OTL logfile created on: 28/02/2013 14:41:58 - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Tevaite\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1015,17 Mb Total Physical Memory | 248,04 Mb Available Physical Memory | 24,43% Memory free
2,38 Gb Paging File | 1,69 Gb Available in Paging File | 70,98% Paging File free
Paging file location(s): C:\pagefile.sys 1522 1522 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 79,99 Gb Total Space | 20,33 Gb Free Space | 25,42% Space Free | Partition Type: NTFS
Drive D: | 61,20 Gb Total Space | 22,75 Gb Free Space | 37,17% Space Free | Partition Type: NTFS

Computer Name: ROGUE | User Name: Tevaite | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2013/02/26 09:40:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tevaite\Bureau\OTL.exe
PRC - [2013/02/20 20:01:52 | 000,170,912 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013/01/27 11:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/01/27 11:11:06 | 000,947,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/06/07 21:02:24 | 000,521,344 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Online Games Manager\ogmservice.exe
PRC - [2012/02/27 00:15:42 | 000,055,144 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2011/12/12 18:21:54 | 022,459,984 | ---- | M] (ooVoo LLC) -- C:\Program Files\ooVoo\ooVoo.exe
PRC - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/09/20 12:39:48 | 000,801,792 | ---- | M] (Yuna Software) -- C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
PRC - [2008/09/02 23:34:42 | 000,335,872 | ---- | M] (ELANTECH Devices Corp.) -- C:\Program Files\Elantech\ETDCTRL.EXE
PRC - [2008/09/02 08:32:00 | 000,593,920 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
PRC - [2008/09/02 08:28:14 | 000,106,496 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\ACPI\AsTray.exe
PRC - [2008/09/01 19:26:16 | 000,604,776 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008/08/22 05:18:44 | 000,204,800 | ---- | M] (ELANTECH Devices Corp.) -- C:\Program Files\Elantech\ETDDECT.EXE
PRC - [2008/05/20 13:56:24 | 000,094,208 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\ACPI\AsEPCMon.exe
PRC - [2008/04/14 02:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/03/25 01:34:46 | 001,167,360 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Sun\StarOffice 8\program\soffice.bin
PRC - [2008/03/25 01:34:46 | 001,015,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Sun\StarOffice 8\program\soffice.exe
PRC - [2007/01/04 07:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2013/01/10 01:56:43 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_82182c3e\mscorlib.dll
MOD - [2013/01/10 01:56:09 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_1392b134\system.xml.dll
MOD - [2013/01/10 01:55:54 | 003,035,136 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_9f2a8650\system.windows.forms.dll
MOD - [2013/01/10 01:55:23 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_fa793a24\system.dll
MOD - [2013/01/10 01:54:59 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2013/01/10 01:54:52 | 002,064,384 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2012/12/18 04:28:24 | 000,301,056 | ---- | M] () -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA
MOD - [2012/02/20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files\Fichiers communs\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files\Fichiers communs\Apple\Apple Application Support\libxml2.dll
MOD - [2011/08/07 15:54:16 | 000,004,096 | ---- | M] () -- C:\Program Files\Yuna Software\Messenger Plus!\Detour32.dll
MOD - [2011/04/11 14:58:21 | 000,390,656 | ---- | M] () -- C:\Program Files\Yuna Software\Messenger Plus!\lame_enc.dll
MOD - [2011/04/11 14:58:17 | 000,370,688 | ---- | M] () -- C:\Program Files\Yuna Software\Messenger Plus!\libsndfile.dll
MOD - [2008/09/01 19:25:26 | 002,854,912 | ---- | M] () -- C:\WINDOWS\system32\btwicons.dll
MOD - [2008/09/01 19:23:22 | 000,040,960 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2008/08/07 03:37:04 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2008/08/07 03:37:00 | 000,299,008 | ---- | M] () -- c:\windows\assembly\gac\microsoft.visualbasic\7.0.5000.0__b03f5f7f11d50a3a\microsoft.visualbasic.dll
MOD - [2008/04/14 02:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007/08/08 06:15:02 | 000,828,416 | ---- | M] () -- C:\Program Files\Sun\StarOffice 8\program\libxml2.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/02/20 20:01:52 | 000,170,912 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/01/27 11:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/06/07 21:02:24 | 000,521,344 | ---- | M] (RealNetworks, Inc.) [Auto | Running] -- C:\Program Files\Online Games Manager\ogmservice.exe -- (ogmservice)
SRV - [2012/02/27 00:15:42 | 000,055,144 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2011/10/21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/07/20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2007/01/04 07:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2008/08/19 10:16:36 | 000,991,656 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2008/08/19 10:16:28 | 000,047,272 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008/08/12 04:10:50 | 004,751,360 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2008/07/24 05:37:10 | 000,156,816 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2008/05/29 23:46:12 | 000,534,568 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2008/04/08 03:59:28 | 000,010,752 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASUSACPI.SYS -- (AsusACPI)
DRV - [2008/03/28 05:38:16 | 000,625,024 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt2860.sys -- (RT80x86)
DRV - [2008/03/11 07:37:00 | 000,036,864 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1e51x86.sys -- (L1e)
DRV - [2008/03/10 06:18:42 | 000,057,384 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2008/02/04 05:57:44 | 000,037,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2007/05/02 16:00:58 | 000,546,976 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.myplaycity.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1570391784-2246619108-2725059105-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKU\S-1-5-21-1570391784-2246619108-2725059105-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.fr
IE - HKU\S-1-5-21-1570391784-2246619108-2725059105-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.google.fr
IE - HKU\S-1-5-21-1570391784-2246619108-2725059105-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr
IE - HKU\S-1-5-21-1570391784-2246619108-2725059105-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
IE - HKU\S-1-5-21-1570391784-2246619108-2725059105-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = http://www.google.fr
IE - HKU\S-1-5-21-1570391784-2246619108-2725059105-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.fr
IE - HKU\S-1-5-21-1570391784-2246619108-2725059105-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKU\S-1-5-21-1570391784-2246619108-2725059105-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.google.fr
IE - HKU\S-1-5-21-1570391784-2246619108-2725059105-1006\..\SearchScopes,DefaultScope = {FB88C883-921E-4369-AE15-89216B091AE4}
IE - HKU\S-1-5-21-1570391784-2246619108-2725059105-1006\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1570391784-2246619108-2725059105-1006\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1570391784-2246619108-2725059105-1006\..\SearchScopes\{FB88C883-921E-4369-AE15-89216B091AE4}: "URL" = http://www.google.com/search?hl=en&q={searchTerms}
IE - HKU\S-1-5-21-1570391784-2246619108-2725059105-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1570391784-2246619108-2725059105-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..Keyword.Enabled: "true"
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: "MyPlayCity"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://home.myplaycity.com/"
FF - prefs.js..extensions.enabledAddons: newtaburl@sogame.cat:2.2.3
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..keyword.URL: "http://home.myplaycity.com/results.php?category=web&s="
FF - prefs.js..network.proxy.ftp: "proxy.etudiant.upf.pf"
FF - prefs.js..network.proxy.ftp_port: 8080
FF - prefs.js..network.proxy.gopher: "proxy.etudiant.upf.pf"
FF - prefs.js..network.proxy.gopher_port: 8080
FF - prefs.js..network.proxy.http: "proxy.etudiant.upf.pf"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.socks: "proxy.etudiant.upf.pf"
FF - prefs.js..network.proxy.socks_port: 8080
FF - prefs.js..network.proxy.socks_version: 4
FF - prefs.js..network.proxy.ssl: "proxy.etudiant.upf.pf"
FF - prefs.js..network.proxy.ssl_port: 8080
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\Tevaite\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/04/16 10:10:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/02/22 10:09:01 | 000,000,000 | ---D | M]

[2013/02/23 16:13:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tevaite\Application Data\Mozilla\Extensions
[2013/02/21 11:48:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tevaite\Application Data\Mozilla\Firefox\Profiles\qol4hv9m.default\extensions
[2010/10/23 11:50:24 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Tevaite\Application Data\Mozilla\Firefox\Profiles\qol4hv9m.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/02/13 14:19:55 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Tevaite\Application Data\Mozilla\Firefox\Profiles\qol4hv9m.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/10/25 07:34:54 | 000,001,999 | ---- | M] () -- C:\Documents and Settings\Tevaite\Application Data\Mozilla\Firefox\Profiles\qol4hv9m.default\searchplugins\myplaycity.xml
[2013/02/28 09:56:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/02/03 08:32:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/10/26 10:25:27 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2011/10/26 10:25:27 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2011/10/26 10:25:27 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2011/10/26 10:25:27 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2011/10/26 10:25:27 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2013/02/27 08:51:55 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCTRL.EXE (ELANTECH Devices Corp.)
O4 - HKLM..\Run: [ETDWareDetect] C:\Program Files\Elantech\ETDDECT.EXE (ELANTECH Devices Corp.)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PlusService] C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre7\bin\jusched.exe" File not found
O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] C:\Program Files\Fichiers communs\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [DWQueuedReporting] C:\Program Files\Fichiers communs\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-1570391784-2246619108-2725059105-1006..\Run: [Facebook Update] "C:\Documents and Settings\Tevaite\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver File not found
O4 - HKU\S-1-5-21-1570391784-2246619108-2725059105-1006..\Run: [lan] C:\Documents and Settings\Tevaite\chat-land\Chat-Landmessenger.jar ()
O4 - HKU\S-1-5-21-1570391784-2246619108-2725059105-1006..\Run: [ooVoo.exe] C:\Program Files\ooVoo\oovoo.exe (ooVoo LLC)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\BTTray.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\Tevaite\Menu Démarrer\Programmes\Démarrage\StarOffice 8.lnk = C:\Program Files\Sun\StarOffice 8\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1570391784-2246619108-2725059105-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Envoyer à Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab (Java Plug-in 1.7.0_15)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} http://game.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)
O16 - DPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab (Java Plug-in 1.7.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab (Java Plug-in 1.7.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0F5C36EB-016A-4FEB-8E3C-0BC03B97C0BD}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/08/07 02:27:43 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2013/01/12 08:58:00 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2013/01/12 08:58:00 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^SuperHybridEngine.lnk - C:\Program Files\Asus\EeePC\Super Hybrid Engine\SuperHybridEngine.exe - (ASUSTeK Computer Inc.)
MsConfig - StartUpReg: [b]MsnMsgr[/b] - hkey= - key= - C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe (Microsoft Corporation)
MsConfig - StartUpReg: [b]Skype[/b] - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2013/02/27 09:44:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tevaite\chat-land
[2013/02/27 08:48:40 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/02/23 11:33:42 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Tevaite\Bureau\OTL.exe
[2013/02/21 12:12:17 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\337
[2013/02/21 12:09:50 | 000,773,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr100.dll
[2013/02/21 12:09:50 | 000,420,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp100.dll
[2013/02/21 06:10:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tevaite\Local Settings\Application Data\Sun
[2013/02/20 20:02:29 | 000,861,088 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2013/02/20 20:02:29 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013/02/20 20:02:18 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013/02/20 20:02:18 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013/02/20 20:02:18 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013/02/15 12:33:33 | 000,622,696 | ---- | C] (SoftStud) -- C:\Documents and Settings\Tevaite\v9.exe
[2013/02/12 22:46:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\GameHouse
[2008/08/07 03:55:15 | 015,523,560 | ---- | C] (Macrovision Corporation) -- C:\Program Files\U1 Setup.exe
[1 C:\Documents and Settings\Tevaite\*.tmp files -> C:\Documents and Settings\Tevaite\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2013/02/28 14:04:18 | 000,002,575 | ---- | M] () -- C:\Documents and Settings\Tevaite\Bureau\Microsoft Office Word 2007.lnk
[2013/02/28 13:51:40 | 000,000,400 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2013/02/28 13:41:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/02/28 09:43:00 | 000,001,174 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1570391784-2246619108-2725059105-1006UA.job
[2013/02/28 09:25:02 | 000,000,436 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{2CAF18E2-FE08-4DE6-88D2-6AE26F61C33F}.job
[2013/02/27 18:42:00 | 000,001,152 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1570391784-2246619108-2725059105-1006Core.job
[2013/02/27 13:06:30 | 000,139,264 | ---- | M] () -- C:\Documents and Settings\Tevaite\Bureau\SystemLook.exe
[2013/02/27 08:51:55 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2013/02/27 07:46:06 | 000,071,168 | ---- | M] () -- C:\Documents and Settings\Tevaite\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/02/26 09:51:51 | 000,000,946 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[2013/02/26 09:48:55 | 000,000,983 | ---- | M] () -- C:\Documents and Settings\Tevaite\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk
[2013/02/26 09:48:55 | 000,000,964 | ---- | M] () -- C:\Documents and Settings\Tevaite\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/02/26 09:40:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tevaite\Bureau\OTL.exe
[2013/02/26 09:39:38 | 000,594,019 | ---- | M] () -- C:\Documents and Settings\Tevaite\Bureau\adwcleaner.exe
[2013/02/25 09:12:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/02/23 16:13:53 | 000,000,082 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2013/02/23 03:03:17 | 000,001,912 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2013/02/22 09:47:15 | 000,773,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr100.dll
[2013/02/22 09:47:15 | 000,420,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp100.dll
[2013/02/20 20:01:58 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013/02/20 20:01:49 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013/02/20 20:01:48 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013/02/20 20:01:48 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013/02/20 20:01:47 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013/02/20 20:01:46 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2013/02/20 20:01:45 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2013/02/19 20:30:32 | 000,832,512 | ---- | M] () -- C:\GTB.cab
[2013/02/19 09:54:42 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/02/15 14:40:03 | 000,298,848 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/02/15 12:34:50 | 000,471,330 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2013/02/15 12:34:50 | 000,442,522 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/02/15 12:34:50 | 000,085,972 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2013/02/15 12:34:50 | 000,072,266 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/02/15 12:34:04 | 000,622,696 | ---- | M] (SoftStud) -- C:\Documents and Settings\Tevaite\v9.exe
[2013/02/15 12:34:04 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Tevaite\tmp1.37
[2013/01/30 00:53:21 | 000,232,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[1 C:\Documents and Settings\Tevaite\*.tmp files -> C:\Documents and Settings\Tevaite\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2013/02/27 13:06:22 | 000,139,264 | ---- | C] () -- C:\Documents and Settings\Tevaite\Bureau\SystemLook.exe
[2013/02/26 09:38:52 | 000,594,019 | ---- | C] () -- C:\Documents and Settings\Tevaite\Bureau\adwcleaner.exe
[2013/02/23 16:13:53 | 000,000,082 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2013/02/23 03:12:46 | 000,000,400 | -H-- | C] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2013/02/15 23:45:39 | 000,832,512 | ---- | C] () -- C:\GTB.cab
[2013/02/15 12:34:04 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Tevaite\tmp1.37
[2012/04/06 11:43:25 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Tevaite\tmp1.36
[2012/02/15 08:32:57 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/12 21:55:23 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/04/26 10:03:43 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Tevaite\tmp1.12
[2011/04/17 09:57:17 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Tevaite\tmp1.10
[2010/10/11 13:49:23 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat
[2010/10/11 12:03:04 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Tevaite\tmp1.7
[2010/09/30 16:10:39 | 000,071,168 | ---- | C] () -- C:\Documents and Settings\Tevaite\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/30 01:36:27 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\Tevaite\Local Settings\Application Data\fusioncache.dat

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2008/08/07 03:35:06 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2010/06/24 02:10:49 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 00:53:55 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 02:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2008/04/14 02:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\explorer.exe
[2008/04/14 02:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\system32\dllcache\explorer.exe

[color=#A23BEC]< MD5 for: SERVICES.EXE >[/color]
[2008/04/14 02:00:00 | 000,109,056 | ---- | M] (Microsoft Corporation) MD5=54CB50058851D95E56EC70D09F70857F -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2009/02/09 01:16:53 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=62789101F9C2401ED598AA2CDE7450C0 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009/02/09 01:23:48 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=C3FB1D70CB88722267949694BA51759E -- C:\WINDOWS\system32\dllcache\services.exe
[2009/02/09 01:23:48 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=C3FB1D70CB88722267949694BA51759E -- C:\WINDOWS\system32\services.exe

[color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color]
[2008/04/14 02:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=E4BDF223CD75478BF44567B4D5C2634D -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008/04/14 02:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=E4BDF223CD75478BF44567B4D5C2634D -- C:\WINDOWS\system32\svchost.exe

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2008/04/14 02:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008/04/14 02:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\system32\userinit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2008/04/14 02:00:00 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008/04/14 02:00:00 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\winlogon.exe

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]
[2012/03/16 17:38:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010/09/30 03:17:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/10/18 12:11:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2010/10/18 12:16:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2012/09/29 13:05:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Big Fish Games
[2012/09/29 13:05:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BigFishGamesCache
[2012/06/23 22:19:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2012/05/18 15:34:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DivX
[2012/10/30 23:39:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fugazo
[2013/02/12 22:46:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameHouse
[2012/09/03 11:14:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\JollyBear
[2010/10/11 12:37:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
[2013/02/25 14:07:59 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2013/02/15 13:02:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2012/09/27 21:23:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2011/02/03 08:32:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2012/09/27 23:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/10/03 13:05:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2008/08/28 22:09:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WLInstaller
[2012/06/03 12:01:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom
[2010/10/18 12:17:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]
[2009/02/04 13:56:14 | 000,075,112 | ---- | M] (GEAR Software, Inc.) -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\DifXInstall32.exe
[2012/12/02 21:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.4\11045\AcrobatUpdater.exe
[2012/12/02 21:35:28 | 000,946,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.4\11045\AdobeARM.exe
[2012/12/02 21:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.4\11045\AdobeARMHelper.exe
[2012/12/02 21:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.4\11045\ReaderUpdater.exe
[2012/01/03 07:44:25 | 000,342,984 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Setup\{AC76BA86-7AD7-1036-7B44-AA1000000001}\setup.exe
[2012/04/16 09:29:08 | 000,073,584 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 10.6.1.7\SetupAdmin.exe
[2012/09/29 13:06:37 | 001,313,797 | ---- | M] (Big Fish Games) -- C:\Documents and Settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5064T1L4\setup_gF5064T1L4_d1875620039_l4_s5.exe
[2011/08/18 18:31:14 | 015,548,856 | ---- | M] (Big Fish Games) -- C:\Documents and Settings\All Users\Application Data\BigFishGamesCache\Upgrade\clientinstaller\mystic-diary-le-frere-perdu_s5_l4_gF5064T1L4_d1875620039.exe
[2012/07/27 12:40:40 | 000,168,568 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\BigFishGamesCache\Upgrade\stub\mystic-diary-le-frere-perdu_s5_l4_gF5064T1L4_d1875620039.exe
[2012/09/29 13:04:38 | 015,608,136 | ---- | M] (Big Fish Games) -- C:\Documents and Settings\All Users\Application Data\BigFishGamesCache\Upgrade\Unpack\mystic-diary-le-frere-perdu_s5_l4_gF5064T1L4_d1875620039.exe
[2013/02/19 20:15:53 | 000,081,408 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{6A466E24-B911-0FE7-D7A9-1FDEFF74D9EC}-0.8426797560962537.exe

[color=#A23BEC]< %APPDATA%\*. >[/color]
[2012/03/14 08:52:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tevaite\Application Data\Adobe
[2012/04/29 14:59:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tevaite\Application Data\Apple Computer
[2012/04/12 09:33:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tevaite\Application Data\Blender Foundation
[2012/03/14 20:16:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tevaite\Application Data\DivX
[2010/10/12 18:25:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tevaite\Application Data\ElevatedDiagnostics
[2012/09/07 00:21:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tevaite\Application Data\Enki Games
[2012/05/08 13:08:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tevaite\Application Data\FFP
[2010/10/18 10:57:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tevaite\Application Data\FreeFLVConverter
[2008/08/07 02:31:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tevaite\Application Data\Identities
[2008/08/07 03:19:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tevaite\Application Data\InstallShield
[2010/10/21 12:32:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tevaite\Application Data\InterVideo
[2010/10/03 18:24:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tevaite\Application Data\Macromedia
[2010/10/02 00:33:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tevaite\Application Data\Media Player Classic
[2013/01/13 14:48:12 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Tevaite\Application Data\Microsoft
[2010/09/30 03:34:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tevaite\Application Data\Mozilla
[2011/12/17 21:16:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tevaite\Application Data\ooVoo Details
[2012/01/06 04:24:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tevaite\Application Data\PhotoFiltre
[2012/09/27 21:47:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tevaite\Application Data\Skype
[2011/12/18 20:33:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tevaite\Application Data\skypePM
[2013/02/28 13:43:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tevaite\Application Data\StarOffice8
[2008/08/07 03:59:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tevaite\Application Data\Sun
[2010/10/01 12:37:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tevaite\Application Data\Uniblue
[2010/10/02 22:47:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tevaite\Application Data\vlc
[2012/10/25 13:22:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tevaite\Application Data\WinRAR

[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
[2010/09/30 16:44:22 | 000,086,576 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Tevaite\Application Data\Microsoft\Services Windows Live\Raccourci Galerie de Photos Windows Live.exe
[2010/09/30 16:44:22 | 000,132,672 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Tevaite\Application Data\Microsoft\Services Windows Live\Raccourci Windows Live Messenger.exe

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< %systemroot%\Tasks\*.* /s >[/color]
[2013/02/25 09:12:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2008/04/14 02:00:00 | 000,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2013/02/27 18:42:00 | 000,001,152 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1570391784-2246619108-2725059105-1006Core.job
[2013/02/28 09:43:00 | 000,001,174 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1570391784-2246619108-2725059105-1006UA.job
[2013/02/28 13:51:40 | 000,000,400 | -H-- | M] () -- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
[2013/02/28 13:41:37 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2013/02/28 09:25:02 | 000,000,436 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{2CAF18E2-FE08-4DE6-88D2-6AE26F61C33F}.job

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]

[color=#A23BEC]< >[/color]

< End of report >