Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

need ur help please [Closed]

Started by thithi19 , Jan 03 2014 06:24 PM

This topic is locked

#1
thithi19

Posted 03 January 2014 - 06:24 PM

New Member

Member
4 posts

hello everybody,
sorry for my english cause i m french
so the problem is:

-google chrome or firefox or internetexplorer always open not on my start page but on nation zoom's page and after when i go on other site i have always one or 2 windows open with publicities

i have a other hard disc where i have all my life(pics of me and my familly, music, and movies) but it doesn t be scan by the programm. so u can t it on the report

please help me

OTL logfile created on: 04/01/2014 01:09:35 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ba nous\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,25 Gb Total Physical Memory | 1,19 Gb Available Physical Memory | 52,90% Memory free
4,49 Gb Paging File | 2,90 Gb Available in Paging File | 64,52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 698,54 Gb Total Space | 635,23 Gb Free Space | 90,94% Space Free | Partition Type: NTFS
Drive D: | 157,98 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 1862,56 Gb Total Space | 1065,31 Gb Free Space | 57,20% Space Free | Partition Type: FAT32

Computer Name: BANOUS-PC | User Name: ba nous | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/01/04 01:09:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ba nous\Downloads\OTL.exe
PRC - [2014/01/01 19:31:08 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2013/12/04 03:48:06 | 000,863,184 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013/11/01 15:31:08 | 000,114,176 | ---- | M] (Wajam) -- C:\Program Files\Wajam\Updater\WajamUpdaterV3.exe
PRC - [2013/10/23 15:01:10 | 000,280,288 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2013/10/23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/10/23 14:55:28 | 000,948,440 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2013/08/16 18:09:06 | 000,961,312 | ---- | M] (Boxore OU) -- C:\Program Files\Boxore\BoxoreClient\boxore.exe
PRC - [2011/06/24 09:27:04 | 006,044,264 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
PRC - [2011/06/07 22:08:18 | 000,294,400 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/12/13 14:37:46 | 000,135,536 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2010/02/10 15:06:04 | 000,372,736 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2010/02/10 15:05:34 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe

========== Modules (No Company Name) ==========

MOD - [2014/01/03 03:34:20 | 000,240,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\03dc83fbe48384390aed7a455e949789\WindowsFormsIntegration.ni.dll
MOD - [2014/01/03 03:33:06 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a2920ed81e097f8551231a9350697bbd\PresentationFramework.Aero.ni.dll
MOD - [2014/01/03 03:32:43 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bcf51dc88597d0835c819a2d5a755b74\PresentationFramework.ni.dll
MOD - [2014/01/03 03:32:31 | 012,238,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\51478a61dbd40488e320a0061e23c4df\PresentationCore.ni.dll
MOD - [2014/01/03 03:32:21 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll
MOD - [2014/01/03 03:32:11 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\8f5b881951592b2fd05f710650bf7e04\System.Core.ni.dll
MOD - [2014/01/03 03:30:46 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
MOD - [2014/01/03 03:30:28 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2014/01/03 03:30:27 | 011,914,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\0cb40437ecbf8ab60a297ff419b7f830\System.Web.ni.dll
MOD - [2014/01/03 03:30:20 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d473c19e69818875b9c739cad8f386a5\System.Runtime.Remoting.ni.dll
MOD - [2014/01/03 03:30:13 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2014/01/03 03:30:10 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
MOD - [2014/01/03 03:30:08 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2014/01/03 03:30:03 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/12/04 03:48:04 | 000,399,312 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
MOD - [2013/12/04 03:48:03 | 013,586,896 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll
MOD - [2013/12/04 03:48:02 | 004,055,504 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll
MOD - [2013/12/04 03:47:11 | 000,702,416 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
MOD - [2013/12/04 03:47:11 | 000,099,792 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.63\libegl.dll
MOD - [2013/12/04 03:47:08 | 001,619,408 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
MOD - [2011/06/07 22:11:00 | 000,243,712 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2011/06/07 22:08:26 | 000,095,232 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
MOD - [2011/04/12 02:35:22 | 000,245,760 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationFramework.resources.dll
MOD - [2011/04/12 02:35:14 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_fr_b77a5c561934e089\System.resources.dll
MOD - [2010/11/13 00:35:41 | 000,430,080 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_fr_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2010/11/13 00:35:38 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll

========== Services (SafeList) ==========

SRV - [2014/01/01 23:28:58 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2014/01/01 23:28:20 | 000,119,408 | ---- | M] (The Software Group) [On_Demand | Stopped] -- C:\Program Files\Software\Update\SoftwareUpdate.exe -- (Software_update_m)
SRV - [2014/01/01 23:28:20 | 000,119,408 | ---- | M] (The Software Group) [Auto | Stopped] -- C:\Program Files\Software\Update\SoftwareUpdate.exe -- (Software_update)
SRV - [2014/01/01 23:27:49 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/12/05 20:36:33 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/11/26 09:29:52 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2013/11/01 15:31:08 | 000,114,176 | ---- | M] (Wajam) [Auto | Running] -- C:\Program Files\Wajam\Updater\WajamUpdaterV3.exe -- (WajamUpdaterV3)
SRV - [2013/10/23 15:01:10 | 000,280,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013/10/23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013/05/27 05:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2011/06/07 22:08:18 | 000,294,400 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2010/12/13 14:37:46 | 000,135,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2010/02/10 15:05:34 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)

========== Driver Services (SafeList) ==========

DRV - [2013/09/27 09:53:06 | 000,104,768 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011/06/06 11:06:54 | 000,211,984 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2011/04/15 07:37:46 | 000,066,688 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_sata.sys -- (amd_sata)
DRV - [2011/04/15 07:37:46 | 000,033,408 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_xata.sys -- (amd_xata)
DRV - [2010/12/02 22:30:44 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2010/11/28 21:50:40 | 000,035,968 | R--- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2010/11/20 22:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 22:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 22:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010/06/16 22:15:36 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie)
DRV - [2010/02/18 09:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86)
DRV - [2010/02/10 15:23:24 | 005,315,584 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2010/02/10 15:23:24 | 005,315,584 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atipmdag.sys -- (amdkmdag)
DRV - [2010/02/10 14:10:58 | 000,152,064 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2009/07/14 00:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.nationzoo...2509AV582509AV5
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.nationzoo...q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.nationzoo...q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearc...r=986792973&ir=
IE - HKLM\..\SearchScopes,DefaultScope = {77AA745B-F4F8-45DA-9B14-61D2D95054C8}
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.nationzoo...q={searchTerms}
IE - HKLM\..\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}: "URL" = http://start.mysearc...r=986792973&ir=

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.nationzoo...2509AV582509AV5
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...9A89052E4&SSPV=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9F B2 A0 5B 17 07 CF 01 [binary data]
IE - HKCU\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
IE - HKCU\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://search.condui...rchTerms}&SSPV=
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.condui...rchTerms}&SSPV=
IE - HKCU\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.nationzoo...q={searchTerms}
IE - HKCU\..\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}: "URL" = http://start.mysearc...r=986792973&ir=
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: d8222698-19e5-4827-b79e-0a077ea8eb7a%407b662f6d-3899-41e4-8864-6393447568da.com:0.93.109
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.Software.com/Software Update;version=3: C:\Program Files\Software\Update\1.3.25.0\npSoftwareUpdate3.dll (The Software Group)
FF - HKLM\Software\MozillaPlugins\@tools.Software.com/Software Update;version=9: C:\Program Files\Software\Update\1.3.25.0\npSoftwareUpdate3.dll (The Software Group)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Nosibay\Bubble Dock\extensions\FFSurfMatch
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2014/01/01 23:37:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ba nous\AppData\Roaming\mozilla\Extensions
[2014/01/03 23:37:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ba nous\AppData\Roaming\mozilla\Firefox\Profiles\c9j1n8po.default\extensions
[2014/01/03 14:08:39 | 000,000,000 | ---D | M] ("MySearchDial NewTab") -- C:\Users\ba nous\AppData\Roaming\mozilla\Firefox\Profiles\c9j1n8po.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
[2014/01/02 00:02:30 | 000,000,000 | ---D | M] ("Plus-HD-3.5") -- C:\Users\ba nous\AppData\Roaming\mozilla\Firefox\Profiles\c9j1n8po.default\extensions\d8222698-19e5-4827-b79e-0a077ea8eb7a@7b662f6d-3899-41e4-8864-6393447568da.com
[2014/01/02 18:39:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ba nous\AppData\Roaming\mozilla\Firefox\Profiles\c9j1n8po.default\extensions\d8222698-19e5-4827-b79e-0a077ea8eb7a@7b662f6d-3899-41e4-8864-6393447568da.com\extensionData
[2014/01/02 18:39:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ba nous\AppData\Roaming\mozilla\Firefox\Profiles\c9j1n8po.default\extensions\d8222698-19e5-4827-b79e-0a077ea8eb7a@7b662f6d-3899-41e4-8864-6393447568da.com\extensionData\plugins
[2014/01/02 18:39:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ba nous\AppData\Roaming\mozilla\Firefox\Profiles\c9j1n8po.default\extensions\d8222698-19e5-4827-b79e-0a077ea8eb7a@7b662f6d-3899-41e4-8864-6393447568da.com\extensionData\userCode
[2014/01/03 23:37:00 | 000,007,303 | ---- | M] () (No name found) -- C:\Users\ba nous\AppData\Roaming\mozilla\firefox\profiles\c9j1n8po.default\extensions\[email protected]
[2013/07/22 12:35:02 | 000,180,858 | ---- | M] () (No name found) -- C:\Users\ba nous\AppData\Roaming\mozilla\firefox\profiles\c9j1n8po.default\extensions\[email protected]
[2014/01/03 19:03:45 | 000,000,975 | ---- | M] () -- C:\Users\ba nous\AppData\Roaming\mozilla\firefox\profiles\c9j1n8po.default\searchplugins\conduit-search.xml
[2014/01/03 14:08:41 | 000,002,393 | ---- | M] () -- C:\Users\ba nous\AppData\Roaming\mozilla\firefox\profiles\c9j1n8po.default\searchplugins\Mysearchdial.xml
[2014/01/01 23:28:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2014/01/02 00:01:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\browser\extensions
[2014/01/02 00:01:39 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/01/01 23:39:21 | 000,000,566 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\nationzoom.xml

========== Chrome ==========

CHR - default_search_provider: Recherche de vid\u00E9os YouTube (Enabled)
CHR - default_search_provider: search_url = http://www.youtube.c...urce=opensearch
CHR - default_search_provider: suggest_url = ,
CHR - homepage: http://search.condui...F57352BA1&SSPV=
CHR - Extension: Bejeweled = C:\Users\ba nous\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm\2_0\
CHR - Extension: Private Joe - Dungeons = C:\Users\ba nous\AppData\Local\Google\Chrome\User Data\Default\Extensions\bddhcbcefccaggaloclldffhobmecjfj\1.4_0\
CHR - Extension: Snooker = C:\Users\ba nous\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjohiacoelemalmancnccjggomjnkfod\1.0.2_0\
CHR - Extension: YouTube = C:\Users\ba nous\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: POKERWOOD - Texas Holdem Poker = C:\Users\ba nous\AppData\Local\Google\Chrome\User Data\Default\Extensions\clkeocmibglboageifmndbpeikoghebb\1.0.9_0\
CHR - Extension: Ratchet & Clank Future 2 = C:\Users\ba nous\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejhfomhehcinmhgnlhdpghklkjgppdmn\3_0\
CHR - Extension: avast! Online Security = C:\Users\ba nous\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2011.70_1\
CHR - Extension: Isoball 3 = C:\Users\ba nous\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajlkcpgcnbhfhpdeooockfaincfkjjj\1.4.0_0\
CHR - Extension: World of Solitaire = C:\Users\ba nous\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifbnllnaaaohekjkcpfdllhhjijnidgn\1.0.1_0\
CHR - Extension: Lightning Newtab = C:\Users\ba nous\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\1.1.7.9_1\
CHR - Extension: Lightning Newtab = C:\Users\ba nous\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\1.1.8.4_0\
CHR - Extension: RePlay.FR = C:\Users\ba nous\AppData\Local\Google\Chrome\User Data\Default\Extensions\imfaefgciinakhhijicamiodfbejphdb\1.4.1_0\
CHR - Extension: Lettre Compte Triple = C:\Users\ba nous\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjeddnjjfojmepmehcknfgdlefcolomp\0.8.5_0\
CHR - Extension: Skyrama = C:\Users\ba nous\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlehaidnnmjjkhgbbiombcdifogolhap\1.0.8_0\
CHR - Extension: Cargo Bridge = C:\Users\ba nous\AppData\Local\Google\Chrome\User Data\Default\Extensions\keembkgclppcbilkekfgpobhldjjhpmn\1.5.7_0\
CHR - Extension: iGraal = C:\Users\ba nous\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhkepipobnjllejbafajoemahjejdcm\1.5.3_1\
CHR - Extension: Custom Print = C:\Users\ba nous\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldikpdnngdmeceeameoaannjilbjppnm\0.1_0\
CHR - Extension: Custom Print = C:\Users\ba nous\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldikpdnngdmeceeameoaannjilbjppnm\1.25.85_0\crossrider
CHR - Extension: Custom Print = C:\Users\ba nous\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldikpdnngdmeceeameoaannjilbjppnm\1.25.85_0\
CHR - Extension: WGT Golf Game = C:\Users\ba nous\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpedbpkelbhcbkdaglillalioeeekbpb\45.0.0_0\
CHR - Extension: Google00A0Wallet = C:\Users\ba nous\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Destroyer bombe 3D = C:\Users\ba nous\AppData\Local\Google\Chrome\User Data\Default\Extensions\okehlnjpihomkdokiiafpejniofjaoom\1.0.6_0\

O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Plus-HD-3.5) - {11111111-1111-1111-1111-110311711180} - C:\Program Files\Plus-HD-3.5\Plus-HD-3.5-bho.dll (Plus HD)
O2 - BHO: (Bubble Dock SurfMatch) - {23AF19F7-1D5B-442c-B14C-3D1081953C94} - C:\Program Files\Nosibay\Bubble Dock\extensions\axSurfMatch.dll File not found
O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found.
O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files\Wajam\IE\priam_bho.dll (Wajam)
O2 - BHO: (SquirrelWeb) - {dd86af49-1ef1-4532-89f7-41eda1dbbe6d} - C:\Program Files\SquirrelWeb\SquirrelWebBHO.dll File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Boxore Client] C:\Program Files\Boxore\BoxoreClient\boxore.exe (Boxore OU)
O4 - HKLM..\Run: [fst_fr_26] File not found
O4 - HKLM..\Run: [Iminent] C:\Program Files\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C" File not found
O4 - HKLM..\Run: [IminentMessenger] C:\Program Files\Iminent\Iminent.Messengers.exe File not found
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Super-Charger] C:\Program Files\MSI\Super-Charger\StartSuperCharger.exe (MSI)
O4 - HKLM..\RunOnce: [Del19562228] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [DelTr53785977] cmd.exe /c rd /s /q "C:\Users\ba nous\AppData\Roaming\mysearchdial" File not found
O4 - HKLM..\RunOnce: [SpUninstallCleanUp] REG delete HKEY_LOCAL_MACHINE\Software\SearchProtect /f File not found
O4 - HKCU..\RunOnce: [Del19562228] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [DelTr53785977] cmd.exe /c rd /s /q "C:\Users\ba nous\AppData\Roaming\mysearchdial" File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0B2542BC-B225-48B4-A8A5-90BFC0DD3142}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/11/17 00:48:32 | 000,000,131 | R--- | M] () - D:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{35cb2b4d-731d-11e3-808f-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{35cb2b4d-731d-11e3-808f-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Setup.exe -- [2010/11/17 00:48:32 | 000,297,832 | R--- | M] (Hewlett-Packard Co.)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/01/03 14:06:49 | 000,000,000 | ---D | C] -- C:\Users\ba nous\Documents\My Cheat Tables
[2014/01/03 14:06:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3
[2014/01/03 14:06:25 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Roaming\OpenCandy
[2014/01/03 14:06:25 | 000,000,000 | ---D | C] -- C:\Program Files\Cheat Engine 6.3
[2014/01/03 14:04:53 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Roaming\mysearchdial
[2014/01/03 03:04:11 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/01/02 03:01:11 | 000,000,000 | ---D | C] -- C:\Program Files\predm
[2014/01/01 23:44:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2014/01/01 23:37:21 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Roaming\Mozilla
[2014/01/01 23:37:21 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Local\Mozilla
[2014/01/01 23:36:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014/01/01 23:36:42 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2014/01/01 23:35:46 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Roaming\Macromedia
[2014/01/01 23:34:19 | 000,000,000 | ---D | C] -- C:\Program Files\Nosibay
[2014/01/01 23:34:09 | 000,000,000 | ---D | C] -- C:\Program Files\MyPC Backup
[2014/01/01 23:32:11 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Roaming\Nosibay
[2014/01/01 23:30:27 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Roaming\Systweak
[2014/01/01 23:30:26 | 000,018,776 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\Windows\System32\roboot.exe
[2014/01/01 23:30:07 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Local\Programs
[2014/01/01 23:29:35 | 000,000,000 | ---D | C] -- C:\ProgramData\BoxUpdChk
[2014/01/01 23:29:30 | 000,000,000 | ---D | C] -- C:\Program Files\Boxore
[2014/01/01 23:29:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat
[2014/01/01 23:28:11 | 000,000,000 | ---D | C] -- C:\Program Files\IminentToolbar
[2014/01/01 23:28:02 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/01/01 23:28:02 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Roaming\IminentToolbar
[2014/01/01 23:27:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2014/01/01 23:17:39 | 000,000,000 | ---D | C] -- C:\Program Files\Software
[2014/01/01 21:52:34 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Local\ElevatedDiagnostics
[2014/01/01 21:49:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2014/01/01 21:48:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2014/01/01 21:48:40 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2014/01/01 21:48:19 | 000,000,000 | ---D | C] -- C:\Program Files\Bing Bar Installer
[2014/01/01 21:48:17 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Photo Creations
[2014/01/01 21:48:17 | 000,000,000 | ---D | C] -- C:\Program Files\HP Photo Creations
[2014/01/01 21:48:10 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Roaming\HpUpdate
[2014/01/01 21:47:53 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2014/01/01 21:47:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2014/01/01 21:46:36 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2014/01/01 21:46:05 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Local\HP
[2014/01/01 21:35:02 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Roaming\OpenOffice
[2014/01/01 21:34:08 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
[2014/01/01 21:32:57 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice 4
[2014/01/01 21:31:15 | 000,000,000 | ---D | C] -- C:\Users\ba nous\Desktop\OpenOffice 4.0.1 (fr) Installation Files
[2014/01/01 20:54:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft LifeCam
[2014/01/01 20:52:27 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft LifeCam
[2014/01/01 20:50:34 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2014/01/01 20:50:33 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Local\AMD
[2014/01/01 20:50:15 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Roaming\ATI
[2014/01/01 20:50:15 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Local\ATI
[2014/01/01 20:50:15 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2014/01/01 20:49:38 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Roaming\Adobe
[2014/01/01 19:53:05 | 000,000,000 | ---D | C] -- C:\Windows\System32\MRT
[2014/01/01 18:53:22 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2014/01/01 18:51:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/01/01 18:35:48 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2014/01/01 18:33:57 | 000,000,000 | ---D | C] -- C:\Program Files\Plus-HD-3.5
[2014/01/01 18:33:54 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
[2014/01/01 18:33:51 | 000,000,000 | ---D | C] -- C:\Program Files\Wajam
[2014/01/01 18:33:48 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Local\Google
[2014/01/01 18:29:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2014/01/01 18:28:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
[2014/01/01 18:28:50 | 000,000,000 | ---D | C] -- C:\Program Files\MSI
[2014/01/01 18:28:09 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2014/01/01 18:28:08 | 001,725,784 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2014/01/01 18:28:08 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2014/01/01 18:28:08 | 000,214,368 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFNHK.dll
[2014/01/01 18:28:08 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2014/01/01 18:28:08 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2014/01/01 18:28:08 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2014/01/01 18:28:08 | 000,074,080 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFCOM.dll
[2014/01/01 18:28:08 | 000,068,960 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFAPO.dll
[2014/01/01 18:28:03 | 003,296,600 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll
[2014/01/01 18:28:03 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2014/01/01 18:28:03 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2014/01/01 18:28:03 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2014/01/01 18:28:03 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2014/01/01 18:28:03 | 000,103,256 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll
[2014/01/01 18:28:03 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2014/01/01 18:28:03 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2014/01/01 18:28:02 | 000,345,944 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll
[2014/01/01 18:28:02 | 000,252,760 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll
[2014/01/01 18:28:02 | 000,088,408 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll
[2014/01/01 18:28:02 | 000,061,272 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll
[2014/01/01 18:28:01 | 003,327,320 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2014/01/01 18:28:01 | 001,938,704 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2014/01/01 18:28:01 | 000,259,928 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2014/01/01 18:28:01 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2014/01/01 18:28:01 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2014/01/01 18:28:00 | 000,357,200 | ---- | C] (Knowles Acoustics ) -- C:\Windows\System32\KAAPORT.dll
[2014/01/01 18:27:56 | 001,740,352 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2014/01/01 18:27:56 | 001,509,480 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2014/01/01 18:27:56 | 001,292,904 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2014/01/01 18:27:56 | 000,631,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll
[2014/01/01 18:27:56 | 000,601,704 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2014/01/01 18:27:55 | 001,220,200 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2014/01/01 18:27:55 | 000,654,952 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2014/01/01 18:27:55 | 000,458,344 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2014/01/01 18:27:55 | 000,389,736 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2014/01/01 18:27:55 | 000,375,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2014/01/01 18:27:55 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll
[2014/01/01 18:27:55 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2014/01/01 18:27:55 | 000,218,216 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2014/01/01 18:27:53 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2014/01/01 18:27:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2014/01/01 18:26:58 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2014/01/01 18:26:56 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2014/01/01 18:25:59 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP
[2014/01/01 18:25:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2014/01/01 18:25:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2014/01/01 18:24:59 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2014/01/01 18:24:14 | 000,050,176 | ---- | C] (AMD) -- C:\Windows\System32\coinst.dll
[2014/01/01 18:24:06 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2014/01/01 18:24:03 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2014/01/01 18:23:53 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2014/01/01 18:16:45 | 000,000,000 | R--D | C] -- C:\Users\ba nous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/01/01 18:16:45 | 000,000,000 | R--D | C] -- C:\Users\ba nous\Searches
[2014/01/01 18:16:45 | 000,000,000 | R--D | C] -- C:\Users\ba nous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/01/01 18:16:44 | 000,000,000 | -H-D | C] -- C:\Users\ba nous\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/01/01 18:16:35 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Roaming\Identities
[2014/01/01 18:16:33 | 000,000,000 | R--D | C] -- C:\Users\ba nous\Contacts
[2014/01/01 18:16:24 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Local\VirtualStore
[2014/01/01 18:16:20 | 000,000,000 | --SD | C] -- C:\Users\ba nous\AppData\Roaming\Microsoft
[2014/01/01 18:16:20 | 000,000,000 | R--D | C] -- C:\Users\ba nous\Videos
[2014/01/01 18:16:20 | 000,000,000 | R--D | C] -- C:\Users\ba nous\Saved Games
[2014/01/01 18:16:20 | 000,000,000 | R--D | C] -- C:\Users\ba nous\Pictures
[2014/01/01 18:16:20 | 000,000,000 | R--D | C] -- C:\Users\ba nous\Music
[2014/01/01 18:16:20 | 000,000,000 | R--D | C] -- C:\Users\ba nous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/01/01 18:16:20 | 000,000,000 | R--D | C] -- C:\Users\ba nous\Links
[2014/01/01 18:16:20 | 000,000,000 | R--D | C] -- C:\Users\ba nous\Favorites
[2014/01/01 18:16:20 | 000,000,000 | R--D | C] -- C:\Users\ba nous\Downloads
[2014/01/01 18:16:20 | 000,000,000 | R--D | C] -- C:\Users\ba nous\Documents
[2014/01/01 18:16:20 | 000,000,000 | R--D | C] -- C:\Users\ba nous\Desktop
[2014/01/01 18:16:20 | 000,000,000 | R--D | C] -- C:\Users\ba nous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/01/01 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\ba nous\Voisinage réseau
[2014/01/01 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\ba nous\Voisinage d'impression
[2014/01/01 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\ba nous\AppData\Local\Temporary Internet Files
[2014/01/01 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\ba nous\SendTo
[2014/01/01 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\ba nous\Recent
[2014/01/01 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\ba nous\Modèles
[2014/01/01 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\ba nous\Documents\Mes vidéos
[2014/01/01 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\ba nous\Documents\Mes images
[2014/01/01 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\ba nous\Mes documents
[2014/01/01 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\ba nous\Menu Démarrer
[2014/01/01 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\ba nous\Documents\Ma musique
[2014/01/01 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\ba nous\Local Settings
[2014/01/01 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\ba nous\AppData\Local\Historique
[2014/01/01 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\ba nous\Cookies
[2014/01/01 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\ba nous\Application Data
[2014/01/01 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\ba nous\AppData\Local\Application Data
[2014/01/01 18:16:20 | 000,000,000 | -H-D | C] -- C:\Users\ba nous\AppData
[2014/01/01 18:16:20 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Local\Temp
[2014/01/01 18:16:20 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Local\Microsoft
[2014/01/01 18:16:20 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Roaming\Media Center Programs
[2014/01/01 18:16:06 | 000,000,000 | -HSD | C] -- C:\ProgramData\Modèles
[2014/01/01 18:16:06 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mes vidéos
[2014/01/01 18:16:06 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mes images
[2014/01/01 18:16:06 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Démarrer
[2014/01/01 18:16:06 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Ma musique
[2014/01/01 18:16:06 | 000,000,000 | -HSD | C] -- C:\Program Files\Fichiers communs
[2014/01/01 18:16:06 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoris
[2014/01/01 18:16:06 | 000,000,000 | -HSD | C] -- C:\ProgramData\Bureau
[2014/01/01 17:59:36 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014/01/01 17:56:46 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2014/01/01 17:55:17 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2014/01/01 17:43:22 | 000,000,000 | ---D | C] -- C:\Windows.old

========== Files - Modified Within 30 Days ==========

[2014/01/04 01:09:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/04 01:04:00 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/04 00:46:36 | 000,001,922 | ---- | M] () -- C:\Windows\tasks\Plus-HD-3.5-chromeinstaller.job
[2014/01/04 00:41:52 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\SoftwareUpdateTaskMachineUA.job
[2014/01/04 00:41:37 | 000,002,052 | ---- | M] () -- C:\Windows\tasks\Plus-HD-3.5-firefoxinstaller.job
[2014/01/04 00:41:36 | 000,001,288 | ---- | M] () -- C:\Windows\tasks\Plus-HD-3.5-updater.job
[2014/01/04 00:41:36 | 000,001,190 | ---- | M] () -- C:\Windows\tasks\Plus-HD-3.5-codedownloader.job
[2014/01/04 00:41:36 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\Plus-HD-3.5-enabler.job
[2014/01/04 00:41:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/03 23:33:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\SoftwareUpdateTaskMachineCore.job
[2014/01/03 23:11:03 | 000,000,666 | ---- | M] () -- C:\Windows\tasks\hpwebreg_CN13B3J1K705D1.job
[2014/01/03 19:04:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/03 14:06:37 | 000,001,043 | ---- | M] () -- C:\Users\ba nous\Desktop\Cheat Engine.lnk
[2014/01/03 14:04:57 | 000,000,391 | ---- | M] () -- C:\Users\ba nous\Desktop\MySearchDial.url
[2014/01/03 14:04:57 | 000,000,386 | ---- | M] () -- C:\Users\ba nous\Desktop\FREE Games.url
[2014/01/03 14:04:50 | 000,351,124 | ---- | M] () -- C:\Users\ba nous\AppData\Local\mysearchdial-speeddial.crx
[2014/01/03 08:46:00 | 000,021,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/03 08:46:00 | 000,021,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/03 08:44:36 | 000,704,242 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2014/01/03 08:44:36 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/01/03 08:44:36 | 000,130,548 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2014/01/03 08:44:36 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/01/03 08:39:14 | 1810,505,728 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/02 03:01:57 | 000,016,284 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2014/01/02 02:56:43 | 000,000,000 | ---- | M] () -- C:\END
[2014/01/02 00:45:15 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2014/01/02 00:02:17 | 000,001,105 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/01/01 23:39:22 | 000,002,401 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/01/01 23:39:21 | 000,002,425 | ---- | M] () -- C:\Users\ba nous\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/01/01 23:39:21 | 000,001,625 | ---- | M] () -- C:\Users\ba nous\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/01/01 23:38:56 | 000,000,030 | ---- | M] () -- C:\Windows\System32\${LOGFILE}
[2014/01/01 23:20:02 | 000,294,456 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/01/01 21:48:18 | 000,001,055 | ---- | M] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk
[2014/01/01 21:47:50 | 000,002,236 | ---- | M] () -- C:\Users\Public\Desktop\HP Deskjet 2050 J510 series.lnk
[2014/01/01 21:47:50 | 000,001,194 | ---- | M] () -- C:\Users\Public\Desktop\Achat de consommables - HP Deskjet 2050 J510 series.lnk
[2014/01/01 21:47:50 | 000,001,189 | ---- | M] () -- C:\Users\Public\Desktop\HP Deskjet 2050 J510 series Scan.lnk
[2014/01/01 21:34:08 | 000,001,034 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
[2014/01/01 20:54:54 | 000,002,049 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft LifeCam.lnk
[2014/01/01 19:33:06 | 000,000,030 | ---- | M] () -- C:\Users\ba nous\AppData\Roaming\WB.CFG
[2014/01/01 18:54:17 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2014/01/01 18:28:53 | 000,002,029 | ---- | M] () -- C:\Users\Public\Desktop\Super-Charger.lnk
[2014/01/01 18:01:21 | 000,206,462 | ---- | M] () -- C:\Windows\System32\license.rtf
[2014/01/01 17:59:56 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin

========== Files Created - No Company Name ==========

[2014/01/03 14:06:37 | 000,001,043 | ---- | C] () -- C:\Users\ba nous\Desktop\Cheat Engine.lnk
[2014/01/03 14:05:05 | 000,351,124 | ---- | C] () -- C:\Users\ba nous\AppData\Local\mysearchdial-speeddial.crx
[2014/01/02 03:01:57 | 000,016,284 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2014/01/02 02:56:43 | 000,000,000 | ---- | C] () -- C:\END
[2014/01/02 00:45:15 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2014/01/01 23:38:56 | 000,000,030 | ---- | C] () -- C:\Windows\System32\${LOGFILE}
[2014/01/01 23:36:46 | 000,001,105 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/01/01 23:36:45 | 000,001,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014/01/01 23:28:50 | 000,000,908 | ---- | C] () -- C:\Windows\tasks\SoftwareUpdateTaskMachineUA.job
[2014/01/01 23:28:42 | 000,000,904 | ---- | C] () -- C:\Windows\tasks\SoftwareUpdateTaskMachineCore.job
[2014/01/01 23:27:50 | 000,001,002 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/01 21:56:13 | 000,000,666 | ---- | C] () -- C:\Windows\tasks\hpwebreg_CN13B3J1K705D1.job
[2014/01/01 21:48:18 | 000,001,055 | ---- | C] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk
[2014/01/01 21:47:50 | 000,002,236 | ---- | C] () -- C:\Users\Public\Desktop\HP Deskjet 2050 J510 series.lnk
[2014/01/01 21:47:50 | 000,001,194 | ---- | C] () -- C:\Users\Public\Desktop\Achat de consommables - HP Deskjet 2050 J510 series.lnk
[2014/01/01 21:47:50 | 000,001,189 | ---- | C] () -- C:\Users\Public\Desktop\HP Deskjet 2050 J510 series Scan.lnk
[2014/01/01 21:34:08 | 000,001,034 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
[2014/01/01 20:54:54 | 000,002,049 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft LifeCam.lnk
[2014/01/01 19:51:22 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2014/01/01 19:33:05 | 000,000,030 | ---- | C] () -- C:\Users\ba nous\AppData\Roaming\WB.CFG
[2014/01/01 18:59:03 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2014/01/01 18:54:17 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif
[2014/01/01 18:53:52 | 000,002,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2014/01/01 18:51:45 | 000,002,425 | ---- | C] () -- C:\Users\ba nous\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/01/01 18:51:45 | 000,002,401 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/01/01 18:50:19 | 000,001,058 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/01 18:50:17 | 000,001,054 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/01 18:34:34 | 000,001,288 | ---- | C] () -- C:\Windows\tasks\Plus-HD-3.5-updater.job
[2014/01/01 18:34:27 | 000,001,090 | ---- | C] () -- C:\Windows\tasks\Plus-HD-3.5-enabler.job
[2014/01/01 18:34:19 | 000,001,190 | ---- | C] () -- C:\Windows\tasks\Plus-HD-3.5-codedownloader.job
[2014/01/01 18:34:12 | 000,002,052 | ---- | C] () -- C:\Windows\tasks\Plus-HD-3.5-firefoxinstaller.job
[2014/01/01 18:34:00 | 000,001,922 | ---- | C] () -- C:\Windows\tasks\Plus-HD-3.5-chromeinstaller.job
[2014/01/01 18:33:48 | 000,000,391 | ---- | C] () -- C:\Users\ba nous\Desktop\MySearchDial.url
[2014/01/01 18:33:48 | 000,000,386 | ---- | C] () -- C:\Users\ba nous\Desktop\FREE Games.url
[2014/01/01 18:28:52 | 000,002,029 | ---- | C] () -- C:\Users\Public\Desktop\Super-Charger.lnk
[2014/01/01 18:27:04 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2014/01/01 18:24:14 | 000,031,696 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb
[2014/01/01 18:24:14 | 000,020,692 | ---- | C] () -- C:\Windows\atiogl.xml
[2014/01/01 18:24:14 | 000,001,035 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2014/01/01 18:18:41 | 000,001,625 | ---- | C] () -- C:\Users\ba nous\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/01/01 18:16:46 | 000,001,631 | ---- | C] () -- C:\Users\ba nous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/01/01 18:16:20 | 000,000,290 | ---- | C] () -- C:\Users\ba nous\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/01/01 18:16:20 | 000,000,272 | ---- | C] () -- C:\Users\ba nous\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2014/01/01 18:01:05 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2014/01/01 18:00:56 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2014/01/01 17:59:56 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

========== ZeroAccess Check ==========

[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2014/01/01 23:28:02 | 000,000,000 | ---D | M] -- C:\Users\ba nous\AppData\Roaming\IminentToolbar
[2014/01/03 14:05:06 | 000,000,000 | ---D | M] -- C:\Users\ba nous\AppData\Roaming\mysearchdial
[2014/01/03 14:06:25 | 000,000,000 | ---D | M] -- C:\Users\ba nous\AppData\Roaming\OpenCandy
[2014/01/01 21:35:02 | 000,000,000 | ---D | M] -- C:\Users\ba nous\AppData\Roaming\OpenOffice
[2014/01/01 23:48:13 | 000,000,000 | ---D | M] -- C:\Users\ba nous\AppData\Roaming\Systweak

========== Purity Check ==========

< End of report >

#2
Biscuithd

Posted 03 January 2014 - 06:44 PM

Trusted Helper

Malware Removal
2,573 posts

Hello thithi19 and :welcome:

:

My name is Biscuithd and I am going to be helping you with your malware removal. Please note that, I am currently still in training, so all of my posts have to be reviewed by my instructor prior to me posting them.

Before we continue, please note,

If you do not understand any of my instructions, then feel free to ask me and I will explain in further detail.

Some of my instructions might need to be carried out in safe mode (or be lengthy), where you will not have access to GeeksToGo, I suggest you save or print my instructions for later reference.

Please do NOT use any other tools, fixes or scripts unless instructed to do so. Not only could this damage your system, but it will make it harder to fix your issue.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

If I have not responded in three (3) days, feel free to PM me.

There should be another log called Extras.txt that was produced from your initial run of OTL. It will be located in the same place as where you ran OTL from, in this case C:\Users\ba nous\Downloads. Please post that log in your next reply. I'm currently working on a fix for your machine and will post when it is approved.

#3
thithi19

Posted 04 January 2014 - 01:03 AM

New Member

Topic Starter
Member
4 posts

hello Biscuithd
thanks you to try to helping me
a big thanks you

OTL Extras logfile created on: 04/01/2014 01:09:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ba nous\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,25 Gb Total Physical Memory | 1,19 Gb Available Physical Memory | 52,90% Memory free
4,49 Gb Paging File | 2,90 Gb Available in Paging File | 64,52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 698,54 Gb Total Space | 635,23 Gb Free Space | 90,94% Space Free | Partition Type: NTFS
Drive D: | 157,98 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 1862,56 Gb Total Space | 1065,31 Gb Free Space | 57,20% Space Free | Partition Type: FAT32

Computer Name: BANOUS-PC | User Name: ba nous | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{026325D9-41DB-4DD4-9507-12A8298E7724}" = lport=137 | protocol=17 | dir=in | app=system |
"{0C0C044D-DB1A-4105-A9F7-FD7445A356CA}" = rport=138 | protocol=17 | dir=out | app=system |
"{1B21415D-4843-4C08-9CA1-F6364C7D9A4A}" = rport=445 | protocol=6 | dir=out | app=system |
"{1EAC3DDE-B3AE-43F4-9490-D6DC64F262A0}" = rport=137 | protocol=17 | dir=out | app=system |
"{2A3D6D0D-90A1-4A87-8474-BDB692065D74}" = rport=139 | protocol=6 | dir=out | app=system |
"{2AC7F722-F579-442B-B588-081C15AECFEB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4A59FBBD-FCB9-480F-AA22-00A9790C71C9}" = lport=445 | protocol=6 | dir=in | app=system |
"{55912FF0-C40A-4647-B641-32906EF09996}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{61786F28-DC22-40CE-B132-184C99FF22CC}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{7073E0DF-4C91-4FD5-84D6-41FA5B5ECD9A}" = lport=138 | protocol=17 | dir=in | app=system |
"{8067B298-450C-4E49-9802-1E09DC61F9F2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{CC3088BC-68D1-42E3-BF48-A1EC87369AB2}" = lport=139 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08B8DD4E-64C6-432B-8AC5-DE57B28BEA45}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |
"{0E952C1E-094C-46CA-A2A1-286BCB3657E4}" = protocol=1 | dir=out | [email protected],-28544 |
"{1375782E-1B25-40A1-961A-BD2A97C0D6A1}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 2050 j510 series\bin\usbsetup.exe |
"{256BF499-190D-412C-B71E-161A0966C031}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{29A85BFB-C980-4749-8A04-C649216D7E25}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe |
"{3D30A3BF-3626-424C-AB3C-F6AA9F756D14}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe |
"{41AFDD0C-2306-4932-967E-B2232F0E4C8B}" = protocol=1 | dir=in | [email protected],-28543 |
"{4408DFC8-D120-4216-86A0-50D35A7BFF8C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5547700B-7E6C-477F-BEC1-57A9C3F7AE5B}" = protocol=58 | dir=in | [email protected],-28545 |
"{73ACDB1D-4ECE-45C3-A6B7-E37C576919C9}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe |
"{A26E2EF6-1F10-4683-A447-094BA8BC2A32}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{ADB0308E-2D47-4C7B-B471-402231332C0A}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe |
"{B6D8E105-9FCE-4E26-81E5-5CEF7B7015EE}" = protocol=58 | dir=out | [email protected],-28546 |
"{C039E549-D279-4809-91CF-058C911D6131}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
"{C1674CA3-8A3B-4288-B202-A64FAFCC561C}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |
"{F5864344-15C6-438B-8B6C-25548F25F860}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
"{FBCD9BC9-AE51-4229-A06A-C21D70900A98}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 2050 j510 series\bin\usbsetup.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02C11FB8-80F5-780E-D162-FF48F58E3DD5}" = CCC Help Portuguese
"{0CD47142-BA4F-46B0-AA92-2675864928B8}" = Microsoft Security Client
"{0EDCC1B7-76FB-88DA-BF2C-9B64AF946E2B}" = CCC Help Greek
"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
"{11B30564-C98C-3DCA-E796-FFD5204999EC}" = CCC Help Czech
"{137F9CE6-77BC-4532-860A-42B07BAB4BAD}" = HP Deskjet 2050 J510 series - Enquête sur l'amélioration du produit
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D480277-7CED-2437-5234-BABEEFDCB351}" = CCC Help Swedish
"{45C57CA6-4F31-E69B-CFD9-6FB577DF42D1}" = CCC Help Danish
"{4AE59E41-5549-DAF0-A02E-719CB0E9068C}" = CCC Help English
"{502DC8CD-2E65-998E-7B83-48FC23A2C86D}" = CCC Help Spanish
"{503354AC-3554-DBA7-89BE-F5C7F101B591}" = ATI Catalyst Install Manager
"{6E68420D-A9FF-9BDC-245E-C7B572B815D9}" = CCC Help Japanese
"{6F1D5994-5C96-FC75-CED5-725D47471748}" = CCC Help Finnish
"{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}" = HP Deskjet 2050 J510 series Aide
"{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1" = Super-Charger
"{819AEE33-A489-4CCE-8069-C363483D7138}" = Logiciel de base du périphérique HP Deskjet 2050 J510 series
"{84092D1A-0C60-52E1-9E0B-13307163A730}" = CCC Help Norwegian
"{8427AFC8-EB58-23CF-461E-28F75B8D4F92}" = Catalyst Control Center Profiles Mobile
"{85AF1EEE-B3B1-402F-553F-B09A554CAB96}" = CCC Help French
"{85CE6169-3FF6-48B9-22D2-DA45B71B740B}" = CCC Help Thai
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D5D54B8-3D29-4AB4-8DA8-1868DAF941D8}" = OpenOffice 4.0.1
"{91545C37-357A-8790-1DE7-C0216A2D628F}" = Catalyst Control Center InstallProxy
"{9299BBEF-C1FC-CF2D-01E5-2D5A4D5DF88B}" = AMD VISION Engine Control Center
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A33A8A97-A9AA-03EA-F8F4-590F850CFBBF}" = CCC Help Turkish
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Software Update Helper
"{AB21F03F-5214-E3A0-6611-4732290D3BB6}" = AMD Fuel
"{AE83F348-E6E4-87E9-8CCF-349221A275F5}" = ccc-utility
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{BB8D1A11-6459-E191-CDC1-05B5E730FB9A}" = CCC Help Chinese Standard
"{BBC2D638-279B-6AFD-D34D-AD61CE31521E}" = CCC Help Dutch
"{BC97C77A-7E36-C870-D76B-8931CFE59135}" = CCC Help Polish
"{BD71B413-9FEE-49BB-A6D1-2C0BFB99BDFE}" = Microsoft LifeCam
"{BFD5C87F-8E34-98FD-5E95-C687F285A6EC}" = CCC Help Chinese Traditional
"{C99717E5-C678-BA9A-3CF7-D3F54CBE0017}" = CCC Help Italian
"{CA2B24FD-EE10-42B9-B049-AA80268E7E21}" = Boxore Client
"{CD715A32-2440-5B45-86E5-932D07BD1242}" = Catalyst Control Center Localization All
"{D00139CF-BCA9-C820-F50D-EFACD16E8D7B}" = CCC Help Russian
"{D7746FF0-D0E4-F09E-132C-F92CDD88F2AD}" = CCC Help Hungarian
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2192482-0BBD-42D4-3BE3-9663C5ADBCAA}" = CCC Help German
"{F94BBBFB-6FBC-B680-01E1-DA2D07FA51B8}" = CCC Help Korean
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Cheat Engine 6.3_is1" = Cheat Engine 6.3
"Google Chrome" = Google Chrome
"HP Photo Creations" = HP Photo Creations
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 26.0 (x86 fr)" = Mozilla Firefox 26.0 (x86 fr)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Plus-HD-3.5" = Plus-HD-3.5
"Wajam" = Wajam

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 01/01/2014 18:42:48 | Computer Name = banous-PC | Source = WinMgmt | ID = 10
Description =

Error - 01/01/2014 18:46:53 | Computer Name = banous-PC | Source = Application Hang | ID = 1002
Description = Le programme RegCleanPro.exe version 6.21.65.2703 a cessé d’interagir
avec Windows et a été fermé. Pour déterminer si des informations supplémentaires
sont disponibles, consultez l’historique du problème dans le Centre de maintenance.

ID
de processus : c08 Heure de début : 01cf0742b74d88c7 Heure de fin : 47 Chemin d’accès
de l’application : C:\Program Files\RegClean Pro\RegCleanPro.exe ID de rapport :
8ad9cb46-7336-11e3-928d-8c89a556116f

Error - 01/01/2014 22:07:36 | Computer Name = banous-PC | Source = WinMgmt | ID = 10
Description =

Error - 02/01/2014 18:07:32 | Computer Name = banous-PC | Source = Application Hang | ID = 1002
Description = Le programme hpwebreg.exe version 22.50.231.0 a cessé d’interagir
avec Windows et a été fermé. Pour déterminer si des informations supplémentaires
sont disponibles, consultez l’historique du problème dans le Centre de maintenance.

ID
de processus : 788 Heure de début : 01cf08049727d2e3 Heure de fin : 91 Chemin d’accès
de l’application : C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\hpwebreg.exe

ID
de rapport :

Error - 02/01/2014 22:46:42 | Computer Name = banous-PC | Source = WinMgmt | ID = 10
Description =

Error - 02/01/2014 22:51:46 | Computer Name = banous-PC | Source = WinMgmt | ID = 10
Description =

Error - 03/01/2014 03:27:02 | Computer Name = banous-PC | Source = WinMgmt | ID = 10
Description =

Error - 03/01/2014 03:33:25 | Computer Name = banous-PC | Source = WinMgmt | ID = 10
Description =

Error - 03/01/2014 03:41:05 | Computer Name = banous-PC | Source = WinMgmt | ID = 10
Description =

Error - 03/01/2014 18:11:03 | Computer Name = banous-PC | Source = Application Hang | ID = 1002
Description = Le programme hpwebreg.exe version 22.50.231.0 a cessé d’interagir
avec Windows et a été fermé. Pour déterminer si des informations supplémentaires
sont disponibles, consultez l’historique du problème dans le Centre de maintenance.

ID
de processus : 66c Heure de début : 01cf08d090bf7b10 Heure de fin : 6 Chemin d’accès
de l’application : C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\hpwebreg.exe

ID
de rapport :

[ System Events ]
Error - 02/01/2014 22:47:13 | Computer Name = banous-PC | Source = Service Control Manager | ID = 7011
Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de
l’attente de la réponse transactionnelle du service LanmanServer.

Error - 02/01/2014 22:48:40 | Computer Name = banous-PC | Source = Service Control Manager | ID = 7011
Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de
l’attente de la réponse transactionnelle du service LanmanServer.

Error - 03/01/2014 03:22:25 | Computer Name = banous-PC | Source = Disk | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk1\DR1.

Error - 03/01/2014 07:02:22 | Computer Name = banous-PC | Source = Disk | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk1\DR1.

Error - 03/01/2014 08:29:16 | Computer Name = banous-PC | Source = Disk | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk1\DR1.

Error - 03/01/2014 14:03:45 | Computer Name = banous-PC | Source = Disk | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk1\DR1.

Error - 03/01/2014 18:10:08 | Computer Name = banous-PC | Source = Disk | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk1\DR1.

Error - 03/01/2014 18:36:49 | Computer Name = banous-PC | Source = Service Control Manager | ID = 7031
Description = Le service Util SquirrelWeb s’est terminé de manière inattendue. Ceci
s’est produit 1 fois. L’action corrective suivante va être effectuée dans 5000
millisecondes : Redémarrer le service.

Error - 03/01/2014 18:37:07 | Computer Name = banous-PC | Source = Service Control Manager | ID = 7031
Description = Le service Util SquirrelWeb s’est terminé de manière inattendue. Ceci
s’est produit 1 fois. L’action corrective suivante va être effectuée dans 5000
millisecondes : Redémarrer le service.

Error - 03/01/2014 18:37:11 | Computer Name = banous-PC | Source = Service Control Manager | ID = 7031
Description = Le service Update SquirrelWeb s’est terminé de manière inattendue.
Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans
5000 millisecondes : Redémarrer le service.

< End of report >

Edited by thithi19, 04 January 2014 - 01:06 AM.

#4
Biscuithd

Posted 05 January 2014 - 07:03 AM

Trusted Helper

Malware Removal
2,573 posts

Hello thithi19

Please perform the following steps.

Uninstall Software

Click on the Start button and select Control Panel
Click on Programs then click on Uninstall a program
You will now see a list of your installed software, double click on the following one by one to uninstall them:Plus-HD-3.5
Wajam

Once you have done this, reboot your computer
OTL Fix

Run OTL. Please do a Right click on the OTL icon and select Run as Administrator)
Copy (Ctrl+C) and Paste (Ctrl+V) all of the following text into the Custom Scans/Fixes box:

:Commands
[CreateRestorePoint]
:OTL
PRC - [2013/11/01 15:31:08 | 000,114,176 | ---- | M] (Wajam) -- C:\Program Files\Wajam\Updater\WajamUpdaterV3.exe
PRC - [2013/08/16 18:09:06 | 000,961,312 | ---- | M] (Boxore OU) -- C:\Program Files\Boxore\BoxoreClient\boxore.exe
SRV - [2014/01/01 23:28:20 | 000,119,408 | ---- | M] (The Software Group) [On_Demand | Stopped] -- C:\Program Files\Software\Update\SoftwareUpdate.exe -- (Software_update_m)
SRV - [2014/01/01 23:28:20 | 000,119,408 | ---- | M] (The Software Group) [Auto | Stopped] -- C:\Program Files\Software\Update\SoftwareUpdate.exe -- (Software_update)
SRV - [2013/11/01 15:31:08 | 000,114,176 | ---- | M] (Wajam) [Auto | Running] -- C:\Program Files\Wajam\Updater\WajamUpdaterV3.exe -- (WajamUpdaterV3)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearc...r=986792973&ir=
IE - HKLM\..\SearchScopes,DefaultScope = {77AA745B-F4F8-45DA-9B14-61D2D95054C8}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...9A89052E4&SSPV=
IE - HKCU\..\SearchScopes,DefaultScope = {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
IE - HKCU\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://search.condui...rchTerms}&SSPV=
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.condui...rchTerms}&SSPV=
FF - HKLM\Software\MozillaPlugins\@tools.Software.com/Software Update;version=3: C:\Program Files\Software\Update\1.3.25.0\npSoftwareUpdate3.dll (The Software Group)
FF - HKLM\Software\MozillaPlugins\@tools.Software.com/Software Update;version=9: C:\Program Files\Software\Update\1.3.25.0\npSoftwareUpdate3.dll (The Software Group)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Nosibay\Bubble Dock\extensions\FFSurfMatch
[2014/01/03 14:08:39 | 000,000,000 | ---D | M] ("MySearchDial NewTab") -- C:\Users\ba nous\AppData\Roaming\mozilla\Firefox\Profiles\c9j1n8po.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
[2014/01/02 00:02:30 | 000,000,000 | ---D | M] ("Plus-HD-3.5") -- C:\Users\ba nous\AppData\Roaming\mozilla\Firefox\Profiles\c9j1n8po.default\extensions\d8222698-19e5-4827-b79e-0a077ea8eb7a@7b662f6d-3899-41e4-8864-6393447568da.com
[2014/01/02 18:39:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ba nous\AppData\Roaming\mozilla\Firefox\Profiles\c9j1n8po.default\extensions\d8222698-19e5-4827-b79e-0a077ea8eb7a@7b662f6d-3899-41e4-8864-6393447568da.com\extensionData
[2014/01/02 18:39:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ba nous\AppData\Roaming\mozilla\Firefox\Profiles\c9j1n8po.default\extensions\d8222698-19e5-4827-b79e-0a077ea8eb7a@7b662f6d-3899-41e4-8864-6393447568da.com\extensionData\plugins
[2014/01/02 18:39:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ba nous\AppData\Roaming\mozilla\Firefox\Profiles\c9j1n8po.default\extensions\d8222698-19e5-4827-b79e-0a077ea8eb7a@7b662f6d-3899-41e4-8864-6393447568da.com\extensionData\userCode
[2014/01/03 23:37:00 | 000,007,303 | ---- | M] () (No name found) -- C:\Users\ba nous\AppData\Roaming\mozilla\firefox\profiles\c9j1n8po.default\extensions\[email protected]
[2013/07/22 12:35:02 | 000,180,858 | ---- | M] () (No name found) -- C:\Users\ba nous\AppData\Roaming\mozilla\firefox\profiles\c9j1n8po.default\extensions\[email protected]
[2014/01/03 19:03:45 | 000,000,975 | ---- | M] () -- C:\Users\ba nous\AppData\Roaming\mozilla\firefox\profiles\c9j1n8po.default\searchplugins\conduit-search.xml
[2014/01/03 14:08:41 | 000,002,393 | ---- | M] () -- C:\Users\ba nous\AppData\Roaming\mozilla\firefox\profiles\c9j1n8po.default\searchplugins\Mysearchdial.xml
[2014/01/01 23:39:21 | 000,000,566 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\nationzoom.xml
O2 - BHO: (Plus-HD-3.5) - {11111111-1111-1111-1111-110311711180} - C:\Program Files\Plus-HD-3.5\Plus-HD-3.5-bho.dll (Plus HD)
O2 - BHO: (Bubble Dock SurfMatch) - {23AF19F7-1D5B-442c-B14C-3D1081953C94} - C:\Program Files\Nosibay\Bubble Dock\extensions\axSurfMatch.dll File not found
O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found.
O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files\Wajam\IE\priam_bho.dll (Wajam)
O2 - BHO: (SquirrelWeb) - {dd86af49-1ef1-4532-89f7-41eda1dbbe6d} - C:\Program Files\SquirrelWeb\SquirrelWebBHO.dll File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Boxore Client] C:\Program Files\Boxore\BoxoreClient\boxore.exe (Boxore OU)
O4 - HKLM..\Run: [fst_fr_26] File not found
O4 - HKLM..\Run: [Iminent] C:\Program Files\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C" File not found
O4 - HKLM..\Run: [IminentMessenger] C:\Program Files\Iminent\Iminent.Messengers.exe File not found
O4 - HKLM..\RunOnce: [DelTr53785977] cmd.exe /c rd /s /q "C:\Users\ba nous\AppData\Roaming\mysearchdial" File not found
O4 - HKLM..\RunOnce: [SpUninstallCleanUp] REG delete HKEY_LOCAL_MACHINE\Software\SearchProtect /f File not found
O4 - HKCU..\RunOnce: [DelTr53785977] cmd.exe /c rd /s /q "C:\Users\ba nous\AppData\Roaming\mysearchdial" File not found
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0B2542BC-B225-48B4-A8A5-90BFC0DD3142}: DhcpNameServer = 192.168.1.1
[2014/01/03 14:06:25 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Roaming\OpenCandy
[2014/01/03 14:04:53 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Roaming\mysearchdial
[2014/01/03 03:04:11 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/01/01 23:34:19 | 000,000,000 | ---D | C] -- C:\Program Files\Nosibay
[2014/01/01 23:34:09 | 000,000,000 | ---D | C] -- C:\Program Files\MyPC Backup
[2014/01/01 23:32:11 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Roaming\Nosibay
[2014/01/01 23:30:27 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Roaming\Systweak
[2014/01/01 23:30:26 | 000,018,776 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\Windows\System32\roboot.exe
[2014/01/01 23:29:35 | 000,000,000 | ---D | C] -- C:\ProgramData\BoxUpdChk
[2014/01/01 23:29:30 | 000,000,000 | ---D | C] -- C:\Program Files\Boxore
[2014/01/01 23:28:11 | 000,000,000 | ---D | C] -- C:\Program Files\IminentToolbar
[2014/01/01 23:28:02 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Roaming\IminentToolbar
[2014/01/01 21:52:34 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Local\ElevatedDiagnostics
[2014/01/01 18:33:57 | 000,000,000 | ---D | C] -- C:\Program Files\Plus-HD-3.5
[2014/01/01 18:33:54 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
[2014/01/01 18:33:51 | 000,000,000 | ---D | C] -- C:\Program Files\Wajam
[2014/01/04 00:46:36 | 000,001,922 | ---- | M] () -- C:\Windows\tasks\Plus-HD-3.5-chromeinstaller.job
[2014/01/04 00:41:37 | 000,002,052 | ---- | M] () -- C:\Windows\tasks\Plus-HD-3.5-firefoxinstaller.job
[2014/01/04 00:41:36 | 000,001,288 | ---- | M] () -- C:\Windows\tasks\Plus-HD-3.5-updater.job
[2014/01/04 00:41:36 | 000,001,190 | ---- | M] () -- C:\Windows\tasks\Plus-HD-3.5-codedownloader.job
[2014/01/04 00:41:36 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\Plus-HD-3.5-enabler.job
[2014/01/03 14:04:57 | 000,000,391 | ---- | M] () -- C:\Users\ba nous\Desktop\MySearchDial.url
[2014/01/03 14:04:57 | 000,000,386 | ---- | M] () -- C:\Users\ba nous\Desktop\FREE Games.url
[2014/01/03 14:04:50 | 000,351,124 | ---- | M] () -- C:\Users\ba nous\AppData\Local\mysearchdial-speeddial.crx
[2014/01/01 23:28:02 | 000,000,000 | ---D | M] -- C:\Users\ba nous\AppData\Roaming\IminentToolbar
[2014/01/03 14:05:06 | 000,000,000 | ---D | M] -- C:\Users\ba nous\AppData\Roaming\mysearchdial
[2014/01/03 14:06:25 | 000,000,000 | ---D | M] -- C:\Users\ba nous\AppData\Roaming\OpenCandy
[2014/01/01 23:48:13 | 000,000,000 | ---D | M] -- C:\Users\ba nous\AppData\Roaming\Systweak

:Commands
[EMPTYTEMP]

Click the Run Fix button.

Your computer will reboot. When the reboot is complete, then download Junkware Removal Tool to your desktop.
Right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

4. Then, run OTL again and click Quick Scan.

5. Copy and paste the contents of the log that it produces into your next post.

In you next post to me please include the Junkware Removal Tool log and the OTL logs.

Edited by Biscuithd, 05 January 2014 - 07:13 AM.

#5
thithi19

Posted 05 January 2014 - 09:32 AM

New Member

Topic Starter
Member
4 posts

hi
first a big thanks you
second here all u have asking

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.9 (01.01.2014:1)
OS: Windows 7 Home Premium x86
Ran by ba nous on 05/01/2014 at 16:16:58,86
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminent
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\mysearchdial
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\1c875dde39636004ca8cdaec335b4160
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\softwareupdate.coreclass
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\softwareupdate.coreclass.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\softwareupdate.ondemandcomclassmachine
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\softwareupdate.ondemandcomclassmachine.1.0
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\wajam_install_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\wajam_install_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1c875dde39636004ca8cdaec335b4160
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311711180}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\UpdateTask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\UpdateTask_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}

~~~ Files

Successfully deleted: [File] "C:\end"

~~~ Folders

Successfully deleted: [Folder] "C:\Users\ba nous\appdata\locallow\mysearchdial"
Successfully deleted: [Folder] "C:\Program Files\software"

~~~ FireFox

Successfully deleted: [File] C:\Users\ba nous\AppData\Roaming\mozilla\firefox\profiles\c9j1n8po.default\user.js
Successfully deleted the following from C:\Users\ba nous\AppData\Roaming\mozilla\firefox\profiles\c9j1n8po.default\prefs.js

user_pref("extensions.crossrider.bic", "1434ff9d3848b159ac2f3bf045346bc9");
user_pref("extensions.mysearchdial.aflt", "irmsd0101");
user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1Qzuzz0Czzzy0AyDyDyCtCtCyC0F0CtD0BtBtN0D0Tzu0CyBtAyEtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R");
user_pref("extensions.mysearchdial.cr", "986792973");
user_pref("extensions.mysearchdial.dfltLng", "");
user_pref("extensions.mysearchdial.dfltSrch", true);
user_pref("extensions.mysearchdial.dnsErr", true);
user_pref("extensions.mysearchdial.excTlbr", false);
user_pref("extensions.mysearchdial.hmpg", true);
user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=irmsd0101&cd=2XzuyEtN2Y1L1Qzuzz0Czzzy0AyDyDyCtCtCyC0F0CtD0BtBtN0D0Tzu0CyBtAyEtN1L2XzutBtFtBt
user_pref("extensions.mysearchdial.id", "8C89A556116FC0B2");
user_pref("extensions.mysearchdial.instlDay", "16073");
user_pref("extensions.mysearchdial.instlRef", "");
user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=irmsd0101&cd=2XzuyEtN2Y1L1Qzuzz0Czzzy0AyDyDyCtCtCyC0F0CtD0BtBtN0D0Tzu0CyBtAyEtN1L2XzutBtFt
user_pref("extensions.mysearchdial.prdct", "mysearchdial");
user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
user_pref("extensions.mysearchdial.tlbrId", "base");
user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=irmsd0101&cd=2XzuyEtN2Y1L1Qzuzz0Czzzy0AyDyDyCtCtCyC0F0CtD0BtBtN0D0Tzu0CyBtAyEtN1L2XzutBt
user_pref("extensions.mysearchdial.vrsn", "1.8.21.0");
user_pref("extensions.mysearchdial.vrsni", "1.8.21.0");
user_pref("extensions.mysearchdial_i.hmpg", true);
user_pref("extensions.mysearchdial_i.newTab", false);
user_pref("extensions.mysearchdial_i.smplGrp", "none");
user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.21.014:4:39");
Emptied folder: C:\Users\ba nous\AppData\Roaming\mozilla\firefox\profiles\c9j1n8po.default\minidumps [1 files]

~~~ Chrome

Successfully deleted: [Folder] C:\Users\ba nous\appdata\local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05/01/2014 at 16:18:44,22
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

OTL logfile created on: 05/01/2014 16:27:32 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ba nous\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,25 Gb Total Physical Memory | 1,30 Gb Available Physical Memory | 57,86% Memory free
4,49 Gb Paging File | 3,15 Gb Available in Paging File | 70,11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 698,54 Gb Total Space | 635,17 Gb Free Space | 90,93% Space Free | Partition Type: NTFS
Drive D: | 157,98 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 1862,56 Gb Total Space | 1065,31 Gb Free Space | 57,20% Space Free | Partition Type: FAT32

Computer Name: BANOUS-PC | User Name: ba nous | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/01/05 16:27:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ba nous\Downloads\OTL.exe
PRC - [2014/01/01 19:31:08 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2013/12/04 03:48:06 | 000,863,184 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013/10/23 15:01:10 | 000,280,288 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2013/10/23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/10/23 14:55:28 | 000,948,440 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2013/09/05 15:04:00 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/06/24 09:27:04 | 006,044,264 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
PRC - [2011/06/07 22:08:18 | 000,294,400 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/12/13 14:37:46 | 000,135,536 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2010/02/10 15:06:04 | 000,372,736 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2010/02/10 15:05:34 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe

========== Modules (No Company Name) ==========

MOD - [2014/01/03 03:34:20 | 000,240,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\03dc83fbe48384390aed7a455e949789\WindowsFormsIntegration.ni.dll
MOD - [2014/01/03 03:33:06 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a2920ed81e097f8551231a9350697bbd\PresentationFramework.Aero.ni.dll
MOD - [2014/01/03 03:32:43 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bcf51dc88597d0835c819a2d5a755b74\PresentationFramework.ni.dll
MOD - [2014/01/03 03:32:31 | 012,238,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\51478a61dbd40488e320a0061e23c4df\PresentationCore.ni.dll
MOD - [2014/01/03 03:32:21 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll
MOD - [2014/01/03 03:32:11 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\8f5b881951592b2fd05f710650bf7e04\System.Core.ni.dll
MOD - [2014/01/03 03:30:46 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
MOD - [2014/01/03 03:30:28 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2014/01/03 03:30:27 | 011,914,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\0cb40437ecbf8ab60a297ff419b7f830\System.Web.ni.dll
MOD - [2014/01/03 03:30:20 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d473c19e69818875b9c739cad8f386a5\System.Runtime.Remoting.ni.dll
MOD - [2014/01/03 03:30:13 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2014/01/03 03:30:10 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
MOD - [2014/01/03 03:30:08 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2014/01/03 03:30:03 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/12/04 03:48:04 | 000,399,312 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
MOD - [2013/12/04 03:48:03 | 013,586,896 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll
MOD - [2013/12/04 03:48:02 | 004,055,504 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll
MOD - [2013/12/04 03:47:11 | 000,702,416 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
MOD - [2013/12/04 03:47:11 | 000,099,792 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.63\libegl.dll
MOD - [2013/12/04 03:47:08 | 001,619,408 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
MOD - [2011/06/07 22:11:00 | 000,243,712 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2011/06/07 22:08:26 | 000,095,232 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
MOD - [2011/04/12 02:35:22 | 000,245,760 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationFramework.resources.dll
MOD - [2011/04/12 02:35:14 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_fr_b77a5c561934e089\System.resources.dll
MOD - [2010/11/13 00:35:41 | 000,430,080 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_fr_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2010/11/13 00:35:38 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll

========== Services (SafeList) ==========

SRV - [2014/01/05 14:09:27 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/01/01 23:28:58 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2013/12/05 20:36:33 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/11/26 09:29:52 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2013/10/23 15:01:10 | 000,280,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013/10/23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013/09/05 15:04:00 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/05/27 05:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2011/06/07 22:08:18 | 000,294,400 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2010/12/13 14:37:46 | 000,135,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2010/02/10 15:05:34 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)

========== Driver Services (SafeList) ==========

DRV - [2013/09/27 09:53:06 | 000,104,768 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011/06/06 11:06:54 | 000,211,984 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2011/04/15 07:37:46 | 000,066,688 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_sata.sys -- (amd_sata)
DRV - [2011/04/15 07:37:46 | 000,033,408 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_xata.sys -- (amd_xata)
DRV - [2010/12/02 22:30:44 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2010/11/28 21:50:40 | 000,035,968 | R--- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2010/11/20 22:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 22:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 22:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010/06/16 22:15:36 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie)
DRV - [2010/02/18 09:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86)
DRV - [2010/02/10 15:23:24 | 005,315,584 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2010/02/10 15:23:24 | 005,315,584 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atipmdag.sys -- (amdkmdag)
DRV - [2010/02/10 14:10:58 | 000,152,064 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2009/07/14 00:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.nationzoo...2509AV582509AV5
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.nationzoo...q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.nationzoo...q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.nationzoo...q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.nationzoo...2509AV582509AV5
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9F B2 A0 5B 17 07 CF 01 [binary data]
IE - HKCU\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.nationzoo...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2014/01/01 23:37:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ba nous\AppData\Roaming\mozilla\Extensions
[2014/01/05 16:10:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ba nous\AppData\Roaming\mozilla\Firefox\Profiles\c9j1n8po.default\extensions
[2014/01/01 23:28:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2014/01/02 00:01:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\browser\extensions
[2014/01/02 00:01:39 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://google.fr/
CHR - Extension: Bejeweled = C:\Users\ba nous\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm\2_0\
CHR - Extension: Private Joe - Dungeons = C:\Users\ba nous\AppData\Local\Google\Chrome\User Data\Default\Extensions\bddhcbcefccaggaloclldffhobmecjfj\1.4_0\
CHR - Extension: Snooker = C:\Users\ba nous\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjohiacoelemalmancnccjggomjnkfod\1.0.2_0\
CHR - Extension: YouTube = C:\Users\ba nous\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: POKERWOOD - Texas Holdem Poker = C:\Users\ba nous\AppData\Local\Google\Chrome\User Data\Default\Extensions\clkeocmibglboageifmndbpeikoghebb\1.0.9_0\
CHR - Extension: Ratchet & Clank Future 2 = C:\Users\ba nous\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejhfomhehcinmhgnlhdpghklkjgppdmn\3_0\
CHR - Extension: avast! Online Security = C:\Users\ba nous\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2011.70_1\
CHR - Extension: Isoball 3 = C:\Users\ba nous\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajlkcpgcnbhfhpdeooockfaincfkjjj\1.4.0_0\
CHR - Extension: World of Solitaire = C:\Users\ba nous\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifbnllnaaaohekjkcpfdllhhjijnidgn\1.0.1_0\
CHR - Extension: RePlay.FR = C:\Users\ba nous\AppData\Local\Google\Chrome\User Data\Default\Extensions\imfaefgciinakhhijicamiodfbejphdb\1.4.1_0\
CHR - Extension: Lettre Compte Triple = C:\Users\ba nous\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjeddnjjfojmepmehcknfgdlefcolomp\0.8.5_0\
CHR - Extension: Skyrama = C:\Users\ba nous\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlehaidnnmjjkhgbbiombcdifogolhap\1.0.8_0\
CHR - Extension: Cargo Bridge = C:\Users\ba nous\AppData\Local\Google\Chrome\User Data\Default\Extensions\keembkgclppcbilkekfgpobhldjjhpmn\1.5.7_0\
CHR - Extension: iGraal = C:\Users\ba nous\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhkepipobnjllejbafajoemahjejdcm\1.5.3_1\
CHR - Extension: Custom Print = C:\Users\ba nous\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldikpdnngdmeceeameoaannjilbjppnm\0.1_0\
CHR - Extension: WGT Golf Game = C:\Users\ba nous\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpedbpkelbhcbkdaglillalioeeekbpb\45.0.0_0\
CHR - Extension: Google00A0Wallet = C:\Users\ba nous\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Destroyer bombe 3D = C:\Users\ba nous\AppData\Local\Google\Chrome\User Data\Default\Extensions\okehlnjpihomkdokiiafpejniofjaoom\1.0.6_0\
CHR - Extension: Smart Display = C:\Users\ba nous\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbpohikckhbcljgombipcdoinkaedlfa\1.6_0\

O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Super-Charger] C:\Program Files\MSI\Super-Charger\StartSuperCharger.exe (MSI)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0B2542BC-B225-48B4-A8A5-90BFC0DD3142}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/11/17 00:48:32 | 000,000,131 | R--- | M] () - D:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{35cb2b4d-731d-11e3-808f-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{35cb2b4d-731d-11e3-808f-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Setup.exe -- [2010/11/17 00:48:32 | 000,297,832 | R--- | M] (Hewlett-Packard Co.)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/01/05 16:16:58 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/01/05 16:09:58 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/01/05 13:26:58 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Local\Macromedia
[2014/01/05 12:56:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2014/01/05 12:56:55 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2014/01/05 12:56:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2014/01/05 12:55:07 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Local\Adobe
[2014/01/03 14:06:49 | 000,000,000 | ---D | C] -- C:\Users\ba nous\Documents\My Cheat Tables
[2014/01/03 14:06:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3
[2014/01/03 14:06:25 | 000,000,000 | ---D | C] -- C:\Program Files\Cheat Engine 6.3
[2014/01/02 03:01:11 | 000,000,000 | ---D | C] -- C:\Program Files\predm
[2014/01/01 23:44:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2014/01/01 23:37:21 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Roaming\Mozilla
[2014/01/01 23:37:21 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Local\Mozilla
[2014/01/01 23:36:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014/01/01 23:36:42 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2014/01/01 23:35:46 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Roaming\Macromedia
[2014/01/01 23:30:07 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Local\Programs
[2014/01/01 23:29:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat
[2014/01/01 23:28:02 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/01/01 23:27:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2014/01/01 21:49:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2014/01/01 21:48:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2014/01/01 21:48:40 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2014/01/01 21:48:19 | 000,000,000 | ---D | C] -- C:\Program Files\Bing Bar Installer
[2014/01/01 21:48:17 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Photo Creations
[2014/01/01 21:48:17 | 000,000,000 | ---D | C] -- C:\Program Files\HP Photo Creations
[2014/01/01 21:48:10 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Roaming\HpUpdate
[2014/01/01 21:47:53 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2014/01/01 21:47:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2014/01/01 21:46:36 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2014/01/01 21:46:05 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Local\HP
[2014/01/01 21:35:02 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Roaming\OpenOffice
[2014/01/01 21:34:08 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
[2014/01/01 21:32:57 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice 4
[2014/01/01 21:31:15 | 000,000,000 | ---D | C] -- C:\Users\ba nous\Desktop\OpenOffice 4.0.1 (fr) Installation Files
[2014/01/01 20:54:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft LifeCam
[2014/01/01 20:52:27 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft LifeCam
[2014/01/01 20:50:34 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2014/01/01 20:50:33 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Local\AMD
[2014/01/01 20:50:15 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Roaming\ATI
[2014/01/01 20:50:15 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Local\ATI
[2014/01/01 20:50:15 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2014/01/01 20:49:38 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Roaming\Adobe
[2014/01/01 19:53:05 | 000,000,000 | ---D | C] -- C:\Windows\System32\MRT
[2014/01/01 18:53:22 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2014/01/01 18:51:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/01/01 18:35:48 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2014/01/01 18:33:48 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Local\Google
[2014/01/01 18:29:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2014/01/01 18:28:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
[2014/01/01 18:28:50 | 000,000,000 | ---D | C] -- C:\Program Files\MSI
[2014/01/01 18:28:09 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2014/01/01 18:28:08 | 001,725,784 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2014/01/01 18:28:08 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2014/01/01 18:28:08 | 000,214,368 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFNHK.dll
[2014/01/01 18:28:08 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2014/01/01 18:28:08 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2014/01/01 18:28:08 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2014/01/01 18:28:08 | 000,074,080 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFCOM.dll
[2014/01/01 18:28:08 | 000,068,960 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFAPO.dll
[2014/01/01 18:28:03 | 003,296,600 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll
[2014/01/01 18:28:03 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2014/01/01 18:28:03 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2014/01/01 18:28:03 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2014/01/01 18:28:03 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2014/01/01 18:28:03 | 000,103,256 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll
[2014/01/01 18:28:03 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2014/01/01 18:28:03 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2014/01/01 18:28:02 | 000,345,944 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll
[2014/01/01 18:28:02 | 000,252,760 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll
[2014/01/01 18:28:02 | 000,088,408 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll
[2014/01/01 18:28:02 | 000,061,272 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll
[2014/01/01 18:28:01 | 003,327,320 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2014/01/01 18:28:01 | 001,938,704 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2014/01/01 18:28:01 | 000,259,928 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2014/01/01 18:28:01 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2014/01/01 18:28:01 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2014/01/01 18:28:00 | 000,357,200 | ---- | C] (Knowles Acoustics ) -- C:\Windows\System32\KAAPORT.dll
[2014/01/01 18:27:56 | 001,740,352 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2014/01/01 18:27:56 | 001,509,480 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2014/01/01 18:27:56 | 001,292,904 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2014/01/01 18:27:56 | 000,631,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll
[2014/01/01 18:27:56 | 000,601,704 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2014/01/01 18:27:55 | 001,220,200 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2014/01/01 18:27:55 | 000,654,952 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2014/01/01 18:27:55 | 000,458,344 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2014/01/01 18:27:55 | 000,389,736 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2014/01/01 18:27:55 | 000,375,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2014/01/01 18:27:55 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll
[2014/01/01 18:27:55 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2014/01/01 18:27:55 | 000,218,216 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2014/01/01 18:27:53 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2014/01/01 18:27:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2014/01/01 18:26:58 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2014/01/01 18:26:56 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2014/01/01 18:25:59 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP
[2014/01/01 18:25:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2014/01/01 18:25:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2014/01/01 18:24:59 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2014/01/01 18:24:14 | 000,050,176 | ---- | C] (AMD) -- C:\Windows\System32\coinst.dll
[2014/01/01 18:24:06 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2014/01/01 18:24:03 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2014/01/01 18:23:53 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2014/01/01 18:16:45 | 000,000,000 | R--D | C] -- C:\Users\ba nous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/01/01 18:16:45 | 000,000,000 | R--D | C] -- C:\Users\ba nous\Searches
[2014/01/01 18:16:45 | 000,000,000 | R--D | C] -- C:\Users\ba nous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/01/01 18:16:44 | 000,000,000 | -H-D | C] -- C:\Users\ba nous\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/01/01 18:16:35 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Roaming\Identities
[2014/01/01 18:16:33 | 000,000,000 | R--D | C] -- C:\Users\ba nous\Contacts
[2014/01/01 18:16:24 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Local\VirtualStore
[2014/01/01 18:16:20 | 000,000,000 | --SD | C] -- C:\Users\ba nous\AppData\Roaming\Microsoft
[2014/01/01 18:16:20 | 000,000,000 | R--D | C] -- C:\Users\ba nous\Videos
[2014/01/01 18:16:20 | 000,000,000 | R--D | C] -- C:\Users\ba nous\Saved Games
[2014/01/01 18:16:20 | 000,000,000 | R--D | C] -- C:\Users\ba nous\Pictures
[2014/01/01 18:16:20 | 000,000,000 | R--D | C] -- C:\Users\ba nous\Music
[2014/01/01 18:16:20 | 000,000,000 | R--D | C] -- C:\Users\ba nous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/01/01 18:16:20 | 000,000,000 | R--D | C] -- C:\Users\ba nous\Links
[2014/01/01 18:16:20 | 000,000,000 | R--D | C] -- C:\Users\ba nous\Favorites
[2014/01/01 18:16:20 | 000,000,000 | R--D | C] -- C:\Users\ba nous\Downloads
[2014/01/01 18:16:20 | 000,000,000 | R--D | C] -- C:\Users\ba nous\Documents
[2014/01/01 18:16:20 | 000,000,000 | R--D | C] -- C:\Users\ba nous\Desktop
[2014/01/01 18:16:20 | 000,000,000 | R--D | C] -- C:\Users\ba nous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/01/01 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\ba nous\Voisinage réseau
[2014/01/01 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\ba nous\Voisinage d'impression
[2014/01/01 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\ba nous\AppData\Local\Temporary Internet Files
[2014/01/01 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\ba nous\SendTo
[2014/01/01 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\ba nous\Recent
[2014/01/01 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\ba nous\Modèles
[2014/01/01 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\ba nous\Documents\Mes vidéos
[2014/01/01 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\ba nous\Documents\Mes images
[2014/01/01 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\ba nous\Mes documents
[2014/01/01 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\ba nous\Menu Démarrer
[2014/01/01 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\ba nous\Documents\Ma musique
[2014/01/01 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\ba nous\Local Settings
[2014/01/01 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\ba nous\AppData\Local\Historique
[2014/01/01 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\ba nous\Cookies
[2014/01/01 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\ba nous\Application Data
[2014/01/01 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\ba nous\AppData\Local\Application Data
[2014/01/01 18:16:20 | 000,000,000 | -H-D | C] -- C:\Users\ba nous\AppData
[2014/01/01 18:16:20 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Local\Temp
[2014/01/01 18:16:20 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Local\Microsoft
[2014/01/01 18:16:20 | 000,000,000 | ---D | C] -- C:\Users\ba nous\AppData\Roaming\Media Center Programs
[2014/01/01 18:16:06 | 000,000,000 | -HSD | C] -- C:\ProgramData\Modèles
[2014/01/01 18:16:06 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mes vidéos
[2014/01/01 18:16:06 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mes images
[2014/01/01 18:16:06 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Démarrer
[2014/01/01 18:16:06 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Ma musique
[2014/01/01 18:16:06 | 000,000,000 | -HSD | C] -- C:\Program Files\Fichiers communs
[2014/01/01 18:16:06 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoris
[2014/01/01 18:16:06 | 000,000,000 | -HSD | C] -- C:\ProgramData\Bureau
[2014/01/01 17:59:36 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014/01/01 17:56:46 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2014/01/01 17:55:17 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2014/01/01 17:43:22 | 000,000,000 | ---D | C] -- C:\Windows.old

========== Files - Modified Within 30 Days ==========

[2014/01/05 16:21:24 | 000,021,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/05 16:21:24 | 000,021,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/05 16:18:52 | 000,704,242 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2014/01/05 16:18:52 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/01/05 16:18:52 | 000,130,548 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2014/01/05 16:18:52 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/01/05 16:13:40 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/05 16:13:40 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\SoftwareUpdateTaskMachineCore.job
[2014/01/05 16:13:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/05 16:13:16 | 1810,505,728 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/05 16:09:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/05 15:33:21 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\SoftwareUpdateTaskMachineUA.job
[2014/01/05 15:04:00 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/05 12:57:15 | 000,001,989 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014/01/05 10:37:59 | 000,000,666 | ---- | M] () -- C:\Windows\tasks\hpwebreg_CN13B3J1K705D1.job
[2014/01/03 14:06:37 | 000,001,043 | ---- | M] () -- C:\Users\ba nous\Desktop\Cheat Engine.lnk
[2014/01/02 03:01:57 | 000,016,284 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2014/01/02 00:45:15 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2014/01/02 00:02:17 | 000,001,105 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/01/01 23:39:22 | 000,002,401 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/01/01 23:39:21 | 000,002,425 | ---- | M] () -- C:\Users\ba nous\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/01/01 23:39:21 | 000,001,625 | ---- | M] () -- C:\Users\ba nous\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/01/01 23:38:56 | 000,000,030 | ---- | M] () -- C:\Windows\System32\${LOGFILE}
[2014/01/01 23:20:02 | 000,294,456 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/01/01 21:48:18 | 000,001,055 | ---- | M] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk
[2014/01/01 21:47:50 | 000,002,236 | ---- | M] () -- C:\Users\Public\Desktop\HP Deskjet 2050 J510 series.lnk
[2014/01/01 21:47:50 | 000,001,194 | ---- | M] () -- C:\Users\Public\Desktop\Achat de consommables - HP Deskjet 2050 J510 series.lnk
[2014/01/01 21:47:50 | 000,001,189 | ---- | M] () -- C:\Users\Public\Desktop\HP Deskjet 2050 J510 series Scan.lnk
[2014/01/01 21:34:08 | 000,001,034 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
[2014/01/01 20:54:54 | 000,002,049 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft LifeCam.lnk
[2014/01/01 19:33:06 | 000,000,030 | ---- | M] () -- C:\Users\ba nous\AppData\Roaming\WB.CFG
[2014/01/01 18:54:17 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2014/01/01 18:28:53 | 000,002,029 | ---- | M] () -- C:\Users\Public\Desktop\Super-Charger.lnk
[2014/01/01 18:01:21 | 000,206,462 | ---- | M] () -- C:\Windows\System32\license.rtf
[2014/01/01 17:59:56 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin

========== Files Created - No Company Name ==========

[2014/01/05 12:57:15 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2014/01/05 12:57:15 | 000,001,989 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014/01/03 14:06:37 | 000,001,043 | ---- | C] () -- C:\Users\ba nous\Desktop\Cheat Engine.lnk
[2014/01/02 03:01:57 | 000,016,284 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2014/01/02 00:45:15 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2014/01/01 23:38:56 | 000,000,030 | ---- | C] () -- C:\Windows\System32\${LOGFILE}
[2014/01/01 23:36:46 | 000,001,105 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/01/01 23:36:45 | 000,001,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014/01/01 23:28:50 | 000,000,908 | ---- | C] () -- C:\Windows\tasks\SoftwareUpdateTaskMachineUA.job
[2014/01/01 23:28:42 | 000,000,904 | ---- | C] () -- C:\Windows\tasks\SoftwareUpdateTaskMachineCore.job
[2014/01/01 23:27:50 | 000,001,002 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/01 21:56:13 | 000,000,666 | ---- | C] () -- C:\Windows\tasks\hpwebreg_CN13B3J1K705D1.job
[2014/01/01 21:48:18 | 000,001,055 | ---- | C] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk
[2014/01/01 21:47:50 | 000,002,236 | ---- | C] () -- C:\Users\Public\Desktop\HP Deskjet 2050 J510 series.lnk
[2014/01/01 21:47:50 | 000,001,194 | ---- | C] () -- C:\Users\Public\Desktop\Achat de consommables - HP Deskjet 2050 J510 series.lnk
[2014/01/01 21:47:50 | 000,001,189 | ---- | C] () -- C:\Users\Public\Desktop\HP Deskjet 2050 J510 series Scan.lnk
[2014/01/01 21:34:08 | 000,001,034 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
[2014/01/01 20:54:54 | 000,002,049 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft LifeCam.lnk
[2014/01/01 19:51:22 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2014/01/01 19:33:05 | 000,000,030 | ---- | C] () -- C:\Users\ba nous\AppData\Roaming\WB.CFG
[2014/01/01 18:59:03 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2014/01/01 18:54:17 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif
[2014/01/01 18:53:52 | 000,002,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2014/01/01 18:51:45 | 000,002,425 | ---- | C] () -- C:\Users\ba nous\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/01/01 18:51:45 | 000,002,401 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/01/01 18:50:19 | 000,001,058 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/01 18:50:17 | 000,001,054 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/01 18:28:52 | 000,002,029 | ---- | C] () -- C:\Users\Public\Desktop\Super-Charger.lnk
[2014/01/01 18:27:04 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2014/01/01 18:24:14 | 000,031,696 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb
[2014/01/01 18:24:14 | 000,020,692 | ---- | C] () -- C:\Windows\atiogl.xml
[2014/01/01 18:24:14 | 000,001,035 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2014/01/01 18:18:41 | 000,001,625 | ---- | C] () -- C:\Users\ba nous\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/01/01 18:16:46 | 000,001,631 | ---- | C] () -- C:\Users\ba nous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/01/01 18:16:20 | 000,000,290 | ---- | C] () -- C:\Users\ba nous\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/01/01 18:16:20 | 000,000,272 | ---- | C] () -- C:\Users\ba nous\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2014/01/01 18:01:05 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2014/01/01 18:00:56 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2014/01/01 17:59:56 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

========== ZeroAccess Check ==========

[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2014/01/01 21:35:02 | 000,000,000 | ---D | M] -- C:\Users\ba nous\AppData\Roaming\OpenOffice

========== Purity Check ==========

< End of report >

OTL Extras logfile created on: 05/01/2014 16:27:32 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ba nous\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,25 Gb Total Physical Memory | 1,30 Gb Available Physical Memory | 57,86% Memory free
4,49 Gb Paging File | 3,15 Gb Available in Paging File | 70,11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 698,54 Gb Total Space | 635,17 Gb Free Space | 90,93% Space Free | Partition Type: NTFS
Drive D: | 157,98 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 1862,56 Gb Total Space | 1065,31 Gb Free Space | 57,20% Space Free | Partition Type: FAT32

Computer Name: BANOUS-PC | User Name: ba nous | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{026325D9-41DB-4DD4-9507-12A8298E7724}" = lport=137 | protocol=17 | dir=in | app=system |
"{0C0C044D-DB1A-4105-A9F7-FD7445A356CA}" = rport=138 | protocol=17 | dir=out | app=system |
"{1B21415D-4843-4C08-9CA1-F6364C7D9A4A}" = rport=445 | protocol=6 | dir=out | app=system |
"{1EAC3DDE-B3AE-43F4-9490-D6DC64F262A0}" = rport=137 | protocol=17 | dir=out | app=system |
"{2A3D6D0D-90A1-4A87-8474-BDB692065D74}" = rport=139 | protocol=6 | dir=out | app=system |
"{2AC7F722-F579-442B-B588-081C15AECFEB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4A59FBBD-FCB9-480F-AA22-00A9790C71C9}" = lport=445 | protocol=6 | dir=in | app=system |
"{55912FF0-C40A-4647-B641-32906EF09996}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{61786F28-DC22-40CE-B132-184C99FF22CC}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{7073E0DF-4C91-4FD5-84D6-41FA5B5ECD9A}" = lport=138 | protocol=17 | dir=in | app=system |
"{8067B298-450C-4E49-9802-1E09DC61F9F2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{CC3088BC-68D1-42E3-BF48-A1EC87369AB2}" = lport=139 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08B8DD4E-64C6-432B-8AC5-DE57B28BEA45}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |
"{0E952C1E-094C-46CA-A2A1-286BCB3657E4}" = protocol=1 | dir=out | [email protected],-28544 |
"{1375782E-1B25-40A1-961A-BD2A97C0D6A1}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 2050 j510 series\bin\usbsetup.exe |
"{256BF499-190D-412C-B71E-161A0966C031}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{29A85BFB-C980-4749-8A04-C649216D7E25}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe |
"{3D30A3BF-3626-424C-AB3C-F6AA9F756D14}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe |
"{41AFDD0C-2306-4932-967E-B2232F0E4C8B}" = protocol=1 | dir=in | [email protected],-28543 |
"{4408DFC8-D120-4216-86A0-50D35A7BFF8C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5547700B-7E6C-477F-BEC1-57A9C3F7AE5B}" = protocol=58 | dir=in | [email protected],-28545 |
"{73ACDB1D-4ECE-45C3-A6B7-E37C576919C9}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe |
"{A26E2EF6-1F10-4683-A447-094BA8BC2A32}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{ADB0308E-2D47-4C7B-B471-402231332C0A}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe |
"{B6D8E105-9FCE-4E26-81E5-5CEF7B7015EE}" = protocol=58 | dir=out | [email protected],-28546 |
"{C039E549-D279-4809-91CF-058C911D6131}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
"{C1674CA3-8A3B-4288-B202-A64FAFCC561C}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |
"{F5864344-15C6-438B-8B6C-25548F25F860}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
"{FBCD9BC9-AE51-4229-A06A-C21D70900A98}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 2050 j510 series\bin\usbsetup.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02C11FB8-80F5-780E-D162-FF48F58E3DD5}" = CCC Help Portuguese
"{0CD47142-BA4F-46B0-AA92-2675864928B8}" = Microsoft Security Client
"{0EDCC1B7-76FB-88DA-BF2C-9B64AF946E2B}" = CCC Help Greek
"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
"{11B30564-C98C-3DCA-E796-FFD5204999EC}" = CCC Help Czech
"{137F9CE6-77BC-4532-860A-42B07BAB4BAD}" = HP Deskjet 2050 J510 series - Enquête sur l'amélioration du produit
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D480277-7CED-2437-5234-BABEEFDCB351}" = CCC Help Swedish
"{45C57CA6-4F31-E69B-CFD9-6FB577DF42D1}" = CCC Help Danish
"{4AE59E41-5549-DAF0-A02E-719CB0E9068C}" = CCC Help English
"{502DC8CD-2E65-998E-7B83-48FC23A2C86D}" = CCC Help Spanish
"{503354AC-3554-DBA7-89BE-F5C7F101B591}" = ATI Catalyst Install Manager
"{6E68420D-A9FF-9BDC-245E-C7B572B815D9}" = CCC Help Japanese
"{6F1D5994-5C96-FC75-CED5-725D47471748}" = CCC Help Finnish
"{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}" = HP Deskjet 2050 J510 series Aide
"{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1" = Super-Charger
"{819AEE33-A489-4CCE-8069-C363483D7138}" = Logiciel de base du périphérique HP Deskjet 2050 J510 series
"{84092D1A-0C60-52E1-9E0B-13307163A730}" = CCC Help Norwegian
"{8427AFC8-EB58-23CF-461E-28F75B8D4F92}" = Catalyst Control Center Profiles Mobile
"{85AF1EEE-B3B1-402F-553F-B09A554CAB96}" = CCC Help French
"{85CE6169-3FF6-48B9-22D2-DA45B71B740B}" = CCC Help Thai
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D5D54B8-3D29-4AB4-8DA8-1868DAF941D8}" = OpenOffice 4.0.1
"{91545C37-357A-8790-1DE7-C0216A2D628F}" = Catalyst Control Center InstallProxy
"{9299BBEF-C1FC-CF2D-01E5-2D5A4D5DF88B}" = AMD VISION Engine Control Center
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A33A8A97-A9AA-03EA-F8F4-590F850CFBBF}" = CCC Help Turkish
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Software Update Helper
"{AB21F03F-5214-E3A0-6611-4732290D3BB6}" = AMD Fuel
"{AC76BA86-7AD7-1036-7B44-AB0000000001}" = Adobe Reader XI (11.0.04) - Français
"{AE83F348-E6E4-87E9-8CCF-349221A275F5}" = ccc-utility
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{BB8D1A11-6459-E191-CDC1-05B5E730FB9A}" = CCC Help Chinese Standard
"{BBC2D638-279B-6AFD-D34D-AD61CE31521E}" = CCC Help Dutch
"{BC97C77A-7E36-C870-D76B-8931CFE59135}" = CCC Help Polish
"{BD71B413-9FEE-49BB-A6D1-2C0BFB99BDFE}" = Microsoft LifeCam
"{BFD5C87F-8E34-98FD-5E95-C687F285A6EC}" = CCC Help Chinese Traditional
"{C99717E5-C678-BA9A-3CF7-D3F54CBE0017}" = CCC Help Italian
"{CA2B24FD-EE10-42B9-B049-AA80268E7E21}" = Boxore Client
"{CD715A32-2440-5B45-86E5-932D07BD1242}" = Catalyst Control Center Localization All
"{D00139CF-BCA9-C820-F50D-EFACD16E8D7B}" = CCC Help Russian
"{D7746FF0-D0E4-F09E-132C-F92CDD88F2AD}" = CCC Help Hungarian
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2192482-0BBD-42D4-3BE3-9663C5ADBCAA}" = CCC Help German
"{F94BBBFB-6FBC-B680-01E1-DA2D07FA51B8}" = CCC Help Korean
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Cheat Engine 6.3_is1" = Cheat Engine 6.3
"Google Chrome" = Google Chrome
"HP Photo Creations" = HP Photo Creations
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 26.0 (x86 fr)" = Mozilla Firefox 26.0 (x86 fr)
"MozillaMaintenanceService" = Mozilla Maintenance Service

< End of report >

#6
Biscuithd

Posted 05 January 2014 - 10:01 AM

Trusted Helper

Malware Removal
2,573 posts

first a big thanks you

You are quite welcome:)

I am analyzing your most recent logs, but, I forgot to ask you, how is the computer working now?

#7
thithi19

Posted 11 January 2014 - 02:39 AM

New Member

Topic Starter
Member
4 posts

hi,
sorry i work all the week and i not at home.
my computer woek better thanks you, but my first page began always on nation zoom
see you soon

#8
Biscuithd

Posted 16 January 2014 - 01:55 PM

Trusted Helper

Malware Removal
2,573 posts

Hello thithi19,

Very sorry about the delay in my response!!

I believe that you are asking how to change the Home Page or the page that Internet Explorer starts from. Here are instructions.

Open Internet Explorer.
Go to the webpage you want to set as your home page.
Click the Tools button, and then click Internet options.
Under the General tab, do one of the following:
To set the page you're on as your home page, click Use current.
To set a blank home page, click Use blank.
To reset the home page to its default, click Use default.
Click OK.

Also, let me know if this worked and if you have any remaining issues?

#9
Essexboy

Posted 04 February 2014 - 08:07 AM

GeekU Moderator

Retired Staff
69,964 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.