Avira
Fermé
pinoccio74
Messages postés
62
Statut
Membre
-
00lina00 Messages postés 31098 Date d'inscription Statut Modérateur Dernière intervention -
00lina00 Messages postés 31098 Date d'inscription Statut Modérateur Dernière intervention -
Bonjour,
rapport de OTL
<config>Windows Vista / InterneOTL logfile created on: 10/01/2013 16:43:23 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\patricia\Pictures
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
3,00 Gb Total Physical Memory | 1,29 Gb Available Physical Memory | 43,05% Memory free
6,20 Gb Paging File | 3,90 Gb Available in Paging File | 62,99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 223,12 Gb Total Space | 183,79 Gb Free Space | 82,37% Space Free | Partition Type: NTFS
Drive D: | 116,44 Gb Total Space | 110,11 Gb Free Space | 94,57% Space Free | Partition Type: NTFS
Drive F: | 116,44 Gb Total Space | 111,12 Gb Free Space | 95,43% Space Free | Partition Type: NTFS
Computer Name: PC-DE-PATRICIA | User Name: patricia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2013/01/10 16:42:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\patricia\Pictures\OTL.exe
PRC - [2013/01/09 16:08:59 | 000,699,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe
PRC - [2012/12/18 14:34:48 | 000,079,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012/12/18 14:34:43 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2012/12/18 14:34:32 | 000,384,800 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/12/18 14:34:32 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/11/12 03:45:22 | 001,104,824 | ---- | M] (Samsung) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012/11/12 03:45:18 | 000,309,688 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
PRC - [2012/11/12 03:45:14 | 000,968,120 | ---- | M] (Samsung) -- C:\Program Files\Samsung\Kies\Kies.exe
PRC - [2012/11/01 05:16:42 | 000,577,536 | ---- | M] (Samsung Electronics) -- C:\Program Files\Samsung\Kies\KiesAirMessage.exe
PRC - [2012/10/24 14:12:26 | 000,296,096 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2012/10/04 16:34:36 | 000,115,032 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe
PRC - [2012/08/22 11:46:46 | 000,307,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2012/08/15 19:08:34 | 000,231,768 | ---- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
PRC - [2012/06/06 20:33:42 | 001,564,872 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe
PRC - [2010/05/28 07:25:04 | 000,233,472 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/07/09 18:14:06 | 000,191,032 | ---- | M] (ATK) -- C:\Program Files\P4G\BatteryLife.exe
PRC - [2008/06/19 21:18:12 | 000,154,168 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe
PRC - [2008/06/18 07:10:34 | 000,424,504 | ---- | M] (ASUS) -- C:\Program Files\ASUS\SmartLogon\smartlogon.exe
PRC - [2008/06/18 07:10:24 | 000,297,528 | ---- | M] (ASUS) -- C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
PRC - [2008/06/04 02:29:08 | 000,851,968 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exe
PRC - [2008/03/18 20:27:11 | 000,013,312 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2008/02/02 00:17:26 | 000,233,472 | ---- | M] (ATK0100) -- C:\Program Files\ATK Hotkey\Hcontrol.exe
PRC - [2008/01/31 17:27:04 | 000,118,784 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
PRC - [2008/01/23 19:51:28 | 000,151,552 | ---- | M] () -- C:\Program Files\ATK Hotkey\WDC.exe
PRC - [2007/12/04 19:57:06 | 002,486,272 | ---- | M] () -- C:\Program Files\ATK Hotkey\ATKOSD.exe
PRC - [2007/11/30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe
PRC - [2007/11/05 04:48:06 | 000,106,496 | ---- | M] () -- C:\Program Files\ATK Hotkey\MsgTranAgt.exe
PRC - [2007/10/03 06:53:00 | 000,094,208 | ---- | M] () -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe
PRC - [2007/08/15 20:20:16 | 000,106,496 | ---- | M] () -- C:\Program Files\ATK Hotkey\KBFiltr.exe
PRC - [2007/08/08 09:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
PRC - [2007/08/03 21:24:54 | 000,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
PRC - [2007/07/06 01:53:44 | 001,040,384 | ---- | M] () -- C:\Program Files\Wireless Console 2\wcourier.exe
PRC - [2007/05/18 11:31:16 | 000,073,728 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2005/07/07 00:43:42 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\System32\ACEngSvr.exe
[color=#E56717]========== Modules (No Company Name) ==========[/color]
MOD - [2012/11/30 13:09:11 | 012,622,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Kies.Theme\60592abfc304544b1712bf503da2793f\Kies.Theme.ni.dll
MOD - [2012/11/30 13:09:10 | 000,604,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\DevicePodcast\bc4a62f19f31b850571b9ff674ce0e2d\DevicePodcast.ni.dll
MOD - [2012/11/30 13:09:08 | 000,349,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\DevicePhoto\01b6c62f0027ce8110bebb2976260789\DevicePhoto.ni.dll
MOD - [2012/11/30 13:09:08 | 000,278,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\DeviceVideo\ec83897283df6011211ead050e46e2bf\DeviceVideo.ni.dll
MOD - [2012/11/30 13:09:07 | 000,287,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\DeviceMusic\bbc4035e8f333ec4617ddfa14bc7743c\DeviceMusic.ni.dll
MOD - [2012/11/30 13:09:06 | 000,445,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\VideoManager\072e5b5302b48d6fa48112cc0dbf063c\VideoManager.ni.dll
MOD - [2012/11/30 13:09:04 | 001,480,704 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PodcastService\c84b301b66ff836c81b1a61240e41ead\PodcastService.ni.dll
MOD - [2012/11/30 13:09:03 | 000,587,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PhotoManager\5ccb558b14d51fd0abef8a6c93f91248\PhotoManager.ni.dll
MOD - [2012/11/30 13:09:02 | 001,054,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Podcaster\85b69de94d23219465614906746a3914\Podcaster.ni.dll
MOD - [2012/11/30 12:37:20 | 000,039,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Kies.Common.DeviceS#\cd1f6fa6afa434e343c74d35aa97bf57\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll
MOD - [2012/11/30 12:37:19 | 006,045,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\DeviceHost\148a531c3a92d97ec8b9b7e849c63458\DeviceHost.ni.dll
MOD - [2012/11/30 12:37:09 | 001,827,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Phonebook\4cf718d61f37ba33072b9303857dd298\Phonebook.ni.dll
MOD - [2012/11/30 12:37:03 | 000,970,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\CPKTMusicPlugin\118de6a020195522aa2dc0b099b90461\CPKTMusicPlugin.ni.dll
MOD - [2012/11/30 12:36:59 | 000,899,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MusicManager\0b6fe2992231569a6657a1a256828c1d\MusicManager.ni.dll
MOD - [2012/11/30 12:36:58 | 000,386,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\BATPlugin\c78c3c068b46b9c2bc15f0b09d5a2c8f\BATPlugin.ni.dll
MOD - [2012/11/30 12:36:55 | 000,485,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Kies.Common.MediaDB\68c4a6c63d8ef288f800501d65690feb\Kies.Common.MediaDB.ni.dll
MOD - [2012/11/30 12:36:55 | 000,031,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Kies.Common.StoreMa#\41454bf4c74ca3d5652b40d78fc5d3a5\Kies.Common.StoreManager.ni.dll
MOD - [2012/11/30 12:36:54 | 000,236,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ASF_cSharpAPI\6a9137adefc10e19d54166cbb9ab900f\ASF_cSharpAPI.ni.dll
MOD - [2012/11/30 12:36:53 | 000,063,488 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Kies.Common.AllShare\7d8ddf87a8304a7f851c858485bcc427\Kies.Common.AllShare.ni.dll
MOD - [2012/11/30 12:36:52 | 000,272,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Kies.Common.DeviceS#\6cdce1517f81d85a4b8f4cc2e8b17c36\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll
MOD - [2012/11/30 12:36:51 | 000,191,488 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Kies.Common.DeviceS#\3700b542d325bc7e69f9671413952dbe\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll
MOD - [2012/11/30 12:36:50 | 000,140,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.DevFileServ#\24ae42a3aa801e21a24148b04741b10a\Interop.DevFileServiceLib.ni.dll
MOD - [2012/11/30 12:36:49 | 000,446,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Kies.Common.DeviceS#\2a0e41b01b8dadf733b7311f546caa96\Kies.Common.DeviceServiceLib.FileService.ni.dll
MOD - [2012/11/30 12:36:48 | 000,602,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Kies.Common.DeviceS#\f308876acd5eb7d7b53fc3ef0c15ad5a\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll
MOD - [2012/11/30 12:36:46 | 000,137,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Kies.Common.DeviceS#\36321f09a8f224b7503a439aac93010d\Kies.Common.DeviceServiceLib.Interface.ni.dll
MOD - [2012/11/30 12:36:45 | 000,829,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Kies.Common.DeviceS#\55283ed9dfefb57b29782d54627baeb2\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll
MOD - [2012/11/30 12:36:44 | 000,930,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Kies.Common.DeviceS#\a4f68328ff6050a6c9298fe13a5c04a9\Kies.Common.DeviceService.ni.dll
MOD - [2012/11/30 12:36:42 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.MP3FileInfo#\961e63ffc20afba8fb42b51973e7133b\Interop.MP3FileInfoCOMLib.ni.dll
MOD - [2012/11/30 12:36:42 | 000,026,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.OGGFileInfo#\73df9fbb519bda81fb4829fc1931d24d\Interop.OGGFileInfoCOMLib.ni.dll
MOD - [2012/11/30 12:36:41 | 000,138,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.P3MPINTERFA#\846639c78b4b5a97fff86feef0c59e67\Interop.P3MPINTERFACECTRLLib.ni.dll
MOD - [2012/11/30 12:36:41 | 000,022,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.PRPLAYERCOR#\15bbe584c142f80aa9930f79421a4bf6\Interop.PRPLAYERCORELib.ni.dll
MOD - [2012/11/30 12:36:38 | 001,903,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Kies.Common.Multime#\43d8fcb35db9038f86e18028a07a71d2\Kies.Common.Multimedia.ni.dll
MOD - [2012/11/30 12:36:35 | 000,186,368 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Kies.Common.MainUI\b61a27664b3a2dc7e31e4e33ffc597b7\Kies.Common.MainUI.ni.dll
MOD - [2012/11/30 12:36:30 | 000,410,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\CabLib\cea0453374aaae2d627b890794032164\CabLib.ni.dll
MOD - [2012/11/30 12:36:30 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Kies.Common.DBManag#\2ec2d8454c04ef2877e492d398d457ac\Kies.Common.DBManager.ni.dll
MOD - [2012/11/30 12:36:29 | 000,743,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ICSharpCode.SharpZi#\9a445caa451a79a3218e10ed3e72c78a\ICSharpCode.SharpZipLib.ni.dll
MOD - [2012/11/30 12:36:28 | 000,270,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Kies.Common.Util\0862f698e2820026c5e4060daf1b21ab\Kies.Common.Util.ni.dll
MOD - [2012/11/30 12:36:26 | 001,477,632 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Kies.Locale\e06166ba7fdb6a49f1ba941db73c5093\Kies.Locale.ni.dll
MOD - [2012/11/30 12:36:26 | 000,050,176 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.DeviceSearc#\ac4704f5af965579b227718855921119\Interop.DeviceSearchLib.ni.dll
MOD - [2012/11/30 12:36:25 | 000,079,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Kies.MVVM\00b5635df3acb9d0054c7f277fa9a1ec\Kies.MVVM.ni.dll
MOD - [2012/11/30 12:36:24 | 001,778,176 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Kies.UI\ba1cc0373af019820c3db3d15b103a3f\Kies.UI.ni.dll
MOD - [2012/11/30 12:36:21 | 000,112,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\GongSolutions.Wpf.D#\3ac4f25519ad9a6a07a7cb87f07087f4\GongSolutions.Wpf.DragDrop.ni.dll
MOD - [2012/11/30 12:36:17 | 000,989,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Kies.Interface\ecd979c70a263d397f451a7a321c4681\Kies.Interface.ni.dll
MOD - [2012/11/30 12:36:15 | 001,511,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Kies\b2dd144e006c9772538d60bb9165da19\Kies.ni.exe
MOD - [2012/11/16 20:52:39 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\6525d5b1a3b2cbea3301959a47b353c2\System.ServiceProcess.ni.dll
MOD - [2012/11/16 20:52:17 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2633dbf77be293b3a8693b6b062fd787\System.Runtime.Remoting.ni.dll
MOD - [2012/11/16 20:51:58 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7f15d0cb7e4f87f86e425d5ffe7e8280\System.Configuration.ni.dll
MOD - [2012/11/16 17:18:47 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\741164a3e36f879b9f9e3ff176465127\System.Xml.ni.dll
MOD - [2012/11/16 17:17:44 | 002,295,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\0fe45f0908e1c17f9aca39670d35e3a7\System.Core.ni.dll
MOD - [2012/11/16 17:17:37 | 014,329,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\fb15c044e4e7d611a5cbe5a1aa6db455\PresentationFramework.ni.dll
MOD - [2012/11/16 17:17:20 | 012,219,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\09ab834223f9c860f08de8d58688b1a3\PresentationCore.ni.dll
MOD - [2012/11/16 17:17:08 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\0e3cff5f58a9a75de7fcac112c8bbca0\WindowsBase.ni.dll
MOD - [2012/11/16 17:17:04 | 007,976,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b2052acbbbba4f98585196872195e009\System.ni.dll
MOD - [2012/11/16 17:15:49 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7ad9c44df3b85848590e63f13fc59804\mscorlib.ni.dll
MOD - [2009/03/30 05:42:26 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
MOD - [2007/11/30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe
MOD - [2007/06/15 19:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll
MOD - [2007/06/02 02:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
[color=#E56717]========== Services (SafeList) ==========[/color]
SRV - File not found [Auto | Stopped] -- C:\Program Files\BboxUpdate\eSRunService.exe -- (eStantLaunchService)
SRV - File not found [Disabled | Stopped] -- C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe -- (Browser Manager)
SRV - [2013/01/09 16:22:42 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/18 14:34:43 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/12/18 14:34:32 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/06/14 23:17:46 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/06/07 18:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2010/05/28 07:25:04 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008/03/18 20:27:11 | 000,013,312 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2007/10/03 06:53:00 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2007/08/08 09:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2007/08/03 21:24:54 | 000,125,496 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)
SRV - [2007/05/18 11:31:16 | 000,073,728 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2013/01/10 15:55:49 | 000,015,616 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\TrueSight.sys -- (TrueSight)
DRV - [2012/12/18 11:28:39 | 000,134,336 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/12/18 11:28:39 | 000,083,944 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012/12/18 11:28:39 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011/06/07 11:13:36 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2010/06/17 14:28:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/05/28 07:25:04 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/05/25 08:59:24 | 000,121,576 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2010/05/25 08:59:24 | 000,096,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2010/05/25 08:59:24 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2010/05/25 08:59:24 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2008/06/26 06:58:59 | 007,534,720 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/06/03 22:41:51 | 000,015,928 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2008/05/29 19:21:02 | 000,015,416 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\System32\drivers\lullaby.sys -- (lullaby)
DRV - [2008/05/13 22:35:23 | 001,772,544 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2008/04/27 20:07:44 | 000,909,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007/11/16 05:09:03 | 000,048,128 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SiSGB6.sys -- (SiSGbeLH)
DRV - [2007/08/11 05:19:26 | 000,029,752 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AsDsm.sys -- (AsDsm)
DRV - [2007/08/09 05:42:08 | 000,045,568 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/08/03 20:26:21 | 000,020,936 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV - [2007/07/30 20:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/07/30 19:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007/07/24 20:09:04 | 000,013,880 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP)
DRV - [2006/12/15 08:11:57 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2006/11/02 08:41:50 | 000,983,552 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/02 08:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.com/webhp?gws_rd=ssl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?pc=MSSE
IE - HKLM\..\URLSearchHook: {19803860-b306-423c-bbb5-f60a7d82cde5} - C:\Program Files\WiseConvert_1.5\prxtbWise.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {80c554b9-c7f8-4a21-9471-06d606da78a2}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = https://www.google.com/webhp?sourceid=ie7&gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUS
IE - HKLM\..\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&form=MSSEDF&pc=MSSE
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = https://search.sweetim.com/search.asp?src=6&st=5&q={searchTerms}&barid={1A43EEC7-436B-4D16-96EF-D03D7076D08E}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://google/
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = http://google/
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\patricia\Pictures
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.com/webhp?gws_rd=ssl
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\..\URLSearchHook: {19803860-b306-423c-bbb5-f60a7d82cde5} - C:\Program Files\WiseConvert_1.5\prxtbWise.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\..\SearchScopes,bProtectorDefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\..\SearchScopes,BrowserMngrDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=111020&tt=120912_ccp_3712_7&babsrc=SP_ss&mntrId=06d262540000000000000015afe0a6c9
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\..\SearchScopes\{486D4D77-F837-4359-A283-7EA466F5FA0B}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3242339
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = https://www.google.com/webhp?sourceid=ie7&gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUS_frFR488
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\..\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&form=MSSEDF&pc=MSSE
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\..\SearchScopes\{9D5BD211-422C-4164-9298-BB4186A30F31}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&mkt=fr-FR&form=IE0004
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = https://search.sweetim.com/search.asp?src=6&st=17&q={searchTerms}&barid={1A43EEC7-436B-4D16-96EF-D03D7076D08E}
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\..\SearchScopes\{FFC2AF62-16FE-44B9-B25C-5A8D5B683B3C}: "URL" = http://www.search.ask.com/?l=dis{searchTerms}&locale=fr_FR&apn_ptnrs=AU&apn_dtid=YYYYYYYYFR&apn_uid=ad9bcb1c-0184-40e5-b23a-7f79c074b73e&apn_sauid=2C491685-8A5B-426A-B067-7A1AAE7008F0
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "SweetIM Search"
FF - prefs.js..browser.startup.homepage: "https://home.sweetim.com/?crg=3.1010006&st=12&barid={1A43EEC7-436B-4D16-96EF-D03D7076D08E}"
FF - prefs.js..keyword.URL: "https://search.sweetim.com/search.asp?src=2&barid={1A43EEC7-436B-4D16-96EF-D03D7076D08E}&q="
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?AF=109101&babsrc=HP_ss&mntrId=06d262540000000000000015afe0a6c9"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "http://s1.bubbledock.com/store/fr_fr/?utm_source=nsis&utm_medium=1000000100130010&utm_campaign=noq"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.babylon.com/?AF=109101&babsrc=adbartrp&mntrId=06d262540000000000000015afe0a6c9&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll File not found
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: D:\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/10/24 14:13:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/16 22:59:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension
[2012/06/16 23:00:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\patricia\AppData\Roaming\mozilla\Extensions
[2012/10/31 22:53:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\patricia\AppData\Roaming\mozilla\Firefox\Profiles\qyovrhwj.default\extensions
[2012/10/31 22:53:40 | 000,000,000 | ---D | M] (PriceGong) -- C:\Users\patricia\AppData\Roaming\mozilla\Firefox\Profiles\qyovrhwj.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}
[2012/06/17 13:51:48 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Users\patricia\AppData\Roaming\mozilla\Firefox\Profiles\qyovrhwj.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
[2012/10/29 15:25:23 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\patricia\AppData\Roaming\mozilla\Firefox\Profiles\qyovrhwj.default\extensions\ffxtlbr@babylon.com
[2012/10/31 23:38:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\patricia\AppData\Roaming\mozilla\Firefox\Profiles\qyovrhwj.default\extensions\staged
[2012/07/01 11:11:30 | 000,000,000 | ---D | M] (Auslogics Toolbar) -- C:\Users\patricia\AppData\Roaming\mozilla\Firefox\Profiles\qyovrhwj.default\extensions\toolbar@ask.com
[2012/10/31 22:53:34 | 000,189,128 | ---- | M] () (No name found) -- C:\Users\patricia\AppData\Roaming\mozilla\firefox\profiles\qyovrhwj.default\extensions\staged\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
[2012/07/01 11:11:29 | 000,002,323 | ---- | M] () -- C:\Users\patricia\AppData\Roaming\mozilla\firefox\profiles\qyovrhwj.default\searchplugins\askcom.xml
[2012/09/13 14:39:04 | 000,002,223 | ---- | M] () -- C:\Users\patricia\AppData\Roaming\mozilla\firefox\profiles\qyovrhwj.default\searchplugins\BabylonMngr.xml
[2012/06/18 12:48:12 | 000,002,650 | ---- | M] () -- C:\Users\patricia\AppData\Roaming\mozilla\firefox\profiles\qyovrhwj.default\searchplugins\bing.xml
[2012/10/31 23:38:38 | 000,003,983 | ---- | M] () -- C:\Users\patricia\AppData\Roaming\mozilla\firefox\profiles\qyovrhwj.default\searchplugins\sweetim.xml
[2012/06/16 22:59:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
File not found (No name found) -- C:\PROGRAMDATA\BROWSER MANAGER\2.3.787.43\{16CDFF19-861D-48E3-A751-D99A27784753}\FIREFOXEXTENSION
File not found (No name found) -- C:\USERS\PATRICIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QYOVRHWJ.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}.XPI
[2012/06/14 23:19:07 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/06/15 01:27:03 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2012/09/13 14:39:10 | 000,002,310 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012/06/15 01:27:03 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/06/15 01:27:03 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2012/06/15 01:27:03 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2012/06/15 01:27:03 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2012/06/15 01:27:03 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
[color=#E56717]========== Chrome ==========[/color]
CHR - homepage: https://home.sweetim.com/?st=17&barid={1A43EEC7-436B-4D16-96EF-D03D7076D08E}
CHR - Extension: No name found = C:\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaoccmlobjijkmfemmhallncnlnmeh\7.15.4.0_0\
CHR - Extension: No name found = C:\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok\5.6.8\
CHR - Extension: No name found = C:\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: No name found = C:\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: No name found = C:\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\Copy of
CHR - Extension: No name found = C:\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\
CHR - Extension: No name found = C:\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: No name found = C:\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\
CHR - Extension: No name found = C:\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
CHR - Extension: No name found = C:\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaoccmlobjijkmfemmhallncnlnmeh\7.15.4.0_0\
CHR - Extension: No name found = C:\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok\5.6.8\
CHR - Extension: No name found = C:\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: No name found = C:\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: No name found = C:\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\Copy of
CHR - Extension: No name found = C:\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\
CHR - Extension: No name found = C:\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: No name found = C:\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\
CHR - Extension: No name found = C:\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Shopping Assistant Plugin) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files\PriceGong\2.6.8\PriceGongIE.dll (PriceGong)
O2 - BHO: (WiseConvert 1.5 Toolbar) - {19803860-b306-423c-bbb5-f60a7d82cde5} - C:\Program Files\WiseConvert_1.5\prxtbWise.dll (Conduit Ltd.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (TBSB01620 Class) - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - C:\Program Files\IMinent Toolbar\tbcore3.dll File not found
O2 - BHO: (Auslogics Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (WiseConvert 1.5 Toolbar) - {19803860-b306-423c-bbb5-f60a7d82cde5} - C:\Program Files\WiseConvert_1.5\prxtbWise.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files\IMinent Toolbar\tbcore3.dll File not found
O3 - HKLM\..\Toolbar: (Auslogics Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\..\Toolbar\WebBrowser: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files\IMinent Toolbar\tbcore3.dll File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)
O4 - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O7 - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{32BEAC0F-8318-452E-B81D-AA0224160907}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8E796CD5-2ED3-41F1-A678-23039DC19951}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~2\browse~1\23787~1.43\{16cdf~1\browse~1.dll) - File not found
O20 - AppInit_DLLs: (c:\progra~2\browse~1\22643~1.41\{16cdf~1\browse~1.dll) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\patricia\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\patricia\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2013/01/10 15:55:25 | 000,000,000 | ---D | C] -- C:\Users\patricia\Desktop\RK_Quarantine
[2013/01/10 12:32:21 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{89C6887C-9DFF-482D-AD98-89DAEA131429}
[2013/01/09 16:00:49 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Roaming\Avira
[2013/01/09 15:55:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2013/01/09 15:54:56 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2013/01/09 15:54:55 | 000,134,336 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2013/01/09 15:54:55 | 000,036,552 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2013/01/09 15:54:54 | 000,083,944 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2013/01/09 15:54:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2013/01/09 15:54:53 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2013/01/09 14:05:59 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paris 1925 - L Ombre du Fantome - Les grands debut d'Edgar Lance
[2013/01/09 14:05:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paris 1925 - L Ombre du Fantome - Les grands debut d'Edgar Lance
[2013/01/09 14:05:59 | 000,000,000 | ---D | C] -- C:\Program Files\Paris 1925 - L Ombre du Fantome - Les grands debut d'Edgar Lance
[2013/01/09 12:38:26 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{1983FA32-94C0-42D7-94D6-57F4EC7051AF}
[2013/01/08 14:31:53 | 000,000,000 | ---D | C] -- C:\Users\patricia\Documents\Mes fichiers reçus - Copie
[2013/01/08 14:31:53 | 000,000,000 | ---D | C] -- C:\Users\patricia\Documents\Mes documents PaperPort
[2013/01/08 11:01:21 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{4175E00F-A398-4F1D-8AC4-7C77EA4774CB}
[2013/01/07 12:35:04 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Le Merveilleux Pays de Noel 3
[2013/01/07 12:35:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Le Merveilleux Pays de Noel 3
[2013/01/07 12:35:04 | 000,000,000 | ---D | C] -- C:\Program Files\Le Merveilleux Pays de Noel 3
[2013/01/07 12:30:52 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Web of Deceit - La Veuve Noire Edition Collector
[2013/01/07 12:30:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Web of Deceit - La Veuve Noire Edition Collector
[2013/01/07 12:30:52 | 000,000,000 | ---D | C] -- C:\Program Files\Web of Deceit - La Veuve Noire Edition Collector
[2013/01/07 08:54:50 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{61798A03-7D33-4041-B7C5-0540A90A2C04}
[2013/01/06 15:20:11 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tales of Terror - L'Aube Pourpre
[2013/01/06 15:20:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tales of Terror - L'Aube Pourpre
[2013/01/06 15:20:11 | 000,000,000 | ---D | C] -- C:\Program Files\Tales of Terror - L'Aube Pourpre
[2013/01/06 11:56:33 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{85BC7A6D-25EA-4BDF-806F-B90D0F7BA741}
[2013/01/05 22:49:52 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{B64F7EED-BAFB-45A7-8F19-130DC14B6426}
[2013/01/05 09:36:23 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{DF377047-C184-44B9-8FBD-5DA67C4F36C4}
[2013/01/04 14:44:45 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Roaming\unikgame
[2013/01/04 12:35:45 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{3F1B4508-345C-46E6-987F-4342716D2B0B}
[2013/01/03 12:02:31 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Roaming\EleFun Games
[2013/01/03 11:48:29 | 000,000,000 | ---D | C] -- C:\Program Files\Mayan Prophecies - Le Bateau Fantome Edition Collector
[2013/01/03 09:20:56 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{AED4A1F7-520E-4381-B103-2297150C0675}
[2013/01/02 16:04:21 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Roaming\FOP
[2013/01/02 12:34:16 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{C6447FC5-4837-4629-9D3F-ACD0EF0FA791}
[2013/01/01 17:05:59 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{7E9D9C83-27CF-4821-AE67-3A9203D47AA7}
[2012/12/30 22:59:35 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{B3597A6B-1948-4F20-AA5C-84B47B38DD17}
[2012/12/30 10:05:47 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{968CADDD-B1D4-482B-9224-EA7711C704D2}
[2012/12/29 21:26:57 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{5725DB89-BB14-4EB9-820F-360499B394B7}
[2012/12/29 09:26:34 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{A3884350-D12F-4337-8762-80457BCC5FD7}
[2012/12/28 21:06:27 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{2BA534CE-AF4B-4904-A02A-F0ABADA822A5}
[2012/12/28 09:05:52 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{038393F7-398C-4DEE-829F-E66C9A913816}
[2012/12/27 12:36:48 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{6E33FAF5-7B1D-45D1-9BD7-090E59A63A19}
[2012/12/26 12:32:00 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{9646C23B-1D61-44AE-AE77-E2EED9F1FD94}
[2012/12/25 09:25:35 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{063A8A96-2FDE-49BD-A22E-A392AE6A5E3B}
[2012/12/24 10:15:26 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{CE8AEE57-753B-4C9E-ACB2-84FA39539F1A}
[2012/12/23 10:37:33 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{92087CD4-A238-430E-849E-E36816A09BD7}
[2012/12/22 22:37:35 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{0A8A69F1-BB56-4EBD-9596-F6DCC9C72B97}
[2012/12/22 09:26:04 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{48EAD331-D73E-4984-9AD8-5D8661F568A9}
[2012/12/22 00:03:59 | 000,293,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012/12/22 00:03:59 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012/12/21 21:11:09 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{677C5C20-C4BC-4CA2-881B-537953E0785A}
[2012/12/21 15:33:46 | 000,000,000 | ---D | C] -- C:\Program Files\Christmas Stories - Casse-Noisette Edition Collector
[2012/12/21 09:10:47 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{015C15C6-8EB0-4F45-8133-870C614BE3E6}
[2012/12/20 15:23:14 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Roaming\SecretsOfTheTitanic
[2012/12/20 15:22:18 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Roaming\Hidden Objects Expert
[2012/12/20 12:33:22 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{C105D15B-411E-4673-B79B-5375744A44D1}
[2012/12/19 12:34:47 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{182A7178-0425-4C22-9B9B-49DC7DC623BA}
[2012/12/18 13:39:21 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Roaming\Rainbow
[2012/12/18 10:59:57 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{45920A79-9674-4307-A768-53286BD684C3}
[2012/12/17 10:31:30 | 000,000,000 | ---D | C] -- C:\Program Files\Grim Tales - Les Souhaits
[2012/12/17 10:18:54 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{92A05A7F-8494-4B10-8141-8D395F9FBB50}
[2012/12/16 11:22:12 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{D9380095-C9EB-4A70-89E0-71475B794482}
[2012/12/15 09:34:25 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{ED861C57-0960-43D5-B46A-AAF10ECCA094}
[2012/12/14 22:41:06 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Roaming\torrent
[2012/12/14 17:16:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2012/12/14 12:39:20 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{65C44CC4-93B4-40F4-B5DE-D87D30F83958}
[2012/12/13 12:46:08 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/12/13 12:46:07 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/12/13 12:46:06 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012/12/13 12:46:06 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/12/13 12:46:06 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/12/13 12:46:04 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/12/13 12:46:04 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/12/13 12:46:02 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/12/13 12:44:01 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll
[2012/12/13 12:43:59 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2012/12/13 12:43:59 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2012/12/13 12:43:59 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winusb.dll
[2012/12/13 12:43:58 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2012/12/13 12:43:57 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2012/12/13 12:37:02 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{BD35730C-1C1B-4FA9-9E28-E214A6CB08E7}
[2012/12/12 12:41:59 | 002,048,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/12/12 12:41:56 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll
[2012/12/12 12:41:56 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnsvr.exe
[2012/12/12 12:41:51 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012/12/12 12:33:42 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{65223508-F385-4828-8A0B-C3D811C9318A}
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2013/01/10 16:23:30 | 000,028,124 | ---- | M] () -- C:\ProgramData\nvModes.001
[2013/01/10 16:23:21 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/10 16:23:18 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/10 16:23:17 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/10 16:23:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/10 16:22:21 | 3220,529,152 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/10 15:55:49 | 000,015,616 | ---- | M] () -- C:\Windows\System32\drivers\TrueSight.sys
[2013/01/10 15:50:00 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/10 15:22:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/01/09 16:22:40 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/01/09 16:22:40 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/01/09 15:55:06 | 000,001,854 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013/01/09 15:17:12 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/01/09 14:07:26 | 000,001,294 | ---- | M] () -- C:\Users\Public\Desktop\Encore plus de jeux.lnk
[2013/01/09 12:37:17 | 000,010,772 | -HS- | M] () -- C:\Users\patricia\AppData\Local\1pb78m8n6he1l1565b3k36w7o7of8ksb88y53s63tpqg0vl
[2013/01/08 16:44:43 | 000,028,124 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2013/01/08 11:44:47 | 000,009,728 | ---- | M] () -- C:\Users\patricia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/01/07 16:39:18 | 000,010,162 | -HS- | M] () -- C:\ProgramData\1pb78m8n6he1l1565b3k36w7o7of8ksb88y53s63tpqg0vl
[2013/01/06 17:23:28 | 000,072,704 | ---- | M] () -- C:\Users\patricia\Documents\cerveau.pps
[2013/01/04 16:34:45 | 001,781,760 | ---- | M] () -- C:\Users\patricia\Documents\NOEL LE PERE NOEL EST.pps
[2012/12/22 09:24:00 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2012/12/22 09:22:49 | 000,399,248 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/12/21 09:15:11 | 000,679,042 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2012/12/21 09:15:11 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/12/21 09:15:11 | 000,126,626 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2012/12/21 09:15:11 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/12/18 11:28:39 | 000,134,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2012/12/18 11:28:39 | 000,083,944 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2012/12/18 11:28:39 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2012/12/16 14:12:54 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012/12/16 11:50:29 | 000,293,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012/12/15 19:14:15 | 000,001,894 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 8.l
rapport de OTL
<config>Windows Vista / InterneOTL logfile created on: 10/01/2013 16:43:23 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\patricia\Pictures
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
3,00 Gb Total Physical Memory | 1,29 Gb Available Physical Memory | 43,05% Memory free
6,20 Gb Paging File | 3,90 Gb Available in Paging File | 62,99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 223,12 Gb Total Space | 183,79 Gb Free Space | 82,37% Space Free | Partition Type: NTFS
Drive D: | 116,44 Gb Total Space | 110,11 Gb Free Space | 94,57% Space Free | Partition Type: NTFS
Drive F: | 116,44 Gb Total Space | 111,12 Gb Free Space | 95,43% Space Free | Partition Type: NTFS
Computer Name: PC-DE-PATRICIA | User Name: patricia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2013/01/10 16:42:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\patricia\Pictures\OTL.exe
PRC - [2013/01/09 16:08:59 | 000,699,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe
PRC - [2012/12/18 14:34:48 | 000,079,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012/12/18 14:34:43 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2012/12/18 14:34:32 | 000,384,800 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/12/18 14:34:32 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/11/12 03:45:22 | 001,104,824 | ---- | M] (Samsung) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012/11/12 03:45:18 | 000,309,688 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
PRC - [2012/11/12 03:45:14 | 000,968,120 | ---- | M] (Samsung) -- C:\Program Files\Samsung\Kies\Kies.exe
PRC - [2012/11/01 05:16:42 | 000,577,536 | ---- | M] (Samsung Electronics) -- C:\Program Files\Samsung\Kies\KiesAirMessage.exe
PRC - [2012/10/24 14:12:26 | 000,296,096 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2012/10/04 16:34:36 | 000,115,032 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe
PRC - [2012/08/22 11:46:46 | 000,307,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2012/08/15 19:08:34 | 000,231,768 | ---- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
PRC - [2012/06/06 20:33:42 | 001,564,872 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe
PRC - [2010/05/28 07:25:04 | 000,233,472 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/07/09 18:14:06 | 000,191,032 | ---- | M] (ATK) -- C:\Program Files\P4G\BatteryLife.exe
PRC - [2008/06/19 21:18:12 | 000,154,168 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe
PRC - [2008/06/18 07:10:34 | 000,424,504 | ---- | M] (ASUS) -- C:\Program Files\ASUS\SmartLogon\smartlogon.exe
PRC - [2008/06/18 07:10:24 | 000,297,528 | ---- | M] (ASUS) -- C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
PRC - [2008/06/04 02:29:08 | 000,851,968 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exe
PRC - [2008/03/18 20:27:11 | 000,013,312 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2008/02/02 00:17:26 | 000,233,472 | ---- | M] (ATK0100) -- C:\Program Files\ATK Hotkey\Hcontrol.exe
PRC - [2008/01/31 17:27:04 | 000,118,784 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
PRC - [2008/01/23 19:51:28 | 000,151,552 | ---- | M] () -- C:\Program Files\ATK Hotkey\WDC.exe
PRC - [2007/12/04 19:57:06 | 002,486,272 | ---- | M] () -- C:\Program Files\ATK Hotkey\ATKOSD.exe
PRC - [2007/11/30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe
PRC - [2007/11/05 04:48:06 | 000,106,496 | ---- | M] () -- C:\Program Files\ATK Hotkey\MsgTranAgt.exe
PRC - [2007/10/03 06:53:00 | 000,094,208 | ---- | M] () -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe
PRC - [2007/08/15 20:20:16 | 000,106,496 | ---- | M] () -- C:\Program Files\ATK Hotkey\KBFiltr.exe
PRC - [2007/08/08 09:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
PRC - [2007/08/03 21:24:54 | 000,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
PRC - [2007/07/06 01:53:44 | 001,040,384 | ---- | M] () -- C:\Program Files\Wireless Console 2\wcourier.exe
PRC - [2007/05/18 11:31:16 | 000,073,728 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2005/07/07 00:43:42 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\System32\ACEngSvr.exe
[color=#E56717]========== Modules (No Company Name) ==========[/color]
MOD - [2012/11/30 13:09:11 | 012,622,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Kies.Theme\60592abfc304544b1712bf503da2793f\Kies.Theme.ni.dll
MOD - [2012/11/30 13:09:10 | 000,604,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\DevicePodcast\bc4a62f19f31b850571b9ff674ce0e2d\DevicePodcast.ni.dll
MOD - [2012/11/30 13:09:08 | 000,349,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\DevicePhoto\01b6c62f0027ce8110bebb2976260789\DevicePhoto.ni.dll
MOD - [2012/11/30 13:09:08 | 000,278,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\DeviceVideo\ec83897283df6011211ead050e46e2bf\DeviceVideo.ni.dll
MOD - [2012/11/30 13:09:07 | 000,287,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\DeviceMusic\bbc4035e8f333ec4617ddfa14bc7743c\DeviceMusic.ni.dll
MOD - [2012/11/30 13:09:06 | 000,445,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\VideoManager\072e5b5302b48d6fa48112cc0dbf063c\VideoManager.ni.dll
MOD - [2012/11/30 13:09:04 | 001,480,704 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PodcastService\c84b301b66ff836c81b1a61240e41ead\PodcastService.ni.dll
MOD - [2012/11/30 13:09:03 | 000,587,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PhotoManager\5ccb558b14d51fd0abef8a6c93f91248\PhotoManager.ni.dll
MOD - [2012/11/30 13:09:02 | 001,054,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Podcaster\85b69de94d23219465614906746a3914\Podcaster.ni.dll
MOD - [2012/11/30 12:37:20 | 000,039,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Kies.Common.DeviceS#\cd1f6fa6afa434e343c74d35aa97bf57\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll
MOD - [2012/11/30 12:37:19 | 006,045,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\DeviceHost\148a531c3a92d97ec8b9b7e849c63458\DeviceHost.ni.dll
MOD - [2012/11/30 12:37:09 | 001,827,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Phonebook\4cf718d61f37ba33072b9303857dd298\Phonebook.ni.dll
MOD - [2012/11/30 12:37:03 | 000,970,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\CPKTMusicPlugin\118de6a020195522aa2dc0b099b90461\CPKTMusicPlugin.ni.dll
MOD - [2012/11/30 12:36:59 | 000,899,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MusicManager\0b6fe2992231569a6657a1a256828c1d\MusicManager.ni.dll
MOD - [2012/11/30 12:36:58 | 000,386,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\BATPlugin\c78c3c068b46b9c2bc15f0b09d5a2c8f\BATPlugin.ni.dll
MOD - [2012/11/30 12:36:55 | 000,485,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Kies.Common.MediaDB\68c4a6c63d8ef288f800501d65690feb\Kies.Common.MediaDB.ni.dll
MOD - [2012/11/30 12:36:55 | 000,031,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Kies.Common.StoreMa#\41454bf4c74ca3d5652b40d78fc5d3a5\Kies.Common.StoreManager.ni.dll
MOD - [2012/11/30 12:36:54 | 000,236,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ASF_cSharpAPI\6a9137adefc10e19d54166cbb9ab900f\ASF_cSharpAPI.ni.dll
MOD - [2012/11/30 12:36:53 | 000,063,488 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Kies.Common.AllShare\7d8ddf87a8304a7f851c858485bcc427\Kies.Common.AllShare.ni.dll
MOD - [2012/11/30 12:36:52 | 000,272,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Kies.Common.DeviceS#\6cdce1517f81d85a4b8f4cc2e8b17c36\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll
MOD - [2012/11/30 12:36:51 | 000,191,488 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Kies.Common.DeviceS#\3700b542d325bc7e69f9671413952dbe\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll
MOD - [2012/11/30 12:36:50 | 000,140,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.DevFileServ#\24ae42a3aa801e21a24148b04741b10a\Interop.DevFileServiceLib.ni.dll
MOD - [2012/11/30 12:36:49 | 000,446,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Kies.Common.DeviceS#\2a0e41b01b8dadf733b7311f546caa96\Kies.Common.DeviceServiceLib.FileService.ni.dll
MOD - [2012/11/30 12:36:48 | 000,602,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Kies.Common.DeviceS#\f308876acd5eb7d7b53fc3ef0c15ad5a\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll
MOD - [2012/11/30 12:36:46 | 000,137,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Kies.Common.DeviceS#\36321f09a8f224b7503a439aac93010d\Kies.Common.DeviceServiceLib.Interface.ni.dll
MOD - [2012/11/30 12:36:45 | 000,829,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Kies.Common.DeviceS#\55283ed9dfefb57b29782d54627baeb2\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll
MOD - [2012/11/30 12:36:44 | 000,930,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Kies.Common.DeviceS#\a4f68328ff6050a6c9298fe13a5c04a9\Kies.Common.DeviceService.ni.dll
MOD - [2012/11/30 12:36:42 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.MP3FileInfo#\961e63ffc20afba8fb42b51973e7133b\Interop.MP3FileInfoCOMLib.ni.dll
MOD - [2012/11/30 12:36:42 | 000,026,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.OGGFileInfo#\73df9fbb519bda81fb4829fc1931d24d\Interop.OGGFileInfoCOMLib.ni.dll
MOD - [2012/11/30 12:36:41 | 000,138,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.P3MPINTERFA#\846639c78b4b5a97fff86feef0c59e67\Interop.P3MPINTERFACECTRLLib.ni.dll
MOD - [2012/11/30 12:36:41 | 000,022,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.PRPLAYERCOR#\15bbe584c142f80aa9930f79421a4bf6\Interop.PRPLAYERCORELib.ni.dll
MOD - [2012/11/30 12:36:38 | 001,903,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Kies.Common.Multime#\43d8fcb35db9038f86e18028a07a71d2\Kies.Common.Multimedia.ni.dll
MOD - [2012/11/30 12:36:35 | 000,186,368 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Kies.Common.MainUI\b61a27664b3a2dc7e31e4e33ffc597b7\Kies.Common.MainUI.ni.dll
MOD - [2012/11/30 12:36:30 | 000,410,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\CabLib\cea0453374aaae2d627b890794032164\CabLib.ni.dll
MOD - [2012/11/30 12:36:30 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Kies.Common.DBManag#\2ec2d8454c04ef2877e492d398d457ac\Kies.Common.DBManager.ni.dll
MOD - [2012/11/30 12:36:29 | 000,743,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ICSharpCode.SharpZi#\9a445caa451a79a3218e10ed3e72c78a\ICSharpCode.SharpZipLib.ni.dll
MOD - [2012/11/30 12:36:28 | 000,270,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Kies.Common.Util\0862f698e2820026c5e4060daf1b21ab\Kies.Common.Util.ni.dll
MOD - [2012/11/30 12:36:26 | 001,477,632 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Kies.Locale\e06166ba7fdb6a49f1ba941db73c5093\Kies.Locale.ni.dll
MOD - [2012/11/30 12:36:26 | 000,050,176 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.DeviceSearc#\ac4704f5af965579b227718855921119\Interop.DeviceSearchLib.ni.dll
MOD - [2012/11/30 12:36:25 | 000,079,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Kies.MVVM\00b5635df3acb9d0054c7f277fa9a1ec\Kies.MVVM.ni.dll
MOD - [2012/11/30 12:36:24 | 001,778,176 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Kies.UI\ba1cc0373af019820c3db3d15b103a3f\Kies.UI.ni.dll
MOD - [2012/11/30 12:36:21 | 000,112,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\GongSolutions.Wpf.D#\3ac4f25519ad9a6a07a7cb87f07087f4\GongSolutions.Wpf.DragDrop.ni.dll
MOD - [2012/11/30 12:36:17 | 000,989,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Kies.Interface\ecd979c70a263d397f451a7a321c4681\Kies.Interface.ni.dll
MOD - [2012/11/30 12:36:15 | 001,511,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Kies\b2dd144e006c9772538d60bb9165da19\Kies.ni.exe
MOD - [2012/11/16 20:52:39 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\6525d5b1a3b2cbea3301959a47b353c2\System.ServiceProcess.ni.dll
MOD - [2012/11/16 20:52:17 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2633dbf77be293b3a8693b6b062fd787\System.Runtime.Remoting.ni.dll
MOD - [2012/11/16 20:51:58 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7f15d0cb7e4f87f86e425d5ffe7e8280\System.Configuration.ni.dll
MOD - [2012/11/16 17:18:47 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\741164a3e36f879b9f9e3ff176465127\System.Xml.ni.dll
MOD - [2012/11/16 17:17:44 | 002,295,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\0fe45f0908e1c17f9aca39670d35e3a7\System.Core.ni.dll
MOD - [2012/11/16 17:17:37 | 014,329,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\fb15c044e4e7d611a5cbe5a1aa6db455\PresentationFramework.ni.dll
MOD - [2012/11/16 17:17:20 | 012,219,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\09ab834223f9c860f08de8d58688b1a3\PresentationCore.ni.dll
MOD - [2012/11/16 17:17:08 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\0e3cff5f58a9a75de7fcac112c8bbca0\WindowsBase.ni.dll
MOD - [2012/11/16 17:17:04 | 007,976,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b2052acbbbba4f98585196872195e009\System.ni.dll
MOD - [2012/11/16 17:15:49 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7ad9c44df3b85848590e63f13fc59804\mscorlib.ni.dll
MOD - [2009/03/30 05:42:26 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
MOD - [2007/11/30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe
MOD - [2007/06/15 19:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll
MOD - [2007/06/02 02:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
[color=#E56717]========== Services (SafeList) ==========[/color]
SRV - File not found [Auto | Stopped] -- C:\Program Files\BboxUpdate\eSRunService.exe -- (eStantLaunchService)
SRV - File not found [Disabled | Stopped] -- C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe -- (Browser Manager)
SRV - [2013/01/09 16:22:42 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/18 14:34:43 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/12/18 14:34:32 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/06/14 23:17:46 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/06/07 18:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2010/05/28 07:25:04 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008/03/18 20:27:11 | 000,013,312 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2007/10/03 06:53:00 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2007/08/08 09:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2007/08/03 21:24:54 | 000,125,496 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)
SRV - [2007/05/18 11:31:16 | 000,073,728 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2013/01/10 15:55:49 | 000,015,616 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\TrueSight.sys -- (TrueSight)
DRV - [2012/12/18 11:28:39 | 000,134,336 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/12/18 11:28:39 | 000,083,944 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012/12/18 11:28:39 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011/06/07 11:13:36 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2010/06/17 14:28:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/05/28 07:25:04 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/05/25 08:59:24 | 000,121,576 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2010/05/25 08:59:24 | 000,096,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2010/05/25 08:59:24 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2010/05/25 08:59:24 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2008/06/26 06:58:59 | 007,534,720 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/06/03 22:41:51 | 000,015,928 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2008/05/29 19:21:02 | 000,015,416 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\System32\drivers\lullaby.sys -- (lullaby)
DRV - [2008/05/13 22:35:23 | 001,772,544 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2008/04/27 20:07:44 | 000,909,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007/11/16 05:09:03 | 000,048,128 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SiSGB6.sys -- (SiSGbeLH)
DRV - [2007/08/11 05:19:26 | 000,029,752 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AsDsm.sys -- (AsDsm)
DRV - [2007/08/09 05:42:08 | 000,045,568 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/08/03 20:26:21 | 000,020,936 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV - [2007/07/30 20:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/07/30 19:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007/07/24 20:09:04 | 000,013,880 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP)
DRV - [2006/12/15 08:11:57 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2006/11/02 08:41:50 | 000,983,552 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/02 08:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.com/webhp?gws_rd=ssl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?pc=MSSE
IE - HKLM\..\URLSearchHook: {19803860-b306-423c-bbb5-f60a7d82cde5} - C:\Program Files\WiseConvert_1.5\prxtbWise.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {80c554b9-c7f8-4a21-9471-06d606da78a2}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = https://www.google.com/webhp?sourceid=ie7&gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUS
IE - HKLM\..\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&form=MSSEDF&pc=MSSE
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = https://search.sweetim.com/search.asp?src=6&st=5&q={searchTerms}&barid={1A43EEC7-436B-4D16-96EF-D03D7076D08E}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://google/
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = http://google/
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\patricia\Pictures
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.com/webhp?gws_rd=ssl
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\..\URLSearchHook: {19803860-b306-423c-bbb5-f60a7d82cde5} - C:\Program Files\WiseConvert_1.5\prxtbWise.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\..\SearchScopes,bProtectorDefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\..\SearchScopes,BrowserMngrDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=111020&tt=120912_ccp_3712_7&babsrc=SP_ss&mntrId=06d262540000000000000015afe0a6c9
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\..\SearchScopes\{486D4D77-F837-4359-A283-7EA466F5FA0B}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3242339
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = https://www.google.com/webhp?sourceid=ie7&gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUS_frFR488
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\..\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&form=MSSEDF&pc=MSSE
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\..\SearchScopes\{9D5BD211-422C-4164-9298-BB4186A30F31}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&mkt=fr-FR&form=IE0004
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = https://search.sweetim.com/search.asp?src=6&st=17&q={searchTerms}&barid={1A43EEC7-436B-4D16-96EF-D03D7076D08E}
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\..\SearchScopes\{FFC2AF62-16FE-44B9-B25C-5A8D5B683B3C}: "URL" = http://www.search.ask.com/?l=dis{searchTerms}&locale=fr_FR&apn_ptnrs=AU&apn_dtid=YYYYYYYYFR&apn_uid=ad9bcb1c-0184-40e5-b23a-7f79c074b73e&apn_sauid=2C491685-8A5B-426A-B067-7A1AAE7008F0
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "SweetIM Search"
FF - prefs.js..browser.startup.homepage: "https://home.sweetim.com/?crg=3.1010006&st=12&barid={1A43EEC7-436B-4D16-96EF-D03D7076D08E}"
FF - prefs.js..keyword.URL: "https://search.sweetim.com/search.asp?src=2&barid={1A43EEC7-436B-4D16-96EF-D03D7076D08E}&q="
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?AF=109101&babsrc=HP_ss&mntrId=06d262540000000000000015afe0a6c9"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "http://s1.bubbledock.com/store/fr_fr/?utm_source=nsis&utm_medium=1000000100130010&utm_campaign=noq"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.babylon.com/?AF=109101&babsrc=adbartrp&mntrId=06d262540000000000000015afe0a6c9&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll File not found
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: D:\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/10/24 14:13:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/16 22:59:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension
[2012/06/16 23:00:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\patricia\AppData\Roaming\mozilla\Extensions
[2012/10/31 22:53:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\patricia\AppData\Roaming\mozilla\Firefox\Profiles\qyovrhwj.default\extensions
[2012/10/31 22:53:40 | 000,000,000 | ---D | M] (PriceGong) -- C:\Users\patricia\AppData\Roaming\mozilla\Firefox\Profiles\qyovrhwj.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}
[2012/06/17 13:51:48 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Users\patricia\AppData\Roaming\mozilla\Firefox\Profiles\qyovrhwj.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
[2012/10/29 15:25:23 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\patricia\AppData\Roaming\mozilla\Firefox\Profiles\qyovrhwj.default\extensions\ffxtlbr@babylon.com
[2012/10/31 23:38:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\patricia\AppData\Roaming\mozilla\Firefox\Profiles\qyovrhwj.default\extensions\staged
[2012/07/01 11:11:30 | 000,000,000 | ---D | M] (Auslogics Toolbar) -- C:\Users\patricia\AppData\Roaming\mozilla\Firefox\Profiles\qyovrhwj.default\extensions\toolbar@ask.com
[2012/10/31 22:53:34 | 000,189,128 | ---- | M] () (No name found) -- C:\Users\patricia\AppData\Roaming\mozilla\firefox\profiles\qyovrhwj.default\extensions\staged\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
[2012/07/01 11:11:29 | 000,002,323 | ---- | M] () -- C:\Users\patricia\AppData\Roaming\mozilla\firefox\profiles\qyovrhwj.default\searchplugins\askcom.xml
[2012/09/13 14:39:04 | 000,002,223 | ---- | M] () -- C:\Users\patricia\AppData\Roaming\mozilla\firefox\profiles\qyovrhwj.default\searchplugins\BabylonMngr.xml
[2012/06/18 12:48:12 | 000,002,650 | ---- | M] () -- C:\Users\patricia\AppData\Roaming\mozilla\firefox\profiles\qyovrhwj.default\searchplugins\bing.xml
[2012/10/31 23:38:38 | 000,003,983 | ---- | M] () -- C:\Users\patricia\AppData\Roaming\mozilla\firefox\profiles\qyovrhwj.default\searchplugins\sweetim.xml
[2012/06/16 22:59:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
File not found (No name found) -- C:\PROGRAMDATA\BROWSER MANAGER\2.3.787.43\{16CDFF19-861D-48E3-A751-D99A27784753}\FIREFOXEXTENSION
File not found (No name found) -- C:\USERS\PATRICIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QYOVRHWJ.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}.XPI
[2012/06/14 23:19:07 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/06/15 01:27:03 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2012/09/13 14:39:10 | 000,002,310 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012/06/15 01:27:03 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/06/15 01:27:03 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2012/06/15 01:27:03 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2012/06/15 01:27:03 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2012/06/15 01:27:03 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
[color=#E56717]========== Chrome ==========[/color]
CHR - homepage: https://home.sweetim.com/?st=17&barid={1A43EEC7-436B-4D16-96EF-D03D7076D08E}
CHR - Extension: No name found = C:\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaoccmlobjijkmfemmhallncnlnmeh\7.15.4.0_0\
CHR - Extension: No name found = C:\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok\5.6.8\
CHR - Extension: No name found = C:\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: No name found = C:\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: No name found = C:\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\Copy of
CHR - Extension: No name found = C:\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\
CHR - Extension: No name found = C:\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: No name found = C:\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\
CHR - Extension: No name found = C:\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
CHR - Extension: No name found = C:\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaoccmlobjijkmfemmhallncnlnmeh\7.15.4.0_0\
CHR - Extension: No name found = C:\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok\5.6.8\
CHR - Extension: No name found = C:\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: No name found = C:\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: No name found = C:\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\Copy of
CHR - Extension: No name found = C:\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\
CHR - Extension: No name found = C:\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: No name found = C:\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\
CHR - Extension: No name found = C:\Users\patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Shopping Assistant Plugin) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files\PriceGong\2.6.8\PriceGongIE.dll (PriceGong)
O2 - BHO: (WiseConvert 1.5 Toolbar) - {19803860-b306-423c-bbb5-f60a7d82cde5} - C:\Program Files\WiseConvert_1.5\prxtbWise.dll (Conduit Ltd.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (TBSB01620 Class) - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - C:\Program Files\IMinent Toolbar\tbcore3.dll File not found
O2 - BHO: (Auslogics Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (WiseConvert 1.5 Toolbar) - {19803860-b306-423c-bbb5-f60a7d82cde5} - C:\Program Files\WiseConvert_1.5\prxtbWise.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files\IMinent Toolbar\tbcore3.dll File not found
O3 - HKLM\..\Toolbar: (Auslogics Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\..\Toolbar\WebBrowser: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files\IMinent Toolbar\tbcore3.dll File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)
O4 - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O7 - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{32BEAC0F-8318-452E-B81D-AA0224160907}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8E796CD5-2ED3-41F1-A678-23039DC19951}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~2\browse~1\23787~1.43\{16cdf~1\browse~1.dll) - File not found
O20 - AppInit_DLLs: (c:\progra~2\browse~1\22643~1.41\{16cdf~1\browse~1.dll) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\patricia\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\patricia\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKU\S-1-5-21-2711527829-4142813153-3901544507-1000..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2013/01/10 15:55:25 | 000,000,000 | ---D | C] -- C:\Users\patricia\Desktop\RK_Quarantine
[2013/01/10 12:32:21 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{89C6887C-9DFF-482D-AD98-89DAEA131429}
[2013/01/09 16:00:49 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Roaming\Avira
[2013/01/09 15:55:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2013/01/09 15:54:56 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2013/01/09 15:54:55 | 000,134,336 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2013/01/09 15:54:55 | 000,036,552 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2013/01/09 15:54:54 | 000,083,944 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2013/01/09 15:54:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2013/01/09 15:54:53 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2013/01/09 14:05:59 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paris 1925 - L Ombre du Fantome - Les grands debut d'Edgar Lance
[2013/01/09 14:05:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paris 1925 - L Ombre du Fantome - Les grands debut d'Edgar Lance
[2013/01/09 14:05:59 | 000,000,000 | ---D | C] -- C:\Program Files\Paris 1925 - L Ombre du Fantome - Les grands debut d'Edgar Lance
[2013/01/09 12:38:26 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{1983FA32-94C0-42D7-94D6-57F4EC7051AF}
[2013/01/08 14:31:53 | 000,000,000 | ---D | C] -- C:\Users\patricia\Documents\Mes fichiers reçus - Copie
[2013/01/08 14:31:53 | 000,000,000 | ---D | C] -- C:\Users\patricia\Documents\Mes documents PaperPort
[2013/01/08 11:01:21 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{4175E00F-A398-4F1D-8AC4-7C77EA4774CB}
[2013/01/07 12:35:04 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Le Merveilleux Pays de Noel 3
[2013/01/07 12:35:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Le Merveilleux Pays de Noel 3
[2013/01/07 12:35:04 | 000,000,000 | ---D | C] -- C:\Program Files\Le Merveilleux Pays de Noel 3
[2013/01/07 12:30:52 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Web of Deceit - La Veuve Noire Edition Collector
[2013/01/07 12:30:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Web of Deceit - La Veuve Noire Edition Collector
[2013/01/07 12:30:52 | 000,000,000 | ---D | C] -- C:\Program Files\Web of Deceit - La Veuve Noire Edition Collector
[2013/01/07 08:54:50 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{61798A03-7D33-4041-B7C5-0540A90A2C04}
[2013/01/06 15:20:11 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tales of Terror - L'Aube Pourpre
[2013/01/06 15:20:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tales of Terror - L'Aube Pourpre
[2013/01/06 15:20:11 | 000,000,000 | ---D | C] -- C:\Program Files\Tales of Terror - L'Aube Pourpre
[2013/01/06 11:56:33 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{85BC7A6D-25EA-4BDF-806F-B90D0F7BA741}
[2013/01/05 22:49:52 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{B64F7EED-BAFB-45A7-8F19-130DC14B6426}
[2013/01/05 09:36:23 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{DF377047-C184-44B9-8FBD-5DA67C4F36C4}
[2013/01/04 14:44:45 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Roaming\unikgame
[2013/01/04 12:35:45 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{3F1B4508-345C-46E6-987F-4342716D2B0B}
[2013/01/03 12:02:31 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Roaming\EleFun Games
[2013/01/03 11:48:29 | 000,000,000 | ---D | C] -- C:\Program Files\Mayan Prophecies - Le Bateau Fantome Edition Collector
[2013/01/03 09:20:56 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{AED4A1F7-520E-4381-B103-2297150C0675}
[2013/01/02 16:04:21 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Roaming\FOP
[2013/01/02 12:34:16 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{C6447FC5-4837-4629-9D3F-ACD0EF0FA791}
[2013/01/01 17:05:59 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{7E9D9C83-27CF-4821-AE67-3A9203D47AA7}
[2012/12/30 22:59:35 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{B3597A6B-1948-4F20-AA5C-84B47B38DD17}
[2012/12/30 10:05:47 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{968CADDD-B1D4-482B-9224-EA7711C704D2}
[2012/12/29 21:26:57 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{5725DB89-BB14-4EB9-820F-360499B394B7}
[2012/12/29 09:26:34 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{A3884350-D12F-4337-8762-80457BCC5FD7}
[2012/12/28 21:06:27 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{2BA534CE-AF4B-4904-A02A-F0ABADA822A5}
[2012/12/28 09:05:52 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{038393F7-398C-4DEE-829F-E66C9A913816}
[2012/12/27 12:36:48 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{6E33FAF5-7B1D-45D1-9BD7-090E59A63A19}
[2012/12/26 12:32:00 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{9646C23B-1D61-44AE-AE77-E2EED9F1FD94}
[2012/12/25 09:25:35 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{063A8A96-2FDE-49BD-A22E-A392AE6A5E3B}
[2012/12/24 10:15:26 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{CE8AEE57-753B-4C9E-ACB2-84FA39539F1A}
[2012/12/23 10:37:33 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{92087CD4-A238-430E-849E-E36816A09BD7}
[2012/12/22 22:37:35 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{0A8A69F1-BB56-4EBD-9596-F6DCC9C72B97}
[2012/12/22 09:26:04 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{48EAD331-D73E-4984-9AD8-5D8661F568A9}
[2012/12/22 00:03:59 | 000,293,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012/12/22 00:03:59 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012/12/21 21:11:09 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{677C5C20-C4BC-4CA2-881B-537953E0785A}
[2012/12/21 15:33:46 | 000,000,000 | ---D | C] -- C:\Program Files\Christmas Stories - Casse-Noisette Edition Collector
[2012/12/21 09:10:47 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{015C15C6-8EB0-4F45-8133-870C614BE3E6}
[2012/12/20 15:23:14 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Roaming\SecretsOfTheTitanic
[2012/12/20 15:22:18 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Roaming\Hidden Objects Expert
[2012/12/20 12:33:22 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{C105D15B-411E-4673-B79B-5375744A44D1}
[2012/12/19 12:34:47 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{182A7178-0425-4C22-9B9B-49DC7DC623BA}
[2012/12/18 13:39:21 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Roaming\Rainbow
[2012/12/18 10:59:57 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{45920A79-9674-4307-A768-53286BD684C3}
[2012/12/17 10:31:30 | 000,000,000 | ---D | C] -- C:\Program Files\Grim Tales - Les Souhaits
[2012/12/17 10:18:54 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{92A05A7F-8494-4B10-8141-8D395F9FBB50}
[2012/12/16 11:22:12 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{D9380095-C9EB-4A70-89E0-71475B794482}
[2012/12/15 09:34:25 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{ED861C57-0960-43D5-B46A-AAF10ECCA094}
[2012/12/14 22:41:06 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Roaming\torrent
[2012/12/14 17:16:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2012/12/14 12:39:20 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{65C44CC4-93B4-40F4-B5DE-D87D30F83958}
[2012/12/13 12:46:08 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/12/13 12:46:07 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/12/13 12:46:06 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012/12/13 12:46:06 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/12/13 12:46:06 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/12/13 12:46:04 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/12/13 12:46:04 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/12/13 12:46:02 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/12/13 12:44:01 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll
[2012/12/13 12:43:59 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2012/12/13 12:43:59 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2012/12/13 12:43:59 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winusb.dll
[2012/12/13 12:43:58 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2012/12/13 12:43:57 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2012/12/13 12:37:02 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{BD35730C-1C1B-4FA9-9E28-E214A6CB08E7}
[2012/12/12 12:41:59 | 002,048,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/12/12 12:41:56 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll
[2012/12/12 12:41:56 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnsvr.exe
[2012/12/12 12:41:51 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012/12/12 12:33:42 | 000,000,000 | ---D | C] -- C:\Users\patricia\AppData\Local\{65223508-F385-4828-8A0B-C3D811C9318A}
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2013/01/10 16:23:30 | 000,028,124 | ---- | M] () -- C:\ProgramData\nvModes.001
[2013/01/10 16:23:21 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/10 16:23:18 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/10 16:23:17 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/10 16:23:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/10 16:22:21 | 3220,529,152 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/10 15:55:49 | 000,015,616 | ---- | M] () -- C:\Windows\System32\drivers\TrueSight.sys
[2013/01/10 15:50:00 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/10 15:22:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/01/09 16:22:40 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/01/09 16:22:40 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/01/09 15:55:06 | 000,001,854 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013/01/09 15:17:12 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/01/09 14:07:26 | 000,001,294 | ---- | M] () -- C:\Users\Public\Desktop\Encore plus de jeux.lnk
[2013/01/09 12:37:17 | 000,010,772 | -HS- | M] () -- C:\Users\patricia\AppData\Local\1pb78m8n6he1l1565b3k36w7o7of8ksb88y53s63tpqg0vl
[2013/01/08 16:44:43 | 000,028,124 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2013/01/08 11:44:47 | 000,009,728 | ---- | M] () -- C:\Users\patricia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/01/07 16:39:18 | 000,010,162 | -HS- | M] () -- C:\ProgramData\1pb78m8n6he1l1565b3k36w7o7of8ksb88y53s63tpqg0vl
[2013/01/06 17:23:28 | 000,072,704 | ---- | M] () -- C:\Users\patricia\Documents\cerveau.pps
[2013/01/04 16:34:45 | 001,781,760 | ---- | M] () -- C:\Users\patricia\Documents\NOEL LE PERE NOEL EST.pps
[2012/12/22 09:24:00 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2012/12/22 09:22:49 | 000,399,248 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/12/21 09:15:11 | 000,679,042 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2012/12/21 09:15:11 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/12/21 09:15:11 | 000,126,626 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2012/12/21 09:15:11 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/12/18 11:28:39 | 000,134,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2012/12/18 11:28:39 | 000,083,944 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2012/12/18 11:28:39 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2012/12/16 14:12:54 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012/12/16 11:50:29 | 000,293,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012/12/15 19:14:15 | 000,001,894 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 8.l
A voir également:
- Avira
- Avira gratuit - Télécharger - Antivirus & Antimalwares
- Avira rescue system - Télécharger - Antivirus & Antimalwares
- Avira phantom vpn avis - Guide
- Avira unerase - Télécharger - Récupération de données
- Avira avis forum ✓ - Forum Antivirus
1 réponse
Bonsoir,
Merci de continuer ici : https://forums.commentcamarche.net/forum/affich-26871783-avira
La Modération de CCM
Merci de continuer ici : https://forums.commentcamarche.net/forum/affich-26871783-avira
La Modération de CCM
