover.lnk
[2011/09/02 04:13:22 | 000,043,408 | -HS- | C] () -- C:\WINDOWS\System32\c_33312.nl_
[2011/09/02 04:05:41 | 001,390,139 | ---- | C] () -- C:\Documents and Settings\Etienne\Bureau\tdsskiller.zip
[2011/09/02 02:58:10 | 004,194,304 | ---- | C] () -- C:\WINDOWS\System32\bonlktdi.dll
[2011/09/02 02:58:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\1502816018
[2011/01/24 13:33:32 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2011/01/19 08:28:21 | 000,105,472 | ---- | C] () -- C:\WINDOWS\PreConvertPro.dll
[2011/01/07 03:18:02 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\Etienne\Local Settings\Application Data\fusioncache.dat
[2010/10/27 18:49:48 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2010/06/25 19:03:12 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2010/05/16 02:59:59 | 000,010,240 | ---- | C] () -- C:\Documents and Settings\Etienne\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/15 01:51:33 | 000,000,391 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2010/05/14 18:16:24 | 000,064,000 | ---- | C] () -- C:\WINDOWS\System32\esfw52.bin
[2010/05/07 12:38:50 | 000,030,368 | R--- | C] () -- C:\WINDOWS\System32\drivers\usb2vcom.sys
[2010/04/11 16:19:03 | 000,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2010/01/10 13:25:30 | 000,116,736 | ---- | C] () -- C:\WINDOWS\System32\libsndfile-1.dll
[2009/12/23 17:49:31 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\Nx.exe
[2009/09/07 00:04:00 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009/09/07 00:04:00 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Etienne\Application Data\PnkBstrK.sys
[2009/09/07 00:03:10 | 001,183,744 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2009/09/07 00:03:09 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009/07/18 17:27:11 | 000,000,057 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2009/07/15 20:59:01 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2009/06/25 11:32:18 | 000,042,092 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/06/20 02:15:15 | 000,006,364 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2009/06/09 18:03:39 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/06/09 17:55:17 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/06/08 16:15:32 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Etienne\Local Settings\Application Data\PUTTY.RND
[2009/06/05 17:43:44 | 000,000,220 | ---- | C] () -- C:\WINDOWS\ricdb.ini
[2009/06/05 17:43:40 | 000,952,293 | ---- | C] () -- C:\WINDOWS\System32\RCD6D140.DLL
[2009/06/05 17:42:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\RPCS.ini
[2009/06/04 13:30:44 | 000,005,120 | R--- | C] () -- C:\WINDOWS\System32\SaiCFF0D_0402.dll
[2009/05/31 13:33:27 | 000,000,681 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2009/05/31 11:42:14 | 000,020,486 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2009/05/31 11:41:37 | 000,020,228 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009/05/31 11:41:34 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2009/05/31 06:16:10 | 052,390,856 | ---- | C] () -- C:\WINDOWS\System32\MRT.exe
[2009/05/31 03:24:55 | 000,001,984 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/05/31 03:19:33 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009/05/31 01:32:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2009/05/31 01:29:39 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/05/31 01:28:10 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/05/31 01:28:10 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/05/31 01:25:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/05/31 01:21:54 | 000,005,810 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009/05/31 01:21:44 | 002,345,392 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/05/30 23:45:00 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/05/30 23:39:47 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/05/01 00:31:10 | 001,657,376 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2009/05/01 00:31:08 | 000,449,056 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2009/05/01 00:31:08 | 000,436,768 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2009/05/01 00:31:06 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009/05/01 00:31:06 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009/05/01 00:31:06 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009/05/01 00:31:06 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2009/04/30 22:02:00 | 001,579,630 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2009/04/22 00:19:06 | 000,172,173 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009/03/05 20:19:16 | 000,001,536 | ---- | C] () -- C:\WINDOWS\System32\pendmove.exe
[2008/11/24 06:57:27 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\FontReg.exe
[2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008/08/10 17:32:44 | 000,031,232 | ---- | C] () -- C:\WINDOWS\System32\cmdow.exe
[2008/04/14 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008/04/14 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/04/14 14:00:00 | 000,517,880 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2008/04/14 14:00:00 | 000,448,360 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/04/14 14:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2008/04/14 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/04/14 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/04/14 14:00:00 | 000,088,798 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2008/04/14 14:00:00 | 000,074,474 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/04/14 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/04/14 14:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2008/04/14 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/14 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/14 14:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008/04/14 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008/04/14 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2007/03/12 12:01:30 | 000,217,088 | ---- | C] () -- C:\WINDOWS\NVGfxOgl.dll
[2006/11/10 15:08:50 | 000,024,064 | ---- | C] () -- C:\WINDOWS\System32\drivers\ATITool.sys
[2002/10/16 00:54:04 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[1996/04/03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2009/07/06 16:44:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acronis
[2011/09/02 14:38:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BOINC
[2009/05/31 00:03:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2011/02/06 16:42:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EasyMp3Downloader
[2010/05/04 11:43:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2009/05/31 01:29:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2010/09/21 20:45:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FlashFXP
[2010/01/14 02:25:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kristanix Games
[2010/01/16 17:05:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ma-config.com
[2009/11/16 21:57:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
[2011/05/25 18:25:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2010/07/31 23:18:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Recisio
[2010/05/15 01:51:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2011/02/06 16:36:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SuperMP3Download
[2009/10/28 03:02:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/05/14 15:38:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TmForever
[2009/11/03 16:52:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TNK Software
[2010/01/03 23:36:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TrackMania
[2009/08/30 18:11:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TreeCardGames
[2011/04/11 16:00:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WebcamMax
[2009/06/16 13:25:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{A25FEDC1-F6D7-440C-BCE2-B71F595F6646}
[2011/01/30 20:38:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etienne\Application Data\.minecraft
[2009/09/21 14:14:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etienne\Application Data\.purple
[2010/05/15 12:20:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etienne\Application Data\0ad
[2009/07/13 17:19:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etienne\Application Data\Acronis
[2009/09/29 15:46:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etienne\Application Data\avidemux
[2009/10/18 01:33:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etienne\Application Data\BatchRename
[2009/07/31 20:50:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etienne\Application Data\Bricsys
[2009/05/31 00:04:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etienne\Application Data\DAEMON Tools
[2009/05/31 02:04:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etienne\Application Data\DAEMON Tools Lite
[2009/05/31 00:04:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etienne\Application Data\DAEMON Tools Pro
[2009/10/06 17:52:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etienne\Application Data\dcunningham.net
[2010/03/15 14:07:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etienne\Application Data\Easy Macro Recorder
[2010/09/30 01:56:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etienne\Application Data\Easy UnRAR
[2011/02/06 16:41:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etienne\Application Data\EasyMp3Downloader
[2011/06/19 02:39:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etienne\Application Data\FILEminimizerPictures
[2009/06/09 17:52:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etienne\Application Data\FlashFXP
[2011/08/20 05:37:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etienne\Application Data\foobar2000
[2009/05/31 00:04:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etienne\Application Data\Foxit
[2009/10/21 18:53:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etienne\Application Data\Foxit Software
[2010/04/11 16:19:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etienne\Application Data\FreeAudioPack
[2011/06/17 16:44:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etienne\Application Data\FTPRush
[2009/08/02 11:50:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etienne\Application Data\GameInvest
[2010/12/06 03:40:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etienne\Application Data\Goodsol
[2009/09/21 14:12:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etienne\Application Data\gtk-2.0
[2009/06/06 14:12:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etienne\Application Data\ImgBurn
[2010/01/16 16:47:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etienne\Application Data\KC Softwares
[2011/03/31 23:58:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etienne\Application Data\Leadertech
[2010/04/11 17:50:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etienne\Application Data\MahJong Suite
[2009/12/13 23:57:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etienne\Application Data\MD5 Checksum Verifier
[2009/07/15 19:12:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etienne\Application Data\Notepad++
[2010/05/15 01:51:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etienne\Application Data\Nuance
[2009/06/04 15:32:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etienne\Application Data\Opera
[2011/02/25 17:07:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etienne\Application Data\Rovio
[2010/05/15 01:57:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etienne\Application Data\ScanSoft
[2009/12/21 17:43:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etienne\Application Data\SPlayer
[2009/11/17 10:15:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etienne\Application Data\SuperMP3Download
[2010/02/01 21:22:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etienne\Application Data\TeamViewer
[2009/12/08 14:35:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etienne\Application Data\Teeworlds
[2009/11/03 16:52:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etienne\Application Data\TNK Software
[2009/09/21 13:56:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etienne\Application Data\Trillian
[2010/08/11 18:17:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etienne\Application Data\TwonkyMedia
[2011/08/31 20:36:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etienne\Application Data\uTorrent
[2011/04/11 15:59:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etienne\Application Data\WebcamMax
[2010/05/15 01:57:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etienne\Application Data\Zeon
[2011/09/02 14:31:37 | 000,000,436 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{716426C4-AB8B-4820-A82C-02109A9FD116}.job
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 816 bytes -> C:\WINDOWS\1502816018:3990383782.exe
@Alternate Data Stream - 229 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F35A93AD

< End of report >