OTL logfile created on: 23/08/2014 10:41:10 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\moi jean paul\Mes documents\Téléchargements Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 1013,23 Mb Total Physical Memory | 319,37 Mb Available Physical Memory | 31,52% Memory free 2,38 Gb Paging File | 1,84 Gb Available in Paging File | 77,33% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 61,38 Gb Total Space | 45,07 Gb Free Space | 73,43% Space Free | Partition Type: NTFS Drive D: | 13,14 Gb Total Space | 2,51 Gb Free Space | 19,09% Space Free | Partition Type: FAT32 Computer Name: MONPORTABLE | User Name: moi jean paul | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2014/08/21 22:23:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\moi jean paul\Mes documents\Téléchargements\OTL.exe PRC - [2014/06/06 06:38:12 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2014/05/31 21:26:56 | 000,263,048 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.24.7\GoogleCrashHandler.exe PRC - [2014/05/12 07:24:34 | 006,970,168 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbam.exe PRC - [2013/10/23 16:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe PRC - [2013/10/23 15:55:28 | 000,948,440 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe PRC - [2013/09/07 10:13:38 | 000,055,624 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2013/08/22 22:04:28 | 000,287,216 | ---- | M] (Duuqu Group) -- C:\Program Files\FrameFox\Extensions\InternetExplorer\framefox.exe PRC - [2011/07/29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe PRC - [2008/04/14 14:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe PRC - [2005/05/20 16:32:18 | 000,278,528 | ---- | M] (Conexant Systems, Inc.) -- C:\Program Files\ZTE Corporation\ZXDSL852\CnxDslTb.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2014/06/06 06:38:45 | 003,852,912 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2012/10/11 21:56:46 | 000,087,952 | ---- | M] () -- C:\Program Files\Fichiers communs\Apple\Apple Application Support\zlib1.dll MOD - [2012/10/11 21:56:22 | 001,242,512 | ---- | M] () -- C:\Program Files\Fichiers communs\Apple\Apple Application Support\libxml2.dll MOD - [2011/07/29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll MOD - [2011/07/29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe MOD - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- C:\Program Files\System Control Manager\MSIService.exe -- (Micro Star SCM) SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt) SRV - [2014/07/14 20:17:11 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2014/06/06 06:38:37 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013/10/23 16:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV - [2013/10/22 08:57:39 | 000,166,352 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe -- (APNMCP) SRV - [2013/09/07 10:13:38 | 000,055,624 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2013/05/02 10:28:34 | 000,098,360 | ---- | M] (Duuqu Group) [On_Demand | Stopped] -- C:\Program Files\Duuqu\Update\DuuquUpdate.exe -- (dqupdatem) SRV - [2013/05/02 10:28:34 | 000,098,360 | ---- | M] (Duuqu Group) [Auto | Stopped] -- C:\Program Files\Duuqu\Update\DuuquUpdate.exe -- (dqupdate) SRV - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\MOIJEA~1\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys -- (cpuz134) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2014/08/21 20:38:19 | 000,110,296 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy) DRV - [2008/06/10 17:08:00 | 000,156,160 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTS5121.sys -- (RSUSBSTOR) DRV - [2008/05/07 19:31:16 | 000,106,368 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2008/05/07 19:21:40 | 004,739,072 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2007/11/15 21:18:20 | 000,572,416 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt2860.sys -- (RT80x86) DRV - [2007/11/13 23:29:24 | 000,095,744 | R--- | M] (Option NV) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Gt51Ip.sys -- (GT72NDISIPXP) DRV - [2007/11/13 23:29:24 | 000,051,968 | R--- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gt72ubus.sys -- (GT72UBUS) DRV - [2007/11/13 23:29:24 | 000,008,064 | R--- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gtptser.sys -- (GTPTSER) DRV - [2007/06/27 15:05:52 | 000,053,184 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS) DRV - [2007/06/27 15:04:14 | 000,071,488 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K) DRV - [2006/03/01 20:53:54 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5) DRV - [2005/05/20 16:28:04 | 000,052,736 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CnxTgNW.sys -- (CnxTgNW) DRV - [2005/05/20 16:27:58 | 000,618,112 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CnxEtU.sys -- (CnxEtU) DRV - [2005/05/20 16:27:54 | 000,131,072 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CnxEtP.sys -- (CnxEtP) DRV - [2003/09/23 12:38:34 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5) [color=#E56717]========== Standard Registry (All) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = about:newtab IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = about:newtab IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = about:newtab IE - HKLM\..\SearchScopes,DefaultScope = {77AA745B-F4F8-45DA-9B14-61D2D95054C8} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1964260855-4170968377-3688177798-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/?ocid=OIE8MSE&PC=UP09 IE - HKU\S-1-5-21-1964260855-4170968377-3688177798-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com IE - HKU\S-1-5-21-1964260855-4170968377-3688177798-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKU\S-1-5-21-1964260855-4170968377-3688177798-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 0 IE - HKU\S-1-5-21-1964260855-4170968377-3688177798-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com IE - HKU\S-1-5-21-1964260855-4170968377-3688177798-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-1964260855-4170968377-3688177798-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = www.google.com IE - HKU\S-1-5-21-1964260855-4170968377-3688177798-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com IE - HKU\S-1-5-21-1964260855-4170968377-3688177798-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp IE - HKU\S-1-5-21-1964260855-4170968377-3688177798-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr IE - HKU\S-1-5-21-1964260855-4170968377-3688177798-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 24 EA 96 0F D8 6A CF 01 [binary data] IE - HKU\S-1-5-21-1964260855-4170968377-3688177798-1007\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ IE - HKU\S-1-5-21-1964260855-4170968377-3688177798-1007\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = www.google.com IE - HKU\S-1-5-21-1964260855-4170968377-3688177798-1007\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = www.google.com IE - HKU\S-1-5-21-1964260855-4170968377-3688177798-1007\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com IE - HKU\S-1-5-21-1964260855-4170968377-3688177798-1007\..\URLSearchHook: {19803860-b306-423c-bbb5-f60a7d82cde5} - SOFTWARE\Classes\CLSID\{19803860-b306-423c-bbb5-f60a7d82cde5}\InprocServer32 File not found IE - HKU\S-1-5-21-1964260855-4170968377-3688177798-1007\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) IE - HKU\S-1-5-21-1964260855-4170968377-3688177798-1007\..\SearchScopes,DefaultScope = {2ADF29F9-F9D4-4FFE-A72E-BBD38186324A} IE - HKU\S-1-5-21-1964260855-4170968377-3688177798-1007\..\SearchScopes,DefaultScope /d {67A2568C-7A0A-4EED-AECC-B5405DE63B64} /f >Nul 2>Nul = IE - HKU\S-1-5-21-1964260855-4170968377-3688177798-1007\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-1964260855-4170968377-3688177798-1007\..\SearchScopes\{2ADF29F9-F9D4-4FFE-A72E-BBD38186324A}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7NDKB_frFR588 IE - HKU\S-1-5-21-1964260855-4170968377-3688177798-1007\..\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}: "URL" = http://speedial.com/results.php?f=4&q={searchTerms}&a=spd_tele_14_23_ie&cd=2XzuyEtN2Y1L1QzutDtDtBtCzzyDyEyBtAtAtCyEzytC0EyEtN0D0Tzu0SzzzzyEtN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StBtDtCyE0Bzz0AyBtG0Azy0B0BtG0B0AyDzztG0EzytB0AtGyE0BtAyDyB0EyByDyCtC0EtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyDtA0DtD0F0F0BtG0ByE0AyCtG0ByEtAtDtGtBtAzzzztGtAtC0F0B0D0B0CtBzytBzy0E2Q&cr=1658189129&ir= IE - HKU\S-1-5-21-1964260855-4170968377-3688177798-1007\..\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^UX^xdm063^YY^fr&si=CIDepLD48rYCFTIQtAodxDQACg&ptb=EBF87F9E-5431-42C6-9EC0-2E81D4040AC7&ind=2013050116&n=77fcb504&psa=&st=sb&searchfor={searchTerms} IE - HKU\S-1-5-21-1964260855-4170968377-3688177798-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1964260855-4170968377-3688177798-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.offerbox.com;*.local; IE - HKU\S-1-5-21-1964260855-4170968377-3688177798-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:56847 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.145 FF - prefs.js..extensions.enabledAddons: %7BD6F4FFAF-E3C9-4f3d-AD5B-F78CD969D7BF%7D:1.3 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0 FF - prefs.js..extensions.enabledItems: {D6F4FFAF-E3C9-4f3d-AD5B-F78CD969D7BF}:1.3 FF - prefs.js..extensions.enabledItems: 94ae0976-89df-4347-9771-5371c6e203bf@3796dc63-d06d-4575-a997-9b5c935fe915.com:0.91.5 FF - prefs.js..extensions.enabledItems: cacaoweb@cacaoweb.org:1.0.34 FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1 FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.145 FF - prefs.js..extensions.enabledItems: ffxtlbr@iminent.com:1.6.0 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.28 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@www.duuqu.com/omaha/tools//Duuqu Update;version=3: C:\Program Files\Duuqu\Update\1.3.37.0\npDuuquUpdate3.dll (Duuqu Group) FF - HKLM\Software\MozillaPlugins\@www.duuqu.com/omaha/tools//Duuqu Update;version=9: C:\Program Files\Duuqu\Update\1.3.37.0\npDuuquUpdate3.dll (Duuqu Group) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\moi jean paul\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/19 16:28:19 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/02/23 18:41:31 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\SpecialSavings@SpecialSavings.com: C:\Documents and Settings\moi jean paul\Application Data\Mozilla\Extensions\SpecialSavings@SpecialSavings.com FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\SpecialSavings@SpecialSavings.com: C:\Documents and Settings\moi jean paul\Application Data\Mozilla\Extensions\SpecialSavings@SpecialSavings.com FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{0E810812-F4BB-4309-942A-755587587A5E}: C:\Program Files\BullGuard Software\BullGuard\antispam\tbspamfilter [2014/04/30 19:03:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\moi jean paul\Application Data\Mozilla\Extensions [2014/04/30 19:03:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\moi jean paul\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2014/08/21 06:49:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\moi jean paul\Application Data\Mozilla\Firefox\Profiles\ynl4f5bx.default-1398717855568\extensions [2014/04/30 19:17:09 | 000,020,591 | ---- | M] () (No name found) -- C:\Documents and Settings\moi jean paul\Application Data\Mozilla\Firefox\Profiles\ynl4f5bx.default-1398717855568\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2014/04/30 19:13:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2014/04/30 19:14:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2013/07/15 19:37:49 | 000,000,000 | ---D | M] (FrameFox) -- C:\Program Files\Mozilla Firefox\extensions\{D6F4FFAF-E3C9-4f3d-AD5B-F78CD969D7BF} [2014/07/02 20:36:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions [2014/07/02 20:36:48 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2013/07/15 19:37:49 | 000,000,000 | ---D | M] (FrameFox) -- C:\Program Files\Mozilla Firefox\browser\extensions\{D6F4FFAF-E3C9-4f3d-AD5B-F78CD969D7BF} [2012/02/23 18:41:31 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5 [2013/05/02 10:29:40 | 000,000,735 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\qvo6.xml [2014/04/11 10:09:05 | 000,002,147 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\StartWeb.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: () CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - homepage: CHR - Extension: No name found = C:\Documents and Settings\moi jean paul\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaajbifocbmnjbdgobnbcabjekfjdnf\30.1_0\ CHR - Extension: No name found = C:\Documents and Settings\moi jean paul\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\algmakeomkafjglfhpomolfhjppoojff\1.23.5_0\crossrider CHR - Extension: No name found = C:\Documents and Settings\moi jean paul\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\algmakeomkafjglfhpomolfhjppoojff\1.23.5_0\ CHR - Extension: No name found = C:\Documents and Settings\moi jean paul\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\algmakeomkafjglfhpomolfhjppoojff\1.26.185_0\crossrider CHR - Extension: No name found = C:\Documents and Settings\moi jean paul\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\algmakeomkafjglfhpomolfhjppoojff\1.26.185_0\ CHR - Extension: No name found = C:\Documents and Settings\moi jean paul\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: No name found = C:\Documents and Settings\moi jean paul\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1\ CHR - Extension: No name found = C:\Documents and Settings\moi jean paul\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: No name found = C:\Documents and Settings\moi jean paul\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.4_0\ CHR - Extension: No name found = C:\Documents and Settings\moi jean paul\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\ CHR - Extension: No name found = C:\Documents and Settings\moi jean paul\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gebbadcnkcgcfgpbmcdleckpejgopimf\1.19_0\ CHR - Extension: No name found = C:\Documents and Settings\moi jean paul\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\leahdjjpjmnamomgpojikeapflgbmjab\1.16_0\ CHR - Extension: No name found = C:\Documents and Settings\moi jean paul\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\ CHR - Extension: No name found = C:\Documents and Settings\moi jean paul\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_1\ CHR - Extension: No name found = C:\Documents and Settings\moi jean paul\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\ O1 HOSTS File: ([2013/08/15 18:33:27 | 000,001,458 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 0.0.0.0 boxore.com O1 - Hosts: 0.0.0.0 www.boxore.com O1 - Hosts: 0.0.0.0 boxore.org O1 - Hosts: 0.0.0.0 www.boxore.org O1 - Hosts: 0.0.0.0 boxore.net O1 - Hosts: 0.0.0.0 www.boxore.net O1 - Hosts: 0.0.0.0 dlmanager.com O1 - Hosts: 0.0.0.0 www.dlmanager.com O1 - Hosts: 0.0.0.0 dlmanager.org O1 - Hosts: 0.0.0.0 www.dlmanager.org O1 - Hosts: 0.0.0.0 dlmanager.net O1 - Hosts: 0.0.0.0 www.dlmanager.net O1 - Hosts: 0.0.0.0 eorezo.com O1 - Hosts: 0.0.0.0 www.eorezo.com O1 - Hosts: 0.0.0.0 dist.eorezo.com O1 - Hosts: 0.0.0.0 file.eorezo.com O1 - Hosts: 0.0.0.0 log.eorezo.com O1 - Hosts: 0.0.0.0 ads.eorezo.com O1 - Hosts: 0.0.0.0 prof.eorezo.com O1 - Hosts: 0.0.0.0 soft.eorezo.com O1 - Hosts: 0.0.0.0 upd.eorezo.com O1 - Hosts: 0.0.0.0 dfr.eorezo.com O1 - Hosts: 0.0.0.0 lollipop-network.com O1 - Hosts: 0.0.0.0 www.lollipop-network.com O1 - Hosts: 2 more lines... O2 - BHO: (WiseConvert 1.5 Toolbar) - {19803860-b306-423c-bbb5-f60a7d82cde5} - C:\Program Files\WiseConvert_1.5\prxtbWis0.dll File not found O2 - BHO: (DivX Plus Web Player HTML5