OTL logfile created on: 17/04/2013 22:03:14 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\papa\Desktop Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,00 Gb Total Physical Memory | 1,76 Gb Available Physical Memory | 58,56% Memory free 5,99 Gb Paging File | 4,38 Gb Available in Paging File | 73,02% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 149,41 Gb Total Space | 25,99 Gb Free Space | 17,40% Space Free | Partition Type: NTFS Drive D: | 93,50 Gb Total Space | 31,55 Gb Free Space | 33,74% Space Free | Partition Type: NTFS Computer Name: TOSHIBAFLO | User Name: papa | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013/04/17 22:01:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\papa\Downloads\OTL.exe PRC - [2013/04/17 22:01:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\papa\Desktop\OTL.exe PRC - [2013/04/12 05:06:46 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2013/04/01 01:09:32 | 000,615,232 | ---- | M] () -- C:\ProgramData\IBUpdaterService\ibsvc.exe PRC - [2013/04/01 00:30:45 | 000,969,280 | ---- | M] (eSafe Security Co., Ltd.) -- C:\ProgramData\eSafe\eGdpSvc.exe PRC - [2013/03/13 21:25:50 | 001,822,424 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe PRC - [2013/02/22 05:44:12 | 000,169,096 | ---- | M] (APN LLC.) -- C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe PRC - [2013/02/22 05:44:04 | 001,483,912 | ---- | M] (APN) -- C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe PRC - [2013/02/15 22:34:54 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2013/02/15 22:34:23 | 000,565,472 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE PRC - [2013/02/15 22:34:20 | 000,079,584 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2013/02/15 22:34:15 | 000,400,608 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe PRC - [2013/02/15 22:34:13 | 000,385,248 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2013/02/15 22:34:13 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2013/01/10 09:02:16 | 000,844,144 | ---- | M] (Samsung) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe PRC - [2013/01/10 09:02:12 | 000,310,128 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe PRC - [2013/01/10 09:02:08 | 001,475,952 | ---- | M] (Samsung) -- C:\Program Files\Samsung\Kies\Kies.exe PRC - [2012/12/18 14:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012/12/18 01:10:18 | 000,578,560 | ---- | M] (Samsung Electronics) -- C:\Program Files\Samsung\Kies\KiesAirMessage.exe PRC - [2012/11/23 02:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2012/09/13 02:09:44 | 000,196,112 | ---- | M] (Nitro PDF Software) -- C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe PRC - [2012/07/04 06:21:18 | 000,453,632 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2012/07/04 06:20:42 | 000,217,088 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2012/05/30 14:00:02 | 000,013,632 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2012/05/30 14:00:00 | 000,284,480 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe PRC - [2011/12/30 09:11:12 | 000,138,240 | ---- | M] () -- C:\Program Files\V3000 Connection Manager\cm\UIExec.exe PRC - [2011/12/30 09:11:12 | 000,061,440 | ---- | M] () -- C:\Program Files\V3000 Connection Manager\cm\ssax226.exe PRC - [2011/05/23 15:13:10 | 000,049,752 | ---- | M] () -- C:\Program Files\MOOV INTERNET\BackgroundService\ServiceManager.exe PRC - [2011/02/25 05:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010/12/07 10:17:08 | 000,102,400 | ---- | M] () -- C:\Program Files\MOOV INTERNET\BackgroundService\ModemListener.exe PRC - [2010/04/07 12:57:42 | 000,099,896 | ---- | M] (HP) -- C:\Windows\System32\HPSIsvc.exe PRC - [2009/11/10 17:57:00 | 000,738,616 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe PRC - [2009/11/05 22:04:20 | 000,468,320 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe PRC - [2009/11/05 22:04:12 | 000,480,608 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe PRC - [2009/08/13 12:31:24 | 000,521,528 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe PRC - [2009/08/10 19:55:46 | 000,185,712 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe PRC - [2009/03/10 18:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013/04/12 05:06:46 | 003,133,336 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2013/03/13 21:25:49 | 014,717,144 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_6_602_180.dll MOD - [2013/02/15 22:44:36 | 006,332,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceHost\3fde2925b35c0601e6ccba563b1ae699\DeviceHost.ni.dll MOD - [2013/02/15 22:44:19 | 002,212,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\ffc968d3d46c92aec7c669de7f2511e3\Kies.Common.Multimedia.ni.dll MOD - [2013/02/15 22:44:16 | 000,206,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\27b7e5803ef4dfce348222b595f4aba1\Kies.Common.MainUI.ni.dll MOD - [2013/02/15 22:44:15 | 000,279,552 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\b04785775fdd28cb54ff837f57762aa0\Kies.Common.Util.ni.dll MOD - [2013/02/15 22:44:14 | 001,920,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\75568f572017a624789552ac1d070731\Kies.UI.ni.dll MOD - [2013/02/15 22:44:12 | 000,160,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\f69842a59a80267c673735eab7b0bcd3\GongSolutions.Wpf.DragDrop.ni.dll MOD - [2013/02/15 22:44:08 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7d8f6866864f78cf83d3701641c46178\System.ServiceProcess.ni.dll MOD - [2013/02/15 22:43:45 | 002,064,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\71081ef102d16b6f3d375d11f94d966b\Kies.ni.exe MOD - [2013/02/15 22:41:29 | 000,240,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\78967b28f748b8807eaa97c1cb454adc\WindowsFormsIntegration.ni.dll MOD - [2013/02/15 22:30:55 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll MOD - [2013/02/15 22:30:40 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll MOD - [2013/02/11 02:03:19 | 013,022,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\1fcda9f011f6d0c66a746971de12ce06\Kies.Theme.ni.dll MOD - [2013/02/11 02:03:18 | 000,615,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\53a3fc1526556ee56e4146386d4f1f3e\DevicePodcast.ni.dll MOD - [2013/02/11 02:03:18 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DummyStorePlugin\54c3c22053264729fde00785baf21eb9\DummyStorePlugin.ni.dll MOD - [2013/02/11 02:03:16 | 000,293,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\4a9856716a79bc4428d95f2ac4baaab4\DeviceVideo.ni.dll MOD - [2013/02/11 02:03:15 | 000,347,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\0a8abeddf9d558b1d04a9ab02b38544e\DevicePhoto.ni.dll MOD - [2013/02/11 02:03:15 | 000,305,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceMusic\2c10eb854f72733ea6e0a78454562eaf\DeviceMusic.ni.dll MOD - [2013/02/11 02:03:14 | 000,470,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\VideoManager\b65d47131444a21c14b4005daa677d0e\VideoManager.ni.dll MOD - [2013/02/11 02:03:13 | 000,774,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PhotoManager\a935675c6e45ddc5603aea9ae6b981b7\PhotoManager.ni.dll MOD - [2013/02/11 02:03:12 | 001,123,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Podcaster\81f1017c584ff791b4d584d451af6aaa\Podcaster.ni.dll MOD - [2013/02/11 02:02:50 | 000,038,912 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\ff3157a926a4c62bd7c4fc462b44d4ae\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll MOD - [2013/02/11 02:02:36 | 003,536,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Pims\0ea7dd36a59cc152ee1a670e9e2419e5\Kies.Common.Pims.ni.dll MOD - [2013/02/11 02:02:32 | 001,937,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Phonebook\dff089401389660b798fff1a336ab751\Phonebook.ni.dll MOD - [2013/02/11 02:02:29 | 000,024,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\lib_Samsung_WitchPl#\0f6a68e21e4894592e16856189b20199\lib_Samsung_WitchPlaylist_v0.1.ni.dll MOD - [2013/02/11 02:02:28 | 000,700,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceCommonLib\dfa2597f83294276d546f10fab0f9784\DeviceCommonLib.ni.dll MOD - [2013/02/11 02:02:27 | 000,721,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Plugin.Content#\a33920e969c157c822450bfaa23c62d4\Kies.Plugin.ContentsManagerLib.ni.dll MOD - [2013/02/11 02:02:26 | 000,944,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\MusicManager\5a8c5c9af09486d2a2ae1ac253309416\MusicManager.ni.dll MOD - [2013/02/11 02:02:24 | 000,403,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\BATPlugin\8bf212e316537432a2356c88f3bb6f4d\BATPlugin.ni.dll MOD - [2013/02/11 02:02:17 | 000,029,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\017429623044d5a3e9aa2aeef7d00017\Kies.Common.StoreManager.ni.dll MOD - [2013/02/11 02:02:16 | 000,516,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\8bb1cf762dcfd25fa6fec281620a67e3\Kies.Common.MediaDB.ni.dll MOD - [2013/02/11 02:02:15 | 000,232,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\52207264bac5068c2de665b3f41e8964\ASF_cSharpAPI.ni.dll MOD - [2013/02/11 02:02:15 | 000,063,488 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\3b13bd2ffd57d5a08bfb85636513922d\Kies.Common.AllShare.ni.dll MOD - [2013/02/11 02:02:15 | 000,043,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.FUSCryptLib\7296ee8d41eeb2bcc543df81eea19ebe\Interop.FUSCryptLib.ni.dll MOD - [2013/02/11 02:02:14 | 000,283,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\01712ee03819a469afeb6959cf353510\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll MOD - [2013/02/11 02:02:14 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\fdd5b592fb9ac74a9da256fa884ae5a3\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll MOD - [2013/02/11 02:02:13 | 000,571,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\5ff671ad98a74cfc1dee4a439fb8728e\Kies.Common.DeviceServiceLib.FileService.ni.dll MOD - [2013/02/11 02:02:13 | 000,175,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\d1baf93e68f207b043f0861c5ee2d7ea\Interop.DevFileServiceLib.ni.dll MOD - [2013/02/11 02:02:13 | 000,062,464 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.CDBurnCOMLib\c1739a9b18cf8b334e60bfc1e4d126db\Interop.CDBurnCOMLib.ni.dll MOD - [2013/02/11 02:02:12 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.SyncService#\6169b94e04d363fb40d22ff30aaf24df\Interop.SyncServiceLib.ni.dll MOD - [2013/02/11 02:02:11 | 000,624,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\57a3553bbf6667ae14d38bdb66f605a2\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll MOD - [2013/02/11 02:02:10 | 000,083,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceManag#\d410d0b24dd23bff0ee0803559dd90ea\Interop.DeviceManagerLib.ni.dll MOD - [2013/02/11 02:02:10 | 000,018,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceServi#\ed97f510e91aff4e4f00987ec1fb8b70\Interop.DeviceServiceModelDBLib.ni.dll MOD - [2013/02/11 02:02:09 | 000,916,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\9460c2f1cd8312cce38c27387b47a5c7\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll MOD - [2013/02/11 02:02:09 | 000,184,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\2c72efd53cc6951822e9782f762e0950\Kies.Common.DeviceServiceLib.Interface.ni.dll MOD - [2013/02/11 02:02:09 | 000,062,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceDataS#\0a17379e34031a7d1828d29a442a0b66\Interop.DeviceDataServiceLib.ni.dll MOD - [2013/02/11 02:02:09 | 000,053,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.ConnectionM#\9f58a36246af15635bcce1b3ccc1c6d3\Interop.ConnectionManagerLib.ni.dll MOD - [2013/02/11 02:02:07 | 001,069,056 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\8ef5fbc0a676c0d547d53ba5249c34e7\Kies.Common.DeviceService.ni.dll MOD - [2013/02/11 02:02:05 | 000,032,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\b2c7788a3e89dfe8758d6184bac1b663\Interop.OGGFileInfoCOMLib.ni.dll MOD - [2013/02/11 02:02:04 | 000,171,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\111be4cc197cabb6340170eeb54ae535\Interop.P3MPINTERFACECTRLLib.ni.dll MOD - [2013/02/11 02:02:04 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\5f0b67eb5313c092d5b8b56426dd30e2\Interop.MP3FileInfoCOMLib.ni.dll MOD - [2013/02/11 02:02:04 | 000,030,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\7316848f01ce1da27fc2d701f32cae0d\Interop.PRPLAYERCORELib.ni.dll MOD - [2013/02/11 02:01:54 | 000,066,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\2a6cd90bb628de35d70c9dba6897d013\Kies.Common.DBManager.ni.dll MOD - [2013/02/11 02:01:49 | 000,743,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ICSharpCode.SharpZi#\0969ff5a4924da7d8c6ebd3fca8f154b\ICSharpCode.SharpZipLib.ni.dll MOD - [2013/02/11 02:01:48 | 000,395,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CabLib\af22e5bb6307e2882abe5fbdb3c00c8e\CabLib.ni.dll MOD - [2013/02/11 02:01:48 | 000,108,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.CRMMana#\c7db33ddaee23e7ec8a3458fde5b50eb\Kies.Common.CRMManager.ni.dll MOD - [2013/02/11 02:01:47 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\4f4243b3bc2e4cdf0ec6e7ad5559aa20\Interop.DeviceSearchLib.ni.dll MOD - [2013/02/11 02:01:46 | 001,558,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\83ea8d246c90eeee2b100f01994eef5b\Kies.Locale.ni.dll MOD - [2013/02/11 02:01:45 | 000,078,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\0bbdc52b6dd44363e4a194ee8bd8a460\Kies.MVVM.ni.dll MOD - [2013/02/11 02:01:40 | 001,223,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\7ed89054a3bdd9dbbf1cce0e0b592d78\Kies.Interface.ni.dll MOD - [2013/02/11 02:00:57 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\7a33af3fa6a140afb8ab0d9190ab2c9d\System.Runtime.Remoting.ni.dll MOD - [2013/02/11 02:00:43 | 001,812,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\40c7a89fe2cbf3c12a2c39e034da54cf\System.Xaml.ni.dll MOD - [2013/02/10 22:50:35 | 018,022,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\b8e60f81fd56934c9f9da7b15bee3376\PresentationFramework.ni.dll MOD - [2013/02/10 22:50:21 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fc476bbac36944e352c2f547352ffa64\System.Xml.ni.dll MOD - [2013/02/10 22:50:17 | 011,522,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\932901ff0ad5e365ffbe705d7459a37e\PresentationCore.ni.dll MOD - [2013/02/10 22:50:16 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\7cd4aa51f6e6b9330b8f50bba8bb62c6\System.Configuration.ni.dll MOD - [2013/02/10 22:50:10 | 007,070,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\b519f42484e1d488662a9a8a87cb8849\System.Core.ni.dll MOD - [2013/02/10 22:50:05 | 003,883,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\8abaedf6aecb073b22f8801aa0b8babf\WindowsBase.ni.dll MOD - [2013/02/10 22:49:59 | 009,095,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f93dca0e4baa1dcb37cf75392b7c89da\System.ni.dll MOD - [2013/02/10 22:49:51 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\6a1ccc1e1a79ce267d3d1808af382cd6\mscorlib.ni.dll MOD - [2013/01/24 11:16:54 | 001,050,112 | ---- | M] () -- c:\progra~1\browse~1\sprote~1.dll MOD - [2013/01/11 11:02:09 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\77dfcfed5fd5f67d0d3edc545935bb21\System.Core.ni.dll MOD - [2013/01/11 11:00:35 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\a9f8b35698a9a28f22861f7b814b79bc\IAStorCommon.ni.dll MOD - [2013/01/11 11:00:34 | 000,489,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\c484ce0997e68573a00dc6cddf16e2ac\IAStorUtil.ni.dll MOD - [2013/01/11 10:31:18 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll MOD - [2013/01/11 10:30:59 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll MOD - [2013/01/11 10:30:44 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll MOD - [2013/01/11 10:30:19 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll MOD - [2013/01/11 10:30:15 | 000,060,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\23da92e38ffc0bbf6673adb1892aa0f4\UIAutomationProvider.ni.dll MOD - [2013/01/11 10:30:14 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll MOD - [2013/01/11 10:29:57 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll MOD - [2013/01/11 10:29:43 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll MOD - [2013/01/11 10:29:39 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll MOD - [2013/01/11 10:29:38 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll MOD - [2013/01/11 10:29:17 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll MOD - [2012/07/04 01:16:08 | 000,369,152 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll MOD - [2011/12/30 09:11:12 | 000,138,240 | ---- | M] () -- C:\Program Files\V3000 Connection Manager\cm\UIExec.exe MOD - [2010/12/07 10:17:08 | 000,102,400 | ---- | M] () -- C:\Program Files\MOOV INTERNET\BackgroundService\ModemListener.exe MOD - [2010/11/13 00:58:32 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll MOD - [2010/11/05 02:00:10 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_fr_b77a5c561934e089\System.resources.dll MOD - [2010/03/15 11:28:22 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\rarext.dll MOD - [2009/11/03 13:26:26 | 000,058,680 | ---- | M] () -- C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll MOD - [2009/10/18 15:20:10 | 007,980,344 | ---- | M] () -- C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll MOD - [2009/07/29 15:35:38 | 000,014,648 | ---- | M] () -- C:\Program Files\Toshiba\TBS\NotifyTBS.dll MOD - [2009/07/14 08:39:17 | 000,245,760 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationFramework.resources.dll MOD - [2009/03/12 19:08:04 | 000,049,152 | ---- | M] () -- C:\Program Files\Toshiba\PCDiag\NotifyPCD.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2013/04/12 05:06:46 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013/04/01 01:09:32 | 000,615,232 | ---- | M] () [Auto | Running] -- C:\ProgramData\IBUpdaterService\ibsvc.exe -- (IBUpdaterService) SRV - [2013/04/01 00:30:45 | 000,969,280 | ---- | M] (eSafe Security Co., Ltd.) [Auto | Running] -- C:\ProgramData\eSafe\eGdpSvc.exe -- (eSafeSvc) SRV - [2013/03/13 21:25:50 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/02/28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013/02/22 05:44:12 | 000,169,096 | ---- | M] (APN LLC.) [Auto | Running] -- C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe -- (APNMCP) SRV - [2013/02/15 22:34:54 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2013/02/15 22:34:23 | 000,565,472 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService) SRV - [2013/02/15 22:34:15 | 000,400,608 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService) SRV - [2013/02/15 22:34:13 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012/12/18 14:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012/09/16 03:41:28 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2012/09/13 02:09:44 | 000,196,112 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe -- (NitroReaderDriverReadSpool2) SRV - [2012/09/02 13:56:32 | 000,312,264 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice) SRV - [2012/07/04 06:20:42 | 000,217,088 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2012/05/30 14:00:02 | 000,013,632 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2011/12/30 09:11:12 | 000,061,440 | ---- | M] () [Auto | Running] -- C:\Program Files\V3000 Connection Manager\cm\ssax226.exe -- (ssax226) SRV - [2011/05/23 15:13:10 | 000,049,752 | ---- | M] () [Auto | Running] -- C:\Program Files\MOOV INTERNET\BackgroundService\ServiceManager.exe -- (Moov_Togo Wave Modem Device Helper) SRV - [2010/06/25 17:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) SRV - [2010/04/07 12:57:42 | 000,099,896 | ---- | M] (HP) [Auto | Running] -- C:\Windows\System32\HPSIsvc.exe -- (HPSIService) SRV - [2009/11/05 22:04:20 | 000,468,320 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv) SRV - [2009/08/10 19:55:46 | 000,185,712 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe -- (cfWiMAXService) SRV - [2009/07/14 01:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009/07/14 01:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2009/03/10 18:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\dgderdrv.sys -- (dgderdrv) DRV - [2013/04/01 00:33:21 | 000,094,208 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ezplay.sys -- (ezplay) DRV - [2013/03/27 08:33:09 | 000,466,008 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd) DRV - [2012/12/17 19:29:58 | 000,134,336 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2012/12/17 19:29:57 | 000,083,944 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2012/11/24 18:02:05 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2012/11/24 18:02:05 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2012/10/26 20:03:22 | 000,187,736 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxDrv.sys -- (VBoxDrv) DRV - [2012/10/26 20:03:06 | 000,104,280 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV - [2012/10/26 20:02:10 | 000,115,544 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt) DRV - [2012/10/26 20:02:10 | 000,094,040 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon) DRV - [2012/09/28 21:52:10 | 000,064,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d) DRV - [2012/09/20 04:35:36 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm) DRV - [2012/09/20 04:35:36 | 000,083,168 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus) DRV - [2012/08/23 14:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2012/08/23 14:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2012/07/04 06:58:12 | 010,070,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2012/07/04 06:58:12 | 010,070,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag) DRV - [2012/07/04 05:10:30 | 000,290,304 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap) DRV - [2012/06/27 08:37:56 | 000,123,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdm.sys -- (ss_mdm) DRV - [2012/06/27 08:37:56 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bus.sys -- (ss_bus) DRV - [2012/06/27 08:37:56 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdfl.sys -- (ss_mdfl) DRV - [2012/06/11 22:23:54 | 000,122,752 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tinspusb.sys -- (USBTINSP) DRV - [2012/02/23 12:31:58 | 000,086,544 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService) DRV - [2011/12/30 09:11:12 | 000,340,992 | ---- | M] (Beceem communications pvt ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\drxvi314.sys -- (bcm) DRV - [2011/12/30 09:11:12 | 000,048,768 | ---- | M] (Beceem communications pvt ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BcmBusCtr.sys -- (bcmbusctr) DRV - [2011/07/21 20:55:50 | 000,016,640 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2) DRV - [2011/03/04 10:12:38 | 000,106,112 | ---- | M] (TCT International Mobile Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jrdusbser.sys -- (jrdusbser) DRV - [2010/11/20 09:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010/06/25 17:07:14 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (NPF) DRV - [2010/05/28 06:25:04 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2010/01/13 16:36:40 | 006,755,840 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5s32.sys -- (NETw5s32) DRV - [2009/07/14 16:28:42 | 000,023,512 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ) DRV - [2009/07/13 22:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) DRV - [2009/06/24 18:23:12 | 000,159,776 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService) DRV - [2009/06/22 17:04:58 | 000,024,064 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PGEffect.sys -- (PGEffect) DRV - [2006/11/19 22:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_medium=mlv&from=mlv&uid=TOSHIBAXMK3255GSX_893HC2RPTXX893HC2RPT&ts=1364776179 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_medium=mlv&from=mlv&uid=TOSHIBAXMK3255GSX_893HC2RPTXX893HC2RPT&ts=1364776179 IE - HKLM\..\URLSearchHook: {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - No CLSID value found IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.qvo6.com/web/?utm_source=b&utm_medium=mlv&from=mlv&uid=TOSHIBAXMK3255GSX_893HC2RPTXX893HC2RPT&ts=3604550 IE - HKLM\..\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}: "URL" = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=nv1&chnl=nv1&cd=2XzuyEtN2Y1L1QzutDzztDtDtByBtDtD0EtDyB0F0F0C0DtDtN0D0Tzu0CtAtBzztN1L2XzutBtFtBtFtDtFtAyEyE&cr=1315499698 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = http://search.babylon.com/?tt=120912_cpc_3712_2&babsrc=HP_ss&mntrId=4072fcd0000000000000001e33f435a8 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_medium=mlv&from=mlv&uid=TOSHIBAXMK3255GSX_893HC2RPTXX893HC2RPT&ts=1364776179 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?l=dis&o=APN10460&gct=hp&apn_ptnrs=^AKK&apn_dtid=^YYYYYY^YY^CI&p2=^AKK^YYYYYY^YY^CI&tpid=FF3&apn_dbr=ff_19.0 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F7 CE BA 58 DF 92 CD 01 [binary data] IE - HKCU\..\URLSearchHook: {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - No CLSID value found IE - HKCU\..\URLSearchHook: {bfc39e47-d643-4dc2-aa1d-61377501c844} - No CLSID value found IE - HKCU\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.) IE - HKCU\..\SearchScopes,BrowserMngrDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=17425&tt=4312_1&babsrc=SP_def&mntrId=4072fcd0000000000000001e33f435a8 IE - HKCU\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.qvo6.com/web/?utm_source=b&utm_medium=mlv&from=mlv&uid=TOSHIBAXMK3255GSX_893HC2RPTXX893HC2RPT&ts=3604550 IE - HKCU\..\SearchScopes\{9B1D9BAB-CCAC-4B58-9FE9-094C3E944D0D}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10267&src=kw&q={searchTerms}&locale=fr_CI&apn_ptnrs=^AGY&apn_dtid=^YYYYYY^YY^CI&apn_uid=86bf14d3-5215-4d60-bbd2-6b94cc96b71b&apn_sauid=5A7C9787-7B76-49BF-BEE3-2ADCC05383E5 IE - HKCU\..\SearchScopes\{B4EB0E0E-430D-4676-A9F7-754926FAA881}: "URL" = http://search.creativetoolbars.com/results?src=tb&id=smartbar&g=&q={searchTerms} IE - HKCU\..\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}: "URL" = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=nv1&chnl=nv1&cd=2XzuyEtN2Y1L1QzutDzztDtDtByBtDtD0EtDyB0F0F0C0DtDtN0D0Tzu0CtAtBzztN1L2XzutBtFtBtFtDtFtAyEyE&cr=1315499698 IE - HKCU\..\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}: "URL" = http://www.ask.com/web?l=dis&o=APN10147&gct=sb&qsrc=2869&apn_dtid=^YYYYYY^YY^US&apn_ptnrs=^A6E&apn_uid=0226520744744373&p2=^A6E^YYYYYY^YY^US&q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "Ask Search" FF - prefs.js..browser.search.defaultenginename: "Ask Search" FF - prefs.js..browser.search.defaultenginename,S: S", "" FF - prefs.js..browser.search.defaultthis.engineName: "" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.order.1: "qvo6" FF - prefs.js..browser.search.order.1,S: S", "" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.selectedEngine,S: S", "" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.google.fr" FF - prefs.js..extensions.enabledAddons: SpecialSavings%40SpecialSavings.com:2.0.0.1 FF - prefs.js..extensions.enabledAddons: statuswinks%40StatusWinks:1.0.0.5 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1 FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "" FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "" FF - prefs.js..browser.startup.homepage: "" FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "" FF - prefs.js..keyword.URL: "" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files\Nitro PDF\Reader 2\npnitromozilla.dll ( ) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\papa\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\papa\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\papa\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\papa\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\papa\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\statuswinks@StatusWinks: C:\Users\papa\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks [2013/04/01 01:10:37 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/04/12 05:06:46 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\statuswinks@StatusWinks: C:\Users\papa\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks [2013/04/01 01:10:37 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/04/12 05:06:46 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/04/01 01:10:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\papa\AppData\Roaming\mozilla\Extensions [2013/04/01 01:10:37 | 000,000,000 | ---D | M] (Smiley Bar for Facebook) -- C:\Users\papa\AppData\Roaming\mozilla\Extensions\statuswinks@StatusWinks [2013/04/04 11:48:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\papa\AppData\Roaming\mozilla\Firefox\Profiles\0zj5wqoi.default\extensions [2013/04/01 01:10:46 | 000,000,000 | ---D | M] (SpecialSavings) -- C:\Users\papa\AppData\Roaming\mozilla\Firefox\Profiles\0zj5wqoi.default\extensions\SpecialSavings@SpecialSavings.com [2013/04/04 11:48:39 | 000,438,788 | ---- | M] () (No name found) -- C:\Users\papa\AppData\Roaming\mozilla\firefox\profiles\0zj5wqoi.default\extensions\toolbar_FF3@apn.ask.com.xpi [2013/03/09 08:35:01 | 000,002,504 | ---- | M] () -- C:\Users\papa\AppData\Roaming\mozilla\firefox\profiles\0zj5wqoi.default\searchplugins\ask-search.xml [2013/04/12 05:06:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2013/04/12 05:06:41 | 000,000,000 | ---D | M] (Click to call with Skype) -- C:\Program Files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013/04/12 05:06:46 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2013/03/07 15:31:03 | 000,001,609 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2012/09/15 10:50:28 | 000,002,275 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\ask.xml [2012/10/28 12:33:21 | 000,002,349 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml [2013/03/07 15:31:04 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2013/03/07 15:31:04 | 000,002,035 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2013/03/07 15:31:04 | 000,001,472 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2013/04/01 00:30:33 | 000,000,738 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\qvo6.xml [2013/03/07 15:31:04 | 000,001,399 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2013/03/07 15:31:04 | 000,001,169 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: () CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - homepage: http://www.ask.com/?l=dis&o=APN10460cr&gct=hp&apn_ptnrs=^AKK&apn_dtid=^YYYYYY^YY^CI&p2=^AKK^YYYYYY^YY^CI&tpid=FF3&apn_dbr=ff_19.0&apn_uid=72841A5D-2511-4690-BAF3-67433C2DB96E&itbv=11.7.1.1319&doi=2013-03-09 CHR - Extension: No name found = C:\Users\papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaamimeahgapmpnnobogologdegcbjg\11.38737_0\ CHR - Extension: No name found = C:\Users\papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaamimeahgapmpnnobogologdegcbjg\11.40840_0\ CHR - Extension: No name found = C:\Users\papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\2.1.3_0\ CHR - Extension: No name found = C:\Users\papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfcpnihmbfoaeoakalclfalkdepgiaje\2.0.0.1\ CHR - Extension: No name found = C:\Users\papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj\7.0.18.1_0\ CHR - Extension: No name found = C:\Users\papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj\7.0.19_0\ CHR - Extension: No name found = C:\Users\papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\flcjcajklmlbpmgckpcmnampagbhhmcp\1.0_0\ CHR - Extension: No name found = C:\Users\papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgojaaaiddhmiiakpejiklijbalpckih\1.0.0.5\ CHR - Extension: No name found = C:\Users\papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbpkiefagocgkmemidfngdkamloieekf\1.0_0\ CHR - Extension: No name found = C:\Users\papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8153_0\ CHR - Extension: No name found = C:\Users\papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_1\ CHR - Extension: No name found = C:\Users\papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\paoponfhfdfnjgddpnpjkambkcgdaaib\2.3.15.10_0\ CHR - Extension: No name found = C:\Users\papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\paoponfhfdfnjgddpnpjkambkcgdaaib\2.3.19.11_0\ O1 HOSTS File: ([2009/06/10 21:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Ask Toolbar) - {46463300-6A76-A76A-76A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\FF3\Passport.dll (APN LLC.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (SpecialSavings) - {938958E8-355C-49FF-92B0-53C1B87ACEA9} - C:\Program Files\SpecialSavings\ScriptHost.dll (SpecialSavings.com) O2 - BHO: (Smiley Bar for Facebook) - {944FEDFD-C4FD-441D-8275-9C651A9FFBDE} - C:\Program Files\Smiley Bar for Facebook\ScriptHost.dll (Status Winks) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (SmartBar Helper Object) - {FD36FEBE-DBA1-4597-9DD1-B13794B92F68} - C:\Program Files\Bechiro S.L\smartbar\1.8.8.12\bh\smartbar.dll (Montera Technologeis LTD) O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC) O3 - HKLM\..\Toolbar: (no name) - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - No CLSID value found. O3 - HKLM\..\Toolbar: (SmartBar Toolbar) - {0CFBE80D-5608-4309-A0F5-3B1414833432} - C:\Program Files\Bechiro S.L\smartbar\1.8.8.12\smartbarTlbr.dll (Montera Technologeis LTD) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {46463300-6A76-A76A-76A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\FF3\Passport.dll (APN LLC.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [ApnTBMon] C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (APN) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation) O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKLM..\Run: [Moov_Togo Wave ModemListener] C:\Program Files\MOOV INTERNET\BackgroundService\ModemListener.exe () O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE (TOSHIBA Corporation) O4 - HKLM..\Run: [TWebCamera] C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.) O4 - HKCU..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung) O4 - HKCU..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics) O4 - HKCU..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung) O4 - HKCU..\Run: [UIExec] C:\Program Files\V3000 Connection Manager\cm\UIExec.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll () O9 - Extra 'Tools' menuitem : Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll () O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O13 - gopher Prefix: missing O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bitdefender.com/qsax/qsax.cab (Bitdefender QuickScan Control) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 8.8.4.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{62C52068-4B95-4191-B07B-5A27211F374F}: DhcpNameServer = 41.206.65.1 213.136.109.2 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{74022D0D-E4C5-4CCC-84BA-24CC121E44CE}: DhcpNameServer = 8.8.8.8 8.8.4.4 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (c:\progra~1\browse~1\sprote~1.dll) - c:\progra~1\browse~1\sprote~1.dll () O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 21:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{32c5d75b-3fd3-11e2-a5f4-001e33f435a8}\Shell - "" = AutoRun O33 - MountPoints2\{32c5d75b-3fd3-11e2-a5f4-001e33f435a8}\Shell\AutoRun\command - "" = F:\Data\setup.exe O33 - MountPoints2\{5afbdd07-5717-11e2-b58d-001e33f435a8}\Shell - "" = AutoRun O33 - MountPoints2\{5afbdd07-5717-11e2-b58d-001e33f435a8}\Shell\AutoRun\command - "" = F:\Data\setup.exe O33 - MountPoints2\{84e8cfd3-43c0-11e2-90fb-001e33f435a8}\Shell - "" = AutoRun O33 - MountPoints2\{84e8cfd3-43c0-11e2-90fb-001e33f435a8}\Shell\AutoRun\command - "" = F:\Setup.exe O33 - MountPoints2\{c77103dc-698a-11e2-8e28-20f3a3e66ae3}\Shell - "" = AutoRun O33 - MountPoints2\{c77103dc-698a-11e2-8e28-20f3a3e66ae3}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (MACHINE BootExecut) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013/04/17 22:02:54 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\papa\Desktop\OTL.exe [2013/04/16 09:51:36 | 000,000,000 | ---D | C] -- C:\Users\papa\AppData\Roaming\NCdownloader [2013/04/16 06:00:20 | 000,000,000 | ---D | C] -- C:\ProgramData\SoftSafe [2013/04/16 05:59:00 | 000,000,000 | ---D | C] -- C:\Users\papa\AppData\Roaming\Systweak [2013/04/16 05:58:40 | 000,000,000 | ---D | C] -- C:\Program Files\BrowseToSave [2013/04/16 05:57:04 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate [2013/04/15 15:16:13 | 000,000,000 | ---D | C] -- C:\Users\papa\Desktop\emploi du 2ème semestre du 15 au 20 avril 2013_fichiers [2013/04/15 00:11:34 | 000,000,000 | ---D | C] -- C:\Users\papa\Desktop\COURS FICHES et SLIDES ALGO 2013 [2013/04/12 05:06:40 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2013/04/11 06:11:18 | 000,000,000 | ---D | C] -- C:\Users\papa\Desktop\TP_PFR [2013/04/09 19:28:26 | 000,000,000 | ---D | C] -- C:\Users\papa\Desktop\Bac Blanc12-13Cned(1) [2013/04/07 11:47:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2013/04/03 08:25:41 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rdpvideominiport.sys [2013/04/03 08:25:41 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe [2013/04/03 08:25:40 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\TsUsbFlt.sys [2013/04/03 08:25:40 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll [2013/04/03 08:25:40 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RdpGroupPolicyExtension.dll [2013/04/03 08:25:39 | 002,739,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorets.dll [2013/04/03 08:25:39 | 000,317,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprt.exe [2013/04/03 08:25:39 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll [2013/04/03 08:25:39 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpudd.dll [2013/04/03 08:25:39 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpendp_winip.dll [2013/04/03 08:25:39 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSWbPrxy.exe [2013/04/03 08:25:39 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsRdpWebAccess.dll [2013/04/03 08:25:39 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll [2013/04/03 08:25:39 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbGDCoInstaller.dll [2013/04/03 08:25:39 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprtPS.dll [2013/04/03 08:19:21 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll [2013/04/03 08:19:17 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll [2013/04/03 08:19:16 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll [2013/04/03 08:19:16 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013/04/03 08:19:16 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013/04/03 08:19:16 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013/04/03 08:19:16 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll [2013/04/03 08:19:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll [2013/04/03 08:19:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013/04/03 08:19:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll [2013/04/03 08:19:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll [2013/04/03 08:19:16 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013/04/03 08:19:15 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmpeg2vdec.dll [2013/04/03 08:19:15 | 001,988,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll [2013/04/03 08:19:15 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll [2013/04/03 08:19:15 | 001,247,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2013/04/03 08:19:15 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll [2013/04/03 08:19:15 | 001,080,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll [2013/04/03 08:19:15 | 000,604,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll [2013/04/03 08:19:15 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll [2013/04/03 08:19:15 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll [2013/04/03 08:19:15 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll [2013/04/03 08:19:15 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll [2013/04/03 08:19:15 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll [2013/04/03 08:19:14 | 003,419,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll [2013/04/03 08:18:30 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll [2013/04/03 08:18:30 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll [2013/04/03 08:18:30 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\System32\fpb.rs [2013/04/03 08:18:30 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\System32\oflc-nz.rs [2013/04/03 08:18:30 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\System32\pegibbfc.rs [2013/04/03 08:18:30 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\System32\csrr.rs [2013/04/03 08:18:30 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\System32\cob-au.rs [2013/04/03 08:18:30 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\System32\usk.rs [2013/04/03 08:18:30 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\System32\grb.rs [2013/04/03 08:18:30 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi-pt.rs [2013/04/03 08:18:30 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi.rs [2013/04/03 08:18:30 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\System32\djctq.rs [2013/04/03 08:18:29 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\System32\cero.rs [2013/04/03 08:18:29 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\System32\esrb.rs [2013/04/03 08:18:29 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\System32\oflc.rs [2013/04/03 08:18:29 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi-fi.rs [2013/04/03 08:18:20 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys [2013/04/03 08:18:16 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe [2013/04/03 08:18:16 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll [2013/04/03 08:18:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll [2013/04/03 08:18:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll [2013/04/03 08:18:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll [2013/04/03 08:18:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll [2013/04/03 08:18:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll [2013/04/03 08:18:15 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll [2013/04/03 08:18:15 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll [2013/04/03 08:18:15 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll [2013/04/03 08:18:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll [2013/04/03 08:18:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll [2013/04/03 08:18:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll [2013/04/03 08:18:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll [2013/04/03 08:18:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll [2013/04/03 08:18:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll [2013/04/03 08:18:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll [2013/04/03 08:18:14 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll [2013/04/03 08:18:14 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll [2013/04/03 08:18:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll [2013/04/03 08:18:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll [2013/04/03 08:18:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll [2013/04/03 08:18:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll [2013/04/03 08:18:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll [2013/04/03 08:18:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll [2013/04/03 08:18:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll [2013/04/03 08:18:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll [2013/04/03 08:18:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll [2013/04/03 08:18:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll [2013/04/03 08:18:02 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll [2013/04/02 23:49:37 | 000,000,000 | ---D | C] -- C:\Users\papa\Desktop\les_masques_de_sous-reseau.pdf_fichiers [2013/04/02 08:14:37 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2013/04/02 08:14:36 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2013/04/02 08:14:36 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2013/04/02 08:14:36 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2013/04/02 08:14:35 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2013/04/02 08:14:35 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2013/04/02 08:14:34 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2013/04/02 08:14:33 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2013/04/02 00:32:22 | 000,000,000 | ---D | C] -- C:\Users\papa\Desktop\DOC_dans_D [2013/04/01 01:10:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OnLine TV Lite [2013/04/01 01:10:45 | 000,000,000 | ---D | C] -- C:\Users\papa\AppData\Roaming\SpecialSavings [2013/04/01 01:10:44 | 000,000,000 | ---D | C] -- C:\Program Files\SpecialSavings [2013/04/01 01:10:36 | 000,000,000 | ---D | C] -- C:\Users\papa\AppData\Roaming\StatusWinks [2013/04/01 01:10:34 | 000,000,000 | ---D | C] -- C:\Program Files\Smiley Bar for Facebook [2013/04/01 01:10:32 | 000,000,000 | ---D | C] -- C:\Users\papa\AppData\Roaming\File Scout [2013/04/01 00:33:21 | 000,094,208 | ---- | C] (VSO Software) -- C:\Windows\System32\drivers\ezplay.sys [2013/04/01 00:33:21 | 000,094,208 | ---- | C] (VSO Software) -- C:\Users\papa\AppData\Roaming\ezplay.sys [2013/04/01 00:31:56 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\papa\AppData\Roaming\pcouffin.sys [2013/04/01 00:31:56 | 000,000,000 | ---D | C] -- C:\Users\papa\AppData\Roaming\Vso [2013/04/01 00:31:56 | 000,000,000 | ---D | C] -- C:\Users\papa\Documents\PcSetup [2013/04/01 00:31:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\337 [2013/04/01 00:30:45 | 000,000,000 | ---D | C] -- C:\ProgramData\eSafe [2013/04/01 00:30:36 | 000,000,000 | ---D | C] -- C:\Users\papa\AppData\Roaming\Desk 365 [2013/04/01 00:30:36 | 000,000,000 | ---D | C] -- C:\Program Files\Desk 365 [2013/04/01 00:19:25 | 000,000,000 | ---D | C] -- C:\Program Files\SlySoft [2013/04/01 00:18:53 | 000,000,000 | ---D | C] -- C:\Users\papa\AppData\Roaming\eIntaller [2013/03/29 20:54:11 | 000,000,000 | ---D | C] -- C:\Users\papa\Desktop\Corrige_CNED6_TES_2013 [2013/03/27 09:18:31 | 000,000,000 | ---D | C] -- C:\Users\papa\Desktop\Portables_France [2013/03/27 08:40:41 | 000,000,000 | ---D | C] -- C:\Users\papa\Documents\Alcohol 120% [2013/03/27 08:33:09 | 000,466,008 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\System32\drivers\sptd.sys [2013/03/27 08:15:33 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump [2013/03/26 18:21:53 | 000,000,000 | ---D | C] -- C:\Users\papa\Desktop\ANNEE_2010_2011 [2013/03/26 18:21:51 | 000,000,000 | ---D | C] -- C:\Users\papa\Desktop\BAC 2012 [2013/03/26 18:21:08 | 000,000,000 | ---D | C] -- C:\Users\papa\Desktop\ANNEE_2011_2012 [2013/03/25 19:38:21 | 000,000,000 | ---D | C] -- C:\Users\papa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cambridge Practice [2013/03/25 19:38:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cambridge Practice [2013/03/25 19:38:20 | 000,000,000 | ---D | C] -- C:\Program Files\Cambridge Practice [2012/09/18 19:38:47 | 000,178,568 | ---- | C] (Ask.com) -- C:\Program Files\Common Files\ApnIC.dll [2012/09/18 19:38:46 | 000,143,240 | ---- | C] (Ask.com) -- C:\Program Files\Common Files\ApnStub.exe [4 C:\Users\papa\Desktop\*.tmp files -> C:\Users\papa\Desktop\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013/04/17 22:01:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\papa\Desktop\OTL.exe [2013/04/17 22:00:00 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013/04/17 21:25:39 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013/04/17 21:25:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/04/17 21:22:00 | 000,001,074 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2973925623-1689673282-2657672084-1000UA.job [2013/04/17 21:16:31 | 000,015,152 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/04/17 21:16:31 | 000,015,152 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/04/17 21:08:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/04/17 21:08:51 | 2414,338,048 | -HS- | M] () -- C:\hiberfil.sys [2013/04/17 20:16:19 | 000,745,806 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2013/04/17 20:16:19 | 000,652,648 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013/04/17 20:16:19 | 000,149,292 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2013/04/17 20:16:19 | 000,121,580 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013/04/17 17:14:51 | 000,001,656 | ---- | M] () -- C:\Windows\System32\ASOROSet.bin [2013/04/17 05:22:00 | 000,001,022 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2973925623-1689673282-2657672084-1000Core.job [2013/04/15 15:16:14 | 000,398,452 | ---- | M] () -- C:\Users\papa\Desktop\emploi du 2ème semestre du 15 au 20 avril 2013.htm [2013/04/14 18:13:04 | 000,000,174 | ---- | M] () -- C:\Users\papa\.packettracer [2013/04/12 01:51:19 | 000,002,359 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013/04/11 19:57:16 | 001,047,175 | ---- | M] () -- C:\Users\papa\Desktop\MMC_sujets_methodes_math_tenseursS074D.pdf [2013/04/11 19:52:54 | 000,157,325 | ---- | M] () -- C:\Users\papa\Desktop\TD3_contraintes.pdf [2013/04/03 23:50:00 | 000,011,279 | ---- | M] () -- C:\Users\papa\gsview32.ini [2013/04/03 21:02:42 | 000,094,208 | ---- | M] (VSO Software) -- C:\Users\papa\AppData\Roaming\ezplay.sys [2013/04/03 21:02:42 | 000,087,608 | ---- | M] () -- C:\Users\papa\AppData\Roaming\inst.exe [2013/04/03 21:02:42 | 000,007,861 | ---- | M] () -- C:\Users\papa\AppData\Roaming\ezplay.cat [2013/04/03 21:02:42 | 000,001,104 | ---- | M] () -- C:\Users\papa\AppData\Roaming\ezplay.inf [2013/04/03 21:02:41 | 000,047,360 | ---- | M] (VSO Software) -- C:\Users\papa\AppData\Roaming\pcouffin.sys [2013/04/03 21:02:41 | 000,007,887 | ---- | M] () -- C:\Users\papa\AppData\Roaming\pcouffin.cat [2013/04/03 21:02:41 | 000,001,144 | ---- | M] () -- C:\Users\papa\AppData\Roaming\pcouffin.inf [2013/04/03 11:44:56 | 790,821,274 | ---- | M] () -- C:\Users\papa\Desktop\Parlez_L_Américain_N°2.nrg [2013/04/02 23:49:37 | 000,335,746 | ---- | M] () -- C:\Users\papa\Desktop\les_masques_de_sous-reseau.pdf.htm [2013/04/01 02:34:25 | 000,000,115 | ---- | M] () -- C:\Users\papa\Desktop\TELE_internet.url [2013/04/01 00:58:51 | 034,426,268 | ---- | M] () -- C:\Users\papa\Documents\Track No20.wav [2013/04/01 00:58:42 | 034,238,108 | ---- | M] () -- C:\Users\papa\Documents\Track No19.wav [2013/04/01 00:58:32 | 051,339,500 | ---- | M] () -- C:\Users\papa\Documents\Track No18.wav [2013/04/01 00:58:17 | 034,454,492 | ---- | M] () -- C:\Users\papa\Documents\Track No17.wav [2013/04/01 00:58:07 | 035,362,364 | ---- | M] () -- C:\Users\papa\Documents\Track No16.wav [2013/04/01 00:57:56 | 040,174,556 | ---- | M] () -- C:\Users\papa\Documents\Track No15.wav [2013/04/01 00:57:44 | 042,423,068 | ---- | M] () -- C:\Users\papa\Documents\Track No14.wav [2013/04/01 00:57:30 | 037,716,716 | ---- | M] () -- C:\Users\papa\Documents\Track No13.wav [2013/04/01 00:57:18 | 044,742,140 | ---- | M] () -- C:\Users\papa\Documents\Track No12.wav [2013/04/01 00:57:02 | 037,876,652 | ---- | M] () -- C:\Users\papa\Documents\Track No11.wav [2013/04/01 00:56:49 | 050,488,076 | ---- | M] () -- C:\Users\papa\Documents\Track No10.wav [2013/04/01 00:56:31 | 046,045,148 | ---- | M] () -- C:\Users\papa\Documents\Track No09.wav [2013/04/01 00:56:13 | 034,195,772 | ---- | M] () -- C:\Users\papa\Documents\Track No08.wav [2013/04/01 00:56:00 | 037,904,876 | ---- | M] () -- C:\Users\papa\Documents\Track No07.wav [2013/04/01 00:55:44 | 031,204,028 | ---- | M] () -- C:\Users\papa\Documents\Track No06.wav [2013/04/01 00:55:31 | 054,281,852 | ---- | M] () -- C:\Users\papa\Documents\Track No05.wav [2013/04/01 00:55:06 | 047,559,836 | ---- | M] () -- C:\Users\papa\Documents\Track No04.wav [2013/04/01 00:54:43 | 031,697,948 | ---- | M] () -- C:\Users\papa\Documents\Track No03.wav [2013/04/01 00:54:26 | 036,117,356 | ---- | M] () -- C:\Users\papa\Documents\Track No02.wav [2013/04/01 00:54:06 | 028,219,340 | ---- | M] () -- C:\Users\papa\Documents\Track No01.wav [2013/04/01 00:33:21 | 000,094,208 | ---- | M] (VSO Software) -- C:\Windows\System32\drivers\ezplay.sys [2013/04/01 00:33:21 | 000,000,125 | ---- | M] () -- C:\Users\papa\AppData\Roaming\ezplay.ini [2013/04/01 00:30:33 | 000,001,339 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013/04/01 00:29:40 | 000,002,459 | ---- | M] () -- C:\Users\papa\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2013/04/01 00:29:40 | 000,001,657 | ---- | M] () -- C:\Users\papa\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2013/03/27 16:42:29 | 000,000,124 | ---- | M] () -- C:\Users\papa\Documents\ax_files.xml [2013/03/26 21:29:17 | 793,749,514 | ---- | M] () -- C:\Users\papa\Desktop\Pratiquez_l_american_01.nrg [2013/03/25 21:25:36 | 242,401,436 | ---- | M] () -- C:\Users\papa\Desktop\Tests_Cambridge.nrg [2013/03/25 19:38:27 | 000,001,409 | ---- | M] () -- C:\Windows\System32\tmpE013F.FOT [2013/03/25 19:38:27 | 000,001,409 | ---- | M] () -- C:\Windows\System32\tmp9D13F.FOT [2013/03/25 19:38:27 | 000,001,409 | ---- | M] () -- C:\Windows\System32\tmp5623F.FOT [2013/03/25 19:38:27 | 000,001,409 | ---- | M] () -- C:\Windows\System32\tmp4923F.FOT [2013/03/25 19:38:27 | 000,001,409 | ---- | M] () -- C:\Windows\System32\tmp1F23F.FOT [2013/03/25 19:38:21 | 000,001,893 | ---- | M] () -- C:\Users\Public\Desktop\Cambridge Practice.lnk [2013/03/25 01:45:50 | 000,001,813 | ---- | M] () -- C:\Users\Public\Desktop\GeoGebra.lnk [2013/03/25 00:28:54 | 000,350,872 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013/03/21 13:52:03 | 000,000,348 | ---- | M] () -- C:\Users\papa\Desktop\Nouveau raccourci Internet.url [4 C:\Users\papa\Desktop\*.tmp files -> C:\Users\papa\Desktop\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013/04/17 13:59:48 | 000,001,656 | ---- | C] () -- C:\Windows\System32\ASOROSet.bin [2013/04/15 15:16:13 | 000,398,452 | ---- | C] () -- C:\Users\papa\Desktop\emploi du 2ème semestre du 15 au 20 avril 2013.htm [2013/04/11 19:57:16 | 001,047,175 | ---- | C] () -- C:\Users\papa\Desktop\MMC_sujets_methodes_math_tenseursS074D.pdf [2013/04/11 19:52:54 | 000,157,325 | ---- | C] () -- C:\Users\papa\Desktop\TD3_contraintes.pdf [2013/04/03 11:37:02 | 790,821,274 | ---- | C] () -- C:\Users\papa\Desktop\Parlez_L_Américain_N°2.nrg [2013/04/02 23:49:37 | 000,335,746 | ---- | C] () -- C:\Users\papa\Desktop\les_masques_de_sous-reseau.pdf.htm [2013/04/01 02:34:07 | 000,000,115 | ---- | C] () -- C:\Users\papa\Desktop\TELE_internet.url [2013/04/01 00:33:21 | 000,007,861 | ---- | C] () -- C:\Users\papa\AppData\Roaming\ezplay.cat [2013/04/01 00:33:21 | 000,001,104 | ---- | C] () -- C:\Users\papa\AppData\Roaming\ezplay.inf [2013/04/01 00:33:21 | 000,000,125 | ---- | C] () -- C:\Users\papa\AppData\Roaming\ezplay.ini [2013/04/01 00:31:56 | 000,087,608 | ---- | C] () -- C:\Users\papa\AppData\Roaming\inst.exe [2013/04/01 00:31:56 | 000,007,887 | ---- | C] () -- C:\Users\papa\AppData\Roaming\pcouffin.cat [2013/04/01 00:31:56 | 000,001,144 | ---- | C] () -- C:\Users\papa\AppData\Roaming\pcouffin.inf [2013/03/27 08:46:15 | 000,000,124 | ---- | C] () -- C:\Users\papa\Documents\ax_files.xml [2013/03/26 23:07:20 | 034,426,268 | ---- | C] () -- C:\Users\papa\Documents\Track No20.wav [2013/03/26 23:07:10 | 034,238,108 | ---- | C] () -- C:\Users\papa\Documents\Track No19.wav [2013/03/26 23:06:55 | 051,339,500 | ---- | C] () -- C:\Users\papa\Documents\Track No18.wav [2013/03/26 23:06:45 | 034,454,492 | ---- | C] () -- C:\Users\papa\Documents\Track No17.wav [2013/03/26 23:06:34 | 035,362,364 | ---- | C] () -- C:\Users\papa\Documents\Track No16.wav [2013/03/26 23:06:21 | 040,174,556 | ---- | C] () -- C:\Users\papa\Documents\Track No15.wav [2013/03/26 23:06:08 | 042,423,068 | ---- | C] () -- C:\Users\papa\Documents\Track No14.wav [2013/03/26 23:05:55 | 037,716,716 | ---- | C] () -- C:\Users\papa\Documents\Track No13.wav [2013/03/26 23:05:40 | 044,742,140 | ---- | C] () -- C:\Users\papa\Documents\Track No12.wav [2013/03/26 23:05:27 | 037,876,652 | ---- | C] () -- C:\Users\papa\Documents\Track No11.wav [2013/03/26 23:05:09 | 050,488,076 | ---- | C] () -- C:\Users\papa\Documents\Track No10.wav [2013/03/26 23:04:51 | 046,045,148 | ---- | C] () -- C:\Users\papa\Documents\Track No09.wav [2013/03/26 23:04:38 | 034,195,772 | ---- | C] () -- C:\Users\papa\Documents\Track No08.wav [2013/03/26 23:04:22 | 037,904,876 | ---- | C] () -- C:\Users\papa\Documents\Track No07.wav [2013/03/26 23:04:08 | 031,204,028 | ---- | C] () -- C:\Users\papa\Documents\Track No06.wav [2013/03/26 23:03:44 | 054,281,852 | ---- | C] () -- C:\Users\papa\Documents\Track No05.wav [2013/03/26 23:03:20 | 047,559,836 | ---- | C] () -- C:\Users\papa\Documents\Track No04.wav [2013/03/26 23:03:04 | 031,697,948 | ---- | C] () -- C:\Users\papa\Documents\Track No03.wav [2013/03/26 23:02:43 | 036,117,356 | ---- | C] () -- C:\Users\papa\Documents\Track No02.wav [2013/03/26 23:02:23 | 028,219,340 | ---- | C] () -- C:\Users\papa\Documents\Track No01.wav [2013/03/26 21:24:04 | 793,749,514 | ---- | C] () -- C:\Users\papa\Desktop\Pratiquez_l_american_01.nrg [2013/03/25 21:23:40 | 242,401,436 | ---- | C] () -- C:\Users\papa\Desktop\Tests_Cambridge.nrg [2013/03/25 19:38:27 | 000,001,409 | ---- | C] () -- C:\Windows\System32\tmpE013F.FOT [2013/03/25 19:38:27 | 000,001,409 | ---- | C] () -- C:\Windows\System32\tmp9D13F.FOT [2013/03/25 19:38:27 | 000,001,409 | ---- | C] () -- C:\Windows\System32\tmp5623F.FOT [2013/03/25 19:38:27 | 000,001,409 | ---- | C] () -- C:\Windows\System32\tmp4923F.FOT [2013/03/25 19:38:27 | 000,001,409 | ---- | C] () -- C:\Windows\System32\tmp1F23F.FOT [2013/03/25 19:38:21 | 000,001,893 | ---- | C] () -- C:\Users\Public\Desktop\Cambridge Practice.lnk [2013/03/21 13:51:54 | 000,000,348 | ---- | C] () -- C:\Users\papa\Desktop\Nouveau raccourci Internet.url [2013/03/16 23:57:20 | 000,246,784 | ---- | C] () -- C:\Windows\System32\zshp1020s.dll [2013/03/16 23:57:19 | 000,365,568 | ---- | C] () -- C:\Windows\System32\ZSHP1020.EXE [2013/03/16 23:57:19 | 000,169,472 | ---- | C] () -- C:\Windows\System32\ZLhp1020.DLL [2013/02/20 06:20:23 | 000,000,174 | ---- | C] () -- C:\Users\papa\.packettracer [2012/12/06 18:36:18 | 001,901,592 | ---- | C] () -- C:\Windows\System32\drivers\macxvi200.bin [2012/11/24 00:01:36 | 000,290,500 | ---- | C] () -- C:\Users\papa\AppData\Local\funmoods-speeddial_sf.crx [2012/11/24 00:01:35 | 000,031,465 | ---- | C] () -- C:\Users\papa\AppData\Local\funmoods.crx [2012/11/22 20:06:38 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll [2012/10/18 00:32:30 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll [2012/10/18 00:32:30 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys [2012/10/17 23:46:02 | 000,011,279 | ---- | C] () -- C:\Users\papa\gsview32.ini [2012/10/08 16:59:26 | 001,511,424 | ---- | C] () -- C:\Windows\System32\HP1100SM.EXE [2012/10/08 16:59:26 | 000,147,456 | ---- | C] () -- C:\Windows\System32\HP1100LM.DLL [2012/10/08 16:58:38 | 000,284,160 | ---- | C] () -- C:\Windows\System32\mvhlewsi.DLL [2012/10/08 16:58:31 | 000,053,248 | ---- | C] () -- C:\Windows\System32\HP1100SMs.dll [2012/10/06 20:49:07 | 000,000,571 | ---- | C] () -- C:\Windows\System32\FeMakro.ini [2012/10/06 20:49:07 | 000,000,497 | ---- | C] () -- C:\Windows\System32\FeAnim.ini [2012/10/01 21:16:24 | 000,208,033 | ---- | C] () -- C:\ProgramData\1349126041.bdinstall.bin [2012/09/30 07:23:20 | 000,643,210 | ---- | C] () -- C:\ProgramData\1348969573.bdinstall.bin [2012/09/30 01:44:20 | 000,209,238 | ---- | C] () -- C:\ProgramData\1348969323.bdinstall.bin [2012/09/30 01:22:19 | 000,361,833 | ---- | C] () -- C:\ProgramData\1348968075.bdinstall.bin [2012/09/27 01:51:47 | 000,641,453 | ---- | C] () -- C:\Users\papa\AppData\Local\census.cache [2012/09/27 01:50:58 | 000,138,788 | ---- | C] () -- C:\Users\papa\AppData\Local\ars.cache [2012/09/26 20:57:16 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2012/09/26 20:57:14 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll [2012/09/26 20:57:14 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll [2012/09/26 20:57:14 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll [2012/09/26 20:57:14 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll [2012/09/26 00:58:49 | 000,000,036 | ---- | C] () -- C:\Users\papa\AppData\Local\housecall.guid.cache [2012/09/24 23:16:59 | 000,788,837 | ---- | C] () -- C:\ProgramData\1348527532.bdinstall.bin [2012/09/24 17:28:27 | 000,002,813 | ---- | C] () -- C:\ProgramData\search_result.xml [2012/09/21 12:35:29 | 000,023,040 | ---- | C] () -- C:\Windows\System32\bddel.exe [2012/09/16 23:40:11 | 000,028,627 | ---- | C] () -- C:\Users\papa\algo_tes1_N°1.pdf [2012/09/16 01:08:10 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat [2012/09/15 03:31:09 | 000,000,016 | ---- | C] () -- C:\Windows\System32\asdict.dat [2012/09/15 03:10:40 | 000,149,227 | ---- | C] () -- C:\ProgramData\bdinstall.bin [2012/09/14 22:22:19 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012/07/04 05:27:30 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat [2012/07/04 05:27:30 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat [2012/07/04 02:32:18 | 000,159,232 | ---- | C] () -- C:\Windows\System32\clinfo.exe [2012/04/18 19:39:06 | 000,028,672 | ---- | C] () -- C:\Windows\System32\kdbsdk32.dll [2012/03/06 17:59:32 | 000,618,823 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2011/09/12 22:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat [2011/06/10 06:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [color=#E56717]========== ZeroAccess Check ==========[/color] [2009/07/14 04:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 04:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 12:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 01:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== Files - Unicode (All) ==========[/color] [2012/09/24 22:54:31 | 000,000,000 | ---- | M] ()(C:\Windows\System32\?????) -- C:\Windows\System32\獷楬汢捯污 [2012/09/24 22:52:38 | 000,000,000 | ---- | C] ()(C:\Windows\System32\?????) -- C:\Windows\System32\獷楬汢捯污 < End of report >