par virginie24
Bonjour, nouvelle parmi vous je recherche de l'aide en esperant le trouver, je vous remercie d'avance.

- 1/ j'ai windows 7 , jusque la ca va , seulement depuis un moment des mises a jours n'arretent pas de s'installées plusieurs fois par jour et tous le temps les mêmes que se passe t-il ? j'ai l'impression qu'il est plus lent que d'abitude parfois même des réactions inhabituel !

-2/ Il refuse systematiquement de se mettre en veille prolongée ou non sa ne fonctionne pas un ecran bleu apparait avec pleins de ligne j'ai a peine le temps de lire ! je crois comprendre qu il me demande de desinstaller ou de parametre quelques choses mais bon c'est tout en anglais je l'ai en photo si sa peu aider! est-ce dut a une infection ?

J'attend de vos conseil merci.
par virginie24
OTL Extras logfile created on: 11/12/2012 20:50:11 - Run 1
OTL by OldTimer - Version Folder = C:\Users\kabour\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

8,00 Gb Total Physical Memory | 5,97 Gb Available Physical Memory | 74,62% Memory free
16,00 Gb Paging File | 13,83 Gb Available in Paging File | 86,46% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 457,95 Gb Total Space | 285,91 Gb Free Space | 62,43% Space Free | Partition Type: NTFS
Drive D: | 458,46 Gb Total Space | 458,32 Gb Free Space | 99,97% Space Free | Partition Type: NTFS

Computer Name: KABOURPC | User Name: kabour | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]




"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1


"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

========== Authorized Applications List ==========



========== Vista Active Open Ports Exception List ==========

"{009CCD96-3762-479C-9451-13C5646D4634}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{020D5351-F373-4B92-83D3-85777BD51F62}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=partage de fichiers et d’imprimantes (service spouleur - rpc-epmap) |
"{088B9A87-3EA6-44F3-A309-0291AB32A1F1}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{0C42D37A-B75F-4532-AD5F-8893AF95964D}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{10903EA1-8E92-4FBF-8C26-716B6D9A2B22}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{1905D652-0156-4EE0-97A6-4E5B80D0F1E6}" = lport=138 | protocol=17 | dir=in | app=system |
"{19CCFE3D-257D-4852-BB54-F477F252E6F3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1E1E8ECD-5719-4B5A-A1A2-A1FD42B2D77E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{36A5EDC2-958F-4AD9-8D96-915240E062CD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{41EEEB0A-284D-4ECA-8D04-77AF647AB1D2}" = lport=139 | protocol=6 | dir=in | app=system |
"{487CA512-25F2-4742-A0AD-A97B92BD4B1A}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{50B54782-751D-45C8-8092-644DF0B8637F}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{57FC8A68-65A7-4D13-A017-E51063407D63}" = rport=139 | protocol=6 | dir=out | app=system |
"{8F83B7EF-5684-492F-AB0A-F4580194933E}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{993DF022-441F-4778-B2E6-5CE5A910EF23}" = rport=137 | protocol=17 | dir=out | app=system |
"{A6C31235-511D-404A-A300-EBEC92E2E6AF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A91B1095-608A-48E9-8699-144C673562E7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{ACBCB015-7D92-43CF-9798-32FEA4AB1283}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{AE223821-D58E-403F-A21B-BF7B613E888F}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{C0CE7274-3671-4392-A408-318C4159F43A}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{CAED082E-88F1-4195-BE20-1BFCD736CD68}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CFC74218-94BA-49E7-BAA4-454C4F93A5D0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{D14F40DC-F502-4834-AA28-803AF7E74934}" = lport=445 | protocol=6 | dir=in | app=system |
"{D55DAF6A-DF21-467D-A995-410339D4B5A9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DBAF4727-5118-4852-8753-5E415B65C56E}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{E81E393B-3904-408E-BF76-3839BA724A2D}" = rport=445 | protocol=6 | dir=out | app=system |
"{EF8F857D-8CE8-4229-A4C6-1B8F3AF3D9A9}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F06B0B99-8F53-4F3B-893B-2A9FB45D84B8}" = rport=138 | protocol=17 | dir=out | app=system |
"{FA1A8DC3-481B-40B2-AB3E-ADE842C8C079}" = lport=137 | protocol=17 | dir=in | app=system |

========== Vista Active Application Exception List ==========

"{01F981C8-BB57-4324-BCB7-2EA70B41F24B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{05E3AC4A-7AB8-497A-80E3-6526AE4D7601}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{07D82470-50E9-497D-AE85-AB61F6FD6B8D}" = protocol=6 | dir=in | app=c:\program files (x86)\adsltv\vlc\vlc.exe |
"{08182A68-B586-4132-93ED-A14621E65F46}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{132B5598-E908-4511-979B-A359722F3D67}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{15F26B0C-C395-4D41-8D08-14181049558E}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{178FC62D-AA95-4953-A939-E435C51717B1}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{19A6B150-E8DD-4D10-AC62-35A9C961F576}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{1BF7124D-C00A-408F-922D-C41FCDB295EA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{1C492F8C-BD18-4C37-9EC1-FD01294FCCFF}" = protocol=6 | dir=in | app=c:\windows\syswow64\zonelabs\vsmon.exe |
"{1DCF070C-1308-4EA7-8172-479F29DCFD66}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{288E7935-6688-4D6A-A2CD-9795F0343B73}" = protocol=6 | dir=in | app=c:\program files (x86)\adsltv\adsltv.exe |
"{28EC79C9-8777-4C87-BC0A-FD64434BB36F}" = protocol=17 | dir=in | app=c:\program files (x86)\dartybox_v3\bewan\netagent\netagent_wifi.exe |
"{2C3D7089-A63F-44A6-824A-9309B9DE8075}" = protocol=17 | dir=in | app=c:\program files (x86)\dartybox_v3\bewan\netagent\netagent_wifi.exe |
"{2C983186-D28F-48B1-B3CB-F55DB08CC76C}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{2FE173DC-364B-4C1D-A10A-0A9EF7F1A67C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{316CCDF7-1304-45F8-B0DD-FF8EC617833B}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{328971D9-B6E2-48B5-AE5D-A4699F1A9D51}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{336D2FF2-1BCE-4900-B275-8E86021EC077}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{34B85035-F76D-4410-9D4D-FDE4AF38FB97}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{3A4A445E-6BC0-4ABF-A37E-0A657E858BC6}" = protocol=17 | dir=in | app=c:\program files (x86)\adsltv\vlc\vlc.exe |
"{3CDD80F6-B6ED-42D9-B576-7DB1603A5384}" = protocol=17 | dir=in | app=c:\windows\syswow64\zonelabs\vsmon.exe |
"{3F7E143C-5E66-4C58-A774-90640C74AFA2}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{42638748-74BB-4DE6-A22E-260F212B4140}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{483A69DB-FC83-4CE5-85BF-AA1BAE335474}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{49E35439-7780-45E3-98E9-1FD46A938F85}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{55CBBE03-FE01-4170-BAE8-1981EC4F1EA9}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{5911C4C0-0036-4B09-A902-0A22228E0F92}" = protocol=58 | dir=out | name=partage de fichiers et d’imprimantes (demande d’écho - icmpv6 sortant) |
"{66901D89-6763-408C-95CE-378A7494DCA0}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{670E34CE-CEC7-419B-9772-B7F68A111C11}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\homemedia\homemedia.exe |
"{6FB14D52-3DF6-4E87-99F3-4380982B60B6}" = protocol=1 | dir=in | name=partage de fichiers et d’imprimantes (demande d’écho - trafic entrant icmpv4) |
"{73B3F2BA-513A-4EED-9973-29B2C5A9EAF4}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{73D1208C-D371-4D4A-B5A5-AB6A5A6388DC}" = protocol=6 | dir=in | app=c:\program files (x86)\dartybox_v3\bewan\netagent\netagent_dhcp.exe |
"{7BBBE5DE-908A-49B0-BFB9-2A07FA675683}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{7E9B7C39-36F2-46D2-AD76-3F94113756E5}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{84C6A9FF-B130-41CE-AEDC-72D86FD89AF4}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{87BBE2AE-9D89-46FC-A9FF-8A34E4C03937}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{89329639-025F-4E0D-BD6B-BDB3426F2F84}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\playmovie\playmovie.exe |
"{91A05C83-6F79-4541-B2F9-439A56B6C3E1}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{9493283F-DECC-42B1-BE19-A3334BD45D6D}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{99171BF1-F6E9-4654-B626-D725F834C495}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{9AAC0A51-FF96-4805-89CF-D6DDF875B33E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{9CD3253F-2B02-4080-9D1E-D065927561AB}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A2C19713-1275-4933-A2F4-69F079ECB188}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A593018C-642C-4B21-88AE-75E989EAF22B}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{A6B2C4A1-CB29-4273-950B-66E558301141}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{A77B872E-81F7-4063-A72C-E69BFD4C988D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{A79C1CD2-2D94-4B29-8C99-2383182F9523}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{AD69137E-1DE4-4749-A879-BB8059B7413A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{AEF96109-382A-40C7-BE29-90DB199F1A56}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{B38F9E08-4C6A-47CD-8708-2CD154C97CEF}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{BE412944-F4BB-42E4-AACA-5B729C6CFED1}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\playmovie\pmvservice.exe |
"{C0570137-976D-4082-A52E-32C507702E84}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C519AA70-A66C-43A8-80BA-818CBECE1F59}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{CA8E4EB9-03FE-47CD-8543-29FE09964A04}" = protocol=1 | dir=out | name=partage de fichiers et d’imprimantes (demande d’écho - trafic sortant icmpv4) |
"{CCBC37B2-15C4-4B65-A3C7-A0889956F5C7}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{CE24DE24-92CE-473D-9827-A371F3E3498E}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{D3EFF43C-6248-4977-8FC0-4732B143F800}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{D99F7FFE-D9DD-4052-A997-3EA1204FEAF3}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{E0CEE088-DA97-476C-B39D-5E650F523D5D}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{E1E9FE0D-A5BB-4042-91F1-AD32FAC0D45A}" = protocol=6 | dir=in | app=c:\program files (x86)\dartybox_v3\bewan\netagent\netagent_wifi.exe |
"{E433C473-6C26-484F-825C-52400DEB4941}" = protocol=58 | dir=in | name=partage de fichiers et d’imprimantes (demande d’écho - icmpv6 entrant) |
"{E6D3EAD7-BF45-4E2B-8261-89068697A115}" = protocol=17 | dir=in | app=c:\program files (x86)\adsltv\adsltv.exe |
"{EA3608B2-F1B0-4369-8198-9399D60B14FD}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{EBE3C9B6-BD2B-46EB-BF75-70A81B53A8ED}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{EFD47631-57C5-4451-827B-D1759BB9318A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F195C38C-A05D-49FC-9E81-6F41E5AFDB87}" = protocol=17 | dir=in | app=c:\program files (x86)\dartybox_v3\bewan\netagent\netagent_dhcp.exe |
"{F211B64C-8F78-452D-A748-6A3197A98294}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{F513660C-98E2-4DC5-8950-C2832BB57C71}" = protocol=6 | dir=in | app=c:\program files (x86)\dartybox_v3\bewan\netagent\netagent_wifi.exe |
"TCP Query User{1F8DB2B5-8D24-4F91-8748-A427B307BA93}C:\users\kabour\appdata\local\temp\7217158141196.exe" = protocol=6 | dir=in | app=c:\users\kabour\appdata\local\temp\7217158141196.exe |
"TCP Query User{4C66EF06-6957-4BF4-9018-CF0E48399158}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{4D62B310-9BCC-4A1A-91E9-7538316646A9}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"TCP Query User{72E841BC-70E7-42CB-BC4C-538B1AC2AE04}C:\program files (x86)\sfr\media center\httpd\httpd.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sfr\media center\httpd\httpd.exe |
"TCP Query User{B13457D4-2E9F-4941-A2CD-40094F1A9971}C:\users\kabour\appdata\local\temp\73029162150.exe" = protocol=6 | dir=in | app=c:\users\kabour\appdata\local\temp\73029162150.exe |
"TCP Query User{C0150A1F-583A-4CB9-959F-EB049C082A76}C:\users\kabour\appdata\local\temp\101368978118.exe" = protocol=6 | dir=in | app=c:\users\kabour\appdata\local\temp\101368978118.exe |
"TCP Query User{FC0883FE-D0F8-4830-920F-06B0E10D8BEC}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{1457AEBE-EB6E-4318-ACD7-254DA275DCC5}C:\users\kabour\appdata\local\temp\101368978118.exe" = protocol=17 | dir=in | app=c:\users\kabour\appdata\local\temp\101368978118.exe |
"UDP Query User{52A480F0-95D1-4513-90CD-6BE86D76A3D7}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"UDP Query User{A5CAC526-A8E2-4739-9EB1-0664DCB71CD1}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{DACFE879-7B34-4CAE-B31A-393839F6598D}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{E2BE0537-ABF7-49CE-9012-A884F229C59B}C:\users\kabour\appdata\local\temp\7217158141196.exe" = protocol=17 | dir=in | app=c:\users\kabour\appdata\local\temp\7217158141196.exe |
"UDP Query User{E4C0BC5F-FDAF-4BAE-8CE0-64AD815EA3DB}C:\users\kabour\appdata\local\temp\73029162150.exe" = protocol=17 | dir=in | app=c:\users\kabour\appdata\local\temp\73029162150.exe |
"UDP Query User{F2314180-1822-4E62-8C97-80B614A39330}C:\program files (x86)\sfr\media center\httpd\httpd.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sfr\media center\httpd\httpd.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{014E482A-0C27-47E3-BA82-307E9DCA2F47}" = HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{2906A05E-2D38-4B47-85A2-D3485E372C8F}" = Microsoft SQL Server Compact 3.5 SP2 x64 FRA
"{32E9C1A5-0FDA-4483-987D-DBABF9CC1DD8}" = Microsoft Antimalware Service FR-FR Language Pack
"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = IB Updater
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5E39F2FB-0D5B-413E-903C-3F495017109C}" = Utilitaire de mise à jour des logiciels EBP 1.1.3
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-040C-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (French) 2007
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-040C-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (French) 2010
"{90140000-006D-040C-1000-0000000FF1CE}" = Microsoft Office « Démarrer en un clic » 2010
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}" = Microsoft Security Client
"{CE47BA54-78AC-409F-9151-BDF5BE15A804}" = Network64
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client FR-FR Language Pack
"{EC6EDD64-CC00-4F6F-AA26-152BC224D146}" = EBP Auto-entrepreneur Pratic Open Line 2013 5.0
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009
"EPSON Printer and Utilities" = EPSON Logiciel imprimante
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Package de pilotes Windows - Nokia pccsmcfd (08/22/2008
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Shop for HP Supplies" = Shop for HP Supplies
"WNLT" = IB Updater Service

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{05653DE1-6567-40C6-B930-39D399B64369}" = 3.3
"{05D08C4D-58A2-438B-A419-EE994E64E15D}" = B110
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}" = Adobe Flash Player 10 Plugin
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{15F4085A-BC98-4590-AFFD-03BBBE49524E}" = Garmin Communicator Plugin
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216035FF}" = Java(TM) 6 Update 37
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" =
"{2FB9EA69-51D4-4913-9AD5-762C034DE811}" = Status
"{30075A70-B5D2-440B-AFA3-FB2021740121}" = Backup Manager Advance
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34610DE0-3C13-42CA-8E32-01FFA38AB6E8}" = PC Connectivity Solution
"{3B160861-7250-451E-B5EE-8B92BF30A710}" = Microsoft Works
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{40ACE18D-D5B4-40AF-81E8-2816A8AED029}" = Sagem Wi-Fi 11g USB adapter
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BD271AB-66E2-4D58-AF88-80FE3B0770C4}" = Fissa
"{4CFFAEC0-1F2A-4D38-8D95-3995A936ADD9}" = NetWorkingWizard_ICM
"{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers
"{565E7B0E-B76B-4EAD-9753-F1E72A5CF12E}" = HPAppStudio
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7683B745-6060-41FD-AA75-0BBB383FEAD4}" = SweetIM for Messenger 3.7
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114803710}" = Star Defender 4
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E4B1BE8-DCF3-4B90-A726-B28107442623}" = SolutionCenter
"{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1" = Acer GameZone Console
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0017-040C-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (French) 2007
"{90120000-0017-040C-0000-0000000FF1CE}{879D8136-C3A7-4A13-A8F4-309467087372}" = Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}{3E8EA473-ECCE-405F-A9CA-59446AEADD3A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-040C-1000-0000000FF1CE}{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007
"{90120000-0044-040C-0000-0000000FF1CE}{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{90120000-00A1-040C-0000-0000000FF1CE}{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-040C-0000-0000000FF1CE}" = Microsoft Office Groove MUI (French) 2007
"{90120000-00BA-040C-0000-0000000FF1CE}{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0100-040C-0000-0000000FF1CE}" = Microsoft Office O MUI (French) 2007
"{90120000-0100-040C-0000-0000000FF1CE}{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0101-040C-0000-0000000FF1CE}" = Microsoft Office X MUI (French) 2007
"{90120000-0101-040C-0000-0000000FF1CE}{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2010
"{90140000-0015-040C-0000-0000000FF1CE}_Office14.PROPLUS_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2010
"{90140000-0016-040C-0000-0000000FF1CE}_Office14.PROPLUS_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2010
"{90140000-0018-040C-0000-0000000FF1CE}_Office14.PROPLUS_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2010
"{90140000-0019-040C-0000-0000000FF1CE}_Office14.PROPLUS_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2010
"{90140000-001A-040C-0000-0000000FF1CE}_Office14.PROPLUS_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2010
"{90140000-001B-040C-0000-0000000FF1CE}_Office14.PROPLUS_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2010
"{90140000-001F-0401-0000-0000000FF1CE}_Office14.PROPLUS_{1A43C155-3DDA-43C9-92C5-0E7D0B2B156D}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2010
"{90140000-001F-0413-0000-0000000FF1CE}_Office14.PROPLUS_{5072FEA2-862C-4BF0-9654-CB0DCBE2BE28}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-040C-1000-0000000FF1CE}_Office14.PROPLUS_{0CCCD9C7-637C-41CA-A293-6E9992109B09}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2010
"{90140000-002C-040C-0000-0000000FF1CE}_Office14.PROPLUS_{C8E4AA87-3E5A-4C70-8CB7-43FE25C99B74}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2010
"{90140000-0044-040C-0000-0000000FF1CE}_Office14.PROPLUS_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2010
"{90140000-006E-040C-0000-0000000FF1CE}_Office14.PROPLUS_{7C5C7E8C-F6D2-43AC-93A4-89E4FF7367E6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2010
"{90140000-00A1-040C-0000-0000000FF1CE}_Office14.PROPLUS_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-040C-0000-0000000FF1CE}" = Microsoft Office Groove MUI (French) 2010
"{90140000-00BA-040C-0000-0000000FF1CE}_Office14.PROPLUS_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140011-0062-040C-0000-0000000FF1CE}" = Microsoft Office Home and Business 2010 - Français
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-1036-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Français
"{AF6919D0-5691-4F35-9D65-54F981013514}" = Microsoft SQL Server Compact 3.5 SP2 FRA
"{B0BCDCBD-863D-4CAB-BF68-8D1F6B1BDC13}" = Jumpstart Installation Program
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search Destroy
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BBFB2E59-B0DB-42C8-8F4D-CF4E85471667}" = Toolbox
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Les Sims™ 3
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C8EDC82F-44C8-443A-9ECA-A9F109378E17}" = Micro Application - Architecte 3DHD Classic
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F88E2E04-7EF5-488C-8E38-C94EB808458E}" = PS_AIO_07_B110_SW_Min
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Ad-Aware Browsing Protection" = Ad-Aware Browsing Protection
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"CCleaner" = CCleaner
"Cities XL" = Cities XL
"EADM" = EA Download Manager
"EBP Auto-entrepreneur Pratic Open Line 2013 5.0" = EBP Auto-entrepreneur Pratic Open Line 2013 5.0
"Free Disc Burner_is1" = Free Disc Burner version 2.5.10
"GoToAssist" = GoToAssist
"Hotkey Utility" = Hotkey Utility
"Identity Card" = Identity Card
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}" = Acer Backup Manager
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"jv16 PowerTools 2011" = jv16 PowerTools 2012
"Kit DartyBox ADSL v3.2_is1" = Kit DartyBox ADSL v3.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version
"Office14.Click2Run" = Microsoft Office « Démarrer en un clic » 2010
"Office14.PROPLUS" = Microsoft Office Professionnel Plus 2010
"" = Microsoft Office Language Pack 2007 - French/Français
"SFR_Kit" = SFR - Kit de connexion
"Softonic_France Toolbar" = Softonic_France Toolbar
"TomTom HOME" = TomTom HOME
"Utilitaire de mise à jour des logiciels EBP 1.1.3" = Utilitaire de mise à jour des logiciels EBP 1.1.3
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.4
"WinLiveSuite" = Windows Live
"WinRAR archiver" = WinRAR 4.20 (32-bit)

========== HKEY_USERS Uninstall List ==========

"@@__UNKNOWN__@@SanDiskSecureAccess_Manager.exe" = SanDiskSecureAccess_Manager.exe
"Facebook Plug-In" = Facebook Plug-In
"PhotoFiltre" = PhotoFiltre

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 18/11/2012 10:07:28 | Computer Name = kabourPC | Source = SideBySide | ID = 16842832
Description = La création du contexte d’activation a échoué pour « C:\Users\kabour\AppData\Local\Microsoft\Windows\Temporary
Internet Files\Content.IE5\WU6LH2ZO\SoftonicDownloader_pour_logo-design-studio.exe ».
Erreur dans le fichier de manifeste ou de stratégie « » à la ligne . Une version
de composant nécessaire à l’application est en conflit avec une autre version de
composant déjà active. Les composants en conflit sont : Composant 1 : C:\Windows\WinSxS\manifests\
2 : C:\Windows\WinSxS\manifests\

Error - 18/11/2012 10:07:32 | Computer Name = kabourPC | Source = SideBySide | ID = 16842832
Description = La création du contexte d’activation a échoué pour « C:\Users\kabour\AppData\Local\Microsoft\Windows\Temporary
Internet Files\Content.IE5\WU6LH2ZO\SoftonicDownloader_pour_logo-design-studio.exe ».
Erreur dans le fichier de manifeste ou de stratégie « » à la ligne . Une version
de composant nécessaire à l’application est en conflit avec une autre version de
composant déjà active. Les composants en conflit sont : Composant 1 : C:\Windows\WinSxS\manifests\
2 : C:\Windows\WinSxS\manifests\

Error - 18/11/2012 10:07:38 | Computer Name = kabourPC | Source = SideBySide | ID = 16842832
Description = La création du contexte d’activation a échoué pour « C:\Users\kabour\AppData\Local\Microsoft\Windows\Temporary
Internet Files\Content.IE5\WU6LH2ZO\SoftonicDownloader_pour_logo-design-studio.exe ».
Erreur dans le fichier de manifeste ou de stratégie « » à la ligne . Une version
de composant nécessaire à l’application est en conflit avec une autre version de
composant déjà active. Les composants en conflit sont : Composant 1 : C:\Windows\WinSxS\manifests\
2 : C:\Windows\WinSxS\manifests\

Error - 18/11/2012 18:35:01 | Computer Name = kabourPC | Source = Application Hang | ID = 1002
Description = Le programme iexplore.exe version 9.0.8112.16455 a cessé d’interagir
avec Windows et a été fermé. Pour déterminer si des informations supplémentaires
sont disponibles, consultez l’historique du problème dans le Centre de maintenance.

de processus : a74 Heure de début : 01cdc5d931f263bd Heure de fin : 70 Chemin d’accès
de l’application : C:\Program Files (x86)\Internet Explorer\iexplore.exe ID de rapport

Error - 19/11/2012 11:14:00 | Computer Name = kabourPC | Source = SideBySide | ID = 16842832
Description = La création du contexte d’activation a échoué pour « c:\Users\kabour\AppData\Local\microsoft\Windows\temporary
internet files\Content.IE5\WU6LH2ZO\softonicdownloader_pour_logo-design-studio.exe ».
Erreur dans le fichier de manifeste ou de stratégie « » à la ligne . Une version
de composant nécessaire à l’application est en conflit avec une autre version de
composant déjà active. Les composants en conflit sont : Composant 1 : C:\Windows\WinSxS\manifests\
2 : C:\Windows\WinSxS\manifests\

Error - 23/11/2012 16:11:22 | Computer Name = kabourPC | Source = MsiInstaller | ID = 11316
Description =

Error - 23/11/2012 16:21:08 | Computer Name = kabourPC | Source = Application Hang | ID = 1002
Description = Le programme msiexec.exe version 5.0.7601.17514 a cessé d’interagir
avec Windows et a été fermé. Pour déterminer si des informations supplémentaires
sont disponibles, consultez l’historique du problème dans le Centre de maintenance.

de processus : 1928 Heure de début : 01cdc9b79d453107 Heure de fin : 0 Chemin d’accès
de l’application : C:\Windows\SysWOW64\msiexec.exe ID de rapport :

Error - 27/11/2012 07:02:56 | Computer Name = kabourPC | Source = CVHSVC | ID = 100
Description = Pour information uniquement. (Patch task for {90140011-0062-040C-0000-0000000FF1CE}):
DownloadLatest Failed: État HTTP 404 : l’URL requise n’existe pas sur le serveur.

Error - 01/12/2012 09:30:36 | Computer Name = kabourPC | Source = Application Hang | ID = 1002
Description = Le programme iexplore.exe version 9.0.8112.16455 a cessé d’interagir
avec Windows et a été fermé. Pour déterminer si des informations supplémentaires
sont disponibles, consultez l’historique du problème dans le Centre de maintenance.

de processus : 1b20 Heure de début : 01cdcfbc632d27ed Heure de fin : 0 Chemin d’accès
de l’application : C:\Program Files (x86)\Internet Explorer\iexplore.exe ID de rapport

Error - 11/12/2012 15:48:15 | Computer Name = kabourPC | Source = Application Hang | ID = 1002
Description = Le programme OTL.exe version a cessé d’interagir avec Windows
et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles,
consultez l’historique du problème dans le Centre de maintenance. ID de processus :
300 Heure de début : 01cdd7d7ce59c4b2 Heure de fin : 0 Chemin d’accès de l’application
: C:\Users\kabour\Downloads\OTL.exe ID de rapport : 82edbe3d-43cb-11e2-98da-002511506c22

[ Media Center Events ]
Error - 12/12/2009 13:53:20 | Computer Name = kabourPC | Source = MCUpdate | ID = 0
Description = 18:53:20 - Échec de la récupération de ClientUpdate (Erreur : La connexion
sous-jacente a été fermée : Une erreur inattendue s'est produite lors de la réception.)

Error - 21/07/2010 07:34:19 | Computer Name = kabourPC | Source = MCUpdate | ID = 0
Description = 13:34:19 - Erreur de connexion à Internet. 13:34:19 - Impossible
de contacter le service..

Error - 21/07/2010 07:34:55 | Computer Name = kabourPC | Source = MCUpdate | ID = 0
Description = 13:34:49 - Erreur de connexion à Internet. 13:34:49 - Impossible
de contacter le service..

Error - 21/07/2010 08:36:05 | Computer Name = kabourPC | Source = MCUpdate | ID = 0
Description = 14:36:05 - Erreur de connexion à Internet. 14:36:05 - Impossible
de contacter le service..

Error - 21/07/2010 08:36:35 | Computer Name = kabourPC | Source = MCUpdate | ID = 0
Description = 14:36:35 - Erreur de connexion à Internet. 14:36:35 - Impossible
de contacter le service..

Error - 21/07/2010 09:36:42 | Computer Name = kabourPC | Source = MCUpdate | ID = 0
Description = 15:36:42 - Erreur de connexion à Internet. 15:36:42 - Impossible
de contacter le service..

Error - 21/07/2010 09:36:48 | Computer Name = kabourPC | Source = MCUpdate | ID = 0
Description = 15:36:48 - Erreur de connexion à Internet. 15:36:48 - Impossible
de contacter le service..

Error - 21/07/2010 10:36:55 | Computer Name = kabourPC | Source = MCUpdate | ID = 0
Description = 16:36:55 - Erreur de connexion à Internet. 16:36:55 - Impossible
de contacter le service..

Error - 21/07/2010 10:37:01 | Computer Name = kabourPC | Source = MCUpdate | ID = 0
Description = 16:37:00 - Erreur de connexion à Internet. 16:37:00 - Impossible
de contacter le service..

Error - 12/05/2011 16:01:08 | Computer Name = kabourPC | Source = MCUpdate | ID = 0
Description = 22:01:04 - Erreur de connexion à Internet. 22:01:04 - Impossible
de contacter le service..

[ System Events ]
Error - 10/12/2012 15:39:24 | Computer Name = kabourPC | Source = EventLog | ID = 6008
Description = L’arrêt système précédant à 18:56:39 le ?10/?12/?2012 n’était pas

Error - 10/12/2012 15:39:27 | Computer Name = kabourPC | Source = BugCheck | ID = 1001
Description =

Error - 10/12/2012 15:39:43 | Computer Name = kabourPC | Source = Service Control Manager | ID = 7026
Description = Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se
charger : SBRE

Error - 11/12/2012 03:20:27 | Computer Name = kabourPC | Source = Service Control Manager | ID = 7026
Description = Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se
charger : SBRE

Error - 11/12/2012 12:18:42 | Computer Name = kabourPC | Source = EventLog | ID = 6008
Description = L’arrêt système précédant à 15:27:24 le ?11/?12/?2012 n’était pas

Error - 11/12/2012 12:18:49 | Computer Name = kabourPC | Source = BugCheck | ID = 1001
Description =

Error - 11/12/2012 12:19:04 | Computer Name = kabourPC | Source = Service Control Manager | ID = 7026
Description = Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se
charger : SBRE

Error - 11/12/2012 15:07:18 | Computer Name = kabourPC | Source = EventLog | ID = 6008
Description = L’arrêt système précédant à 19:48:59 le ?11/?12/?2012 n’était pas

Error - 11/12/2012 15:07:19 | Computer Name = KABOURPC | Source = BugCheck | ID = 1001
Description =

Error - 11/12/2012 15:07:36 | Computer Name = kabourPC | Source = Service Control Manager | ID = 7026
Description = Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se
charger : SBRE
par virginie24
OTL logfile created on: 11/12/2012 20:50:11 - Run 1
OTL by OldTimer - Version Folder = C:\Users\kabour\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

8,00 Gb Total Physical Memory | 5,97 Gb Available Physical Memory | 74,62% Memory free
16,00 Gb Paging File | 13,83 Gb Available in Paging File | 86,46% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 457,95 Gb Total Space | 285,91 Gb Free Space | 62,43% Space Free | Partition Type: NTFS
Drive D: | 458,46 Gb Total Space | 458,32 Gb Free Space | 99,97% Space Free | Partition Type: NTFS

Computer Name: KABOURPC | User Name: kabour | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/12/11 20:49:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\kabour\Downloads\OTL (1).exe
PRC - [2012/11/18 22:41:53 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_110_ActiveX.exe
PRC - [2012/10/03 14:25:42 | 000,188,760 | ---- | M] () -- C:\Program Files\IB Updater\ExtensionUpdaterService.exe
PRC - [2012/08/22 14:26:44 | 000,307,856 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2012/08/08 09:17:00 | 000,540,056 | ---- | M] (Lavasoft) -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
PRC - [2012/07/27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/07/16 12:24:06 | 000,021,432 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012/07/16 12:23:56 | 003,524,536 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2012/07/16 12:23:56 | 000,975,800 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
PRC - [2012/01/18 17:26:36 | 004,954,624 | ---- | M] (Celliance) -- C:\Program Files (x86)\DartyBox_v3\Bewan\AssistantDB\AssistantDB_Bewan.exe
PRC - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/06/29 10:56:42 | 027,311,232 | ---- | M] (Gemalto N.V.) -- C:\Users\kabour\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
PRC - [2011/04/22 13:21:10 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
PRC - [2009/08/12 23:04:44 | 000,062,208 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2009/08/12 22:58:28 | 000,261,888 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
PRC - [2009/08/10 06:36:04 | 000,629,280 | ---- | M] () -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
PRC - [2009/08/06 18:18:54 | 000,311,592 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
PRC - [2009/07/04 02:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2009/06/05 03:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/05 03:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009/06/04 14:04:50 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
PRC - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search Destroy\SDWinSec.exe

========== Modules (No Company Name) ==========

MOD - [2012/11/17 18:51:19 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\38e2909de0b5e7887b46dd28725ba718\
MOD - [2012/11/17 18:51:02 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\adaaf894878905f022f824b84fcd59a8\
MOD - [2012/11/17 18:50:48 | 001,812,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\aebb94e0eea9c39ec18a7915a711f621\
MOD - [2012/11/17 18:50:35 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\a24c1c772b5c5ce0f0b9d8290f7792c2\
MOD - [2012/11/17 01:24:51 | 018,022,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\7c8bffb6e42a248341d7821a8464ef0b\
MOD - [2012/11/17 01:24:38 | 011,522,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74fade4c3e490c62af3d60742fb078a\
MOD - [2012/11/17 01:24:29 | 003,882,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\dfe6e22159d3f5bf61b5bfe1da6f2758\
MOD - [2012/11/17 01:24:26 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\46215c6276fca8ba6b8a765dfa384c73\
MOD - [2012/11/17 01:20:08 | 013,198,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\ecbb113bbad9034fa8385c15f73fb4cf\
MOD - [2012/11/17 01:20:04 | 007,070,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\14d2241be401f66cc1898dc5dc383b80\
MOD - [2012/11/17 01:20:01 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\e10bbd79027aa4c1ca8950b78fd640d4\
MOD - [2012/11/17 01:20:00 | 001,666,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\a8dfd1388afc0a50f39f9e1dc7ecd45c\
MOD - [2012/11/17 01:19:58 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\c63fe1e324904c893d2a5d02f0783658\
MOD - [2012/11/17 01:19:57 | 009,095,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\379599837ade465016dd5d96798b2766\
MOD - [2012/11/17 01:19:52 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\dbc34d53e1fbedabecd201fe4f264961\
MOD - [2012/07/29 09:33:56 | 000,115,137 | ---- | M] () -- C:\Users\kabour\AppData\Local\Temp\99cab429-f99d-4f69-9d04-113ad532bd0f\CliSecureRT.dll
MOD - [2012/07/16 12:24:06 | 000,021,432 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2011/06/29 09:56:06 | 011,483,264 | ---- | M] () -- C:\Users\kabour\AppData\Roaming\SanDisk\My Vaults\dmBackup.dll
MOD - [2011/06/10 07:24:04 | 000,079,240 | ---- | M] () -- C:\Program Files (x86)\SFR\Kit\9unelevate.dll
MOD - [2009/08/10 06:36:04 | 000,629,280 | ---- | M] () -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
MOD - [2009/08/10 03:49:40 | 000,019,968 | ---- | M] () -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll
MOD - [2009/02/03 01:33:56 | 000,460,199 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll

========== Services (SafeList) ==========

SRV:64bit: - [2012/10/03 14:25:42 | 000,188,760 | ---- | M] () [Auto | Running] -- C:\Program Files\IB Updater\ExtensionUpdaterService.exe -- (IB Updater Updater)
SRV:64bit: - [2012/09/12 20:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012/09/12 20:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/04 02:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2012/11/18 22:41:54 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/04/22 13:21:10 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2011/01/31 12:30:46 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\508\g2aservice.exe -- (GoToAssist)
SRV - [2010/10/22 13:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/08/12 23:04:44 | 000,062,208 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009/08/06 18:18:54 | 000,311,592 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/05 03:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2009/06/04 14:04:50 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009/04/01 13:10:08 | 000,265,216 | ---- | M] (Atheros Communications, Inc.) [Auto | Running] -- C:\Program Files (x86)\Atheros\jswpbapi.exe -- (jswpbapi)
SRV - [2009/04/01 13:07:00 | 000,360,529 | ---- | M] (Atheros Communications, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Atheros\jswpsapi.exe -- (jswpsapi)
SRV - [2008/11/11 08:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007/01/11 04:02:00 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/08/30 21:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/08/23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/06/04 08:59:20 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.( [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012/06/04 08:59:20 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.( [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/05/01 07:51:28 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:64bit: - [2010/05/01 07:51:14 | 000,020,568 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dgderdrv.sys -- (dgderdrv)
DRV:64bit: - [2010/04/27 03:25:22 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscemdm.sys -- (sscemdm)
DRV:64bit: - [2010/04/27 03:25:22 | 000,129,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssceserd.sys -- (ssceserd)
DRV:64bit: - [2010/04/27 03:25:22 | 000,127,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscebus.sys -- (sscebus)
DRV:64bit: - [2010/04/27 03:25:22 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscemdfl.sys -- (sscemdfl)
DRV:64bit: - [2010/04/27 03:25:16 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV:64bit: - [2010/04/27 03:25:16 | 000,128,000 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bserd.sys -- (ss_bserd)
DRV:64bit: - [2010/04/27 03:25:16 | 000,127,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bbus.sys -- (ss_bbus)
DRV:64bit: - [2010/04/27 03:25:16 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV:64bit: - [2010/02/01 11:30:54 | 000,622,624 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl819xp.sys -- (rtl819xpn64)
DRV:64bit: - [2010/02/01 11:30:54 | 000,622,624 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtl819xp.sys -- (rtl819xp)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/26 08:55:10 | 000,083,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2009/06/12 11:19:58 | 000,287,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1y62x64.sys -- (e1yexpress)
DRV:64bit: - [2009/06/10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 11:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/06/02 12:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009/06/02 12:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009/06/02 12:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009/05/06 00:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009/05/06 00:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2008/09/25 18:07:30 | 000,075,264 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jswscimdx.sys -- (JSWSCIMD)
DRV:64bit: - [2008/08/28 10:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV - [2010/05/01 07:51:28 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2002/08/30 13:00:00 | 000,002,864 | --S- | M] (Microsoft Corporation) [Adapter | On_Demand | Unknown] -- C:\Windows\SysWow64\winsock.dll -- (Winsock)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" ={searchTerms}FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" ={searchT ... urceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = ... 2511506C22}
IE - HKLM\..\URLSearchHook: {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files (x86)\Softonic_France\tbSof0.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" ={searchTerms}FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = ... lz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" ={searchT ... urceid=ie7
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = ... earchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = ... =CT2611275

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1201331004-2914378652-793719002-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-1201331004-2914378652-793719002-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-21-1201331004-2914378652-793719002-1001\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\S-1-5-21-1201331004-2914378652-793719002-1001\..\SearchScopes\${searchCLSID}: "URL" ={ ... rer:source?}
IE - HKU\S-1-5-21-1201331004-2914378652-793719002-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" ={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1201331004-2914378652-793719002-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" ={searchTe ... 064f85f722
IE - HKU\S-1-5-21-1201331004-2914378652-793719002-1001\..\SearchScopes\{0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF}: "URL" = ... s}srch=dsp
IE - HKU\S-1-5-21-1201331004-2914378652-793719002-1001\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = ... earchTerms}
IE - HKU\S-1-5-21-1201331004-2914378652-793719002-1001\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = ... NI_frFR458
IE - HKU\S-1-5-21-1201331004-2914378652-793719002-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" ={searchT ... urceid=ie7
IE - HKU\S-1-5-21-1201331004-2914378652-793719002-1001\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = ... earchTerms}
IE - HKU\S-1-5-21-1201331004-2914378652-793719002-1001\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = ... =CT2611275
IE - HKU\S-1-5-21-1201331004-2914378652-793719002-1001\..\SearchScopes\{b41306c6-96d0-442a-bcc4-b0f621e82ce9}: "URL" = ... earchTerms}
IE - HKU\S-1-5-21-1201331004-2914378652-793719002-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - "SweetIM Search"
FF - "Softonic_France Customized Web Search"
FF - "SweetIM Search"
FF - true
FF - prefs.js..browser.startup.homepage: " ... 2511506C22}"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: radiobar@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: {4daac69c-cba7-45e2-9bc8-1044483d3352}:
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:
FF - prefs.js..browser.startup.homepage: ""
FF - "Web Search..."
FF - "Softonic_France Customized Web Search"
FF - ""
FF - prefs.js..keyword.URL: " ... 1506C22}q="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""
FF - prefs.js..browser.startup.homepage: " ... 50A1600FF0"
FF - prefs.js..keyword.URL: " ... ntgfns=1q="

FF - user.js..keyword.URL: ""

FF:64bit: - HKLM\Software\MozillaPlugins\ disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\ C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\ File not found
FF - HKLM\Software\MozillaPlugins\ C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\ C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\,version=1.6.0_37: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\ C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\ disabled File not found
FF - HKLM\Software\MozillaPlugins\,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\ Update;version=3: C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\ Update;version=9: C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\,version=2.0.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\,version=1.0.1: C:\Users\kabour\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll ( )

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\IB UPDATER\FIREFOX [2012/11/18 15:13:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/09/19 12:36:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\IB Updater\Firefox [2012/11/18 15:13:56 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\ C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/09/19 12:36:35 | 000,000,000 | ---D | M]

[2010/05/18 07:55:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kabour\AppData\Roaming\mozilla\Extensions
[2010/05/18 07:55:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kabour\AppData\Roaming\mozilla\Extensions\
[2009/12/10 14:07:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kabour\AppData\Roaming\mozilla\Extensions\
[2012/11/18 15:14:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kabour\AppData\Roaming\mozilla\Firefox\Profiles\8d0olbyd.default\extensions
[2011/02/22 12:37:09 | 000,000,000 | ---D | M] (Fissa) -- C:\Users\kabour\AppData\Roaming\mozilla\Firefox\Profiles\8d0olbyd.default\extensions\@FissaPlugin
[2011/01/27 18:48:13 | 000,000,000 | ---D | M] (uTorrentBar_FR Community Toolbar) -- C:\Users\kabour\AppData\Roaming\mozilla\Firefox\Profiles\8d0olbyd.default\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}
[2010/07/05 19:52:04 | 000,000,000 | ---D | M] (Softonic_France Toolbar) -- C:\Users\kabour\AppData\Roaming\mozilla\Firefox\Profiles\8d0olbyd.default\extensions\{4daac69c-cba7-45e2-9bc8-1044483d3352}
[2010/06/09 16:47:13 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\kabour\AppData\Roaming\mozilla\Firefox\Profiles\8d0olbyd.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012/11/12 21:46:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kabour\AppData\Roaming\mozilla\Firefox\Profiles\8d0olbyd.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
[2011/01/27 18:48:14 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\kabour\AppData\Roaming\mozilla\Firefox\Profiles\8d0olbyd.default\extensions\
[2011/11/01 20:08:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kabour\AppData\Roaming\mozilla\Firefox\Profiles\8d0olbyd.default\extensions\
[2012/11/12 21:46:12 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- C:\Users\kabour\AppData\Roaming\mozilla\Firefox\Profiles\8d0olbyd.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
[2010/06/09 15:17:13 | 000,000,000 | ---D | M] (RadioBar Toolbar) -- C:\Users\kabour\AppData\Roaming\mozilla\Firefox\Profiles\8d0olbyd.default\extensions\radiobar@toolbar
[2010/08/29 17:34:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/04/19 22:04:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/07/29 14:46:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/07/17 04:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll

========== Chrome ==========

CHR - homepage: ... 50A1600FF0
CHR - default_search_provider: Search Results ()
CHR - default_search_provider: search_url = ... earchTerms}
CHR - default_search_provider: suggest_url =
CHR - homepage: ... 50A1600FF0
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\kabour\AppData\Local\Google\Chrome\User Data\PepperFlash\\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Garmin Communicator Plug-In (Enabled) = C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: SquareClock 3D Plugin - Production_Castorama_Bathroom_Internet (Enabled) = C:\Users\kabour\AppData\Local\SquareClock.Production_Castorama_Bathroom_Internet\NPSQ3D.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Users\kabour\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll
CHR - Extension: YouTube = C:\Users\kabour\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: YouTube = C:\Users\kabour\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Recherche Google = C:\Users\kabour\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\\
CHR - Extension: Recherche Google = C:\Users\kabour\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\\
CHR - Extension: IB Updater = C:\Users\kabour\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\\
CHR - Extension: SweetIM for Facebook = C:\Users\kabour\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\\
CHR - Extension: SweetPacks Chrome Extension = C:\Users\kabour\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\\
CHR - Extension: Gmail = C:\Users\kabour\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Gmail = C:\Users\kabour\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: YouTube = C:\Users\kabour\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: YouTube = C:\Users\kabour\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Recherche Google = C:\Users\kabour\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\\
CHR - Extension: Recherche Google = C:\Users\kabour\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\\
CHR - Extension: IB Updater = C:\Users\kabour\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\\
CHR - Extension: SweetIM for Facebook = C:\Users\kabour\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\\
CHR - Extension: SweetPacks Chrome Extension = C:\Users\kabour\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\\
CHR - Extension: Gmail = C:\Users\kabour\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Gmail = C:\Users\kabour\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2011/11/27 21:52:55 | 000,437,957 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: localhost
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts: 15090 more lines...
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Objet d'aide à la navigation SFR) - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files (x86)\SFR\Kit\SFRNavErrorHelper.dll (SFR)
O2 - BHO: (Softonic_France Toolbar) - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files (x86)\Softonic_France\tbSof0.dll (Conduit Ltd.)
O2 - BHO: (Spybot-SD IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - !{6c97a91e-4524-4019-86af-2aa2d567bf5c} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - !{F9639E4A-801B-4843-AEE3-03D9DA199E77} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{6c97a91e-4524-4019-86af-2aa2d567bf5c} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{F9639E4A-801B-4843-AEE3-03D9DA199E77} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Softonic_France Toolbar) - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files (x86)\Softonic_France\tbSof0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {A29B2641-9931-448A-8DE7-B2D63BDC1812} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-1201331004-2914378652-793719002-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-1201331004-2914378652-793719002-1001\..\Toolbar\WebBrowser: (Softonic_France Toolbar) - {4DAAC69C-CBA7-45E2-9BC8-1044483D3352} - C:\Program Files (x86)\Softonic_France\tbSof0.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\S-1-5-21-1201331004-2914378652-793719002-1001..\Run: [Assistant DartyBox] C:\Program Files (x86)\DartyBox_v3\Bewan\AssistantDB\AssistantDB_Bewan.exe (Celliance)
O4 - HKU\S-1-5-21-1201331004-2914378652-793719002-1001..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\S-1-5-21-1201331004-2914378652-793719002-1001..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-21-1201331004-2914378652-793719002-1001..\Run: [SanDiskSecureAccess_Manager.exe] C:\Users\kabour\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe (Gemalto N.V.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1201331004-2914378652-793719002-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1201331004-2914378652-793719002-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-21-1201331004-2914378652-793719002-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Spybot - Search Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} ... (Microsoft Office Template and Media Control)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} ... (QuickTime Plugin Control)
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} ... (Reg Error: Key error.)
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} ... (20-20 3D Viewer for IKEA)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} ... (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} ... (Java Plug-in 1.6.0_37)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} ... /wrc32.ocx (WRC Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} ... (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} ... (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} ... (Java Plug-in 1.6.0_37)
O16 - DPF: Garmin Communicator Plug-In ... ontrol.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer =
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{068047DD-0DE9-4281-B108-7B78C61DF729}: DhcpNameServer =
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\ [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\ [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

Restore point Set: OTL Restore Point
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

par virginie24
[2012/12/05 13:09:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/12/01 10:08:45 | 000,000,000 | ---D | C] -- C:\Users\kabour\AppData\Local\{90A5ECF7-5EED-438F-A178-F25EAAD3BC8A}
[2012/11/30 13:39:09 | 000,000,000 | ---D | C] -- C:\Users\kabour\AppData\Local\{537242BC-C154-4DC5-918A-C9CF84376E5F}
[2012/11/30 12:19:45 | 000,000,000 | ---D | C] -- C:\Users\kabour\Desktop\photo
[2012/11/27 19:09:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SFR
[2012/11/27 19:09:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SFR
[2012/11/24 19:50:34 | 000,000,000 | ---D | C] -- C:\Users\kabour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jv16 PowerTools 2012
[2012/11/24 19:50:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\jv16 PowerTools 2012
[2012/11/23 21:25:51 | 000,000,000 | ---D | C] -- C:\Users\kabour\AppData\Local\{E3A13718-4A57-4E9B-9556-7B3FB762E3D8}
[2012/11/23 20:37:40 | 000,000,000 | ---D | C] -- C:\Users\kabour\Documents\interphone
[2012/11/23 20:36:59 | 000,000,000 | ---D | C] -- C:\Users\kabour\Desktop\document a envoyer a pro btp
[2012/11/20 22:27:38 | 000,000,000 | ---D | C] -- C:\Navilog1
[2012/11/20 22:27:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Navilog1
[2012/11/18 20:34:04 | 000,000,000 | ---D | C] -- C:\Users\kabour\AppData\Local\StimulsoftReportsResources
[2012/11/18 20:33:39 | 000,000,000 | ---D | C] -- C:\Users\kabour\AppData\Local\Stimulsoft
[2012/11/18 15:15:40 | 000,000,000 | ---D | C] -- C:\Users\kabour\AppData\Roaming\Summitsoft
[2012/11/18 15:14:02 | 000,829,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr100.dll
[2012/11/18 15:14:02 | 000,608,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcp100.dll
[2012/11/18 15:14:02 | 000,035,328 | ---- | C] (IncrediMail, Ltd.) -- C:\Windows\SysNative\ImHttpComm.dll
[2012/11/18 15:14:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ARFC
[2012/11/18 15:14:00 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WNLT
[2012/11/18 15:13:55 | 000,000,000 | ---D | C] -- C:\Program Files\IB Updater
[2012/11/18 15:12:00 | 000,000,000 | ---D | C] -- C:\Users\kabour\Documents\My Logo Design Studio Projects
[2012/11/18 15:11:11 | 000,000,000 | ---D | C] -- C:\Windows\Logo Design Studio Trial
[2012/11/17 01:21:09 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2012/11/17 01:21:08 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2012/11/17 01:15:38 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/11/17 01:15:38 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/11/17 01:15:37 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/11/17 01:15:37 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/11/17 01:15:36 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/11/17 01:15:36 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/11/17 01:15:36 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/11/17 01:15:36 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/11/17 01:15:35 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/11/17 01:15:35 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/11/17 01:15:35 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/11/17 01:15:35 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/11/17 01:15:33 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/11/17 01:15:33 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/11/17 01:15:33 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/11/17 01:09:38 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2012/11/17 01:09:38 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2012/11/17 01:09:37 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2012/11/17 01:09:37 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2012/11/16 16:49:13 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2012/11/16 16:49:13 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2012/11/16 16:49:13 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2012/11/16 16:49:10 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2012/11/16 16:49:10 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2012/11/16 16:49:10 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2012/11/16 16:49:10 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2012/11/16 16:49:09 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2012/11/16 16:49:09 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2012/11/16 16:48:52 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2012/11/16 16:48:52 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2012/11/14 19:31:51 | 000,000,000 | -H-D | C] -- C:\ProgramData\{43B55ACB-A031-4DC3-AA95-8492F35E13ED}
[2012/11/13 19:24:47 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2012/11/13 19:24:47 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2012/11/13 19:24:47 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2012/11/13 19:24:45 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2012/11/13 19:24:45 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2012/11/13 19:24:43 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2012/11/13 19:24:43 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2012/11/13 19:24:43 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2012/11/13 19:24:43 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2012/11/13 19:24:43 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2012/11/13 19:24:43 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2012/11/13 19:24:43 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2012/11/13 19:24:43 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2012/11/13 19:24:43 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2012/11/13 19:24:43 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2012/11/13 19:24:43 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2012/11/13 19:24:43 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2012/11/13 19:24:43 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2012/11/13 19:24:42 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2012/11/13 19:24:42 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2012/11/13 19:24:42 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2012/11/13 19:24:42 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2012/11/13 19:24:42 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[1 C:\Users\kabour\AppData\Local\*.tmp files - C:\Users\kabour\AppData\Local\*.tmp - ]

par dédétraqué
Salut virginie24, bienvenu sur le forum

Télécharge AdwCleaner ( d'Xplode ) sur ton bureau. ... adwcleaner

Lance le, clique sur [Suppression] puis patiente le temps du scan.
Une fois le scan fini, un rapport s'ouvrira, poste le contenu de ce rapport.
Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt


On va vérifier le PC :

Télécharge OTL (de OldTimer) et enregistre-le sur ton Bureau.

- Quitte les applications en cours afin de ne pas interrompre le scan.
- Faire double clique sur OTL.exe présent sur le bureau pour lancer le programme
Vista/Seven -- Faire un clique droit sur OTL.exe présent sur le bureau et choisir exécuter en tant qu'administrateur pour lancer le programme
- Une fenêtre apparaît. Dans la section Rapport en haut de cette fenêtre, coche "Rapport standard". Fais de même avec "Tous les utilisateurs" à coté.
- Coche également les cases à côté de "Recherche LOP" et "Recherche Purity".

[g]Ne modifie pas les autres paramètres ![/g]

Copie la liste qui se trouve en gras ci-dessous, et colle-la dans la zone sous " Personnalisation "

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
c:\$recycle.bin\*.* /s

- Clique sur le bouton Analyse.
- Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTListIT2 (donc par défaut sur le Bureau).

Utilise pour poster en lien tes rapports :

- Clique sur Parcourir pour aller chercher le rapport OTL.txt sur le bureau
- Clique sur Ouvrir ensuite sur Créer le lien Cjoint

- Fais un copier/coller du lien qui est devant Le lien a été créé: dans ta prochaine réponse.

Après fais de même avec l'autre rapport Extras.txt

Avatar du membre
par virginie
bonjour, merci pour votre aide, voici donc la premiere etape;

par dédétraqué
Salut virginie24

Double clic sur OTL.exe pour le lancer.
(Vista/Seven -- Faire un clique droit sur OTL.exe pour lancer le programme et choisi "Exécuter en tant qu'administrateur".

* Copie la liste qui se trouve en citation ci-dessous, et colle-la dans la zone sous " Personnalisation "

MOD - [2012/07/29 09:33:56 | 000,115,137 | ---- | M] () -- C:\Users\kabour\AppData\Local\Temp\99cab429-f99d-4f69-9d04-113ad532bd0f\CliSecureRT.dll
IE - HKU\S-1-5-21-1201331004-2914378652-793719002-1001\..\SearchScopes\{0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF}: "URL" = ... s}srch=dsp
FF - prefs.js..extensions.enabledItems: {4daac69c-cba7-45e2-9bc8-1044483d3352}:
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - !{6c97a91e-4524-4019-86af-2aa2d567bf5c} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - !{F9639E4A-801B-4843-AEE3-03D9DA199E77} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{6c97a91e-4524-4019-86af-2aa2d567bf5c} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{F9639E4A-801B-4843-AEE3-03D9DA199E77} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} ... (Microsoft Office Template and Media Control)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} ... (QuickTime Plugin Control)
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} ... (Reg Error: Key error.)
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} ... (20-20 3D Viewer for IKEA)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} ... (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} ... (Java Plug-in 1.6.0_37)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} ... /wrc32.ocx (WRC Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} ... (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} ... (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} ... (Java Plug-in 1.6.0_37)
O16 - DPF: Garmin Communicator Plug-In ... ontrol.CAB (Reg Error: Key error.)
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
MsConfig:64bit - StartUpReg: KiesHelper - hkey= - key= - Reg Error: Value error. File not found
[2012/11/18 15:14:02 | 000,035,328 | ---- | C] (IncrediMail, Ltd.) -- C:\Windows\SysNative\ImHttpComm.dll
[2012/11/18 15:14:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ARFC
[2012/11/18 15:13:55 | 000,000,000 | ---D | C] -- C:\Program Files\IB Updater
@Alternate Data Stream - 131 bytes - C:\ProgramData\Temp:3737FC13
@Alternate Data Stream - 118 bytes - C:\ProgramData\Temp:4CF61E54


* Clique sur " Correction " pour lancer la suppression.

* Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer. Accepte en cliquant sur Oui.

* Au redémarrage , autorise OTL a s'exécuter.

* Poste le rapport généré par OTL.

Avatar du membre
par virginie

Heu, je lancer OTL en mode administrateur et fait exactement se que tu me demande c'est a dire copier et coller la citation dnas l espace personnalisation d OTL je lance la correction mais a un moment celui-ci ne repond plus !! je n'arrive pas a le faire foctionner ! Que dois-je faire?
Avatar du membre
par virginie24
Impeccable , voici le rapport

All processes killed
par dédétraqué
Salut virginie24

Mettre Malwarebyte's à jour et faire un scan rapide, poste le rapport...

Refais un scan avec OTL comme la première fois(mode Analyse) avec les mêmes paramètres et la même liste sous personnalisation, tu auras seulement un rapport(OTL.txt) a me poster, voir a utilisé cjoint pour poster le rapport.

Avatar du membre
par virginie24
par dédétraqué
Salut virginie24

Double clic sur OTL.exe pour le lancer.
(Vista/Seven -- Faire un clique droit sur OTL.exe pour lancer le programme et choisi "Exécuter en tant qu'administrateur".

* Copie la liste qui se trouve en citation ci-dessous, et colle-la dans la zone sous " Personnalisation "


C:\Program Files\IB Updater


* Clique sur " Correction " pour lancer la suppression.

* Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer. Accepte en cliquant sur Oui.

* Au redémarrage , autorise OTL a s'exécuter.

* Poste le rapport généré par OTL.

Avatar du membre
par virginie24

merci @+
Avatar du membre
par virginie
Non merci beaucoup je n'ai plus de souci de se coté la me reste a regler se souci d'écran bleu mais je pense que c'est sur une autre plateforme!

Merci beaucoup @+++++
par dédétraqué
Salut virginie24

Bien de rien

On va faire un ménage des outils téléchargés pour la désinfection, télécharge Del Fix (de Xplode), sur ton bureau ... /26-delfix

[*]Double-clique sur l'icône delfix.exe située sur ton Bureau.
(Vista/Seven - Faire un clique droit sur l'icône delfix.exe située sur ton Bureau et choisir exécuter en tant qu'administrateur.)

[*]Sélectionne Suppression

[*]Copie/colle le contenu du rapport dans ton prochain message.

Note : Le rapport est sauvegardé à la racine du disque dur ( C:\DelFixSuppr.txt )


Je te donne quelques consignes de sécurité :

Image Windows Update parfaitement à jour
Image Pare-feu bien paramétré pour XP, je te conseil :
ZoneAlarm, Vista/Seven -- le pare de WINDOWS est suffisant.
Image Antivirus bien paramétré et mis à jour régulièrement (quotidiennement s'il le faut) avec un scan complet régulier (journalier s'il le faut).
Image Une attitude prudente vis à vis de la navigation (pas de sites douteux : cracks, warez, sexe...) et vis à vis de la messagerie (fichiers joints aux messages doivent être scannés avant d'être ouverts)
Image Pas de téléchargement illégal, qui est le principal facteur d’infection (µTorrent, BitTorrent, eMule, Limewire, etc..)
Le danger des cracks !
Les risques sécuritaires du peer-to-peer
Image Une attitude vigilante (être à l'affût d'un fonctionnement inhabituel de son système)
Image Nettoyage hebdomadaire du système (suppression des fichiers inutiles, nettoyage de la base de registre, scandisk, defrag)
Image Scan hebdomadaire antispyware ( je conseil MalwareByte's Anti-Malware)
Image Un contrôle régulier de la console JAVA pour s'assurer qu'elle est à jour
Image Faire régulièrement un scan de vulnérabilités afin de vérifier que tes logiciels soit à jour sans failles de sécurités :

Bonne journée/soirée et bon surf

Avatar du membre
par virginie24
OOOOOuuupppssss ,

Je suis allée un peu trop vite voila que sa recommence, mise a jour récurrentes plusieurs fois par jour les memes a chaque fois et meme si je ne touche pas mon ordinateur j'entends la tour travaillée comme si je lui fesait faire plusieurs taches a la fois !! j'y comprend plus rien ! pouvons-nous revérifier tous cela?

merci @++
Avatar du membre
par virginie24
Avatar du membre
par virginie24
si sa peu aider ;

voila les mises a jours qui reviennent constament

Mise à jour pour Microsoft .NET Framework version 4 sous Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 et Windows Server 2008 R2 pour les systèmes x64 (KB2600217)

Date d'installation : ‎19/‎12/‎2012 10:55

État de l'installation : Réussite

Type de mise à jour : Recommandée

Cette mise à jour concerne des problèmes de stabilité, de fiabilité et de performance dans Microsoft .NET Framework 4. Une fois cet élément installé, vous serez peut-être amené à redémarrer l'ordinateur.

Plus d'informations :

Aide et support :

Mise à jour de sécurité pour Microsoft .NET Framework version 4 sous Windows XP, Server 2003, Vista, Windows 7, Server 2008 et Server 2008 R2 pour les systèmes x64 (KB2656351)

Date d'installation : ‎19/‎12/‎2012 10:59

État de l'installation : Réussite

Type de mise à jour : Important

Un problème de sécurité a été identifié. Ce problème pourrait permettre à une personne distante malveillante non authentifiée de porter atteintre à votre système et d'en prendre le contrôle. Vous pouvez renforcer la protection de votre système en installant cette mise à jour de Microsoft. Une fois cette mise à jour installée, vous serez peut-être amené à redémarrer votre système.

Plus d'informations :

Aide et support :
Avatar du membre
par virginie
re les mises a jour je l'ai est cachées, visiblement j'avais un virus ....j'ai aussi desinstallé internet exploreur car je pense que sa peu venir de la !! donc j'ai installé firefox , spybot a trouver un adware.... enfin la totale!!! degouter

a plus!
par dédétraqué
Salut virginie24

OK, utilise Del Fix comme mentionné dans mon dernier poste pour supprimer les outils utilisés et on va refaire un scan OTL :

Télécharge OTL (de OldTimer) et enregistre-le sur ton Bureau.

- Quitte les applications en cours afin de ne pas interrompre le scan.
- Faire double clique sur OTL.exe présent sur le bureau pour lancer le programme
Vista/Seven -- Faire un clique droit sur OTL.exe présent sur le bureau et choisir exécuter en tant qu'administrateur pour lancer le programme
- Une fenêtre apparaît. Dans la section Rapport en haut de cette fenêtre, coche "Rapport standard". Fais de même avec "Tous les utilisateurs" à coté.
- Coche également les cases à côté de "Recherche LOP" et "Recherche Purity".

Ne modifie pas les autres paramètres !

Copie la liste qui se trouve en gras ci-dessous, et colle-la dans la zone sous " Personnalisation "

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
c:\$recycle.bin\*.* /s

- Clique sur le bouton Analyse.
- Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTListIT2 (donc par défaut sur le Bureau).

Utilise pour poster en lien tes rapports :

- Clique sur Parcourir pour aller chercher le rapport OTL.txt sur le bureau
- Clique sur Ouvrir ensuite sur Créer le lien Cjoint

- Fais un copier/coller du lien qui est devant Le lien a été créé: dans ta prochaine réponse.

Après fais de même avec l'autre rapport Extras.txt

Avatar du membre
par virginie24

par dédétraqué
Salut virginie24

Désolé j'ai zappé ton sujet...

Télécharge cette outil : ...

Décompresse le fichier et exécute le fichier cleanup_tool.exe, fais un clique droit sur le fichier cleanup_tool.exe et choisir exécuter en tant qu'administrateur pour lancer le programme.

Dans la liste proposé à coté de Product to cleanup choisi . NET Framework 4 et clique dans le bas sur le bouton Cleanup Now.

Après refais les mises à jour sur le site de Microsoft :

Avatar du membre
par virginie24
salut pas grave avec les fêtes j'ai pas pu trop me connecter donc t'es pardonné !! :-p

j'applique tes manips et apres ??
par dédétraqué
Salut virginie24

j'applique tes manips et apres ??Cette procédure devrais corriger le problème des mêmes mises à jour qui revient constamment.

Après on va faire une nouvelle analyse de ton PC...

Avatar du membre
par virginie24
cc alors voila c'est fait par contre il est devenu tres tres long pour se qui est des connections j'ai jamais vu ca!!! :-(

merci pour ton aide....@+++
par dédétraqué
Salut virginie24

Refais un scan avec OTL comme la dernière fois(mode Analyse) avec les mêmes paramètres et la même liste sous personnalisation, tu auras seulement un rapport(OTL.txt) a me poster, voir a utilisé cjoint pour poster le rapport.


Bonjour, Sauf mauvaise recherche de ma part, je n[…]

(logiciel) album Photos

Bonjour, comment peut-on créer un album pho[…]

Bonjour, J'ai récemment changé de c[…]

Bonjour, je viens vers vous, j'ai essayé p[…]