Se connecter / S'enregistrer
Votre question
Résolu

des pages pubs s'ouvre toute seule comment faire ?

Tags :
  • Informatique
  • Sécurité
  • Adware
  • Ordinateur
Dernière réponse : dans Sécurité et virus
7 Septembre 2013 12:38:45

Comme beaucoup de personne mon ordinateur ouvre des pages de pubs tout seul. J'ai lancé un OTL mais je ne sais pas ce qu'il faut supprimer.
voici les liens:
http://pjjoint.malekal.com/files.php?id=20130907_k5q101...
http://pjjoint.malekal.com/files.php?id=20130907_9y7r59...
merci de m'aider je ne suis vraiment pas douer en informatique.

Autres pages sur : pages pubs ouvre seule

Meilleure solution

a c 267 8 Sécurité
7 Septembre 2013 13:16:09

Bonjour,

Le deuxième lien n'est pas bon.

  • Désinstalle Spybot qui est inutile.

  • Télécharge et lance AdwCleaner (d'Xplode), choisis l'option "Scanner".

  • Une fois le scan terminé, choisis l'option "Nettoyer".

  • Redémarre le PC comme demandé puis poste le rapport. Il est enregistré dans C:\AdwCleaner sous le nom d'AdwCleaner[S0].
    partage
    7 Septembre 2013 15:35:26

    merci :) 

    # AdwCleaner v3.003 - Rapport créé le 07/09/2013 à 15:28:07
    # Mis à jour le 07/09/2013 par Xplode
    # Système d'exploitation : Windows 7 Starter Service Pack 1 (32 bits)
    # Nom d'utilisateur : bruneau - BRUNEAU-TOSH
    # Exécuté depuis : C:\Users\bruneau\Downloads\adwcleaner.exe
    # Option : Nettoyer

    ***** [ Services ] *****


    ***** [ Fichiers / Dossiers ] *****

    Dossier Supprimé : C:\ProgramData\boost_interprocess
    Dossier Supprimé : C:\ProgramData\Partner
    Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tuto4pc
    Dossier Supprimé : C:\Program Files\Wajam
    Dossier Supprimé : C:\Program Files\tuto4pc_fr_45
    Dossier Supprimé : C:\Users\bruneau\AppData\Local\EoRezo
    Dossier Supprimé : C:\Users\bruneau\AppData\Local\tuto4pc_fr_45
    Dossier Supprimé : C:\Users\bruneau\AppData\LocalLow\searchresultstb
    Dossier Supprimé : C:\Users\bruneau\AppData\Roaming\Systweak
    Fichier Supprimé : C:\Users\bruneau\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
    Fichier Supprimé : C:\windows\System32\Tasks\EPUpdater

    ***** [ Raccourcis ] *****


    ***** [ Registre ] *****

    [#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EPUpdater
    [#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B5E75767-963C-48D8-8572-2509DA81AEAE}
    [#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B5E75767-963C-48D8-8572-2509DA81AEAE}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
    Clé Supprimée : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
    Clé Supprimée : HKLM\SOFTWARE\Classes\Prod.cap
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASAPI32
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASMANCS
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
    Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [tuto4pc_fr_45]
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
    Clé Supprimée : HKCU\Software\ilivid
    Clé Supprimée : HKCU\Software\InstallCore
    Clé Supprimée : HKCU\Software\Tuto4PC
    Clé Supprimée : HKCU\Software\Tutorials
    Clé Supprimée : HKCU\Software\TutoTag
    Clé Supprimée : HKLM\Software\Iminent
    Clé Supprimée : HKLM\Software\systweak
    Clé Supprimée : HKLM\Software\Tuto4PC
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\tuto4pc_fr_45_is1
    Donnée Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\Wincert\WIN32C~1.DLL

    ***** [ Navigateurs ] *****

    -\\ Internet Explorer v0.0.0.0


    -\\ Google Chrome v29.0.1547.66

    [ Fichier : C:\Users\bruneau\AppData\Local\Google\Chrome\User Data\Default\preferences ]

    Supprimée : icon_url
    Supprimée : search_url
    Supprimée : keyword

    *************************

    AdwCleaner[R0].txt - [9363 octets] - [07/09/2013 15:23:10]
    AdwCleaner[S0].txt - [9402 octets] - [07/09/2013 15:28:07]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9462 octets] ##########
    m
    0
    l
    Contenus similaires
    a c 267 8 Sécurité
    7 Septembre 2013 16:21:32

    Je voudrais un nouveau rapport OTL.
    m
    0
    l
    7 Septembre 2013 19:03:14

    OTL logfile created on: 07/09/2013 18:34:34 - Run 3
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\bruneau\Downloads
    Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.10.9200.16660)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    1009,77 Mb Total Physical Memory | 58,92 Mb Available Physical Memory | 5,83% Memory free
    1,99 Gb Paging File | 0,63 Gb Available in Paging File | 31,52% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
    Drive C: | 285,84 Gb Total Space | 253,19 Gb Free Space | 88,58% Space Free | Partition Type: NTFS

    Computer Name: BRUNEAU-TOSH | User Name: bruneau | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2013/09/07 09:57:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\bruneau\Downloads\OTL.exe
    PRC - [2013/09/02 22:35:59 | 000,829,392 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
    PRC - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    PRC - [2013/05/09 10:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
    PRC - [2013/05/09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    PRC - [2012/11/30 04:55:25 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
    PRC - [2012/11/23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
    PRC - [2012/08/13 12:22:48 | 010,376,704 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
    PRC - [2012/08/13 12:22:48 | 010,368,512 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
    PRC - [2011/11/24 22:18:04 | 000,210,880 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TECO\TecoService.exe
    PRC - [2011/11/24 22:17:42 | 001,370,032 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TECO\Teco.exe
    PRC - [2011/11/09 01:57:00 | 000,530,352 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
    PRC - [2011/10/24 20:09:58 | 000,305,080 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
    PRC - [2011/09/23 07:17:32 | 000,542,640 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
    PRC - [2011/08/03 19:03:34 | 000,849,280 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
    PRC - [2011/06/28 14:40:58 | 000,469,424 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
    PRC - [2011/06/28 12:22:32 | 000,032,168 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
    PRC - [2011/06/10 06:06:16 | 000,112,552 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
    PRC - [2011/06/10 06:05:58 | 001,021,864 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
    PRC - [2011/06/07 21:07:58 | 000,063,432 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
    PRC - [2011/06/07 21:07:36 | 000,186,296 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
    PRC - [2011/06/07 21:07:28 | 000,047,032 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    PRC - [2011/05/16 10:40:36 | 000,846,936 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe
    PRC - [2011/04/21 11:58:48 | 001,470,848 | ---- | M] (Toshiba) -- C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe
    PRC - [2011/03/29 16:33:08 | 000,598,312 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe
    PRC - [2011/03/01 01:12:50 | 000,852,920 | ---- | M] (TOSHIBA CORPORATION) -- C:\program files\toshiba\wireless lan indicator\tosindicator.exe
    PRC - [2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
    PRC - [2011/02/10 10:25:42 | 001,546,720 | ---- | M] (Toshiba Europe GmbH) -- C:\Program Files\Toshiba TEMPRO\TemproTray.exe
    PRC - [2010/10/20 23:40:00 | 000,128,416 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
    PRC - [2009/11/11 23:31:32 | 000,022,840 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe


    ========== Modules (No Company Name) ==========

    MOD - [2013/09/02 22:35:56 | 000,410,576 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll
    MOD - [2013/09/02 22:35:54 | 004,053,456 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.66\pdf.dll
    MOD - [2013/09/02 22:35:04 | 000,709,584 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.66\libglesv2.dll
    MOD - [2013/09/02 22:35:03 | 000,099,792 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.66\libegl.dll
    MOD - [2013/09/02 22:35:01 | 001,604,560 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.66\ffmpegsumo.dll
    MOD - [2013/09/01 11:59:32 | 001,218,560 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Management\6c422db78c17838c3eb9f9fcc01ca63f\System.Management.ni.dll
    MOD - [2013/09/01 11:39:03 | 001,670,144 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\27ea7ac7d265bd9fb73f1b43da0f4569\Microsoft.VisualBasic.ni.dll
    MOD - [2013/09/01 11:38:13 | 002,297,856 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\9e38ddbb3a90cc3e782a0640788b1fcb\System.Core.ni.dll
    MOD - [2013/09/01 10:50:36 | 000,212,992 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\c664f44617c6a89edcc171fa8596c89d\System.ServiceProcess.ni.dll
    MOD - [2013/09/01 10:49:14 | 001,840,640 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\048017d94384988bfe84bcb2ca7ebf0f\System.Web.Services.ni.dll
    MOD - [2013/09/01 10:48:27 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\dd8f4efb7e81c75fe444a180f6f1aacf\System.Runtime.Remoting.ni.dll
    MOD - [2013/09/01 10:46:49 | 014,340,096 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\930e99b2f62cea8c4aa070527d15f748\PresentationFramework.ni.dll
    MOD - [2013/09/01 10:44:18 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\28ea347a952d20959ac6ae02d7457d39\System.Windows.Forms.ni.dll
    MOD - [2013/09/01 10:43:47 | 001,593,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
    MOD - [2013/09/01 10:43:15 | 012,238,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\585b8f6cc7ba86886462d0dc9753c98f\PresentationCore.ni.dll
    MOD - [2013/09/01 10:42:18 | 003,348,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1f6f220f9efe936d1158c79b9d4b451f\WindowsBase.ni.dll
    MOD - [2013/09/01 10:41:47 | 005,464,064 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
    MOD - [2013/09/01 10:41:16 | 000,978,432 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\8f7d83126a3cf283e5ac97f2d6d99f12\System.Configuration.ni.dll
    MOD - [2013/09/01 10:40:14 | 007,989,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
    MOD - [2013/08/31 23:47:34 | 000,762,880 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\8927b576eb15c4a8f4bb04f05e7cc51e\System.Runtime.Remoting.ni.dll
    MOD - [2013/08/31 23:47:10 | 000,393,216 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\c389533f1477363803e53dce01560d12\System.Xml.Linq.ni.dll
    MOD - [2013/08/31 23:47:08 | 001,801,728 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\4d277a8481c203a35c58bd277a2e71df\System.Xaml.ni.dll
    MOD - [2013/08/31 23:40:03 | 018,003,456 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\56a1feb800860a3bc5d8a45ee92a77ec\PresentationFramework.ni.dll
    MOD - [2013/08/31 23:39:28 | 013,199,360 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\1a3b614a84244ea5fa4147b5cf007333\System.Windows.Forms.ni.dll
    MOD - [2013/08/31 23:39:08 | 011,451,904 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\001aeb860d7f2ba416e0fedc606fee98\PresentationCore.ni.dll
    MOD - [2013/08/31 23:38:38 | 001,667,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\3a3fc0216674bdea0be809b305517c98\System.Drawing.ni.dll
    MOD - [2013/08/31 23:38:16 | 003,858,944 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\b3ed31a444f444325ddb64b290ed2f1e\WindowsBase.ni.dll
    MOD - [2013/08/31 23:38:07 | 007,070,720 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\c25ede0d0127774c504c4fc41d4de273\System.Core.ni.dll
    MOD - [2013/08/31 23:38:00 | 005,628,928 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\884bcbd22130ebeb1211bc7bcc3910c9\System.Xml.ni.dll
    MOD - [2013/08/31 23:37:37 | 001,014,272 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\df40dab689e9d8febfb943599ba79f8d\System.Configuration.ni.dll
    MOD - [2013/08/31 23:37:19 | 009,099,776 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System\de853615c8224ba5d9aa9b76276c6d98\System.ni.dll
    MOD - [2013/07/15 04:18:46 | 000,368,128 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a2920ed81e097f8551231a9350697bbd\PresentationFramework.Aero.ni.dll
    MOD - [2013/07/15 04:10:25 | 011,499,520 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
    MOD - [2013/07/15 03:39:47 | 014,416,896 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\cf58670896c5313b9b52f026f4455a5d\mscorlib.ni.dll
    MOD - [2012/08/10 17:51:32 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
    MOD - [2011/08/23 00:19:52 | 011,219,328 | ---- | M] () -- C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
    MOD - [2011/07/05 08:27:04 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_fr_b77a5c561934e089\System.Runtime.Remoting.resources.dll
    MOD - [2011/06/28 14:42:46 | 003,286,448 | ---- | M] () -- C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll
    MOD - [2011/06/10 06:05:40 | 000,079,784 | ---- | M] () -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
    MOD - [2011/04/21 12:00:20 | 000,013,184 | ---- | M] () -- C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\fr\TosDILangPack.resources.dll
    MOD - [2011/04/21 11:59:20 | 000,063,360 | ---- | M] () -- C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIInternal.XmlSerializers.dll
    MOD - [2010/12/16 00:18:08 | 000,107,936 | ---- | M] () -- C:\Program Files\TOSHIBA\TECO\MUIHelp.dll
    MOD - [2010/11/13 02:58:32 | 000,311,296 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll
    MOD - [2010/03/03 23:14:58 | 000,016,184 | ---- | M] () -- C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF11.dll
    MOD - [2010/03/03 23:14:56 | 000,016,184 | ---- | M] () -- C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF10.dll


    ========== Services (SafeList) ==========

    SRV - [2013/05/27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
    SRV - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
    SRV - [2013/05/09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
    SRV - [2011/11/24 22:18:04 | 000,210,880 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
    SRV - [2011/11/09 01:57:00 | 000,530,352 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
    SRV - [2011/07/12 02:16:06 | 000,057,216 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
    SRV - [2011/06/10 06:06:16 | 000,112,552 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
    SRV - [2011/06/07 21:07:36 | 000,186,296 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe -- (cfWiMAXService)
    SRV - [2011/06/07 21:07:28 | 000,047,032 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
    SRV - [2011/04/02 02:41:44 | 000,152,496 | ---- | M] (TOSHIBA CORPORATION) [On_Demand | Stopped] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
    SRV - [2011/03/29 16:33:08 | 000,598,312 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
    SRV - [2011/02/10 10:25:36 | 000,112,080 | ---- | M] (Toshiba Europe GmbH) [On_Demand | Stopped] -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService)
    SRV - [2010/11/20 23:29:12 | 000,351,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- winhttp.dll -- (WinHttpAutoProxySvc)
    SRV - [2010/10/20 23:40:00 | 000,128,416 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
    SRV - [2010/10/12 19:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (Tosrfcom)
    DRV - [2013/07/15 00:46:49 | 000,770,344 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\System32\drivers\aswSnx.sys -- (aswSnx)
    DRV - [2013/07/15 00:46:49 | 000,369,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswSP.sys -- (aswSP)
    DRV - [2013/07/15 00:46:49 | 000,175,176 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\drivers\aswVmm.sys -- (aswVmm)
    DRV - [2013/05/09 10:59:10 | 000,061,680 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
    DRV - [2013/05/09 10:59:10 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswTdi.sys -- (aswTdi)
    DRV - [2013/05/09 10:59:10 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
    DRV - [2013/05/09 10:59:09 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
    DRV - [2013/05/09 10:59:08 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
    DRV - [2011/12/14 00:11:46 | 001,336,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igddim32.sys -- (igddim32)
    DRV - [2011/11/15 20:11:12 | 000,094,320 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
    DRV - [2011/10/21 11:41:56 | 002,223,616 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
    DRV - [2011/08/17 23:27:04 | 000,197,736 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
    DRV - [2011/08/09 02:53:26 | 000,038,248 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btfilter.sys -- (BtFilter)
    DRV - [2011/07/13 05:07:40 | 000,016,064 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)
    DRV - [2011/06/09 16:37:56 | 000,278,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud)
    DRV - [2011/02/09 04:08:00 | 000,033,616 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PGEffect.sys -- (PGEffect)
    DRV - [2010/11/20 23:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV - [2010/11/20 23:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
    DRV - [2010/11/20 23:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
    DRV - [2009/07/31 03:45:56 | 000,022,912 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
    DRV - [2009/07/15 01:28:42 | 000,023,512 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
    DRV - [2009/07/07 18:53:06 | 000,007,680 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\..\SearchScopes,DefaultScope =
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\..\SearchScopes\{43744D5D-8A34-4AF0-8A90-EDB7B7795F61}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TEUA;


    IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

    IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

    IE - HKU\S-1-5-21-2545481866-2494208878-1772247456-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TEUB&bmod...
    IE - HKU\S-1-5-21-2545481866-2494208878-1772247456-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
    IE - HKU\S-1-5-21-2545481866-2494208878-1772247456-1000\..\SearchScopes,DefaultScope =
    IE - HKU\S-1-5-21-2545481866-2494208878-1772247456-1000\..\SearchScopes\{43744D5D-8A34-4AF0-8A90-EDB7B7795F61}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TEUB_frFR545
    IE - HKU\S-1-5-21-2545481866-2494208878-1772247456-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


    ========== FireFox ==========

    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)


    [2013/07/19 22:44:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions

    ========== Chrome ==========

    CHR - default_search_provider: Delta Search (Enabled)
    CHR - default_search_provider: search_url = http://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=943E24EC990F0BCF&affID=119357&tsp=4948
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
    CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll
    CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.66\pdf.dll
    CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
    CHR - plugin: Java(TM) Platform SE 6 U20 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
    CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
    CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
    CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
    CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll
    CHR - Extension: Documents Google = C:\Users\bruneau\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
    CHR - Extension: Google\u00A0Drive = C:\Users\bruneau\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
    CHR - Extension: YouTube = C:\Users\bruneau\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
    CHR - Extension: Recherche Google = C:\Users\bruneau\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
    CHR - Extension: Chrome In-App Payments service = C:\Users\bruneau\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\
    CHR - Extension: Gmail = C:\Users\bruneau\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

    O1 HOSTS File: ([2013/07/15 23:12:20 | 000,450,026 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 www.007guard.com
    O1 - Hosts: 127.0.0.1 007guard.com
    O1 - Hosts: 127.0.0.1 008i.com
    O1 - Hosts: 127.0.0.1 www.008k.com
    O1 - Hosts: 127.0.0.1 008k.com
    O1 - Hosts: 127.0.0.1 www.00hq.com
    O1 - Hosts: 127.0.0.1 00hq.com
    O1 - Hosts: 127.0.0.1 010402.com
    O1 - Hosts: 127.0.0.1 www.032439.com
    O1 - Hosts: 127.0.0.1 032439.com
    O1 - Hosts: 127.0.0.1 www.0scan.com
    O1 - Hosts: 127.0.0.1 0scan.com
    O1 - Hosts: 127.0.0.1 1000gratisproben.com
    O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
    O1 - Hosts: 127.0.0.1 1001namen.com
    O1 - Hosts: 127.0.0.1 www.1001namen.com
    O1 - Hosts: 127.0.0.1 100888290cs.com
    O1 - Hosts: 127.0.0.1 www.100888290cs.com
    O1 - Hosts: 127.0.0.1 www.100sexlinks.com
    O1 - Hosts: 127.0.0.1 100sexlinks.com
    O1 - Hosts: 127.0.0.1 10sek.com
    O1 - Hosts: 127.0.0.1 www.10sek.com
    O1 - Hosts: 127.0.0.1 www.1-2005-search.com
    O1 - Hosts: 127.0.0.1 1-2005-search.com
    O1 - Hosts: 127.0.0.1 123fporn.info
    O1 - Hosts: 15448 more lines...
    O2 - BHO: (no name) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - No CLSID value found.
    O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKU\S-1-5-21-2545481866-2494208878-1772247456-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [GfxServiceInstall] C:\Windows\System32\GfxCUIServiceInstall.vbs ()
    O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
    O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
    O4 - HKLM..\Run: [TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [Toshiba Registration] C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH)
    O4 - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
    O4 - HKLM..\Run: [TosNC] C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE (TOSHIBA Corporation)
    O4 - HKU\.DEFAULT..\Run: [TOPI.EXE] C:\Program Files\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA)
    O4 - HKU\S-1-5-18..\Run: [TOPI.EXE] C:\Program Files\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA)
    O4 - HKU\S-1-5-19..\Run: [TOPI.EXE] C:\Program Files\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA)
    O4 - HKU\S-1-5-20..\Run: [TOPI.EXE] C:\Program Files\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA)
    O4 - HKU\S-1-5-21-2545481866-2494208878-1772247456-1000..\Run: [TOPI.EXE] C:\Program Files\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA)
    O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
    O4 - Startup: C:\Users\bruneau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
    O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
    O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
    O8 - Extra context menu item: Ajouter à TOSHIBA Bulletin Board - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>)
    O9 - Extra Button: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-229 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>)
    O9 - Extra 'Tools' menuitem : @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-228 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>)
    O13 - gopher Prefix: missing
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-wind... (Java Plug-in 1.6.0_20)
    O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-wind... (Java Plug-in 1.6.0_20)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-wind... (Java Plug-in 1.6.0_20)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E82A836C-48C3-4E06-AD4D-4CBAB496D96B}: DhcpNameServer = 192.168.1.1
    O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
    O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
    O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - igfxdev.dll (Intel Corporation)
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *)
    O34 - HKLM BootExecute: (MACHINE BootExecut)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    ========== Files/Folders - Created Within 30 Days ==========

    [2013/09/07 15:22:57 | 000,000,000 | ---D | C] -- C:\AdwCleaner
    [2013/09/03 23:08:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
    [2013/09/03 23:07:42 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
    [2013/09/01 10:40:23 | 000,692,104 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe
    [2013/09/01 10:40:20 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
    [2013/08/31 23:41:30 | 000,000,000 | ---D | C] -- C:\windows\System32\MRT
    [2013/08/31 23:17:04 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
    [2013/08/31 23:16:49 | 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript9.dll
    [2013/08/31 23:16:27 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
    [2013/08/31 23:16:02 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesetup.dll
    [2013/08/31 23:15:53 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
    [2013/08/31 23:15:36 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll
    [2013/08/31 23:15:34 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ie4uinit.exe
    [2013/08/31 23:15:32 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iernonce.dll
    [2013/08/31 23:15:27 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesysprep.dll
    [2013/08/18 11:17:08 | 003,913,664 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntoskrnl.exe
    [2013/08/18 11:17:05 | 003,968,960 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntkrnlpa.exe
    [2013/08/18 11:16:59 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WMVDECOD.DLL
    [2013/08/18 11:14:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tzres.dll
    [2013/08/18 11:03:37 | 000,238,872 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MpSigStub.exe

    ========== Files - Modified Within 30 Days ==========

    [2013/09/07 18:37:59 | 000,016,160 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2013/09/07 18:37:59 | 000,016,160 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2013/09/07 18:29:47 | 000,001,066 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
    [2013/09/07 18:29:32 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
    [2013/09/07 18:29:27 | 794,112,000 | -HS- | M] () -- C:\hiberfil.sys
    [2013/09/07 15:12:05 | 000,001,070 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
    [2013/09/07 12:18:29 | 000,008,968 | ---- | M] () -- C:\Users\bruneau\Desktop\lien pubs.odt
    [2013/09/07 10:41:54 | 000,002,140 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
    [2013/09/07 09:48:09 | 000,002,000 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
    [2013/09/03 23:08:08 | 000,000,980 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
    [2013/09/01 14:16:59 | 000,004,501 | ---- | M] () -- C:\windows\wininit.ini
    [2013/09/01 12:38:14 | 000,000,830 | ---- | M] () -- C:\windows\System32\InstallUtil.InstallLog
    [2013/09/01 11:05:20 | 000,001,668 | ---- | M] () -- C:\windows\System32\ASOROSet.bin
    [2013/09/01 10:40:23 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe
    [2013/09/01 10:40:22 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
    [2013/08/31 23:32:11 | 000,704,480 | ---- | M] () -- C:\windows\System32\perfh00C.dat
    [2013/08/31 23:32:11 | 000,679,342 | ---- | M] () -- C:\windows\System32\prfh0816.dat
    [2013/08/31 23:32:11 | 000,616,008 | ---- | M] () -- C:\windows\System32\perfh009.dat
    [2013/08/31 23:32:11 | 000,610,202 | ---- | M] () -- C:\windows\System32\perfh01F.dat
    [2013/08/31 23:32:11 | 000,133,752 | ---- | M] () -- C:\windows\System32\prfc0816.dat
    [2013/08/31 23:32:11 | 000,130,754 | ---- | M] () -- C:\windows\System32\perfc00C.dat
    [2013/08/31 23:32:11 | 000,121,526 | ---- | M] () -- C:\windows\System32\perfc01F.dat
    [2013/08/31 23:32:11 | 000,106,388 | ---- | M] () -- C:\windows\System32\perfc009.dat

    ========== Files Created - No Company Name ==========

    [2013/09/07 12:18:22 | 000,008,968 | ---- | C] () -- C:\Users\bruneau\Desktop\lien pubs.odt
    [2013/09/07 09:48:09 | 000,002,000 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
    [2013/09/03 23:08:08 | 000,000,980 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
    [2013/09/01 10:53:11 | 000,001,668 | ---- | C] () -- C:\windows\System32\ASOROSet.bin
    [2013/07/15 13:42:18 | 000,004,501 | ---- | C] () -- C:\windows\wininit.ini
    [2013/07/15 00:46:49 | 000,000,175 | ---- | C] () -- C:\windows\System32\drivers\aswVmm.sys.sum
    [2013/07/15 00:46:49 | 000,000,175 | ---- | C] () -- C:\windows\System32\drivers\aswSP.sys.sum
    [2013/07/15 00:46:49 | 000,000,175 | ---- | C] () -- C:\windows\System32\drivers\aswSnx.sys.sum
    [2013/07/15 00:46:10 | 000,175,176 | ---- | C] () -- C:\windows\System32\drivers\aswVmm.sys
    [2013/07/15 00:46:10 | 000,049,376 | ---- | C] () -- C:\windows\System32\drivers\aswRvrt.sys
    [2013/04/14 20:58:55 | 000,003,584 | ---- | C] () -- C:\Users\bruneau\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2012/05/02 17:57:47 | 000,000,000 | ---- | C] () -- C:\windows\NDSTray.INI
    [2012/05/02 16:57:27 | 000,192,616 | ---- | C] () -- C:\windows\System32\drivers\RTAIODAT.DAT
    [2011/12/14 00:12:30 | 000,004,096 | ---- | C] ( ) -- C:\windows\System32\IGFXDEVLib.dll
    [2011/12/13 23:57:16 | 000,000,151 | ---- | C] () -- C:\windows\System32\GfxUI.exe.config
    [2011/09/15 03:11:16 | 001,048,576 | ---- | C] () -- C:\windows\System32\syndata.bin

    ========== ZeroAccess Check ==========

    [2009/07/14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
    "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    < End of report >
    m
    0
    l
    a c 267 8 Sécurité
    7 Septembre 2013 19:53:52

    Tu peux me donner le rapport Extras également ?
    m
    0
    l
    10 Septembre 2013 16:05:55

    désolé pour le long temps de réponse :/ 

    OTL Extras logfile created on: 07/09/2013 18:34:34 - Run 3
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\bruneau\Downloads
    Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.10.9200.16660)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    1009,77 Mb Total Physical Memory | 58,92 Mb Available Physical Memory | 5,83% Memory free
    1,99 Gb Paging File | 0,63 Gb Available in Paging File | 31,52% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
    Drive C: | 285,84 Gb Total Space | 253,19 Gb Free Space | 88,58% Space Free | Partition Type: NTFS

    Computer Name: BRUNEAU-TOSH | User Name: bruneau | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
    .hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
    .html [@ = htmlfile] -- Reg Error: Key error. File not found

    [HKEY_USERS\S-1-5-21-2545481866-2494208878-1772247456-1000\SOFTWARE\Classes\<extension>]
    .html [@ = ChromeHTML] -- Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [open] -- Reg Error: Key error.
    htmlfile [opennew] -- Reg Error: Key error.
    htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
    http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
    https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- Reg Error: Key error.
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = Reg Error: Unknown registry data type -- File not found
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    ========== Authorized Applications List ==========


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{34F16D55-9414-47DB-B98C-5825935C0D65}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
    "{9286DF0D-774B-4337-92B0-962F2D97932C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{29B91260-763F-4578-B04E-3C9F0E0894CC}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
    "{32F54011-B270-4EDA-9BF8-9186F310097B}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
    "{9AD0AF45-415C-48C5-B9D5-7CEBB76CC707}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
    "{A50C07A9-55DE-4745-94F7-8A40329A9B58}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
    "{B8A22B98-14D6-4992-98EB-6AC1604E5C11}" = dir=in | app=c:\program files\skype\phone\skype.exe |
    "{C3C7674F-817A-4DFE-A08D-27CB7BCD1CE7}" = protocol=6 | dir=in | app=c:\program files\search results toolbar\datamngr\srtool~1\dtuser.exe |
    "{D41FCA25-7934-4DD0-BAE1-6882FB57F133}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
    "{ECDC4D1C-1476-4716-9C45-D22433EF9A93}" = protocol=17 | dir=in | app=c:\program files\search results toolbar\datamngr\srtool~1\dtuser.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{02FCAA8F-59D3-4198-822E-135C61EE4F0B}" = NeroKwikMedia Help (CHM)
    "{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
    "{062E4D94-8306-46D5-81B6-45E6AD09C799}" = Windows Live Messenger
    "{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
    "{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live
    "{0AF17224-CF88-40B8-BB1A-D179369847B4}" = TOSHIBA Supervisor Password
    "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
    "{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
    "{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar
    "{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack
    "{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
    "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
    "{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
    "{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
    "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
    "{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
    "{1F7D9F37-C39C-486C-BDF8-8F440FFB3352}" = Nero Kwik Media
    "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
    "{2063D199-D79F-471A-9019-9E647296394D}" = Nero Multimedia Suite 10 Essentials
    "{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
    "{2290A680-4083-410A-ADCC-7092C67FC052}" = TOSHIBA Online Product Information
    "{241E7104-937A-4366-AD57-8FDDDB003939}" = Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi
    "{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
    "{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
    "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
    "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
    "{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
    "{2C303EE0-A595-3543-A71A-931C7AC40EDE}" = Microsoft Primary Interoperability Assemblies 2005
    "{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
    "{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
    "{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources
    "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
    "{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
    "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
    "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
    "{36DE6EB4-8345-489F-9E07-C9F36F7E5823}" = TOSHIBA Bulletin Board
    "{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
    "{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
    "{3BC3B1A5-30E3-4DDB-BE08-E7262B838B5F}" = Windows Live Remote Client Resources
    "{3BFB2388-64EE-4AAA-9235-5FE725FED6DE}" = Windows Live Remote Service Resources
    "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
    "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
    "{443B561F-DE1B-4DEF-ADD9-484B684653C7}" = Windows Live Messenger
    "{461F6F0D-7173-4902-9604-AB1A29108AF2}" = TOSHIBA Places Icon Utility
    "{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
    "{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common
    "{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
    "{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
    "{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack
    "{5494B59E-6E82-499E-91AC-C53199955EC5}" = Atheros Bluetooth Filter Driver Package
    "{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
    "{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
    "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
    "{58CB9A9A-1EFB-4EA8-B50C-3097E754AC21}" = High-Definition Video Playback
    "{5B01BCB7-A5D3-476F-AF11-E515BA206591}" = TOSHIBA Wireless LAN Indicator
    "{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
    "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
    "{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail
    "{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker
    "{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
    "{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
    "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
    "{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
    "{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
    "{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
    "{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}" = TOSHIBA Web Camera Application
    "{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
    "{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-toshiba" = WildTangent Games App (Toshiba Games)
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer
    "{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh
    "{7612E28A-C4DB-4259-AA91-CB02B1BCF623}" = Windows Live Remote Service Resources
    "{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
    "{7846B719-862C-468A-9FD0-4769D2590535}" = Windows Live Remote Client Resources
    "{78DBE8CE-61F6-4D6C-806C-A0FFF65F5E1D}" = Windows Live Messenger
    "{7DA1C06F-C913-46C7-8A0F-DA2CBA17EA1D}" = OpenOffice.org 3.4.1
    "{82EE333F-45A9-4585-A5D9-31FE16B7FB25}" = Windows Live Remote Service Resources
    "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
    "{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
    "{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials
    "{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
    "{8CD0B97D-46E9-4293-B467-A24DB96DB6DB}" = TOSHIBA ReelTime
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}" = Toshiba Manuals
    "{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
    "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
    "{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
    "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
    "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
    "{97965331-BC5D-4D9F-B6DF-5C0A123E4AE0}" = TOSHIBA Hardware Setup
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
    "{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
    "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
    "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
    "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
    "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
    "{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
    "{AB93C51F-71F9-4A28-8134-FE1B5B9373E9}" = Windows Live Remote Service Resources
    "{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
    "{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.7) MUI
    "{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh
    "{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
    "{B081F658-8216-4AFB-BED7-14CCA2DE0F73}" = TOSHIBA eco Utility
    "{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
    "{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
    "{BA604579-F4F4-4651-8A20-95FF63DB499F}" = TOSHIBA Audio Enhancement
    "{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi
    "{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}" = TOSHIBA Assist
    "{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
    "{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
    "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
    "{C7A4F26F-F9B0-41B2-8659-99181108CDE3}" = TOSHIBA Media Controller
    "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
    "{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
    "{CD6CB7F1-1B8E-424A-9B81-F8D2F03958EC}" = Windows Live Remote Client Resources
    "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
    "{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
    "{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
    "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
    "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
    "{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
    "{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
    "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
    "{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
    "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
    "{DFDBE1F9-04CE-4645-BB6C-4590EABC7A9C}" = Windows Live Remote Client Resources
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{E18B30AA-6E2D-480C-B918-AF61009F4010}" = عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة
    "{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
    "{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
    "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
    "{EAF55C99-A493-4373-A8C5-09ACC5DCD7EF}" = TOSHIBA ConfigFree
    "{F082CB11-4794-4259-99A1-D91BA762AD15}" = TOSHIBA TEMPRO
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
    "{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources
    "{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
    "{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
    "{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
    "{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live
    "{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
    "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
    "{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
    "{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
    "avast" = avast! Free Antivirus
    "CCleaner" = CCleaner
    "Google Chrome" = Google Chrome
    "InstallShield_{36DE6EB4-8345-489F-9E07-C9F36F7E5823}" = TOSHIBA Bulletin Board
    "InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}" = TOSHIBA Web Camera Application
    "InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
    "InstallShield_{8CD0B97D-46E9-4293-B467-A24DB96DB6DB}" = TOSHIBA ReelTime
    "InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "SynTPDeinstKey" = Synaptics Pointing Device Driver
    "WildTangent toshiba Master Uninstall" = WildTangent Games
    "WinLiveSuite" = Windows Live Essentials
    "WTA-0ec01fcb-36b2-46dc-ade7-2bd5e47d992c" = Final Drive: Nitro
    "WTA-131ed011-f076-4353-aa6f-e4259ec4b0de" = FATE
    "WTA-1a340b45-3f4f-4741-a395-7fe06648fd27" = Penguins!
    "WTA-2619bccd-6e74-48d5-a71d-b6a3ad72f673" = Insaniquarium Deluxe
    "WTA-2860316f-9fb2-48c8-a657-fe3c41647f4f" = Chuzzle Deluxe
    "WTA-50938b18-1e77-4b4b-b6fc-6725388f0c04" = Polar Bowler
    "WTA-5e4d7fdf-a06c-4d56-8019-9d0f97c99ec5" = Diner Dash 2 Restaurant Rescue
    "WTA-709bed70-c167-431f-a002-2b86c86ffb8b" = Zuma Deluxe
    "WTA-71f970a8-b544-4688-bc61-966d64dd5d18" = Bejeweled 2 Deluxe
    "WTA-757ad4aa-3c6e-48c3-b7cf-f22c77e648e1" = Wedding Dash 2 - Rings Around the World
    "WTA-84cd4ea1-0da3-4bbe-bf02-3bb55dc98fc6" = Plants vs. Zombies - Game of the Year
    "WTA-a01d324a-5a2b-4010-9fd6-d7ef98d85a5f" = Bejeweled 3
    "WTA-dea43691-39f8-4ee3-8bc6-516aa2c0f979" = Chicken Invaders 3 - Revenge of the Yolk
    "WTA-fa4e904a-f782-460f-8528-20324ffff3a1" = Slingo Deluxe

    ========== HKEY_USERS Uninstall List ==========

    [HKEY_USERS\S-1-5-21-2545481866-2494208878-1772247456-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Avast Packages" = Avast Packages

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 25/03/2013 12:00:27 | Computer Name = bruneau-TOSH | Source = WinMgmt | ID = 10
    Description =

    Error - 26/03/2013 11:51:31 | Computer Name = bruneau-TOSH | Source = WinMgmt | ID = 10
    Description =

    Error - 27/03/2013 10:13:11 | Computer Name = bruneau-TOSH | Source = WinMgmt | ID = 10
    Description =

    Error - 27/03/2013 12:31:57 | Computer Name = bruneau-TOSH | Source = WinMgmt | ID = 10
    Description =

    Error - 27/03/2013 17:20:21 | Computer Name = bruneau-TOSH | Source = WinMgmt | ID = 10
    Description =

    Error - 28/03/2013 14:14:50 | Computer Name = bruneau-TOSH | Source = WinMgmt | ID = 10
    Description =

    Error - 30/03/2013 05:29:07 | Computer Name = bruneau-TOSH | Source = WinMgmt | ID = 10
    Description =

    Error - 01/04/2013 08:31:11 | Computer Name = bruneau-TOSH | Source = WinMgmt | ID = 10
    Description =

    Error - 04/04/2013 15:49:35 | Computer Name = bruneau-TOSH | Source = WinMgmt | ID = 10
    Description =

    Error - 05/04/2013 17:40:00 | Computer Name = bruneau-TOSH | Source = WinMgmt | ID = 10
    Description =

    [ System Events ]
    Error - 14/07/2013 18:53:19 | Computer Name = bruneau-TOSH | Source = DCOM | ID = 10005
    Description =

    Error - 14/07/2013 18:53:19 | Computer Name = bruneau-TOSH | Source = Service Control Manager | ID = 7009
    Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de
    l’attente de la connexion du service Windows Search.

    Error - 14/07/2013 18:53:19 | Computer Name = bruneau-TOSH | Source = Service Control Manager | ID = 7000
    Description = Le service Windows Search n’a pas pu démarrer en raison de l’erreur :
    %%1053

    Error - 14/07/2013 18:53:38 | Computer Name = bruneau-TOSH | Source = WMPNetworkSvc | ID = 866300
    Description =

    Error - 14/07/2013 18:53:50 | Computer Name = bruneau-TOSH | Source = Service Control Manager | ID = 7009
    Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de
    l’attente de la connexion du service Windows Search.

    Error - 14/07/2013 18:53:50 | Computer Name = bruneau-TOSH | Source = Service Control Manager | ID = 7000
    Description = Le service Windows Search n’a pas pu démarrer en raison de l’erreur :
    %%1053

    Error - 14/07/2013 22:03:07 | Computer Name = bruneau-TOSH | Source = Service Control Manager | ID = 7043
    Description = Le service Programme d’installation pour les modules Windows ne s’est
    pas fermé correctement après avoir reçu une commande d’anticipation de fermeture.

    Error - 14/07/2013 22:10:05 | Computer Name = bruneau-TOSH | Source = DCOM | ID = 10010
    Description =

    Error - 14/07/2013 22:12:39 | Computer Name = bruneau-TOSH | Source = Service Control Manager | ID = 7022
    Description = Le service McAfee McShield est en attente de démarrage.

    Error - 15/07/2013 04:02:28 | Computer Name = bruneau-TOSH | Source = Service Control Manager | ID = 7030
    Description = Le service SProtection est marqué comme étant interactif. Cependant,
    le système est configuré pour ne pas autoriser les services interactifs. Ce service
    peut ne pas fonctionner correctement.


    < End of report >
    m
    0
    l
    a c 267 8 Sécurité
    10 Septembre 2013 16:59:50

    • Double-clique sur OTL pour le lancer.
      (Sous Vista/Win7/Win8, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)

    • Sous l'onglet Personnalisation en bas de la fenêtre, copie-colle le texte présent dans le cadre ci-dessous :

      :OTL
      O2 - BHO: (no name) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - No CLSID value found.
      O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No CLSID value found.
      CHR - default_search_provider: Delta Search (Enabled)
      CHR - default_search_provider: search_url = http://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=943E24EC990F0BCF&affID=119357&tsp=4948
      O3 - HKU\S-1-5-21-2545481866-2494208878-1772247456-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
      O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-wind... (Java Plug-in 1.6.0_20)
      O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-wind... (Java Plug-in 1.6.0_20)
      O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-wind... (Java Plug-in 1.6.0_20)

      :reg
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
      "{C3C7674F-817A-4DFE-A08D-27CB7BCD1CE7}"=-
      "{ECDC4D1C-1476-4716-9C45-D22433EF9A93}"=-

      :commands
      [emptytemp]


    • Puis clique sur le bouton Correction en haut de la fenêtre.

    • Laisse le programme travailler, redémarre une fois le fix terminé.

    • Poste le rapport qui s'affichera après redémarrage.
    m
    0
    l
    15 Septembre 2013 10:24:58

    All processes killed
    ========== OTL ==========
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}\ not found.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}\ not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}\ not found.
    Use Chrome's Settings page to remove the default_search_provider items.
    Use Chrome's Settings page to remove the default_search_provider items.
    Registry value HKEY_USERS\S-1-5-21-2545481866-2494208878-1772247456-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
    Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
    Starting removal of ActiveX control {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ not found.
    Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
    ========== REGISTRY ==========
    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C3C7674F-817A-4DFE-A08D-27CB7BCD1CE7} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C3C7674F-817A-4DFE-A08D-27CB7BCD1CE7}\ not found.
    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ECDC4D1C-1476-4716-9C45-D22433EF9A93} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ECDC4D1C-1476-4716-9C45-D22433EF9A93}\ not found.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: bruneau
    ->Temp folder emptied: 456686 bytes
    ->Temporary Internet Files folder emptied: 128 bytes
    ->Google Chrome cache emptied: 16466781 bytes
    ->Flash cache emptied: 506 bytes

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Public

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 528222 bytes
    %systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 21052495 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 37,00 mb


    OTL by OldTimer - Version 3.2.69.0 log created on 09152013_094105

    Files\Folders moved on Reboot...
    C:\Users\bruneau\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
    File move failed. C:\windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
    File move failed. C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.

    PendingFileRenameOperations files...

    Registry entries deleted on Reboot...
    m
    0
    l
    16 Septembre 2013 19:04:23

    c'est bon le problème est réglé merci :) 
    m
    0
    l
    a c 267 8 Sécurité
    16 Septembre 2013 20:12:20

    Pour finir :


    1/

    ---> Télécharge et installe CCleaner.
    * Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers temporaires de Windows datant de plus de 24 heures.
    * Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.


    2/

    ---> Télécharge DelFix sur ton Bureau puis lance-le.
    * Coche Purger la restauration système et laisse Supprimer les outils de désinfection coché.
    * Clique sur Exécuter.
    * Le rapport est copié dans le presse-papier, clique droit dans ton prochain message et choisis Coller.


    ==Prévention==

    Désinstalle Java 6 Update 20 et installe la dernière version :
    http://www.java.com/fr/download/

    Mets à jour Adobe Reader (décoche McAfee Security Scan Plus).

    Un dossier sur la prévention et sécurité sur Internet est disponible ici.
    m
    0
    l
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS