ERR [3456] 2011/10/09 23:16:27
advertisement
ERR [3456] 2011/10/09 23:16:27: SDKController::CheckEngineState -> Engine not loaded
ERR [0476] 2011/10/09 23:16:29: SDKController::GetLatestSuccessfulScanReportHeader ->
Not in idle state
ERR [0476] 2011/10/09 23:16:29: SDKController::GetLatestSuccessfulScanReportHeader ->
Not in idle state
ERR [0476] 2011/10/09 23:16:29: SDKController::GetLatestSuccessfulScanReportHeader ->
Not in idle state
ERR [0476] 2011/10/09 23:16:29: SDKController::GetLatestSuccessfulScanReportHeader ->
Not in idle state
ERR [0476] 2011/10/09 23:16:29: SDKController::GetLatestSuccessfulScanReportHeader ->
Not in idle state
ERR [0476] 2011/10/09 23:16:29: SDKController::GetLatestSuccessfulScanReportHeader ->
Not in idle state
ERR [0476] 2011/10/09 23:16:29: SDKController::GetLatestSuccessfulScanReportHeader ->
Not in idle state
ERR [0476] 2011/10/09 23:16:29: SDKController::GetLatestSuccessfulScanReportHeader ->
Not in idle state
ERR [0476] 2011/10/09 23:16:29: SDKController::GetLatestSuccessfulScanReportHeader ->
Not in idle state
MSG [0476] 2011/10/09 23:21:30: Configure new scan with profile: smart
MSG [0476] 2011/10/09 23:21:30: -> scanning critical objects
MSG [0476] 2011/10/09 23:21:30: -> scanning running processes
MSG [0476] 2011/10/09 23:21:30: -> scanning registry
MSG [0476] 2011/10/09 23:21:30: -> scanning lsp
MSG [0476] 2011/10/09 23:21:30: -> scanning browser hijacks
MSG [0476] 2011/10/09 23:21:30: -> scanning cookies
MSG [0476] 2011/10/09 23:21:30: -> neutralizing rootkits
MSG [0476] 2011/10/09 23:21:30: -> use mild rootkit detection
MSG [0476] 2011/10/09 23:21:30: -> use spyware heuristics
MSG [0476] 2011/10/09 23:21:30: -> use medium heuristics
MSG [0476] 2011/10/09 23:21:30: -> scan only executables
MSG [0476] 2011/10/09 23:21:30: -> file size limit = 20480 kB (0 = unlimited)
MSG [0476] 2011/10/09 23:21:30: -> validating system critical files
ERR [0476] 2011/10/09 23:21:30: SDKController::GetDefinitonsFileVersion -> Not in idle
state
ERR [0476] 2011/10/09 23:21:30: SDKController::GetLatestSuccessfulScanReportHeader ->
Not in idle state
ERR [0476] 2011/10/09 23:21:30: SDKController::GetLatestSuccessfulScanReportHeader ->
Not in idle state
ERR [0476] 2011/10/09 23:21:30: SDKController::GetLatestSuccessfulScanReportHeader ->
Not in idle state
ERR [0476] 2011/10/09 23:21:31: SDKController::GetInfectionList -> Not in found
infections state
MSG [6020] 2011/10/09 23:32:09: Scan was completed in 639 seconds
MSG [6020] 2011/10/09 23:32:09: Objects processed: 37473, infections detected: 0
MSG [0476] 2011/10/09 23:32:14: Dumping scan report:
>>> Logfile created: 09/10/2011 23:21:30
>>> Ad-Aware version: 9.5.1
>>> Extended engine: 3
>>> Extended engine version: 3.1.2770
>>> User performing scan: amer
>>>
>>> *********************** Definitions database information
***********************
>>> Lavasoft definition file: 150.590
>>> Genotype definition file version: 2011/09/21 13:56:01
>>> Extended engine definition file: 10715.0
>>>
>>> ******************************** Scan results:
*********************************
>>> Scan profile name: Analyse intelligente (ID: smart)
>>> Objects scanned: 37473
>>> Objects detected: 0
>>>
>>>
>>> Type
Detected
>>> ==========================
>>> Processes.......:
0
>>> Registry entries:
0
>>> Hostfile entries:
0
>>> Files...........:
0
>>> Folders.........:
0
>>> LSPs............:
0
>>> Cookies.........:
0
>>> Browser hijacks.:
0
>>> MRU objects.....:
0
>>>
>>>
>>>
>>> Scan and cleaning complete: Finished correctly after 639 seconds
>>>
>>> *********************************** Settings
***********************************
>>>
>>> Scan profile:
>>> ID: smart, enabled:1, value: Analyse intelligente
>>> ID: folderstoscan, enabled:1, value:
>>> ID: useantivirus, enabled:1, value: true
>>> ID: sections, enabled:1
>>> ID: scancriticalareas, enabled:1, value: true
>>> ID: scanrunningapps, enabled:1, value: true
>>> ID: scanregistry, enabled:1, value: true
>>> ID: scanlsp, enabled:1, value: true
>>> ID: scanads, enabled:1, value: false
>>> ID: scanhostsfile, enabled:1, value: false
>>> ID: scanmru, enabled:1, value: false
>>> ID: scanbrowserhijacks, enabled:1, value: true
>>> ID: scantrackingcookies, enabled:1, value: true
>>>
ID: closebrowsers, enabled:1, value: false
>>> ID: filescanningoptions, enabled:1
>>> ID: archives, enabled:1, value: false
>>> ID: onlyexecutables, enabled:1, value: true
>>> ID: skiplargerthan, enabled:1, value: 20480
>>> ID: scanrootkits, enabled:1, value: true
>>>
ID: rootkitlevel, enabled:1, value: mild, domain: medium,mild,strict
>>> ID: usespywareheuristics, enabled:1, value: true
>>>
>>> Scan global:
>>> ID: global, enabled:1
>>> ID: addtocontextmenu, enabled:1, value: true
>>> ID: playsoundoninfection, enabled:1, value: false
>>> ID: soundfile, enabled:0, value: N/A
>>>
>>> Scheduled scan settings:
>>> <Empty>
>>>
>>> Update settings:
>>> ID: updates, enabled:1
>>> ID: launchthreatworksafterscan, enabled:1, value: silently, domain: normal,off,silently
>>> ID: deffiles, enabled:1, value: downloadandinstall, domain:
dontcheck,downloadandinstall
>>> ID: licenseandinfo, enabled:1, value: downloadandinstall, domain:
dontcheck,downloadandinstall
>>> ID: schedules, enabled:1, value: true
>>> ID: updatedaily1, enabled:1, value: Daily 1
>>>
ID: time, enabled:1, value: Wed Aug 31 13:07:00 2011
>>>
ID: frequency, enabled:1, value: daily, domain:
daily,monthly,once,systemstart,weekly
>>>
ID: weekdays, enabled:1
>>>
ID: monday, enabled:1, value: false
>>>
ID: tuesday, enabled:1, value: false
>>>
ID: wednesday, enabled:1, value: false
>>>
ID: thursday, enabled:1, value: false
>>>
ID: friday, enabled:1, value: false
>>>
ID: saturday, enabled:1, value: false
>>>
ID: sunday, enabled:1, value: false
>>>
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
>>>
ID: scanprofile, enabled:1, value:
>>>
ID: auto_deal_with_infections, enabled:1, value: false
>>> ID: updatedaily2, enabled:1, value: Daily 2
>>>
ID: time, enabled:1, value: Wed Aug 31 19:07:00 2011
>>>
ID: frequency, enabled:1, value: daily, domain:
daily,monthly,once,systemstart,weekly
>>>
ID: weekdays, enabled:1
>>>
ID: monday, enabled:1, value: false
>>>
ID: tuesday, enabled:1, value: false
>>>
ID: wednesday, enabled:1, value: false
>>>
ID: thursday, enabled:1, value: false
>>>
ID: friday, enabled:1, value: false
>>>
ID: saturday, enabled:1, value: false
>>>
ID: sunday, enabled:1, value: false
>>>
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
>>>
ID: scanprofile, enabled:1, value:
>>>
ID: auto_deal_with_infections, enabled:1, value: false
>>> ID: updatedaily3, enabled:1, value: Daily 3
>>>
ID: time, enabled:1, value: Wed Aug 31 01:07:00 2011
>>>
ID: frequency, enabled:1, value: daily, domain:
daily,monthly,once,systemstart,weekly
>>>
ID: weekdays, enabled:1
>>>
ID: monday, enabled:1, value: false
>>>
ID: tuesday, enabled:1, value: false
>>>
ID: wednesday, enabled:1, value: false
>>>
ID: thursday, enabled:1, value: false
>>>
ID: friday, enabled:1, value: false
>>>
ID: saturday, enabled:1, value: false
>>>
ID: sunday, enabled:1, value: false
>>>
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
>>>
ID: scanprofile, enabled:1, value:
>>>
ID: auto_deal_with_infections, enabled:1, value: false
>>> ID: updatedaily4, enabled:1, value: Daily 4
>>>
ID: time, enabled:1, value: Wed Aug 31 07:07:00 2011
>>>
ID: frequency, enabled:1, value: daily, domain:
daily,monthly,once,systemstart,weekly
>>>
ID: weekdays, enabled:1
>>>
ID: monday, enabled:1, value: false
>>>
ID: tuesday, enabled:1, value: false
>>>
ID: wednesday, enabled:1, value: false
>>>
ID: thursday, enabled:1, value: false
>>>
ID: friday, enabled:1, value: false
>>>
ID: saturday, enabled:1, value: false
>>>
ID: sunday, enabled:1, value: false
>>>
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
>>>
ID: scanprofile, enabled:1, value:
>>>
ID: auto_deal_with_infections, enabled:1, value: false
>>> ID: updateweekly1, enabled:1, value: Weekly
>>>
ID: time, enabled:1, value: Wed Aug 31 13:07:00 2011
>>>
ID: frequency, enabled:1, value: weekly, domain:
daily,monthly,once,systemstart,weekly
>>>
ID: weekdays, enabled:1
>>>
ID: monday, enabled:1, value: false
>>>
ID: tuesday, enabled:1, value: false
>>>
ID: wednesday, enabled:1, value: true
>>>
ID: thursday, enabled:1, value: false
>>>
ID: friday, enabled:1, value: false
>>>
ID: saturday, enabled:1, value: true
>>>
ID: sunday, enabled:1, value: false
>>>
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
>>>
ID: scanprofile, enabled:1, value:
>>>
ID: auto_deal_with_infections, enabled:1, value: false
>>>
>>> Appearance settings:
>>> ID: appearance, enabled:1
>>> ID: skin, enabled:1, value: default.egl, reglocation:
HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Resource
>>> ID: showtrayicon, enabled:1, value: true
>>> ID: autoentertainmentmode, enabled:1, value: true
>>> ID: guimode, enabled:1, value: mode_simple, domain: mode_advanced,mode_simple
>>> ID: language, enabled:1, value: fr, reglocation:
HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Language
>>>
>>> Realtime protection settings:
>>> ID: realtime, enabled:1
>>> ID: infomessages, enabled:1, value: onlyimportant, domain:
display,dontnotify,onlyimportant
>>> ID: layers, enabled:1
>>> ID: useantivirus, enabled:1, value: true
>>> ID: usespywareheuristics, enabled:1, value: true
>>> ID: maintainbackup, enabled:1, value: true
>>> ID: modules, enabled:1
>>> ID: processprotection, enabled:1, value: true
>>> ID: onaccessprotection, enabled:1, value: true
>>> ID: registryprotection, enabled:1, value: true
>>> ID: networkprotection, enabled:1, value: true
>>>
>>>
>>> ****************************** System information
******************************
>>> Computer name: 00010101010100
>>> Processor name: Intel(R) Core(TM)2 Duo CPU T7250 @ 2.00GHz
>>> Processor identifier: x86 Family 6 Model 15 Stepping 13
>>> Processor speed: ~1995MHZ
>>> Raw info: processorarchitecture 0, processortype 586, processorlevel 6, processor
revision 3853, number of processors 2, processor features: [MMX,SSE,SSE2]
>>> Physical memory available: 392368128 bytes
>>> Physical memory total: 2145759232 bytes
>>> Virtual memory available: 1883738112 bytes
>>> Virtual memory total: 2147352576 bytes
>>> Memory load: 81%
>>> Microsoft Windows XP Professional Service Pack 3 (build 2600)
>>> Windows startup mode:
>>>
>>> Running processes:
>>> PID: 616 name: \SystemRoot\System32\smss.exe owner: SYSTEM domain: AUTORITE
NT
>>> PID: 1092 name: C:\WINDOWS\system32\csrss.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 1132 name: C:\WINDOWS\system32\winlogon.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 1188 name: C:\WINDOWS\system32\services.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 1200 name: C:\WINDOWS\system32\lsass.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 1396 name: C:\WINDOWS\system32\Ati2evxx.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 1416 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 1516 name: C:\WINDOWS\system32\svchost.exe owner: SERVICE RÉSEAU
domain: AUTORITE NT
>>> PID: 716 name: C:\WINDOWS\System32\svchost.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 656 name: C:\Program Files\Intel\WiFi\bin\S24EvMon.exe owner: SYSTEM
domain: AUTORITE NT
>>> PID: 776 name: C:\WINDOWS\system32\svchost.exe owner: SERVICE RÉSEAU
domain: AUTORITE NT
>>> PID: 1756 name: C:\WINDOWS\system32\ZoneLabs\vsmon.exe owner: <UNKNOWN>
domain: <UNKNOWN>
>>> PID: 1972 name: C:\WINDOWS\system32\Ati2evxx.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 448 name: C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe owner:
<UNKNOWN> domain: <UNKNOWN>
>>> PID: 564 name: C:\WINDOWS\system32\spoolsv.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 1100 name: C:\WINDOWS\system32\wbem\unsecapp.exe owner: SYSTEM
domain: AUTORITE NT
>>> PID: 1708 name: C:\WINDOWS\system32\wbem\wmiprvse.exe owner: SYSTEM
domain: AUTORITE NT
>>> PID: 2524 name: C:\Program Files\CheckPoint\ZAForceField\ForceField.exe owner:
<UNKNOWN> domain: <UNKNOWN>
>>> PID: 3768 name: C:\Program Files\Fichiers communs\Apple\Mobile Device
Support\AppleMobileDeviceService.exe owner: SYSTEM domain: AUTORITE NT
>>> PID: 3816 name: C:\Program Files\AVG\AVG10\avgwdsvc.exe owner: SYSTEM
domain: AUTORITE NT
>>> PID: 2140 name: C:\Program Files\Bonjour\mDNSResponder.exe owner: SYSTEM
domain: AUTORITE NT
>>> PID: 3388 name: C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
owner: SYSTEM domain: AUTORITE NT
>>> PID: 3028 name: C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe owner: amer
domain: 00010101010100
>>> PID: 3040 name: C:\WINDOWS\System32\svchost.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 3048 name: C:\Program Files\Intel\Intel(R) Rapid Storage
Technology\IAStorIcon.exe owner: amer domain: 00010101010100
>>> PID: 3140 name: C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe owner: amer domain:
00010101010100
>>> PID: 2616 name: C:\Program Files\Fichiers
communs\Intel\WirelessCommon\iFrmewrk.exe owner: amer domain: 00010101010100
>>> PID: 3288 name: C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe owner:
<UNKNOWN> domain: <UNKNOWN>
>>> PID: 3300 name: C:\Program Files\Intel\WiFi\bin\EvtEng.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 4040 name: C:\Program Files\AVG\AVG10\avgtray.exe owner: amer domain:
00010101010100
>>> PID: 688 name: C:\WINDOWS\system32\hasplms.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 1080 name: C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe owner:
amer domain: 00010101010100
>>> PID: 1832 name: C:\Program Files\AVG\AVG10\avgnsx.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 1932 name: C:\Program Files\PC Tools Security\BDT\FGuard.exe owner: amer
domain: 00010101010100
>>> PID: 2068 name: C:\WINDOWS\system32\ctfmon.exe owner: amer domain:
00010101010100
>>> PID: 1692 name: C:\Program Files\Spybot - Search & Destroy2\TeaTimer.exe owner:
amer domain: 00010101010100
>>> PID: 4080 name: C:\Program Files\Intel\Intel(R) Rapid Storage
Technology\IAStorDataMgrSvc.exe owner: SYSTEM domain: AUTORITE NT
>>> PID: 2564 name: C:\WINDOWS\system32\wbem\unsecapp.exe owner: amer domain:
00010101010100
>>> PID: 3540 name: C:\Program Files\Ralink\Common\RaUI.exe owner: amer domain:
00010101010100
>>> PID: 3576 name: C:\Program Files\Fichiers communs\InstallShield
Shared\Service\InstallShield Licensing Service.exe owner: SYSTEM domain: AUTORITE
NT
>>> PID: 2372 name: C:\Program Files\Java\jre6\bin\jqs.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 1292 name: C:\Program Files\AVG\AVG10\Identity
Protection\agent\bin\avgidsmonitor.exe owner: amer domain: 00010101010100
>>> PID: 2504 name: C:\Program Files\adobs\msats.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 2312 name: C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
owner: SYSTEM domain: AUTORITE NT
>>> PID: 340 name: C:\Program Files\Ralink\Common\RaRegistry.exe owner: SYSTEM
domain: AUTORITE NT
>>> PID: 2684 name: C:\Program Files\Fichiers
communs\Intel\WirelessCommon\RegSrvc.exe owner: SYSTEM domain: AUTORITE NT
>>> PID: 3788 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 2088 name: C:\Documents and Settings\All Users\Application
Data\UltraVNC\winvnc.exe owner: SYSTEM domain: AUTORITE NT
>>> PID: 832 name: C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
owner: SYSTEM domain: AUTORITE NT
>>> PID: 2980 name: C:\Program Files\Common Files\VMware\USB\vmwareusbarbitrator.exe owner: SYSTEM domain: AUTORITE NT
>>> PID: 4856 name: C:\WINDOWS\system32\vmnat.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 5460 name: C:\WINDOWS\system32\vmnetdhcp.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 4320 name: C:\Program Files\AVG\AVG10\Identity
Protection\Agent\Bin\AVGIDSAgent.exe owner: SYSTEM domain: AUTORITE NT
>>> PID: 4568 name: C:\Documents and Settings\All Users\Application
Data\UltraVNC\winvnc.exe owner: SYSTEM domain: AUTORITE NT
>>> PID: 5400 name: C:\WINDOWS\system32\svchost.exe owner: SERVICE LOCAL
domain: AUTORITE NT
>>> PID: 5576 name: C:\WINDOWS\System32\alg.exe owner: SERVICE LOCAL domain:
AUTORITE NT
>>> PID: 4264 name: C:\Program Files\AVG\AVG10\avgrsx.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 5868 name: C:\Program Files\AVG\AVG10\avgcsrvx.exe owner: SYSTEM
domain: AUTORITE NT
>>> PID: 2584 name: C:\Program Files\AVG\AVG10\avgchsvx.exe owner: SYSTEM
domain: AUTORITE NT
>>> PID: 2928 name: C:\Program Files\Mozilla Firefox\firefox.exe owner: <UNKNOWN>
domain: <UNKNOWN>
>>> PID: 4964 name: C:\Program Files\Mozilla Firefox\plugin-container.exe owner: amer
domain: 00010101010100
>>> PID: 1584 name: C:\Program Files\Mozilla Firefox\plugin-container.exe owner: amer
domain: 00010101010100
>>> PID: 5924 name: C:\WINDOWS\explorer.exe owner: amer domain: 00010101010100
>>> PID: 352 name: C:\Program Files\Mozilla Firefox\plugin-container.exe owner: amer
domain: 00010101010100
>>> PID: 5952 name: C:\Program Files\Mozilla Firefox\plugin-container.exe owner: amer
domain: 00010101010100
>>> PID: 3872 name: C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe owner:
SYSTEM domain: AUTORITE NT
>>> PID: 3952 name: C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe owner: amer
domain: 00010101010100
>>> PID: 4384 name: C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe owner: amer
domain: 00010101010100
>>>
>>> Startup items:
>>> Name: Config
>>>
imagepath: %systemroot%\system32\run.cmd
>>> Name: nlsf
>>>
imagepath: cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll"
"%SystemRoot%\System32\syssetup.dll"
>>> Name: tscuninstall
>>>
imagepath: %systemroot%\system32\tscupgrd.exe
>>> Name: SMSERIAL
>>>
imagepath: C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
>>> Name: IAStorIcon
>>>
imagepath: C:\Program Files\Intel\Intel(R) Rapid Storage
Technology\IAStorIcon.exe
>>> Name: AppleSyncNotifier
>>>
imagepath: C:\Program Files\Fichiers communs\Apple\Mobile Device
Support\AppleSyncNotifier.exe
>>> Name: IntelZeroConfig
>>>
imagepath: "C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"
>>> Name: IntelWireless
>>>
imagepath: "C:\Program Files\Fichiers
communs\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
>>> Name: ZoneAlarm Client
>>>
imagepath: "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
>>> Name: ISW
>>>
imagepath: "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe"
/icon="hidden"
>>> Name: BrMfcWnd
>>>
imagepath: C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
>>> Name: ControlCenter3
>>>
imagepath: C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
>>> Name: Adobe Reader Speed Launcher
>>>
imagepath: "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
>>> Name: Adobe ARM
>>>
imagepath: "C:\Program Files\Fichiers
communs\Adobe\ARM\1.0\AdobeARM.exe"
>>> Name: DivXUpdate
>>>
imagepath: "C:\Program Files\DivX\DivX Update\DivXUpdate.exe"
/CHECKNOW
>>> Name: LifeCam
>>>
imagepath: "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
>>> Name: QuickTime Task
>>>
imagepath: "C:\Program Files\QuickTime\QTTask.exe" -atboottime
>>> Name: AVG_TRAY
>>>
imagepath: C:\Program Files\AVG\AVG10\avgtray.exe
>>> Name: PostBootReminder
>>>
imagepath: {7849596a-48ea-486e-8937-a2a3009f31a9}
>>> Name: CDBurn
>>>
imagepath: {fbeb8a05-beee-4442-804e-409d6c4515e9}
>>> Name: WebCheck
>>>
imagepath: {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
>>> Name: SysTray
>>>
imagepath: {35CEC8A3-2BE6-11D2-8773-92E220524153}
>>> Name: WPDShServiceObj
>>>
imagepath: {AAA288BA-9A4C-45B0-95D7-94D524869DB5}
>>> Name: {438755C2-A8BA-11D1-B96B-00A0C90312E1}
>>>
imagepath: Pré-chargeur Browseui
>>> Name: {8C7461EF-2B13-11d2-BE35-3078302C2030}
>>>
imagepath: Démon de cache des catégories de composant
>>> Name:
>>>
imagepath: C:\Documents and Settings\All Users\Menu
Démarrer\Programmes\Démarrage\desktop.ini
>>> Name:
>>>
location: C:\Documents and Settings\All Users\Menu
Démarrer\Programmes\Démarrage\Microsoft Office.lnk
>>>
imagepath: C:\Program Files\Microsoft Office\Office10\OSA.EXE
>>> Name:
>>>
location: C:\Documents and Settings\All Users\Menu
Démarrer\Programmes\Démarrage\PalTalk.lnk
>>>
imagepath: C:\Program Files\Paltalk Messenger\paltalk.exe
>>> Name:
>>>
location: C:\Documents and Settings\All Users\Menu
Démarrer\Programmes\Démarrage\Ralink Wireless Utility.lnk
>>>
imagepath: C:\Program Files\Ralink\Common\RaUI.exe
>>> Name:
>>>
imagepath: C:\Documents and Settings\amer\Menu
Démarrer\Programmes\Démarrage\desktop.ini
>>> Name:
>>>
location: C:\Documents and Settings\amer\Menu
Démarrer\Programmes\Démarrage\MagicDisc.lnk
>>>
imagepath: C:\Program Files\MagicDisc\MagicDisc.exe
>>>
>>> Bootexecute items:
>>> Name:
>>>
imagepath: autocheck autochk *
>>> Name:
>>>
imagepath: C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync
>>> Name:
>>>
imagepath: C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart
>>> Name:
>>>
imagepath: lsdelete
>>>
>>> Running services:
>>> Name: ALG
>>>
displayname: Service de la passerelle de la couche Application
>>> Name: Apple Mobile Device
>>>
displayname: Apple Mobile Device
>>> Name: Ati HotKey Poller
>>>
displayname: Ati HotKey Poller
>>> Name: AudioSrv
>>>
displayname: Audio Windows
>>> Name: AVGIDSAgent
>>>
displayname: AVGIDSAgent
>>> Name: avgwd
>>>
displayname: AVG WatchDog
>>> Name: BITS
>>>
displayname: Service de transfert intelligent en arrière-plan
>>> Name: Bonjour Service
>>>
displayname: Service Bonjour
>>> Name: Browser
>>>
displayname: Explorateur d'ordinateur
>>> Name: Browser Defender Update Service
>>>
displayname: Browser Defender Update Service
>>> Name: CryptSvc
>>>
displayname: CryptSvc
>>> Name: DcomLaunch
>>>
displayname: Lanceur de processus serveur DCOM
>>> Name: Dhcp
>>>
displayname: Client DHCP
>>> Name: Dnscache
>>>
displayname: Client DNS
>>> Name: EapHost
>>>
displayname: Service Protocole EAP (Extensible Authentication Protocol)
>>> Name: ERSvc
>>>
displayname: Service de rapport d'erreurs
>>> Name: Eventlog
>>>
displayname: Journal des événements
>>> Name: EventSystem
>>>
displayname: Système d'événements de COM+
>>> Name: EvtEng
>>>
displayname: Intel(R) PROSet/Wireless Event Log
>>> Name: FastUserSwitchingCompatibility
>>>
displayname: Compatibilité avec le Changement rapide d'utilisateur
>>> Name: hasplms
>>>
displayname: HASP License Manager
>>> Name: helpsvc
>>>
displayname: Aide et support
>>> Name: IAStorDataMgrSvc
>>>
displayname: Intel(R) Rapid Storage Technology
>>> Name: InstallShield Licensing Service
>>>
displayname: InstallShield Licensing Service
>>> Name: IswSvc
>>>
displayname: ZoneAlarm Toolbar IswSvc
>>> Name: JavaQuickStarterService
>>>
displayname: Java Quick Starter
>>> Name: lanmanserver
>>>
displayname: Serveur
>>> Name: lanmanworkstation
>>>
displayname: Station de travail
>>> Name: Lavasoft Ad-Aware Service
>>>
displayname: Lavasoft Ad-Aware Service
>>> Name: Log Events
>>>
displayname: Log Events
>>> Name: MBAMService
>>>
displayname: MBAMService
>>> Name: Netman
>>>
displayname: Connexions réseau
>>> Name: Nla
>>>
displayname: NLA (Network Location Awareness)
>>> Name: NWCWorkstation
>>>
displayname: Service client pour NetWare
>>> Name: PlugPlay
>>>
displayname: Plug-and-Play
>>> Name: ProtectedStorage
>>>
displayname: Emplacement protégé
>>> Name: RalinkRegistryWriter
>>>
displayname: Ralink Registry Writer
>>> Name: RasMan
>>>
displayname: Gestionnaire de connexions d'accès distant
>>> Name: RegSrvc
>>>
displayname: Intel(R) PROSet/Wireless Registry Service
>>> Name: RpcSs
>>>
displayname: Appel de procédure distante (RPC)
>>> Name: S24EventMonitor
>>>
displayname: Intel(R) PROSet/Wireless WiFi Service
>>> Name: SamSs
>>>
displayname: Gestionnaire de comptes de sécurité
>>> Name: Schedule
>>>
displayname: Planificateur de tâches
>>> Name: seclogon
>>>
displayname: Secondary Logon
>>> Name: SENS
>>>
displayname: Notification d'événement système
>>> Name: SharedAccess
>>>
displayname: Pare-feu Windows / Partage de connexion Internet
>>> Name: ShellHWDetection
>>>
displayname: Détection matériel noyau
>>> Name: Spooler
>>>
displayname: Spouleur d'impression
>>> Name: srservice
>>>
displayname: Service de restauration système
>>> Name: SSDPSRV
>>>
displayname: Service de découvertes SSDP
>>> Name: stisvc
>>>
displayname: Acquisition d'image Windows (WIA)
>>> Name: TapiSrv
>>>
displayname: Téléphonie
>>> Name: TermService
>>>
displayname: Services Terminal Server
>>> Name: Themes
>>>
displayname: Thèmes
>>> Name: uvnc_service
>>>
displayname: UltraVNC Server
>>> Name: VMAuthdService
>>>
displayname: VMware Authorization Service
>>> Name: VMnetDHCP
>>>
displayname: VMware DHCP Service
>>> Name: VMUSBArbService
>>>
displayname: VMware USB Arbitration Service
>>> Name: VMware NAT Service
>>>
displayname: VMware NAT Service
>>> Name: vsmon
>>>
displayname: TrueVector Internet Monitor
>>> Name: W32Time
>>>
displayname: Horloge Windows
>>> Name: winmgmt
>>>
displayname: Infrastructure de gestion Windows
>>> Name: wscsvc
>>>
displayname: Centre de sécurité
>>> Name: wuauserv
>>>
displayname: Mises à jour automatiques
>>>
>>>
ERR [0476] 2011/10/09 23:32:15: SDKController::GetInfectionList -> Not in found
infections state
MSG [0476] 2011/10/09 23:57:23: Configure new scan with profile: full
MSG [0476] 2011/10/09 23:57:23: -> scanning critical objects
MSG [0476] 2011/10/09 23:57:23: -> scanning running processes
MSG [0476] 2011/10/09 23:57:23: -> scanning registry
MSG [0476] 2011/10/09 23:57:23: -> scanning lsp
MSG [0476] 2011/10/09 23:57:23: -> scanning ads
MSG [0476] 2011/10/09 23:57:23: -> scanning hosts file
MSG [0476] 2011/10/09 23:57:23: -> scanning mru objects
MSG [0476] 2011/10/09 23:57:23: -> scanning browser hijacks
MSG [0476] 2011/10/09 23:57:23: -> scanning cookies
MSG [0476] 2011/10/09 23:57:23: -> neutralizing rootkits
MSG [0476] 2011/10/09 23:57:23: -> use mild rootkit detection
MSG [0476] 2011/10/09 23:57:23: -> use spyware heuristics
MSG [0476] 2011/10/09 23:57:23: -> use medium heuristics
MSG [0476] 2011/10/09 23:57:23: -> scan archives
MSG [0476] 2011/10/09 23:57:23: -> file size limit = 20480 kB (0 = unlimited)
MSG [0476] 2011/10/09 23:57:23: -> validating system critical files
MSG [0476] 2011/10/09 23:57:23: -> scan file/path = C:\
MSG [0476] 2011/10/09 23:57:23: -> scan file/path = E:\
ERR [0476] 2011/10/09 23:57:23: SDKController::GetDefinitonsFileVersion -> Not in idle
state
ERR [0476] 2011/10/09 23:57:23: SDKController::GetLatestSuccessfulScanReportHeader ->
Not in idle state
ERR [0476] 2011/10/09 23:57:23: SDKController::GetLatestSuccessfulScanReportHeader ->
Not in idle state
ERR [0476] 2011/10/09 23:57:23: SDKController::GetLatestSuccessfulScanReportHeader ->
Not in idle state
ERR [0476] 2011/10/09 23:57:23: SDKController::GetInfectionList -> Not in found
infections state
MSG [3760] 2011/10/10 04:08:12: Scan was completed in 15049 seconds
MSG [3760] 2011/10/10 04:08:12: Objects processed: 257076, infections detected: 33
MSG [2716] 2011/10/10 04:08:15: Remediating 33 infections
MSG [2716] 2011/10/10 04:08:21: Infections quarantined: 0, removed: 0, repaired: 0
MSG [2716] 2011/10/10 04:08:21: Infections ignored by remediation: 33 (0 whitelisted, 33
skipped).
MSG [0476] 2011/10/10 04:08:25: Dumping scan report:
>>> Logfile created: 09/10/2011 23:57:23
>>> Ad-Aware version: 9.5.1
>>> Extended engine: 3
>>> Extended engine version: 3.1.2770
>>> User performing scan: amer
>>>
>>> *********************** Definitions database information
***********************
>>> Lavasoft definition file: 150.590
>>> Genotype definition file version: 2011/09/21 13:56:01
>>> Extended engine definition file: 10715.0
>>>
>>> ******************************** Scan results:
*********************************
>>> Scan profile name: Analyse complète (ID: full)
>>> Objects scanned: 257076
>>> Objects detected: 33
>>>
>>>
>>> Type
Detected
>>> ==========================
>>> Processes.......:
0
>>> Registry entries:
17
>>> Hostfile entries:
0
>>> Files...........:
16
>>> Folders.........:
0
>>> LSPs............:
0
>>> Cookies.........:
0
>>> Browser hijacks.:
0
>>> MRU objects.....:
0
>>>
>>>
>>>
>>> Skipped items:
>>> Description: c:\system volume information\_restore{b1ad646f-1f5b-4128-80e0e12d3742d49c}\rp386\a0278917.exe Family Name: Hotbar Engine: 3 Clean status: Success
Item ID: 1 Family ID: 0 MD5: 65a4251686267873188a197264df64a0
>>> Description: c:\system volume information\_restore{b1ad646f-1f5b-4128-80e0e12d3742d49c}\rp391\a0284613.dll Family Name: Win32.PUP.Bandoo[800] Engine: 1 Clean
status: Success Item ID: 0 Family ID: 0 MD5: d33ebb9ad2ef0e99fb1aef40dc9a281a
>>> Description: c:\system volume information\_restore{b1ad646f-1f5b-4128-80e0e12d3742d49c}\rp391\a0284614.dll Family Name: Win32.PUP.Bandoo[800] Engine: 1 Clean
status: Success Item ID: 0 Family ID: 0 MD5: 535ecda75f845d3d7607b6631dd07df7
>>> Description: c:\system volume information\_restore{b1ad646f-1f5b-4128-80e0e12d3742d49c}\rp391\a0284612.exe Family Name: Win32.PUP.Bandoo[800] Engine: 1
Clean status: Success Item ID: 0 Family ID: 0 MD5: c5e3d9d13f7d68f3d93890a2aeb97e1b
>>> Description: c:\system volume information\_restore{b1ad646f-1f5b-4128-80e0e12d3742d49c}\rp391\a0284615.dll Family Name: Win32.PUP.Bandoo[800] Engine: 1 Clean
status: Success Item ID: 0 Family ID: 0 MD5: 17f7547a6808b758cb4a455ede24deba
>>> Description: c:\system volume information\_restore{b1ad646f-1f5b-4128-80e0e12d3742d49c}\rp391\a0284620.exe Family Name: Win32.PUP.Bandoo[800] Engine: 1
Clean status: Success Item ID: 0 Family ID: 0 MD5: 59a137f44f95d95c1e2092ac58333860
>>> Description: c:\system volume information\_restore{b1ad646f-1f5b-4128-80e0e12d3742d49c}\rp391\a0284622.dll Family Name: Win32.PUP.Bandoo[800] Engine: 1 Clean
status: Success Item ID: 0 Family ID: 0 MD5: 747430885dd10c8f69bc4bdd34853bc0
>>> Description: c:\system volume information\_restore{b1ad646f-1f5b-4128-80e0e12d3742d49c}\rp391\a0284623.exe Family Name: Win32.PUP.Bandoo[800] Engine: 1
Clean status: Success Item ID: 0 Family ID: 0 MD5: fbd76ee2c589307b78742e5e3be18a47
>>> Description: c:\system volume information\_restore{b1ad646f-1f5b-4128-80e0e12d3742d49c}\rp391\a0284625.dll Family Name: Win32.PUP.Bandoo[800] Engine: 1 Clean
status: Success Item ID: 0 Family ID: 0 MD5: 56484bc3c1221de645a12d90ae337428
>>> Description: c:\system volume information\_restore{b1ad646f-1f5b-4128-80e0e12d3742d49c}\rp391\a0284624.exe Family Name: Win32.PUP.Bandoo[800] Engine: 1
Clean status: Success Item ID: 0 Family ID: 0 MD5: a47c4d76470d3ad9b14c69469d3de793
>>> Description: c:\system volume information\_restore{b1ad646f-1f5b-4128-80e0e12d3742d49c}\rp391\a0284626.dll Family Name: Win32.PUP.Bandoo[800] Engine: 1 Clean
status: Success Item ID: 0 Family ID: 0 MD5: a7c8e3a8f60e85feeb679832755b60f7
>>> Description: c:\system volume information\_restore{b1ad646f-1f5b-4128-80e0e12d3742d49c}\rp391\a0284627.exe Family Name: Win32.PUP.Bandoo[800] Engine: 1
Clean status: Success Item ID: 0 Family ID: 0 MD5: b56a3cba0c05ac6c4907a2e937162494
>>> Description: c:\system volume information\_restore{b1ad646f-1f5b-4128-80e0e12d3742d49c}\rp391\a0284632.dll Family Name: Win32.PUP.Bandoo[800] Engine: 1 Clean
status: Success Item ID: 0 Family ID: 0 MD5: 7687e3c97c7493c7d9c9fa14ad59a255
>>> Description: c:\system volume information\_restore{b1ad646f-1f5b-4128-80e0e12d3742d49c}\rp391\a0284633.dll Family Name: Win32.PUP.Bandoo[800] Engine: 1 Clean
status: Success Item ID: 0 Family ID: 0 MD5: b3fc6760c794b8da9da0f2abcc9c4425
>>> Description: c:\system volume information\_restore{b1ad646f-1f5b-4128-80e0e12d3742d49c}\rp391\a0284634.dll Family Name: Win32.PUP.Bandoo[800] Engine: 1 Clean
status: Success Item ID: 0 Family ID: 0 MD5: 2af17b9821cea4ad0f93948e538aa47a
>>> Description: c:\system volume information\_restore{b1ad646f-1f5b-4128-80e0e12d3742d49c}\rp392\a0285102.exe Family Name: Win32.PUP.Bandoo[800] Engine: 1
Clean status: Success Item ID: 0 Family ID: 0 MD5: 7179a8b649d1f9af243b65ce0899fe91
>>> Description: HKLM:SOFTWARE\Classes\AppID\BandooCore.EXE: Family Name:
Win32.PUP.Bandoo Engine: 1 Clean status: Success Item ID: 5367023 Family ID: 5366997
>>> Description: HKCR:AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}: Family
Name: Win32.PUP.Bandoo Engine: 1 Clean status: Success Item ID: 5367024 Family ID:
5366997
>>> Description: HKCR:AppID\BandooCore.EXE: Family Name: Win32.PUP.Bandoo
Engine: 1 Clean status: Success Item ID: 5367030 Family ID: 5366997
>>> Description: HKCR:BandooCore.BandooCore: Family Name: Win32.PUP.Bandoo
Engine: 1 Clean status: Success Item ID: 5367041 Family ID: 5366997
>>> Description: HKCR:BandooCore.BandooCore.1: Family Name: Win32.PUP.Bandoo
Engine: 1 Clean status: Success Item ID: 5367042 Family ID: 5366997
>>> Description: HKCR:BandooCore.ResourcesMngr: Family Name: Win32.PUP.Bandoo
Engine: 1 Clean status: Success Item ID: 5367043 Family ID: 5366997
>>> Description: HKCR:BandooCore.ResourcesMngr.1: Family Name: Win32.PUP.Bandoo
Engine: 1 Clean status: Success Item ID: 5367044 Family ID: 5366997
>>> Description: HKCR:BandooCore.SettingsMngr: Family Name: Win32.PUP.Bandoo
Engine: 1 Clean status: Success Item ID: 5367045 Family ID: 5366997
>>> Description: HKCR:BandooCore.SettingsMngr.1: Family Name: Win32.PUP.Bandoo
Engine: 1 Clean status: Success Item ID: 5367046 Family ID: 5366997
>>> Description: HKCR:BandooCore.StatisticMngr: Family Name: Win32.PUP.Bandoo
Engine: 1 Clean status: Success Item ID: 5367047 Family ID: 5366997
>>> Description: HKCR:BandooCore.StatisticMngr.1: Family Name: Win32.PUP.Bandoo
Engine: 1 Clean status: Success Item ID: 5367048 Family ID: 5366997
>>> Description: HKCR:CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}: Family
Name: Win32.PUP.Bandoo Engine: 1 Clean status: Success Item ID: 5367054 Family ID:
5366997
>>> Description: HKCR:CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}: Family
Name: Win32.PUP.Bandoo Engine: 1 Clean status: Success Item ID: 5367059 Family ID:
5366997
>>> Description: HKCR:CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}: Family
Name: Win32.PUP.Bandoo Engine: 1 Clean status: Success Item ID: 5367060 Family ID:
5366997
>>> Description: HKCR:CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}:
Family Name: Win32.PUP.Bandoo Engine: 1 Clean status: Success Item ID: 5367061 Family
ID: 5366997
>>> Description: HKCR:Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}: Family
Name: Win32.PUP.Bandoo Engine: 1 Clean status: Success Item ID: 5367069 Family ID:
5366997
>>> Description: HKCR:TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}:
Family Name: Win32.PUP.Bandoo Engine: 1 Clean status: Success Item ID: 5367073 Family
ID: 5366997
>>>
>>> Scan and cleaning complete: Finished correctly after 15049 seconds
>>>
>>> *********************************** Settings
***********************************
>>>
>>> Scan profile:
>>> ID: full, enabled:1, value: Analyse complète
>>> ID: folderstoscan, enabled:1, value: C:\,E:\
>>> ID: useantivirus, enabled:1, value: true
>>> ID: sections, enabled:1
>>> ID: scancriticalareas, enabled:1, value: true
>>> ID: scanrunningapps, enabled:1, value: true
>>> ID: scanregistry, enabled:1, value: true
>>> ID: scanlsp, enabled:1, value: true
>>> ID: scanads, enabled:1, value: true
>>> ID: scanhostsfile, enabled:1, value: true
>>> ID: scanmru, enabled:1, value: true
>>> ID: scanbrowserhijacks, enabled:1, value: true
>>> ID: scantrackingcookies, enabled:1, value: true
>>>
ID: closebrowsers, enabled:1, value: false
>>> ID: filescanningoptions, enabled:1
>>> ID: archives, enabled:1, value: true
>>> ID: onlyexecutables, enabled:1, value: false
>>> ID: skiplargerthan, enabled:1, value: 20480
>>> ID: scanrootkits, enabled:1, value: true
>>>
ID: rootkitlevel, enabled:1, value: mild, domain: medium,mild,strict
>>> ID: usespywareheuristics, enabled:1, value: true
>>>
>>> Scan global:
>>> ID: global, enabled:1
>>> ID: addtocontextmenu, enabled:1, value: true
>>> ID: playsoundoninfection, enabled:1, value: false
>>> ID: soundfile, enabled:0, value: N/A
>>>
>>> Scheduled scan settings:
>>> <Empty>
>>>
>>> Update settings:
>>> ID: updates, enabled:1
>>> ID: launchthreatworksafterscan, enabled:1, value: silently, domain: normal,off,silently
>>> ID: deffiles, enabled:1, value: downloadandinstall, domain:
dontcheck,downloadandinstall
>>> ID: licenseandinfo, enabled:1, value: downloadandinstall, domain:
dontcheck,downloadandinstall
>>> ID: schedules, enabled:1, value: true
>>> ID: updatedaily1, enabled:1, value: Daily 1
>>>
ID: time, enabled:1, value: Wed Aug 31 13:07:00 2011
>>>
ID: frequency, enabled:1, value: daily, domain:
daily,monthly,once,systemstart,weekly
>>>
ID: weekdays, enabled:1
>>>
ID: monday, enabled:1, value: false
>>>
ID: tuesday, enabled:1, value: false
>>>
ID: wednesday, enabled:1, value: false
>>>
ID: thursday, enabled:1, value: false
>>>
ID: friday, enabled:1, value: false
>>>
ID: saturday, enabled:1, value: false
>>>
ID: sunday, enabled:1, value: false
>>>
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
>>>
ID: scanprofile, enabled:1, value:
>>>
ID: auto_deal_with_infections, enabled:1, value: false
>>> ID: updatedaily2, enabled:1, value: Daily 2
>>>
ID: time, enabled:1, value: Wed Aug 31 19:07:00 2011
>>>
ID: frequency, enabled:1, value: daily, domain:
daily,monthly,once,systemstart,weekly
>>>
ID: weekdays, enabled:1
>>>
ID: monday, enabled:1, value: false
>>>
ID: tuesday, enabled:1, value: false
>>>
ID: wednesday, enabled:1, value: false
>>>
ID: thursday, enabled:1, value: false
>>>
ID: friday, enabled:1, value: false
>>>
ID: saturday, enabled:1, value: false
>>>
ID: sunday, enabled:1, value: false
>>>
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
>>>
ID: scanprofile, enabled:1, value:
>>>
ID: auto_deal_with_infections, enabled:1, value: false
>>> ID: updatedaily3, enabled:1, value: Daily 3
>>>
ID: time, enabled:1, value: Wed Aug 31 01:07:00 2011
>>>
ID: frequency, enabled:1, value: daily, domain:
daily,monthly,once,systemstart,weekly
>>>
ID: weekdays, enabled:1
>>>
ID: monday, enabled:1, value: false
>>>
ID: tuesday, enabled:1, value: false
>>>
ID: wednesday, enabled:1, value: false
>>>
ID: thursday, enabled:1, value: false
>>>
ID: friday, enabled:1, value: false
>>>
ID: saturday, enabled:1, value: false
>>>
ID: sunday, enabled:1, value: false
>>>
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
>>>
ID: scanprofile, enabled:1, value:
>>>
ID: auto_deal_with_infections, enabled:1, value: false
>>> ID: updatedaily4, enabled:1, value: Daily 4
>>>
ID: time, enabled:1, value: Wed Aug 31 07:07:00 2011
>>>
ID: frequency, enabled:1, value: daily, domain:
daily,monthly,once,systemstart,weekly
>>>
ID: weekdays, enabled:1
>>>
ID: monday, enabled:1, value: false
>>>
ID: tuesday, enabled:1, value: false
>>>
ID: wednesday, enabled:1, value: false
>>>
ID: thursday, enabled:1, value: false
>>>
ID: friday, enabled:1, value: false
>>>
ID: saturday, enabled:1, value: false
>>>
ID: sunday, enabled:1, value: false
>>>
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
>>>
ID: scanprofile, enabled:1, value:
>>>
ID: auto_deal_with_infections, enabled:1, value: false
>>> ID: updateweekly1, enabled:1, value: Weekly
>>>
ID: time, enabled:1, value: Wed Aug 31 13:07:00 2011
>>>
ID: frequency, enabled:1, value: weekly, domain:
daily,monthly,once,systemstart,weekly
>>>
ID: weekdays, enabled:1
>>>
ID: monday, enabled:1, value: false
>>>
ID: tuesday, enabled:1, value: false
>>>
ID: wednesday, enabled:1, value: true
>>>
ID: thursday, enabled:1, value: false
>>>
ID: friday, enabled:1, value: false
>>>
ID: saturday, enabled:1, value: true
>>>
ID: sunday, enabled:1, value: false
>>>
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
>>>
ID: scanprofile, enabled:1, value:
>>>
ID: auto_deal_with_infections, enabled:1, value: false
>>>
>>> Appearance settings:
>>> ID: appearance, enabled:1
>>> ID: skin, enabled:1, value: default.egl, reglocation:
HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Resource
>>> ID: showtrayicon, enabled:1, value: true
>>> ID: autoentertainmentmode, enabled:1, value: true
>>> ID: guimode, enabled:1, value: mode_simple, domain: mode_advanced,mode_simple
>>> ID: language, enabled:1, value: fr, reglocation:
HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Language
>>>
>>> Realtime protection settings:
>>> ID: realtime, enabled:1
>>> ID: infomessages, enabled:1, value: onlyimportant, domain:
display,dontnotify,onlyimportant
>>> ID: layers, enabled:1
>>> ID: useantivirus, enabled:1, value: true
>>> ID: usespywareheuristics, enabled:1, value: true
>>> ID: maintainbackup, enabled:1, value: true
>>> ID: modules, enabled:1
>>> ID: processprotection, enabled:1, value: true
>>> ID: onaccessprotection, enabled:1, value: true
>>> ID: registryprotection, enabled:1, value: true
>>> ID: networkprotection, enabled:1, value: true
>>>
>>>
>>> ****************************** System information
******************************
>>> Computer name: 00010101010100
>>> Processor name: Intel(R) Core(TM)2 Duo CPU T7250 @ 2.00GHz
>>> Processor identifier: x86 Family 6 Model 15 Stepping 13
>>> Processor speed: ~1995MHZ
>>> Raw info: processorarchitecture 0, processortype 586, processorlevel 6, processor
revision 3853, number of processors 2, processor features: [MMX,SSE,SSE2]
>>> Physical memory available: 508137472 bytes
>>> Physical memory total: 2145759232 bytes
>>> Virtual memory available: 1834749952 bytes
>>> Virtual memory total: 2147352576 bytes
>>> Memory load: 76%
>>> Microsoft Windows XP Professional Service Pack 3 (build 2600)
>>> Windows startup mode:
>>>
>>> Running processes:
>>> PID: 616 name: \SystemRoot\System32\smss.exe owner: SYSTEM domain: AUTORITE
NT
>>> PID: 1092 name: C:\WINDOWS\system32\csrss.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 1132 name: C:\WINDOWS\system32\winlogon.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 1188 name: C:\WINDOWS\system32\services.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 1200 name: C:\WINDOWS\system32\lsass.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 1396 name: C:\WINDOWS\system32\Ati2evxx.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 1416 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 1516 name: C:\WINDOWS\system32\svchost.exe owner: SERVICE RÉSEAU
domain: AUTORITE NT
>>> PID: 716 name: C:\WINDOWS\System32\svchost.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 656 name: C:\Program Files\Intel\WiFi\bin\S24EvMon.exe owner: SYSTEM
domain: AUTORITE NT
>>> PID: 776 name: C:\WINDOWS\system32\svchost.exe owner: SERVICE RÉSEAU
domain: AUTORITE NT
>>> PID: 1756 name: C:\WINDOWS\system32\ZoneLabs\vsmon.exe owner: <UNKNOWN>
domain: <UNKNOWN>
>>> PID: 1972 name: C:\WINDOWS\system32\Ati2evxx.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 448 name: C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe owner:
<UNKNOWN> domain: <UNKNOWN>
>>> PID: 564 name: C:\WINDOWS\system32\spoolsv.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 1100 name: C:\WINDOWS\system32\wbem\unsecapp.exe owner: SYSTEM
domain: AUTORITE NT
>>> PID: 1708 name: C:\WINDOWS\system32\wbem\wmiprvse.exe owner: SYSTEM
domain: AUTORITE NT
>>> PID: 2524 name: C:\Program Files\CheckPoint\ZAForceField\ForceField.exe owner:
<UNKNOWN> domain: <UNKNOWN>
>>> PID: 3768 name: C:\Program Files\Fichiers communs\Apple\Mobile Device
Support\AppleMobileDeviceService.exe owner: SYSTEM domain: AUTORITE NT
>>> PID: 3816 name: C:\Program Files\AVG\AVG10\avgwdsvc.exe owner: SYSTEM
domain: AUTORITE NT
>>> PID: 2140 name: C:\Program Files\Bonjour\mDNSResponder.exe owner: SYSTEM
domain: AUTORITE NT
>>> PID: 3388 name: C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
owner: SYSTEM domain: AUTORITE NT
>>> PID: 3028 name: C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe owner: amer
domain: 00010101010100
>>> PID: 3040 name: C:\WINDOWS\System32\svchost.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 3048 name: C:\Program Files\Intel\Intel(R) Rapid Storage
Technology\IAStorIcon.exe owner: amer domain: 00010101010100
>>> PID: 3140 name: C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe owner: amer domain:
00010101010100
>>> PID: 2616 name: C:\Program Files\Fichiers
communs\Intel\WirelessCommon\iFrmewrk.exe owner: amer domain: 00010101010100
>>> PID: 3288 name: C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe owner:
<UNKNOWN> domain: <UNKNOWN>
>>> PID: 3300 name: C:\Program Files\Intel\WiFi\bin\EvtEng.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 4040 name: C:\Program Files\AVG\AVG10\avgtray.exe owner: amer domain:
00010101010100
>>> PID: 688 name: C:\WINDOWS\system32\hasplms.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 1080 name: C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe owner:
amer domain: 00010101010100
>>> PID: 1832 name: C:\Program Files\AVG\AVG10\avgnsx.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 1932 name: C:\Program Files\PC Tools Security\BDT\FGuard.exe owner: amer
domain: 00010101010100
>>> PID: 2068 name: C:\WINDOWS\system32\ctfmon.exe owner: amer domain:
00010101010100
>>> PID: 1692 name: C:\Program Files\Spybot - Search & Destroy2\TeaTimer.exe owner:
amer domain: 00010101010100
>>> PID: 4080 name: C:\Program Files\Intel\Intel(R) Rapid Storage
Technology\IAStorDataMgrSvc.exe owner: SYSTEM domain: AUTORITE NT
>>> PID: 2564 name: C:\WINDOWS\system32\wbem\unsecapp.exe owner: amer domain:
00010101010100
>>> PID: 3540 name: C:\Program Files\Ralink\Common\RaUI.exe owner: amer domain:
00010101010100
>>> PID: 3576 name: C:\Program Files\Fichiers communs\InstallShield
Shared\Service\InstallShield Licensing Service.exe owner: SYSTEM domain: AUTORITE
NT
>>> PID: 2372 name: C:\Program Files\Java\jre6\bin\jqs.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 1292 name: C:\Program Files\AVG\AVG10\Identity
Protection\agent\bin\avgidsmonitor.exe owner: amer domain: 00010101010100
>>> PID: 2504 name: C:\Program Files\adobs\msats.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 2312 name: C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
owner: SYSTEM domain: AUTORITE NT
>>> PID: 340 name: C:\Program Files\Ralink\Common\RaRegistry.exe owner: SYSTEM
domain: AUTORITE NT
>>> PID: 2684 name: C:\Program Files\Fichiers
communs\Intel\WirelessCommon\RegSrvc.exe owner: SYSTEM domain: AUTORITE NT
>>> PID: 3788 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 2088 name: C:\Documents and Settings\All Users\Application
Data\UltraVNC\winvnc.exe owner: SYSTEM domain: AUTORITE NT
>>> PID: 832 name: C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
owner: SYSTEM domain: AUTORITE NT
>>> PID: 2980 name: C:\Program Files\Common Files\VMware\USB\vmwareusbarbitrator.exe owner: SYSTEM domain: AUTORITE NT
>>> PID: 4856 name: C:\WINDOWS\system32\vmnat.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 5460 name: C:\WINDOWS\system32\vmnetdhcp.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 4320 name: C:\Program Files\AVG\AVG10\Identity
Protection\Agent\Bin\AVGIDSAgent.exe owner: SYSTEM domain: AUTORITE NT
>>> PID: 4568 name: C:\Documents and Settings\All Users\Application
Data\UltraVNC\winvnc.exe owner: SYSTEM domain: AUTORITE NT
>>> PID: 5400 name: C:\WINDOWS\system32\svchost.exe owner: SERVICE LOCAL
domain: AUTORITE NT
>>> PID: 5576 name: C:\WINDOWS\System32\alg.exe owner: SERVICE LOCAL domain:
AUTORITE NT
>>> PID: 4264 name: C:\Program Files\AVG\AVG10\avgrsx.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 5868 name: C:\Program Files\AVG\AVG10\avgcsrvx.exe owner: SYSTEM
domain: AUTORITE NT
>>> PID: 2584 name: C:\Program Files\AVG\AVG10\avgchsvx.exe owner: SYSTEM
domain: AUTORITE NT
>>> PID: 5924 name: C:\WINDOWS\explorer.exe owner: amer domain: 00010101010100
>>> PID: 3872 name: C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe owner:
SYSTEM domain: AUTORITE NT
>>> PID: 3952 name: C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe owner: amer
domain: 00010101010100
>>> PID: 4384 name: C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe owner: amer
domain: 00010101010100
>>> PID: 5628 name: C:\Program Files\Mozilla Firefox\firefox.exe owner: amer domain:
00010101010100
>>> PID: 2160 name: C:\Program Files\Mozilla Firefox\plugin-container.exe owner: amer
domain: 00010101010100
>>> PID: 4408 name: C:\Program Files\Mozilla Firefox\plugin-container.exe owner: amer
domain: 00010101010100
>>>
>>> Startup items:
>>> Name: {438755C2-A8BA-11D1-B96B-00A0C90312E1}
>>>
imagepath: Pré-chargeur Browseui
>>> Name: {8C7461EF-2B13-11d2-BE35-3078302C2030}
>>>
imagepath: Démon de cache des catégories de composant
>>> Name: PostBootReminder
>>>
imagepath: {7849596a-48ea-486e-8937-a2a3009f31a9}
>>> Name: CDBurn
>>>
imagepath: {fbeb8a05-beee-4442-804e-409d6c4515e9}
>>> Name: WebCheck
>>>
imagepath: {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
>>> Name: SysTray
>>>
imagepath: {35CEC8A3-2BE6-11D2-8773-92E220524153}
>>> Name: WPDShServiceObj
>>>
imagepath: {AAA288BA-9A4C-45B0-95D7-94D524869DB5}
>>> Name: SMSERIAL
>>>
imagepath: C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
>>> Name: IAStorIcon
>>>
imagepath: C:\Program Files\Intel\Intel(R) Rapid Storage
Technology\IAStorIcon.exe
>>> Name: AppleSyncNotifier
>>>
imagepath: C:\Program Files\Fichiers communs\Apple\Mobile Device
Support\AppleSyncNotifier.exe
>>> Name: IntelZeroConfig
>>>
imagepath: "C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"
>>> Name: IntelWireless
>>>
imagepath: "C:\Program Files\Fichiers
communs\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
>>> Name: ZoneAlarm Client
>>>
imagepath: "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
>>> Name: ISW
>>>
imagepath: "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe"
/icon="hidden"
>>> Name: BrMfcWnd
>>>
imagepath: C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
>>> Name: ControlCenter3
>>>
imagepath: C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
>>> Name: Adobe Reader Speed Launcher
>>>
imagepath: "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
>>> Name: Adobe ARM
>>>
imagepath: "C:\Program Files\Fichiers
communs\Adobe\ARM\1.0\AdobeARM.exe"
>>> Name: DivXUpdate
>>>
imagepath: "C:\Program Files\DivX\DivX Update\DivXUpdate.exe"
/CHECKNOW
>>> Name: LifeCam
>>>
imagepath: "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
>>> Name: QuickTime Task
>>>
imagepath: "C:\Program Files\QuickTime\QTTask.exe" -atboottime
>>> Name: AVG_TRAY
>>>
imagepath: C:\Program Files\AVG\AVG10\avgtray.exe
>>> Name: Config
>>>
imagepath: %systemroot%\system32\run.cmd
>>> Name: nlsf
>>>
imagepath: cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll"
"%SystemRoot%\System32\syssetup.dll"
>>> Name: tscuninstall
>>>
imagepath: %systemroot%\system32\tscupgrd.exe
>>> Name:
>>>
imagepath: C:\Documents and Settings\All Users\Menu
Démarrer\Programmes\Démarrage\desktop.ini
>>> Name:
>>>
location: C:\Documents and Settings\All Users\Menu
Démarrer\Programmes\Démarrage\Microsoft Office.lnk
>>>
imagepath: C:\Program Files\Microsoft Office\Office10\OSA.EXE
>>> Name:
>>>
location: C:\Documents and Settings\All Users\Menu
Démarrer\Programmes\Démarrage\PalTalk.lnk
>>>
imagepath: C:\Program Files\Paltalk Messenger\paltalk.exe
>>> Name:
>>>
location: C:\Documents and Settings\All Users\Menu
Démarrer\Programmes\Démarrage\Ralink Wireless Utility.lnk
>>>
imagepath: C:\Program Files\Ralink\Common\RaUI.exe
>>> Name:
>>>
imagepath: C:\Documents and Settings\amer\Menu
Démarrer\Programmes\Démarrage\desktop.ini
>>> Name:
>>>
location: C:\Documents and Settings\amer\Menu
Démarrer\Programmes\Démarrage\MagicDisc.lnk
>>>
imagepath: C:\Program Files\MagicDisc\MagicDisc.exe
>>>
>>> Bootexecute items:
>>> Name:
>>>
imagepath: autocheck autochk *
>>> Name:
>>>
imagepath: C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync
>>> Name:
>>>
imagepath: C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart
>>> Name:
>>>
imagepath: lsdelete
>>>
>>> Running services:
>>> Name: ALG
>>>
displayname: Service de la passerelle de la couche Application
>>> Name: Apple Mobile Device
>>>
displayname: Apple Mobile Device
>>> Name: Ati HotKey Poller
>>>
displayname: Ati HotKey Poller
>>> Name: AudioSrv
>>>
displayname: Audio Windows
>>> Name: AVGIDSAgent
>>>
displayname: AVGIDSAgent
>>> Name: avgwd
>>>
displayname: AVG WatchDog
>>> Name: BITS
>>>
displayname: Service de transfert intelligent en arrière-plan
>>> Name: Bonjour Service
>>>
displayname: Service Bonjour
>>> Name: Browser
>>>
displayname: Explorateur d'ordinateur
>>> Name: Browser Defender Update Service
>>>
displayname: Browser Defender Update Service
>>> Name: CryptSvc
>>>
displayname: CryptSvc
>>> Name: DcomLaunch
>>>
displayname: Lanceur de processus serveur DCOM
>>> Name: Dhcp
>>>
displayname: Client DHCP
>>> Name: Dnscache
>>>
displayname: Client DNS
>>> Name: EapHost
>>>
displayname: Service Protocole EAP (Extensible Authentication Protocol)
>>> Name: ERSvc
>>>
displayname: Service de rapport d'erreurs
>>> Name: Eventlog
>>>
displayname: Journal des événements
>>> Name: EventSystem
>>>
displayname: Système d'événements de COM+
>>> Name: EvtEng
>>>
displayname: Intel(R) PROSet/Wireless Event Log
>>> Name: FastUserSwitchingCompatibility
>>>
displayname: Compatibilité avec le Changement rapide d'utilisateur
>>> Name: hasplms
>>>
displayname: HASP License Manager
>>> Name: helpsvc
>>>
displayname: Aide et support
>>> Name: IAStorDataMgrSvc
>>>
displayname: Intel(R) Rapid Storage Technology
>>> Name: InstallShield Licensing Service
>>>
displayname: InstallShield Licensing Service
>>> Name: IswSvc
>>>
displayname: ZoneAlarm Toolbar IswSvc
>>> Name: JavaQuickStarterService
>>>
displayname: Java Quick Starter
>>> Name: lanmanserver
>>>
displayname: Serveur
>>> Name: lanmanworkstation
>>>
displayname: Station de travail
>>> Name: Lavasoft Ad-Aware Service
>>>
displayname: Lavasoft Ad-Aware Service
>>> Name: Log Events
>>>
displayname: Log Events
>>> Name: MBAMService
>>>
displayname: MBAMService
>>> Name: Netman
>>>
displayname: Connexions réseau
>>> Name: Nla
>>>
displayname: NLA (Network Location Awareness)
>>> Name: NWCWorkstation
>>>
displayname: Service client pour NetWare
>>> Name: PlugPlay
>>>
displayname: Plug-and-Play
>>> Name: ProtectedStorage
>>>
displayname: Emplacement protégé
>>> Name: RalinkRegistryWriter
>>>
displayname: Ralink Registry Writer
>>> Name: RasMan
>>>
displayname: Gestionnaire de connexions d'accès distant
>>> Name: RegSrvc
>>>
displayname: Intel(R) PROSet/Wireless Registry Service
>>> Name: RpcSs
>>>
displayname: Appel de procédure distante (RPC)
>>> Name: S24EventMonitor
>>>
displayname: Intel(R) PROSet/Wireless WiFi Service
>>> Name: SamSs
>>>
displayname: Gestionnaire de comptes de sécurité
>>> Name: Schedule
>>>
displayname: Planificateur de tâches
>>> Name: seclogon
>>>
displayname: Secondary Logon
>>> Name: SENS
>>>
displayname: Notification d'événement système
>>> Name: SharedAccess
>>>
displayname: Pare-feu Windows / Partage de connexion Internet
>>> Name: ShellHWDetection
>>>
displayname: Détection matériel noyau
>>> Name: Spooler
>>>
displayname: Spouleur d'impression
>>> Name: srservice
>>>
displayname: Service de restauration système
>>> Name: SSDPSRV
>>>
displayname: Service de découvertes SSDP
>>> Name: stisvc
>>>
displayname: Acquisition d'image Windows (WIA)
>>> Name: TapiSrv
>>>
displayname: Téléphonie
>>> Name: TermService
>>>
displayname: Services Terminal Server
>>> Name: Themes
>>>
displayname: Thèmes
>>> Name: uvnc_service
>>>
displayname: UltraVNC Server
>>> Name: VMAuthdService
>>>
displayname: VMware Authorization Service
>>> Name: VMnetDHCP
>>>
displayname: VMware DHCP Service
>>> Name: VMUSBArbService
>>>
displayname: VMware USB Arbitration Service
>>> Name: VMware NAT Service
>>>
displayname: VMware NAT Service
>>> Name: vsmon
>>>
displayname: TrueVector Internet Monitor
>>> Name: W32Time
>>>
displayname: Horloge Windows
>>> Name: winmgmt
>>>
displayname: Infrastructure de gestion Windows
>>> Name: wscsvc
>>>
displayname: Centre de sécurité
>>> Name: wuauserv
>>>
displayname: Mises à jour automatiques
>>>
>>>
MSG [0476] 2011/10/10 06:04:56: Configure new scan with profile: full
MSG [0476] 2011/10/10 06:04:56: -> scanning critical objects
MSG [0476] 2011/10/10 06:04:56: -> scanning running processes
MSG [0476] 2011/10/10 06:04:56: -> scanning registry
MSG [0476] 2011/10/10 06:04:56: -> scanning lsp
MSG [0476] 2011/10/10 06:04:56: -> scanning ads
MSG [0476] 2011/10/10 06:04:56: -> scanning hosts file
MSG [0476] 2011/10/10 06:04:56: -> scanning mru objects
MSG [0476] 2011/10/10 06:04:56: -> scanning browser hijacks
MSG [0476] 2011/10/10 06:04:56: -> scanning cookies
MSG [0476] 2011/10/10 06:04:56: -> neutralizing rootkits
MSG [0476] 2011/10/10 06:04:56: -> use mild rootkit detection
MSG [0476] 2011/10/10 06:04:56: -> use spyware heuristics
MSG [0476] 2011/10/10 06:04:56: -> use medium heuristics
MSG [0476] 2011/10/10 06:04:56: -> scan archives
MSG [0476] 2011/10/10 06:04:56: -> file size limit = 20480 kB (0 = unlimited)
MSG [0476] 2011/10/10 06:04:56: -> validating system critical files
MSG [0476] 2011/10/10 06:04:56: -> scan file/path = C:\
MSG [0476] 2011/10/10 06:04:56: -> scan file/path = E:\
ERR [0476] 2011/10/10 06:04:56: SDKController::GetDefinitonsFileVersion -> Not in idle
state
ERR [0476] 2011/10/10 06:04:56: SDKController::GetLatestSuccessfulScanReportHeader ->
Not in idle state
ERR [0476] 2011/10/10 06:04:56: SDKController::GetLatestSuccessfulScanReportHeader ->
Not in idle state
ERR [0476] 2011/10/10 06:04:56: SDKController::GetLatestSuccessfulScanReportHeader ->
Not in idle state
ERR [0476] 2011/10/10 06:04:56: SDKController::GetInfectionList -> Not in found
infections state
MSG [3372] 2011/10/10 11:27:05: Scan was completed in 19328 seconds
MSG [3372] 2011/10/10 11:27:05: Objects processed: 256812, infections detected: 33
MSG [1780] 2011/10/10 11:27:11: Remediating 33 infections
MSG [1780] 2011/10/10 11:27:19: Infections quarantined: 0, removed: 0, repaired: 0
MSG [1780] 2011/10/10 11:27:19: Infections ignored by remediation: 33 (0 whitelisted, 33
skipped).
MSG [0476] 2011/10/10 11:27:23: Dumping scan report:
>>> Logfile created: 10/10/2011 06:04:56
>>> Ad-Aware version: 9.5.1
>>> Extended engine: 3
>>> Extended engine version: 3.1.2770
>>> User performing scan: amer
>>>
>>> *********************** Definitions database information
***********************
>>> Lavasoft definition file: 150.590
>>> Genotype definition file version: 2011/09/21 13:56:01
>>> Extended engine definition file: 10715.0
>>>
>>> ******************************** Scan results:
*********************************
>>> Scan profile name: Analyse complète (ID: full)
>>> Objects scanned: 256812
>>> Objects detected: 33
>>>
>>>
>>> Type
Detected
>>> ==========================
>>> Processes.......:
0
>>> Registry entries:
17
>>> Hostfile entries:
0
>>> Files...........:
16
>>> Folders.........:
0
>>> LSPs............:
0
>>> Cookies.........:
0
>>> Browser hijacks.:
0
>>> MRU objects.....:
0
>>>
>>>
>>>
>>> Skipped items:
>>> Description: c:\system volume information\_restore{b1ad646f-1f5b-4128-80e0e12d3742d49c}\rp386\a0278917.exe Family Name: Hotbar Engine: 3 Clean status: Success
Item ID: 1 Family ID: 0 MD5: 65a4251686267873188a197264df64a0
>>> Description: c:\system volume information\_restore{b1ad646f-1f5b-4128-80e0e12d3742d49c}\rp391\a0284613.dll Family Name: Win32.PUP.Bandoo[800] Engine: 1 Clean
status: Success Item ID: 0 Family ID: 0 MD5: d33ebb9ad2ef0e99fb1aef40dc9a281a
>>> Description: c:\system volume information\_restore{b1ad646f-1f5b-4128-80e0e12d3742d49c}\rp391\a0284614.dll Family Name: Win32.PUP.Bandoo[800] Engine: 1 Clean
status: Success Item ID: 0 Family ID: 0 MD5: 535ecda75f845d3d7607b6631dd07df7
>>> Description: c:\system volume information\_restore{b1ad646f-1f5b-4128-80e0e12d3742d49c}\rp391\a0284612.exe Family Name: Win32.PUP.Bandoo[800] Engine: 1
Clean status: Success Item ID: 0 Family ID: 0 MD5: c5e3d9d13f7d68f3d93890a2aeb97e1b
>>> Description: c:\system volume information\_restore{b1ad646f-1f5b-4128-80e0e12d3742d49c}\rp391\a0284615.dll Family Name: Win32.PUP.Bandoo[800] Engine: 1 Clean
status: Success Item ID: 0 Family ID: 0 MD5: 17f7547a6808b758cb4a455ede24deba
>>> Description: c:\system volume information\_restore{b1ad646f-1f5b-4128-80e0e12d3742d49c}\rp391\a0284620.exe Family Name: Win32.PUP.Bandoo[800] Engine: 1
Clean status: Success Item ID: 0 Family ID: 0 MD5: 59a137f44f95d95c1e2092ac58333860
>>> Description: c:\system volume information\_restore{b1ad646f-1f5b-4128-80e0e12d3742d49c}\rp391\a0284622.dll Family Name: Win32.PUP.Bandoo[800] Engine: 1 Clean
status: Success Item ID: 0 Family ID: 0 MD5: 747430885dd10c8f69bc4bdd34853bc0
>>> Description: c:\system volume information\_restore{b1ad646f-1f5b-4128-80e0e12d3742d49c}\rp391\a0284623.exe Family Name: Win32.PUP.Bandoo[800] Engine: 1
Clean status: Success Item ID: 0 Family ID: 0 MD5: fbd76ee2c589307b78742e5e3be18a47
>>> Description: c:\system volume information\_restore{b1ad646f-1f5b-4128-80e0e12d3742d49c}\rp391\a0284625.dll Family Name: Win32.PUP.Bandoo[800] Engine: 1 Clean
status: Success Item ID: 0 Family ID: 0 MD5: 56484bc3c1221de645a12d90ae337428
>>> Description: c:\system volume information\_restore{b1ad646f-1f5b-4128-80e0e12d3742d49c}\rp391\a0284624.exe Family Name: Win32.PUP.Bandoo[800] Engine: 1
Clean status: Success Item ID: 0 Family ID: 0 MD5: a47c4d76470d3ad9b14c69469d3de793
>>> Description: c:\system volume information\_restore{b1ad646f-1f5b-4128-80e0e12d3742d49c}\rp391\a0284626.dll Family Name: Win32.PUP.Bandoo[800] Engine: 1 Clean
status: Success Item ID: 0 Family ID: 0 MD5: a7c8e3a8f60e85feeb679832755b60f7
>>> Description: c:\system volume information\_restore{b1ad646f-1f5b-4128-80e0e12d3742d49c}\rp391\a0284627.exe Family Name: Win32.PUP.Bandoo[800] Engine: 1
Clean status: Success Item ID: 0 Family ID: 0 MD5: b56a3cba0c05ac6c4907a2e937162494
>>> Description: c:\system volume information\_restore{b1ad646f-1f5b-4128-80e0e12d3742d49c}\rp391\a0284632.dll Family Name: Win32.PUP.Bandoo[800] Engine: 1 Clean
status: Success Item ID: 0 Family ID: 0 MD5: 7687e3c97c7493c7d9c9fa14ad59a255
>>> Description: c:\system volume information\_restore{b1ad646f-1f5b-4128-80e0e12d3742d49c}\rp391\a0284633.dll Family Name: Win32.PUP.Bandoo[800] Engine: 1 Clean
status: Success Item ID: 0 Family ID: 0 MD5: b3fc6760c794b8da9da0f2abcc9c4425
>>> Description: c:\system volume information\_restore{b1ad646f-1f5b-4128-80e0e12d3742d49c}\rp391\a0284634.dll Family Name: Win32.PUP.Bandoo[800] Engine: 1 Clean
status: Success Item ID: 0 Family ID: 0 MD5: 2af17b9821cea4ad0f93948e538aa47a
>>> Description: c:\system volume information\_restore{b1ad646f-1f5b-4128-80e0e12d3742d49c}\rp392\a0285102.exe Family Name: Win32.PUP.Bandoo[800] Engine: 1
Clean status: Success Item ID: 0 Family ID: 0 MD5: 7179a8b649d1f9af243b65ce0899fe91
>>> Description: HKLM:SOFTWARE\Classes\AppID\BandooCore.EXE: Family Name:
Win32.PUP.Bandoo Engine: 1 Clean status: Success Item ID: 5367023 Family ID: 5366997
>>> Description: HKCR:AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}: Family
Name: Win32.PUP.Bandoo Engine: 1 Clean status: Success Item ID: 5367024 Family ID:
5366997
>>> Description: HKCR:AppID\BandooCore.EXE: Family Name: Win32.PUP.Bandoo
Engine: 1 Clean status: Success Item ID: 5367030 Family ID: 5366997
>>> Description: HKCR:BandooCore.BandooCore: Family Name: Win32.PUP.Bandoo
Engine: 1 Clean status: Success Item ID: 5367041 Family ID: 5366997
>>> Description: HKCR:BandooCore.BandooCore.1: Family Name: Win32.PUP.Bandoo
Engine: 1 Clean status: Success Item ID: 5367042 Family ID: 5366997
>>> Description: HKCR:BandooCore.ResourcesMngr: Family Name: Win32.PUP.Bandoo
Engine: 1 Clean status: Success Item ID: 5367043 Family ID: 5366997
>>> Description: HKCR:BandooCore.ResourcesMngr.1: Family Name: Win32.PUP.Bandoo
Engine: 1 Clean status: Success Item ID: 5367044 Family ID: 5366997
>>> Description: HKCR:BandooCore.SettingsMngr: Family Name: Win32.PUP.Bandoo
Engine: 1 Clean status: Success Item ID: 5367045 Family ID: 5366997
>>> Description: HKCR:BandooCore.SettingsMngr.1: Family Name: Win32.PUP.Bandoo
Engine: 1 Clean status: Success Item ID: 5367046 Family ID: 5366997
>>> Description: HKCR:BandooCore.StatisticMngr: Family Name: Win32.PUP.Bandoo
Engine: 1 Clean status: Success Item ID: 5367047 Family ID: 5366997
>>> Description: HKCR:BandooCore.StatisticMngr.1: Family Name: Win32.PUP.Bandoo
Engine: 1 Clean status: Success Item ID: 5367048 Family ID: 5366997
>>> Description: HKCR:CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}: Family
Name: Win32.PUP.Bandoo Engine: 1 Clean status: Success Item ID: 5367054 Family ID:
5366997
>>> Description: HKCR:CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}: Family
Name: Win32.PUP.Bandoo Engine: 1 Clean status: Success Item ID: 5367059 Family ID:
5366997
>>> Description: HKCR:CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}: Family
Name: Win32.PUP.Bandoo Engine: 1 Clean status: Success Item ID: 5367060 Family ID:
5366997
>>> Description: HKCR:CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}:
Family Name: Win32.PUP.Bandoo Engine: 1 Clean status: Success Item ID: 5367061 Family
ID: 5366997
>>> Description: HKCR:Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}: Family
Name: Win32.PUP.Bandoo Engine: 1 Clean status: Success Item ID: 5367069 Family ID:
5366997
>>> Description: HKCR:TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}:
Family Name: Win32.PUP.Bandoo Engine: 1 Clean status: Success Item ID: 5367073 Family
ID: 5366997
>>>
>>> Scan and cleaning complete: Finished correctly after 19328 seconds
>>>
>>> *********************************** Settings
***********************************
>>>
>>> Scan profile:
>>> ID: full, enabled:1, value: Analyse complète
>>> ID: folderstoscan, enabled:1, value: C:\,E:\
>>> ID: useantivirus, enabled:1, value: true
>>> ID: sections, enabled:1
>>> ID: scancriticalareas, enabled:1, value: true
>>> ID: scanrunningapps, enabled:1, value: true
>>> ID: scanregistry, enabled:1, value: true
>>> ID: scanlsp, enabled:1, value: true
>>> ID: scanads, enabled:1, value: true
>>> ID: scanhostsfile, enabled:1, value: true
>>> ID: scanmru, enabled:1, value: true
>>> ID: scanbrowserhijacks, enabled:1, value: true
>>> ID: scantrackingcookies, enabled:1, value: true
>>>
ID: closebrowsers, enabled:1, value: false
>>> ID: filescanningoptions, enabled:1
>>> ID: archives, enabled:1, value: true
>>> ID: onlyexecutables, enabled:1, value: false
>>> ID: skiplargerthan, enabled:1, value: 20480
>>> ID: scanrootkits, enabled:1, value: true
>>>
ID: rootkitlevel, enabled:1, value: mild, domain: medium,mild,strict
>>> ID: usespywareheuristics, enabled:1, value: true
>>>
>>> Scan global:
>>> ID: global, enabled:1
>>> ID: addtocontextmenu, enabled:1, value: true
>>> ID: playsoundoninfection, enabled:1, value: false
>>> ID: soundfile, enabled:0, value: N/A
>>>
>>> Scheduled scan settings:
>>> <Empty>
>>>
>>> Update settings:
>>> ID: updates, enabled:1
>>> ID: launchthreatworksafterscan, enabled:1, value: silently, domain: normal,off,silently
>>> ID: deffiles, enabled:1, value: downloadandinstall, domain:
dontcheck,downloadandinstall
>>> ID: licenseandinfo, enabled:1, value: downloadandinstall, domain:
dontcheck,downloadandinstall
>>> ID: schedules, enabled:1, value: true
>>> ID: updatedaily1, enabled:1, value: Daily 1
>>>
ID: time, enabled:1, value: Wed Aug 31 13:07:00 2011
>>>
ID: frequency, enabled:1, value: daily, domain:
daily,monthly,once,systemstart,weekly
>>>
ID: weekdays, enabled:1
>>>
ID: monday, enabled:1, value: false
>>>
ID: tuesday, enabled:1, value: false
>>>
ID: wednesday, enabled:1, value: false
>>>
ID: thursday, enabled:1, value: false
>>>
ID: friday, enabled:1, value: false
>>>
ID: saturday, enabled:1, value: false
>>>
ID: sunday, enabled:1, value: false
>>>
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
>>>
ID: scanprofile, enabled:1, value:
>>>
ID: auto_deal_with_infections, enabled:1, value: false
>>> ID: updatedaily2, enabled:1, value: Daily 2
>>>
ID: time, enabled:1, value: Wed Aug 31 19:07:00 2011
>>>
ID: frequency, enabled:1, value: daily, domain:
daily,monthly,once,systemstart,weekly
>>>
ID: weekdays, enabled:1
>>>
ID: monday, enabled:1, value: false
>>>
ID: tuesday, enabled:1, value: false
>>>
ID: wednesday, enabled:1, value: false
>>>
ID: thursday, enabled:1, value: false
>>>
ID: friday, enabled:1, value: false
>>>
ID: saturday, enabled:1, value: false
>>>
ID: sunday, enabled:1, value: false
>>>
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
>>>
ID: scanprofile, enabled:1, value:
>>>
ID: auto_deal_with_infections, enabled:1, value: false
>>> ID: updatedaily3, enabled:1, value: Daily 3
>>>
ID: time, enabled:1, value: Wed Aug 31 01:07:00 2011
>>>
ID: frequency, enabled:1, value: daily, domain:
daily,monthly,once,systemstart,weekly
>>>
ID: weekdays, enabled:1
>>>
ID: monday, enabled:1, value: false
>>>
ID: tuesday, enabled:1, value: false
>>>
ID: wednesday, enabled:1, value: false
>>>
ID: thursday, enabled:1, value: false
>>>
ID: friday, enabled:1, value: false
>>>
ID: saturday, enabled:1, value: false
>>>
ID: sunday, enabled:1, value: false
>>>
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
>>>
ID: scanprofile, enabled:1, value:
>>>
ID: auto_deal_with_infections, enabled:1, value: false
>>> ID: updatedaily4, enabled:1, value: Daily 4
>>>
ID: time, enabled:1, value: Wed Aug 31 07:07:00 2011
>>>
ID: frequency, enabled:1, value: daily, domain:
daily,monthly,once,systemstart,weekly
>>>
ID: weekdays, enabled:1
>>>
ID: monday, enabled:1, value: false
>>>
ID: tuesday, enabled:1, value: false
>>>
ID: wednesday, enabled:1, value: false
>>>
ID: thursday, enabled:1, value: false
>>>
ID: friday, enabled:1, value: false
>>>
ID: saturday, enabled:1, value: false
>>>
ID: sunday, enabled:1, value: false
>>>
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
>>>
ID: scanprofile, enabled:1, value:
>>>
ID: auto_deal_with_infections, enabled:1, value: false
>>> ID: updateweekly1, enabled:1, value: Weekly
>>>
ID: time, enabled:1, value: Wed Aug 31 13:07:00 2011
>>>
ID: frequency, enabled:1, value: weekly, domain:
daily,monthly,once,systemstart,weekly
>>>
ID: weekdays, enabled:1
>>>
ID: monday, enabled:1, value: false
>>>
ID: tuesday, enabled:1, value: false
>>>
ID: wednesday, enabled:1, value: true
>>>
ID: thursday, enabled:1, value: false
>>>
ID: friday, enabled:1, value: false
>>>
ID: saturday, enabled:1, value: true
>>>
ID: sunday, enabled:1, value: false
>>>
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
>>>
ID: scanprofile, enabled:1, value:
>>>
ID: auto_deal_with_infections, enabled:1, value: false
>>>
>>> Appearance settings:
>>> ID: appearance, enabled:1
>>> ID: skin, enabled:1, value: default.egl, reglocation:
HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Resource
>>> ID: showtrayicon, enabled:1, value: true
>>> ID: autoentertainmentmode, enabled:1, value: true
>>> ID: guimode, enabled:1, value: mode_simple, domain: mode_advanced,mode_simple
>>> ID: language, enabled:1, value: fr, reglocation:
HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Language
>>>
>>> Realtime protection settings:
>>> ID: realtime, enabled:1
>>> ID: infomessages, enabled:1, value: onlyimportant, domain:
display,dontnotify,onlyimportant
>>> ID: modules, enabled:1
>>> ID: processprotection, enabled:1, value: true
>>> ID: onaccessprotection, enabled:1, value: true
>>> ID: registryprotection, enabled:1, value: true
>>> ID: networkprotection, enabled:1, value: true
>>> ID: layers, enabled:1
>>> ID: useantivirus, enabled:1, value: true
>>> ID: usespywareheuristics, enabled:1, value: true
>>> ID: maintainbackup, enabled:1, value: true
>>>
>>>
>>> ****************************** System information
******************************
>>> Computer name: 00010101010100
>>> Processor name: Intel(R) Core(TM)2 Duo CPU T7250 @ 2.00GHz
>>> Processor identifier: x86 Family 6 Model 15 Stepping 13
>>> Processor speed: ~1995MHZ
>>> Raw info: processorarchitecture 0, processortype 586, processorlevel 6, processor
revision 3853, number of processors 2, processor features: [MMX,SSE,SSE2]
>>> Physical memory available: 886861824 bytes
>>> Physical memory total: 2145759232 bytes
>>> Virtual memory available: 1492623360 bytes
>>> Virtual memory total: 2147352576 bytes
>>> Memory load: 58%
>>> Microsoft Windows XP Professional Service Pack 3 (build 2600)
>>> Windows startup mode:
>>>
>>> Running processes:
>>> PID: 616 name: \SystemRoot\System32\smss.exe owner: SYSTEM domain: AUTORITE
NT
>>> PID: 1092 name: C:\WINDOWS\system32\csrss.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 1132 name: C:\WINDOWS\system32\winlogon.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 1188 name: C:\WINDOWS\system32\services.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 1200 name: C:\WINDOWS\system32\lsass.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 1396 name: C:\WINDOWS\system32\Ati2evxx.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 1416 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 1516 name: C:\WINDOWS\system32\svchost.exe owner: SERVICE RÉSEAU
domain: AUTORITE NT
>>> PID: 716 name: C:\WINDOWS\System32\svchost.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 656 name: C:\Program Files\Intel\WiFi\bin\S24EvMon.exe owner: SYSTEM
domain: AUTORITE NT
>>> PID: 776 name: C:\WINDOWS\system32\svchost.exe owner: SERVICE RÉSEAU
domain: AUTORITE NT
>>> PID: 1756 name: C:\WINDOWS\system32\ZoneLabs\vsmon.exe owner: <UNKNOWN>
domain: <UNKNOWN>
>>> PID: 1972 name: C:\WINDOWS\system32\Ati2evxx.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 448 name: C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe owner:
<UNKNOWN> domain: <UNKNOWN>
>>> PID: 564 name: C:\WINDOWS\system32\spoolsv.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 1100 name: C:\WINDOWS\system32\wbem\unsecapp.exe owner: SYSTEM
domain: AUTORITE NT
>>> PID: 1708 name: C:\WINDOWS\system32\wbem\wmiprvse.exe owner: SYSTEM
domain: AUTORITE NT
>>> PID: 2524 name: C:\Program Files\CheckPoint\ZAForceField\ForceField.exe owner:
<UNKNOWN> domain: <UNKNOWN>
>>> PID: 3768 name: C:\Program Files\Fichiers communs\Apple\Mobile Device
Support\AppleMobileDeviceService.exe owner: SYSTEM domain: AUTORITE NT
>>> PID: 3816 name: C:\Program Files\AVG\AVG10\avgwdsvc.exe owner: SYSTEM
domain: AUTORITE NT
>>> PID: 2140 name: C:\Program Files\Bonjour\mDNSResponder.exe owner: SYSTEM
domain: AUTORITE NT
>>> PID: 3388 name: C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
owner: SYSTEM domain: AUTORITE NT
>>> PID: 3028 name: C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe owner: amer
domain: 00010101010100
>>> PID: 3040 name: C:\WINDOWS\System32\svchost.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 3048 name: C:\Program Files\Intel\Intel(R) Rapid Storage
Technology\IAStorIcon.exe owner: amer domain: 00010101010100
>>> PID: 3140 name: C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe owner: amer domain:
00010101010100
>>> PID: 2616 name: C:\Program Files\Fichiers
communs\Intel\WirelessCommon\iFrmewrk.exe owner: amer domain: 00010101010100
>>> PID: 3288 name: C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe owner:
<UNKNOWN> domain: <UNKNOWN>
>>> PID: 3300 name: C:\Program Files\Intel\WiFi\bin\EvtEng.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 4040 name: C:\Program Files\AVG\AVG10\avgtray.exe owner: amer domain:
00010101010100
>>> PID: 688 name: C:\WINDOWS\system32\hasplms.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 1080 name: C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe owner:
amer domain: 00010101010100
>>> PID: 1832 name: C:\Program Files\AVG\AVG10\avgnsx.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 1932 name: C:\Program Files\PC Tools Security\BDT\FGuard.exe owner: amer
domain: 00010101010100
>>> PID: 2068 name: C:\WINDOWS\system32\ctfmon.exe owner: amer domain:
00010101010100
>>> PID: 1692 name: C:\Program Files\Spybot - Search & Destroy2\TeaTimer.exe owner:
amer domain: 00010101010100
>>> PID: 4080 name: C:\Program Files\Intel\Intel(R) Rapid Storage
Technology\IAStorDataMgrSvc.exe owner: SYSTEM domain: AUTORITE NT
>>> PID: 2564 name: C:\WINDOWS\system32\wbem\unsecapp.exe owner: amer domain:
00010101010100
>>> PID: 3540 name: C:\Program Files\Ralink\Common\RaUI.exe owner: amer domain:
00010101010100
>>> PID: 3576 name: C:\Program Files\Fichiers communs\InstallShield
Shared\Service\InstallShield Licensing Service.exe owner: SYSTEM domain: AUTORITE
NT
>>> PID: 2372 name: C:\Program Files\Java\jre6\bin\jqs.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 1292 name: C:\Program Files\AVG\AVG10\Identity
Protection\agent\bin\avgidsmonitor.exe owner: amer domain: 00010101010100
>>> PID: 2504 name: C:\Program Files\adobs\msats.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 2312 name: C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
owner: SYSTEM domain: AUTORITE NT
>>> PID: 340 name: C:\Program Files\Ralink\Common\RaRegistry.exe owner: SYSTEM
domain: AUTORITE NT
>>> PID: 2684 name: C:\Program Files\Fichiers
communs\Intel\WirelessCommon\RegSrvc.exe owner: SYSTEM domain: AUTORITE NT
>>> PID: 3788 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 2088 name: C:\Documents and Settings\All Users\Application
Data\UltraVNC\winvnc.exe owner: SYSTEM domain: AUTORITE NT
>>> PID: 832 name: C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
owner: SYSTEM domain: AUTORITE NT
>>> PID: 2980 name: C:\Program Files\Common Files\VMware\USB\vmwareusbarbitrator.exe owner: SYSTEM domain: AUTORITE NT
>>> PID: 4856 name: C:\WINDOWS\system32\vmnat.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 5460 name: C:\WINDOWS\system32\vmnetdhcp.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 4320 name: C:\Program Files\AVG\AVG10\Identity
Protection\Agent\Bin\AVGIDSAgent.exe owner: SYSTEM domain: AUTORITE NT
>>> PID: 4568 name: C:\Documents and Settings\All Users\Application
Data\UltraVNC\winvnc.exe owner: SYSTEM domain: AUTORITE NT
>>> PID: 5400 name: C:\WINDOWS\system32\svchost.exe owner: SERVICE LOCAL
domain: AUTORITE NT
>>> PID: 5576 name: C:\WINDOWS\System32\alg.exe owner: SERVICE LOCAL domain:
AUTORITE NT
>>> PID: 4264 name: C:\Program Files\AVG\AVG10\avgrsx.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 5868 name: C:\Program Files\AVG\AVG10\avgcsrvx.exe owner: SYSTEM
domain: AUTORITE NT
>>> PID: 2584 name: C:\Program Files\AVG\AVG10\avgchsvx.exe owner: SYSTEM
domain: AUTORITE NT
>>> PID: 5924 name: C:\WINDOWS\explorer.exe owner: amer domain: 00010101010100
>>> PID: 3872 name: C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe owner:
SYSTEM domain: AUTORITE NT
>>> PID: 3952 name: C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe owner: amer
domain: 00010101010100
>>> PID: 4384 name: C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe owner: amer
domain: 00010101010100
>>>
>>> Startup items:
>>> Name: {438755C2-A8BA-11D1-B96B-00A0C90312E1}
>>>
imagepath: Pré-chargeur Browseui
>>> Name: {8C7461EF-2B13-11d2-BE35-3078302C2030}
>>>
imagepath: Démon de cache des catégories de composant
>>> Name: Config
>>>
imagepath: %systemroot%\system32\run.cmd
>>> Name: nlsf
>>>
imagepath: cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll"
"%SystemRoot%\System32\syssetup.dll"
>>> Name: tscuninstall
>>>
imagepath: %systemroot%\system32\tscupgrd.exe
>>> Name: PostBootReminder
>>>
imagepath: {7849596a-48ea-486e-8937-a2a3009f31a9}
>>> Name: CDBurn
>>>
imagepath: {fbeb8a05-beee-4442-804e-409d6c4515e9}
>>> Name: WebCheck
>>>
imagepath: {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
>>> Name: SysTray
>>>
imagepath: {35CEC8A3-2BE6-11D2-8773-92E220524153}
>>> Name: WPDShServiceObj
>>>
imagepath: {AAA288BA-9A4C-45B0-95D7-94D524869DB5}
>>> Name: SMSERIAL
>>>
imagepath: C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
>>> Name: IAStorIcon
>>>
imagepath: C:\Program Files\Intel\Intel(R) Rapid Storage
Technology\IAStorIcon.exe
>>> Name: AppleSyncNotifier
>>>
imagepath: C:\Program Files\Fichiers communs\Apple\Mobile Device
Support\AppleSyncNotifier.exe
>>> Name: IntelZeroConfig
>>>
imagepath: "C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"
>>> Name: IntelWireless
>>>
imagepath: "C:\Program Files\Fichiers
communs\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
>>> Name: ZoneAlarm Client
>>>
imagepath: "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
>>> Name: ISW
>>>
imagepath: "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe"
/icon="hidden"
>>> Name: BrMfcWnd
>>>
imagepath: C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
>>> Name: ControlCenter3
>>>
imagepath: C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
>>> Name: Adobe Reader Speed Launcher
>>>
imagepath: "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
>>> Name: Adobe ARM
>>>
imagepath: "C:\Program Files\Fichiers
communs\Adobe\ARM\1.0\AdobeARM.exe"
>>> Name: DivXUpdate
>>>
imagepath: "C:\Program Files\DivX\DivX Update\DivXUpdate.exe"
/CHECKNOW
>>> Name: LifeCam
>>>
imagepath: "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
>>> Name: QuickTime Task
>>>
imagepath: "C:\Program Files\QuickTime\QTTask.exe" -atboottime
>>> Name: AVG_TRAY
>>>
imagepath: C:\Program Files\AVG\AVG10\avgtray.exe
>>> Name:
>>>
imagepath: C:\Documents and Settings\All Users\Menu
Démarrer\Programmes\Démarrage\desktop.ini
>>> Name:
>>>
location: C:\Documents and Settings\All Users\Menu
Démarrer\Programmes\Démarrage\Microsoft Office.lnk
>>>
imagepath: C:\Program Files\Microsoft Office\Office10\OSA.EXE
>>> Name:
>>>
location: C:\Documents and Settings\All Users\Menu
Démarrer\Programmes\Démarrage\PalTalk.lnk
>>>
imagepath: C:\Program Files\Paltalk Messenger\paltalk.exe
>>> Name:
>>>
location: C:\Documents and Settings\All Users\Menu
Démarrer\Programmes\Démarrage\Ralink Wireless Utility.lnk
>>>
imagepath: C:\Program Files\Ralink\Common\RaUI.exe
>>> Name:
>>>
imagepath: C:\Documents and Settings\amer\Menu
Démarrer\Programmes\Démarrage\desktop.ini
>>> Name:
>>>
location: C:\Documents and Settings\amer\Menu
Démarrer\Programmes\Démarrage\MagicDisc.lnk
>>>
imagepath: C:\Program Files\MagicDisc\MagicDisc.exe
>>>
>>> Bootexecute items:
>>> Name:
>>>
imagepath: autocheck autochk *
>>> Name:
>>>
imagepath: C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync
>>> Name:
>>>
imagepath: C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart
>>> Name:
>>>
imagepath: lsdelete
>>>
>>> Running services:
>>> Name: ALG
>>>
displayname: Service de la passerelle de la couche Application
>>> Name: Apple Mobile Device
>>>
displayname: Apple Mobile Device
>>> Name: Ati HotKey Poller
>>>
displayname: Ati HotKey Poller
>>> Name: AudioSrv
>>>
displayname: Audio Windows
>>> Name: AVGIDSAgent
>>>
displayname: AVGIDSAgent
>>> Name: avgwd
>>>
displayname: AVG WatchDog
>>> Name: BITS
>>>
displayname: Service de transfert intelligent en arrière-plan
>>> Name: Bonjour Service
>>>
displayname: Service Bonjour
>>> Name: Browser
>>>
displayname: Explorateur d'ordinateur
>>> Name: Browser Defender Update Service
>>>
displayname: Browser Defender Update Service
>>> Name: CryptSvc
>>>
displayname: CryptSvc
>>> Name: DcomLaunch
>>>
displayname: Lanceur de processus serveur DCOM
>>> Name: Dhcp
>>>
displayname: Client DHCP
>>> Name: Dnscache
>>>
displayname: Client DNS
>>> Name: EapHost
>>>
displayname: Service Protocole EAP (Extensible Authentication Protocol)
>>> Name: ERSvc
>>>
displayname: Service de rapport d'erreurs
>>> Name: Eventlog
>>>
displayname: Journal des événements
>>> Name: EventSystem
>>>
displayname: Système d'événements de COM+
>>> Name: EvtEng
>>>
displayname: Intel(R) PROSet/Wireless Event Log
>>> Name: FastUserSwitchingCompatibility
>>>
displayname: Compatibilité avec le Changement rapide d'utilisateur
>>> Name: hasplms
>>>
displayname: HASP License Manager
>>> Name: helpsvc
>>>
displayname: Aide et support
>>> Name: IAStorDataMgrSvc
>>>
displayname: Intel(R) Rapid Storage Technology
>>> Name: InstallShield Licensing Service
>>>
displayname: InstallShield Licensing Service
>>> Name: IswSvc
>>>
displayname: ZoneAlarm Toolbar IswSvc
>>> Name: JavaQuickStarterService
>>>
displayname: Java Quick Starter
>>> Name: lanmanserver
>>>
displayname: Serveur
>>> Name: lanmanworkstation
>>>
displayname: Station de travail
>>> Name: Lavasoft Ad-Aware Service
>>>
displayname: Lavasoft Ad-Aware Service
>>> Name: Log Events
>>>
displayname: Log Events
>>> Name: MBAMService
>>>
displayname: MBAMService
>>> Name: Netman
>>>
displayname: Connexions réseau
>>> Name: Nla
>>>
displayname: NLA (Network Location Awareness)
>>> Name: NWCWorkstation
>>>
displayname: Service client pour NetWare
>>> Name: PlugPlay
>>>
displayname: Plug-and-Play
>>> Name: ProtectedStorage
>>>
displayname: Emplacement protégé
>>> Name: RalinkRegistryWriter
>>>
displayname: Ralink Registry Writer
>>> Name: RasMan
>>>
displayname: Gestionnaire de connexions d'accès distant
>>> Name: RegSrvc
>>>
displayname: Intel(R) PROSet/Wireless Registry Service
>>> Name: RpcSs
>>>
displayname: Appel de procédure distante (RPC)
>>> Name: S24EventMonitor
>>>
displayname: Intel(R) PROSet/Wireless WiFi Service
>>> Name: SamSs
>>>
displayname: Gestionnaire de comptes de sécurité
>>> Name: Schedule
>>>
displayname: Planificateur de tâches
>>> Name: seclogon
>>>
displayname: Secondary Logon
>>> Name: SENS
>>>
displayname: Notification d'événement système
>>> Name: SharedAccess
>>>
displayname: Pare-feu Windows / Partage de connexion Internet
>>> Name: ShellHWDetection
>>>
displayname: Détection matériel noyau
>>> Name: Spooler
>>>
displayname: Spouleur d'impression
>>> Name: srservice
>>>
displayname: Service de restauration système
>>> Name: SSDPSRV
>>>
displayname: Service de découvertes SSDP
>>> Name: stisvc
>>>
displayname: Acquisition d'image Windows (WIA)
>>> Name: TapiSrv
>>>
displayname: Téléphonie
>>> Name: TermService
>>>
displayname: Services Terminal Server
>>> Name: Themes
>>>
displayname: Thèmes
>>> Name: uvnc_service
>>>
displayname: UltraVNC Server
>>> Name: VMAuthdService
>>>
displayname: VMware Authorization Service
>>> Name: VMnetDHCP
>>>
displayname: VMware DHCP Service
>>> Name: VMUSBArbService
>>>
displayname: VMware USB Arbitration Service
>>> Name: VMware NAT Service
>>>
displayname: VMware NAT Service
>>> Name: vsmon
>>>
displayname: TrueVector Internet Monitor
>>> Name: W32Time
>>>
displayname: Horloge Windows
>>> Name: winmgmt
>>>
displayname: Infrastructure de gestion Windows
>>> Name: wscsvc
>>>
displayname: Centre de sécurité
>>> Name: wuauserv
>>>
displayname: Mises à jour automatiques
>>>
>>>
MSG [0476] 2011/10/10 12:15:22: Configure new scan with profile: smart
MSG [0476] 2011/10/10 12:15:22: -> scanning critical objects
MSG [0476] 2011/10/10 12:15:22: -> scanning running processes
MSG [0476] 2011/10/10 12:15:22: -> scanning registry
MSG [0476] 2011/10/10 12:15:22: -> scanning lsp
MSG [0476] 2011/10/10 12:15:22: -> scanning browser hijacks
MSG [0476] 2011/10/10 12:15:22: -> scanning cookies
MSG [0476] 2011/10/10 12:15:22: -> neutralizing rootkits
MSG [0476] 2011/10/10 12:15:22: -> use mild rootkit detection
MSG [0476] 2011/10/10 12:15:22: -> use spyware heuristics
MSG [0476] 2011/10/10 12:15:22: -> use medium heuristics
MSG [0476] 2011/10/10 12:15:22: -> scan only executables
MSG [0476] 2011/10/10 12:15:22: -> file size limit = 20480 kB (0 = unlimited)
MSG [0476] 2011/10/10 12:15:22: -> validating system critical files
ERR [0476] 2011/10/10 12:15:23: SDKController::GetInfectionList -> Not in found
infections state
ERR [0476] 2011/10/10 12:15:23: SDKController::GetDefinitonsFileVersion -> Not in idle
state
ERR [0476] 2011/10/10 12:15:23: SDKController::GetLatestSuccessfulScanReportHeader ->
Not in idle state
ERR [0476] 2011/10/10 12:15:23: SDKController::GetLatestSuccessfulScanReportHeader ->
Not in idle state
ERR [0476] 2011/10/10 12:15:23: SDKController::GetLatestSuccessfulScanReportHeader ->
Not in idle state
MSG [0476] 2011/10/10 12:15:25: Stopping scan...
MSG [0476] 2011/10/10 12:15:27: Stopping scan...
MSG [0476] 2011/10/10 12:15:27: Stopping scan...
MSG [0476] 2011/10/10 12:15:28: Stopping scan...
MSG [0476] 2011/10/10 12:15:28: Stopping scan...
MSG [0476] 2011/10/10 12:15:28: Stopping scan...
MSG [0476] 2011/10/10 12:15:28: Stopping scan...
MSG [0476] 2011/10/10 12:15:29: Stopping scan...
MSG [0476] 2011/10/10 12:15:29: Stopping scan...
MSG [0476] 2011/10/10 12:15:29: Stopping scan...
MSG [0476] 2011/10/10 12:15:29: Stopping scan...
MSG [0476] 2011/10/10 12:15:30: Stopping scan...
MSG [0476] 2011/10/10 12:15:30: Stopping scan...
MSG [0476] 2011/10/10 12:15:30: Stopping scan...
MSG [0476] 2011/10/10 12:15:30: Stopping scan...
MSG [0476] 2011/10/10 12:15:31: Stopping scan...
MSG [0476] 2011/10/10 12:15:31: Stopping scan...
MSG [0476] 2011/10/10 12:15:31: Stopping scan...
MSG [2716] 2011/10/10 12:15:34: Scan was requested to stop after 11 seconds
MSG [2716] 2011/10/10 12:15:34: Objects processed: 3, infections detected: 0
MSG [0476] 2011/10/10 12:15:34: Dumping scan report:
>>> Logfile created: 10/10/2011 12:15:23
>>> Ad-Aware version: 9.5.1
>>> Extended engine: 3
>>> Extended engine version: 3.1.2770
>>> User performing scan: amer
>>>
>>> *********************** Definitions database information
***********************
>>> Lavasoft definition file: 150.590
>>> Genotype definition file version: 2011/09/21 13:56:01
>>> Extended engine definition file: 10715.0
>>>
>>> ******************************** Scan results:
*********************************
>>> Scan profile name: Analyse intelligente (ID: smart)
>>> Objects scanned: 3
>>> Objects detected: 0
>>>
>>>
>>> Type
Detected
>>> ==========================
>>> Processes.......:
0
>>> Registry entries:
0
>>> Hostfile entries:
0
>>> Files...........:
0
>>> Folders.........:
0
>>> LSPs............:
0
>>> Cookies.........:
0
>>> Browser hijacks.:
0
>>> MRU objects.....:
0
>>>
>>>
>>>
>>> Scan and cleaning complete: Stopped by request after 11 seconds
>>>
>>> *********************************** Settings
***********************************
>>>
>>> Scan profile:
>>> ID: smart, enabled:1, value: Analyse intelligente
>>> ID: folderstoscan, enabled:1, value:
>>> ID: useantivirus, enabled:1, value: true
>>> ID: sections, enabled:1
>>> ID: scancriticalareas, enabled:1, value: true
>>> ID: scanrunningapps, enabled:1, value: true
>>> ID: scanregistry, enabled:1, value: true
>>> ID: scanlsp, enabled:1, value: true
>>> ID: scanads, enabled:1, value: false
>>> ID: scanhostsfile, enabled:1, value: false
>>> ID: scanmru, enabled:1, value: false
>>> ID: scanbrowserhijacks, enabled:1, value: true
>>> ID: scantrackingcookies, enabled:1, value: true
>>>
ID: closebrowsers, enabled:1, value: false
>>> ID: filescanningoptions, enabled:1
>>> ID: archives, enabled:1, value: false
>>> ID: onlyexecutables, enabled:1, value: true
>>> ID: skiplargerthan, enabled:1, value: 20480
>>> ID: scanrootkits, enabled:1, value: true
>>>
ID: rootkitlevel, enabled:1, value: mild, domain: medium,mild,strict
>>> ID: usespywareheuristics, enabled:1, value: true
>>>
>>> Scan global:
>>> ID: global, enabled:1
>>> ID: addtocontextmenu, enabled:1, value: true
>>> ID: playsoundoninfection, enabled:1, value: false
>>> ID: soundfile, enabled:0, value: N/A
>>>
>>> Scheduled scan settings:
>>> <Empty>
>>>
>>> Update settings:
>>> ID: updates, enabled:1
>>> ID: launchthreatworksafterscan, enabled:1, value: silently, domain: normal,off,silently
>>> ID: deffiles, enabled:1, value: downloadandinstall, domain:
dontcheck,downloadandinstall
>>> ID: licenseandinfo, enabled:1, value: downloadandinstall, domain:
dontcheck,downloadandinstall
>>> ID: schedules, enabled:1, value: true
>>> ID: updatedaily1, enabled:1, value: Daily 1
>>>
ID: time, enabled:1, value: Wed Aug 31 13:07:00 2011
>>>
ID: frequency, enabled:1, value: daily, domain:
daily,monthly,once,systemstart,weekly
>>>
ID: weekdays, enabled:1
>>>
ID: monday, enabled:1, value: false
>>>
ID: tuesday, enabled:1, value: false
>>>
ID: wednesday, enabled:1, value: false
>>>
ID: thursday, enabled:1, value: false
>>>
ID: friday, enabled:1, value: false
>>>
ID: saturday, enabled:1, value: false
>>>
ID: sunday, enabled:1, value: false
>>>
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
>>>
ID: scanprofile, enabled:1, value:
>>>
ID: auto_deal_with_infections, enabled:1, value: false
>>> ID: updatedaily2, enabled:1, value: Daily 2
>>>
ID: time, enabled:1, value: Wed Aug 31 19:07:00 2011
>>>
ID: frequency, enabled:1, value: daily, domain:
daily,monthly,once,systemstart,weekly
>>>
ID: weekdays, enabled:1
>>>
ID: monday, enabled:1, value: false
>>>
ID: tuesday, enabled:1, value: false
>>>
ID: wednesday, enabled:1, value: false
>>>
ID: thursday, enabled:1, value: false
>>>
ID: friday, enabled:1, value: false
>>>
ID: saturday, enabled:1, value: false
>>>
ID: sunday, enabled:1, value: false
>>>
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
>>>
ID: scanprofile, enabled:1, value:
>>>
ID: auto_deal_with_infections, enabled:1, value: false
>>> ID: updatedaily3, enabled:1, value: Daily 3
>>>
ID: time, enabled:1, value: Wed Aug 31 01:07:00 2011
>>>
ID: frequency, enabled:1, value: daily, domain:
daily,monthly,once,systemstart,weekly
>>>
ID: weekdays, enabled:1
>>>
ID: monday, enabled:1, value: false
>>>
ID: tuesday, enabled:1, value: false
>>>
ID: wednesday, enabled:1, value: false
>>>
ID: thursday, enabled:1, value: false
>>>
ID: friday, enabled:1, value: false
>>>
ID: saturday, enabled:1, value: false
>>>
ID: sunday, enabled:1, value: false
>>>
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
>>>
ID: scanprofile, enabled:1, value:
>>>
ID: auto_deal_with_infections, enabled:1, value: false
>>> ID: updatedaily4, enabled:1, value: Daily 4
>>>
ID: time, enabled:1, value: Wed Aug 31 07:07:00 2011
>>>
ID: frequency, enabled:1, value: daily, domain:
daily,monthly,once,systemstart,weekly
>>>
ID: weekdays, enabled:1
>>>
ID: monday, enabled:1, value: false
>>>
ID: tuesday, enabled:1, value: false
>>>
ID: wednesday, enabled:1, value: false
>>>
ID: thursday, enabled:1, value: false
>>>
ID: friday, enabled:1, value: false
>>>
ID: saturday, enabled:1, value: false
>>>
ID: sunday, enabled:1, value: false
>>>
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
>>>
ID: scanprofile, enabled:1, value:
>>>
ID: auto_deal_with_infections, enabled:1, value: false
>>> ID: updateweekly1, enabled:1, value: Weekly
>>>
ID: time, enabled:1, value: Wed Aug 31 13:07:00 2011
>>>
ID: frequency, enabled:1, value: weekly, domain:
daily,monthly,once,systemstart,weekly
>>>
ID: weekdays, enabled:1
>>>
ID: monday, enabled:1, value: false
>>>
ID: tuesday, enabled:1, value: false
>>>
ID: wednesday, enabled:1, value: true
>>>
ID: thursday, enabled:1, value: false
>>>
ID: friday, enabled:1, value: false
>>>
ID: saturday, enabled:1, value: true
>>>
ID: sunday, enabled:1, value: false
>>>
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
>>>
ID: scanprofile, enabled:1, value:
>>>
ID: auto_deal_with_infections, enabled:1, value: false
>>>
>>> Appearance settings:
>>> ID: appearance, enabled:1
>>> ID: skin, enabled:1, value: default.egl, reglocation:
HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Resource
>>> ID: showtrayicon, enabled:1, value: true
>>> ID: autoentertainmentmode, enabled:1, value: true
>>> ID: guimode, enabled:1, value: mode_simple, domain: mode_advanced,mode_simple
>>> ID: language, enabled:1, value: fr, reglocation:
HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Language
>>>
>>> Realtime protection settings:
>>> ID: realtime, enabled:1
>>> ID: infomessages, enabled:1, value: onlyimportant, domain:
display,dontnotify,onlyimportant
>>> ID: modules, enabled:1
>>> ID: processprotection, enabled:1, value: true
>>> ID: onaccessprotection, enabled:1, value: true
>>> ID: registryprotection, enabled:1, value: true
>>> ID: networkprotection, enabled:1, value: true
>>> ID: layers, enabled:1
>>> ID: useantivirus, enabled:1, value: true
>>> ID: usespywareheuristics, enabled:1, value: true
>>> ID: maintainbackup, enabled:1, value: true
>>>
>>>
>>> ****************************** System information
******************************
>>> Computer name: 00010101010100
>>> Processor name: Intel(R) Core(TM)2 Duo CPU T7250 @ 2.00GHz
>>> Processor identifier: x86 Family 6 Model 15 Stepping 13
>>> Processor speed: ~1995MHZ
>>> Raw info: processorarchitecture 0, processortype 586, processorlevel 6, processor
revision 3853, number of processors 2, processor features: [MMX,SSE,SSE2]
>>> Physical memory available: 1122627584 bytes
>>> Physical memory total: 2145759232 bytes
>>> Virtual memory available: 1115025408 bytes
>>> Virtual memory total: 2147352576 bytes
>>> Memory load: 47%
>>> Microsoft Windows XP Professional Service Pack 3 (build 2600)
>>> Windows startup mode:
>>>
>>> Running processes:
>>> PID: 616 name: \SystemRoot\System32\smss.exe owner: SYSTEM domain: AUTORITE
NT
>>> PID: 1092 name: C:\WINDOWS\system32\csrss.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 1132 name: C:\WINDOWS\system32\winlogon.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 1188 name: C:\WINDOWS\system32\services.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 1200 name: C:\WINDOWS\system32\lsass.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 1396 name: C:\WINDOWS\system32\Ati2evxx.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 1416 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 1516 name: C:\WINDOWS\system32\svchost.exe owner: SERVICE RÉSEAU
domain: AUTORITE NT
>>> PID: 716 name: C:\WINDOWS\System32\svchost.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 656 name: C:\Program Files\Intel\WiFi\bin\S24EvMon.exe owner: SYSTEM
domain: AUTORITE NT
>>> PID: 776 name: C:\WINDOWS\system32\svchost.exe owner: SERVICE RÉSEAU
domain: AUTORITE NT
>>> PID: 1756 name: C:\WINDOWS\system32\ZoneLabs\vsmon.exe owner: <UNKNOWN>
domain: <UNKNOWN>
>>> PID: 1972 name: C:\WINDOWS\system32\Ati2evxx.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 448 name: C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe owner:
<UNKNOWN> domain: <UNKNOWN>
>>> PID: 564 name: C:\WINDOWS\system32\spoolsv.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 1100 name: C:\WINDOWS\system32\wbem\unsecapp.exe owner: SYSTEM
domain: AUTORITE NT
>>> PID: 1708 name: C:\WINDOWS\system32\wbem\wmiprvse.exe owner: SYSTEM
domain: AUTORITE NT
>>> PID: 2524 name: C:\Program Files\CheckPoint\ZAForceField\ForceField.exe owner:
<UNKNOWN> domain: <UNKNOWN>
>>> PID: 3768 name: C:\Program Files\Fichiers communs\Apple\Mobile Device
Support\AppleMobileDeviceService.exe owner: SYSTEM domain: AUTORITE NT
>>> PID: 3816 name: C:\Program Files\AVG\AVG10\avgwdsvc.exe owner: SYSTEM
domain: AUTORITE NT
>>> PID: 2140 name: C:\Program Files\Bonjour\mDNSResponder.exe owner: SYSTEM
domain: AUTORITE NT
>>> PID: 3388 name: C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
owner: SYSTEM domain: AUTORITE NT
>>> PID: 3028 name: C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe owner: amer
domain: 00010101010100
>>> PID: 3040 name: C:\WINDOWS\System32\svchost.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 3048 name: C:\Program Files\Intel\Intel(R) Rapid Storage
Technology\IAStorIcon.exe owner: amer domain: 00010101010100
>>> PID: 3140 name: C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe owner: amer domain:
00010101010100
>>> PID: 2616 name: C:\Program Files\Fichiers
communs\Intel\WirelessCommon\iFrmewrk.exe owner: amer domain: 00010101010100
>>> PID: 3288 name: C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe owner:
<UNKNOWN> domain: <UNKNOWN>
>>> PID: 3300 name: C:\Program Files\Intel\WiFi\bin\EvtEng.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 4040 name: C:\Program Files\AVG\AVG10\avgtray.exe owner: amer domain:
00010101010100
>>> PID: 688 name: C:\WINDOWS\system32\hasplms.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 1080 name: C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe owner:
amer domain: 00010101010100
>>> PID: 1832 name: C:\Program Files\AVG\AVG10\avgnsx.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 1932 name: C:\Program Files\PC Tools Security\BDT\FGuard.exe owner: amer
domain: 00010101010100
>>> PID: 2068 name: C:\WINDOWS\system32\ctfmon.exe owner: amer domain:
00010101010100
>>> PID: 1692 name: C:\Program Files\Spybot - Search & Destroy2\TeaTimer.exe owner:
amer domain: 00010101010100
>>> PID: 4080 name: C:\Program Files\Intel\Intel(R) Rapid Storage
Technology\IAStorDataMgrSvc.exe owner: SYSTEM domain: AUTORITE NT
>>> PID: 2564 name: C:\WINDOWS\system32\wbem\unsecapp.exe owner: amer domain:
00010101010100
>>> PID: 3540 name: C:\Program Files\Ralink\Common\RaUI.exe owner: amer domain:
00010101010100
>>> PID: 3576 name: C:\Program Files\Fichiers communs\InstallShield
Shared\Service\InstallShield Licensing Service.exe owner: SYSTEM domain: AUTORITE
NT
>>> PID: 2372 name: C:\Program Files\Java\jre6\bin\jqs.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 1292 name: C:\Program Files\AVG\AVG10\Identity
Protection\agent\bin\avgidsmonitor.exe owner: amer domain: 00010101010100
>>> PID: 2504 name: C:\Program Files\adobs\msats.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 2312 name: C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
owner: SYSTEM domain: AUTORITE NT
>>> PID: 340 name: C:\Program Files\Ralink\Common\RaRegistry.exe owner: SYSTEM
domain: AUTORITE NT
>>> PID: 2684 name: C:\Program Files\Fichiers
communs\Intel\WirelessCommon\RegSrvc.exe owner: SYSTEM domain: AUTORITE NT
>>> PID: 3788 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 2088 name: C:\Documents and Settings\All Users\Application
Data\UltraVNC\winvnc.exe owner: SYSTEM domain: AUTORITE NT
>>> PID: 832 name: C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
owner: SYSTEM domain: AUTORITE NT
>>> PID: 2980 name: C:\Program Files\Common Files\VMware\USB\vmwareusbarbitrator.exe owner: SYSTEM domain: AUTORITE NT
>>> PID: 4856 name: C:\WINDOWS\system32\vmnat.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 5460 name: C:\WINDOWS\system32\vmnetdhcp.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 4320 name: C:\Program Files\AVG\AVG10\Identity
Protection\Agent\Bin\AVGIDSAgent.exe owner: SYSTEM domain: AUTORITE NT
>>> PID: 4568 name: C:\Documents and Settings\All Users\Application
Data\UltraVNC\winvnc.exe owner: SYSTEM domain: AUTORITE NT
>>> PID: 5400 name: C:\WINDOWS\system32\svchost.exe owner: SERVICE LOCAL
domain: AUTORITE NT
>>> PID: 5576 name: C:\WINDOWS\System32\alg.exe owner: SERVICE LOCAL domain:
AUTORITE NT
>>> PID: 4264 name: C:\Program Files\AVG\AVG10\avgrsx.exe owner: SYSTEM domain:
AUTORITE NT
>>> PID: 2584 name: C:\Program Files\AVG\AVG10\avgchsvx.exe owner: SYSTEM
domain: AUTORITE NT
>>> PID: 5924 name: C:\WINDOWS\explorer.exe owner: amer domain: 00010101010100
>>> PID: 3872 name: C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe owner:
SYSTEM domain: AUTORITE NT
>>> PID: 3952 name: C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe owner: amer
domain: 00010101010100
>>> PID: 4384 name: C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe owner: amer
domain: 00010101010100
>>> PID: 3432 name: C:\Program Files\AVG\AVG10\avgcsrvx.exe owner: SYSTEM
domain: AUTORITE NT
>>> PID: 5404 name: C:\Program Files\Skype\Phone\Skype.exe owner: amer domain:
00010101010100
>>>
>>> Startup items:
>>> Name: PostBootReminder
>>>
imagepath: {7849596a-48ea-486e-8937-a2a3009f31a9}
>>> Name: CDBurn
>>>
imagepath: {fbeb8a05-beee-4442-804e-409d6c4515e9}
>>> Name: WebCheck
>>>
imagepath: {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
>>> Name: SysTray
>>>
imagepath: {35CEC8A3-2BE6-11D2-8773-92E220524153}
>>> Name: WPDShServiceObj
>>>
imagepath: {AAA288BA-9A4C-45B0-95D7-94D524869DB5}
>>> Name: Config
>>>
imagepath: %systemroot%\system32\run.cmd
>>> Name: nlsf
>>>
imagepath: cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll"
"%SystemRoot%\System32\syssetup.dll"
>>> Name: tscuninstall
>>>
imagepath: %systemroot%\system32\tscupgrd.exe
>>> Name: {438755C2-A8BA-11D1-B96B-00A0C90312E1}
>>>
imagepath: Pré-chargeur Browseui
>>> Name: {8C7461EF-2B13-11d2-BE35-3078302C2030}
>>>
imagepath: Démon de cache des catégories de composant
>>> Name: SMSERIAL
>>>
imagepath: C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
>>> Name: IAStorIcon
>>>
imagepath: C:\Program Files\Intel\Intel(R) Rapid Storage
Technology\IAStorIcon.exe
>>> Name: AppleSyncNotifier
>>>
imagepath: C:\Program Files\Fichiers communs\Apple\Mobile Device
Support\AppleSyncNotifier.exe
>>> Name: IntelZeroConfig
>>>
imagepath: "C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"
>>> Name: IntelWireless
>>>
imagepath: "C:\Program Files\Fichiers
communs\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
>>> Name: ZoneAlarm Client
>>>
imagepath: "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
>>> Name: ISW
>>>
imagepath: "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe"
/icon="hidden"
>>> Name: BrMfcWnd
>>>
imagepath: C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
>>> Name: ControlCenter3
>>>
imagepath: C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
>>> Name: Adobe Reader Speed Launcher
>>>
imagepath: "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
>>> Name: Adobe ARM
>>>
imagepath: "C:\Program Files\Fichiers
communs\Adobe\ARM\1.0\AdobeARM.exe"
>>> Name: DivXUpdate
>>>
imagepath: "C:\Program Files\DivX\DivX Update\DivXUpdate.exe"
/CHECKNOW
>>> Name: LifeCam
>>>
imagepath: "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
>>> Name: QuickTime Task
>>>
imagepath: "C:\Program Files\QuickTime\QTTask.exe" -atboottime
>>> Name: AVG_TRAY
>>>
imagepath: C:\Program Files\AVG\AVG10\avgtray.exe
>>> Name:
>>>
imagepath: C:\Documents and Settings\All Users\Menu
Démarrer\Programmes\Démarrage\desktop.ini
>>> Name:
>>>
location: C:\Documents and Settings\All Users\Menu
Démarrer\Programmes\Démarrage\Microsoft Office.lnk
>>>
imagepath: C:\Program Files\Microsoft Office\Office10\OSA.EXE
>>> Name:
>>>
location: C:\Documents and Settings\All Users\Menu
Démarrer\Programmes\Démarrage\PalTalk.lnk
>>>
imagepath: C:\Program Files\Paltalk Messenger\paltalk.exe
>>> Name:
>>>
location: C:\Documents and Settings\All Users\Menu
Démarrer\Programmes\Démarrage\Ralink Wireless Utility.lnk
>>>
imagepath: C:\Program Files\Ralink\Common\RaUI.exe
>>> Name:
>>>
imagepath: C:\Documents and Settings\amer\Menu
Démarrer\Programmes\Démarrage\desktop.ini
>>> Name:
>>>
location: C:\Documents and Settings\amer\Menu
Démarrer\Programmes\Démarrage\MagicDisc.lnk
>>>
imagepath: C:\Program Files\MagicDisc\MagicDisc.exe
>>>
>>> Bootexecute items:
>>> Name:
>>>
imagepath: autocheck autochk *
>>> Name:
>>>
imagepath: C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync
>>> Name:
>>>
imagepath: C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart
>>> Name:
>>>
imagepath: lsdelete
>>>
>>> Running services:
>>> Name: ALG
>>>
displayname: Service de la passerelle de la couche Application
>>> Name: Apple Mobile Device
>>>
displayname: Apple Mobile Device
>>> Name: Ati HotKey Poller
>>>
displayname: Ati HotKey Poller
>>> Name: AudioSrv
>>>
displayname: Audio Windows
>>> Name: AVGIDSAgent
>>>
displayname: AVGIDSAgent
>>> Name: avgwd
>>>
displayname: AVG WatchDog
>>> Name: BITS
>>>
displayname: Service de transfert intelligent en arrière-plan
>>> Name: Bonjour Service
>>>
displayname: Service Bonjour
>>> Name: Browser
>>>
displayname: Explorateur d'ordinateur
>>> Name: Browser Defender Update Service
>>>
displayname: Browser Defender Update Service
>>> Name: CryptSvc
>>>
displayname: CryptSvc
>>> Name: DcomLaunch
>>>
displayname: Lanceur de processus serveur DCOM
>>> Name: Dhcp
>>>
displayname: Client DHCP
>>> Name: Dnscache
>>>
displayname: Client DNS
>>> Name: EapHost
>>>
displayname: Service Protocole EAP (Extensible Authentication Protocol)
>>> Name: ERSvc
>>>
displayname: Service de rapport d'erreurs
>>> Name: Eventlog
>>>
displayname: Journal des événements
>>> Name: EventSystem
>>>
displayname: Système d'événements de COM+
>>> Name: EvtEng
>>>
displayname: Intel(R) PROSet/Wireless Event Log
>>> Name: FastUserSwitchingCompatibility
>>>
displayname: Compatibilité avec le Changement rapide d'utilisateur
>>> Name: hasplms
>>>
displayname: HASP License Manager
>>> Name: helpsvc
>>>
displayname: Aide et support
>>> Name: IAStorDataMgrSvc
>>>
displayname: Intel(R) Rapid Storage Technology
>>> Name: InstallShield Licensing Service
>>>
displayname: InstallShield Licensing Service
>>> Name: IswSvc
>>>
displayname: ZoneAlarm Toolbar IswSvc
>>> Name: JavaQuickStarterService
>>>
displayname: Java Quick Starter
>>> Name: lanmanserver
>>>
displayname: Serveur
>>> Name: lanmanworkstation
>>>
displayname: Station de travail
>>> Name: Lavasoft Ad-Aware Service
>>>
displayname: Lavasoft Ad-Aware Service
>>> Name: Log Events
>>>
displayname: Log Events
>>> Name: MBAMService
>>>
displayname: MBAMService
>>> Name: Netman
>>>
displayname: Connexions réseau
>>> Name: Nla
>>>
displayname: NLA (Network Location Awareness)
>>> Name: NWCWorkstation
>>>
displayname: Service client pour NetWare
>>> Name: PlugPlay
>>>
displayname: Plug-and-Play
>>> Name: ProtectedStorage
>>>
displayname: Emplacement protégé
>>> Name: RalinkRegistryWriter
>>>
displayname: Ralink Registry Writer
>>> Name: RasMan
>>>
displayname: Gestionnaire de connexions d'accès distant
>>> Name: RegSrvc
>>>
displayname: Intel(R) PROSet/Wireless Registry Service
>>> Name: RpcSs
>>>
displayname: Appel de procédure distante (RPC)
>>> Name: S24EventMonitor
>>>
displayname: Intel(R) PROSet/Wireless WiFi Service
>>> Name: SamSs
>>>
displayname: Gestionnaire de comptes de sécurité
>>> Name: Schedule
>>>
displayname: Planificateur de tâches
>>> Name: seclogon
>>>
displayname: Secondary Logon
>>> Name: SENS
>>>
displayname: Notification d'événement système
>>> Name: SharedAccess
>>>
displayname: Pare-feu Windows / Partage de connexion Internet
>>> Name: ShellHWDetection
>>>
displayname: Détection matériel noyau
>>> Name: Spooler
>>>
displayname: Spouleur d'impression
>>> Name: srservice
>>>
displayname: Service de restauration système
>>> Name: SSDPSRV
>>>
displayname: Service de découvertes SSDP
>>> Name: stisvc
>>>
displayname: Acquisition d'image Windows (WIA)
>>> Name: TapiSrv
>>>
displayname: Téléphonie
>>> Name: TermService
>>>
displayname: Services Terminal Server
>>> Name: Themes
>>>
displayname: Thèmes
>>> Name: uvnc_service
>>>
displayname: UltraVNC Server
>>> Name: VMAuthdService
>>>
displayname: VMware Authorization Service
>>> Name: VMnetDHCP
>>>
displayname: VMware DHCP Service
>>> Name: VMUSBArbService
>>>
displayname: VMware USB Arbitration Service
>>> Name: VMware NAT Service
>>>
displayname: VMware NAT Service
>>> Name: vsmon
>>>
displayname: TrueVector Internet Monitor
>>> Name: W32Time
>>>
displayname: Horloge Windows
>>> Name: winmgmt
>>>
displayname: Infrastructure de gestion Windows
>>> Name: wscsvc
>>>
displayname: Centre de sécurité
>>> Name: wuauserv
>>>
displayname: Mises à jour automatiques
>>>
>>>
ERR [0476] 2011/10/10 12:15:34: SDKController::GetInfectionList -> Not in found
infections state
MSG [0476] 2011/10/10 12:17:30: Configure new scan with profile: defaultprofile
MSG [0476] 2011/10/10 12:17:30: -> scanning critical objects
MSG [0476] 2011/10/10 12:17:30: -> scanning running processes
MSG [0476] 2011/10/10 12:17:30: -> scanning registry
MSG [0476] 2011/10/10 12:17:30: -> scanning lsp
MSG [0476] 2011/10/10 12:17:30: -> scanning ads
MSG [0476] 2011/10/10 12:17:30: -> scanning hosts file
MSG [0476] 2011/10/10 12:17:30: -> scanning mru objects
MSG [0476] 2011/10/10 12:17:30: -> scanning browser hijacks
MSG [0476] 2011/10/10 12:17:30: -> scanning cookies
MSG [0476] 2011/10/10 12:17:30: -> neutralizing rootkits
MSG [0476] 2011/10/10 12:17:30: -> use mild rootkit detection
MSG [0476] 2011/10/10 12:17:30: -> use spyware heuristics
MSG [0476] 2011/10/10 12:17:30: -> use medium heuristics
MSG [0476] 2011/10/10 12:17:30: -> scan archives
MSG [0476] 2011/10/10 12:17:30: -> file size limit = 20480 kB (0 = unlimited)
MSG [0476] 2011/10/10 12:17:30: -> validating system critical files
MSG [0476] 2011/10/10 12:17:30: -> scan file/path = C:\
MSG [0476] 2011/10/10 12:17:30: -> scan file/path = E:\
ERR [0476] 2011/10/10 12:17:30: SDKController::GetDefinitonsFileVersion -> Not in idle
state
ERR [0476] 2011/10/10 12:17:30: SDKController::GetLatestSuccessfulScanReportHeader ->
Not in idle state
ERR [0476] 2011/10/10 12:17:30: SDKController::GetLatestSuccessfulScanReportHeader ->
Not in idle state
ERR [0476] 2011/10/10 12:17:30: SDKController::GetLatestSuccessfulScanReportHeader ->
Not in idle state
ERR [0476] 2011/10/10 12:17:30: SDKController::GetInfectionList -> Not in found
infections state