WiredWX Hobby Weather ToolsLog in

 


descriptionTrojan horse EmptyTrojan horse

more_horiz
Hi, in hell... My XP has been under attack by 2 trojan horses. I've removed them - no name, sorry - but since, my XP freeze after opening windows. It keeps on asking me to scan disk. I'm able to run my computer as I have Vista installed, but all my programs are on my XP. My documents folder seems to not be found, I can't run Microsoft office, etc... Any help available?

descriptionTrojan horse EmptyRe: Trojan horse

more_horiz
Download OTL by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.

descriptionTrojan horse EmptyRe: Trojan horse

more_horiz
OTL logfile created on: 28/01/2010 21:02:14 - Run 1
OTL by OldTimer - Version 3.1.27.0 Folder = E:\Doc_Framboise\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 48,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 39,06 Gb Total Space | 10,67 Gb Free Space | 27,31% Space Free | Partition Type: NTFS
Drive D: | 78,13 Gb Total Space | 51,98 Gb Free Space | 66,53% Space Free | Partition Type: NTFS
Drive E: | 180,80 Gb Total Space | 146,49 Gb Free Space | 81,02% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC-DE-FRAMBOISE
Current User Name: Framboise
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/01/28 21:01:55 | 00,548,864 | ---- | M] (OldTimer Tools) -- E:\Doc_Framboise\Downloads\OTL.exe
PRC - [2010/01/28 08:58:47 | 00,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2010/01/28 08:58:43 | 02,043,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2010/01/28 08:58:41 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
PRC - [2010/01/28 06:21:08 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~1\AVG\AVG8\avgrsx.exe
PRC - [2010/01/28 06:21:07 | 00,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~1\AVG\AVG8\avgnsx.exe
PRC - [2010/01/28 06:20:59 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~1\AVG\AVG8\avgemc.exe
PRC - [2010/01/21 08:24:00 | 00,527,344 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2010/01/07 16:07:10 | 01,394,000 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2009/10/28 15:38:50 | 00,039,272 | ---- | M] (AOL, LLC.) -- C:\Program Files\AOL 9.5\waol.exe
PRC - [2009/10/28 15:38:49 | 00,054,632 | ---- | M] (AOL, LLC.) -- C:\Program Files\AOL 9.5\shellmon.exe
PRC - [2009/10/09 13:11:12 | 25,623,336 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe
PRC - [2009/10/09 13:11:12 | 00,078,008 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe
PRC - [2009/07/20 20:52:23 | 00,041,264 | ---- | M] (AOL LLC) -- C:\Program Files\Common Files\aol\1264689981\ee\aolsoftware.exe
PRC - [2009/04/23 10:05:14 | 05,689,344 | ---- | M] (Wisdom Software Inc. ) -- C:\Program Files\Wisdom-soft ScreenHunter 5 Free\ScreenHunter.exe
PRC - [2008/10/29 07:29:41 | 02,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/09 13:51:46 | 00,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008/02/15 08:41:50 | 00,141,848 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxtray.exe
PRC - [2008/02/15 08:41:46 | 00,256,536 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.exe
PRC - [2008/02/15 08:41:44 | 00,133,656 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxpers.exe
PRC - [2008/02/15 08:41:34 | 00,166,424 | ---- | M] (Intel Corporation) -- C:\Windows\System32\hkcmd.exe
PRC - [2008/01/21 03:23:32 | 01,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/12/08 13:34:40 | 03,444,736 | ---- | M] (Dell Inc.) -- C:\Windows\System32\WLTRAY.EXE
PRC - [2007/12/08 13:34:40 | 00,024,064 | ---- | M] () -- C:\Windows\System32\WLTRYSVC.EXE
PRC - [2007/12/08 13:34:10 | 02,506,752 | ---- | M] (Dell Inc.) -- C:\Windows\System32\BCMWLTRY.EXE
PRC - [2007/10/25 13:31:20 | 00,167,936 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2007/06/06 16:44:44 | 00,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apntex.exe
PRC - [2007/05/22 14:18:56 | 00,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2007/05/09 16:01:00 | 00,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe
PRC - [2007/04/02 13:33:32 | 00,063,120 | ---- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\Topspeed\3.0\aoltpsd3.exe
PRC - [2006/10/23 13:50:35 | 00,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
PRC - [2006/09/08 15:10:22 | 00,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\HidFind.exe
PRC - [2006/05/22 05:00:00 | 00,139,264 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\spool\drivers\w32x86\3\E_FATIBKE.EXE


========== Modules (SafeList) ==========

MOD - [2010/01/28 21:01:55 | 00,548,864 | ---- | M] (OldTimer Tools) -- E:\Doc_Framboise\Downloads\OTL.exe
MOD - [2010/01/28 06:21:08 | 00,011,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
MOD - [2008/01/21 03:24:42 | 02,085,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msi.dll
MOD - [2008/01/21 03:24:15 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sfc_os.dll
MOD - [2008/01/21 03:23:44 | 01,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll
MOD - [2006/11/02 10:46:13 | 00,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sfc.dll
MOD - [2006/11/02 10:46:07 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msiltcfg.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/01/28 08:58:41 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2010/01/28 06:20:59 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\PROGRA~1\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2010/01/28 06:07:18 | 00,133,104 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1ca9fd7ca56b11b) Service Google Update (gupdate1ca9fd7ca56b11b)
SRV - [2008/12/19 12:19:28 | 00,137,200 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2008/01/21 03:23:32 | 00,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2007/12/08 13:34:40 | 00,024,064 | ---- | M] () [Auto | Running] -- C:\Windows\System32\WLTRYSVC.EXE -- (wltrysvc)
SRV - [2006/11/02 13:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\ehome\ehstart.dll -- (ehstart)
SRV - [2006/10/26 18:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006/10/26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/10/23 13:50:35 | 00,046,640 | R--- | M] (AOL LLC) [On_Demand | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)


========== Driver Services (SafeList) ==========

DRV - [2010/01/28 06:21:08 | 00,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/01/28 06:21:08 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/01/28 06:21:07 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/01/07 16:07:14 | 00,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2008/01/21 03:23:27 | 00,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/21 03:23:27 | 00,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/21 03:23:27 | 00,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/21 03:23:26 | 00,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/21 03:23:26 | 00,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/21 03:23:26 | 00,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/21 03:23:25 | 00,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/21 03:23:25 | 00,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/21 03:23:24 | 01,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/21 03:23:24 | 00,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008/01/21 03:23:24 | 00,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/21 03:23:23 | 00,654,336 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (winachsf)
DRV - [2008/01/21 03:23:23 | 00,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/21 03:23:23 | 00,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/21 03:23:23 | 00,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/21 03:23:23 | 00,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/21 03:23:23 | 00,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/21 03:23:23 | 00,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/21 03:23:22 | 00,987,648 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (HSF_DPV)
DRV - [2008/01/21 03:23:22 | 00,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/21 03:23:22 | 00,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2008/01/21 03:23:21 | 00,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/21 03:23:21 | 00,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/21 03:23:21 | 00,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/21 03:23:20 | 00,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/21 03:23:00 | 00,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/21 03:23:00 | 00,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/21 03:23:00 | 00,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2008/01/02 15:48:28 | 02,016,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2007/12/26 20:02:52 | 00,164,400 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/12/06 20:52:42 | 01,044,984 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX)
DRV - [2007/12/06 08:51:00 | 00,298,496 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2007/10/10 16:03:00 | 00,235,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev)
DRV - [2007/06/06 22:21:32 | 00,111,616 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV - [2007/03/21 21:02:04 | 00,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/03/05 09:45:04 | 00,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx)
DRV - [2007/02/24 13:42:22 | 00,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/01/23 15:40:20 | 00,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/29 23:24:57 | 00,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2006/11/02 10:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 10:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 10:50:19 | 00,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 10:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 10:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 10:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 10:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 10:50:05 | 00,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 10:50:03 | 00,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 10:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 10:49:56 | 00,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 09:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 09:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 09:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 09:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 09:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 09:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 08:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 07:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {f0e98552-8e47-4c6c-9b3a-11ab0549f94d} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL L.L.C.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.aol.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {6dfc55bb-bfff-485a-9709-90c3fdf6db58} - C:\Program Files\Wisdom-soft\tbWisd.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {f0e98552-8e47-4c6c-9b3a-11ab0549f94d} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL L.L.C.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2006/09/18 22:41:30 | 00,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AOL Toolbar Loader) - {3ef64538-8b54-4573-b48f-4d34b0238ab2} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL L.L.C.)
O2 - BHO: (Wisdom-soft toolbar) - {6dfc55bb-bfff-485a-9709-90c3fdf6db58} - C:\Program Files\Wisdom-soft\tbWisd.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (Wisdom-soft toolbar) - {6dfc55bb-bfff-485a-9709-90c3fdf6db58} - C:\Program Files\Wisdom-soft\tbWisd.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL L.L.C.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Wisdom-soft toolbar) - {6DFC55BB-BFFF-485A-9709-90C3FDF6DB58} - C:\Program Files\Wisdom-soft\tbWisd.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Windows\System32\WLTRAY.EXE (Dell Inc.)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1264689981\ee\AOLSoftware.exe (AOL LLC)
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [AOL Fast Start] C:\Program Files\AOL 9.5\AOL.EXE (AOL, LLC.)
O4 - HKCU..\Run: [EPSON Stylus DX7000F Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIBKE.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [SynapseUpdate] C:\Program Files\Synapse Développement\Synapse Update\Synapse Update.exe (Synapse Développement)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Framboise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ScreenHunter 5.1 Free.lnk = C:\Program Files\Wisdom-soft ScreenHunter 5 Free\ScreenHunter.exe (Wisdom Software Inc. )
O8 - Extra context menu item: &Point&&Go - C:\Program Files\Common Files\Expert System\PGPlatform\PGPlatform.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 66.94.25.120 66.94.9.120
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Dock.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Dock.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008/10/09 11:28:09 | 00,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{bd7ea5a6-95f3-11dd-91f2-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{bd7ea5a6-95f3-11dd-91f2-806e6f6e6963}\Shell\AutoRun\command - "" = X:\autoRcd.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/01/28 20:06:20 | 00,000,000 | ---D | C] -- C:\Users\Framboise\AppData\Roaming\Malwarebytes
[2010/01/28 20:06:15 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/01/28 20:06:14 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/01/28 20:06:14 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/01/28 20:06:14 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/01/28 15:47:23 | 00,054,832 | ---- | C] (AOL LLC) -- C:\Windows\System32\AOLParconLink.exe
[2010/01/28 15:47:13 | 00,000,000 | ---D | C] -- C:\Program Files\AOL Toolbar
[2010/01/28 15:47:08 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Software Update Utility
[2010/01/28 15:46:15 | 00,000,000 | ---D | C] -- C:\Program Files\AOL
[2010/01/28 15:46:04 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\aolshare
[2010/01/28 15:46:04 | 00,000,000 | ---D | C] -- C:\Program Files\AOL 9.5
[2010/01/28 15:46:04 | 00,000,000 | ---D | C] -- C:\ProgramData\AOL
[2010/01/28 15:46:04 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\aol
[2010/01/28 15:40:38 | 00,000,000 | ---D | C] -- C:\Users\Framboise\AppData\Local\AOL
[2010/01/28 15:39:07 | 00,000,000 | ---D | C] -- C:\Users\Framboise\AppData\Local\Wisdom-soft
[2010/01/28 15:05:28 | 00,000,000 | ---D | C] -- C:\ThumbsPlus
[2010/01/28 15:03:20 | 00,000,000 | ---D | C] -- C:\Program Files\Wisdom-soft
[2010/01/28 15:03:13 | 00,000,000 | ---D | C] -- C:\Program Files\Wisdom-soft ScreenHunter 5 Free
[2010/01/28 09:06:50 | 00,000,000 | ---D | C] -- C:\Users\Framboise\AppData\Local\AOL Toolbar
[2010/01/28 07:45:23 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010/01/28 07:37:07 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2010/01/28 07:37:07 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2010/01/28 07:25:05 | 00,622,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2010/01/28 07:25:05 | 00,105,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2010/01/28 07:25:05 | 00,097,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2010/01/28 07:25:05 | 00,043,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010/01/28 07:25:05 | 00,037,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2010/01/28 07:25:05 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2010/01/28 07:25:04 | 00,781,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2010/01/28 07:25:03 | 00,326,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010/01/28 07:19:35 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010/01/28 07:19:28 | 00,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2010/01/28 07:19:26 | 00,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2010/01/28 07:05:19 | 00,000,000 | R--D | C] -- C:\Users\Framboise\Pictures
[2010/01/28 06:58:15 | 00,000,000 | ---D | C] -- C:\Users\Framboise\Desktop\shortcut to organize
[2010/01/28 06:44:18 | 00,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2010/01/28 06:44:17 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2010/01/28 06:44:16 | 08,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010/01/28 06:44:16 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2010/01/28 06:44:16 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2010/01/28 06:43:52 | 00,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010/01/28 06:43:52 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010/01/28 06:43:52 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010/01/28 06:43:51 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2010/01/28 06:43:48 | 02,452,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2010/01/28 06:43:43 | 00,458,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/01/28 06:43:43 | 00,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/01/28 06:43:43 | 00,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2010/01/28 06:43:42 | 00,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2010/01/28 06:43:42 | 00,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/01/28 06:43:41 | 00,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/01/28 06:43:41 | 00,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010/01/28 06:43:41 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2010/01/28 06:43:41 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010/01/28 06:43:40 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/01/28 06:43:39 | 01,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/01/28 06:43:31 | 00,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2010/01/28 06:43:31 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2010/01/28 06:43:31 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2010/01/28 06:43:31 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2010/01/28 06:43:31 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2010/01/28 06:43:31 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2010/01/28 06:43:31 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2010/01/28 06:43:31 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TCPSVCS.EXE
[2010/01/28 06:43:31 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2010/01/28 06:43:03 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2010/01/28 06:43:02 | 00,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2010/01/28 06:43:02 | 00,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2010/01/28 06:42:56 | 01,256,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2010/01/28 06:42:52 | 02,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2010/01/28 06:42:52 | 02,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2010/01/28 06:42:48 | 03,546,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010/01/28 06:42:46 | 03,597,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010/01/28 06:42:38 | 00,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2010/01/28 06:42:38 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2010/01/28 06:42:32 | 00,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2010/01/28 06:42:23 | 00,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2010/01/28 06:42:23 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2010/01/28 06:42:21 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2010/01/28 06:42:19 | 00,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2010/01/28 06:42:19 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010/01/28 06:41:43 | 00,636,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
[2010/01/28 06:41:41 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010/01/28 06:41:35 | 00,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2010/01/28 06:41:35 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2010/01/28 06:41:35 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2010/01/28 06:41:35 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2010/01/28 06:41:35 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2010/01/28 06:41:35 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2010/01/28 06:41:35 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe
[2010/01/28 06:41:16 | 00,512,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010/01/28 06:41:11 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2010/01/28 06:41:11 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2010/01/28 06:40:59 | 02,035,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010/01/28 06:40:42 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2010/01/28 06:40:42 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2010/01/28 06:40:31 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010/01/28 06:40:28 | 04,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010/01/28 06:39:59 | 00,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll
[2010/01/28 06:39:59 | 00,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2010/01/28 06:39:56 | 00,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2010/01/28 06:39:54 | 00,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2010/01/28 06:30:53 | 00,000,000 | ---D | C] -- C:\Users\Framboise\AppData\Roaming\AOL
[2010/01/28 06:30:52 | 00,000,000 | ---D | C] -- C:\Users\Framboise\AppData\Roaming\Macromedia
[2010/01/28 06:30:50 | 00,000,000 | ---D | C] -- C:\ProgramData\Macromedia
[2010/01/28 06:29:24 | 00,000,000 | ---D | C] -- C:\ProgramData\Viewpoint
[2010/01/28 06:29:23 | 00,000,000 | ---D | C] -- C:\Program Files\Viewpoint
[2010/01/28 06:29:12 | 00,181,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010/01/28 06:29:04 | 00,000,000 | ---D | C] -- C:\ProgramData\AOL Toolbar
[2010/01/28 06:28:20 | 00,000,000 | ---D | C] -- C:\Users\Public\Documents\AOL Downloads
[2010/01/28 06:27:12 | 00,033,588 | ---- | C] (America Online, Inc.) -- C:\Windows\System32\drivers\wanatw4.sys
[2010/01/28 06:26:56 | 00,000,000 | ---D | C] -- C:\ProgramData\AOL OCP
[2010/01/28 06:25:11 | 00,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010/01/28 06:21:07 | 00,108,552 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010/01/28 06:19:09 | 00,000,000 | ---D | C] -- C:\ProgramData\AOL Downloads
[2010/01/28 06:11:58 | 00,000,000 | ---D | C] -- C:\Users\Framboise\AppData\Local\Deployment
[2010/01/28 06:11:58 | 00,000,000 | ---D | C] -- C:\Users\Framboise\AppData\Local\Apps
[2010/01/28 06:09:00 | 00,000,000 | ---D | C] -- C:\Users\Framboise\AppData\Roaming\skypePM
[2010/01/28 06:07:27 | 00,000,000 | ---D | C] -- C:\Users\Framboise\AppData\Roaming\Skype
[2010/01/28 06:06:06 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010/01/28 06:06:05 | 00,000,000 | R--D | C] -- C:\Program Files\Skype
[2010/01/28 06:05:59 | 00,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010/01/28 05:57:27 | 02,421,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2010/01/28 05:57:27 | 00,044,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2010/01/28 05:57:12 | 00,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2010/01/28 05:57:12 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2010/01/28 05:57:12 | 00,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2010/01/28 05:57:02 | 00,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2010/01/28 05:57:02 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2010/01/28 05:34:29 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Scanner
[2010/01/28 05:32:00 | 00,000,000 | ---D | C] -- C:\Users\Framboise\AppData\Local\Adobe
[2010/01/28 05:31:59 | 00,000,000 | ---D | C] -- C:\Users\Framboise\AppData\Roaming\Adobe
[2010/01/21 19:26:54 | 00,000,000 | ---D | C] -- E:\Doc_Framboise\France1ereserie
[2010/01/20 13:27:09 | 00,000,000 | ---D | C] -- E:\Doc_Framboise\FranceRennes2010
[2010/01/20 02:06:31 | 00,000,000 | ---D | C] -- E:\Doc_Framboise\M17277MikeB
[2010/01/18 19:12:35 | 00,000,000 | ---D | C] -- E:\Doc_Framboise\RocheYon
[2010/01/17 23:11:51 | 00,000,000 | ---D | C] -- E:\Doc_Framboise\ToC
[2010/01/16 12:05:17 | 00,000,000 | ---D | C] -- E:\Doc_Framboise\Article PSA
[2010/01/13 23:49:28 | 00,000,000 | ---D | C] -- E:\Doc_Framboise\image001
[2010/01/13 15:58:18 | 00,000,000 | ---D | C] -- E:\Doc_Framboise\Gravenchon
[2010/01/13 09:31:39 | 00,000,000 | ---D | C] -- E:\Doc_Framboise\Comfort Inn
[2010/01/06 16:54:11 | 00,000,000 | ---D | C] -- E:\Doc_Framboise\nimes
[2010/01/04 14:56:36 | 00,000,000 | ---D | C] -- E:\Doc_Framboise\Julia,JulieetMarc
[2010/01/04 09:15:30 | 00,000,000 | ---D | C] -- E:\Doc_Framboise\Lucas Buit
[2010/01/02 12:18:42 | 00,000,000 | ---D | C] -- E:\Doc_Framboise\BJO

========== Files - Modified Within 30 Days ==========

[2010/01/28 21:02:18 | 01,310,720 | -HS- | M] () -- C:\Users\Framboise\NTUSER.DAT
[2010/01/28 20:53:00 | 00,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/01/28 20:06:18 | 00,000,828 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/28 19:32:26 | 00,669,566 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2010/01/28 19:32:25 | 01,470,810 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/01/28 19:32:25 | 00,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/01/28 19:32:25 | 00,123,556 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2010/01/28 19:32:25 | 00,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/01/28 19:25:55 | 00,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/01/28 19:25:49 | 00,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/01/28 19:25:49 | 00,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/01/28 19:25:46 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/01/28 19:25:43 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/01/28 19:25:05 | 32,086,95808 | -HS- | M] () -- C:\hiberfil.sys
[2010/01/28 16:12:30 | 00,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/01/28 16:11:50 | 00,524,288 | -HS- | M] () -- C:\Users\Framboise\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/01/28 16:11:50 | 00,065,536 | -HS- | M] () -- C:\Users\Framboise\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/01/28 16:11:45 | 02,669,319 | -H-- | M] () -- C:\Users\Framboise\AppData\Local\IconCache.db
[2010/01/28 16:11:42 | 00,000,476 | ---- | M] () -- C:\Windows\win.ini
[2010/01/28 15:48:02 | 00,000,744 | ---- | M] () -- C:\Users\Public\Desktop\AOL 9.5.lnk
[2010/01/28 15:38:23 | 00,000,004 | ---- | M] () -- C:\Windows\msoffice.ini
[2010/01/28 15:05:40 | 00,000,542 | ---- | M] () -- C:\Users\Public\Desktop\ThumbsPlus 7.lnk
[2010/01/28 15:03:16 | 00,001,839 | ---- | M] () -- C:\Users\Framboise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ScreenHunter 5.1 Free.lnk
[2010/01/28 15:03:16 | 00,001,803 | ---- | M] () -- C:\Users\Framboise\Desktop\ScreenHunter 5.1 Free.lnk
[2010/01/28 14:45:12 | 54,749,051 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010/01/28 09:05:15 | 00,002,687 | ---- | M] () -- C:\Users\Framboise\Desktop\Microsoft Office Word 2007.lnk
[2010/01/28 08:41:02 | 00,304,104 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/01/28 06:21:08 | 00,492,629 | ---- | M] () -- C:\Windows\System32\drivers\Avg\miniavi.avg
[2010/01/28 06:21:08 | 00,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2010/01/28 06:21:08 | 00,142,495 | ---- | M] () -- C:\Windows\System32\drivers\Avg\microavi.avg
[2010/01/28 06:21:08 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2010/01/28 06:21:08 | 00,011,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2010/01/28 06:21:07 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010/01/28 06:19:09 | 00,000,335 | ---- | M] () -- C:\Windows\nsreg.dat
[2010/01/28 06:15:42 | 00,002,585 | ---- | M] () -- C:\Users\Framboise\Desktop\Microsoft Office FrontPage 2003.lnk
[2010/01/28 06:13:27 | 00,000,909 | ---- | M] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2010/01/28 06:12:31 | 00,001,981 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010/01/28 06:09:01 | 00,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010/01/28 06:06:06 | 00,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/01/27 19:32:50 | 00,024,064 | ---- | M] () -- E:\Doc_Framboise\Steve for meeting feb.doc
[2010/01/27 19:32:50 | 00,000,162 | -H-- | M] () -- E:\Doc_Framboise\~$eve for meeting feb.doc
[2010/01/21 14:33:56 | 00,869,157 | ---- | M] () -- E:\Doc_Framboise\AfficheSquash.jpg
[2010/01/20 02:33:31 | 01,336,335 | ---- | M] () -- E:\Doc_Framboise\france-jeune1317avril-2010.jpg
[2010/01/19 02:15:06 | 00,411,034 | ---- | M] () -- E:\Doc_Framboise\bonne année_3.jpg
[2010/01/14 11:12:06 | 00,181,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010/01/14 07:30:57 | 00,041,325 | ---- | M] () -- E:\Doc_Framboise\MondeIndividuelAmsterdam09(13).jpg
[2010/01/09 21:39:29 | 00,054,453 | ---- | M] () -- E:\Doc_Framboise\PrixNY.jpg
[2010/01/07 16:07:14 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/01/07 16:07:04 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/01/06 00:47:46 | 00,024,064 | ---- | M] () -- E:\Doc_Framboise\0020103320248 or 0020124505015.doc
[2010/01/05 15:50:30 | 00,040,985 | ---- | M] () -- E:\Doc_Framboise\ArticlepourFram.docx
[2010/01/03 10:39:23 | 00,024,576 | ---- | M] () -- E:\Doc_Framboise\Did you always fancy coaching.doc
[2010/01/03 10:16:05 | 00,022,114 | ---- | M] () -- E:\Doc_Framboise\Amazon.fr - Commande 402-1733172-5108334.pdf
[2010/01/02 01:29:29 | 00,480,781 | ---- | M] () -- E:\Doc_Framboise\PressreleaseThierryLINCOU2010.pdf

========== Files Created - No Company Name ==========

[2010/01/28 20:06:18 | 00,000,828 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/28 15:48:02 | 00,000,744 | ---- | C] () -- C:\Users\Public\Desktop\AOL 9.5.lnk
[2010/01/28 15:38:14 | 00,000,004 | ---- | C] () -- C:\Windows\msoffice.ini
[2010/01/28 15:05:40 | 00,000,542 | ---- | C] () -- C:\Users\Public\Desktop\ThumbsPlus 7.lnk
[2010/01/28 15:03:16 | 00,001,839 | ---- | C] () -- C:\Users\Framboise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ScreenHunter 5.1 Free.lnk
[2010/01/28 15:03:16 | 00,001,803 | ---- | C] () -- C:\Users\Framboise\Desktop\ScreenHunter 5.1 Free.lnk
[2010/01/28 06:48:28 | 00,001,054 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/01/28 06:48:19 | 00,001,050 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/01/28 06:43:04 | 02,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2010/01/28 06:19:09 | 00,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/01/28 06:13:27 | 00,000,909 | ---- | C] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2010/01/28 06:12:31 | 00,001,981 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010/01/28 06:09:01 | 00,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/01/28 06:06:06 | 00,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/01/27 19:32:50 | 00,000,162 | -H-- | C] () -- E:\Doc_Framboise\~$eve for meeting feb.doc
[2010/01/27 19:32:49 | 00,024,064 | ---- | C] () -- E:\Doc_Framboise\Steve for meeting feb.doc
[2010/01/21 14:32:57 | 00,869,157 | ---- | C] () -- E:\Doc_Framboise\AfficheSquash.jpg
[2010/01/20 02:32:14 | 01,336,335 | ---- | C] () -- E:\Doc_Framboise\france-jeune1317avril-2010.jpg
[2010/01/19 02:14:57 | 00,411,034 | ---- | C] () -- E:\Doc_Framboise\bonne année_3.jpg
[2010/01/14 07:30:56 | 00,041,325 | ---- | C] () -- E:\Doc_Framboise\MondeIndividuelAmsterdam09(13).jpg
[2010/01/09 21:39:27 | 00,054,453 | ---- | C] () -- E:\Doc_Framboise\PrixNY.jpg
[2010/01/06 00:47:46 | 00,024,064 | ---- | C] () -- E:\Doc_Framboise\0020103320248 or 0020124505015.doc
[2010/01/05 15:50:29 | 00,040,985 | ---- | C] () -- E:\Doc_Framboise\ArticlepourFram.docx
[2010/01/03 10:39:23 | 00,024,576 | ---- | C] () -- E:\Doc_Framboise\Did you always fancy coaching.doc
[2010/01/03 10:16:05 | 00,022,114 | ---- | C] () -- E:\Doc_Framboise\Amazon.fr - Commande 402-1733172-5108334.pdf
[2010/01/02 01:29:24 | 00,480,781 | ---- | C] () -- E:\Doc_Framboise\PressreleaseThierryLINCOU2010.pdf
[2008/11/27 09:44:15 | 00,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2008/11/27 09:37:53 | 00,000,025 | ---- | C] () -- C:\Windows\CDE DX7000FEFDG.ini
[2008/10/09 15:46:01 | 00,000,000 | ---- | C] () -- C:\Windows\PROTOCOL.INI
[2008/10/09 15:43:02 | 00,000,342 | ---- | C] () -- C:\Windows\CordialPro.INI
[2008/10/09 15:37:40 | 00,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/10/09 13:43:30 | 00,054,784 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2008/10/09 13:40:58 | 00,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2008/10/09 12:32:58 | 00,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2008/10/09 12:32:56 | 01,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2008/10/09 12:32:56 | 01,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2008/10/09 12:32:56 | 00,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2008/10/09 12:32:56 | 00,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2008/10/09 12:28:19 | 00,000,680 | ---- | C] () -- C:\Users\Framboise\AppData\Local\d3d9caps.dat
[2006/11/02 13:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 08:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/04/06 06:17:00 | 00,159,744 | ---- | C] () -- C:\Windows\System32\EPSPTDV.DLL
[2002/07/16 15:43:59 | 00,077,824 | ---- | C] () -- C:\Windows\System32\hookmod.dll
< End of report >

descriptionTrojan horse EmptyRe: Trojan horse

more_horiz
OTL logfile created on: 28/01/2010 21:02:14 - Run 1
OTL by OldTimer - Version 3.1.27.0 Folder = E:\Doc_Framboise\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 48,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 39,06 Gb Total Space | 10,67 Gb Free Space | 27,31% Space Free | Partition Type: NTFS
Drive D: | 78,13 Gb Total Space | 51,98 Gb Free Space | 66,53% Space Free | Partition Type: NTFS
Drive E: | 180,80 Gb Total Space | 146,49 Gb Free Space | 81,02% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC-DE-FRAMBOISE
Current User Name: Framboise
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/01/28 21:01:55 | 00,548,864 | ---- | M] (OldTimer Tools) -- E:\Doc_Framboise\Downloads\OTL.exe
PRC - [2010/01/28 08:58:47 | 00,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2010/01/28 08:58:43 | 02,043,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2010/01/28 08:58:41 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
PRC - [2010/01/28 06:21:08 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~1\AVG\AVG8\avgrsx.exe
PRC - [2010/01/28 06:21:07 | 00,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~1\AVG\AVG8\avgnsx.exe
PRC - [2010/01/28 06:20:59 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~1\AVG\AVG8\avgemc.exe
PRC - [2010/01/21 08:24:00 | 00,527,344 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2010/01/07 16:07:10 | 01,394,000 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2009/10/28 15:38:50 | 00,039,272 | ---- | M] (AOL, LLC.) -- C:\Program Files\AOL 9.5\waol.exe
PRC - [2009/10/28 15:38:49 | 00,054,632 | ---- | M] (AOL, LLC.) -- C:\Program Files\AOL 9.5\shellmon.exe
PRC - [2009/10/09 13:11:12 | 25,623,336 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe
PRC - [2009/10/09 13:11:12 | 00,078,008 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe
PRC - [2009/07/20 20:52:23 | 00,041,264 | ---- | M] (AOL LLC) -- C:\Program Files\Common Files\aol\1264689981\ee\aolsoftware.exe
PRC - [2009/04/23 10:05:14 | 05,689,344 | ---- | M] (Wisdom Software Inc. ) -- C:\Program Files\Wisdom-soft ScreenHunter 5 Free\ScreenHunter.exe
PRC - [2008/10/29 07:29:41 | 02,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/09 13:51:46 | 00,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008/02/15 08:41:50 | 00,141,848 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxtray.exe
PRC - [2008/02/15 08:41:46 | 00,256,536 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.exe
PRC - [2008/02/15 08:41:44 | 00,133,656 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxpers.exe
PRC - [2008/02/15 08:41:34 | 00,166,424 | ---- | M] (Intel Corporation) -- C:\Windows\System32\hkcmd.exe
PRC - [2008/01/21 03:23:32 | 01,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/12/08 13:34:40 | 03,444,736 | ---- | M] (Dell Inc.) -- C:\Windows\System32\WLTRAY.EXE
PRC - [2007/12/08 13:34:40 | 00,024,064 | ---- | M] () -- C:\Windows\System32\WLTRYSVC.EXE
PRC - [2007/12/08 13:34:10 | 02,506,752 | ---- | M] (Dell Inc.) -- C:\Windows\System32\BCMWLTRY.EXE
PRC - [2007/10/25 13:31:20 | 00,167,936 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2007/06/06 16:44:44 | 00,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apntex.exe
PRC - [2007/05/22 14:18:56 | 00,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2007/05/09 16:01:00 | 00,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe
PRC - [2007/04/02 13:33:32 | 00,063,120 | ---- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\Topspeed\3.0\aoltpsd3.exe
PRC - [2006/10/23 13:50:35 | 00,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
PRC - [2006/09/08 15:10:22 | 00,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\HidFind.exe
PRC - [2006/05/22 05:00:00 | 00,139,264 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\spool\drivers\w32x86\3\E_FATIBKE.EXE


========== Modules (SafeList) ==========

MOD - [2010/01/28 21:01:55 | 00,548,864 | ---- | M] (OldTimer Tools) -- E:\Doc_Framboise\Downloads\OTL.exe
MOD - [2010/01/28 06:21:08 | 00,011,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
MOD - [2008/01/21 03:24:42 | 02,085,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msi.dll
MOD - [2008/01/21 03:24:15 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sfc_os.dll
MOD - [2008/01/21 03:23:44 | 01,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll
MOD - [2006/11/02 10:46:13 | 00,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sfc.dll
MOD - [2006/11/02 10:46:07 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msiltcfg.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/01/28 08:58:41 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2010/01/28 06:20:59 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\PROGRA~1\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2010/01/28 06:07:18 | 00,133,104 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1ca9fd7ca56b11b) Service Google Update (gupdate1ca9fd7ca56b11b)
SRV - [2008/12/19 12:19:28 | 00,137,200 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2008/01/21 03:23:32 | 00,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2007/12/08 13:34:40 | 00,024,064 | ---- | M] () [Auto | Running] -- C:\Windows\System32\WLTRYSVC.EXE -- (wltrysvc)
SRV - [2006/11/02 13:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\ehome\ehstart.dll -- (ehstart)
SRV - [2006/10/26 18:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006/10/26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/10/23 13:50:35 | 00,046,640 | R--- | M] (AOL LLC) [On_Demand | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)


========== Driver Services (SafeList) ==========

DRV - [2010/01/28 06:21:08 | 00,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/01/28 06:21:08 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/01/28 06:21:07 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/01/07 16:07:14 | 00,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2008/01/21 03:23:27 | 00,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/21 03:23:27 | 00,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/21 03:23:27 | 00,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/21 03:23:26 | 00,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/21 03:23:26 | 00,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/21 03:23:26 | 00,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/21 03:23:25 | 00,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/21 03:23:25 | 00,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/21 03:23:24 | 01,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/21 03:23:24 | 00,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008/01/21 03:23:24 | 00,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/21 03:23:23 | 00,654,336 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (winachsf)
DRV - [2008/01/21 03:23:23 | 00,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/21 03:23:23 | 00,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/21 03:23:23 | 00,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/21 03:23:23 | 00,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/21 03:23:23 | 00,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/21 03:23:23 | 00,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/21 03:23:22 | 00,987,648 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (HSF_DPV)
DRV - [2008/01/21 03:23:22 | 00,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/21 03:23:22 | 00,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2008/01/21 03:23:21 | 00,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/21 03:23:21 | 00,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/21 03:23:21 | 00,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/21 03:23:20 | 00,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/21 03:23:00 | 00,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/21 03:23:00 | 00,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/21 03:23:00 | 00,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2008/01/02 15:48:28 | 02,016,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2007/12/26 20:02:52 | 00,164,400 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/12/06 20:52:42 | 01,044,984 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX)
DRV - [2007/12/06 08:51:00 | 00,298,496 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2007/10/10 16:03:00 | 00,235,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev)
DRV - [2007/06/06 22:21:32 | 00,111,616 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV - [2007/03/21 21:02:04 | 00,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/03/05 09:45:04 | 00,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx)
DRV - [2007/02/24 13:42:22 | 00,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/01/23 15:40:20 | 00,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/29 23:24:57 | 00,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2006/11/02 10:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 10:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 10:50:19 | 00,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 10:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 10:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 10:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 10:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 10:50:05 | 00,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 10:50:03 | 00,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 10:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 10:49:56 | 00,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 09:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 09:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 09:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 09:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 09:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 09:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 08:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 07:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {f0e98552-8e47-4c6c-9b3a-11ab0549f94d} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL L.L.C.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.aol.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {6dfc55bb-bfff-485a-9709-90c3fdf6db58} - C:\Program Files\Wisdom-soft\tbWisd.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {f0e98552-8e47-4c6c-9b3a-11ab0549f94d} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL L.L.C.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2006/09/18 22:41:30 | 00,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AOL Toolbar Loader) - {3ef64538-8b54-4573-b48f-4d34b0238ab2} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL L.L.C.)
O2 - BHO: (Wisdom-soft toolbar) - {6dfc55bb-bfff-485a-9709-90c3fdf6db58} - C:\Program Files\Wisdom-soft\tbWisd.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (Wisdom-soft toolbar) - {6dfc55bb-bfff-485a-9709-90c3fdf6db58} - C:\Program Files\Wisdom-soft\tbWisd.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL L.L.C.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Wisdom-soft toolbar) - {6DFC55BB-BFFF-485A-9709-90C3FDF6DB58} - C:\Program Files\Wisdom-soft\tbWisd.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Windows\System32\WLTRAY.EXE (Dell Inc.)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1264689981\ee\AOLSoftware.exe (AOL LLC)
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [AOL Fast Start] C:\Program Files\AOL 9.5\AOL.EXE (AOL, LLC.)
O4 - HKCU..\Run: [EPSON Stylus DX7000F Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIBKE.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [SynapseUpdate] C:\Program Files\Synapse Développement\Synapse Update\Synapse Update.exe (Synapse Développement)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Framboise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ScreenHunter 5.1 Free.lnk = C:\Program Files\Wisdom-soft ScreenHunter 5 Free\ScreenHunter.exe (Wisdom Software Inc. )
O8 - Extra context menu item: &Point&&Go - C:\Program Files\Common Files\Expert System\PGPlatform\PGPlatform.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 66.94.25.120 66.94.9.120
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Dock.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Dock.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008/10/09 11:28:09 | 00,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{bd7ea5a6-95f3-11dd-91f2-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{bd7ea5a6-95f3-11dd-91f2-806e6f6e6963}\Shell\AutoRun\command - "" = X:\autoRcd.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/01/28 20:06:20 | 00,000,000 | ---D | C] -- C:\Users\Framboise\AppData\Roaming\Malwarebytes
[2010/01/28 20:06:15 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/01/28 20:06:14 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/01/28 20:06:14 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/01/28 20:06:14 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/01/28 15:47:23 | 00,054,832 | ---- | C] (AOL LLC) -- C:\Windows\System32\AOLParconLink.exe
[2010/01/28 15:47:13 | 00,000,000 | ---D | C] -- C:\Program Files\AOL Toolbar
[2010/01/28 15:47:08 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Software Update Utility
[2010/01/28 15:46:15 | 00,000,000 | ---D | C] -- C:\Program Files\AOL
[2010/01/28 15:46:04 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\aolshare
[2010/01/28 15:46:04 | 00,000,000 | ---D | C] -- C:\Program Files\AOL 9.5
[2010/01/28 15:46:04 | 00,000,000 | ---D | C] -- C:\ProgramData\AOL
[2010/01/28 15:46:04 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\aol
[2010/01/28 15:40:38 | 00,000,000 | ---D | C] -- C:\Users\Framboise\AppData\Local\AOL
[2010/01/28 15:39:07 | 00,000,000 | ---D | C] -- C:\Users\Framboise\AppData\Local\Wisdom-soft
[2010/01/28 15:05:28 | 00,000,000 | ---D | C] -- C:\ThumbsPlus
[2010/01/28 15:03:20 | 00,000,000 | ---D | C] -- C:\Program Files\Wisdom-soft
[2010/01/28 15:03:13 | 00,000,000 | ---D | C] -- C:\Program Files\Wisdom-soft ScreenHunter 5 Free
[2010/01/28 09:06:50 | 00,000,000 | ---D | C] -- C:\Users\Framboise\AppData\Local\AOL Toolbar
[2010/01/28 07:45:23 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010/01/28 07:37:07 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2010/01/28 07:37:07 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2010/01/28 07:25:05 | 00,622,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2010/01/28 07:25:05 | 00,105,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2010/01/28 07:25:05 | 00,097,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2010/01/28 07:25:05 | 00,043,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010/01/28 07:25:05 | 00,037,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2010/01/28 07:25:05 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2010/01/28 07:25:04 | 00,781,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2010/01/28 07:25:03 | 00,326,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010/01/28 07:19:35 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010/01/28 07:19:28 | 00,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2010/01/28 07:19:26 | 00,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2010/01/28 07:05:19 | 00,000,000 | R--D | C] -- C:\Users\Framboise\Pictures
[2010/01/28 06:58:15 | 00,000,000 | ---D | C] -- C:\Users\Framboise\Desktop\shortcut to organize
[2010/01/28 06:44:18 | 00,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2010/01/28 06:44:17 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2010/01/28 06:44:16 | 08,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010/01/28 06:44:16 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2010/01/28 06:44:16 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2010/01/28 06:43:52 | 00,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010/01/28 06:43:52 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010/01/28 06:43:52 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010/01/28 06:43:51 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2010/01/28 06:43:48 | 02,452,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2010/01/28 06:43:43 | 00,458,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/01/28 06:43:43 | 00,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/01/28 06:43:43 | 00,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2010/01/28 06:43:42 | 00,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2010/01/28 06:43:42 | 00,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/01/28 06:43:41 | 00,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/01/28 06:43:41 | 00,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010/01/28 06:43:41 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2010/01/28 06:43:41 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010/01/28 06:43:40 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/01/28 06:43:39 | 01,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/01/28 06:43:31 | 00,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2010/01/28 06:43:31 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2010/01/28 06:43:31 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2010/01/28 06:43:31 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2010/01/28 06:43:31 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2010/01/28 06:43:31 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2010/01/28 06:43:31 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2010/01/28 06:43:31 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TCPSVCS.EXE
[2010/01/28 06:43:31 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2010/01/28 06:43:03 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2010/01/28 06:43:02 | 00,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2010/01/28 06:43:02 | 00,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2010/01/28 06:42:56 | 01,256,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2010/01/28 06:42:52 | 02,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2010/01/28 06:42:52 | 02,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2010/01/28 06:42:48 | 03,546,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010/01/28 06:42:46 | 03,597,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010/01/28 06:42:38 | 00,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2010/01/28 06:42:38 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2010/01/28 06:42:32 | 00,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2010/01/28 06:42:23 | 00,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2010/01/28 06:42:23 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2010/01/28 06:42:21 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2010/01/28 06:42:19 | 00,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2010/01/28 06:42:19 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010/01/28 06:41:43 | 00,636,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
[2010/01/28 06:41:41 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010/01/28 06:41:35 | 00,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2010/01/28 06:41:35 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2010/01/28 06:41:35 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2010/01/28 06:41:35 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2010/01/28 06:41:35 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2010/01/28 06:41:35 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2010/01/28 06:41:35 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe
[2010/01/28 06:41:16 | 00,512,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010/01/28 06:41:11 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2010/01/28 06:41:11 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2010/01/28 06:40:59 | 02,035,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010/01/28 06:40:42 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2010/01/28 06:40:42 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2010/01/28 06:40:31 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010/01/28 06:40:28 | 04,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010/01/28 06:39:59 | 00,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll
[2010/01/28 06:39:59 | 00,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2010/01/28 06:39:56 | 00,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2010/01/28 06:39:54 | 00,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2010/01/28 06:30:53 | 00,000,000 | ---D | C] -- C:\Users\Framboise\AppData\Roaming\AOL
[2010/01/28 06:30:52 | 00,000,000 | ---D | C] -- C:\Users\Framboise\AppData\Roaming\Macromedia
[2010/01/28 06:30:50 | 00,000,000 | ---D | C] -- C:\ProgramData\Macromedia
[2010/01/28 06:29:24 | 00,000,000 | ---D | C] -- C:\ProgramData\Viewpoint
[2010/01/28 06:29:23 | 00,000,000 | ---D | C] -- C:\Program Files\Viewpoint
[2010/01/28 06:29:12 | 00,181,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010/01/28 06:29:04 | 00,000,000 | ---D | C] -- C:\ProgramData\AOL Toolbar
[2010/01/28 06:28:20 | 00,000,000 | ---D | C] -- C:\Users\Public\Documents\AOL Downloads
[2010/01/28 06:27:12 | 00,033,588 | ---- | C] (America Online, Inc.) -- C:\Windows\System32\drivers\wanatw4.sys
[2010/01/28 06:26:56 | 00,000,000 | ---D | C] -- C:\ProgramData\AOL OCP
[2010/01/28 06:25:11 | 00,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010/01/28 06:21:07 | 00,108,552 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010/01/28 06:19:09 | 00,000,000 | ---D | C] -- C:\ProgramData\AOL Downloads
[2010/01/28 06:11:58 | 00,000,000 | ---D | C] -- C:\Users\Framboise\AppData\Local\Deployment
[2010/01/28 06:11:58 | 00,000,000 | ---D | C] -- C:\Users\Framboise\AppData\Local\Apps
[2010/01/28 06:09:00 | 00,000,000 | ---D | C] -- C:\Users\Framboise\AppData\Roaming\skypePM
[2010/01/28 06:07:27 | 00,000,000 | ---D | C] -- C:\Users\Framboise\AppData\Roaming\Skype
[2010/01/28 06:06:06 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010/01/28 06:06:05 | 00,000,000 | R--D | C] -- C:\Program Files\Skype
[2010/01/28 06:05:59 | 00,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010/01/28 05:57:27 | 02,421,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2010/01/28 05:57:27 | 00,044,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2010/01/28 05:57:12 | 00,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2010/01/28 05:57:12 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2010/01/28 05:57:12 | 00,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2010/01/28 05:57:02 | 00,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2010/01/28 05:57:02 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2010/01/28 05:34:29 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Scanner
[2010/01/28 05:32:00 | 00,000,000 | ---D | C] -- C:\Users\Framboise\AppData\Local\Adobe
[2010/01/28 05:31:59 | 00,000,000 | ---D | C] -- C:\Users\Framboise\AppData\Roaming\Adobe
[2010/01/21 19:26:54 | 00,000,000 | ---D | C] -- E:\Doc_Framboise\France1ereserie
[2010/01/20 13:27:09 | 00,000,000 | ---D | C] -- E:\Doc_Framboise\FranceRennes2010
[2010/01/20 02:06:31 | 00,000,000 | ---D | C] -- E:\Doc_Framboise\M17277MikeB
[2010/01/18 19:12:35 | 00,000,000 | ---D | C] -- E:\Doc_Framboise\RocheYon
[2010/01/17 23:11:51 | 00,000,000 | ---D | C] -- E:\Doc_Framboise\ToC
[2010/01/16 12:05:17 | 00,000,000 | ---D | C] -- E:\Doc_Framboise\Article PSA
[2010/01/13 23:49:28 | 00,000,000 | ---D | C] -- E:\Doc_Framboise\image001
[2010/01/13 15:58:18 | 00,000,000 | ---D | C] -- E:\Doc_Framboise\Gravenchon
[2010/01/13 09:31:39 | 00,000,000 | ---D | C] -- E:\Doc_Framboise\Comfort Inn
[2010/01/06 16:54:11 | 00,000,000 | ---D | C] -- E:\Doc_Framboise\nimes
[2010/01/04 14:56:36 | 00,000,000 | ---D | C] -- E:\Doc_Framboise\Julia,JulieetMarc
[2010/01/04 09:15:30 | 00,000,000 | ---D | C] -- E:\Doc_Framboise\Lucas Buit
[2010/01/02 12:18:42 | 00,000,000 | ---D | C] -- E:\Doc_Framboise\BJO

========== Files - Modified Within 30 Days ==========

[2010/01/28 21:02:18 | 01,310,720 | -HS- | M] () -- C:\Users\Framboise\NTUSER.DAT
[2010/01/28 20:53:00 | 00,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/01/28 20:06:18 | 00,000,828 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/28 19:32:26 | 00,669,566 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2010/01/28 19:32:25 | 01,470,810 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/01/28 19:32:25 | 00,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/01/28 19:32:25 | 00,123,556 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2010/01/28 19:32:25 | 00,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/01/28 19:25:55 | 00,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/01/28 19:25:49 | 00,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/01/28 19:25:49 | 00,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/01/28 19:25:46 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/01/28 19:25:43 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/01/28 19:25:05 | 32,086,95808 | -HS- | M] () -- C:\hiberfil.sys
[2010/01/28 16:12:30 | 00,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/01/28 16:11:50 | 00,524,288 | -HS- | M] () -- C:\Users\Framboise\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/01/28 16:11:50 | 00,065,536 | -HS- | M] () -- C:\Users\Framboise\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/01/28 16:11:45 | 02,669,319 | -H-- | M] () -- C:\Users\Framboise\AppData\Local\IconCache.db
[2010/01/28 16:11:42 | 00,000,476 | ---- | M] () -- C:\Windows\win.ini
[2010/01/28 15:48:02 | 00,000,744 | ---- | M] () -- C:\Users\Public\Desktop\AOL 9.5.lnk
[2010/01/28 15:38:23 | 00,000,004 | ---- | M] () -- C:\Windows\msoffice.ini
[2010/01/28 15:05:40 | 00,000,542 | ---- | M] () -- C:\Users\Public\Desktop\ThumbsPlus 7.lnk
[2010/01/28 15:03:16 | 00,001,839 | ---- | M] () -- C:\Users\Framboise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ScreenHunter 5.1 Free.lnk
[2010/01/28 15:03:16 | 00,001,803 | ---- | M] () -- C:\Users\Framboise\Desktop\ScreenHunter 5.1 Free.lnk
[2010/01/28 14:45:12 | 54,749,051 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010/01/28 09:05:15 | 00,002,687 | ---- | M] () -- C:\Users\Framboise\Desktop\Microsoft Office Word 2007.lnk
[2010/01/28 08:41:02 | 00,304,104 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/01/28 06:21:08 | 00,492,629 | ---- | M] () -- C:\Windows\System32\drivers\Avg\miniavi.avg
[2010/01/28 06:21:08 | 00,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2010/01/28 06:21:08 | 00,142,495 | ---- | M] () -- C:\Windows\System32\drivers\Avg\microavi.avg
[2010/01/28 06:21:08 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2010/01/28 06:21:08 | 00,011,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2010/01/28 06:21:07 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010/01/28 06:19:09 | 00,000,335 | ---- | M] () -- C:\Windows\nsreg.dat
[2010/01/28 06:15:42 | 00,002,585 | ---- | M] () -- C:\Users\Framboise\Desktop\Microsoft Office FrontPage 2003.lnk
[2010/01/28 06:13:27 | 00,000,909 | ---- | M] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2010/01/28 06:12:31 | 00,001,981 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010/01/28 06:09:01 | 00,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010/01/28 06:06:06 | 00,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/01/27 19:32:50 | 00,024,064 | ---- | M] () -- E:\Doc_Framboise\Steve for meeting feb.doc
[2010/01/27 19:32:50 | 00,000,162 | -H-- | M] () -- E:\Doc_Framboise\~$eve for meeting feb.doc
[2010/01/21 14:33:56 | 00,869,157 | ---- | M] () -- E:\Doc_Framboise\AfficheSquash.jpg
[2010/01/20 02:33:31 | 01,336,335 | ---- | M] () -- E:\Doc_Framboise\france-jeune1317avril-2010.jpg
[2010/01/19 02:15:06 | 00,411,034 | ---- | M] () -- E:\Doc_Framboise\bonne année_3.jpg
[2010/01/14 11:12:06 | 00,181,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010/01/14 07:30:57 | 00,041,325 | ---- | M] () -- E:\Doc_Framboise\MondeIndividuelAmsterdam09(13).jpg
[2010/01/09 21:39:29 | 00,054,453 | ---- | M] () -- E:\Doc_Framboise\PrixNY.jpg
[2010/01/07 16:07:14 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/01/07 16:07:04 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/01/06 00:47:46 | 00,024,064 | ---- | M] () -- E:\Doc_Framboise\0020103320248 or 0020124505015.doc
[2010/01/05 15:50:30 | 00,040,985 | ---- | M] () -- E:\Doc_Framboise\ArticlepourFram.docx
[2010/01/03 10:39:23 | 00,024,576 | ---- | M] () -- E:\Doc_Framboise\Did you always fancy coaching.doc
[2010/01/03 10:16:05 | 00,022,114 | ---- | M] () -- E:\Doc_Framboise\Amazon.fr - Commande 402-1733172-5108334.pdf
[2010/01/02 01:29:29 | 00,480,781 | ---- | M] () -- E:\Doc_Framboise\PressreleaseThierryLINCOU2010.pdf

========== Files Created - No Company Name ==========

[2010/01/28 20:06:18 | 00,000,828 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/28 15:48:02 | 00,000,744 | ---- | C] () -- C:\Users\Public\Desktop\AOL 9.5.lnk
[2010/01/28 15:38:14 | 00,000,004 | ---- | C] () -- C:\Windows\msoffice.ini
[2010/01/28 15:05:40 | 00,000,542 | ---- | C] () -- C:\Users\Public\Desktop\ThumbsPlus 7.lnk
[2010/01/28 15:03:16 | 00,001,839 | ---- | C] () -- C:\Users\Framboise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ScreenHunter 5.1 Free.lnk
[2010/01/28 15:03:16 | 00,001,803 | ---- | C] () -- C:\Users\Framboise\Desktop\ScreenHunter 5.1 Free.lnk
[2010/01/28 06:48:28 | 00,001,054 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/01/28 06:48:19 | 00,001,050 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/01/28 06:43:04 | 02,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2010/01/28 06:19:09 | 00,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/01/28 06:13:27 | 00,000,909 | ---- | C] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2010/01/28 06:12:31 | 00,001,981 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010/01/28 06:09:01 | 00,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/01/28 06:06:06 | 00,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/01/27 19:32:50 | 00,000,162 | -H-- | C] () -- E:\Doc_Framboise\~$eve for meeting feb.doc
[2010/01/27 19:32:49 | 00,024,064 | ---- | C] () -- E:\Doc_Framboise\Steve for meeting feb.doc
[2010/01/21 14:32:57 | 00,869,157 | ---- | C] () -- E:\Doc_Framboise\AfficheSquash.jpg
[2010/01/20 02:32:14 | 01,336,335 | ---- | C] () -- E:\Doc_Framboise\france-jeune1317avril-2010.jpg
[2010/01/19 02:14:57 | 00,411,034 | ---- | C] () -- E:\Doc_Framboise\bonne année_3.jpg
[2010/01/14 07:30:56 | 00,041,325 | ---- | C] () -- E:\Doc_Framboise\MondeIndividuelAmsterdam09(13).jpg
[2010/01/09 21:39:27 | 00,054,453 | ---- | C] () -- E:\Doc_Framboise\PrixNY.jpg
[2010/01/06 00:47:46 | 00,024,064 | ---- | C] () -- E:\Doc_Framboise\0020103320248 or 0020124505015.doc
[2010/01/05 15:50:29 | 00,040,985 | ---- | C] () -- E:\Doc_Framboise\ArticlepourFram.docx
[2010/01/03 10:39:23 | 00,024,576 | ---- | C] () -- E:\Doc_Framboise\Did you always fancy coaching.doc
[2010/01/03 10:16:05 | 00,022,114 | ---- | C] () -- E:\Doc_Framboise\Amazon.fr - Commande 402-1733172-5108334.pdf
[2010/01/02 01:29:24 | 00,480,781 | ---- | C] () -- E:\Doc_Framboise\PressreleaseThierryLINCOU2010.pdf
[2008/11/27 09:44:15 | 00,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2008/11/27 09:37:53 | 00,000,025 | ---- | C] () -- C:\Windows\CDE DX7000FEFDG.ini
[2008/10/09 15:46:01 | 00,000,000 | ---- | C] () -- C:\Windows\PROTOCOL.INI
[2008/10/09 15:43:02 | 00,000,342 | ---- | C] () -- C:\Windows\CordialPro.INI
[2008/10/09 15:37:40 | 00,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/10/09 13:43:30 | 00,054,784 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2008/10/09 13:40:58 | 00,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2008/10/09 12:32:58 | 00,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2008/10/09 12:32:56 | 01,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2008/10/09 12:32:56 | 01,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2008/10/09 12:32:56 | 00,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2008/10/09 12:32:56 | 00,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2008/10/09 12:28:19 | 00,000,680 | ---- | C] () -- C:\Users\Framboise\AppData\Local\d3d9caps.dat
[2006/11/02 13:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 08:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/04/06 06:17:00 | 00,159,744 | ---- | C] () -- C:\Windows\System32\EPSPTDV.DLL
[2002/07/16 15:43:59 | 00,077,824 | ---- | C] () -- C:\Windows\System32\hookmod.dll
< End of report >

descriptionTrojan horse EmptyRe: Trojan horse

more_horiz
is that what you needed? Sorry, but, really blond.... :sad:

descriptionTrojan horse EmptyRe: Trojan horse

more_horiz
Hello.

  • Open HijackThis
  • Choose "Do a system scan only"
  • Check the boxes in front of these lines:


    O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
    O33 - MountPoints2\{bd7ea5a6-95f3-11dd-91f2-806e6f6e6963}\Shell - "" = AutoRun
    O33 - MountPoints2\{bd7ea5a6-95f3-11dd-91f2-806e6f6e6963}\Shell\AutoRun\command - "" = X:\autoRcd.exe -- File not found



  • Press "Fix Checked"
  • Close Hijack This.

Remove the Proxy setting in Internet Explorer and/or in FireFox.

    In Internet Explorer
  1. Tools Menu -> Internet Options -> Connections Tab ->Lan Settings > uncheck "use a proxy server" or reconfigure the Proxy server again in case you have set it previously.

    In Firefox
  1. Tools Menu -> Options... -> Advanced Tab -> Network Tab -> "Settings" under Connection > Choose "No Proxy"
  2. Click the apply button and restart that computer in normal mode.

Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.

descriptionTrojan horse EmptyRe: Trojan horse

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum