Infection pc

Résolu
Nanie24 Messages postés 1 Statut Membre -  
 Nanie24 -
bonjour à vous.
Voilà depuis quelques jours j'ai des problèmes avec mon pc j'ai des pubs qui s'affichent toutes seules et depuis ce matin j'ai un message d'erreur qui s'affiche sans arrêt. est ce que l'un d'entre vous pourrait me filer un coup de main pour voir si mon pc est infecté et si oui si vous pouvez m'aider à le nettoyer?
Je suis sous Windows 8 et google chrome.
Merci d'avance de votre aide.

16 réponses

  1. juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
     
    Salut

    Télécharge ici (lien direct): AdwCleaner (de Xplode)

    ▶ Lance-le

    ▶ Clique sur Scanner puis Nettoyer, et patiente le temps du nettoyage.

    ▶ Poste le contenu du rapport que tu trouveras dans le répertoire AdwCleaner de ton disque dur ( C:\AdwCleaner\AdwCleaner[x].txt) ou son contenu s'il s'ouvre.

    Ensuite :

    ▶ Télécharge ici : Junkware Removal Tool

    !!! Ne clique pas sur Download !!! , attends simplement que la fenetre de telechargement arrive pour confirmation

    ▶ Enregistre ce fichier sur le bureau.

    ▶ Ferme tout tes navigateurs

    Sous XP, double-clique sur l'icône et presse une touche lorsque cela sera demandé.
    Sous Vista/7/8, clic droit et Exécuter en temps qu'administrateur.

    ▶ NB: Le bureau disparaitra un instant, c'est normal.

    ▶ Laisse le programme travailler ne touche plus à rien

    ▶ Poste le rapport généré à la fin de l'analyse.

    Tuto : http://hackinginterdit.blogspot.fr/2013/02/junkware-removal-tool.html

    Ensuite :

    ▶ Télécharge et installe Malwarebytes' Anti-Malware (MBAM).

    ▶ Exécute-le. Accepte la mise à jour.

    ▶ Sélectionne "Exécuter un examen complet"
    ▶ Clique sur "Rechercher"
    ▶ L'analyse démarre, le scan est relativement long, c'est normal.

    A la fin de l'analyse, un message s'affiche :

    Citation :

    L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.

    ▶ Clique donc sur Afficher les résultats.
    ▶ Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
    MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse : ferme le.

    Si MBAM demande à redémarrer le pc : ▶ fais-le.

    Au redémarrage, relance MBAM, onglet "Rapport/Logs", copie/colle celui qui correspond à l'analyse effectuée.

    Enfin :

    Faire un scan OTL pour diagnostiquer les programmes qui tournent et déceler des infections :

    ▶ Télécharge ici :OTL

    ▶ Fais un double clic sur l'icône pour le lancer (clic droit executer en tant qu'administrateur sous Vista, Windows 7 ou Windows 8). Vérifier que toutes les autres fenêtres sont fermées afin qu'il s'exécute sans interruption.

    Clique ici pour voir la configuration

    ▶ Copie et colle le contenu de ce qui suit en gras dans la partie inférieure d'OTL "Personnalisation"


    HKCU\Software
    HKLM\Software
    %Homedrive%\*
    %Homedrive%\*.
    %Userprofile%\*
    %Userprofile%\*.
    %Allusersprofile%\*
    %Allusersprofile%\*.
    %localappdata%\*
    %localappdata%\*.
    %Userprofile%\Local Settings\Application Data\*
    %Userprofile%\Local Settings\Application Data\*.
    %programFiles%\*
    %programFiles%\*.
    %Systemroot%\Temp\*.exe /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\system32\*.exe /lockedfiles
    %systemroot%\system32\*.in*
    %systemroot%\Tasks\*
    %systemroot%\Tasks\*.
    %systemroot%\system32\Tasks\*
    %systemroot%\system32\Tasks\*.
    %systemroot%\system32\drivers\*.sy* /lockedfiles
    %systemroot%\system32\config\*.exe /s
    %Systemroot%\ServiceProfiles\*.exe /s
    %systemroot%\system32\*.sys
    %temp%\*.exe /s
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %ALLUSERSPROFILE%\Application Data\*.
    %APPDATA%\*.exe /s
    %LocalAppData%\*
    %LocalAppData%\*.
    %SYSTEMDRIVE%\*.*
    /md5start
    explorer.exe
    winlogon.exe
    userinit.exe
    svchost.exe
    services.exe
    winsock.*
    /md5stop
    msconfig
    netsvcs
    BASESERVICES
    safebootminimal
    safebootnetwork
    CREATERESTOREPOINT
    SAVEMBR:0
    dir "%Homedrive%\*" /S /A:L /C


    ▶ Clic sur Analyse.

    A la fin du scan, 2 Bloc-Notes vont s'ouvrir avec les rapports (OTL.txt et extras.txt).

    NE PAS COPIER/COLLER LE RAPPORT ICI - LIRE JUSQU'AU BOUT

    Ces fichiers se trouvent à côté de l'exécutable OTL.exe

    héberge OTL.txt et extra.txt sur FEC Upload et donne les liens obtenus en échange

    NE PAS COPIER/COLLER LE LIEN DE SUPPRESSION, CONSERVE-LE SI TU DESIRE ENSUITE SUPPRIMER LES RAPPORTS DE LA BASE DE DONNEES FEC

    A+

    .::. Contributeur Sécurité .::.
    3
    1. Nanie24
       
      Voici mon rapport adwcleaner
      # AdwCleaner v2.300 - Rapport créé le 26/09/2013 à 10:23:46
      # Mis à jour le 28/04/2013 par Xplode
      # Système d'exploitation : Windows 8 (64 bits)
      # Nom d'utilisateur : mélanie - MÉLANIE
      # Mode de démarrage : Normal
      # Exécuté depuis : C:\Users\mélanie\Desktop\adwcleaner (1).exe
      # Option [Suppression]


      ***** [Services] *****


      ***** [Fichiers / Dossiers] *****

      Dossier Supprimé : C:\Program Files (x86)\Conduit
      Dossier Supprimé : C:\Users\mélanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffpagccpapmkpfihnflfkdcbmodnagcc
      Dossier Supprimé : C:\Users\mélanie\AppData\LocalLow\Conduit
      Supprimé au redémarrage : C:\Users\mélanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffpagccpapmkpfihnflfkdcbmodnagcc

      ***** [Registre] *****

      Clé Supprimée : HKCU\Software\AppDataLow\Software\Conduit
      Clé Supprimée : HKCU\Software\AppDataLow\Software\SmartBar
      Clé Supprimée : HKCU\Software\Google\Chrome\Extensions\ffpagccpapmkpfihnflfkdcbmodnagcc
      Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ffpagccpapmkpfihnflfkdcbmodnagcc

      ***** [Navigateurs] *****

      -\\ Internet Explorer v10.0.9200.16688

      [OK] Le registre ne contient aucune entrée illégitime.

      -\\ Google Chrome v29.0.1547.76

      Fichier : C:\Users\mélanie\AppData\Local\Google\Chrome\User Data\Default\Preferences

      Supprimée [l.2183] : homepage = "hxxp://search.conduit.com/?ctid=CT3297966&SearchSource=48&CUI=UN37588243521350620&UM[...]
      Supprimée [l.6992] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?ctid=CT3297966&SearchSource=48&CUI[...]

      *************************
      0
    2. Nanie24
       
      Voici mon rapport junkware

      Junkware Removal Tool (JRT) by Thisisu
      Version: 6.0.2 (09.22.2013:1)
      OS: Windows 8 x64
      Ran by m'lanie on 26/09/2013 at 11:59:41.05
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




      ~~~ Services



      ~~~ Registry Values



      ~~~ Registry Keys

      Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{8D5CFE57-B0FD-4396-97A2-DFD0B7DA935B}
      Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babsolution
      Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\dsiteproducts
      Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\simplytech
      Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-129182698-2591730996-3121897385-1002\Software\SweetIM
      Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{732D7D84-73B9-4632-ACB0-E19C944C0E64}



      ~~~ Files

      Successfully deleted: [File] C:\Windows\Tasks\dsite.job
      Successfully deleted: [File] "C:\Users\m'lanie\appdata\locallow\microsoft\silverlight\outofbrowser\index\portal.qtrax.com"
      Successfully disinfected: [Shortcut] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk



      ~~~ Folders

      Successfully deleted: [Folder] "C:\ProgramData\software"
      Successfully deleted: [Folder] "C:\Users\m'lanie\AppData\Roaming\dsite"
      Successfully deleted: [Folder] "C:\Users\m'lanie\appdata\local\cre"
      Successfully deleted: [Folder] "C:\Users\m'lanie\appdata\local\software"
      Successfully deleted: [Folder] "C:\Users\m'lanie\music\qtrax media library"



      ~~~ Event Viewer Logs were cleared





      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Scan was completed on 26/09/2013 at 12:16:41.73
      End of JRT log
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      0
    3. Nanie24
       
      voici le rapport MBAM

      26/09/2013 12:31:16
      mbam-log-2013-09-26 (12-31-16).txt

      Type d'examen: Examen complet (C:\|D:\|E:\|)
      Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
      Options d'examen désactivées: P2P
      Elément(s) analysé(s): 420837
      Temps écoulé: 1 heure(s), 23 minute(s), 37 seconde(s)

      Processus mémoire détecté(s): 0
      (Aucun élément nuisible détecté)

      Module(s) mémoire détecté(s): 0
      (Aucun élément nuisible détecté)

      Clé(s) du Registre détectée(s): 0
      (Aucun élément nuisible détecté)

      Valeur(s) du Registre détectée(s): 0
      (Aucun élément nuisible détecté)

      Elément(s) de données du Registre détecté(s): 0
      (Aucun élément nuisible détecté)

      Dossier(s) détecté(s): 2
      C:\Users\mélanie\AppData\Local\Temp\CT3297966 (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
      C:\Users\mélanie\AppData\Local\Temp\CT3297966\plugins (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.

      Fichier(s) détecté(s): 9
      C:\Users\mélanie\AppData\Local\Zylom Games\Trivial Pursuit Family Edition\trivialpursuitfe.exe (PUP.Downloader.ZYL) -> Mis en quarantaine et supprimé avec succès.
      C:\Users\mélanie\AppData\Local\Zylom Games\Trivial Pursuit Genus Edition Deluxe\trivialpursuit.exe (PUP.Downloader.ZYL) -> Mis en quarantaine et supprimé avec succès.
      C:\Users\mélanie\Downloads\WiseConvert_1.5.exe (PUP.Optional.OpenCandy) -> Mis en quarantaine et supprimé avec succès.
      C:\Users\mélanie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage (PUP.Optional.BrowserDefender.A) -> Mis en quarantaine et supprimé avec succès.
      C:\Users\mélanie\AppData\Local\Temp\CT3297966\CT3297966.txt (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
      C:\Users\mélanie\AppData\Local\Temp\CT3297966\ddt.csf (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
      C:\Users\mélanie\AppData\Local\Temp\CT3297966\initData.json (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
      C:\Users\mélanie\AppData\Local\Temp\CT3297966\manifest.json (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
      C:\Users\mélanie\AppData\Local\Temp\CT3297966\plugins\TBVerifier.dll (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.

      (fin)
      0
    4. Nanie24
       
      voivi dc le raaport avec ta version de adwcleaner ;)


      # AdwCleaner v3.005 - Rapport créé le 26/09/2013 à 16:24:09
      # Mis à jour le 22/09/2013 par Xplode
      # Système d'exploitation : Windows 8 (64 bits)
      # Nom d'utilisateur : mélanie - MÉLANIE
      # Exécuté depuis : C:\Users\mélanie\Desktop\adwcleaner.exe
      # Option : Nettoyer

      ***** [ Services ] *****


      ***** [ Fichiers / Dossiers ] *****

      Dossier Supprimé : C:\Program Files (x86)\Browser Helper Object
      Dossier Supprimé : C:\Users\mélanie\AppData\Local\jZip
      Fichier Supprimé : C:\Windows\System32\roboot64.exe
      Fichier Supprimé : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Web Search.xml
      Fichier Supprimé : C:\Users\mélanie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
      Fichier Supprimé : C:\Windows\System32\Tasks\QtraxPlayer

      ***** [ Raccourcis ] *****


      ***** [ Registre ] *****

      Clé Supprimée : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
      Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{7ABE12CA-E995-4AB4-9A4E-EF8820A20182}
      Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3614D305-2DBB-4991-9297-750DD60FFC73}
      Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7ABE12CA-E995-4AB4-9A4E-EF8820A20182}
      Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
      Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
      Clé Supprimée : HKCU\Software\Duuqu
      Clé Supprimée : HKCU\Software\jZip
      Clé Supprimée : HKCU\Software\AppDataLow\Software\videosaver
      Clé Supprimée : HKLM\Software\Duuqu
      Clé Supprimée : HKLM\Software\jZipSRTB
      Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
      Clé Supprimée : [x64] HKLM\SOFTWARE\Boxore

      ***** [ Navigateurs ] *****

      -\\ Internet Explorer v10.0.9200.16688


      -\\ Google Chrome v29.0.1547.76

      [ Fichier : C:\Users\mélanie\AppData\Local\Google\Chrome\User Data\Default\preferences ]


      *************************
      0
  2. vitjojo13 Messages postés 13 Statut Membre 8
     
    Salut
    Pour le savoir, télécharge adwcleaner ( Prends celui de comment ca marche),
    Sous Windows 7 et vista ou Windows 8, exécutes le en tant qu'administrateur (Clic droit de la souris et éxécuter en tant qu'administrateur.
    lorsque le soft s'ouvre, clique sur scan et à la fin du scan, cliques sur supprimer même si tu ne vois rien.Le soft va redémarrer automatiquement et du pourra lire le rapport qui est un fichier txt.Tu pourras voir ce qui aura été supprimé.
    Exécutes à nouveau adwcleaner est cliques sur désinstaller.
    Tu pourras par la suite télécharger Roguekiller que tu trouveras sur la toile.(Attention de prendre la bonne version 32 ou 64 Bits.Exécutes toujours en tant qu'administrateur et suis la procédure jusqu'au bout.
    Voilà.
    Si encore bébête fait signe et on verra autre chose.
    Salut
    0
    1. Nanie24
       
      Je te remercie de ta réponse. j'ai du coup suivi le poste de juju666 qui était plus complet et plus détaillée car franchement je suis une vrai novice en informatique!! mais encore merci!
      0
  3. Nanie24
     
    Voici le rapport de adwcleaner que j'ai déja fait ce matin je connaissai celui ci qu j'utilise régulièrement
    # AdwCleaner v2.300 - Rapport créé le 26/09/2013 à 10:23:46
    # Mis à jour le 28/04/2013 par Xplode
    # Système d'exploitation : Windows 8 (64 bits)
    # Nom d'utilisateur : mélanie - MÉLANIE
    # Mode de démarrage : Normal
    # Exécuté depuis : C:\Users\mélanie\Desktop\adwcleaner (1).exe
    # Option [Suppression]

    ***** [Services] *****

    ***** [Fichiers / Dossiers] *****

    Dossier Supprimé : C:\Program Files (x86)\Conduit
    Dossier Supprimé : C:\Users\mélanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffpagccpapmkpfihnflfkdcbmodnagcc
    Dossier Supprimé : C:\Users\mélanie\AppData\LocalLow\Conduit
    Supprimé au redémarrage : C:\Users\mélanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffpagccpapmkpfihnflfkdcbmodnagcc

    ***** [Registre] *****

    Clé Supprimée : HKCU\Software\AppDataLow\Software\Conduit
    Clé Supprimée : HKCU\Software\AppDataLow\Software\SmartBar
    Clé Supprimée : HKCU\Software\Google\Chrome\Extensions\ffpagccpapmkpfihnflfkdcbmodnagcc
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ffpagccpapmkpfihnflfkdcbmodnagcc

    ***** [Navigateurs] *****

    -\\ Internet Explorer v10.0.9200.16688

    [OK] Le registre ne contient aucune entrée illégitime.

    -\\ Google Chrome v29.0.1547.76

    Fichier : C:\Users\mélanie\AppData\Local\Google\Chrome\User Data\Default\Preferences

    Supprimée [l.2183] : homepage = "hxxp://search.conduit.com/?ctid=CT3297966&SearchSource=48&CUI=UN37588243521350620&UM[...]
    Supprimée [l.6992] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?ctid=CT3297966&SearchSource=48&CUI[...]

    *************************
    0
  4. lilidurhone Messages postés 800 Date d'inscription   Statut Contributeur sécurité Dernière intervention   3 818
     
    Si juju me permet

    Ta version d adwcleaner est pas à jour

    "# AdwCleaner v2.300 - Rapport créé le 26/09/2013 à 10:23:46"
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
     
    Tu l'as pompé où ton adwcleaner ?
    J'ai mis un lien direct suffit de cliquer et ça télécharge ... peux pas faire mieux :)
    0
  7. Nanie24
     
    désolée les gars. effectivement il n'est pas à jour je l'ai "pompé il y à quelques temps lorsque j'ai été infecté par qvo6 je crois un truc comme ca
    bon je recommence alors avec adwcleaner
    0
  8. Nanie24
     
    https://forums-fec.be/upload/www/?a=d&i=8972288186

    https://forums-fec.be/upload/www/?a=d&i=0356103485

    voici les liens reçu après l'envoi de mes fichiers a FEC en attendant je vous remercie pour votre aide! je n'ai déja plus de message d'erreurs qui s'affiche sans arrêt c'est bon signe...
    merci a vous et bonne fin de journée! a+ enfin pas trop vite quand mm!! :)
    0
  9. juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
     
    Re,

    Désinstalle Tune Up c'est un fracasse système

    ~~

    ATTENTION !!! : Script personnalisé pour cette machine uniquement , ne pas reproduire !!

    si tu as XP => double clique
    si tu as Vista ou windows 7 => clic droit "executer en tant que...."


    sur OTL.exe pour le lancer.

    ▶Copie la liste qui se trouve en gras ci-dessous,

    ▶ colle-la dans la zone sous "Personnalisation" :


    :OTL
    [2013/09/12 19:10:57 | 000,000,000 | ---D | C] -- C:\Users\mélanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AV-Soft
    [2013/09/12 19:10:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AV-Soft
    [2013/09/12 19:10:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AV-Soft
    [2013/05/08 13:43:11 | 000,015,432 | ---- | C] () -- C:\Windows\Launcher.exe
    @Alternate Data Stream - 440 bytes -> C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ:1
    @Alternate Data Stream - 440 bytes -> C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z.Z..ZZZZZ.ZZZ:1
    [2013/09/26 10:34:28 | 000,000,000 | ---D | M] -- C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z.Z..ZZZZZ.ZZZ
    [2013/09/26 11:46:30 | 000,000,000 | ---D | M] -- C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ
    DRV:[b]64bit:/b - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)

    :Commands
    [RESETHOSTS]
    [EMPTYTEMP]


    ▶ Clique sur "Correction" pour lancer la suppression.

    ▶ Poste le rapport qui logiquement s'ouvrira tout seul en fin de travail apres le redemarrage.

    0
    1. Nanie24
       
      voici le rapport :


      OTL logfile created on: 26/09/2013 20:24:27 - Run 2
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\mélanie\Desktop
      64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
      Internet Explorer (Version = 9.10.9200.16688)
      Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

      5.89 Gb Total Physical Memory | 4.27 Gb Available Physical Memory | 72.61% Memory free
      11.89 Gb Paging File | 10.03 Gb Available in Paging File | 84.39% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 186.30 Gb Total Space | 39.66 Gb Free Space | 21.29% Space Free | Partition Type: NTFS
      Drive D: | 258.15 Gb Total Space | 257.70 Gb Free Space | 99.83% Space Free | Partition Type: NTFS

      Computer Name: MÉLANIE | User Name: mélanie | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
      Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

      [color=#E56717]========== Processes (SafeList) ==========[/color]

      PRC - [2013/09/26 20:23:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\mélanie\Desktop\OTL (1).exe
      PRC - [2013/09/17 05:21:30 | 000,829,392 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      PRC - [2013/08/30 09:47:34 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
      PRC - [2013/08/30 09:47:33 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
      PRC - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
      PRC - [2012/10/31 14:09:50 | 000,020,352 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
      PRC - [2012/10/02 14:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
      PRC - [2012/09/18 14:51:54 | 001,124,032 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
      PRC - [2012/09/14 15:14:16 | 000,328,064 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
      PRC - [2012/09/11 18:06:52 | 000,184,704 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
      PRC - [2012/09/11 16:01:34 | 000,107,192 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
      PRC - [2012/09/11 16:01:30 | 000,192,000 | ---- | M] (ASUSTeK) -- C:\Windows\SysWOW64\ACEngSvr.exe
      PRC - [2012/09/11 13:41:14 | 000,106,880 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
      PRC - [2012/08/27 22:04:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
      PRC - [2012/08/22 11:24:28 | 001,559,936 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
      PRC - [2012/07/17 18:54:20 | 000,178,848 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
      PRC - [2012/07/17 16:57:22 | 000,365,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
      PRC - [2012/07/17 16:57:20 | 000,277,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
      PRC - [2012/06/27 14:47:02 | 000,129,856 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
      PRC - [2012/06/25 12:57:14 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
      PRC - [2012/05/28 12:04:48 | 000,113,312 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
      PRC - [2012/03/28 20:34:30 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
      PRC - [2011/11/21 16:19:50 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe


      [color=#E56717]========== Modules (No Company Name) ==========[/color]

      MOD - [2013/09/17 05:21:27 | 000,410,576 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppgooglenaclpluginchrome.dll
      MOD - [2013/09/17 05:21:26 | 013,611,984 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll
      MOD - [2013/09/17 05:21:25 | 004,053,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll
      MOD - [2013/09/17 05:20:34 | 000,709,584 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\libglesv2.dll
      MOD - [2013/09/17 05:20:33 | 000,099,792 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\libegl.dll
      MOD - [2013/09/17 05:20:31 | 001,604,560 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ffmpegsumo.dll
      MOD - [2013/08/27 12:08:40 | 007,566,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\624ad6159b6e241ad6d28bf4dca9f14b\System.Xml.ni.dll
      MOD - [2013/08/27 12:08:35 | 001,880,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\123cf617d7b6b31c44e39f8594f064c5\System.Xaml.ni.dll
      MOD - [2013/08/27 12:08:34 | 012,698,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3143512c68ba24d18b7444b13fae2abb\System.Windows.Forms.ni.dll
      MOD - [2013/08/27 12:08:03 | 001,631,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\3603744988436295da5d16e76038e484\System.Drawing.ni.dll
      MOD - [2013/08/27 12:07:55 | 000,964,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\19ecec839509af76b1bc0ccbabd60acd\System.Configuration.ni.dll
      MOD - [2013/08/27 12:07:54 | 000,467,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\cb65dcc8c60f33d257283ef1416a2175\PresentationFramework.Aero2.ni.dll
      MOD - [2013/08/27 12:07:53 | 018,545,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\972bf4ffab06e561447d12baf3b3dfa9\PresentationFramework.ni.dll
      MOD - [2013/08/27 12:07:40 | 010,926,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\5b504b7cd800dcd6c06d841d94ca099a\PresentationCore.ni.dll
      MOD - [2013/08/27 12:07:31 | 003,910,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\8ff5be01c9600b28d3e41db3dbafc840\WindowsBase.ni.dll
      MOD - [2013/08/27 12:07:20 | 009,937,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\375a937eec7d6faa53ac11ab2973eb76\System.ni.dll
      MOD - [2013/07/17 10:14:58 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\1f8e89f1344171031271d80ff21366ec\UIAutomationTypes.ni.dll
      MOD - [2013/07/15 12:11:07 | 016,547,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\5e3a9f3d64adfb3c69b49d37368bf454\mscorlib.ni.dll
      MOD - [2012/09/11 16:01:28 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll


      [color=#E56717]========== Services (SafeList) ==========[/color]

      SRV:[b]64bit:[/b] - [2013/08/30 09:47:33 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
      SRV:[b]64bit:[/b] - [2013/08/16 07:39:26 | 002,371,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
      SRV:[b]64bit:[/b] - [2013/07/02 02:44:21 | 000,016,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
      SRV:[b]64bit:[/b] - [2013/06/25 00:54:45 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
      SRV:[b]64bit:[/b] - [2013/06/01 11:19:58 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
      SRV:[b]64bit:[/b] - [2013/05/04 08:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
      SRV:[b]64bit:[/b] - [2013/05/04 08:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
      SRV:[b]64bit:[/b] - [2013/04/09 06:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
      SRV:[b]64bit:[/b] - [2013/03/02 04:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
      SRV:[b]64bit:[/b] - [2013/03/02 04:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
      SRV:[b]64bit:[/b] - [2013/01/10 01:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
      SRV:[b]64bit:[/b] - [2013/01/10 01:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
      SRV:[b]64bit:[/b] - [2012/11/06 06:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
      SRV:[b]64bit:[/b] - [2012/10/22 10:44:44 | 000,027,768 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\SysNative\ViakaraokeSrv.exe -- (VIAKaraokeService)
      SRV:[b]64bit:[/b] - [2012/09/20 08:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
      SRV:[b]64bit:[/b] - [2012/07/26 05:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
      SRV:[b]64bit:[/b] - [2012/07/26 05:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
      SRV:[b]64bit:[/b] - [2012/07/26 05:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
      SRV:[b]64bit:[/b] - [2012/07/26 05:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
      SRV:[b]64bit:[/b] - [2012/07/26 05:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
      SRV:[b]64bit:[/b] - [2012/07/26 05:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
      SRV:[b]64bit:[/b] - [2012/07/26 05:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
      SRV:[b]64bit:[/b] - [2012/07/26 05:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
      SRV:[b]64bit:[/b] - [2012/07/26 05:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
      SRV:[b]64bit:[/b] - [2012/07/26 05:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
      SRV:[b]64bit:[/b] - [2012/07/26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
      SRV:[b]64bit:[/b] - [2012/07/26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
      SRV:[b]64bit:[/b] - [2012/07/26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
      SRV:[b]64bit:[/b] - [2012/07/26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
      SRV:[b]64bit:[/b] - [2012/07/26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
      SRV:[b]64bit:[/b] - [2012/07/26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
      SRV:[b]64bit:[/b] - [2012/04/20 16:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
      SRV - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
      SRV - [2012/11/06 06:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
      SRV - [2012/10/02 14:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
      SRV - [2012/09/11 13:41:14 | 000,106,880 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
      SRV - [2012/08/27 22:04:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
      SRV - [2012/08/16 08:40:12 | 000,276,288 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
      SRV - [2012/07/26 05:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
      SRV - [2012/07/17 16:57:22 | 000,365,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
      SRV - [2012/07/17 16:57:20 | 000,277,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
      SRV - [2012/06/27 14:47:02 | 000,129,856 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
      SRV - [2012/06/25 12:57:14 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
      SRV - [2011/11/21 16:19:50 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)


      [color=#E56717]========== Driver Services (SafeList) ==========[/color]

      DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
      DRV:[b]64bit:[/b] - [2013/08/30 09:48:10 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
      DRV:[b]64bit:[/b] - [2013/08/30 09:48:10 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
      DRV:[b]64bit:[/b] - [2013/08/30 09:48:10 | 000,204,880 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
      DRV:[b]64bit:[/b] - [2013/08/30 09:48:10 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\aswRdr2.sys -- (aswRdr)
      DRV:[b]64bit:[/b] - [2013/08/30 09:48:10 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
      DRV:[b]64bit:[/b] - [2013/08/30 09:48:10 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
      DRV:[b]64bit:[/b] - [2013/08/30 09:48:09 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\Drivers\aswMonFlt.sys -- (aswMonFlt)
      DRV:[b]64bit:[/b] - [2013/08/30 09:48:09 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
      DRV:[b]64bit:[/b] - [2013/08/16 07:41:13 | 000,058,200 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
      DRV:[b]64bit:[/b] - [2013/07/09 10:04:07 | 000,120,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
      DRV:[b]64bit:[/b] - [2013/07/02 02:44:14 | 000,036,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
      DRV:[b]64bit:[/b] - [2013/07/02 00:08:49 | 000,247,216 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
      DRV:[b]64bit:[/b] - [2013/06/29 08:15:54 | 000,195,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
      DRV:[b]64bit:[/b] - [2013/06/10 23:17:46 | 000,096,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
      DRV:[b]64bit:[/b] - [2013/06/01 13:29:35 | 000,337,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
      DRV:[b]64bit:[/b] - [2013/06/01 13:29:35 | 000,213,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
      DRV:[b]64bit:[/b] - [2013/06/01 05:08:57 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
      DRV:[b]64bit:[/b] - [2013/05/04 09:34:17 | 000,446,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
      DRV:[b]64bit:[/b] - [2013/05/04 09:34:15 | 000,284,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
      DRV:[b]64bit:[/b] - [2013/04/15 07:02:04 | 002,482,960 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\netr28x.sys -- (netr28x)
      DRV:[b]64bit:[/b] - [2013/03/02 12:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
      DRV:[b]64bit:[/b] - [2013/03/02 12:45:20 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
      DRV:[b]64bit:[/b] - [2013/03/02 12:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
      DRV:[b]64bit:[/b] - [2013/02/06 07:42:10 | 000,203,544 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ssudmdm.sys -- (ssudmdm)
      DRV:[b]64bit:[/b] - [2013/02/06 07:42:08 | 000,203,544 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ssudserd.sys -- (ssudserd)
      DRV:[b]64bit:[/b] - [2013/02/06 07:42:08 | 000,102,936 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ssudbus.sys -- (dg_ssudbus)
      DRV:[b]64bit:[/b] - [2013/01/10 03:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
      DRV:[b]64bit:[/b] - [2012/11/27 05:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
      DRV:[b]64bit:[/b] - [2012/11/20 06:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
      DRV:[b]64bit:[/b] - [2012/11/06 05:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
      DRV:[b]64bit:[/b] - [2012/10/31 14:10:00 | 000,061,824 | ---- | M] (ASUS Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AsusTP.sys -- (ATP)
      DRV:[b]64bit:[/b] - [2012/10/22 12:13:04 | 002,206,864 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\viahduaa.sys -- (VIAHdAudAddService)
      DRV:[b]64bit:[/b] - [2012/10/12 10:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
      DRV:[b]64bit:[/b] - [2012/10/11 09:25:48 | 000,056,552 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
      DRV:[b]64bit:[/b] - [2012/10/08 12:42:36 | 000,030,056 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\nvpciflt.sys -- (nvpciflt)
      DRV:[b]64bit:[/b] - [2012/09/20 09:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
      DRV:[b]64bit:[/b] - [2012/09/20 09:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
      DRV:[b]64bit:[/b] - [2012/09/18 14:51:54 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AiCharger.sys -- (AiCharger)
      DRV:[b]64bit:[/b] - [2012/08/15 19:53:06 | 008,987,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
      DRV:[b]64bit:[/b] - [2012/08/02 05:22:48 | 000,014,992 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kbfiltr.sys -- (kbfiltr)
      DRV:[b]64bit:[/b] - [2012/07/26 07:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
      DRV:[b]64bit:[/b] - [2012/07/26 07:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
      DRV:[b]64bit:[/b] - [2012/07/26 07:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
      DRV:[b]64bit:[/b] - [2012/07/26 07:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
      DRV:[b]64bit:[/b] - [2012/07/26 07:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
      DRV:[b]64bit:[/b] - [2012/07/26 07:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
      DRV:[b]64bit:[/b] - [2012/07/26 07:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
      DRV:[b]64bit:[/b] - [2012/07/26 07:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
      DRV:[b]64bit:[/b] - [2012/07/26 07:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
      DRV:[b]64bit:[/b] - [2012/07/26 07:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
      DRV:[b]64bit:[/b] - [2012/07/26 07:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
      DRV:[b]64bit:[/b] - [2012/07/26 07:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
      DRV:[b]64bit:[/b] - [2012/07/26 07:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
      DRV:[b]64bit:[/b] - [2012/07/26 07:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
      DRV:[b]64bit:[/b] - [2012/07/26 07:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
      DRV:[b]64bit:[/b] - [2012/07/26 07:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
      DRV:[b]64bit:[/b] - [2012/07/26 07:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
      DRV:[b]64bit:[/b] - [2012/07/26 06:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
      DRV:[b]64bit:[/b] - [2012/07/26 06:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
      DRV:[b]64bit:[/b] - [2012/07/26 05:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
      DRV:[b]64bit:[/b] - [2012/07/26 04:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
      DRV:[b]64bit:[/b] - [2012/07/26 04:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
      DRV:[b]64bit:[/b] - [2012/07/26 04:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
      DRV:[b]64bit:[/b] - [2012/07/26 04:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
      DRV:[b]64bit:[/b] - [2012/07/26 04:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
      DRV:[b]64bit:[/b] - [2012/07/26 04:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
      DRV:[b]64bit:[/b] - [2012/07/26 04:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
      DRV:[b]64bit:[/b] - [2012/07/26 04:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
      DRV:[b]64bit:[/b] - [2012/07/26 04:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
      DRV:[b]64bit:[/b] - [2012/07/26 04:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
      DRV:[b]64bit:[/b] - [2012/07/26 04:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
      DRV:[b]64bit:[/b] - [2012/07/26 04:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
      DRV:[b]64bit:[/b] - [2012/07/26 04:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
      DRV:[b]64bit:[/b] - [2012/07/26 04:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
      DRV:[b]64bit:[/b] - [2012/07/26 04:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
      DRV:[b]64bit:[/b] - [2012/07/26 04:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
      DRV:[b]64bit:[/b] - [2012/07/26 04:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
      DRV:[b]64bit:[/b] - [2012/07/26 04:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
      DRV:[b]64bit:[/b] - [2012/07/26 04:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
      DRV:[b]64bit:[/b] - [2012/07/26 04:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
      DRV:[b]64bit:[/b] - [2012/07/26 04:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
      DRV:[b]64bit:[/b] - [2012/07/24 05:16:28 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\iaStorA.sys -- (iaStorA)
      DRV:[b]64bit:[/b] - [2012/07/19 11:21:42 | 000,110,744 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\L1C63x64.sys -- (L1C)
      DRV:[b]64bit:[/b] - [2012/07/13 09:55:34 | 000,101,504 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\AmUStor.sys -- (AmUStor)
      DRV:[b]64bit:[/b] - [2012/07/02 17:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64)
      DRV:[b]64bit:[/b] - [2012/06/19 01:40:50 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\IntcDAud.sys -- (IntcDAud)
      DRV:[b]64bit:[/b] - [2012/06/02 16:34:37 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\agrsm64.sys -- (AgereSoftModem)
      DRV:[b]64bit:[/b] - [2012/06/02 16:31:56 | 000,589,824 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
      DRV:[b]64bit:[/b] - [2012/06/02 16:31:50 | 008,604,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NETwNs64.sys -- (NETwNs64)
      DRV:[b]64bit:[/b] - [2012/06/02 16:31:38 | 000,333,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\e1i63x64.sys -- (e1iexpress)
      DRV:[b]64bit:[/b] - [2012/06/02 16:31:32 | 002,935,808 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\athrx.sys -- (athr)
      DRV:[b]64bit:[/b] - [2012/05/31 05:47:44 | 000,021,152 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AsHIDSwitch64.sys -- (HIDSwitch)
      DRV - [2011/09/07 11:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
      DRV - [2009/07/02 19:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)


      [color=#E56717]========== Standard Registry (SafeList) ==========[/color]


      [color=#E56717]========== Internet Explorer ==========[/color]

      IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
      IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
      IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope =
      IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://www.google.com
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://www.google.com
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://www.google.com
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://www.google.com
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com
      IE - HKLM\..\SearchScopes,DefaultScope =
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://www.google.com
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://www.google.com
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://www.google.com
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://www.google.com
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com
      IE - HKCU\..\SearchScopes,DefaultScope =
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


      [color=#E56717]========== FireFox ==========[/color]

      FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
      FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL File not found
      FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
      FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
      FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\***@***: C:\Program Files\McAfee\MSK

      [2013/03/05 17:08:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

      [color=#E56717]========== Chrome ==========[/color]

      CHR - default_search_provider: Google (Enabled)
      CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
      CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
      CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll
      CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
      CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll
      CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll
      CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
      CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
      CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
      CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
      CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
      CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
      CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
      CHR - plugin: Zylom Plugin (Enabled) = C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
      CHR - Extension: Chrome In-App Payments service = C:\Users\mélanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\

      O1 HOSTS File: ([2013/05/08 13:44:07 | 000,001,108 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
      O1 - Hosts: 0.0.0.0 boxore.com
      O1 - Hosts: 0.0.0.0 www.boxore.com
      O1 - Hosts: 0.0.0.0 boxore.org
      O1 - Hosts: 0.0.0.0 www.boxore.org
      O1 - Hosts: 0.0.0.0 boxore.net
      O1 - Hosts: 0.0.0.0 www.boxore.net
      O1 - Hosts: 0.0.0.0 dlmanager.com
      O1 - Hosts: 0.0.0.0 www.dlmanager.com
      O1 - Hosts: 0.0.0.0 dlmanager.org
      O1 - Hosts: 0.0.0.0 www.dlmanager.org
      O1 - Hosts: 0.0.0.0 dlmanager.net
      O1 - Hosts: 0.0.0.0 www.dlmanager.net
      O2:[b]64bit:[/b] - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
      O2:[b]64bit:[/b] - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll File not found
      O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL File not found
      O2:[b]64bit:[/b] - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL File not found
      O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
      O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL File not found
      O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
      O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
      O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O4:[b]64bit:[/b] - HKLM..\Run: [ACMON] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS)
      O4:[b]64bit:[/b] - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
      O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
      O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
      O4:[b]64bit:[/b] - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
      O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
      O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe (ASUS Cloud Corporation)
      O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
      O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
      O4 - HKCU..\RunOnce: [Uninstall C:\Users\mélanie\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\mélanie\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64" File not found
      O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O8:[b]64bit:[/b] - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 File not found
      O8:[b]64bit:[/b] - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 File not found
      O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 File not found
      O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 File not found
      O9:[b]64bit:[/b] - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll File not found
      O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll File not found
      O9:[b]64bit:[/b] - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll File not found
      O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll File not found
      O9:[b]64bit:[/b] - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll File not found
      O9:[b]64bit:[/b] - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll File not found
      O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll File not found
      O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll File not found
      O13[b]64bit:[/b] - gopher Prefix: missing
      O13 - gopher Prefix: missing
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E67DFCCB-AF0E-4442-BD39-4F9ED2DD3B4B}: DhcpNameServer = 192.168.1.1
      O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS - No CLSID value found
      O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
      O18:[b]64bit:[/b] - Protocol\Handler\osf - No CLSID value found
      O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL File not found
      O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
      O20:[b]64bit:[/b] - AppInit_DLLs: (C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInit64.dll (NVIDIA Corporation)
      O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
      O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
      O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
      O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O30 - LSA: Security Packages - (livessp) - File not found
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2013/05/09 10:06:30 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
      O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
      O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

      [2013/09/26 20:23:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\mélanie\Desktop\OTL (1).exe
      [2013/09/26 16:13:39 | 000,000,000 | ---D | C] -- C:\AdwCleaner
      [2013/09/26 12:23:18 | 000,000,000 | ---D | C] -- C:\Users\mélanie\AppData\Roaming\Malwarebytes
      [2013/09/26 12:23:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
      [2013/09/26 11:58:13 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
      [2013/09/26 11:24:52 | 000,000,000 | ---D | C] -- C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ
      [2013/09/26 10:31:41 | 000,000,000 | ---D | C] -- C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z.Z..ZZZZZ.ZZZ
      [2013/09/22 17:17:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
      [2013/09/22 17:15:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
      [2013/09/22 17:15:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
      [2013/09/22 17:14:15 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
      [2013/09/22 17:11:05 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
      [2013/09/22 17:10:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
      [2013/09/22 17:10:13 | 000,000,000 | ---D | C] -- C:\Users\mélanie\AppData\Local\Microsoft Help
      [2013/09/22 17:10:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
      [2013/09/22 17:09:48 | 000,000,000 | RH-D | C] -- C:\MSOCache
      [2013/09/22 17:02:38 | 000,000,000 | ---D | C] -- C:\Program Files\Office2007
      [2013/09/22 17:01:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Office2007
      [2013/09/19 14:14:52 | 000,000,000 | R--D | C] -- C:\Users\mélanie\Documents\Notes
      [2013/09/15 22:00:08 | 000,694,232 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
      [2013/09/15 22:00:08 | 000,078,296 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
      [2013/09/12 19:10:57 | 000,000,000 | ---D | C] -- C:\Users\mélanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AV-Soft
      [2013/09/12 19:10:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AV-Soft
      [2013/09/12 19:10:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AV-Soft
      [2013/09/12 16:58:07 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tssdisai.dll
      [2013/09/12 13:43:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity
      [2013/09/12 13:12:35 | 000,209,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NotificationUI.exe
      [2013/09/12 13:12:34 | 002,371,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSService.dll
      [2013/09/12 13:12:34 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppobjs.dll
      [2013/09/12 13:12:33 | 000,688,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSShared.dll
      [2013/09/12 13:12:33 | 000,562,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSShared.dll
      [2013/09/12 13:12:33 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
      [2013/09/12 13:12:32 | 000,773,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
      [2013/09/12 13:12:32 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
      [2013/09/12 13:12:32 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppwinob.dll
      [2013/09/12 13:12:32 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSSync.dll
      [2013/09/12 13:12:32 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.ApplicationModel.Store.dll
      [2013/09/12 13:12:32 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppc.dll
      [2013/09/12 13:12:32 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sppc.dll
      [2013/09/12 13:12:31 | 001,621,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
      [2013/09/12 13:12:31 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUSettingsProvider.dll
      [2013/09/12 13:12:31 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSClient.dll
      [2013/09/12 13:12:31 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSSync.dll
      [2013/09/12 13:12:31 | 000,059,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
      [2013/09/12 13:12:31 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
      [2013/09/12 13:12:31 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
      [2013/09/12 13:12:30 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.ApplicationModel.Store.dll
      [2013/09/12 13:12:30 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\storewuauth.dll
      [2013/09/12 13:12:30 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSClient.dll
      [2013/09/12 13:12:30 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
      [2013/09/12 13:12:30 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
      [2013/09/12 13:12:30 | 000,058,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dam.sys
      [2013/09/12 13:12:30 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
      [2013/09/12 13:12:29 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
      [2013/09/12 13:12:29 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
      [2013/09/12 13:12:29 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
      [2013/09/12 13:12:28 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
      [2013/09/12 13:12:27 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setupcln.dll
      [2013/09/12 13:12:25 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
      [2013/09/12 13:12:24 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
      [2013/09/12 13:12:21 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setupcln.dll
      [2013/09/12 13:11:42 | 003,959,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
      [2013/09/12 13:11:37 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll
      [2013/09/12 13:11:37 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
      [2013/09/12 13:11:37 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
      [2013/09/12 13:11:37 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
      [2013/09/12 13:11:36 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
      [2013/09/12 13:11:36 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
      [2013/09/12 13:11:36 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
      [2013/09/12 13:11:36 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
      [2013/09/12 13:11:36 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UXInit.dll
      [2013/09/12 13:11:36 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
      [2013/09/12 13:11:36 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UXInit.dll
      [2013/09/12 13:11:36 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
      [2013/09/12 13:11:36 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
      [2013/09/12 13:11:08 | 002,273,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msftedit.dll
      [2013/09/12 13:11:07 | 002,839,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msftedit.dll
      [2013/09/12 13:11:06 | 001,300,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
      [2013/09/12 13:11:06 | 001,025,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
      [2013/09/12 13:11:06 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
      [2013/09/12 13:11:05 | 000,439,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WerFault.exe
      [2013/09/12 13:11:05 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanconn.dll
      [2013/09/12 13:11:05 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
      [2013/09/12 13:11:05 | 000,327,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys
      [2013/09/12 13:11:05 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winmmbase.dll
      [2013/09/12 13:11:04 | 000,385,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WerFault.exe
      [2013/09/12 13:11:04 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Networking.BackgroundTransfer.dll
      [2013/09/12 13:11:04 | 000,263,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wcmsvc.dll
      [2013/09/12 13:11:04 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSCard.dll
      [2013/09/12 13:11:04 | 000,195,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sdbus.sys
      [2013/09/12 13:11:04 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winmmbase.dll
      [2013/09/12 13:11:04 | 000,125,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpsd.sys
      [2013/09/12 13:11:04 | 000,120,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\msgpioclx.sys
      [2013/09/12 13:11:04 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winmm.dll
      [2013/09/12 13:11:03 | 000,543,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanmm.dll
      [2013/09/12 13:11:03 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Networking.BackgroundTransfer.dll
      [2013/09/12 13:11:03 | 000,370,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wwanadvui.dll
      [2013/09/12 13:11:03 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
      [2013/09/12 13:11:03 | 000,096,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wfplwfs.sys
      [2013/09/12 13:11:03 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\openfiles.exe
      [2013/09/12 13:11:03 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wcmcsp.dll
      [2013/09/12 13:11:02 | 000,888,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
      [2013/09/12 13:11:02 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
      [2013/09/12 13:11:02 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\openfiles.exe
      [2013/09/12 13:11:01 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\LocationApi.dll
      [2013/09/12 13:11:01 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\LocationApi.dll
      [2013/09/12 12:52:58 | 000,000,000 | ---D | C] -- C:\Users\mélanie\AppData\Roaming\Audacity
      [2013/09/12 12:52:29 | 000,000,000 | ---D | C] -- C:\Users\mélanie\AppData\Local\Programs
      [2013/09/11 18:30:07 | 000,000,000 | ---D | C] -- C:\Users\mélanie\Documents\MAGIX Downloads
      [2013/0
      0
  10. juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
     
    Tu n'as pas suivi la consigne, lis attentivement et recommence.
    0
  11. le tune up?
     
    je crois que cette fois c'est bon! j'espere! :)

    All processes killed
    ========== OTL ==========
    C:\Users\mélanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AV-Soft\Wav2mp3 folder moved successfully.
    C:\Users\mélanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AV-Soft folder moved successfully.
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AV-Soft\Wav2mp3 folder moved successfully.
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AV-Soft folder moved successfully.
    C:\Program Files (x86)\AV-Soft\Wav2mp3 folder moved successfully.
    C:\Program Files (x86)\AV-Soft folder moved successfully.
    C:\Windows\Launcher.exe moved successfully.
    ADS C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ:1 deleted successfully.
    ADS C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z.Z..ZZZZZ.ZZZ:1 deleted successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z.Z..ZZZZZ.ZZZ\ZZ..Z.ZZ.Z...Z.Z folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z.Z..ZZZZZ.ZZZ\Z.Z.ZZZZZ.Z..ZZZ folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z.Z..ZZZZZ.ZZZ\Z.Z.Z.ZZ.Z...ZZZ folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z.Z..ZZZZZ.ZZZ\Z..ZZ.Z...ZZZ..Z folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z.Z..ZZZZZ.ZZZ\Z..Z.ZZ....ZZ..Z folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z.Z..ZZZZZ.ZZZ\Z..Z..ZZZZZ.ZZ.Z folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z.Z..ZZZZZ.ZZZ folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\ZZZZZZ.ZZ.Z.Z..Z folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\ZZZZZZ..ZZ..ZZ.Z folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\ZZZZZ..Z.Z.ZZZ.Z folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\ZZZZ.ZZ.ZZZZ...Z folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\ZZZZ.ZZ.ZZZ...ZZ folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\ZZZZ.ZZ.Z....ZZZ folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\ZZZZ.Z...Z...ZZZ folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\ZZZZ..Z..ZZZZZ.Z folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\ZZZZ...Z..Z.Z..Z folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\ZZZ.ZZ.....Z...Z folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\ZZZ.Z...Z..ZZ.ZZ folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\ZZZ.Z.........ZZ folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\ZZZ..ZZZ.ZZZ..ZZ folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\ZZZ..ZZ..ZZ....Z folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\ZZZ..ZZ...ZZZ.ZZ folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\ZZZ...ZZ.......Z folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\ZZZ...Z.ZZ.ZZ.ZZ folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\ZZZ...Z.Z.ZZ.Z.Z folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\ZZZ.....ZZ.....Z folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\ZZZ......Z....ZZ folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\ZZ.ZZZZZ.ZZZ..ZZ folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\ZZ.ZZZZZ.ZZ.ZZ.Z folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\ZZ.ZZZ..ZZZ..ZZZ folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\ZZ.ZZ.Z...Z...ZZ folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\ZZ.ZZ....ZZZZZZZ folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\ZZ.ZZ....ZZZ...Z folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\ZZ.Z.ZZZZZZZZZZZ folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\ZZ.Z.ZZZZ.ZZZ.ZZ folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\ZZ.Z..Z...Z.ZZZZ folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\ZZ..ZZZ.ZZZZZ.ZZ folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\ZZ..Z.Z.ZZZ.ZZ.Z folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\ZZ..Z....Z...ZZZ folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\ZZ...ZZ.ZZ..ZZZZ folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\Z.ZZZZZZ..Z.Z.ZZ folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\Z.ZZZZZZ....Z..Z folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\Z.ZZZZZ.ZZ.ZZ.ZZ folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\Z.ZZZZZ.Z....ZZZ folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\Z.ZZZ.ZZZZ..ZZZZ folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\Z.ZZZ.ZZZ.Z.ZZZZ folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\Z.ZZZ.ZZ.ZZZ.Z.Z folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\Z.ZZZ..Z.Z.ZZ..Z folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\Z.ZZ.ZZ.Z.ZZZ.ZZ folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\Z.ZZ.Z.ZZ...ZZZZ folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\Z.ZZ..Z....ZZZZZ folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\Z.ZZ...ZZ.Z.ZZZZ folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\Z.Z.Z.ZZZZZZZZ.Z folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\Z.Z.Z.Z........Z folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\Z.Z.Z..ZZZZZZ..Z folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\Z.Z.Z...Z..ZZZZZ folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\Z.Z.Z.....ZZ..ZZ folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\Z.Z.Z.........ZZ folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\Z.Z..Z....Z....Z folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\Z..ZZ.ZZ.ZZZ..ZZ folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\Z..ZZ.....ZZ..ZZ folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\Z..ZZ......Z.ZZZ folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\Z..Z..ZZZ...ZZ.Z folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\Z...ZZ.ZZ..Z.Z.Z folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\Z...ZZ.ZZ...Z..Z folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\Z...Z.ZZZZZ.Z..Z folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\Z...Z.Z.ZZZ.ZZ.Z folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\Z....Z.Z.Z...ZZZ folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\Z....Z..Z..ZZZZZ folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\Z......Z.....Z.Z folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\Z.......Z...ZZ.Z folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ\Z........ZZ.Z..Z folder moved successfully.
    C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZZ.Z.Z.ZZZZ folder moved successfully.
    Service esgiguard stopped successfully!
    Service esgiguard deleted successfully!
    File C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys not found.
    ========== COMMANDS ==========
    C:\Windows\System32\drivers\etc\Hosts moved successfully.
    HOSTS file reset successfully

    [EMPTYTEMP]

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: mélanie
    ->Temp folder emptied: 4381270 bytes
    ->Temporary Internet Files folder emptied: 138 bytes
    ->Google Chrome cache emptied: 29636596 bytes
    ->Flash cache emptied: 511 bytes

    User: Public

    User: UpdatusUser
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 1524920 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 977220 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 1203739 bytes
    RecycleBin emptied: 518438 bytes

    Total Files Cleaned = 36.00 mb

    OTL by OldTimer - Version 3.2.69.0 log created on 09262013_205207

    Files\Folders moved on Reboot...
    C:\Users\mélanie\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
    File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

    PendingFileRenameOperations files...

    Registry entries deleted on Reboot...
    0
  12. juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
     
    Yes c'est good :)

    Encore des problèmes ?
    0
  13. Nanie24
     
    ouf! :)
    Et bien écoute non à priori plus de messages d'erreur et plus de pub intempestives!
    merci beaucoup!
    (encore une petite question toute bête mais je trouve pas sur le site) que dois-je faire pour signaler que mon problème à été résolu?
    0
  14. juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
     
    Je m'en occupe, fais plutôt le ménage final toi : https://forums-fec.be/entraide/viewtopic.php?f=11&t=229

    ;)
    0
  15. Nanie24
     
    # DelFix v10.4 - Rapport créé le 27/09/2013 à 11:02:36
    # Mis à jour le 19/07/2013 par Xplode
    # Nom d'utilisateur : mélanie - MÉLANIE
    # Système d'exploitation : Windows 8 (64 bits)

    ~ Activation de l'UAC ... OK

    ~ Suppression des outils de désinfection ...

    Supprimé : C:\_OTL
    Supprimé : C:\AdwCleaner[R2].txt
    Supprimé : C:\AdwCleaner[S10].txt
    Supprimé : C:\AdwCleaner[S11].txt
    Supprimé : C:\AdwCleaner[S12].txt
    Supprimé : C:\AdwCleaner[S13].txt
    Supprimé : C:\AdwCleaner[S14].txt
    Supprimé : C:\AdwCleaner[S15].txt
    Supprimé : C:\AdwCleaner[S16].txt
    Supprimé : C:\AdwCleaner[S17].txt
    Supprimé : C:\AdwCleaner[S18].txt
    Supprimé : C:\AdwCleaner[S19].txt
    Supprimé : C:\AdwCleaner[S20].txt
    Supprimé : C:\AdwCleaner[S21].txt
    Supprimé : C:\AdwCleaner[S5].txt
    Supprimé : C:\AdwCleaner[S6].txt
    Supprimé : C:\AdwCleaner[S7].txt
    Supprimé : C:\AdwCleaner[S8].txt
    Supprimé : C:\AdwCleaner[S9].txt
    Supprimé : C:\Users\mélanie\Desktop\adwcleaner.exe
    Supprimé : C:\Users\mélanie\Desktop\OTL.Txt
    Supprimé : C:\Users\mélanie\Desktop\OTL (1).exe
    Supprimé : C:\Users\mélanie\Downloads\adwcleaner.exe
    Supprimé : C:\Users\mélanie\Downloads\JRT.exe
    Supprimé : C:\Users\mélanie\Downloads\OTL.Txt
    Supprimé : C:\Users\mélanie\Downloads\OTL (1).exe
    Supprimé : C:\Users\mélanie\Downloads\OTL.exe
    Supprimée : HKLM\SOFTWARE\OldTimer Tools
    Supprimée : HKLM\SOFTWARE\AdwCleaner

    ~ Sauvegarde de la base de registre ... OK

    ~ Purge de la restauration système ...

    Supprimé : RP #38 [Installed VirtualDJ Home FREE | 09/12/2013 11:02:08]
    Supprimé : RP #39 [Installé Microsoft Office Access MUI (French) 2007 | 09/22/2013 14:46:54]
    Supprimé : RP #40 [Installé Microsoft Office Access MUI (French) 2007 | 09/22/2013 14:47:54]
    Supprimé : RP #42 [OTL Restore Point - 26/09/2013 16:43:26 | 09/26/2013 14:43:26]

    Nouveau point de restauration créé !

    ~ Réinitialisation des paramètres système ... OK

    ########## - EOF - ##########
    0
  16. juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
     
    Super
    Bon surf et prudence à l'avenir !
    0