Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Possible Infection

Started by MadameConcorde , Jan 10 2013 01:16 PM

Please log in to reply

#1
MadameConcorde

Posted 10 January 2013 - 01:16 PM

Member

Member
34 posts

Hi all,

Happy New Year Wishing you all a very good year all along in 2013

I am not sure if I caught something.
I ran a Avast scan that detected two bugs and it killed them after the scan.

HOwever I ran an OTL and this is the scan result.
Maybe you can help. Let me know if there are any useless files I can scrub.
Also I need to know how to proceed to scrub anything that's useless/harmful.

I would be happy to have a clean computer to start the year!

Thank you very much in advance!

This is the OTL scan

OTL logfile created on: 10/01/2013 19:35:48 - Run 5
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\MM\Mes documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 1,90 Gb Available Physical Memory | 63,31% Memory free
4,84 Gb Paging File | 3,96 Gb Available in Paging File | 81,84% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 226,96 Gb Total Space | 89,22 Gb Free Space | 39,31% Space Free | Partition Type: NTFS

Computer Name: MM | User Name: MM | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/10 19:35:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\MM\Mes documents\Downloads\OTL.exe
PRC - [2012/12/03 08:35:28 | 000,946,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
PRC - [2012/11/21 12:39:16 | 000,916,960 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/10/30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/10/30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/05/04 18:29:46 | 000,161,664 | ---- | M] (Oracle Corporation) -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
PRC - [2009/05/21 10:13:58 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2008/08/14 00:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/11/01 15:39:28 | 000,189,736 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
PRC - [2007/08/28 14:54:58 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\OEM02Mon.exe
PRC - [2007/07/25 16:32:50 | 000,823,296 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2007/07/25 16:32:34 | 000,294,912 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
PRC - [2007/07/25 16:30:36 | 000,974,848 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2007/07/25 16:26:14 | 000,491,520 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
PRC - [2007/07/20 16:55:46 | 001,228,800 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2007/06/06 15:28:18 | 000,405,504 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2006/11/03 18:20:12 | 000,866,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2006/11/03 18:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2006/05/24 18:28:28 | 000,622,653 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2004/08/05 12:00:00 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sndvol32.exe

========== Modules (No Company Name) ==========

MOD - [2013/01/10 14:19:30 | 002,043,392 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13011000\algo.dll
MOD - [2013/01/09 22:13:39 | 002,043,904 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13010901\algo.dll
MOD - [2013/01/09 09:21:30 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll
MOD - [2013/01/09 09:19:56 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll
MOD - [2013/01/09 09:19:38 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll
MOD - [2012/11/21 12:39:16 | 002,400,224 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/10/15 21:28:38 | 002,286,592 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\libvlccore.dll
MOD - [2012/10/15 21:28:38 | 000,087,040 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_h264_plugin.dll
MOD - [2012/10/15 21:28:38 | 000,057,344 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4audio_plugin.dll
MOD - [2012/10/15 21:28:38 | 000,046,592 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_vc1_plugin.dll
MOD - [2012/10/15 21:28:38 | 000,044,032 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_flac_plugin.dll
MOD - [2012/10/15 21:28:38 | 000,043,008 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4video_plugin.dll
MOD - [2012/10/15 21:28:38 | 000,042,496 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mlp_plugin.dll
MOD - [2012/10/15 21:28:36 | 011,998,208 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
MOD - [2012/10/15 21:28:36 | 000,051,712 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_dirac_plugin.dll
MOD - [2012/10/15 21:28:36 | 000,045,568 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpegvideo_plugin.dll
MOD - [2012/10/15 21:28:30 | 000,386,560 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
MOD - [2012/10/15 21:28:30 | 000,185,856 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
MOD - [2012/10/15 21:28:30 | 000,051,200 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
MOD - [2012/10/15 21:28:30 | 000,049,664 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\audio_output\libaout_directx_plugin.dll
MOD - [2012/10/15 21:28:30 | 000,043,008 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
MOD - [2012/10/15 21:28:30 | 000,038,400 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
MOD - [2012/10/15 21:28:28 | 001,887,232 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll
MOD - [2012/10/15 21:28:28 | 000,041,472 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll
MOD - [2012/10/15 21:28:28 | 000,040,960 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\codec\libcvdsub_plugin.dll
MOD - [2012/10/15 21:28:28 | 000,037,376 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll
MOD - [2012/10/15 21:28:26 | 001,719,296 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
MOD - [2012/10/15 21:28:26 | 001,318,912 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
MOD - [2012/10/15 21:28:26 | 000,310,784 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\codec\libopus_plugin.dll
MOD - [2012/10/15 21:28:26 | 000,043,008 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll
MOD - [2012/10/15 21:28:26 | 000,042,496 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll
MOD - [2012/10/15 21:28:24 | 000,372,224 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
MOD - [2012/10/15 21:28:24 | 000,265,216 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\codec\libflac_plugin.dll
MOD - [2012/10/15 21:28:24 | 000,038,912 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\codec\libsvcdsub_plugin.dll
MOD - [2012/10/15 21:28:20 | 000,154,624 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll
MOD - [2012/10/15 21:28:20 | 000,051,200 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
MOD - [2012/10/15 21:28:20 | 000,051,200 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll
MOD - [2012/10/15 21:28:20 | 000,037,376 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\codec\librawvideo_plugin.dll
MOD - [2012/10/15 21:28:18 | 000,033,792 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\audio_mixer\libfloat32_mixer_plugin.dll
MOD - [2012/10/15 21:28:14 | 001,544,192 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
MOD - [2012/10/15 21:28:14 | 001,518,080 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll
MOD - [2012/10/15 21:28:14 | 000,310,784 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
MOD - [2012/10/15 21:28:14 | 000,182,272 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll
MOD - [2012/10/15 21:28:14 | 000,135,168 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll
MOD - [2012/10/15 21:28:14 | 000,068,608 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll
MOD - [2012/10/15 21:28:14 | 000,045,568 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll
MOD - [2012/10/15 21:28:14 | 000,040,960 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll
MOD - [2012/10/15 21:28:14 | 000,038,400 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll
MOD - [2012/10/15 21:28:14 | 000,036,864 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdtstospdif_plugin.dll
MOD - [2012/10/15 21:28:14 | 000,036,864 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libconverter_fixed_plugin.dll
MOD - [2012/10/15 21:28:14 | 000,036,352 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll
MOD - [2012/10/15 21:28:14 | 000,035,328 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll
MOD - [2012/10/15 21:28:14 | 000,034,816 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\audio_filter\liba52tospdif_plugin.dll
MOD - [2012/10/15 21:28:08 | 001,238,016 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\misc\libxml_plugin.dll
MOD - [2012/10/15 21:28:08 | 000,037,376 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\mmxext\libmemcpymmxext_plugin.dll
MOD - [2012/10/15 21:28:04 | 000,070,144 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirectx_plugin.dll
MOD - [2012/10/15 21:28:02 | 000,219,648 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
MOD - [2012/10/15 21:28:00 | 000,091,648 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_http_plugin.dll
MOD - [2012/10/15 21:28:00 | 000,083,968 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\access\libzip_plugin.dll
MOD - [2012/10/15 21:28:00 | 000,044,544 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\demux\libes_plugin.dll
MOD - [2012/10/15 21:28:00 | 000,038,912 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\access\libstream_filter_rar_plugin.dll
MOD - [2012/10/15 21:27:58 | 000,724,992 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libstream_filter_dash_plugin.dll
MOD - [2012/10/15 21:27:58 | 000,440,320 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libstream_filter_httplive_plugin.dll
MOD - [2012/10/15 21:27:58 | 000,106,496 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll
MOD - [2012/10/15 21:27:56 | 000,111,616 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\libvlc.dll
MOD - [2012/10/15 21:27:56 | 000,035,840 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libstream_filter_record_plugin.dll
MOD - [2012/08/27 18:12:32 | 009,813,704 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll
MOD - [2007/07/25 16:25:48 | 000,118,784 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll
MOD - [2007/07/20 16:56:14 | 000,098,304 | ---- | M] () -- C:\Program Files\Dell\QuickSet\dadkeyb.dll
MOD - [2007/04/25 10:55:40 | 001,167,360 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\acAuth.dll
MOD - [2006/05/24 18:29:44 | 000,053,248 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll

========== Services (SafeList) ==========

SRV - File not found [Disabled | Unknown] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2012/11/21 12:39:16 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/10/30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/05/04 18:29:46 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2011/06/17 18:33:04 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe -- (McComponentHostService)
SRV - [2008/08/14 00:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter)
SRV - [2007/07/25 16:32:34 | 000,294,912 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER)
SRV - [2006/11/05 11:15:12 | 000,880,640 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -- (RoxMediaDB9)
SRV - [2006/11/05 11:13:00 | 000,159,744 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe -- (RoxWatch9)
SRV - [2006/11/03 18:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2006/09/14 14:54:34 | 000,073,728 | ---- | M] (MicroVision Development, Inc.) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe -- (stllssvr)
SRV - [2004/10/22 03:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [File_System | Boot | Stopped] -- system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys -- (Lavasoft Kernexplorer)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/10/30 23:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/10/30 23:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/10/30 23:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/10/30 23:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012/10/30 23:51:57 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012/10/30 23:51:56 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012/10/30 23:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/10/30 23:51:56 | 000,020,624 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2007/12/02 18:26:22 | 000,989,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2007/12/02 18:26:20 | 000,731,136 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2007/12/02 18:26:20 | 000,211,200 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2007/08/28 14:55:06 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\OEM02Vfx.sys -- (OEM02Vfx)
DRV - [2007/08/28 14:54:56 | 000,235,520 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\OEM02Dev.sys -- (OEM02Dev)
DRV - [2007/08/12 18:05:34 | 002,211,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32)
DRV - [2007/07/13 09:20:24 | 000,113,952 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Mpfp.sys -- (MPFP)
DRV - [2007/06/06 15:28:16 | 001,222,840 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2007/05/29 15:29:30 | 000,012,416 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2007/05/08 21:49:02 | 000,045,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2007/05/08 21:46:12 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/05/08 21:46:08 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007/05/08 21:46:06 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/11/02 12:31:38 | 000,103,168 | ---- | M] (Knowles Acoustics) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dxec02.sys -- (DXEC02)
DRV - [2006/08/18 13:18:14 | 000,009,432 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2006/08/18 13:17:46 | 000,035,096 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2006/08/18 13:17:44 | 000,097,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006/08/18 13:17:44 | 000,094,648 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006/08/18 13:17:42 | 000,026,008 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006/08/18 13:17:40 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006/08/18 13:17:38 | 000,104,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006/08/18 13:17:38 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006/08/11 10:35:18 | 000,012,920 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2006/08/11 10:35:16 | 000,028,184 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2006/05/24 18:07:18 | 000,328,237 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2006/05/24 18:05:26 | 000,023,271 | ---- | M] (Broadcom Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\btserial.sys -- (BTSERIAL)
DRV - [2006/05/24 18:04:04 | 000,851,434 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006/05/24 18:01:34 | 000,030,427 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006/05/24 18:01:22 | 000,030,285 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem)
DRV - [2006/05/24 18:00:50 | 000,066,488 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006/05/24 17:58:18 | 000,148,900 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2006/05/24 17:57:00 | 000,045,683 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2005/08/12 17:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\APPDRV.SYS -- (APPDRV)
DRV - [2003/09/19 15:45:48 | 000,021,248 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://partnerpage.g...smb&ibd=6080415
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://partnerpage.g...smb&ibd=6080415
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://partnerpage.g...smb&ibd=6080415
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://partnerpage.g...smb&ibd=6080415
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - No CLSID value found
IE - HKCU\..\URLSearchHook: {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTorr.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {6AEA4CD5-41AC-49C6-BBEB-06005E08A574}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6AEA4CD5-41AC-49C6-BBEB-06005E08A574}: "URL" = http://www.google.co...&rlz=1I7DAFR_fr
IE - HKCU\..\SearchScopes\{AEC911B1-8FF8-4995-8D09-B9E0CF36F1AE}: "URL" = http://websearch.ask...8C-D3F473B6E8E4
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT1640187
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://startpage.com/"
FF - prefs.js..extensions.enabledAddons: adblockpopups%40jessehakanen.net:0.5
FF - prefs.js..extensions.enabledAddons: clearcache%40michel.de.almeida:1.2
FF - prefs.js..extensions.enabledAddons: netvideohunter%40netvideohunter.com:1.9.5
FF - prefs.js..extensions.enabledAddons: %7B3d7eb24f-2740-49df-8937-200b1cc08f8a%7D:1.5.15.1
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:7.0.1474
FF - prefs.js..extensions.enabledAddons: donottrackplus%40abine.com:2.2.5.1205
FF - prefs.js..extensions.enabledAddons: artur.dubovoy%40gmail.com:3.8.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.7
FF - prefs.js..extensions.enabledItems: {078fac48-925f-4524-7cfe-85d44b8f4f98}:1.2
FF - prefs.js..extensions.enabledItems: {3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.14.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: [email protected]:0.2.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {4DC70064-89E2-4a55-8FC6-E8CDEAE3612C}:0.6.7
FF - prefs.js..network.proxy.type: 4

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Documents and Settings\MM\Application Data\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\MM\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/11/08 08:51:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/11/21 12:39:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/11/21 12:39:05 | 000,000,000 | ---D | M]

[2008/06/18 15:02:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\MM\Application Data\Mozilla\Extensions
[2013/01/04 20:14:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\extensions
[2012/12/07 08:53:39 | 000,000,000 | ---D | M] (DoNotTrackMe) -- C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\extensions\[email protected]
[2012/10/25 07:43:47 | 000,000,000 | ---D | M] ("NetVideoHunter") -- C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\extensions\[email protected]
[2012/11/21 11:04:41 | 000,124,993 | ---- | M] () (No name found) -- C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\extensions\[email protected]
[2012/12/26 18:32:56 | 000,234,999 | ---- | M] () (No name found) -- C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\extensions\[email protected]
[2011/11/16 18:11:12 | 000,027,225 | ---- | M] () (No name found) -- C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\extensions\[email protected]
[2012/10/26 13:54:45 | 000,158,844 | ---- | M] () (No name found) -- C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\extensions\[email protected]
[2012/11/21 10:04:35 | 000,372,581 | ---- | M] () (No name found) -- C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\extensions\[email protected]
[2011/07/16 22:34:25 | 000,097,169 | ---- | M] () (No name found) -- C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}.xpi
[2013/01/04 20:14:17 | 000,533,130 | ---- | M] () (No name found) -- C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2012/11/26 09:17:09 | 000,804,627 | ---- | M] () (No name found) -- C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/12/05 16:11:56 | 000,007,919 | ---- | M] () (No name found) -- C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\extensions\[email protected]\chrome\content\ff\view_expiry.js
[2012/05/04 14:40:46 | 000,002,333 | ---- | M] () -- C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\searchplugins\askcom.xml
[2013/01/10 10:23:13 | 000,005,471 | ---- | M] () -- C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\searchplugins\startpage-http.xml
[2013/01/09 21:10:14 | 000,005,472 | ---- | M] () -- C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\searchplugins\startpage-https.xml
[2012/11/21 12:39:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/11/08 08:51:39 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012/11/21 12:39:17 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/03/10 22:21:11 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/11/12 08:32:24 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/11/12 08:32:24 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2004/08/05 12:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (TorrentMan Toolbar) - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTorr.dll (Conduit Ltd.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (TorrentMan Toolbar) - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTorr.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4 - HKLM..\Run: [DELL Webcam Manager] C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [DWQueuedReporting] c:\Program Files\Fichiers communs\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [ECenter] C:\dell\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\WINDOWS\System32\nvhotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [OEM02Mon.exe] C:\WINDOWS\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKCU..\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\BTTray.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoMovingBands = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCloseDragDropBands = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarsOnTaskbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bit...m/qsax/qsax.cab (Bitdefender QuickScan Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1341047612765 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} http://download.mcaf...565/mcfscan.cab (McFreeScan Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7D2F526B-31E8-42C0-9E52-9004140FAD70}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\MM\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\MM\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/19 13:18:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{32d824be-d82a-11df-9d67-001d09c52bf1}\Shell - "" = AutoRun
O33 - MountPoints2\{32d824be-d82a-11df-9d67-001d09c52bf1}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL masterymindfuse.html
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/01/09 21:48:58 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\MM\Recent

========== Files - Modified Within 30 Days ==========

[2013/01/10 19:45:00 | 000,000,250 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2013/01/10 18:56:00 | 000,001,070 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/10 13:56:00 | 000,001,066 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/10 10:18:00 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2013/01/10 10:15:47 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/01/10 10:15:04 | 000,053,139 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2013/01/10 10:15:03 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/01/10 10:14:49 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2584256461-3525015534-717217448-1005.job
[2013/01/10 10:14:45 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/01/10 10:14:41 | 3219,169,280 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/10 10:14:41 | 000,231,184 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/01/09 16:26:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/01/09 09:19:01 | 000,512,302 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2013/01/09 09:19:01 | 000,443,844 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/01/09 09:19:01 | 000,085,824 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2013/01/09 09:19:01 | 000,072,726 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/01/04 18:02:00 | 000,000,302 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2584256461-3525015534-717217448-1005.job
[2013/01/02 23:09:00 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job

========== Files Created - No Company Name ==========

[2013/01/10 10:14:41 | 000,231,184 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/04/13 18:35:49 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\MM\mm_backup.cfg
[2012/02/21 11:53:00 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/08/29 07:50:03 | 000,645,632 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011/08/29 07:50:03 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011/06/05 13:40:28 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/06/05 13:40:28 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2010/11/26 17:22:51 | 000,007,487 | ---- | C] () -- C:\Documents and Settings\MM\DModem_Trace.trc
[2010/11/18 09:25:10 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\MM\Local Settings\Application Data\housecall.guid.cache
[2008/06/18 11:11:27 | 000,061,952 | ---- | C] () -- C:\Documents and Settings\MM\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/04/21 16:14:11 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\MM\Local Settings\Application Data\fusioncache.dat

========== ZeroAccess Check ==========

[2004/08/19 13:25:22 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/06/26 09:13:32 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 11:53:55 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 03:33:48 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/05/30 21:23:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2012/06/06 08:19:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2010/03/31 12:21:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fighters
[2011/04/23 20:39:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ReviverSoft
[2012/10/28 22:35:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedMaxPc
[2008/04/15 13:49:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2008/12/03 17:47:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2009/10/04 04:49:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\054958
[2009/10/09 05:35:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\063511
[2009/09/29 05:51:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\065142
[2009/10/12 05:57:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\065711
[2009/10/25 07:05:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\070502
[2009/09/26 06:06:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\070637
[2009/10/07 06:11:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\071143
[2009/10/03 06:12:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\071234
[2009/10/28 07:14:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\071451
[2009/10/15 06:17:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\071704
[2009/10/11 06:30:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\073024
[2009/10/13 06:30:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\073052
[2009/10/10 06:32:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\073248
[2009/09/25 06:33:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\073300
[2009/09/21 06:35:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\073512
[2009/09/06 06:35:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\073513
[2009/10/21 06:35:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\073543
[2009/10/29 07:39:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\073938
[2009/09/17 06:40:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\074020
[2009/10/20 06:41:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\074105
[2009/10/14 06:44:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\074455
[2009/10/24 06:46:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\074647
[2009/09/07 06:50:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\075021
[2009/09/30 06:50:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\075031
[2009/09/13 06:52:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\075251
[2009/09/05 06:54:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\075404
[2009/10/15 06:54:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\075443
[2009/10/18 06:56:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\075635
[2009/09/14 06:58:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\075808
[2009/09/18 06:58:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\075830
[2009/10/26 07:59:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\075934
[2009/09/28 07:00:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\080018
[2009/09/02 07:00:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\080025
[2009/08/31 07:00:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\080048
[2009/09/08 07:00:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\080055
[2010/08/04 07:03:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\080355
[2009/09/24 07:07:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\080711
[2009/09/16 07:08:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\080819
[2009/10/16 07:08:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\080833
[2009/10/23 07:08:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\080847
[2009/09/03 07:11:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\081131
[2009/10/01 07:13:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\081343
[2009/10/17 07:18:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\081803
[2009/10/05 07:22:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\082205
[2009/10/06 07:23:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\082305
[2009/10/27 08:23:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\082359
[2009/09/01 07:26:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\082636
[2009/09/04 07:27:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\082721
[2009/09/12 07:27:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\082748
[2010/07/11 07:30:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\083025
[2011/02/02 08:31:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\083103
[2011/02/02 08:33:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\083353
[2011/02/02 08:34:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\083435
[2009/10/22 07:35:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\083500
[2009/10/19 07:41:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\084154
[2009/09/11 07:46:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\084614
[2010/10/26 07:52:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\085241
[2009/10/02 08:00:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\090009
[2009/09/15 08:17:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\091739
[2009/09/23 08:19:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\091926
[2009/09/25 09:00:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\100016
[2009/10/22 09:03:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\100310
[2009/08/30 09:09:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\100946
[2009/10/21 09:56:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\105612
[2009/09/26 10:29:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\112924
[2009/08/31 10:41:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\114144
[2009/10/23 11:14:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\121456
[2010/07/11 11:28:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\122801
[2010/07/11 11:28:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\122841
[2010/02/12 19:59:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\131909
[2009/09/03 12:52:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\135218
[2010/11/26 14:03:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\140319
[2009/09/12 13:27:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\142737
[2010/03/15 08:12:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\143928
[2009/09/29 05:51:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\152538
[2009/09/29 15:00:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\160046
[2009/09/29 05:51:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\160151
[2009/10/16 15:10:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\161008
[2009/10/10 15:15:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\161515
[2009/09/18 15:17:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\161720
[2009/09/20 15:30:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\163004
[2009/09/02 16:17:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\171703
[2009/10/16 16:20:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\172014
[2009/10/10 16:28:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\172805
[2009/09/10 16:49:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\174948
[2009/10/05 17:06:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\180606
[2009/10/21 17:06:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\180649
[2009/10/27 18:07:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\180751
[2009/11/20 18:24:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\182422
[2009/09/10 17:30:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\183028
[2010/02/10 18:32:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\183245
[2010/02/10 18:34:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\183337
[2009/09/19 18:26:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\192608
[2009/09/23 18:31:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\193145
[2009/09/24 18:51:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\195137
[2009/11/22 20:00:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\200051
[2009/09/21 19:14:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\201448
[2009/09/14 19:53:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\205352
[2012/05/30 20:00:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\210032
[2009/10/24 20:02:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\210207
[2009/10/17 20:48:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\214827
[2009/11/22 22:07:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\220729
[2009/10/08 22:12:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\231223
[2012/06/30 13:01:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\DriverCure
[2011/01/28 12:33:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\DVDVideoSoft
[2012/06/20 17:00:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\ElevatedDiagnostics
[2010/03/13 10:42:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\Facebook
[2012/07/04 15:06:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\Geek Uninstaller
[2012/06/30 16:23:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\Oracle
[2008/08/29 17:10:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\Panasonic
[2011/03/10 07:54:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\PCDr
[2012/08/24 15:12:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\QuickScan
[2012/06/30 13:01:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\SpeedMaxPc
[2012/04/13 13:40:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\ubot
[2011/02/04 13:25:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\Unity

========== Purity Check ==========

< End of report >

Edited by MadameConcorde, 11 January 2013 - 05:59 AM.

#2
WhiteHat

Posted 10 January 2013 - 01:51 PM

Trusted Helper

Retired Staff
1,925 posts

Hello and welcome to GeeksToGo

My nickname is WhiteHat and I'm going to help you fix your problem.

Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste so as to include the log in your reply. You can do this in separate posts if it's easier for you.
Please do not try to fix anything without being asked
I suggest you print or save any instructions I give you for easy reference. We may be using Safe mode and you will not always be able to access this thread.
Do not put your logs inside <Quote> and/or <Code> *important*
Please do not use the Attachment feature for any log file. Do a Copy/Paste of the entire contents of the log file and submit it inside your post unless directed otherwise.
The fixes are specific to your problem and should only be used for this issue on this machine!
Lastly, Please be aware that removing Malware is a hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. Some infections are so severe that we might encounter situations where the only recourse is to re-format and re-install your operating system. Don't worry, this only happens in severe cases, but, sadly, it does happen.
In light of this be prepared to back up your data. Have means of backing up your data available.

In order to be notified when your topic has been replied to:

Click My Settings at the top of the page. An Option page will open. In the left hand column click Notification Options. On the new page that opens under the Notification Preferences section click Watch every topic I reply to and set the notification type to Immediate Notification.

#3
WhiteHat

Posted 10 January 2013 - 01:58 PM

Trusted Helper

Retired Staff
1,925 posts

Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete

Posted Image

Once done it will ask to reboot, allow this
On reboot a log will be produced please post that.

NEXT

Please reopen Posted Image

on your desktop.

Under the

box at the bottom, paste in the following

:OTL
IE - HKCU\..\SearchScopes\{AEC911B1-8FF8-4995-8D09-B9E0CF36F1AE}: "URL" = http://websearch.ask...8C-D3F473B6E8E4
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT1640187
[2012/05/04 14:40:46 | 000,002,333 | ---- | M] () -- C:\Documents and Settings\MARIE MARIANI\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\searchplugins\askcom.xml
[2013/01/10 10:23:13 | 000,005,471 | ---- | M] () -- C:\Documents and Settings\MARIE MARIANI\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\searchplugins\startpage-http.xml
[2013/01/09 21:10:14 | 000,005,472 | ---- | M] () -- C:\Documents and Settings\MARIE MARIANI\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\searchplugins\startpage-https.xml
O2 - BHO: (TorrentMan Toolbar) - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTorr.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (TorrentMan Toolbar) - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTorr.dll (Conduit Ltd.)
[2013/01/10 19:45:00 | 000,000,250 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

:Commands
[CREATERESTOREPOINT]
[EMPTYTEMP]

Then click the button at the top
Let the program run unhindered, reboot the PC when it is done
Navigate to the C:\_OTL\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.

THEN:
Security Check
Download Security Check by screen317 from here or here.

Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

FINALLY:

Download aswMBR.exe ( 4.8mb ) to your desktop.

Double click the aswMBR.exe to run it Click the "Scan" button to start scan

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply

Posted Image

#4
MadameConcorde

Posted 11 January 2013 - 06:03 AM

Member

Topic Starter
Member
34 posts

Thank you very much for this WhiteHat!

A lot of home work in perspective!

Good thing the weekend is here.

I will report as I go along.

#5
WhiteHat

Posted 11 January 2013 - 01:34 PM

Trusted Helper

Retired Staff
1,925 posts

Ok, I will wait for the logs.

#6
MadameConcorde

Posted 01 February 2013 - 08:39 AM

Member

Topic Starter
Member
34 posts

OTL log file 01 February 2013

OTL logfile created on: 01/02/2013 13:55:36 - Run 7
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\MM\Mes documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 2,20 Gb Available Physical Memory | 73,31% Memory free
4,84 Gb Paging File | 4,18 Gb Available in Paging File | 86,38% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 226,96 Gb Total Space | 87,39 Gb Free Space | 38,50% Space Free | Partition Type: NTFS

Computer Name: M | User Name: MM | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\MM\Mes documents\Downloads\DellPCDiagnostics.exe (Dell Computer Corporation)
PRC - C:\Documents and Settings\MM\Mes documents\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
PRC - C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
PRC - C:\WINDOWS\OEM02Mon.exe (Creative Technology Ltd.)
PRC - C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe (Intel® Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe (Intel Corporation)
PRC - C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Program Files\Microsoft Office\Office\WINWORD.EXE (Microsoft Corporation)

========== Modules (No Company Name) ==========

MOD - C:\Program Files\AVAST Software\Avast\defs\13020100\algo.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\96b7a0136e9e72e8f4eb0230c20766d2\System.Configuration.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\4c91371e83d124ecb39664613e7e0417\System.Windows.Forms.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7782f356a838c403b4a8e9c80df5a577\System.Drawing.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll ()
MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll ()
MOD - C:\Program Files\Dell\QuickSet\dadkeyb.dll ()
MOD - C:\Program Files\Intel\Wireless\Bin\acAuth.dll ()
MOD - C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll ()

========== Services (SafeList) ==========

SRV - (stllssvr) -- C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe File not found
SRV - (RoxWatch9) -- C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe File not found
SRV - (RoxMediaDB9) -- C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe File not found
SRV - (IDriverT) -- C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe File not found
SRV - (GoogleDesktopManager) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe File not found
SRV - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe File not found
SRV - (avast! Firewall) -- C:\Program Files\AVAST Software\Avast\afwServ.exe File not found
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe (McAfee, Inc.)
SRV - (sprtsvc_dellsupportcenter) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (WLANKEEPER) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe (Intel® Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (WDICA) -- File not found
DRV - (PxHelp20) -- System32\Drivers\PxHelp20.sys File not found
DRV - (pfc) -- system32\drivers\pfc.sys File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (Lbd) -- system32\DRIVERS\Lbd.sys File not found
DRV - (Lavasoft Kernexplorer) -- C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys File not found
DRV - (DXEC02) -- system32\drivers\dxec02.sys File not found
DRV - (Changer) -- File not found
DRV - (BTWUSB) -- System32\Drivers\btwusb.sys File not found
DRV - (btwmodem) -- system32\DRIVERS\btwmodem.sys File not found
DRV - (btwhid) -- system32\DRIVERS\btwhid.sys File not found
DRV - (BTWDNDIS) -- system32\DRIVERS\btwdndis.sys File not found
DRV - (BTSERIAL) -- C:\WINDOWS\system32\drivers\btserial.sys File not found
DRV - (BTKRNL) -- system32\DRIVERS\btkrnl.sys File not found
DRV - (BTDriver) -- system32\DRIVERS\btport.sys File not found
DRV - (btaudio) -- system32\drivers\btaudio.sys File not found
DRV - (APPDRV) -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS File not found
DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (AswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (aswKbd) -- C:\WINDOWS\System32\drivers\aswKbd.sys (AVAST Software)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (OEM02Vfx) -- C:\WINDOWS\system32\drivers\OEM02Vfx.sys (EyePower Games Pte. Ltd.)
DRV - (OEM02Dev) -- C:\WINDOWS\system32\drivers\OEM02Dev.sys (Creative Technology Ltd.)
DRV - (NETw4x32) -- C:\WINDOWS\system32\drivers\NETw4x32.sys (Intel Corporation)
DRV - (MPFP) -- C:\WINDOWS\system32\drivers\Mpfp.sys (McAfee, Inc.)
DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)
DRV - (bcm4sbxp) -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (rismxdp) -- C:\WINDOWS\system32\drivers\rixdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\WINDOWS\system32\drivers\rimsptsk.sys (REDC)
DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC)
DRV - (DLADResM) -- C:\WINDOWS\system32\DLA\DLADResM.SYS (Roxio)
DRV - (DLABMFSM) -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS (Roxio)
DRV - (DLAUDF_M) -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS (Roxio)
DRV - (DLAUDFAM) -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS (Roxio)
DRV - (DLAOPIOM) -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS (Roxio)
DRV - (DLABOIOM) -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS (Roxio)
DRV - (DLAIFS_M) -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS (Roxio)
DRV - (DLAPoolM) -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS (Roxio)
DRV - (DLACDBHM) -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS (Roxio)
DRV - (DLARTL_M) -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS (Roxio)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://partnerpage.g...smb&ibd=6080415
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://partnerpage.g...smb&ibd=6080415
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://partnerpage.g...smb&ibd=6080415
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://partnerpage.g...smb&ibd=6080415
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - No CLSID value found
IE - HKCU\..\URLSearchHook: {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTorr.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {6AEA4CD5-41AC-49C6-BBEB-06005E08A574}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6AEA4CD5-41AC-49C6-BBEB-06005E08A574}: "URL" = http://www.google.co...&rlz=1I7DAFR_fr
IE - HKCU\..\SearchScopes\{AEC911B1-8FF8-4995-8D09-B9E0CF36F1AE}: "URL" = http://websearch.ask...8C-D3F473B6E8E4
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT1640187
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://startpage.com/"
FF - prefs.js..extensions.enabledAddons: clearcache%40michel.de.almeida:1.2
FF - prefs.js..extensions.enabledAddons: netvideohunter%40netvideohunter.com:1.9.5
FF - prefs.js..extensions.enabledAddons: %7B3d7eb24f-2740-49df-8937-200b1cc08f8a%7D:1.5.15.1
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:7.0.1474
FF - prefs.js..extensions.enabledAddons: donottrackplus%40abine.com:2.2.5.1205
FF - prefs.js..extensions.enabledAddons: artur.dubovoy%40gmail.com:3.8.2
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.4.4rc3
FF - prefs.js..extensions.enabledAddons: adblockpopups%40jessehakanen.net:0.6
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.7
FF - prefs.js..extensions.enabledItems: {078fac48-925f-4524-7cfe-85d44b8f4f98}:1.2
FF - prefs.js..extensions.enabledItems: {3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.14.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: [email protected]:0.2.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {4DC70064-89E2-4a55-8FC6-E8CDEAE3612C}:0.6.7
FF - prefs.js..network.proxy.type: 4

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Documents and Settings\MM\Application Data\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\MM\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/11/08 08:51:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/11/21 12:39:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/01/30 22:16:41 | 000,000,000 | ---D | M]

[2008/06/18 15:02:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\MM\Application Data\Mozilla\Extensions
[2013/02/01 11:01:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\extensions
[2012/12/07 08:53:39 | 000,000,000 | ---D | M] (DoNotTrackMe) -- C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\extensions\[email protected]
[2012/10/25 07:43:47 | 000,000,000 | ---D | M] ("NetVideoHunter") -- C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\extensions\[email protected]
[2013/02/01 11:01:45 | 000,130,828 | ---- | M] () (No name found) -- C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\extensions\[email protected]
[2012/12/26 18:32:56 | 000,234,999 | ---- | M] () (No name found) -- C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\extensions\[email protected]
[2011/11/16 18:11:12 | 000,027,225 | ---- | M] () (No name found) -- C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\extensions\[email protected]
[2012/10/26 13:54:45 | 000,158,844 | ---- | M] () (No name found) -- C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\extensions\[email protected]
[2011/07/16 22:34:25 | 000,097,169 | ---- | M] () (No name found) -- C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}.xpi
[2013/01/29 09:39:42 | 000,533,597 | ---- | M] () (No name found) -- C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013/02/01 10:27:02 | 000,817,973 | ---- | M] () (No name found) -- C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/12/05 16:11:56 | 000,007,919 | ---- | M] () (No name found) -- C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\extensions\[email protected]\chrome\content\ff\view_expiry.js
[2012/05/04 14:40:46 | 000,002,333 | ---- | M] () -- C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\searchplugins\askcom.xml
[2013/02/01 10:08:14 | 000,005,471 | ---- | M] () -- C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\searchplugins\startpage-http.xml
[2013/01/31 21:52:05 | 000,005,472 | ---- | M] () -- C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\searchplugins\startpage-https.xml
[2012/11/21 12:39:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/11/08 08:51:39 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012/11/21 12:39:17 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/11/12 08:32:24 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/11/12 08:32:24 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2004/08/05 12:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - No CLSID value found.
O2 - BHO: (TorrentMan Toolbar) - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTorr.dll (Conduit Ltd.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (TorrentMan Toolbar) - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTorr.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4 - HKLM..\Run: [DELL Webcam Manager] C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [ECenter] C:\dell\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\WINDOWS\System32\nvhotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [OEM02Mon.exe] C:\WINDOWS\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKCU..\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\BTTray.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoMovingBands = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCloseDragDropBands = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarsOnTaskbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O15 - HKCU\..Trusted Domains: dell.com ([]* in Trusted sites)
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bit...m/qsax/qsax.cab (Bitdefender QuickScan Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1341047612765 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} http://download.mcaf...565/mcfscan.cab (McFreeScan Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7D2F526B-31E8-42C0-9E52-9004140FAD70}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\MM\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\MM\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/19 13:18:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{32d824be-d82a-11df-9d67-001d09c52bf1}\Shell - "" = AutoRun
O33 - MountPoints2\{32d824be-d82a-11df-9d67-001d09c52bf1}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL masterymindfuse.html
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/02/01 12:59:08 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\MM\Recent
[2013/02/01 12:49:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\MM\Menu Démarrer\Programmes\Dell
[2013/02/01 11:13:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\MM\Local Settings\Application Data\Deployment
[2013/02/01 10:46:41 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2013/02/01 10:46:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware
[2013/02/01 10:46:34 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/02/01 10:46:32 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2013/02/01 10:46:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
[2013/01/30 20:08:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Program Files

========== Files - Modified Within 30 Days ==========

[2013/02/01 13:56:00 | 000,001,070 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/01 13:56:00 | 000,001,066 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/01 13:55:00 | 000,000,250 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2013/02/01 13:04:23 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2013/02/01 13:01:38 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/02/01 13:01:07 | 000,053,139 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2013/02/01 13:00:48 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/02/01 13:00:44 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2584256461-3525015534-717217448-1005.job
[2013/02/01 13:00:36 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/02/01 13:00:31 | 3219,169,280 | -HS- | M] () -- C:\hiberfil.sys
[2013/02/01 13:00:31 | 000,231,184 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/02/01 10:53:20 | 000,003,120 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013/01/31 22:55:12 | 000,013,864 | ---- | M] () -- C:\WINDOWS\AegisP.inf
[2013/01/31 22:55:12 | 000,010,640 | ---- | M] () -- C:\WINDOWS\AegisP.cat
[2013/01/30 23:09:00 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2013/01/30 16:26:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/01/25 18:02:00 | 000,000,302 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2584256461-3525015534-717217448-1005.job
[2013/01/09 09:19:01 | 000,512,302 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2013/01/09 09:19:01 | 000,443,844 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/01/09 09:19:01 | 000,085,824 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2013/01/09 09:19:01 | 000,072,726 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

========== Files Created - No Company Name ==========

[2013/02/01 13:00:31 | 000,231,184 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/04/13 18:35:49 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\MM\mm_backup.cfg
[2012/02/21 11:53:00 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/08/29 07:50:03 | 000,645,632 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011/08/29 07:50:03 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011/06/05 13:40:28 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/06/05 13:40:28 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2010/11/26 17:22:51 | 000,007,487 | ---- | C] () -- C:\Documents and Settings\MM\DModem_Trace.trc
[2010/11/18 09:25:10 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\MM\Local Settings\Application Data\housecall.guid.cache
[2008/06/18 11:11:27 | 000,061,952 | ---- | C] () -- C:\Documents and Settings\MM\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/04/21 16:14:11 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\MM\Local Settings\Application Data\fusioncache.dat

========== ZeroAccess Check ==========

[2004/08/19 13:25:22 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/06/26 09:13:32 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 11:53:55 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 03:33:48 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/05/30 21:23:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2012/06/06 08:19:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2010/03/31 12:21:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fighters
[2011/04/23 20:39:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ReviverSoft
[2012/10/28 22:35:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedMaxPc
[2008/04/15 13:49:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2008/12/03 17:47:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2009/10/04 04:49:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\054958
[2009/10/09 05:35:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\063511
[2009/09/29 05:51:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\065142
[2009/10/12 05:57:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\065711
[2009/10/25 07:05:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\070502
[2009/09/26 06:06:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\070637
[2009/10/07 06:11:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\071143
[2009/10/03 06:12:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\071234
[2009/10/28 07:14:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\071451
[2009/10/15 06:17:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\071704
[2009/10/11 06:30:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\073024
[2009/10/13 06:30:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\073052
[2009/10/10 06:32:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\073248
[2009/09/25 06:33:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\073300
[2009/09/21 06:35:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\073512
[2009/09/06 06:35:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\073513
[2009/10/21 06:35:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\073543
[2009/10/29 07:39:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\073938
[2009/09/17 06:40:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\074020
[2009/10/20 06:41:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\074105
[2009/10/14 06:44:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\074455
[2009/10/24 06:46:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\074647
[2009/09/07 06:50:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\075021
[2009/09/30 06:50:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\075031
[2009/09/13 06:52:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\075251
[2009/09/05 06:54:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\075404
[2009/10/15 06:54:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\075443
[2009/10/18 06:56:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\075635
[2009/09/14 06:58:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\075808
[2009/09/18 06:58:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\075830
[2009/10/26 07:59:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\075934
[2009/09/28 07:00:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\080018
[2009/09/02 07:00:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\080025
[2009/08/31 07:00:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\080048
[2009/09/08 07:00:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\080055
[2010/08/04 07:03:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\080355
[2009/09/24 07:07:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\080711
[2009/09/16 07:08:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\080819
[2009/10/16 07:08:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\080833
[2009/10/23 07:08:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\080847
[2009/09/03 07:11:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\081131
[2009/10/01 07:13:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\081343
[2009/10/17 07:18:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\081803
[2009/10/05 07:22:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\082205
[2009/10/06 07:23:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\082305
[2009/10/27 08:23:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\082359
[2009/09/01 07:26:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\082636
[2009/09/04 07:27:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\082721
[2009/09/12 07:27:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\082748
[2010/07/11 07:30:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\083025
[2011/02/02 08:31:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\083103
[2011/02/02 08:33:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\083353
[2011/02/02 08:34:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\083435
[2009/10/22 07:35:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\083500
[2009/10/19 07:41:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\084154
[2009/09/11 07:46:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\084614
[2010/10/26 07:52:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\085241
[2009/10/02 08:00:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\090009
[2009/09/15 08:17:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\091739
[2009/09/23 08:19:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\091926
[2009/09/25 09:00:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\100016
[2009/10/22 09:03:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\100310
[2009/08/30 09:09:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\100946
[2009/10/21 09:56:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\105612
[2009/09/26 10:29:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\112924
[2009/08/31 10:41:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\114144
[2009/10/23 11:14:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\121456
[2010/07/11 11:28:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\122801
[2010/07/11 11:28:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\122841
[2010/02/12 19:59:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\131909
[2009/09/03 12:52:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\135218
[2010/11/26 14:03:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\140319
[2009/09/12 13:27:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\142737
[2010/03/15 08:12:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\143928
[2009/09/29 05:51:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\152538
[2009/09/29 15:00:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\160046
[2009/09/29 05:51:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\160151
[2009/10/16 15:10:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\161008
[2009/10/10 15:15:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\161515
[2009/09/18 15:17:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\161720
[2009/09/20 15:30:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\163004
[2009/09/02 16:17:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\171703
[2009/10/16 16:20:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\172014
[2009/10/10 16:28:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\172805
[2009/09/10 16:49:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\174948
[2009/10/05 17:06:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\180606
[2009/10/21 17:06:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\180649
[2009/10/27 18:07:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\180751
[2009/11/20 18:24:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\182422
[2009/09/10 17:30:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\183028
[2010/02/10 18:32:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\183245
[2010/02/10 18:34:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\183337
[2009/09/19 18:26:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\192608
[2009/09/23 18:31:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\193145
[2009/09/24 18:51:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\195137
[2009/11/22 20:00:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\200051
[2009/09/21 19:14:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\201448
[2009/09/14 19:53:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\205352
[2012/05/30 20:00:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\210032
[2009/10/24 20:02:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\210207
[2009/10/17 20:48:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\214827
[2009/11/22 22:07:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\220729
[2009/10/08 22:12:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\231223
[2012/06/30 13:01:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\DriverCure
[2011/01/28 12:33:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\DVDVideoSoft
[2012/06/20 17:00:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\ElevatedDiagnostics
[2010/03/13 10:42:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\Facebook
[2012/07/04 15:06:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\Geek Uninstaller
[2012/06/30 16:23:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\Oracle
[2008/08/29 17:10:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\Panasonic
[2011/03/10 07:54:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\PCDr
[2013/01/30 22:05:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\QuickScan
[2012/06/30 13:01:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\SpeedMaxPc
[2012/04/13 13:40:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\ubot
[2011/02/04 13:25:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MM\Application Data\Unity

========== Purity Check ==========

< End of report >

Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete
Once done it will ask to reboot, allow this
On reboot a log will be produced please post that.

# AdwCleaner v2.109 - Rapport créé le 01/02/2013 à 14:40:10
# Mis à jour le 26/01/2013 par Xplode
# Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
# Nom d'utilisateur : MM - M
# Mode de démarrage : Normal
# Exécuté depuis : C:\Documents and Settings\MM\Mes documents\Downloads\adwcleaner.exe
# Option [Suppression]

***** [Services] *****

***** [Fichiers / Dossiers] *****

Dossier Supprimé : C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\Conduit
Dossier Supprimé : C:\Documents and Settings\MM\Local Settings\Application Data\AskToolbar
Dossier Supprimé : C:\Program Files\TorrentMan
Dossier Supprimé : C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Fichier Supprimé : C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\searchplugins\Askcom.xml
Fichier Supprimé : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

***** [Registre] *****

Clé Supprimée : HKCU\Software\APN
Clé Supprimée : HKCU\Software\Ask.com
Clé Supprimée : HKCU\Software\AskToolbar
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7C5C0F58-E061-457D-9033-77307F5ED00C}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7C5C0F58-E061-457D-9033-77307F5ED00C}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé Supprimée : HKCU\Software\Softonic
Clé Supprimée : HKCU\Software\TorrentMan
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{7C5C0F58-E061-457D-9033-77307F5ED00C}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C5C0F58-E061-457D-9033-77307F5ED00C}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Clé Supprimée : HKLM\Software\TorrentMan
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7C5C0F58-E061-457D-9033-77307F5ED00C}]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7C5C0F58-E061-457D-9033-77307F5ED00C}]

***** [Navigateurs] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Le registre ne contient aucune entrée illégitime.

-\\ Mozilla Firefox v14.0.1 (en-US)

Fichier : C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\prefs.js

C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\user.js ... Supprimé !

Supprimée : user_pref("extensions.veohsearchrecs.SupportedSites", "<?xml version=\"1.0\" ?>\r\n<results revision[...]
Supprimée : user_pref("extensions.veohsearchrecs.VeohVersion", "1.4.2");
Supprimée : user_pref("extensions.veohsearchrecs.id", "c050de69d-0767-1263-3380-dc186476115");
Supprimée : user_pref("extensions.veohsearchrecs.lastsitedate", "20");
Supprimée : user_pref("extensions.veohsearchrecs.veohenabled", "false");

*************************

AdwCleaner[R1].txt - [4641 octets] - [01/02/2013 14:37:13]
AdwCleaner[S1].txt - [4425 octets] - [01/02/2013 14:40:10]

########## EOF - C:\AdwCleaner[S1].txt - [4485 octets] ##########

NEXT

Please reopen on your desktop.

 Under the box at the bottom, paste in the following
........
· Then click the button at the top
· Let the program run unhindered, reboot the PC when it is done
Navigate to the C:\_OTL\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.

All processes killed
========== OTL ==========
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AEC911B1-8FF8-4995-8D09-B9E0CF36F1AE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEC911B1-8FF8-4995-8D09-B9E0CF36F1AE}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
File C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\searchplugins\askcom.xml not found.
C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\searchplugins\startpage-http.xml moved successfully.
C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\searchplugins\startpage-https.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7c5c0f58-e061-457d-9033-77307f5ed00c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7c5c0f58-e061-457d-9033-77307f5ed00c}\ not found.
File C:\Program Files\TorrentMan\tbTorr.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{7c5c0f58-e061-457d-9033-77307f5ed00c} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7c5c0f58-e061-457d-9033-77307f5ed00c}\ not found.
File C:\Program Files\TorrentMan\tbTorr.dll not found.
File C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job not found.
========== COMMANDS ==========
Restore point Set: OTL Restore Point

[EMPTYTEMP]

User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32768 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: MM
->Temp folder emptied: 651825 bytes
->Temporary Internet Files folder emptied: 159039 bytes
->Java cache emptied: 133024 bytes
->FireFox cache emptied: 71257261 bytes
->Flash cache emptied: 1053 bytes

User: NetworkService
->Temp folder emptied: 206750 bytes
->Temporary Internet Files folder emptied: 3949382 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 4061001 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 301506459 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 364,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 02012013_145413

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Security Check
Download Security Check by screen317 from here or here.

Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Results of screen317's Security Check version 0.99.57
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Windows Defender
Malwarebytes Anti-Malware version 1.61.0.1400
CCleaner
JavaFX 2.1.1
Java version out of Date!
Adobe Flash Player 11.4.402.265
Adobe Reader 10.1.5 Adobe Reader out of Date!
Mozilla Firefox 14.0.1 Firefox out of Date!
````````Process Check: objlist.exe by Laurent````````
Windows Defender MSMpEng.exe
Windows Defender MSASCui.exe
Windows Defender MsMpEng.exe
Windows Defender MSASCui.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast avastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 4%
````````````````````End of Log``````````````````````

FINALLY:

Download aswMBR.exe ( 4.8mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-01 15:23:40
-----------------------------
15:23:40.453 OS Version: Windows 5.1.2600 Service Pack 3
15:23:40.453 Number of processors: 2 586 0x1706
15:23:40.453 ComputerName: M UserName:
15:23:41.843 Initialize success
15:23:42.046 AVAST engine defs: 13020100
15:24:09.609 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-e
15:24:09.609 Disk 0 Vendor: SAMSUNG_HM251JI 2SS00_01 Size: 238475MB BusType: 3
15:24:09.671 Disk 0 MBR read successfully
15:24:09.671 Disk 0 MBR scan
15:24:09.671 Disk 0 unknown MBR code
15:24:09.671 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 117 MB offset 63
15:24:09.687 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 232409 MB offset 240975
15:24:09.687 Disk 0 Partition - 00 0F Extended LBA 2557 MB offset 476230860
15:24:09.718 Disk 0 Partition 3 00 DB CP/M / CTOS Dell 8.0 3380 MB offset 481468050
15:24:09.734 Disk 0 Partition 4 00 DD MSDOS5.0 2557 MB offset 476230923
15:24:09.734 Disk 0 scanning sectors +488392065
15:24:09.812 Disk 0 scanning C:\WINDOWS\system32\drivers
15:24:21.093 Service scanning
15:24:38.765 Modules scanning
15:24:44.562 Disk 0 trace - called modules:
15:24:44.578 ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
15:24:44.578 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8ae07ab8]
15:24:44.578 3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-e[0x8ae38940]
15:24:45.437 AVAST engine scan C:\WINDOWS
15:24:49.750 AVAST engine scan C:\WINDOWS\system32
15:27:14.781 AVAST engine scan C:\WINDOWS\system32\drivers
15:27:34.562 AVAST engine scan C:\Documents and Settings\MM
15:28:57.781 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\MM\Mes documents\Downloads\MBR.dat"
15:28:57.796 The log file has been saved successfully to "C:\Documents and Settings\MM\Mes documents\Downloads\aswMBR.txt"

#7
WhiteHat

Posted 01 February 2013 - 10:06 AM

Trusted Helper

Retired Staff
1,925 posts

Hi,

I need a new OTL log.

Run OTL
Select All Users

Copy the lines under the Code.

netsvcs
msconfig
%SYSTEMDRIVE%\*.*
%systemdrive%\drivers\*.exe
%systemroot%\system32\drivers\*.* /90
%PROGRAMFILES%\*.*
/md5start
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
HKLM\SOFTWARE\CLIENTS\Startmenuinternet|command /rs
HKLM\SOFTWARE\CLIENTS\Startmenuinternet|command /64 /rs
CREATERESTOREPOINT

Back to the program and paste the text in red in the text box "Custom Scan / Fixes"
Click on Run Scan button
The examination takes a while, be patient.
Copy the entire contents of the log OTL.txt and post in your next reply

#8
MadameConcorde

Posted 01 February 2013 - 10:57 AM

Member

Topic Starter
Member
34 posts

Hi,

I need a new OTL log.
Run OTL
Select All Users
Copy the lines under the Code.
netsvcs
msconfig
%SYSTEMDRIVE%\*.*
%systemdrive%\drivers\*.exe
%systemroot%\system32\drivers\*.* /90
%PROGRAMFILES%\*.*
/md5start
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
HKLM\SOFTWARE\CLIENTS\Startmenuinternet|command /rs
HKLM\SOFTWARE\CLIENTS\Startmenuinternet|command /64 /rs
CREATERESTOREPOINT
Back to the program and paste the text in red in the text box "Custom Scan / Fixes"
Click on Run Scan button
The examination takes a while, be patient.
Copy the entire contents of the log OTL.txt and post in your next reply

Thank you for being so fast.

I don't see a text in red.
I hope this is the result you want.

OTL logfile created on: 01/02/2013 17:43:09 - Run 8
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\MM\Mes documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 2,19 Gb Available Physical Memory | 73,01% Memory free
4,84 Gb Paging File | 4,16 Gb Available in Paging File | 85,99% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 226,96 Gb Total Space | 87,46 Gb Free Space | 38,53% Space Free | Partition Type: NTFS

Computer Name: M | User Name: MM | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\MM\Mes documents\Downloads\DellPCDiagnostics.exe (Dell Computer Corporation)
PRC - C:\Documents and Settings\MM\Local Settings\Apps\2.0\VX7OVQ76.V7R\62W7OVG8.708\dell..tion_0f612f649c4a10af_0003.0003_3d893b39f32a1f6c\DellSystemDetect.exe (Dell)
PRC - C:\Documents and Settings\MM\Mes documents\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
PRC - C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
PRC - C:\WINDOWS\OEM02Mon.exe (Creative Technology Ltd.)
PRC - C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe (Intel® Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe (Intel Corporation)
PRC - C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Program Files\Microsoft Office\Office\WINWORD.EXE (Microsoft Corporation)

========== Modules (No Company Name) ==========

MOD - C:\Program Files\AVAST Software\Avast\defs\13020100\algo.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Deployment\9c937f56e350f12f22d42a913fc27b5e\System.Deployment.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\203f25ba39b45027d2d0c8f849a471db\System.Security.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\96b7a0136e9e72e8f4eb0230c20766d2\System.Configuration.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\dfsvc\eeefda9b58e578a92df0439b8e1772d8\dfsvc.ni.exe ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\4c91371e83d124ecb39664613e7e0417\System.Windows.Forms.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7782f356a838c403b4a8e9c80df5a577\System.Drawing.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll ()
MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
MOD - C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll ()
MOD - C:\Program Files\Dell\QuickSet\dadkeyb.dll ()
MOD - C:\Program Files\Intel\Wireless\Bin\acAuth.dll ()
MOD - C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll ()

========== Services (SafeList) ==========

SRV - (stllssvr) -- C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe File not found
SRV - (RoxWatch9) -- C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe File not found
SRV - (RoxMediaDB9) -- C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe File not found
SRV - (IDriverT) -- C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe File not found
SRV - (GoogleDesktopManager) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe File not found
SRV - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe File not found
SRV - (avast! Firewall) -- C:\Program Files\AVAST Software\Avast\afwServ.exe File not found
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe (McAfee, Inc.)
SRV - (sprtsvc_dellsupportcenter) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (WLANKEEPER) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe (Intel® Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (WDICA) -- File not found
DRV - (PxHelp20) -- System32\Drivers\PxHelp20.sys File not found
DRV - (pfc) -- system32\drivers\pfc.sys File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (Lbd) -- system32\DRIVERS\Lbd.sys File not found
DRV - (Lavasoft Kernexplorer) -- C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys File not found
DRV - (DXEC02) -- system32\drivers\dxec02.sys File not found
DRV - (Changer) -- File not found
DRV - (BTWUSB) -- System32\Drivers\btwusb.sys File not found
DRV - (btwmodem) -- system32\DRIVERS\btwmodem.sys File not found
DRV - (btwhid) -- system32\DRIVERS\btwhid.sys File not found
DRV - (BTWDNDIS) -- system32\DRIVERS\btwdndis.sys File not found
DRV - (BTSERIAL) -- C:\WINDOWS\system32\drivers\btserial.sys File not found
DRV - (BTKRNL) -- system32\DRIVERS\btkrnl.sys File not found
DRV - (BTDriver) -- system32\DRIVERS\btport.sys File not found
DRV - (btaudio) -- system32\drivers\btaudio.sys File not found
DRV - (APPDRV) -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS File not found
DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (AswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (aswKbd) -- C:\WINDOWS\System32\drivers\aswKbd.sys (AVAST Software)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (OEM02Vfx) -- C:\WINDOWS\system32\drivers\OEM02Vfx.sys (EyePower Games Pte. Ltd.)
DRV - (OEM02Dev) -- C:\WINDOWS\system32\drivers\OEM02Dev.sys (Creative Technology Ltd.)
DRV - (NETw4x32) -- C:\WINDOWS\system32\drivers\NETw4x32.sys (Intel Corporation)
DRV - (MPFP) -- C:\WINDOWS\system32\drivers\Mpfp.sys (McAfee, Inc.)
DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)
DRV - (bcm4sbxp) -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (rismxdp) -- C:\WINDOWS\system32\drivers\rixdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\WINDOWS\system32\drivers\rimsptsk.sys (REDC)
DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC)
DRV - (DLADResM) -- C:\WINDOWS\system32\DLA\DLADResM.SYS (Roxio)
DRV - (DLABMFSM) -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS (Roxio)
DRV - (DLAUDF_M) -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS (Roxio)
DRV - (DLAUDFAM) -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS (Roxio)
DRV - (DLAOPIOM) -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS (Roxio)
DRV - (DLABOIOM) -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS (Roxio)
DRV - (DLAIFS_M) -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS (Roxio)
DRV - (DLAPoolM) -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS (Roxio)
DRV - (DLACDBHM) -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS (Roxio)
DRV - (DLARTL_M) -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS (Roxio)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://partnerpage.g...smb&ibd=6080415
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://partnerpage.g...smb&ibd=6080415
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://partnerpage.g...smb&ibd=6080415
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://partnerpage.g...smb&ibd=6080415
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://partnerpage.g...smb&ibd=6080415
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://partnerpage.g...smb&ibd=6080415
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2584256461-3525015534-717217448-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://partnerpage.g...smb&ibd=6080415
IE - HKU\S-1-5-21-2584256461-3525015534-717217448-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-2584256461-3525015534-717217448-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-2584256461-3525015534-717217448-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKU\S-1-5-21-2584256461-3525015534-717217448-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://partnerpage.g...smb&ibd=6080415
IE - HKU\S-1-5-21-2584256461-3525015534-717217448-1005\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-2584256461-3525015534-717217448-1005\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKU\S-1-5-21-2584256461-3525015534-717217448-1005\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2584256461-3525015534-717217448-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-2584256461-3525015534-717217448-1005\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2584256461-3525015534-717217448-1005\..\SearchScopes\{6AEA4CD5-41AC-49C6-BBEB-06005E08A574}: "URL" = http://www.google.co...&rlz=1I7DAFR_fr
IE - HKU\S-1-5-21-2584256461-3525015534-717217448-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2584256461-3525015534-717217448-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://startpage.com/"
FF - prefs.js..extensions.enabledAddons: clearcache%40michel.de.almeida:1.2
FF - prefs.js..extensions.enabledAddons: netvideohunter%40netvideohunter.com:1.9.5
FF - prefs.js..extensions.enabledAddons: %7B3d7eb24f-2740-49df-8937-200b1cc08f8a%7D:1.5.15.1
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:7.0.1474
FF - prefs.js..extensions.enabledAddons: donottrackplus%40abine.com:2.2.5.1205
FF - prefs.js..extensions.enabledAddons: artur.dubovoy%40gmail.com:3.8.2
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.4.4rc3
FF - prefs.js..extensions.enabledAddons: adblockpopups%40jessehakanen.net:0.6
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.7
FF - prefs.js..extensions.enabledItems: {078fac48-925f-4524-7cfe-85d44b8f4f98}:1.2
FF - prefs.js..extensions.enabledItems: {3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.14.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: [email protected]:0.2.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {4DC70064-89E2-4a55-8FC6-E8CDEAE3612C}:0.6.7
FF - prefs.js..network.proxy.type: 4
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Documents and Settings\MM\Application Data\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\MM\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/11/08 08:51:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/11/21 12:39:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/01/30 22:16:41 | 000,000,000 | ---D | M]

[2008/06/18 15:02:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\MM\Application Data\Mozilla\Extensions
[2013/02/01 11:01:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\extensions
[2012/12/07 08:53:39 | 000,000,000 | ---D | M] (DoNotTrackMe) -- C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\extensions\[email protected]
[2012/10/25 07:43:47 | 000,000,000 | ---D | M] ("NetVideoHunter") -- C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\extensions\[email protected]
[2013/02/01 11:01:45 | 000,130,828 | ---- | M] () (No name found) -- C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\extensions\[email protected]
[2012/12/26 18:32:56 | 000,234,999 | ---- | M] () (No name found) -- C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\extensions\[email protected]
[2011/11/16 18:11:12 | 000,027,225 | ---- | M] () (No name found) -- C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\extensions\[email protected]
[2012/10/26 13:54:45 | 000,158,844 | ---- | M] () (No name found) -- C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\extensions\[email protected]
[2011/07/16 22:34:25 | 000,097,169 | ---- | M] () (No name found) -- C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}.xpi
[2013/01/29 09:39:42 | 000,533,597 | ---- | M] () (No name found) -- C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013/02/01 10:27:02 | 000,817,973 | ---- | M] () (No name found) -- C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/12/05 16:11:56 | 000,007,919 | ---- | M] () (No name found) -- C:\Documents and Settings\MM\Application Data\Mozilla\Firefox\Profiles\vh68wvxn.default\extensions\[email protected]\chrome\content\ff\view_expiry.js
[2012/11/21 12:39:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/11/08 08:51:39 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012/11/21 12:39:17 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/11/12 08:32:24 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/11/12 08:32:24 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2004/08/05 12:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4 - HKLM..\Run: [DELL Webcam Manager] C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [ECenter] C:\dell\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\WINDOWS\System32\nvhotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [OEM02Mon.exe] C:\WINDOWS\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2584256461-3525015534-717217448-1005..\Run: [Akamai NetSession Interface] "C:\Documents and Settings\MM\Local Settings\Application Data\Akamai\netsession_win.exe" File not found
O4 - HKU\S-1-5-21-2584256461-3525015534-717217448-1005..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKU\S-1-5-21-2584256461-3525015534-717217448-1005..\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\BTTray.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2584256461-3525015534-717217448-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2584256461-3525015534-717217448-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O7 - HKU\S-1-5-21-2584256461-3525015534-717217448-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoMovingBands = 0
O7 - HKU\S-1-5-21-2584256461-3525015534-717217448-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCloseDragDropBands = 0
O7 - HKU\S-1-5-21-2584256461-3525015534-717217448-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKU\S-1-5-21-2584256461-3525015534-717217448-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarsOnTaskbar = 0
O7 - HKU\S-1-5-21-2584256461-3525015534-717217448-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-2584256461-3525015534-717217448-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0
O7 - HKU\S-1-5-21-2584256461-3525015534-717217448-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O15 - HKU\S-1-5-21-2584256461-3525015534-717217448-1005\..Trusted Domains: dell.com ([]* in Trusted sites)
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bit...m/qsax/qsax.cab (Bitdefender QuickScan Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1341047612765 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} http://download.mcaf...565/mcfscan.cab (McFreeScan Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7D2F526B-31E8-42C0-9E52-9004140FAD70}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\MM\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\MM\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/19 13:18:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{32d824be-d82a-11df-9d67-001d09c52bf1}\Shell - "" = AutoRun
O33 - MountPoints2\{32d824be-d82a-11df-9d67-001d09c52bf1}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL masterymindfuse.html
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^LUMIX Simple Viewer.lnk - C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe - (Matsushita Electric Industrial Co., Ltd.)
MsConfig - StartUpReg: Google Desktop Search - hkey= - key= - File not found
MsConfig - StartUpReg: KADxMain - hkey= - key= - File not found
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: RoxioDragToDisc - hkey= - key= - C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe (Roxio)
MsConfig - StartUpReg: RoxWatchTray - hkey= - key= - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
MsConfig - StartUpReg: Subliminal Power - hkey= - key= - C:\Program Files\Subliminal Power\Subliminal.exe ()
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/02/01 17:26:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\MM\Menu Démarrer\Programmes\Dell
[2013/02/01 16:18:53 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\MM\Recent
[2013/02/01 16:17:23 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2013/02/01 14:54:13 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/02/01 11:13:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\MM\Local Settings\Application Data\Deployment
[2013/02/01 10:46:41 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2013/02/01 10:46:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware
[2013/02/01 10:46:34 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/02/01 10:46:32 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2013/02/01 10:46:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
[2013/01/30 20:08:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Program Files

========== Files - Modified Within 30 Days ==========

[2013/02/01 17:06:40 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2013/02/01 17:04:40 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/02/01 17:03:43 | 000,053,139 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2013/02/01 17:03:42 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/02/01 17:03:26 | 000,001,066 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/01 17:03:19 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2584256461-3525015534-717217448-1005.job
[2013/02/01 17:03:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/02/01 17:03:07 | 3219,169,280 | -HS- | M] () -- C:\hiberfil.sys
[2013/02/01 17:03:07 | 000,231,184 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/02/01 16:56:00 | 000,001,070 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/01 16:17:23 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2013/02/01 16:17:16 | 000,000,087 | ---- | M] () -- C:\Documents and Settings\MM\Application Data\mbam.context.scan
[2013/02/01 10:53:20 | 000,003,120 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013/01/31 22:55:12 | 000,021,393 | ---- | M] (Cisco Systems, Inc.) -- C:\WINDOWS\AegisP.sys
[2013/01/31 22:55:12 | 000,013,864 | ---- | M] () -- C:\WINDOWS\AegisP.inf
[2013/01/31 22:55:12 | 000,010,640 | ---- | M] () -- C:\WINDOWS\AegisP.cat
[2013/01/30 23:09:00 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2013/01/30 16:26:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/01/25 18:02:00 | 000,000,302 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2584256461-3525015534-717217448-1005.job
[2013/01/17 01:28:58 | 000,232,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2013/01/09 09:19:01 | 000,512,302 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2013/01/09 09:19:01 | 000,443,844 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/01/09 09:19:01 | 000,085,824 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2013/01/09 09:19:01 | 000,072,726 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/01/06 06:34:34 | 006,009,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll

========== Files Created - No Company Name ==========

[2013/02/01 17:03:07 | 000,231,184 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/02/01 16:17:16 | 000,000,087 | ---- | C] () -- C:\Documents and Settings\MM\Application Data\mbam.context.scan
[2012/04/13 18:35:49 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\MM\mm_backup.cfg
[2012/02/21 11:53:00 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/08/29 07:50:03 | 000,645,632 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011/08/29 07:50:03 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011/06/05 13:40:28 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/06/05 13:40:28 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2010/11/26 17:22:51 | 000,007,487 | ---- | C] () -- C:\Documents and Settings\MM\DModem_Trace.trc
[2010/11/18 09:25:10 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\MM\Local Settings\Application Data\housecall.guid.cache
[2008/06/18 11:11:27 | 000,061,952 | ---- | C] () -- C:\Documents and Settings\MM\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/04/21 16:14:11 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\MM\Local Settings\Application Data\fusioncache.dat

========== ZeroAccess Check ==========

[2004/08/19 13:25:22 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/06/26 09:13:32 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 11:53:55 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 03:33:48 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2012/05/30 20:12:48 | 000,000,797 | ---- | M] () -- C:\0
[2004/08/19 13:18:18 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2012/10/21 13:08:47 | 000,000,212 | RHS- | M] () -- C:\boot.ini
[2004/08/05 12:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2004/08/19 13:18:18 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2008/04/15 13:14:54 | 000,007,434 | RH-- | M] () -- C:\dell.sdr
[2013/02/01 17:03:07 | 3219,169,280 | -HS- | M] () -- C:\hiberfil.sys
[2009/05/28 06:58:50 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1
[2004/08/19 13:18:18 | 000,000,000 | -H-- | M] () -- C:\IO.SYS
[2004/08/19 13:18:18 | 000,000,000 | -H-- | M] () -- C:\MSDOS.SYS
[2004/08/05 12:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/09/17 17:59:07 | 000,252,240 | RHS- | M] () -- C:\ntldr
[2013/02/01 17:02:58 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2013/02/01 12:54:07 | 000,000,642 | ---- | M] () -- C:\RstAssociations.txt

< %systemdrive%\drivers\*.exe >

< %systemroot%\system32\drivers\*.* /90 >
[2013/01/31 22:55:12 | 000,021,393 | ---- | M] (Cisco Systems, Inc.) -- C:\WINDOWS\system32\drivers\AegisP.sys
[2013/02/01 16:17:23 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys

< %PROGRAMFILES%\*.* >

< MD5 for: EXPLORER.EXE >
[2007/06/13 14:10:53 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=B795475444D6D57A572C14B9E1A29839 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 14:22:28 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=D0288319660EDCFED07C7E74C4EA38A5 -- C:\i386\explorer.exe
[2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\explorer.exe
[2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe

< MD5 for: SVCHOST.EXE >
[2012/04/04 14:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2004/08/05 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=1BD6C2F707A275CB7C16FD99FE0F31CA -- C:\i386\svchost.exe
[2008/04/14 03:34:23 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=E4BDF223CD75478BF44567B4D5C2634D -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/14 03:34:23 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=E4BDF223CD75478BF44567B4D5C2634D -- C:\WINDOWS\system32\svchost.exe

< MD5 for: USERINIT.EXE >
[2004/08/05 12:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D6D65EA32B190401B57EDB6706F29669 -- C:\i386\userinit.exe
[2008/04/14 03:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/14 03:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2012/04/04 14:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2004/08/05 12:00:00 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=D2DE785AEAB0BB8CA4C14A8A199DBE4E -- C:\i386\winlogon.exe
[2008/04/14 03:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/14 03:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\winlogon.exe

< HKLM\SOFTWARE\CLIENTS\Startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/11/21 12:39:12 | 000,890,008 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/11/21 12:39:12 | 000,890,008 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/11/21 12:39:12 | 000,890,008 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/11/21 12:39:16 | 000,916,960 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/11/21 12:39:16 | 000,916,960 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/11/21 12:39:16 | 000,916,960 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2012/11/01 01:35:35 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2012/11/01 01:35:35 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2012/11/01 01:35:35 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)

< HKLM\SOFTWARE\CLIENTS\Startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/11/21 12:39:12 | 000,890,008 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/11/21 12:39:12 | 000,890,008 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/11/21 12:39:12 | 000,890,008 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/11/21 12:39:16 | 000,916,960 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/11/21 12:39:16 | 000,916,960 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/11/21 12:39:16 | 000,916,960 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2012/11/01 01:35:35 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2012/11/01 01:35:35 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2012/11/01 01:35:35 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)

< End of report >

#9
WhiteHat

Posted 03 February 2013 - 07:18 PM

Trusted Helper

Retired Staff
1,925 posts

Hi,

Please reopen Posted Image

on your desktop.

Under the

box at the bottom, paste in the following

:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://partnerpage.g...smb&ibd=6080415
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://partnerpage.g...smb&ibd=6080415
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://partnerpage.g...smb&ibd=6080415
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://partnerpage.g...smb&ibd=6080415
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://partnerpage.g...smb&ibd=6080415
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://partnerpage.g...smb&ibd=6080415
IE - HKU\S-1-5-21-2584256461-3525015534-717217448-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://partnerpage.g...smb&ibd=6080415
IE - HKU\S-1-5-21-2584256461-3525015534-717217448-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://partnerpage.g...smb&ibd=6080415
FF - prefs.js..browser.startup.homepage: "https://startpage.com/"


:Commands
[CREATERESTOREPOINT]
[EMPTYTEMP]

Then click the button at the top
Let the program run unhindered, reboot the PC when it is done
Navigate to the C:\_OTL\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.