Bonjour Bernard
Trève de parano...
En fait je me suis emmêler les pinceaux entre deux ordi.
J'ai fais ce que tu m'a demander.
Voila les données :
-----------\\ ToolBar S&D 1.2.9 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) CPU 2.66GHz )
BIOS : BIOS Date: 09/08/04 17:24:24 Ver: 08.00.09
USER : uyfyu ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1356 [VPS 100319-1] 4.8.1356 (Activated)
Firewall : PC Tools Firewall Plus 6.0.0 (Activated)
C:\ (Local Disk) - NTFS - Total:144 Go (Free:118 Go)
D:\ (CD or DVD)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (USB)
"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [2] ( 20/03/2010| 0:43 )
-----------\\ SUPPRESSION
Supprime! - C:\Program Files\dynamic toolbar\batch.bat
Supprime! - C:\Program Files\dynamic toolbar\Cache
Supprime! - C:\Program Files\dynamic toolbar\PBFRV2
Supprime! - C:\Program Files\dynamic toolbar\unins000.dat
Supprime! - C:\Program Files\dynamic toolbar\unins000.exe
Supprime! - C:\DOCUME~1\uyfyu\Cookies\uyfyu@mysearch[1].txt
Supprime! - C:\Program Files\dynamic toolbar
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ Extensions
(uyfyu) - {20a82645-c095-46ed-80e3-08825760534b} => chrome_user
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Bar"="http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=6&key=SEARCH"
"First Home Page"="http://y.lo.st"
"Start Page"="http://fr.ask.com?o=15161&l=dis"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://www.msn.com/"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack.zip
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\11fthejtedtyk.ivs
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\11fthejtedtyk.txt
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\11hgdehuti.ivs
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\11hgdehuti.txt
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\11ohgpioegoirgoir.ivs
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\11ohgpioegoirgoir.txt
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\11srtfkjgpoi.ivs
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\11srtfkjgpoi.txt
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\11uyeruyry.ivs
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\11uyeruyry.txt
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\11zqezzav.ivs
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\11zqezzav.txt
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\11zugftyueruigciduaqza.ivs
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\11zugftyueruigciduaqza.txt
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\aircrack.exe
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\airdecap.exe
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\airodump.exe
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\alicech11.ivs
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\alicech11.txt
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\cap53.ivs
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\capalicech11.ivs
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\capalicech11.txt
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\capturealice0700908.ivs
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\capturealice0700908.txt
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\capturealice2.ivs
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\capwanadoo8e15ch10.ivs
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\capwanadoo8e15ch10.txt
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\cygwin1.dll
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\Lang
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\MSVCR70.DLL
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\PEEK.DLL
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\PEEK5.SYS
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\README.txt
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\Temp
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\Updater
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\Updater.exe
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\Updater.ini
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\WinAircrack.exe
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\WinAircrack.ini
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\wzcook.exe
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\Lang\english.ini
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\Lang\francais.ini
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\Lang\spanish.ini
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\Lang\system.ini.txt
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\Temp\Download.tmp
C:\DOCUME~1\uyfyu\Mes documents\cl‚ WEP\WinAircrack\WinAircrackPack\Updater\Data.upd
1 - "C:\ToolBar SD\TB_1.txt" - 20/03/2010| 0:45 - Option : [2]
-----------\\ Fin du rapport a 0:45:04,06
Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3886
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
20/03/2010 09:49:12
mbam-log-2010-03-20 (09-49-12).txt
Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|)
Eléments examinés: 181268
Temps écoulé: 57 minute(s), 31 second(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2
Processus mémoire infecté(s):
C:\Documents and Settings\uyfyu\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe (Rogue.Eorezo) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d} (Adware.2020search) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d} (Adware.2020search) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\softwarehelper (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d} (Adware.2020search) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\Documents and Settings\uyfyu\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\Documents and Settings\uyfyu\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdate.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
____________________________________________________________
OTL Extras logfile created on: 20/03/2010 01:12:04 - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\uyfyu\Mes documents\Téléchargements
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
1 023,00 Mb Total Physical Memory | 482,00 Mb Available Physical Memory | 47,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space | 118,54 Gb Free Space | 82,30% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: 403143860003
Current User Name: uyfyu
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%ProgramFiles%\AOL 9.0\aol.exe" = %ProgramFiles%\AOL 9.0\aol.exe:*:Enabled:AOL -- (America Online, Inc.)
"C:\APPS\Inventime\my.exe" = C:\APPS\Inventime\my.exe:*:Enabled:INVENTIME -- (Inventime)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}" = OpenOffice.org 3.1
"{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo
"{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216016F0}" = Java(TM) 6 Update 16
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{2F628098-2E02-42B8-9B0F-C9087E1BDD5C}" = Kit de connexion ADSL
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer
"{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4F77F6EE-2C99-49F7-940A-2E9C208C3BE1}" = Paint.NET v3.5.2
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
"{64D114CE-4234-45C2-B60A-2B07D5A48F72}" = Microsoft Works 7.0
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7148F0A8-6813-11D6-A77B-00B0D0142050}" = Java 2 Runtime Environment, SE v1.4.2_05
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7694E0B1-2332-448B-9235-929F84B41E3F}" = Active@ ISO Burner
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8A9831DC-A66B-EA64-9745-714B7131D3B8}" = MLB.com OnBase
"{9112040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-040C-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
"{9D10CB57-B085-44c3-B435-2D193BA153F0}" = Conseiller de mise à niveau vers Windows 7
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{AC76BA86-7AD7-1036-7B44-A92000000001}" = Adobe Reader 9.2 - Français
"{B131E59D-202C-43C6-84C9-68F0C37541F1}" = Galerie de photos Windows Live
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2121C6-C94D-4A73-8EA4-6943F33EE335}" = Music Transfer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}" = Windows Live Contrôle parental
"{DABF43D9-1104-4764-927B-5BED1274A3B0}" = Runtime
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F7D27C70-90F5-49B9-B188-0A133C0CE353}" = Windows Live Toolbar
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agere Systems Soft Modem" = Agere Systems PCI Soft Modem
"avast!" = avast! Antivirus
"CCleaner" = CCleaner (remove only)
"CDex" = CDex extraction audio
"com.mlb.onbase.9875703EBEDC426F7A563069BF0300F254DE4324.1" = MLB.com OnBase
"Dynamic Toolbar_is1" = Packard Bell Toolbar 1.0
"EPSON Printer and Utilities" = Software de impresora EPSON
"Friendly PPPoE v3.0.0.26" = Friendly PPPoE v3.0.0.26
"Glary Utilities_is1" = Glary Utilities 2.20.0.831
"HijackThis" = HijackThis 2.0.2
"ie8" = Windows Internet Explorer 8
"InterActual Player" = InterActual Player
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.
" = Mozilla Firefox (3.5.
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"PC Tools Firewall Plus" = PC Tools Firewall Plus 6.0
"SLAMRMO" = Aztech CNR2900 V.90 Modem
"SoftwareUpdate_is1" = SoftwareUpdate 1.0
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.0.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media 11
"Windows XP Service" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Installation Windows Live
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== Last 10 Event Log Errors ========== [ Antivirus Events ]
Error - 06/11/2009 20:34:30 | Computer Name = 403143860003 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Documents and Settings\uyfyu\Application Data\eoRezo\SoftwareUpdate\help_config.cyp
failed, 0000A413.
Error - 09/11/2009 13:35:12 | Computer Name = 403143860003 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://suggestqueries.google.com/comple ... le+interne failed, 0000A413.
Error - 09/11/2009 13:35:21 | Computer Name = 403143860003 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://suggestqueries.google.com/comple ... ne+cerveau failed, 0000A413.
Error - 09/11/2009 18:36:06 | Computer Name = 403143860003 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://suggestqueries.google.com/comple ... l=fr&q=dee failed, 0000A413.
Error - 19/11/2009 16:42:53 | Computer Name = 403143860003 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Documents and Settings\uyfyu\Application Data\Mozilla\Firefox\Profiles\0e8ngisk.default\sessionstore-1.js
failed, 0000A413.
[ Application Events ]
Error - 12/02/2010 11:07:53 | Computer Name = 403143860003 | Source = Google Update | ID = 20
Description =
Error - 14/02/2010 20:17:34 | Computer Name = 403143860003 | Source = Application Error | ID = 1000
Description = Application défaillante chrome.exe, version 0.0.0.0, module défaillant
npswf32.dll, version 10.0.32.18, adresse de défaillance 0x002e83b7.
Error - 16/02/2010 13:30:19 | Computer Name = 403143860003 | Source = Application Error | ID = 1000
Description = Application défaillante chrome.exe, version 0.0.0.0, module défaillant
npswf32.dll, version 10.0.32.18, adresse de défaillance 0x002e83b7.
Error - 15/03/2010 17:07:54 | Computer Name = 403143860003 | Source = Lavasoft Ad-Aware Service | ID = 0
Description =
Error - 15/03/2010 18:31:23 | Computer Name = 403143860003 | Source = Lavasoft Ad-Aware Service | ID = 0
Description =
Error - 15/03/2010 18:48:11 | Computer Name = 403143860003 | Source = Application Hang | ID = 1002
Description = Application bloquée SpybotSD.exe, version 1.6.2.46, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Error - 15/03/2010 18:49:51 | Computer Name = 403143860003 | Source = Lavasoft Ad-Aware Service | ID = 0
Description =
Error - 15/03/2010 19:07:19 | Computer Name = 403143860003 | Source = Lavasoft Ad-Aware Service | ID = 0
Description =
Error - 16/03/2010 20:22:26 | Computer Name = 403143860003 | Source = Application Hang | ID = 1002
Description = Application bloquée downloadedSDfile.tmp, version 51.49.0.0, module
bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Error - 18/03/2010 18:46:32 | Computer Name = 403143860003 | Source = pctsSvc.exe | ID = 0
Description =
[ System Events ]
Error - 18/03/2010 18:43:12 | Computer Name = 403143860003 | Source = Service Control Manager | ID = 7023
Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126
Error - 18/03/2010 18:43:12 | Computer Name = 403143860003 | Source = Service Control Manager | ID = 7023
Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126
Error - 18/03/2010 18:43:13 | Computer Name = 403143860003 | Source = Service Control Manager | ID = 7023
Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126
Error - 18/03/2010 18:43:13 | Computer Name = 403143860003 | Source = Service Control Manager | ID = 7023
Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126
Error - 18/03/2010 18:43:13 | Computer Name = 403143860003 | Source = Service Control Manager | ID = 7023
Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126
Error - 18/03/2010 18:43:13 | Computer Name = 403143860003 | Source = Service Control Manager | ID = 7023
Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126
Error - 18/03/2010 18:43:13 | Computer Name = 403143860003 | Source = Service Control Manager | ID = 7023
Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126
Error - 18/03/2010 18:43:13 | Computer Name = 403143860003 | Source = Service Control Manager | ID = 7023
Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126
Error - 18/03/2010 18:43:13 | Computer Name = 403143860003 | Source = Service Control Manager | ID = 7023
Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126
Error - 18/03/2010 18:43:13 | Computer Name = 403143860003 | Source = Service Control Manager | ID = 7023
Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126
< End of report >
____________________________________
OTL logfile created on: 20/03/2010 01:12:04 - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\uyfyu\Mes documents\Téléchargements
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
1 023,00 Mb Total Physical Memory | 482,00 Mb Available Physical Memory | 47,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space | 118,54 Gb Free Space | 82,30% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: 403143860003
Current User Name: uyfyu
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ========== PRC - C:\Documents and Settings\uyfyu\Mes documents\Téléchargements\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe (PC Tools)
PRC - C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
PRC - C:\Program Files\PC Tools Firewall Plus\FWService.exe (PC Tools)
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Documents and Settings\uyfyu\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe (EoRezo)
PRC - C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Sony Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\APPS\Powercinema\PCMService.exe (CyberLink Corp.)
PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATI9BE.EXE (SEIKO EPSON CORPORATION)
PRC - C:\WINDOWS\system32\slserv.exe ( )
PRC - C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe (America Online, Inc.)
PRC - C:\Program Files\Analog Devices\SoundMAX\SMTray.exe (Analog Devices, Inc.)
PRC - C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe (Friendly Technologies)
PRC - C:\APPS\ABOARD\ABOARD.EXE (NEC Computers International)
PRC - C:\APPS\ABOARD\AOSD.EXE (NEC Computers International)
PRC - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe (Analog Devices, Inc.)
========== Modules (SafeList) ========== MOD - C:\Documents and Settings\uyfyu\Mes documents\Téléchargements\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\mfc42.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\hid.dll (Microsoft Corporation)
MOD - C:\Program Files\CyberLink\Shared Files\CLRCEngine.dll (CyberLink Corp.)
MOD - C:\WINDOWS\system32\mfc42loc.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\Syncor11.dll (SoundMAX)
========== Win32 Services (SafeList) ========== SRV - (TuneUp.Defrag) -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
SRV - (PCToolsFirewallPlus) -- C:\Program Files\PC Tools Firewall Plus\FWService.exe (PC Tools)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (aswUpdSv) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (SLService) -- C:\WINDOWS\System32\slserv.exe ( )
SRV - (AOL ACS) -- C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe (America Online, Inc.)
SRV - (MysqlInventime) -- c:\mysql\bin\mysqld-nt.exe ()
SRV - (ose) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (SoundMAX Agent Service (default)) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe (Analog Devices, Inc.)
========== Driver Services (SafeList) ========== DRV - (pctgntdi) -- C:\WINDOWS\system32\drivers\pctgntdi.sys (PC Tools)
DRV - (pctplfw) -- C:\WINDOWS\system32\drivers\pctplfw.sys (PC Tools)
DRV - (PCTFW-PacketFilter) -- C:\WINDOWS\system32\drivers\pctNdis-PacketFilter.sys (PC Tools)
DRV - (pctNDIS) -- C:\WINDOWS\system32\drivers\pctNdis.sys (PC Tools)
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (PCTAppEvent) -- C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (aswMon2) -- C:\WINDOWS\system32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswSP) -- C:\WINDOWS\system32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswFsBlk) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys (ALWIL Software)
DRV - (aswTdi) -- C:\WINDOWS\system32\drivers\aswTdi.sys (ALWIL Software)
DRV - (aswRdr) -- C:\WINDOWS\system32\drivers\aswRdr.sys (ALWIL Software)
DRV - (Aavmker4) -- C:\WINDOWS\system32\drivers\aavmker4.sys (ALWIL Software)
DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)
DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (AR5211) -- C:\WINDOWS\system32\drivers\ar5211.sys (WildPackets, Inc. and Atheros Communications, Inc.)
DRV - (caboagp) -- C:\WINDOWS\system32\DRIVERS\atisgkaf.sys (ATI Technologies Inc.)
DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems)
DRV - (atiide) -- C:\WINDOWS\system32\DRIVERS\atiide.sys (ATI Technologies Inc.)
DRV - (RecAgent) -- C:\WINDOWS\system32\DRIVERS\RecAgent.sys ( )
DRV - (Mtlstrm) -- C:\WINDOWS\system32\drivers\mtlstrm.sys ( )
DRV - (SlNtHal) -- C:\WINDOWS\system32\drivers\slnthal.sys ( )
DRV - (Slntamr) -- C:\WINDOWS\system32\drivers\slntamr.sys ( )
DRV - (Mtlmnt5) -- C:\WINDOWS\system32\drivers\mtlmnt5.sys ( )
DRV - (NtMtlFax) -- C:\WINDOWS\system32\drivers\ntmtlfax.sys ( )
DRV - (SlWdmSup) -- C:\WINDOWS\system32\drivers\slwdmsup.sys ( )
DRV - (PPPoEWin) -- C:\WINDOWS\system32\drivers\PPPoEWin.SYS (Friendly Technologies)
DRV - (EL90Xbc) -- C:\WINDOWS\system32\drivers\el90Xbc5.SYS (3Com Corporation)
DRV - (wanatw) WAN Miniport (ATW) -- C:\WINDOWS\system32\drivers\wanatw4.sys (America Online, Inc.)
DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (symc810) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.msn.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page =
http://y.lo.stIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://fr.ask.com?o=15161&l=disIE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=IEFM1&q="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://fr.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official"
FF - prefs.js..extensions.enabledItems:
jqs@sun.com:1.0
FF - prefs.js..keyword.URL: ""
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/02/21 19:22:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/02/21 19:22:33 | 000,000,000 | ---D | M]
[2009/08/20 19:41:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uyfyu\Application Data\Mozilla\Extensions
[2010/03/19 19:42:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uyfyu\Application Data\Mozilla\Firefox\Profiles\0e8ngisk.default\extensions
[2009/09/04 00:36:48 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\uyfyu\Application Data\Mozilla\Firefox\Profiles\0e8ngisk.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/11/19 13:50:03 | 000,002,257 | ---- | M] () -- C:\Documents and Settings\uyfyu\Application Data\Mozilla\Firefox\Profiles\0e8ngisk.default\searchplugins\askcom.xml
[2009/09/02 13:31:13 | 000,002,163 | ---- | M] () -- C:\Documents and Settings\uyfyu\Application Data\Mozilla\Firefox\Profiles\0e8ngisk.default\searchplugins\bing.xml
[2010/03/19 19:42:43 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/10/16 19:24:07 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2009/10/16 19:24:07 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2009/10/16 19:24:07 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2009/10/16 19:24:07 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2009/10/16 19:24:07 | 000,000,652 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: ([2010/03/15 23:26:26 | 000,380,692 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1
www.007guard.comO1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1
www.008k.comO1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1
www.00hq.comO1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1
www.032439.comO1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1
www.0scan.comO1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1
www.1000gratisproben.comO1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1
www.1001namen.comO1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1
www.100888290cs.comO1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1
www.100sexlinks.comO1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1
www.10sek.comO1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1
www.1-2005-search.comO1 - Hosts: 13114 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL File not found
O4 - HKLM..\Run: [%FP%Friendly fts.exe] C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe (Friendly Technologies)
O4 - HKLM..\Run: [00PCTFW] C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe (PC Tools)
O4 - HKLM..\Run: [ACTIVBOARD] c:\APPS\ABOARD\ABOARD.EXE (NEC Computers International)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [EPSON Stylus CX3600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PCMService] c:\Apps\Powercinema\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SoftwareHelper] C:\Documents and Settings\uyfyu\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe (EoRezo)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKLM..\RunOnce: [SpybotDeletingA2194] C:\WINDOWS\System32\command.com ()
O4 - HKLM..\RunOnce: [SpybotDeletingA8002] C:\WINDOWS\System32\command.com ()
O4 - HKLM..\RunOnce: [SpybotDeletingC3232] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingC442] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingB7770] C:\WINDOWS\System32\command.com ()
O4 - HKCU..\RunOnce: [SpybotDeletingB8479] C:\WINDOWS\System32\command.com ()
O4 - HKCU..\RunOnce: [SpybotDeletingD2346] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingD8955] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\uyfyu\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Documents and Settings\uyfyu\Menu Démarrer\Programmes\Démarrage\Outil de détection de support PMB.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Sony Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}
http://java.sun.com/products/plugin/aut ... s-i586.cab (Java Plug-in 1.4.2_05)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\uyfyu\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\uyfyu\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{3c5b4c63-7cdb-11dd-bb93-00038a000015}\Shell\AutoRun\command - "" = I:\
O33 - MountPoints2\{3c5b4c63-7cdb-11dd-bb93-00038a000015}\Shell\explore\Command - "" = RECYCLED\INFO.exe
O33 - MountPoints2\{3c5b4c63-7cdb-11dd-bb93-00038a000015}\Shell\open\Command - "" = RECYCLED\INFO.exe
O33 - MountPoints2\{5ff41d11-3154-11df-bc1f-5050506f4531}\Shell\AutoRun\command - "" = I:\Info.exe -- File not found
O33 - MountPoints2\{73f686b8-85f0-11de-bb9e-5050506f4531}\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\Info.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2008/09/01 10:19:25 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
========== Files/Folders - Created Within 30 Days ========== [2010/03/20 00:41:48 | 000,000,000 | ---D | C] -- C:\ToolBar SD
[2010/03/18 23:58:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\uyfyu\Application Data\GlarySoft
[2010/03/18 23:53:10 | 000,000,000 | ---D | C] -- C:\Program Files\Glary Utilities
[2010/03/17 23:21:12 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\uyfyu\Recent
[2010/03/17 04:04:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\uyfyu\Application Data\PCToolsFirewallPlus
[2010/03/17 01:22:55 | 000,070,664 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis-PacketFilter.sys
[2010/03/17 01:22:55 | 000,058,816 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis.sys
[2010/03/17 01:22:55 | 000,032,680 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis-DNS.sys
[2010/03/17 01:22:51 | 000,115,216 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplfw.sys
[2010/03/17 01:22:45 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Firewall Plus
[2010/03/17 01:20:48 | 000,233,136 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2010/03/17 01:20:36 | 000,207,792 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2010/03/17 01:20:36 | 000,088,040 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2010/03/17 01:19:55 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\PC Tools
[2010/03/17 01:19:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/03/17 01:02:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Comodo Downloader
[2010/03/17 00:20:28 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2010
[2010/03/17 00:19:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\uyfyu\Bureau\OpenOffice.org 3.1 (fr) Installation Files
[2010/03/16 23:09:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\uyfyu\Mes documents\programmes
[2010/03/15 23:56:00 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/03/15 22:11:17 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/03/15 22:11:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010/03/15 21:15:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{52AC600B-5800-407E-99FF-83CD0669760B}
[2010/03/15 21:15:05 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2010/03/15 21:15:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2010/03/11 10:42:36 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2009/12/31 18:25:10 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2009/12/24 11:00:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\TuneUp Software
[2009/09/03 00:05:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009/09/01 10:37:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2009/08/19 21:25:04 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2004/11/09 05:04:57 | 000,014,968 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\winddx.sys
[1980/01/01 00:00:00 | 001,300,936 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[1980/01/01 00:00:00 | 000,635,288 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slntamr.sys
[1980/01/01 00:00:00 | 000,230,584 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[1980/01/01 00:00:00 | 000,180,592 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[1980/01/01 00:00:00 | 000,095,752 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slnthal.sys
[1980/01/01 00:00:00 | 000,013,904 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\RecAgent.sys
[1980/01/01 00:00:00 | 000,013,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2010/03/20 01:00:00 | 000,000,238 | ---- | M] () -- C:\WINDOWS\tasks\HDReg.job
[2010/03/20 00:33:58 | 000,000,174 | ---- | M] () -- C:\WINDOWS\WININIT.INI
[2010/03/19 23:41:27 | 000,000,936 | ---- | M] () -- C:\Documents and Settings\uyfyu\Bureau\Spybot - Search & Destroy.lnk
[2010/03/19 23:12:20 | 000,272,291 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010/03/19 23:11:42 | 000,000,312 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job
[2010/03/19 23:11:41 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/03/19 23:11:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/03/19 23:11:26 | 1072,549,888 | -HS- | M] () -- C:\hiberfil.sys
[2010/03/19 20:16:57 | 000,018,432 | ---- | M] () -- C:\Documents and Settings\uyfyu\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/18 23:59:28 | 003,670,016 | ---- | M] () -- C:\Documents and Settings\uyfyu\NTUSER.DAT
[2010/03/18 23:53:18 | 000,000,678 | ---- | M] () -- C:\Documents and Settings\uyfyu\Bureau\Glary Utilities.lnk
[2010/03/17 23:33:24 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/03/17 03:25:28 | 000,000,700 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/03/15 23:34:53 | 000,000,478 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/03/15 23:26:26 | 000,380,692 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ========== [2010/03/19 23:41:27 | 000,000,936 | ---- | C] () -- C:\Documents and Settings\uyfyu\Bureau\Spybot - Search & Destroy.lnk
[2010/03/19 20:25:19 | 732,956,672 | ---- | C] () -- C:\Documents and Settings\uyfyu\Bureau\The Illusionist.avi
[2010/03/18 23:54:33 | 000,000,312 | ---- | C] () -- C:\WINDOWS\tasks\GlaryInitialize.job
[2010/03/18 23:53:18 | 000,000,678 | ---- | C] () -- C:\Documents and Settings\uyfyu\Bureau\Glary Utilities.lnk
[2010/03/17 01:22:55 | 000,007,435 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctNdis-PacketFilter.cat
[2010/03/17 01:22:55 | 000,007,399 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctNdis-DNS.cat
[2010/03/17 01:22:51 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctplfw.cat
[2010/03/17 01:20:48 | 000,007,387 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctgntdi.cat
[2010/03/17 01:20:36 | 000,007,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCTAppEvent.cat
[2010/03/17 01:20:36 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctcore.cat
[2010/03/15 22:10:19 | 000,000,478 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/01/01 19:10:23 | 000,000,174 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2009/12/30 12:45:13 | 000,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009/12/30 09:09:55 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\uyfyu\Local Settings\Application Data\fusioncache.dat
[2009/12/27 19:47:54 | 000,000,305 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009/10/07 15:51:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2009/08/10 21:17:20 | 000,000,675 | ---- | C] () -- C:\WINDOWS\AppRun.ini
[2008/09/07 13:53:45 | 000,018,432 | ---- | C] () -- C:\Documents and Settings\uyfyu\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/11/09 05:44:55 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/11/09 05:29:19 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/11/09 05:23:23 | 000,005,396 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASIOMI.sys
[2004/11/09 05:19:38 | 000,007,154 | ---- | C] () -- C:\WINDOWS\HDReg.ini
[2004/11/09 05:19:04 | 000,036,864 | ---- | C] () -- C:\WINDOWS\jRegistryKey.dll
[2004/11/09 05:19:04 | 000,000,232 | ---- | C] () -- C:\WINDOWS\my.ini
[2004/11/09 05:09:22 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2004/11/09 05:04:57 | 000,528,384 | ---- | C] () -- C:\WINDOWS\System32\SLLights.dll
[2004/11/09 05:04:57 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\amr_cpl.dll
[2004/11/09 05:04:57 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\SLMOHServ.dll
[2004/09/07 18:49:32 | 000,005,520 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/08/16 18:25:16 | 000,000,829 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/06/23 13:14:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2003/04/01 10:58:02 | 000,005,260 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[1980/01/01 00:00:00 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\slextspk.dll
[1980/01/01 00:00:00 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\SLGen.dll
[1980/01/01 00:00:00 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\coinst.dll
========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS >[2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009/09/01 09:15:08 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:AGP440.sys
[2009/09/01 09:15:08 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
< MD5 for: ATAPI.SYS >[2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009/09/01 09:15:08 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys
[2009/09/01 09:15:08 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: EVENTLOG.DLL >[2004/08/05 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=21E83876A6287F15538EF187D286FE11 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008/04/14 03:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 03:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: NETLOGON.DLL >[2008/04/14 03:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 03:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/05 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
< MD5 for: SCECLI.DLL >[2008/04/14 03:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/14 03:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll
[2004/08/05 14:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=DEC0397F35D027874804EC72979D03CC -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
< %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles >[6 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles > ========== Alternate Data Streams ========== @Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C31F31E6
< End of report >
______________________________________