Portable bloqué au démarrage
Résolu
isabelle1996
Messages postés
30
Date d'inscription
Statut
Membre
Dernière intervention
-
isabelle1996 Messages postés 30 Date d'inscription Statut Membre Dernière intervention -
isabelle1996 Messages postés 30 Date d'inscription Statut Membre Dernière intervention -
Bonjour, mon pc portable vista n'arrête de bloquer au démarrage (la souris charge et reste coincée sur le bureau) depuis qu'il s'est fait attaqué par un cheval de Troie. J'ai fait analysé l'ordinateur et l'antivirus a supprimé tout les virus qu'il contenait. Hier, j'ai fait une vérification des fichiers système et après avoir redémarrer le pc bloquait beaucoup moins voir même pas mais aujourd'hui,ça bloque de nouveau et donc je peux me contenter seulement du mode sans échec.
Quelqu'un pourrait-il m'aider à résoudre ce problème?
Merci.
Quelqu'un pourrait-il m'aider à résoudre ce problème?
Merci.
A voir également:
- Portable bloqué au démarrage
- Ordinateur lent au démarrage - Guide
- Reinitialiser pc au demarrage - Guide
- Forcer demarrage pc - Guide
- Qu'est ce qui se lance au démarrage de l'ordinateur - Guide
- Code puk bloqué - Guide
18 réponses
Salut isabelle1996
On va vérifier le PC :
Télécharge OTL (de OldTimer) et enregistre-le sur ton Bureau.
http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/
- Quitte les applications en cours afin de ne pas interrompre le scan.
- Faire double clique sur OTL.exe présent sur le bureau pour lancer le programme
Vista/Seven -- Faire un clique droit sur OTL.exe présent sur le bureau et choisir exécuter en tant qu'administrateur pour lancer le programme
- Une fenêtre apparaît. Dans la section Rapport en haut de cette fenêtre, coche "Rapport standard". Fais de même avec "Tous les utilisateurs" à coté.
- Coche également les cases à côté de "Recherche LOP" et "Recherche Purity".
Ne modifie pas les autres paramètres !
Copie la liste qui se trouve en gras ci-dessous, et colle-la dans la zone sous " Personnalisation "
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.*
%SYSTEMDRIVE%\*.exe
%PROGRAMFILES%\*.*
%PROGRAMFILES%\*.
/md5start
consrv.dll
volsnap.sys
hidserv.dll
appmgmts.dll
eventlog.dll
winlogon.exe
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
wininet.dll
wininit.exe
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
explorer.exe
svchost.exe
userinit.exe
qmgr.dll
ws2_32.dll
proquota.exe
imm32.dll
kernel32.dll
ndis.sys
autochk.exe
spoolsv.exe
xmlprov.dll
ntmssvc.dll
mswsock.dll
Beep.SYS
ntfs.sys
termsrv.dll
sfcfiles.dll
st3shark.sys
winlogon.exe
wininit.ini
/md5stop
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s
SAVEMBR:0
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
c:\$recycle.bin\*.* /s
- Clique sur le bouton Analyse.
- Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTListIT2 (donc par défaut sur le Bureau).
Utilise cjoint.com pour poster en lien tes rapports :
https://www.cjoint.com/
- Clique sur Parcourir pour aller chercher le rapport OTL.txt sur le bureau
- Clique sur Ouvrir ensuite sur Créer le lien Cjoint
- Fais un copier/coller du lien qui est devant Le lien a été créé: dans ta prochaine réponse.
Après fais de même avec l'autre rapport Extras.txt
@++ :)
On va vérifier le PC :
Télécharge OTL (de OldTimer) et enregistre-le sur ton Bureau.
http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/
- Quitte les applications en cours afin de ne pas interrompre le scan.
- Faire double clique sur OTL.exe présent sur le bureau pour lancer le programme
Vista/Seven -- Faire un clique droit sur OTL.exe présent sur le bureau et choisir exécuter en tant qu'administrateur pour lancer le programme
- Une fenêtre apparaît. Dans la section Rapport en haut de cette fenêtre, coche "Rapport standard". Fais de même avec "Tous les utilisateurs" à coté.
- Coche également les cases à côté de "Recherche LOP" et "Recherche Purity".
Ne modifie pas les autres paramètres !
Copie la liste qui se trouve en gras ci-dessous, et colle-la dans la zone sous " Personnalisation "
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.*
%SYSTEMDRIVE%\*.exe
%PROGRAMFILES%\*.*
%PROGRAMFILES%\*.
/md5start
consrv.dll
volsnap.sys
hidserv.dll
appmgmts.dll
eventlog.dll
winlogon.exe
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
wininet.dll
wininit.exe
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
explorer.exe
svchost.exe
userinit.exe
qmgr.dll
ws2_32.dll
proquota.exe
imm32.dll
kernel32.dll
ndis.sys
autochk.exe
spoolsv.exe
xmlprov.dll
ntmssvc.dll
mswsock.dll
Beep.SYS
ntfs.sys
termsrv.dll
sfcfiles.dll
st3shark.sys
winlogon.exe
wininit.ini
/md5stop
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s
SAVEMBR:0
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
c:\$recycle.bin\*.* /s
- Clique sur le bouton Analyse.
- Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTListIT2 (donc par défaut sur le Bureau).
Utilise cjoint.com pour poster en lien tes rapports :
https://www.cjoint.com/
- Clique sur Parcourir pour aller chercher le rapport OTL.txt sur le bureau
- Clique sur Ouvrir ensuite sur Créer le lien Cjoint
- Fais un copier/coller du lien qui est devant Le lien a été créé: dans ta prochaine réponse.
Après fais de même avec l'autre rapport Extras.txt
@++ :)
Je n'arrive pas à télécharger le logiciel car je suis en mode échec et j'ai essayé en mode normal mais impossible d'avoir accès, tout bloque.
Salut isabelle1996
Redémarre en mode sans échec avec prise en charge réseau pour avoir accès a l'internet, sinon utilise une clé USB pour mettre le logiciel et les rapports.
@++ :)
Redémarre en mode sans échec avec prise en charge réseau pour avoir accès a l'internet, sinon utilise une clé USB pour mettre le logiciel et les rapports.
@++ :)
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
OTL.Txt
OTL logfile created on: 7/04/2012 21:32:29 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Thuy-Tien\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000080C | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy
2,96 Gb Total Physical Memory | 2,22 Gb Available Physical Memory | 74,96% Memory free
6,13 Gb Paging File | 5,60 Gb Available in Paging File | 91,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 186,31 Gb Total Space | 61,46 Gb Free Space | 32,99% Space Free | Partition Type: NTFS
Drive E: | 184,84 Gb Total Space | 163,89 Gb Free Space | 88,67% Space Free | Partition Type: NTFS
Drive G: | 931,51 Gb Total Space | 806,54 Gb Free Space | 86,58% Space Free | Partition Type: NTFS
Computer Name: PC-DE-THUY-TIEN | User Name: Thuy-Tien | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========/color
PRC - [2012/04/07 21:27:34 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Thuy-Tien\Desktop\OTL.exe
PRC - [2012/03/25 15:19:27 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/08/12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011/06/15 16:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011/04/27 16:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
[color=#E56717]========== Modules (No Company Name) ==========/color
MOD - [2012/03/25 15:19:26 | 001,969,080 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/02/16 20:38:54 | 008,527,008 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2009/10/26 09:33:33 | 000,010,240 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerCOM.dll
[color=#E56717]========== Win32 Services (SafeList) ==========/color
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2012/01/03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/08/12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2011/04/27 16:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2011/04/27 16:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/11/02 22:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) [Auto | Stopped] -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe -- (AVP)
SRV - [2010/07/01 11:59:02 | 000,051,576 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010/01/15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/04/24 12:40:38 | 000,176,128 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV - [2009/04/21 23:07:04 | 000,176,128 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009/04/16 19:42:58 | 000,020,544 | ---- | M] (TOSHIBA) [Auto | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe -- (camsvc)
SRV - [2009/04/15 18:03:40 | 000,656,752 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV - [2009/03/30 17:57:22 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2009/03/23 15:30:36 | 000,116,104 | ---- | M] (Toshiba Europe GmbH) [Auto | Stopped] -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO)
SRV - [2009/03/17 11:49:04 | 000,073,728 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV - [2009/03/10 19:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2009/03/06 19:29:16 | 000,464,224 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2008/11/09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/01/21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/11/21 18:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
[color=#E56717]========== Driver Services (SafeList) ==========/color
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Windows\system32\drivers\npf.sys -- (npf)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - [2011/07/22 18:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 23:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/04/27 16:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011/04/18 14:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010/10/01 10:37:42 | 000,488,536 | ---- | M] (Kaspersky Lab) [File_System | System | Stopped] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2010/06/09 16:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl2.sys -- (kl2)
DRV - [2010/06/09 16:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\kl1.sys -- (kl1)
DRV - [2010/04/22 18:07:34 | 000,022,104 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2009/11/02 19:27:16 | 000,019,984 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009/10/26 09:33:39 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2009/04/24 14:29:28 | 000,163,840 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009/04/22 00:30:14 | 004,491,264 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/03/21 00:29:18 | 000,012,920 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\TVALZFL.sys -- (TVALZFL)
DRV - [2009/03/18 12:44:54 | 000,022,272 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PGEffect.sys -- (PGEffect)
DRV - [2009/01/27 20:12:14 | 000,279,376 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tos_sps32.sys -- (tos_sps32)
DRV - [2008/11/17 08:40:22 | 003,668,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008/11/11 18:29:42 | 000,154,272 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2008/05/07 11:30:12 | 000,025,896 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\LPCFilter.sys -- (LPCFilter)
DRV - [2007/12/14 11:53:24 | 000,024,200 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2007/11/09 15:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
[color=#E56717]========== Standard Registry (SafeList) ==========/color
[color=#E56717]========== Internet Explorer ==========/color
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.com/webhp?gws_rd=ssl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = https://hp.mywebsearch.com/mywebsearch/index.html{searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2405280
IE - HKLM\..\SearchScopes\{DA99141F-9AF1-486A-85FF-24F71313DB0F}: "URL" = https://www.google.com/webhp?sourceid=ie7&gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSEG;
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.com/webhp?gws_rd=ssl
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-be
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 4B 8D E2 AB CA CA 01 [binary data]
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\..\SearchScopes,DefaultScope = {B8E093F4-6EA6-43C1-9C3C-BD680CD01B57}
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\..\SearchScopes\{0BEAE67A-99A9-451E-93C2-158C96621D90}: "URL" = https://search.yahoo.com/web?fr=chr-greentree_ie{searchTerms}
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=14542
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\..\SearchScopes\{105E99FF-8B9A-4492-B155-06194B9056D2}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR&FORM=IEFM1{searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://www.search.ask.com/?l=dis{searchTerms}&locale=fr_EU
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\..\SearchScopes\{25477387-2310-45df-933D-E9416D3D0303}: "URL" = http://eis.esnips.com/page/search_provider/?client_uuid=bda82ac0-85c3-4b48-b0d2-41fde8d1391d&q={searchTerms}
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = https://hp.mywebsearch.com/mywebsearch/index.html{searchTerms}
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = https://www.google.com/webhp?gws_rd=ssl{searchTerms}&rlz=1I7TSEG_fr&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\..\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}: "URL" = http://search.speedbit.com/{searchTerms}
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\..\SearchScopes\{9D5BD211-422C-4164-9298-BB4186A30F31}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&mkt=fr-FR&form=IE0004
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\..\SearchScopes\{b41306c6-96d0-442a-bcc4-b0f621e82ce9}: "URL" = http://www.fissa.com/fr/results/?s=b&c=1007045039&suid=EipTfF4EF&d=4&q={searchTerms}
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\..\SearchScopes\{B8E093F4-6EA6-43C1-9C3C-BD680CD01B57}: "URL" = http://start.funmoods.com/results.php?f=4&a=bf4&q={searchTerms}
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\..\SearchScopes\{DA99141F-9AF1-486A-85FF-24F71313DB0F}: "URL" = https://www.google.com/webhp?sourceid=ie7&gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSEG_fr
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\..\SearchScopes\{E52BE12D-A44A-4f51-9DC1-34F37A488CC7}: "URL" = http://search.videodownload-toolbar.com/search?p=Q&ts=ne&w={searchTerms}&csrc=search-field
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = https://search.sweetim.com/search.asp?src=6&q={searchTerms}
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>;*.local
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8888;https=127.0.0.1:8888
[color=#E56717]========== FireFox ==========/color
FF - prefs.js..browser.search.defaultenginename: "Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Freecorder Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "google.be"
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&SearchSource=2&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "google.be"
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.1: C:\Users\Thuy-Tien\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll File not found
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Thuy-Tien\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll File not found
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Thuy-Tien\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Thuy-Tien\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Thuy-Tien\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010/08/02 01:22:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/03/09 17:55:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/03/09 17:55:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\virtualKeyboard@kaspersky.ru [2011/05/31 18:01:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\linkfilter@kaspersky.ru [2011/05/31 18:01:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\searchpredict@speedbit.com: C:\Program Files\SearchPredict\PRFireFox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}: C:\Program Files\SPEEDbit Video Downloader\SPFireFox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/03/25 15:19:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/02/21 22:28:43 | 000,000,000 | ---D | M]
[2011/09/03 13:02:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thuy-Tien\AppData\Roaming\mozilla\Extensions
[2009/12/22 23:00:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thuy-Tien\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2012/03/29 13:36:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thuy-Tien\AppData\Roaming\mozilla\Firefox\Profiles\klw10i5s.default\extensions
[2012/03/28 17:51:22 | 000,000,000 | ---D | M] ("Premiumplay Codec-C") -- C:\Users\Thuy-Tien\AppData\Roaming\mozilla\Firefox\Profiles\klw10i5s.default\extensions\crossriderapp435@crossrider(15).com
[2012/02/26 23:17:03 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Users\Thuy-Tien\AppData\Roaming\mozilla\Firefox\Profiles\klw10i5s.default\extensions\ffxtlbr@funmoods.com
[2011/12/08 11:29:26 | 000,000,923 | ---- | M] () -- C:\Users\Thuy-Tien\AppData\Roaming\Mozilla\Firefox\Profiles\klw10i5s.default\searchplugins\conduit.xml
[2012/02/26 16:11:43 | 000,001,797 | ---- | M] () -- C:\Users\Thuy-Tien\AppData\Roaming\Mozilla\Firefox\Profiles\klw10i5s.default\searchplugins\funmoods.xml
[2011/12/10 12:21:36 | 000,002,538 | ---- | M] () -- C:\Users\Thuy-Tien\AppData\Roaming\Mozilla\Firefox\Profiles\klw10i5s.default\searchplugins\speedbit.xml
[2011/09/12 21:00:46 | 000,003,910 | ---- | M] () -- C:\Users\Thuy-Tien\AppData\Roaming\Mozilla\Firefox\Profiles\klw10i5s.default\searchplugins\sweetim.xml
[2012/02/21 20:51:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/25 17:00:26 | 000,000,000 | ---D | M] (QuestDns) -- C:\Program Files\Mozilla Firefox\extensions\{C91E1C68-B60A-4C9F-B53B-AAAEF0E7EF97}
[2012/02/21 20:51:49 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru
[2010/03/30 16:45:32 | 000,000,000 | ---D | M] (Analyse des liens (URL Advisor)) -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak
[2012/03/25 15:19:28 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/10/03 06:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/08/12 06:52:47 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2010/09/26 16:18:48 | 000,002,226 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011/08/12 06:14:12 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/08/12 06:52:48 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2011/08/12 06:52:48 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2010/04/10 23:06:27 | 000,002,029 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\esnips.xml
[2010/03/28 18:56:18 | 000,002,035 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrchFxt.xml
[2011/08/12 06:52:48 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2011/08/12 06:52:48 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
[color=#E56717]========== Chrome ==========/color
CHR - default_search_provider: Search (Enabled)
CHR - default_search_provider: search_url = http://start.funmoods.com/results.php?f=4&a=bf4&q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Thuy-Tien\AppData\Local\Google\Chrome\Application\18.0.1025.142\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Thuy-Tien\AppData\Local\Google\Chrome\Application\18.0.1025.142\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Thuy-Tien\AppData\Local\Google\Chrome\Application\18.0.1025.142\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Thuy-Tien\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Picasa2\npPicasa2.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Thuy-Tien\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - Extension: YouTube = C:\Users\Thuy-Tien\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Recherche Google = C:\Users\Thuy-Tien\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\
CHR - Extension: DivX HiQ = C:\Users\Thuy-Tien\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.1.94_0\
CHR - Extension: Premiumplay Codec-C = C:\Users\Thuy-Tien\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.14.36_0\
CHR - Extension: video HTML5 DivX Plus Web Player = C:\Users\Thuy-Tien\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.1.94_0\
CHR - Extension: Gmail = C:\Users\Thuy-Tien\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Premiumplay Codec-C) - {11111111-1111-1111-1111-110011041135} - C:\Program Files\Premiumplay Codec-C\Premiumplay Codec-C.dll (WebPicks)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (no name) - {B530A9A4-1722-4D16-AAD6-AA85E3AD2ADE} - No CLSID value found.
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\..\Toolbar\WebBrowser: (no name) - {4DAAC69C-CBA7-45E2-9BC8-1044483D3352} - No CLSID value found.
O3 - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\..\Toolbar\WebBrowser: (no name) - {E52BE12D-A44A-4F51-9DC1-34F37A488CC7} - No CLSID value found.
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [cfFncEnabler.exe] C:\Program Files\TOSHIBA\ConfigFree\cfFncEnabler.exe (Toshiba Corporation)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Freecorder FLV Service] C:\Program Files\Freecorder\FLVSrvc.exe (Applian Technologies, Inc.)
O4 - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NDSTray.exe] C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Toshiba Registration] C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH)
O4 - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPCHWMsg] C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\Run: [TOSHIBA Online Product Information] C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe (TOSHIBA)
O4 - HKU\S-1-5-18..\Run: [TOSHIBA Online Product Information] C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe (TOSHIBA)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000..\Run: [Facebook Update] C:\Users\Thuy-Tien\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000..\Run: [TOSHIBA Online Product Information] C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe (TOSHIBA)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Invité\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\Software\Policies\Microsoft\Internet Explorer\Main present
O9 - Extra Button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - https://www.ebay.fr File not found
O9 - Extra Button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab (Solitaire Showdown Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} http://game.zylom.com/activex/zylomgamesplayer.cab (Reg Error: Key error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://msneufr.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://www.youplay.com/games/3rdParty/YouPlay/popcaploader_v10.cab (PopCapLoader Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldfr-be.cab (Windows Live Hotmail Photo Upload Tool)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.197.111.140
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E54DB601-B08E-410C-83F7-3C618B139189}: DhcpNameServer = 62.197.111.140
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F70B4991-92CD-4F5C-941B-590AEF0ABA6B}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\klogon: DllName - (C:\Windows\system32\klogon.dll) - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O24 - Desktop WallPaper: C:\Users\Thuy-Tien\Pictures\paysage\fond_ecran_wallpaper_iles_0009.jpg
O24 - Desktop BackupWallPaper: C:\Users\Thuy-Tien\Pictures\paysage\fond_ecran_wallpaper_iles_0009.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{d116f9f9-159e-11df-bcea-00262234fcb3}\Shell - "" = AutoRun
O33 - MountPoints2\{d116f9f9-159e-11df-bcea-00262234fcb3}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
SafeBootMin: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: mcmscsvc - Service
SafeBootMin: MCODS - Service
SafeBootMin: MsMpSvc - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: mcmscsvc - Service
SafeBootNet: MCODS - Service
SafeBootNet: Messenger - Service
SafeBootNet: MpfService - Service
SafeBootNet: MsMpSvc - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker 2.6
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - C:\Windows\System32\Adobe
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========/color
[2012/04/07 21:28:59 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Users\Thuy-Tien\Desktop\OTL.exe
[2012/04/05 19:55:08 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{E19E44DB-C22D-44FE-AAD5-A25C42A3A854}
[2012/04/05 19:54:40 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{DAAE5B0C-39E8-4536-9AA6-CCB16F600075}
[2012/04/04 19:25:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Player Classic - Home Cinema
[2012/04/04 19:25:22 | 000,000,000 | ---D | C] -- C:\Program Files\Media Player Classic - Home Cinema
[2012/04/04 19:17:53 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Roaming\Media Player Classic
[2012/04/04 18:54:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/04/03 12:58:40 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{DD401124-7C3C-4070-B9C9-5130CAE15F3F}
[2012/04/02 13:31:11 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{FCDEA07B-86B5-44E0-BFFB-8C4BFFB8884F}
[2012/04/02 01:30:42 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{196C2F55-4C25-495E-BAFD-F46236480FE9}
[2012/04/01 15:32:12 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\Desktop\Newzak
[2012/04/01 13:30:15 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{7D3B424D-8736-42DC-9A03-FB75B2B675E9}
[2012/03/29 16:05:34 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{35213FC2-E7D3-4082-A979-EE3008BA53ED}
[2012/03/28 12:31:10 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{F2A71500-039D-4328-B879-1BD1F1876C92}
[2012/03/28 12:30:58 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{16F91A56-DD2B-4ECE-948B-A7F8B3D2DFA2}
[2012/03/28 11:30:03 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{F0F76ED8-6FB2-4B74-A9BC-26DEF30380C7}
[2012/03/28 11:29:41 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{FC8C8532-C281-4C76-BA16-48E75D0B5DE8}
[2012/03/27 17:25:40 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{F0F1B793-8D93-41D7-B4ED-95C548EAC5C3}
[2012/03/27 17:25:15 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{66228B57-D6DC-487D-99EA-28AAC44B2C53}
[2012/03/26 17:45:33 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{9C01F146-23D0-4333-A31A-A6FC1B7F4DF2}
[2012/03/26 17:45:22 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{143C618A-CA1A-4836-93B5-2274A84A040B}
[2012/03/25 15:19:06 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{623D3766-BE81-49F9-9C0E-67E79A3BE001}
[2012/03/25 15:18:50 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{E2080F12-D7A2-4E53-A658-11BBEB2F04A8}
[2012/03/24 15:17:23 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{91FB0B6C-D649-4236-801B-9A03BBE7CFC2}
[2012/03/24 15:17:09 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{CDAB1D6E-3300-4984-A73E-8AC5EC11D0A1}
[2012/03/24 14:02:40 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{2C93521A-1D99-4016-950E-53633BE6EDE6}
[2012/03/24 14:02:27 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{8A03DDDF-66BB-4FD4-852B-B4EB11E3C360}
[2012/03/22 22:08:26 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012/03/21 20:27:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2012/03/21 14:49:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/03/21 14:48:01 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2012/03/21 14:41:43 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{0727BD85-BFD5-4B6D-9808-22BF5B372C40}
[2012/03/21 14:41:30 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{BBF09CD1-0B04-450B-85B5-FB2EE0D24849}
[2012/03/17 15:04:40 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{E2F5D43A-D856-4393-83FC-64F56AA99184}
[2012/03/17 15:03:50 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{DB1A6784-D176-4FD8-AE8F-51C73398D2A6}
[2012/03/16 18:23:20 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{6E4DEEAB-EEAE-438D-A4DE-F49E778E7D37}
[2012/03/16 18:23:09 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{73A2C6DA-894F-4F53-BEE0-55F329CC0BAE}
[2012/03/15 20:27:06 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2012/03/15 20:26:52 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2012/03/15 20:25:50 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\Solid State Networks
[2012/03/15 19:02:49 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{F9199CB0-03FC-407B-B808-7805D55595CA}
[2012/03/15 19:02:32 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{2BC47882-8354-44FC-9EB9-5E1FCAD575B9}
[2012/03/14 18:40:40 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{D551BF78-4A10-4712-B937-C3CF3835EFBA}
[2012/03/14 18:40:29 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{C8BD4937-DA6F-4E8E-86B5-AF98BB591066}
[2012/03/14 16:13:11 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{DB161615-EA6B-4E66-8A48-E59AC33FFB48}
[2012/03/14 16:12:57 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{78F461DC-C444-4C1D-AF6E-1F046107F0E3}
[2012/03/14 16:07:55 | 002,044,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/03/14 16:07:53 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012/03/14 16:07:53 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012/03/14 16:07:53 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012/03/14 16:07:53 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012/03/14 16:07:53 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2012/03/14 16:07:40 | 000,613,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2012/03/12 20:30:51 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{C533E766-B172-43CB-B971-DC3FF46BDD72}
[2012/03/12 20:30:32 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{581220FF-CFE6-4843-BFA4-76DC54C67CF4}
[2012/03/10 10:43:46 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{9C51B3BD-A10C-40C7-90AF-239A08F81812}
[2012/03/10 10:43:31 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{6B81B54B-8636-4D31-A3B9-4DC4044AD212}
[2012/03/09 18:00:29 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{339F8EFC-39A4-41FA-97E3-3A5D35FB4E81}
[2012/03/09 18:00:10 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{AF8A663F-510A-482B-9D03-BDEF920C6718}
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========/color
[2012/04/07 21:36:02 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/04/07 21:29:47 | 000,680,156 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2012/04/07 21:29:47 | 000,597,486 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/04/07 21:29:47 | 000,127,042 | ---- | M] () -- C:\Windows\System32\p
OTL logfile created on: 7/04/2012 21:32:29 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Thuy-Tien\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000080C | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy
2,96 Gb Total Physical Memory | 2,22 Gb Available Physical Memory | 74,96% Memory free
6,13 Gb Paging File | 5,60 Gb Available in Paging File | 91,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 186,31 Gb Total Space | 61,46 Gb Free Space | 32,99% Space Free | Partition Type: NTFS
Drive E: | 184,84 Gb Total Space | 163,89 Gb Free Space | 88,67% Space Free | Partition Type: NTFS
Drive G: | 931,51 Gb Total Space | 806,54 Gb Free Space | 86,58% Space Free | Partition Type: NTFS
Computer Name: PC-DE-THUY-TIEN | User Name: Thuy-Tien | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========/color
PRC - [2012/04/07 21:27:34 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Thuy-Tien\Desktop\OTL.exe
PRC - [2012/03/25 15:19:27 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/08/12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011/06/15 16:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011/04/27 16:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
[color=#E56717]========== Modules (No Company Name) ==========/color
MOD - [2012/03/25 15:19:26 | 001,969,080 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/02/16 20:38:54 | 008,527,008 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2009/10/26 09:33:33 | 000,010,240 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerCOM.dll
[color=#E56717]========== Win32 Services (SafeList) ==========/color
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2012/01/03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/08/12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2011/04/27 16:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2011/04/27 16:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/11/02 22:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) [Auto | Stopped] -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe -- (AVP)
SRV - [2010/07/01 11:59:02 | 000,051,576 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010/01/15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/04/24 12:40:38 | 000,176,128 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV - [2009/04/21 23:07:04 | 000,176,128 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009/04/16 19:42:58 | 000,020,544 | ---- | M] (TOSHIBA) [Auto | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe -- (camsvc)
SRV - [2009/04/15 18:03:40 | 000,656,752 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV - [2009/03/30 17:57:22 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2009/03/23 15:30:36 | 000,116,104 | ---- | M] (Toshiba Europe GmbH) [Auto | Stopped] -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO)
SRV - [2009/03/17 11:49:04 | 000,073,728 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV - [2009/03/10 19:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2009/03/06 19:29:16 | 000,464,224 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2008/11/09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/01/21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/11/21 18:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
[color=#E56717]========== Driver Services (SafeList) ==========/color
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Windows\system32\drivers\npf.sys -- (npf)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - [2011/07/22 18:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 23:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/04/27 16:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011/04/18 14:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010/10/01 10:37:42 | 000,488,536 | ---- | M] (Kaspersky Lab) [File_System | System | Stopped] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2010/06/09 16:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl2.sys -- (kl2)
DRV - [2010/06/09 16:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\kl1.sys -- (kl1)
DRV - [2010/04/22 18:07:34 | 000,022,104 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2009/11/02 19:27:16 | 000,019,984 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009/10/26 09:33:39 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2009/04/24 14:29:28 | 000,163,840 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009/04/22 00:30:14 | 004,491,264 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/03/21 00:29:18 | 000,012,920 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\TVALZFL.sys -- (TVALZFL)
DRV - [2009/03/18 12:44:54 | 000,022,272 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PGEffect.sys -- (PGEffect)
DRV - [2009/01/27 20:12:14 | 000,279,376 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tos_sps32.sys -- (tos_sps32)
DRV - [2008/11/17 08:40:22 | 003,668,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008/11/11 18:29:42 | 000,154,272 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2008/05/07 11:30:12 | 000,025,896 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\LPCFilter.sys -- (LPCFilter)
DRV - [2007/12/14 11:53:24 | 000,024,200 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2007/11/09 15:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
[color=#E56717]========== Standard Registry (SafeList) ==========/color
[color=#E56717]========== Internet Explorer ==========/color
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.com/webhp?gws_rd=ssl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = https://hp.mywebsearch.com/mywebsearch/index.html{searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2405280
IE - HKLM\..\SearchScopes\{DA99141F-9AF1-486A-85FF-24F71313DB0F}: "URL" = https://www.google.com/webhp?sourceid=ie7&gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSEG;
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.com/webhp?gws_rd=ssl
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-be
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 4B 8D E2 AB CA CA 01 [binary data]
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\..\SearchScopes,DefaultScope = {B8E093F4-6EA6-43C1-9C3C-BD680CD01B57}
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\..\SearchScopes\{0BEAE67A-99A9-451E-93C2-158C96621D90}: "URL" = https://search.yahoo.com/web?fr=chr-greentree_ie{searchTerms}
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=14542
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\..\SearchScopes\{105E99FF-8B9A-4492-B155-06194B9056D2}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR&FORM=IEFM1{searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://www.search.ask.com/?l=dis{searchTerms}&locale=fr_EU
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\..\SearchScopes\{25477387-2310-45df-933D-E9416D3D0303}: "URL" = http://eis.esnips.com/page/search_provider/?client_uuid=bda82ac0-85c3-4b48-b0d2-41fde8d1391d&q={searchTerms}
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = https://hp.mywebsearch.com/mywebsearch/index.html{searchTerms}
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = https://www.google.com/webhp?gws_rd=ssl{searchTerms}&rlz=1I7TSEG_fr&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\..\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}: "URL" = http://search.speedbit.com/{searchTerms}
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\..\SearchScopes\{9D5BD211-422C-4164-9298-BB4186A30F31}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&mkt=fr-FR&form=IE0004
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\..\SearchScopes\{b41306c6-96d0-442a-bcc4-b0f621e82ce9}: "URL" = http://www.fissa.com/fr/results/?s=b&c=1007045039&suid=EipTfF4EF&d=4&q={searchTerms}
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\..\SearchScopes\{B8E093F4-6EA6-43C1-9C3C-BD680CD01B57}: "URL" = http://start.funmoods.com/results.php?f=4&a=bf4&q={searchTerms}
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\..\SearchScopes\{DA99141F-9AF1-486A-85FF-24F71313DB0F}: "URL" = https://www.google.com/webhp?sourceid=ie7&gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSEG_fr
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\..\SearchScopes\{E52BE12D-A44A-4f51-9DC1-34F37A488CC7}: "URL" = http://search.videodownload-toolbar.com/search?p=Q&ts=ne&w={searchTerms}&csrc=search-field
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = https://search.sweetim.com/search.asp?src=6&q={searchTerms}
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>;*.local
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8888;https=127.0.0.1:8888
[color=#E56717]========== FireFox ==========/color
FF - prefs.js..browser.search.defaultenginename: "Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Freecorder Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "google.be"
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&SearchSource=2&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "google.be"
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.1: C:\Users\Thuy-Tien\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll File not found
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Thuy-Tien\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll File not found
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Thuy-Tien\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Thuy-Tien\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Thuy-Tien\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010/08/02 01:22:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/03/09 17:55:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/03/09 17:55:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\virtualKeyboard@kaspersky.ru [2011/05/31 18:01:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\linkfilter@kaspersky.ru [2011/05/31 18:01:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\searchpredict@speedbit.com: C:\Program Files\SearchPredict\PRFireFox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}: C:\Program Files\SPEEDbit Video Downloader\SPFireFox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/03/25 15:19:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/02/21 22:28:43 | 000,000,000 | ---D | M]
[2011/09/03 13:02:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thuy-Tien\AppData\Roaming\mozilla\Extensions
[2009/12/22 23:00:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thuy-Tien\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2012/03/29 13:36:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thuy-Tien\AppData\Roaming\mozilla\Firefox\Profiles\klw10i5s.default\extensions
[2012/03/28 17:51:22 | 000,000,000 | ---D | M] ("Premiumplay Codec-C") -- C:\Users\Thuy-Tien\AppData\Roaming\mozilla\Firefox\Profiles\klw10i5s.default\extensions\crossriderapp435@crossrider(15).com
[2012/02/26 23:17:03 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Users\Thuy-Tien\AppData\Roaming\mozilla\Firefox\Profiles\klw10i5s.default\extensions\ffxtlbr@funmoods.com
[2011/12/08 11:29:26 | 000,000,923 | ---- | M] () -- C:\Users\Thuy-Tien\AppData\Roaming\Mozilla\Firefox\Profiles\klw10i5s.default\searchplugins\conduit.xml
[2012/02/26 16:11:43 | 000,001,797 | ---- | M] () -- C:\Users\Thuy-Tien\AppData\Roaming\Mozilla\Firefox\Profiles\klw10i5s.default\searchplugins\funmoods.xml
[2011/12/10 12:21:36 | 000,002,538 | ---- | M] () -- C:\Users\Thuy-Tien\AppData\Roaming\Mozilla\Firefox\Profiles\klw10i5s.default\searchplugins\speedbit.xml
[2011/09/12 21:00:46 | 000,003,910 | ---- | M] () -- C:\Users\Thuy-Tien\AppData\Roaming\Mozilla\Firefox\Profiles\klw10i5s.default\searchplugins\sweetim.xml
[2012/02/21 20:51:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/25 17:00:26 | 000,000,000 | ---D | M] (QuestDns) -- C:\Program Files\Mozilla Firefox\extensions\{C91E1C68-B60A-4C9F-B53B-AAAEF0E7EF97}
[2012/02/21 20:51:49 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru
[2010/03/30 16:45:32 | 000,000,000 | ---D | M] (Analyse des liens (URL Advisor)) -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak
[2012/03/25 15:19:28 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/10/03 06:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/08/12 06:52:47 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2010/09/26 16:18:48 | 000,002,226 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011/08/12 06:14:12 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/08/12 06:52:48 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2011/08/12 06:52:48 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2010/04/10 23:06:27 | 000,002,029 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\esnips.xml
[2010/03/28 18:56:18 | 000,002,035 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrchFxt.xml
[2011/08/12 06:52:48 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2011/08/12 06:52:48 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
[color=#E56717]========== Chrome ==========/color
CHR - default_search_provider: Search (Enabled)
CHR - default_search_provider: search_url = http://start.funmoods.com/results.php?f=4&a=bf4&q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Thuy-Tien\AppData\Local\Google\Chrome\Application\18.0.1025.142\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Thuy-Tien\AppData\Local\Google\Chrome\Application\18.0.1025.142\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Thuy-Tien\AppData\Local\Google\Chrome\Application\18.0.1025.142\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Thuy-Tien\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Picasa2\npPicasa2.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Thuy-Tien\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - Extension: YouTube = C:\Users\Thuy-Tien\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Recherche Google = C:\Users\Thuy-Tien\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\
CHR - Extension: DivX HiQ = C:\Users\Thuy-Tien\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.1.94_0\
CHR - Extension: Premiumplay Codec-C = C:\Users\Thuy-Tien\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.14.36_0\
CHR - Extension: video HTML5 DivX Plus Web Player = C:\Users\Thuy-Tien\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.1.94_0\
CHR - Extension: Gmail = C:\Users\Thuy-Tien\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Premiumplay Codec-C) - {11111111-1111-1111-1111-110011041135} - C:\Program Files\Premiumplay Codec-C\Premiumplay Codec-C.dll (WebPicks)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (no name) - {B530A9A4-1722-4D16-AAD6-AA85E3AD2ADE} - No CLSID value found.
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\..\Toolbar\WebBrowser: (no name) - {4DAAC69C-CBA7-45E2-9BC8-1044483D3352} - No CLSID value found.
O3 - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\..\Toolbar\WebBrowser: (no name) - {E52BE12D-A44A-4F51-9DC1-34F37A488CC7} - No CLSID value found.
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [cfFncEnabler.exe] C:\Program Files\TOSHIBA\ConfigFree\cfFncEnabler.exe (Toshiba Corporation)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Freecorder FLV Service] C:\Program Files\Freecorder\FLVSrvc.exe (Applian Technologies, Inc.)
O4 - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NDSTray.exe] C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Toshiba Registration] C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH)
O4 - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPCHWMsg] C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\Run: [TOSHIBA Online Product Information] C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe (TOSHIBA)
O4 - HKU\S-1-5-18..\Run: [TOSHIBA Online Product Information] C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe (TOSHIBA)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000..\Run: [Facebook Update] C:\Users\Thuy-Tien\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000..\Run: [TOSHIBA Online Product Information] C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe (TOSHIBA)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Invité\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\Software\Policies\Microsoft\Internet Explorer\Main present
O9 - Extra Button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - https://www.ebay.fr File not found
O9 - Extra Button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab (Solitaire Showdown Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} http://game.zylom.com/activex/zylomgamesplayer.cab (Reg Error: Key error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://msneufr.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://www.youplay.com/games/3rdParty/YouPlay/popcaploader_v10.cab (PopCapLoader Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldfr-be.cab (Windows Live Hotmail Photo Upload Tool)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.197.111.140
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E54DB601-B08E-410C-83F7-3C618B139189}: DhcpNameServer = 62.197.111.140
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F70B4991-92CD-4F5C-941B-590AEF0ABA6B}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\klogon: DllName - (C:\Windows\system32\klogon.dll) - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O24 - Desktop WallPaper: C:\Users\Thuy-Tien\Pictures\paysage\fond_ecran_wallpaper_iles_0009.jpg
O24 - Desktop BackupWallPaper: C:\Users\Thuy-Tien\Pictures\paysage\fond_ecran_wallpaper_iles_0009.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{d116f9f9-159e-11df-bcea-00262234fcb3}\Shell - "" = AutoRun
O33 - MountPoints2\{d116f9f9-159e-11df-bcea-00262234fcb3}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
SafeBootMin: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: mcmscsvc - Service
SafeBootMin: MCODS - Service
SafeBootMin: MsMpSvc - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: mcmscsvc - Service
SafeBootNet: MCODS - Service
SafeBootNet: Messenger - Service
SafeBootNet: MpfService - Service
SafeBootNet: MsMpSvc - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker 2.6
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - C:\Windows\System32\Adobe
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========/color
[2012/04/07 21:28:59 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Users\Thuy-Tien\Desktop\OTL.exe
[2012/04/05 19:55:08 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{E19E44DB-C22D-44FE-AAD5-A25C42A3A854}
[2012/04/05 19:54:40 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{DAAE5B0C-39E8-4536-9AA6-CCB16F600075}
[2012/04/04 19:25:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Player Classic - Home Cinema
[2012/04/04 19:25:22 | 000,000,000 | ---D | C] -- C:\Program Files\Media Player Classic - Home Cinema
[2012/04/04 19:17:53 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Roaming\Media Player Classic
[2012/04/04 18:54:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/04/03 12:58:40 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{DD401124-7C3C-4070-B9C9-5130CAE15F3F}
[2012/04/02 13:31:11 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{FCDEA07B-86B5-44E0-BFFB-8C4BFFB8884F}
[2012/04/02 01:30:42 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{196C2F55-4C25-495E-BAFD-F46236480FE9}
[2012/04/01 15:32:12 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\Desktop\Newzak
[2012/04/01 13:30:15 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{7D3B424D-8736-42DC-9A03-FB75B2B675E9}
[2012/03/29 16:05:34 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{35213FC2-E7D3-4082-A979-EE3008BA53ED}
[2012/03/28 12:31:10 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{F2A71500-039D-4328-B879-1BD1F1876C92}
[2012/03/28 12:30:58 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{16F91A56-DD2B-4ECE-948B-A7F8B3D2DFA2}
[2012/03/28 11:30:03 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{F0F76ED8-6FB2-4B74-A9BC-26DEF30380C7}
[2012/03/28 11:29:41 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{FC8C8532-C281-4C76-BA16-48E75D0B5DE8}
[2012/03/27 17:25:40 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{F0F1B793-8D93-41D7-B4ED-95C548EAC5C3}
[2012/03/27 17:25:15 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{66228B57-D6DC-487D-99EA-28AAC44B2C53}
[2012/03/26 17:45:33 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{9C01F146-23D0-4333-A31A-A6FC1B7F4DF2}
[2012/03/26 17:45:22 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{143C618A-CA1A-4836-93B5-2274A84A040B}
[2012/03/25 15:19:06 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{623D3766-BE81-49F9-9C0E-67E79A3BE001}
[2012/03/25 15:18:50 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{E2080F12-D7A2-4E53-A658-11BBEB2F04A8}
[2012/03/24 15:17:23 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{91FB0B6C-D649-4236-801B-9A03BBE7CFC2}
[2012/03/24 15:17:09 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{CDAB1D6E-3300-4984-A73E-8AC5EC11D0A1}
[2012/03/24 14:02:40 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{2C93521A-1D99-4016-950E-53633BE6EDE6}
[2012/03/24 14:02:27 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{8A03DDDF-66BB-4FD4-852B-B4EB11E3C360}
[2012/03/22 22:08:26 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012/03/21 20:27:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2012/03/21 14:49:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/03/21 14:48:01 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2012/03/21 14:41:43 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{0727BD85-BFD5-4B6D-9808-22BF5B372C40}
[2012/03/21 14:41:30 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{BBF09CD1-0B04-450B-85B5-FB2EE0D24849}
[2012/03/17 15:04:40 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{E2F5D43A-D856-4393-83FC-64F56AA99184}
[2012/03/17 15:03:50 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{DB1A6784-D176-4FD8-AE8F-51C73398D2A6}
[2012/03/16 18:23:20 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{6E4DEEAB-EEAE-438D-A4DE-F49E778E7D37}
[2012/03/16 18:23:09 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{73A2C6DA-894F-4F53-BEE0-55F329CC0BAE}
[2012/03/15 20:27:06 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2012/03/15 20:26:52 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2012/03/15 20:25:50 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\Solid State Networks
[2012/03/15 19:02:49 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{F9199CB0-03FC-407B-B808-7805D55595CA}
[2012/03/15 19:02:32 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{2BC47882-8354-44FC-9EB9-5E1FCAD575B9}
[2012/03/14 18:40:40 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{D551BF78-4A10-4712-B937-C3CF3835EFBA}
[2012/03/14 18:40:29 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{C8BD4937-DA6F-4E8E-86B5-AF98BB591066}
[2012/03/14 16:13:11 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{DB161615-EA6B-4E66-8A48-E59AC33FFB48}
[2012/03/14 16:12:57 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{78F461DC-C444-4C1D-AF6E-1F046107F0E3}
[2012/03/14 16:07:55 | 002,044,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/03/14 16:07:53 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012/03/14 16:07:53 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012/03/14 16:07:53 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012/03/14 16:07:53 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012/03/14 16:07:53 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2012/03/14 16:07:40 | 000,613,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2012/03/12 20:30:51 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{C533E766-B172-43CB-B971-DC3FF46BDD72}
[2012/03/12 20:30:32 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{581220FF-CFE6-4843-BFA4-76DC54C67CF4}
[2012/03/10 10:43:46 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{9C51B3BD-A10C-40C7-90AF-239A08F81812}
[2012/03/10 10:43:31 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{6B81B54B-8636-4D31-A3B9-4DC4044AD212}
[2012/03/09 18:00:29 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{339F8EFC-39A4-41FA-97E3-3A5D35FB4E81}
[2012/03/09 18:00:10 | 000,000,000 | ---D | C] -- C:\Users\Thuy-Tien\AppData\Local\{AF8A663F-510A-482B-9D03-BDEF920C6718}
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========/color
[2012/04/07 21:36:02 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/04/07 21:29:47 | 000,680,156 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2012/04/07 21:29:47 | 000,597,486 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/04/07 21:29:47 | 000,127,042 | ---- | M] () -- C:\Windows\System32\p
Extras.Txt
OTL Extras logfile created on: 7/04/2012 21:32:29 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Thuy-Tien\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000080C | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy
2,96 Gb Total Physical Memory | 2,22 Gb Available Physical Memory | 74,96% Memory free
6,13 Gb Paging File | 5,60 Gb Available in Paging File | 91,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 186,31 Gb Total Space | 61,46 Gb Free Space | 32,99% Space Free | Partition Type: NTFS
Drive E: | 184,84 Gb Total Space | 163,89 Gb Free Space | 88,67% Space Free | Partition Type: NTFS
Drive G: | 931,51 Gb Total Space | 806,54 Gb Free Space | 86,58% Space Free | Partition Type: NTFS
Computer Name: PC-DE-THUY-TIEN | User Name: Thuy-Tien | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2666403779-1243288301-2070112608-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[color=#E56717]========== Shell Spawning ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [SPEEDbitVideoConverter] -- "C:\Program Files\SPEEDbit Video Downloader\Converter.exe" -convert=%1
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[color=#E56717]========== Security Center Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[color=#E56717]========== Firewall Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[color=#E56717]========== Authorized Applications List ==========[/color]
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00FBA75B-F625-4158-BD60-175CCF480D35}" = lport=49159 | protocol=6 | dir=in | name=akamai netsession interface |
"{5783CEAE-E884-4192-9551-108492458352}" = lport=65515 | protocol=6 | dir=in | name=akamai netsession interface |
"{61538562-6D51-4129-AF9E-48005CAAE9CF}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{66078FF0-8321-482A-8CD9-32656732E3EC}" = lport=49157 | protocol=6 | dir=in | name=akamai netsession interface |
"{75531D9A-E0CA-4337-BD18-76407D639B68}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{AE77BDBC-F384-4C42-93E2-393FD7DA1114}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{BC1C372D-5A46-4A86-821A-3FFA7EC3BC4A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C20AA660-9FD8-4F9A-A66A-7F7A9780A447}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{E6636506-D0DB-44AB-9D25-BFF36FC9DB95}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06A260F6-EC60-47DD-8DF1-2597000CC6B4}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{089ECBA3-90EF-4C77-9006-5875C6E9A080}" = protocol=17 | dir=in | app=c:\users\thuy-tien\appdata\local\temp\is799009782\ainstaller.exe |
"{10D3CC04-EE44-46B1-B129-6E096B82045F}" = protocol=6 | dir=in | app=c:\users\thuy-tien\appdata\local\temp\is799009782\ainstaller.exe |
"{16179AAF-9638-4C48-AE83-A6488D4B34C7}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{167C4B90-B33C-48AB-BC16-3545D9021790}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1B01EA86-47DE-4C58-AC81-B0DDF09EF64B}" = protocol=17 | dir=in | app=c:\users\thuy-tien\documents\downloads\videoconvertersetup.exe |
"{2B3CEB84-6281-4428-8742-E5ECC5252967}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4A2DA4F8-3841-4AC5-9D88-C0A00BBECA39}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{4D4C9B34-EB3A-48DC-B2D1-959573E14AF3}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{68B2BD06-1FDC-411C-AA59-75111338C54C}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{783300A7-29B0-4B21-9BE1-4D8CA2429A19}" = protocol=6 | dir=in | app=c:\users\thuy-tien\documents\downloads\videoconvertersetup.exe |
"{81545253-B2FB-4CFA-A378-A6D35839D09D}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{8387D872-F425-4789-A294-FC999D868D13}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{863AB90D-8E78-49B7-BFDB-13CEE0E2DD70}" = dir=in | app=c:\users\thuy-tien\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{91BE787F-5E12-4906-82EA-83E0D48E7762}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{AD0C878A-A722-4A77-9C87-BE7487A10440}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{B35EB789-11DB-43A7-AAA5-64C580A16CF0}" = protocol=6 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"{D069EFC7-290E-4382-A658-8237BEDC7703}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{D2E44707-DD07-4B39-AC2F-7C73481C3A59}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{E3257D3C-57DB-4BF0-8B67-B871474AECA7}" = protocol=17 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"{EC2B8DD9-8FE8-457C-BFD0-4FC55ACBE973}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{FF85669B-F8B7-45AF-AAEA-3D595F38C7C8}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"TCP Query User{8E7B289E-047A-46EC-AD8C-B4B02E1F9728}C:\program files\veoh networks\veohwebplayer\veohwebplayer.exe" = protocol=6 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"TCP Query User{C25E6B15-6C5D-44FC-A365-705FBD66E7B9}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"TCP Query User{E641CDFE-4CC3-42FA-8685-2B9B21E23682}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{FD5F0A73-44BF-49C4-B27B-402045C45250}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{1CE5E482-5BB8-4EA7-97DA-09E841E0D099}C:\program files\veoh networks\veohwebplayer\veohwebplayer.exe" = protocol=17 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"UDP Query User{504AD807-4353-4337-8F01-59134A7F2754}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{A5D8AF97-1BB4-4E47-AA5B-6F0EDB3E8B0E}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{FDD2F02A-DD5F-47FC-AE77-1F3EB45F1EF9}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{06223EA1-8977-4A44-B2AB-30FD78B7DCC1}" = CCC Help Thai
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CF37D58-38A8-E03F-8DD8-B01B55C09615}" = CCC Help English
"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home Cinema 1.6.0.4014
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 29
"{27349465-3521-8214-5311-286D806C86C3}" = CCC Help Dutch
"{2CD65167-671F-49A3-B6C7-3B919DF028E2}_is1" = Streaming Video Recorder V2.4.2
"{32762866-8C6E-437E-1E79-4506FEB7323A}" = Catalyst Control Center Graphics Full Existing
"{32E9C1A5-0FDA-4483-987D-DBABF9CC1DD8}" = Microsoft Antimalware Service FR-FR Language Pack
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{3B160861-7250-451E-B5EE-8B92BF30A710}" = Microsoft Works
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CAF2B2D-0DA3-7BD6-6701-E3D71992DB78}" = Catalyst Control Center Localization All
"{3D0DC563-4C99-4AB1-8C22-514940666938}" = Catalyst Control Center - Branding
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{4324E4DD-C67C-A413-5C12-5DC694A99AF6}" = ATI Catalyst Install Manager
"{45633D5F-76CE-B1D7-325B-A3F329AA99DB}" = Catalyst Control Center InstallProxy
"{4786E500-4FA0-C30F-D4E8-0E3D70D86227}" = CCC Help Swedish
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F147AEF-790D-DBE2-5830-94D90C02AC24}" = Catalyst Control Center Graphics Full New
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client FR-FR Language Pack
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{53536479-DFB0-47ED-9D10-43F3708C222D}" = TOSHIBA eco Utility
"{53735ECE-E461-4FD0-B742-23A352436D3A}" = Logitech Updater
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{5985DD7D-67F4-DD15-8589-B3F43C4A111D}" = CCC Help Chinese Traditional
"{5B0202A8-CC6B-4443-AD73-FE9DF1FC1622}" = Manuels TOSHIBA
"{5D264375-3E92-7D10-F219-3536F5BAE7BA}" = CCC Help Japanese
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F98C4EE-879F-232C-3F44-0BBFAB6A29D4}" = CCC Help Polish
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{61F8A9EC-5CB4-0001-FF88-C469156BA14C}" = CCC Help German
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Anti-Virus 2011
"{67830C2E-0345-7CE7-3829-8AB3D34E3AEB}" = CCC Help Turkish
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A9B4C2D-E651-6DD7-EC1D-AF331F250AB8}" = ccc-core-static
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6DEEDB89-D449-B985-4E0E-91D45AF66DFF}" = CCC Help Spanish
"{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}" = Complément Messenger
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7513A376-16F0-7E53-5CA1-7DA10A6216BC}" = CCC Help Danish
"{7617FC2E-EA1B-4F07-A0F5-5D5F437CB32D}" = MioMore Desktop 2008
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Disk Creator Reminder
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7C30283C-8DC7-4FBB-805E-52BEA5F580E8}" = Toshiba TEMPRO
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{811EF3A7-0861-0B8F-5432-3052E8230DC0}" = Catalyst Control Center Graphics Light
"{8259E348-50E8-A3C8-52B8-699DFDD31BA8}" = CCC Help Finnish
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{85E4952C-8C85-A58D-B9D9-783D1FADB775}" = Skins
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{8921F4ED-A696-D629-45E6-45A43A0F4FF0}" = CCC Help Czech
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D4B3DEB-2E18-4B7F-9CCB-4816A55F4D87}_is1" = Home Photo Studio 2.35
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{3E8EA473-ECCE-405F-A9CA-59446AEADD3A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98C70B57-4930-7088-22F4-93FC196938D0}" = CCC Help Chinese Standard
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A6137721-B2D0-1DAF-0B19-12AB0D065C45}" = Catalyst Control Center Core Implementation
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AB93C51F-71F9-4A28-8134-FE1B5B9373E9}" = Windows Live Remote Service Resources
"{AC1A4255-0EC8-585B-2D1A-8306C07F2B91}" = CCC Help Hungarian
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1036-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Français
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AEE65D6C-EDF4-B3E1-00CD-B17A6FC6BC6A}" = CCC Help Italian
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Disc Creator
"{B9F119C0-6886-A250-BF18-3ABEAA26F6A5}" = CCC Help Korean
"{BCF16F16-AC0E-4ABE-A9EF-412CF484BA51}" = Windows Live Family Safety
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"{C861504E-2F57-4F95-AB0A-C7C7D8E46A4E}" = Windows Live Family Safety
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype(TM) 4.2
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DB64C016-1705-36E9-1AEA-C2D4738BDE9A}" = CCC Help Norwegian
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DE2E45A2-31B1-7D26-2701-B1244763DE10}" = CCC Help Portuguese
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DFDBE1F9-04CE-4645-BB6C-4590EABC7A9C}" = Windows Live Remote Client Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E16087F4-3CE3-B644-A5F5-503F55F34CC0}" = CCC Help Russian
"{E1845F1C-068C-F8F4-D31D-D3540D47C453}" = Adobe Download Assistant
"{E4FD13E2-1638-A5B8-E28A-54D39F13D747}" = Catalyst Control Center Graphics Previews Vista
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{F0A386D2-6E15-4A8F-A04E-87CE9BED0D48}" = TOSHIBA ConfigFree
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E4A500-34B5-E8B7-FC2C-3726A0577AAD}" = CCC Help French
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F34009E9-6EA5-F0D2-4D7D-A9CE421908B6}" = CCC Help Greek
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F69114BE-EFDC-C756-1B38-ABD1E4873113}" = ccc-utility
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"ALUpdate_is1" = ALTools Update
"ALZip_is1" = ALZip
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"DivX Setup.divx.com" = Configuration DivX
"FormatFactory" = FormatFactory 2.60
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Mot de passe responsable
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{53536479-DFB0-47ED-9D10-43F3708C222D}" = TOSHIBA eco Utility
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Disk Creator Reminder
"InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Anti-Virus 2011
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 11.0 (x86 fr)" = Mozilla Firefox 11.0 (x86 fr)
"Opera 11.10.2092" = Opera 11.10
"Picasa2" = Picasa 2
"Premiumplay Codec-C" = Premiumplay Codec-C
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"The KMPlayer FR_is1" = The KMPlayer v3.0.0.1439 Beta FR
"Unlocker" = Unlocker 1.8.8
"Veoh Web Player Beta" = Veoh Web Player
"VLC media player" = VLC media player 2.0.1
"WavePad" = WavePad Sound Editor
"WinLiveSuite" = Windows Live
"Xvid_is1" = Xvid 1.2.1 final uninstall
"XviD4PSP5" = XviD4PSP 5.0
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
[HKEY_USERS\S-1-5-21-2666403779-1243288301-2070112608-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"PhotoFiltre" = PhotoFiltre
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
[ Application Events ]
Error - 4/04/2012 11:32:36 | Computer Name = PC-de-Thuy-Tien | Source = Application Error | ID = 1000
Description = Application défaillante Reader_sl.exe, version 10.1.2.45, horodatage
0x4f02e38e, module défaillant ntdll.dll, version 6.0.6002.18541, horodatage 0x4ec3e3d5,
code d'exception 0xc0000043, décalage d'erreur 0x00009f5d, ID du processus 0x13a4,
heure de début de l'application 0x01cd12781c745d56.
Error - 4/04/2012 11:34:35 | Computer Name = PC-de-Thuy-Tien | Source = TOSHIBA Service Station | ID = 0
Description = TSS Load: could not communicate with TMachInfo service
Error - 4/04/2012 13:49:07 | Computer Name = PC-de-Thuy-Tien | Source = Google Update | ID = 20
Description =
Error - 4/04/2012 16:49:07 | Computer Name = PC-de-Thuy-Tien | Source = Google Update | ID = 20
Description =
Error - 6/04/2012 10:37:55 | Computer Name = PC-de-Thuy-Tien | Source = EventSystem | ID = 4609
Description =
Error - 7/04/2012 10:33:08 | Computer Name = PC-de-Thuy-Tien | Source = EventSystem | ID = 4609
Description =
Error - 7/04/2012 10:45:29 | Computer Name = PC-de-Thuy-Tien | Source = Microsoft-Windows-CAPI2 | ID = 131584
Description =
Error - 7/04/2012 14:08:35 | Computer Name = PC-de-Thuy-Tien | Source = EventSystem | ID = 4609
Description =
Error - 7/04/2012 14:20:26 | Computer Name = PC-de-Thuy-Tien | Source = EventSystem | ID = 4609
Description =
Error - 7/04/2012 14:42:52 | Computer Name = PC-de-Thuy-Tien | Source = EventSystem | ID = 4609
Description =
[ Media Center Events ]
Error - 4/04/2012 15:40:04 | Computer Name = PC-de-Thuy-Tien | Source = MCUpdate | ID = 0
Description = Erreur de connexion à Internet. (1412.1128)
Error - 4/04/2012 15:40:04 | Computer Name = PC-de-Thuy-Tien | Source = MCUpdate | ID = 0
Description = Impossible de contacter le service.. (1412.1129)
Error - 4/04/2012 16:40:29 | Computer Name = PC-de-Thuy-Tien | Source = MCUpdate | ID = 0
Description = Erreur de connexion à Internet. (3552.1128)
Error - 4/04/2012 16:40:29 | Computer Name = PC-de-Thuy-Tien | Source = MCUpdate | ID = 0
Description = Impossible de contacter le service.. (3552.1129)
Error - 4/04/2012 16:40:34 | Computer Name = PC-de-Thuy-Tien | Source = MCUpdate | ID = 0
Description = Erreur de connexion à Internet. (3552.1128)
Error - 4/04/2012 16:40:34 | Computer Name = PC-de-Thuy-Tien | Source = MCUpdate | ID = 0
Description = Impossible de contacter le service.. (3552.1129)
Error - 4/04/2012 17:40:44 | Computer Name = PC-de-Thuy-Tien | Source = MCUpdate | ID = 0
Description = Erreur de connexion à Internet. (5324.1128)
Error - 4/04/2012 17:40:44 | Computer Name = PC-de-Thuy-Tien | Source = MCUpdate | ID = 0
Description = Impossible de contacter le service.. (5324.1129)
Error - 4/04/2012 17:40:49 | Computer Name = PC-de-Thuy-Tien | Source = MCUpdate | ID = 0
Description = Erreur de connexion à Internet. (5324.1128)
Error - 4/04/2012 17:40:49 | Computer Name = PC-de-Thuy-Tien | Source = MCUpdate | ID = 0
Description = Impossible de contacter le service.. (5324.1129)
[ OSession Events ]
Error - 28/10/2010 15:29:59 | Computer Name = PC-de-Thuy-Tien | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7
seconds with 0 seconds of active time. This session ended with a crash.
Error - 25/01/2011 12:45:21 | Computer Name = PC-de-Thuy-Tien | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 9
seconds with 0 seconds of active time. This session ended with a crash.
Error - 26/01/2011 19:26:59 | Computer Name = PC-de-Thuy-Tien | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 6525
seconds with 2700 seconds of active time. This session ended with a crash.
Error - 13/02/2011 13:04:52 | Computer Name = PC-de-Thuy-Tien | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.
Error - 3/03/2011 16:52:51 | Computer Name = PC-de-Thuy-Tien | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7
seconds with 0 seconds of active time. This session ended with a crash.
Error - 27/03/2011 13:03:06 | Computer Name = PC-de-Thuy-Tien | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.
Error - 2/05/2011 15:23:04 | Computer Name = PC-de-Thuy-Tien | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 9
seconds with 0 seconds of active time. This session ended with a crash.
Error - 17/05/2011 13:33:14 | Computer Name = PC-de-Thuy-Tien | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.
Error - 23/10/2011 15:49:32 | Computer Name = PC-de-Thuy-Tien | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 406
seconds with 360 seconds of active time. This session ended with a crash.
Error - 13/12/2011 15:53:33 | Computer Name = PC-de-Thuy-Tien | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 6
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 7/04/2012 14:35:32 | Computer Name = PC-de-Thuy-Tien | Source = Server | ID = 2505
Description = Le serveur n'a pas pu se lier au transport \Device\NetBT_Tcpip_{E54DB601-B08E-410C-83F7-3C618B139189}
car un autre ordinateur du réseau porte le même nom. Le serveur n'a pas pu démarrer.
Error - 7/04/2012 14:35:32 | Computer Name = PC-de-Thuy-Tien | Source = netbt | ID = 4321
Description = Le nom "PC-DE-THUY-TIEN:20" n'a pas pu être enregistré sur l'interface
avec l'adresse IP 192.168.1.104. L'ordinateur avec l'adresse IP 192.168.1.101 n'a
pas permis que le nom soit réclamé par cet ordinateur.
Error - 7/04/2012 14:36:19 | Computer Name = PC-de-Thuy-Tien | Source = Microsoft Antimalware | ID = 3002
Description = La fonctionnalité de protection en temps réel %%860 a rencontré une
erreur et s'est arrêtée. Fonctionnalité : %%835 Code d'erreur : 0x80004005 Description
de l'erreur : Erreur non spécifiée Raison : %%842
Error - 7/04/2012 14:42:23 | Computer Name = PC-de-Thuy-Tien | Source = EventLog | ID = 6008
Description = L'arrêt système précédant à 20:37:10 le 7/04/2012 n'était pas prévu.
Error - 7/04/2012 14:42:43 | Computer Name = PC-de-Thuy-Tien | Source = DCOM | ID = 10005
Description =
Error - 7/04/2012 14:42:51 | Computer Name = PC-de-Thuy-Tien | Source = DCOM | ID = 10005
Description =
Error - 7/04/2012 14:43:27 | Computer Name = PC-de-Thuy-Tien | Source = DCOM | ID = 10005
Description =
Error - 7/04/2012 14:43:28 | Computer Name = PC-de-Thuy-Tien | Source = DCOM | ID = 10005
Description =
Error - 7/04/2012 14:52:41 | Computer Name = PC-de-Thuy-Tien | Source = DCOM | ID = 10005
Description =
Error - 7/04/2012 14:52:41 | Computer Name = PC-de-Thuy-Tien | Source = Microsoft Antimalware | ID = 2001
Description = %%860 a rencontré une erreur lors d'une tentative de mise à jour de
signature. Nouvelle version de la signature : Ancienne version de la signature :
1.123.1164.0 Source de la mise à jour : %%859 Phase de la mise à jour : %%852 Chemin
d'accès source : Default URL Type de signature : %%800 Type de mise à jour : %%803
Utilisateur :
AUTORITE NT\SYSTEM Version actuelle du moteur : Version précédente du moteur : 1.1.8202.0
Code
d'erreur : 0x8007043c Description de l'erreur : Ce service ne peut pas être démarré
en mode sans échec
< End of report >
OTL Extras logfile created on: 7/04/2012 21:32:29 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Thuy-Tien\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000080C | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy
2,96 Gb Total Physical Memory | 2,22 Gb Available Physical Memory | 74,96% Memory free
6,13 Gb Paging File | 5,60 Gb Available in Paging File | 91,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 186,31 Gb Total Space | 61,46 Gb Free Space | 32,99% Space Free | Partition Type: NTFS
Drive E: | 184,84 Gb Total Space | 163,89 Gb Free Space | 88,67% Space Free | Partition Type: NTFS
Drive G: | 931,51 Gb Total Space | 806,54 Gb Free Space | 86,58% Space Free | Partition Type: NTFS
Computer Name: PC-DE-THUY-TIEN | User Name: Thuy-Tien | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2666403779-1243288301-2070112608-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[color=#E56717]========== Shell Spawning ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [SPEEDbitVideoConverter] -- "C:\Program Files\SPEEDbit Video Downloader\Converter.exe" -convert=%1
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[color=#E56717]========== Security Center Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[color=#E56717]========== Firewall Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[color=#E56717]========== Authorized Applications List ==========[/color]
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00FBA75B-F625-4158-BD60-175CCF480D35}" = lport=49159 | protocol=6 | dir=in | name=akamai netsession interface |
"{5783CEAE-E884-4192-9551-108492458352}" = lport=65515 | protocol=6 | dir=in | name=akamai netsession interface |
"{61538562-6D51-4129-AF9E-48005CAAE9CF}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{66078FF0-8321-482A-8CD9-32656732E3EC}" = lport=49157 | protocol=6 | dir=in | name=akamai netsession interface |
"{75531D9A-E0CA-4337-BD18-76407D639B68}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{AE77BDBC-F384-4C42-93E2-393FD7DA1114}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{BC1C372D-5A46-4A86-821A-3FFA7EC3BC4A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C20AA660-9FD8-4F9A-A66A-7F7A9780A447}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{E6636506-D0DB-44AB-9D25-BFF36FC9DB95}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06A260F6-EC60-47DD-8DF1-2597000CC6B4}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{089ECBA3-90EF-4C77-9006-5875C6E9A080}" = protocol=17 | dir=in | app=c:\users\thuy-tien\appdata\local\temp\is799009782\ainstaller.exe |
"{10D3CC04-EE44-46B1-B129-6E096B82045F}" = protocol=6 | dir=in | app=c:\users\thuy-tien\appdata\local\temp\is799009782\ainstaller.exe |
"{16179AAF-9638-4C48-AE83-A6488D4B34C7}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{167C4B90-B33C-48AB-BC16-3545D9021790}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1B01EA86-47DE-4C58-AC81-B0DDF09EF64B}" = protocol=17 | dir=in | app=c:\users\thuy-tien\documents\downloads\videoconvertersetup.exe |
"{2B3CEB84-6281-4428-8742-E5ECC5252967}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4A2DA4F8-3841-4AC5-9D88-C0A00BBECA39}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{4D4C9B34-EB3A-48DC-B2D1-959573E14AF3}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{68B2BD06-1FDC-411C-AA59-75111338C54C}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{783300A7-29B0-4B21-9BE1-4D8CA2429A19}" = protocol=6 | dir=in | app=c:\users\thuy-tien\documents\downloads\videoconvertersetup.exe |
"{81545253-B2FB-4CFA-A378-A6D35839D09D}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{8387D872-F425-4789-A294-FC999D868D13}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{863AB90D-8E78-49B7-BFDB-13CEE0E2DD70}" = dir=in | app=c:\users\thuy-tien\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{91BE787F-5E12-4906-82EA-83E0D48E7762}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{AD0C878A-A722-4A77-9C87-BE7487A10440}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{B35EB789-11DB-43A7-AAA5-64C580A16CF0}" = protocol=6 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"{D069EFC7-290E-4382-A658-8237BEDC7703}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{D2E44707-DD07-4B39-AC2F-7C73481C3A59}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{E3257D3C-57DB-4BF0-8B67-B871474AECA7}" = protocol=17 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"{EC2B8DD9-8FE8-457C-BFD0-4FC55ACBE973}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{FF85669B-F8B7-45AF-AAEA-3D595F38C7C8}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"TCP Query User{8E7B289E-047A-46EC-AD8C-B4B02E1F9728}C:\program files\veoh networks\veohwebplayer\veohwebplayer.exe" = protocol=6 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"TCP Query User{C25E6B15-6C5D-44FC-A365-705FBD66E7B9}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"TCP Query User{E641CDFE-4CC3-42FA-8685-2B9B21E23682}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{FD5F0A73-44BF-49C4-B27B-402045C45250}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{1CE5E482-5BB8-4EA7-97DA-09E841E0D099}C:\program files\veoh networks\veohwebplayer\veohwebplayer.exe" = protocol=17 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"UDP Query User{504AD807-4353-4337-8F01-59134A7F2754}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{A5D8AF97-1BB4-4E47-AA5B-6F0EDB3E8B0E}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{FDD2F02A-DD5F-47FC-AE77-1F3EB45F1EF9}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{06223EA1-8977-4A44-B2AB-30FD78B7DCC1}" = CCC Help Thai
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CF37D58-38A8-E03F-8DD8-B01B55C09615}" = CCC Help English
"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home Cinema 1.6.0.4014
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 29
"{27349465-3521-8214-5311-286D806C86C3}" = CCC Help Dutch
"{2CD65167-671F-49A3-B6C7-3B919DF028E2}_is1" = Streaming Video Recorder V2.4.2
"{32762866-8C6E-437E-1E79-4506FEB7323A}" = Catalyst Control Center Graphics Full Existing
"{32E9C1A5-0FDA-4483-987D-DBABF9CC1DD8}" = Microsoft Antimalware Service FR-FR Language Pack
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{3B160861-7250-451E-B5EE-8B92BF30A710}" = Microsoft Works
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CAF2B2D-0DA3-7BD6-6701-E3D71992DB78}" = Catalyst Control Center Localization All
"{3D0DC563-4C99-4AB1-8C22-514940666938}" = Catalyst Control Center - Branding
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{4324E4DD-C67C-A413-5C12-5DC694A99AF6}" = ATI Catalyst Install Manager
"{45633D5F-76CE-B1D7-325B-A3F329AA99DB}" = Catalyst Control Center InstallProxy
"{4786E500-4FA0-C30F-D4E8-0E3D70D86227}" = CCC Help Swedish
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F147AEF-790D-DBE2-5830-94D90C02AC24}" = Catalyst Control Center Graphics Full New
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client FR-FR Language Pack
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{53536479-DFB0-47ED-9D10-43F3708C222D}" = TOSHIBA eco Utility
"{53735ECE-E461-4FD0-B742-23A352436D3A}" = Logitech Updater
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{5985DD7D-67F4-DD15-8589-B3F43C4A111D}" = CCC Help Chinese Traditional
"{5B0202A8-CC6B-4443-AD73-FE9DF1FC1622}" = Manuels TOSHIBA
"{5D264375-3E92-7D10-F219-3536F5BAE7BA}" = CCC Help Japanese
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F98C4EE-879F-232C-3F44-0BBFAB6A29D4}" = CCC Help Polish
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{61F8A9EC-5CB4-0001-FF88-C469156BA14C}" = CCC Help German
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Anti-Virus 2011
"{67830C2E-0345-7CE7-3829-8AB3D34E3AEB}" = CCC Help Turkish
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A9B4C2D-E651-6DD7-EC1D-AF331F250AB8}" = ccc-core-static
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6DEEDB89-D449-B985-4E0E-91D45AF66DFF}" = CCC Help Spanish
"{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}" = Complément Messenger
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7513A376-16F0-7E53-5CA1-7DA10A6216BC}" = CCC Help Danish
"{7617FC2E-EA1B-4F07-A0F5-5D5F437CB32D}" = MioMore Desktop 2008
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Disk Creator Reminder
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7C30283C-8DC7-4FBB-805E-52BEA5F580E8}" = Toshiba TEMPRO
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{811EF3A7-0861-0B8F-5432-3052E8230DC0}" = Catalyst Control Center Graphics Light
"{8259E348-50E8-A3C8-52B8-699DFDD31BA8}" = CCC Help Finnish
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{85E4952C-8C85-A58D-B9D9-783D1FADB775}" = Skins
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{8921F4ED-A696-D629-45E6-45A43A0F4FF0}" = CCC Help Czech
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D4B3DEB-2E18-4B7F-9CCB-4816A55F4D87}_is1" = Home Photo Studio 2.35
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{3E8EA473-ECCE-405F-A9CA-59446AEADD3A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98C70B57-4930-7088-22F4-93FC196938D0}" = CCC Help Chinese Standard
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A6137721-B2D0-1DAF-0B19-12AB0D065C45}" = Catalyst Control Center Core Implementation
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AB93C51F-71F9-4A28-8134-FE1B5B9373E9}" = Windows Live Remote Service Resources
"{AC1A4255-0EC8-585B-2D1A-8306C07F2B91}" = CCC Help Hungarian
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1036-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Français
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AEE65D6C-EDF4-B3E1-00CD-B17A6FC6BC6A}" = CCC Help Italian
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Disc Creator
"{B9F119C0-6886-A250-BF18-3ABEAA26F6A5}" = CCC Help Korean
"{BCF16F16-AC0E-4ABE-A9EF-412CF484BA51}" = Windows Live Family Safety
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"{C861504E-2F57-4F95-AB0A-C7C7D8E46A4E}" = Windows Live Family Safety
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype(TM) 4.2
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DB64C016-1705-36E9-1AEA-C2D4738BDE9A}" = CCC Help Norwegian
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DE2E45A2-31B1-7D26-2701-B1244763DE10}" = CCC Help Portuguese
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DFDBE1F9-04CE-4645-BB6C-4590EABC7A9C}" = Windows Live Remote Client Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E16087F4-3CE3-B644-A5F5-503F55F34CC0}" = CCC Help Russian
"{E1845F1C-068C-F8F4-D31D-D3540D47C453}" = Adobe Download Assistant
"{E4FD13E2-1638-A5B8-E28A-54D39F13D747}" = Catalyst Control Center Graphics Previews Vista
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{F0A386D2-6E15-4A8F-A04E-87CE9BED0D48}" = TOSHIBA ConfigFree
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E4A500-34B5-E8B7-FC2C-3726A0577AAD}" = CCC Help French
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F34009E9-6EA5-F0D2-4D7D-A9CE421908B6}" = CCC Help Greek
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F69114BE-EFDC-C756-1B38-ABD1E4873113}" = ccc-utility
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"ALUpdate_is1" = ALTools Update
"ALZip_is1" = ALZip
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"DivX Setup.divx.com" = Configuration DivX
"FormatFactory" = FormatFactory 2.60
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Mot de passe responsable
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{53536479-DFB0-47ED-9D10-43F3708C222D}" = TOSHIBA eco Utility
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Disk Creator Reminder
"InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Anti-Virus 2011
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 11.0 (x86 fr)" = Mozilla Firefox 11.0 (x86 fr)
"Opera 11.10.2092" = Opera 11.10
"Picasa2" = Picasa 2
"Premiumplay Codec-C" = Premiumplay Codec-C
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"The KMPlayer FR_is1" = The KMPlayer v3.0.0.1439 Beta FR
"Unlocker" = Unlocker 1.8.8
"Veoh Web Player Beta" = Veoh Web Player
"VLC media player" = VLC media player 2.0.1
"WavePad" = WavePad Sound Editor
"WinLiveSuite" = Windows Live
"Xvid_is1" = Xvid 1.2.1 final uninstall
"XviD4PSP5" = XviD4PSP 5.0
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
[HKEY_USERS\S-1-5-21-2666403779-1243288301-2070112608-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"PhotoFiltre" = PhotoFiltre
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
[ Application Events ]
Error - 4/04/2012 11:32:36 | Computer Name = PC-de-Thuy-Tien | Source = Application Error | ID = 1000
Description = Application défaillante Reader_sl.exe, version 10.1.2.45, horodatage
0x4f02e38e, module défaillant ntdll.dll, version 6.0.6002.18541, horodatage 0x4ec3e3d5,
code d'exception 0xc0000043, décalage d'erreur 0x00009f5d, ID du processus 0x13a4,
heure de début de l'application 0x01cd12781c745d56.
Error - 4/04/2012 11:34:35 | Computer Name = PC-de-Thuy-Tien | Source = TOSHIBA Service Station | ID = 0
Description = TSS Load: could not communicate with TMachInfo service
Error - 4/04/2012 13:49:07 | Computer Name = PC-de-Thuy-Tien | Source = Google Update | ID = 20
Description =
Error - 4/04/2012 16:49:07 | Computer Name = PC-de-Thuy-Tien | Source = Google Update | ID = 20
Description =
Error - 6/04/2012 10:37:55 | Computer Name = PC-de-Thuy-Tien | Source = EventSystem | ID = 4609
Description =
Error - 7/04/2012 10:33:08 | Computer Name = PC-de-Thuy-Tien | Source = EventSystem | ID = 4609
Description =
Error - 7/04/2012 10:45:29 | Computer Name = PC-de-Thuy-Tien | Source = Microsoft-Windows-CAPI2 | ID = 131584
Description =
Error - 7/04/2012 14:08:35 | Computer Name = PC-de-Thuy-Tien | Source = EventSystem | ID = 4609
Description =
Error - 7/04/2012 14:20:26 | Computer Name = PC-de-Thuy-Tien | Source = EventSystem | ID = 4609
Description =
Error - 7/04/2012 14:42:52 | Computer Name = PC-de-Thuy-Tien | Source = EventSystem | ID = 4609
Description =
[ Media Center Events ]
Error - 4/04/2012 15:40:04 | Computer Name = PC-de-Thuy-Tien | Source = MCUpdate | ID = 0
Description = Erreur de connexion à Internet. (1412.1128)
Error - 4/04/2012 15:40:04 | Computer Name = PC-de-Thuy-Tien | Source = MCUpdate | ID = 0
Description = Impossible de contacter le service.. (1412.1129)
Error - 4/04/2012 16:40:29 | Computer Name = PC-de-Thuy-Tien | Source = MCUpdate | ID = 0
Description = Erreur de connexion à Internet. (3552.1128)
Error - 4/04/2012 16:40:29 | Computer Name = PC-de-Thuy-Tien | Source = MCUpdate | ID = 0
Description = Impossible de contacter le service.. (3552.1129)
Error - 4/04/2012 16:40:34 | Computer Name = PC-de-Thuy-Tien | Source = MCUpdate | ID = 0
Description = Erreur de connexion à Internet. (3552.1128)
Error - 4/04/2012 16:40:34 | Computer Name = PC-de-Thuy-Tien | Source = MCUpdate | ID = 0
Description = Impossible de contacter le service.. (3552.1129)
Error - 4/04/2012 17:40:44 | Computer Name = PC-de-Thuy-Tien | Source = MCUpdate | ID = 0
Description = Erreur de connexion à Internet. (5324.1128)
Error - 4/04/2012 17:40:44 | Computer Name = PC-de-Thuy-Tien | Source = MCUpdate | ID = 0
Description = Impossible de contacter le service.. (5324.1129)
Error - 4/04/2012 17:40:49 | Computer Name = PC-de-Thuy-Tien | Source = MCUpdate | ID = 0
Description = Erreur de connexion à Internet. (5324.1128)
Error - 4/04/2012 17:40:49 | Computer Name = PC-de-Thuy-Tien | Source = MCUpdate | ID = 0
Description = Impossible de contacter le service.. (5324.1129)
[ OSession Events ]
Error - 28/10/2010 15:29:59 | Computer Name = PC-de-Thuy-Tien | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7
seconds with 0 seconds of active time. This session ended with a crash.
Error - 25/01/2011 12:45:21 | Computer Name = PC-de-Thuy-Tien | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 9
seconds with 0 seconds of active time. This session ended with a crash.
Error - 26/01/2011 19:26:59 | Computer Name = PC-de-Thuy-Tien | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 6525
seconds with 2700 seconds of active time. This session ended with a crash.
Error - 13/02/2011 13:04:52 | Computer Name = PC-de-Thuy-Tien | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.
Error - 3/03/2011 16:52:51 | Computer Name = PC-de-Thuy-Tien | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7
seconds with 0 seconds of active time. This session ended with a crash.
Error - 27/03/2011 13:03:06 | Computer Name = PC-de-Thuy-Tien | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.
Error - 2/05/2011 15:23:04 | Computer Name = PC-de-Thuy-Tien | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 9
seconds with 0 seconds of active time. This session ended with a crash.
Error - 17/05/2011 13:33:14 | Computer Name = PC-de-Thuy-Tien | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.
Error - 23/10/2011 15:49:32 | Computer Name = PC-de-Thuy-Tien | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 406
seconds with 360 seconds of active time. This session ended with a crash.
Error - 13/12/2011 15:53:33 | Computer Name = PC-de-Thuy-Tien | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 6
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 7/04/2012 14:35:32 | Computer Name = PC-de-Thuy-Tien | Source = Server | ID = 2505
Description = Le serveur n'a pas pu se lier au transport \Device\NetBT_Tcpip_{E54DB601-B08E-410C-83F7-3C618B139189}
car un autre ordinateur du réseau porte le même nom. Le serveur n'a pas pu démarrer.
Error - 7/04/2012 14:35:32 | Computer Name = PC-de-Thuy-Tien | Source = netbt | ID = 4321
Description = Le nom "PC-DE-THUY-TIEN:20" n'a pas pu être enregistré sur l'interface
avec l'adresse IP 192.168.1.104. L'ordinateur avec l'adresse IP 192.168.1.101 n'a
pas permis que le nom soit réclamé par cet ordinateur.
Error - 7/04/2012 14:36:19 | Computer Name = PC-de-Thuy-Tien | Source = Microsoft Antimalware | ID = 3002
Description = La fonctionnalité de protection en temps réel %%860 a rencontré une
erreur et s'est arrêtée. Fonctionnalité : %%835 Code d'erreur : 0x80004005 Description
de l'erreur : Erreur non spécifiée Raison : %%842
Error - 7/04/2012 14:42:23 | Computer Name = PC-de-Thuy-Tien | Source = EventLog | ID = 6008
Description = L'arrêt système précédant à 20:37:10 le 7/04/2012 n'était pas prévu.
Error - 7/04/2012 14:42:43 | Computer Name = PC-de-Thuy-Tien | Source = DCOM | ID = 10005
Description =
Error - 7/04/2012 14:42:51 | Computer Name = PC-de-Thuy-Tien | Source = DCOM | ID = 10005
Description =
Error - 7/04/2012 14:43:27 | Computer Name = PC-de-Thuy-Tien | Source = DCOM | ID = 10005
Description =
Error - 7/04/2012 14:43:28 | Computer Name = PC-de-Thuy-Tien | Source = DCOM | ID = 10005
Description =
Error - 7/04/2012 14:52:41 | Computer Name = PC-de-Thuy-Tien | Source = DCOM | ID = 10005
Description =
Error - 7/04/2012 14:52:41 | Computer Name = PC-de-Thuy-Tien | Source = Microsoft Antimalware | ID = 2001
Description = %%860 a rencontré une erreur lors d'une tentative de mise à jour de
signature. Nouvelle version de la signature : Ancienne version de la signature :
1.123.1164.0 Source de la mise à jour : %%859 Phase de la mise à jour : %%852 Chemin
d'accès source : Default URL Type de signature : %%800 Type de mise à jour : %%803
Utilisateur :
AUTORITE NT\SYSTEM Version actuelle du moteur : Version précédente du moteur : 1.1.8202.0
Code
d'erreur : 0x8007043c Description de l'erreur : Ce service ne peut pas être démarré
en mode sans échec
< End of report >
Salut isabelle1996
Télécharge AdwCleaner ( d'Xplode ) sur ton bureau.
http://general-changelog-team.fr/telechargements/logiciels/viewdownload/75-ou(...)
Lance le, clique sur [Suppression] puis patiente le temps du scan.
Une fois le scan fini, un rapport s'ouvrira, poste le contenu de ce rapport.
Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt
-----
-Télécharge et installe MalwareByte's Anti-Malware
http://www.malwarebytes.org/mbam.php
- Mets le à jour (Important)
- Double clique sur le raccourci de MalwareByte's Anti-Malware qui est sur le bureau.
- Sélectionne Exécuter un examen complet si ce n'est pas déjà fait
- clique sur Rechercher
- Une fois le scan terminé, une fenêtre s'ouvre, clique sur sur OK
- Si MalwareByte's n'a rien détecté, clique sur OK Un rapport va apparaître ferme-le.
- Si MalwareByte's a détecté des infections, clique sur Afficher les résultats ensuite sur Supprimer la sélection
- Enregistre le rapport sur ton Bureau comme cela il sera plus facile à retrouver, poste ensuite ce rapport.
Note : Si MalwareByte's a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur OK
Tutoriel pour MalwareByte's ici :
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
@++ :)
Télécharge AdwCleaner ( d'Xplode ) sur ton bureau.
http://general-changelog-team.fr/telechargements/logiciels/viewdownload/75-ou(...)
Lance le, clique sur [Suppression] puis patiente le temps du scan.
Une fois le scan fini, un rapport s'ouvrira, poste le contenu de ce rapport.
Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt
-----
-Télécharge et installe MalwareByte's Anti-Malware
http://www.malwarebytes.org/mbam.php
- Mets le à jour (Important)
- Double clique sur le raccourci de MalwareByte's Anti-Malware qui est sur le bureau.
- Sélectionne Exécuter un examen complet si ce n'est pas déjà fait
- clique sur Rechercher
- Une fois le scan terminé, une fenêtre s'ouvre, clique sur sur OK
- Si MalwareByte's n'a rien détecté, clique sur OK Un rapport va apparaître ferme-le.
- Si MalwareByte's a détecté des infections, clique sur Afficher les résultats ensuite sur Supprimer la sélection
- Enregistre le rapport sur ton Bureau comme cela il sera plus facile à retrouver, poste ensuite ce rapport.
Note : Si MalwareByte's a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur OK
Tutoriel pour MalwareByte's ici :
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
@++ :)
Rapport MalwareByte's Anti-Malware:
Malwarebytes Anti-Malware (Essai) 1.60.1.1000
www.malwarebytes.org
Version de la base de données: v2012.04.08.02
Windows Vista Service Pack 2 x86 NTFS (Mode sans échec/Réseau)
Internet Explorer 9.0.8112.16421
Thuy-Tien :: PC-DE-THUY-TIEN [administrateur]
Protection: Désactivé
8/04/2012 14:14:22
mbam-log-2012-04-08 (14-14-22).txt
Type d'examen: Examen complet
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 409397
Temps écoulé: 1 heure(s), 10 minute(s), 35 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Clé(s) du Registre détectée(s): 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8BCB5337-EC01-4E38-840C-A964F174255B} (Adware.SmartShopper) -> Mis en quarantaine et supprimé avec succès.
Valeur(s) du Registre détectée(s): 2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations|bak_Application (Hijacker.Application) -> Données: http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s -> Mis en quarantaine et supprimé avec succès.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|SRS_IT_E879027FB1765A5135A095 (Malware.Trace) -> Données: -> Mis en quarantaine et supprimé avec succès.
Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)
Dossier(s) détecté(s): 4
C:\Program Files\Mozilla Firefox\extensions\{C91E1C68-B60A-4C9F-B53B-AAAEF0E7EF97} (Adware.QuestDns) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files\Mozilla Firefox\extensions\{C91E1C68-B60A-4C9F-B53B-AAAEF0E7EF97}\chrome (Adware.QuestDns) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files\Mozilla Firefox\extensions\{C91E1C68-B60A-4C9F-B53B-AAAEF0E7EF97}\defaults (Adware.QuestDns) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files\Mozilla Firefox\extensions\{C91E1C68-B60A-4C9F-B53B-AAAEF0E7EF97}\defaults\preferences (Adware.QuestDns) -> Mis en quarantaine et supprimé avec succès.
Fichier(s) détecté(s): 12
C:\Users\Thuy-Tien\AppData\Local\Temp\is-4GRR7.tmp\dealio.exe (PUP.Dealio.TB) -> Aucune action effectuée.
C:\Users\Thuy-Tien\AppData\Local\Temp\is-6C084.tmp\dealio.exe (PUP.Dealio.TB) -> Aucune action effectuée.
C:\Users\Thuy-Tien\AppData\Local\Temp\RarSFX0\MegaplaySetup.exe (Adware.Seeearch) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Thuy-Tien\AppData\Local\Temp\RarSFX1\MegaplaySetup.exe (Adware.Seeearch) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Thuy-Tien\AppData\Local\Temp\RarSFX2\MegaplaySetup.exe (Adware.Seeearch) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Thuy-Tien\AppData\Local\Temp\RarSFX3\MegaplaySetup.exe (Adware.Seeearch) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Thuy-Tien\AppData\Local\Temp\{C8A3C243-95F8-43D0-93C7-64E72EC2595C}\{F5A88299-C9AF-44D7-9F3D-84589F1DB30F}\SweetimPack_3405.exe (Trojan.Dropper.Pak) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Thuy-Tien\Downloads\Codec-C.exe (Affiliate.Downloader) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files\Mozilla Firefox\extensions\{C91E1C68-B60A-4C9F-B53B-AAAEF0E7EF97}\chrome.manifest (Adware.QuestDns) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files\Mozilla Firefox\extensions\{C91E1C68-B60A-4C9F-B53B-AAAEF0E7EF97}\install.rdf (Adware.QuestDns) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files\Mozilla Firefox\extensions\{C91E1C68-B60A-4C9F-B53B-AAAEF0E7EF97}\chrome\questdns.jar (Adware.QuestDns) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files\Mozilla Firefox\extensions\{C91E1C68-B60A-4C9F-B53B-AAAEF0E7EF97}\defaults\preferences\prefs.js (Adware.QuestDns) -> Mis en quarantaine et supprimé avec succès.
(fin)
Malwarebytes Anti-Malware (Essai) 1.60.1.1000
www.malwarebytes.org
Version de la base de données: v2012.04.08.02
Windows Vista Service Pack 2 x86 NTFS (Mode sans échec/Réseau)
Internet Explorer 9.0.8112.16421
Thuy-Tien :: PC-DE-THUY-TIEN [administrateur]
Protection: Désactivé
8/04/2012 14:14:22
mbam-log-2012-04-08 (14-14-22).txt
Type d'examen: Examen complet
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 409397
Temps écoulé: 1 heure(s), 10 minute(s), 35 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Clé(s) du Registre détectée(s): 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8BCB5337-EC01-4E38-840C-A964F174255B} (Adware.SmartShopper) -> Mis en quarantaine et supprimé avec succès.
Valeur(s) du Registre détectée(s): 2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations|bak_Application (Hijacker.Application) -> Données: http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s -> Mis en quarantaine et supprimé avec succès.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|SRS_IT_E879027FB1765A5135A095 (Malware.Trace) -> Données: -> Mis en quarantaine et supprimé avec succès.
Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)
Dossier(s) détecté(s): 4
C:\Program Files\Mozilla Firefox\extensions\{C91E1C68-B60A-4C9F-B53B-AAAEF0E7EF97} (Adware.QuestDns) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files\Mozilla Firefox\extensions\{C91E1C68-B60A-4C9F-B53B-AAAEF0E7EF97}\chrome (Adware.QuestDns) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files\Mozilla Firefox\extensions\{C91E1C68-B60A-4C9F-B53B-AAAEF0E7EF97}\defaults (Adware.QuestDns) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files\Mozilla Firefox\extensions\{C91E1C68-B60A-4C9F-B53B-AAAEF0E7EF97}\defaults\preferences (Adware.QuestDns) -> Mis en quarantaine et supprimé avec succès.
Fichier(s) détecté(s): 12
C:\Users\Thuy-Tien\AppData\Local\Temp\is-4GRR7.tmp\dealio.exe (PUP.Dealio.TB) -> Aucune action effectuée.
C:\Users\Thuy-Tien\AppData\Local\Temp\is-6C084.tmp\dealio.exe (PUP.Dealio.TB) -> Aucune action effectuée.
C:\Users\Thuy-Tien\AppData\Local\Temp\RarSFX0\MegaplaySetup.exe (Adware.Seeearch) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Thuy-Tien\AppData\Local\Temp\RarSFX1\MegaplaySetup.exe (Adware.Seeearch) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Thuy-Tien\AppData\Local\Temp\RarSFX2\MegaplaySetup.exe (Adware.Seeearch) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Thuy-Tien\AppData\Local\Temp\RarSFX3\MegaplaySetup.exe (Adware.Seeearch) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Thuy-Tien\AppData\Local\Temp\{C8A3C243-95F8-43D0-93C7-64E72EC2595C}\{F5A88299-C9AF-44D7-9F3D-84589F1DB30F}\SweetimPack_3405.exe (Trojan.Dropper.Pak) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Thuy-Tien\Downloads\Codec-C.exe (Affiliate.Downloader) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files\Mozilla Firefox\extensions\{C91E1C68-B60A-4C9F-B53B-AAAEF0E7EF97}\chrome.manifest (Adware.QuestDns) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files\Mozilla Firefox\extensions\{C91E1C68-B60A-4C9F-B53B-AAAEF0E7EF97}\install.rdf (Adware.QuestDns) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files\Mozilla Firefox\extensions\{C91E1C68-B60A-4C9F-B53B-AAAEF0E7EF97}\chrome\questdns.jar (Adware.QuestDns) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files\Mozilla Firefox\extensions\{C91E1C68-B60A-4C9F-B53B-AAAEF0E7EF97}\defaults\preferences\prefs.js (Adware.QuestDns) -> Mis en quarantaine et supprimé avec succès.
(fin)
Voici le rapport Adwcleaner
# AdwCleaner v1.505 - Rapport créé le 08/04/2012 à 13:55:29
# Mis à jour le 07/04/2012 par Xplode
# Système d'exploitation : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Nom d'utilisateur : Thuy-Tien - PC-DE-THUY-TIEN
# Exécuté depuis : C:\Users\Thuy-Tien\Desktop\adwcleaner.exe
# Option [Suppression]
***** [Services] *****
***** [Fichiers / Dossiers] *****
Dossier Supprimé : C:\Users\Thuy-Tien\AppData\LocalLow\Toolbar4
Dossier Supprimé : C:\Users\THUY-T~1\AppData\Local\Temp\AskSearch
Dossier Supprimé : C:\Program Files\Ask.com
Dossier Supprimé : C:\Program Files\Conduit
Dossier Supprimé : C:\Program Files\freeTVRadio
Dossier Supprimé : C:\Users\Thuy-Tien\AppData\Roaming\Mozilla\FireFox\Profiles\klw10i5s.default\ConduitCommon
Dossier Supprimé : C:\Users\Thuy-Tien\AppData\Roaming\Mozilla\FireFox\Profiles\klw10i5s.default\extensions\ffxtlbr@funmoods.com
Fichier Supprimé : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
Fichier Supprimé : C:\Windows\system32\conduitEngine.tmp
Fichier Supprimé : C:\Users\Thuy-Tien\AppData\Roaming\Mozilla\FireFox\Profiles\klw10i5s.default\searchplugins\Conduit.xml
Fichier Supprimé : C:\Users\Thuy-Tien\AppData\Roaming\Mozilla\FireFox\Profiles\klw10i5s.default\searchplugins\funmoods.xml
Fichier Supprimé : C:\Users\Thuy-Tien\AppData\Roaming\Mozilla\FireFox\Profiles\klw10i5s.default\searchplugins\SweetIm.xml
***** [H. Navipromo] *****
***** [Registre] *****
[*] Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT1060933
[*] Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2102473
[*] Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2383985
[*] Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2405280
[*] Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2542115
[*] Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2653012
[*] Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2720081
Clé Supprimée : HKCU\Software\Ask&Record
Clé Supprimée : HKCU\Software\Conduit
Clé Supprimée : HKCU\Software\FissaSearch
Clé Supprimée : HKCU\Software\freeTVRadio
Clé Supprimée : HKCU\Software\Softonic
Clé Supprimée : HKCU\Software\Spointer
Clé Supprimée : HKCU\Software\SweetIm
Clé Supprimée : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Clé Supprimée : HKCU\Software\AppDataLow\Software\Fun Web Products
Clé Supprimée : HKCU\Software\AppDataLow\Software\MyWebSearch
Clé Supprimée : HKCU\Software\AppDataLow\Software\PriceGong
Clé Supprimée : HKLM\SOFTWARE\Conduit
Clé Supprimée : HKLM\SOFTWARE\OpenCandy
Clé Supprimée : HKLM\SOFTWARE\Software
Clé Supprimée : HKLM\SOFTWARE\SweetIM
Clé Supprimée : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Clé Supprimée : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Clé Supprimée : HKLM\SOFTWARE\Classes\Conduit.Engine
Clé Supprimée : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr
Clé Supprimée : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1
Clé Supprimée : HKLM\SOFTWARE\Classes\ShopperReports.Reporter
Clé Supprimée : HKLM\SOFTWARE\Classes\ShopperReports.Reporter.1
Clé Supprimée : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Clé Supprimée : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Clé Supprimée : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Clé Supprimée : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{5F05C28D-DEA9-4AD6-A73A-064175988EAB}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C878CD69-85DB-426B-81A3-E71175AAEB91}
Clé Supprimée : HKLM\SOFTWARE\Google\chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{7025E484-D4B0-441A-9F0B-69063BD679CE}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{8258B35C-05B8-4C0E-9525-9BCCC70F8F2D}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{A89256AD-EC17-4A83-BEF5-4B8BC4F39306}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{64182481-4F71-486B-A045-B233BD0DA8FC}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48DD-9B6D-7A13A3E42127}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40FD-8DAE-FF14757F60C7}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467E-B8D4-7786EDA79AE0}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B41306C6-96D0-442A-BCC4-B0F621E82CE9}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467E-B8D4-7786EDA79AE0}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
***** [Navigateurs] *****
-\\ Internet Explorer v9.0.8112.16421
Remplacé : [HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\Software\Policies\Microsoft\Internet Explorer\Main - Start Page] = hxxp://seeearch.com/ --> hxxp://www.google.fr
-\\ Mozilla Firefox v11.0 (fr)
Nom du profil : default
Fichier : C:\Users\Thuy-Tien\AppData\Roaming\Mozilla\FireFox\Profiles\klw10i5s.default\prefs.js
C:\Users\Thuy-Tien\AppData\Roaming\Mozilla\FireFox\Profiles\klw10i5s.default\user.js ... Supprimé !
Supprimée : user_pref("CT1060933..clientLogIsEnabled", false);
Supprimée : user_pref("CT1060933..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Supprimée : user_pref("CT1060933..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Supprimée : user_pref("CT1060933.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Supprimée : user_pref("CT1060933.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Supprimée : user_pref("CT1060933.BrowserCompStateIsOpen_129633202291172081", true);
Supprimée : user_pref("CT1060933.BrowserCompStateIsOpen_129652058719725628", true);
Supprimée : user_pref("CT1060933.CTID", "CT1060933");
Supprimée : user_pref("CT1060933.CurrentServerDate", "24-12-2011");
Supprimée : user_pref("CT1060933.DSChangedManually", false);
Supprimée : user_pref("CT1060933.DSInstall", true);
Supprimée : user_pref("CT1060933.DSProtectChoice", true);
Supprimée : user_pref("CT1060933.DSProtectCount", 1);
Supprimée : user_pref("CT1060933.DialogsAlignMode", "LTR");
Supprimée : user_pref("CT1060933.DialogsGetterLastCheckTime", "Sat Dec 24 2011 21:18:41 GMT+0100");
Supprimée : user_pref("CT1060933.DownloadReferralCookieData", "");
Supprimée : user_pref("CT1060933.FirstServerDate", "10-12-2011");
Supprimée : user_pref("CT1060933.FirstTime", true);
Supprimée : user_pref("CT1060933.FirstTimeFF3", true);
Supprimée : user_pref("CT1060933.FixPageNotFoundErrors", true);
Supprimée : user_pref("CT1060933.GroupingServerCheckInterval", 1440);
Supprimée : user_pref("CT1060933.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Supprimée : user_pref("CT1060933.HPInstall", true);
Supprimée : user_pref("CT1060933.HasUserGlobalKeys", true);
Supprimée : user_pref("CT1060933.HomePageProtectorEnabled", false);
Supprimée : user_pref("CT1060933.HomepageBeforeUnload", "google.be");
Supprimée : user_pref("CT1060933.Initialize", true);
Supprimée : user_pref("CT1060933.InitializeCommonPrefs", true);
Supprimée : user_pref("CT1060933.InstallationAndCookieDataSentCount", 3);
Supprimée : user_pref("CT1060933.InstallationId", "ConduitNSISIntegration");
Supprimée : user_pref("CT1060933.InstallationType", "ConduitXPEIntegration");
Supprimée : user_pref("CT1060933.InstalledDate", "Sat Dec 10 2011 11:07:43 GMT+0100");
Supprimée : user_pref("CT1060933.InvalidateCache", false);
Supprimée : user_pref("CT1060933.IsAlertDBUpdated", true);
Supprimée : user_pref("CT1060933.IsGrouping", false);
Supprimée : user_pref("CT1060933.IsInitSetupIni", true);
Supprimée : user_pref("CT1060933.IsMulticommunity", false);
Supprimée : user_pref("CT1060933.IsOpenThankYouPage", false);
Supprimée : user_pref("CT1060933.IsOpenUninstallPage", true);
Supprimée : user_pref("CT1060933.IsProtectorsInit", true);
Supprimée : user_pref("CT1060933.LanguagePackLastCheckTime", "Sat Dec 24 2011 21:18:41 GMT+0100");
Supprimée : user_pref("CT1060933.LanguagePackReloadIntervalMM", 1440);
Supprimée : user_pref("CT1060933.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Supprimée : user_pref("CT1060933.LastLogin_3.8.1.0", "Sat Dec 24 2011 21:18:41 GMT+0100");
Supprimée : user_pref("CT1060933.LatestVersion", "3.8.1.0");
Supprimée : user_pref("CT1060933.Locale", "en-us");
Supprimée : user_pref("CT1060933.MCDetectTooltipHeight", "83");
Supprimée : user_pref("CT1060933.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Supprimée : user_pref("CT1060933.MCDetectTooltipWidth", "295");
Supprimée : user_pref("CT1060933.MyStuffEnabledAtInstallation", true);
Supprimée : user_pref("CT1060933.OriginalFirstVersion", "3.8.1.0");
Supprimée : user_pref("CT1060933.RadioIsPodcast", false);
Supprimée : user_pref("CT1060933.RadioLastCheckTime", "Sat Dec 24 2011 21:18:43 GMT+0100");
Supprimée : user_pref("CT1060933.RadioLastUpdateIPServer", "0");
Supprimée : user_pref("CT1060933.RadioLastUpdateServer", "129326918102570000");
Supprimée : user_pref("CT1060933.RadioMediaID", "21504191");
Supprimée : user_pref("CT1060933.RadioMediaType", "Media Player");
Supprimée : user_pref("CT1060933.RadioMenuSelectedID", "EBRadioMenu_CT106093321504191");
Supprimée : user_pref("CT1060933.RadioShrinkedFromSetup", false);
Supprimée : user_pref("CT1060933.RadioStationName", "KFOG");
Supprimée : user_pref("CT1060933.RadioStationURL", "hxxp://live.cumulusstreaming.com/KFOG-FM");
Supprimée : user_pref("CT1060933.SavedHomepage", "google.be");
Supprimée : user_pref("CT1060933.SearchCaption", "Freecorder Customized Web Search");
Supprimée : user_pref("CT1060933.SearchEngineBeforeUnload", "Freecorder Customized Web Search");
Supprimée : user_pref("CT1060933.SearchFromAddressBarIsInit", true);
Supprimée : user_pref("CT1060933.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT106[...]
Supprimée : user_pref("CT1060933.SearchInNewTabEnabled", true);
Supprimée : user_pref("CT1060933.SearchInNewTabIntervalMM", 1440);
Supprimée : user_pref("CT1060933.SearchInNewTabLastCheckTime", "Sat Dec 24 2011 21:18:40 GMT+0100");
Supprimée : user_pref("CT1060933.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Supprimée : user_pref("CT1060933.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Supprimée : user_pref("CT1060933.SearchProtectorEnabled", false);
Supprimée : user_pref("CT1060933.SearchProtectorToolbarDisabled", false);
Supprimée : user_pref("CT1060933.SendProtectorDataViaLogin", true);
Supprimée : user_pref("CT1060933.ServiceMapLastCheckTime", "Sat Dec 24 2011 21:18:41 GMT+0100");
Supprimée : user_pref("CT1060933.SettingsLastCheckTime", "Sat Dec 24 2011 21:18:40 GMT+0100");
Supprimée : user_pref("CT1060933.SettingsLastUpdate", "1324548389");
Supprimée : user_pref("CT1060933.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT1060933&SearchSource=13");
Supprimée : user_pref("CT1060933.ThirdPartyComponentsInterval", 504);
Supprimée : user_pref("CT1060933.ThirdPartyComponentsLastCheck", "Sat Dec 10 2011 11:07:22 GMT+0100");
Supprimée : user_pref("CT1060933.ThirdPartyComponentsLastUpdate", "1312887586");
Supprimée : user_pref("CT1060933.ToolbarShrinkedFromSetup", false);
Supprimée : user_pref("CT1060933.TrusteLinkUrl", "hxxp://trust.conduit.com/CT1060933");
Supprimée : user_pref("CT1060933.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Supprimée : user_pref("CT1060933.Uninstall", true);
Supprimée : user_pref("CT1060933.UserID", "UN96339455868453460");
Supprimée : user_pref("CT1060933.ValidationData_Search", 0);
Supprimée : user_pref("CT1060933.ValidationData_Toolbar", 2);
Supprimée : user_pref("CT1060933.alertChannelId", "15651");
Supprimée : user_pref("CT1060933.appApproved.129272674122038321", true);
Supprimée : user_pref("CT1060933.autoDisableScopes", -1);
Supprimée : user_pref("CT1060933.backendstorage./9b+7e+x305", "247E27413334363379453A3D2A722C797A7E7A3128333B4D4[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e,x305", "247E28412F3F3E3779453A3D2A722C797B787D3128333C474[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e-x305", "247E2936303C363679453A3D2A722C797A207B3128333D462[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e.:2z527", "247E6F727174354379453A3D2A722C757A787D312833232[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e.x305", "247E2A4137374434337A463B3E2B732D7A7D7C213229343F5[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e/x305", "247E2B413536327844393C29712B787C7B773027323E4C434[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e06cg5el8:", "6E6D6F6F6E7374707271");
Supprimée : user_pref("CT1060933.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A7473757574797A767877242F4B4947[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e0x305", "247E2C403A407743383B28702A777C757D2F26313E4129554[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e1x305", "247E2D41313D403279453A3D2A722C7A77797E31283341473[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e2x305", "247E2E3542313D3D393A7B473C3F2C742E79207D322934435[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e31;cj7fk;kg#ncep@mc+vkn", "247E61393F236B25737471712A212C6[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e31;cjc<=fbj#om", "247E61393F236B25717772762A212C6E414F444D[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e3x305", "247E2F413F3B36333F47463F7D493E412E76307E222421352[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e4x305", "247E302C407642373A276F29777B74762E2530413E4F494A5[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e5x305", "247E3136422B7743383B28702A79757A772F2631434B3D495[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e6x305", "247E322C3E32323238453E7C483D402D752F7E7B2424342B3[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e7x305", "247E333D2C3F3E3F79453A3D2A722C7B7A797A31283347474[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e8x305", "247E343D3F3B35373B3F367C47472C742E7E7823322934495[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e9x305", "247E35332C3F327844393C29712B7B757979302732484C4F4[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e:x305", "247E36333B38327844393C29712B7B76797A3027324948554[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e;x305", "247E373F333F3738422F7B473C3F2C742E7E7A7A22332A354[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e<x305", "247E38343030442F463644377D493E412E7630217D2426352[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e=x305", "247E3933363F41413739357C483D402D752F207E2022342B3[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e>x305", "247E3A41363F323238387B473C3F2C742E7E20217C332A355[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e?x305", "247E3B2D2F2F334134403A3A7D494C2D752F2023207E342B3[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e@x305", "247E3C40422B7743383B28702A7B767E782F26314E52543D2[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7eax305", "247E3D3D37387743383B28702A7B7A757E2F26314F4F544A5[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B26[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7ebx305", "247E3E393141303D33454036327E4A3F422F77317B7D23352[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7ecx305", "247E3F3D303043312E7A463B3E2B732D7B207E31283353515[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7edx305", "247E4035422A363879453A3D2A722C7D202F26315247543C4[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7etx305", "247E6E2F2E3B323342357B44392B732D7A7B7B7C322934215[...]
Supprimée : user_pref("CT1060933.backendstorage./9b-0?3g>d", "3E6D3C3E70426F767A47477774207448764A25517C7B4F2A53[...]
Supprimée : user_pref("CT1060933.backendstorage./9b-0?3g@6:5;", "");
Supprimée : user_pref("CT1060933.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");
Supprimée : user_pref("CT1060933.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F297B7E7D21202F26313E424[...]
Supprimée : user_pref("CT1060933.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6A696B7273747576");
Supprimée : user_pref("CT1060933.backendstorage./9b3=>@44i48?", "372C2D326975763342363341484777213F3E484F4E4D464[...]
Supprimée : user_pref("CT1060933.backendstorage./9b5ba==9cjag", "6A67706B737444737A45437774484A797779204F7E");
Supprimée : user_pref("CT1060933.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6F6F6E7374707078737476");
Supprimée : user_pref("CT1060933.backendstorage./9b9643g3/9e", "6A");
Supprimée : user_pref("CT1060933.backendstorage./9b<:222h64<", "393F352F3E");
Supprimée : user_pref("CT1060933.backendstorage./9b=+03eh8h8j?:", "4443");
Supprimée : user_pref("CT1060933.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B26514649[...]
Supprimée : user_pref("CT1060933.backendstorage./9b?b0d:8aj62<h", "6D");
Supprimée : user_pref("CT1060933.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");
Supprimée : user_pref("CT1060933.backendstorage.autocompletepro_enable", "31");
Supprimée : user_pref("CT1060933.backendstorage.autocompletepro_enable_auto", "31");
Supprimée : user_pref("CT1060933.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Supprimée : user_pref("CT1060933.globalFirstTimeInfoLastCheckTime", "Sat Dec 24 2011 21:18:42 GMT+0100");
Supprimée : user_pref("CT1060933.homepageProtectorEnableByLogin", true);
Supprimée : user_pref("CT1060933.initDone", true);
Supprimée : user_pref("CT1060933.isAppTrackingManagerOn", true);
Supprimée : user_pref("CT1060933.isFirstRadioInstallation", false);
Supprimée : user_pref("CT1060933.myStuffEnabled", true);
Supprimée : user_pref("CT1060933.myStuffPublihserMinWidth", 400);
Supprimée : user_pref("CT1060933.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Supprimée : user_pref("CT1060933.myStuffServiceIntervalMM", 1440);
Supprimée : user_pref("CT1060933.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Supprimée : user_pref("CT1060933.oldAppsList", "128346981843587669,128280995260143876,111,129272674122038321,129[...]
Supprimée : user_pref("CT1060933.revertSettingsEnabled", true);
Supprimée : user_pref("CT1060933.searchProtectorDialogDelayInSec", 10);
Supprimée : user_pref("CT1060933.searchProtectorEnableByLogin", true);
Supprimée : user_pref("CT1060933.testingCtid", "");
Supprimée : user_pref("CT1060933.toolbarAppMetaDataLastCheckTime", "Sat Dec 24 2011 21:18:41 GMT+0100");
Supprimée : user_pref("CT1060933.toolbarContextMenuLastCheckTime", "Sat Dec 24 2011 21:18:41 GMT+0100");
Supprimée : user_pref("CT1060933.usagesFlag", 2);
Supprimée : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT1060933&Search[...]
Supprimée : user_pref("CommunityToolbar.ConduitSearchList", "Freecorder Customized Web Search");
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT1060933/CT1060933[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/15651/15317/BE", "\"1-20911[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT1060933", [...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT1060933",[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/equaliz[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/minimiz[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/play.gi[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/stop.gi[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/vol.gif[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"[...]
Supprimée : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Thuy-Tien\\AppData\\Roaming\\Mozill[...]
Supprimée : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.8.1.0");
Supprimée : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://freecorder.com/fc6/gadget/video.html", "1[...]
Supprimée : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://freecorder.com/fc6/gadget/video.html", "833x2[...]
Supprimée : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://pgcff.pricegong.com/agreement/agree.html#pg_e[...]
Supprimée : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Supprimée : user_pref("CommunityToolbar.ToolbarsList", "CT1060933");
Supprimée : user_pref("CommunityToolbar.ToolbarsList2", "CT1060933");
Supprimée : user_pref("CommunityToolbar.ToolbarsList4", "CT1060933");
Supprimée : user_pref("CommunityToolbar.globalUserId", "751192e7-2476-4727-b27c-7206d1991a37");
Supprimée : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Supprimée : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Supprimée : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT1060933");
Supprimée : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sat Dec 10 2011 11:07:4[...]
Supprimée : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Supprimée : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sat Dec 10 2011 11:08:02 GMT+010[...]
Supprimée : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Supprimée : user_pref("CommunityToolbar.notifications.firstTimeAlertShown", true);
Supprimée : user_pref("CommunityToolbar.notifications.locale", "en");
Supprimée : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Supprimée : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sat Dec 10 2011 11:07:23 GMT+0100");
Supprimée : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Supprimée : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Supprimée : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Supprimée : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Supprimée : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Supprimée : user_pref("CommunityToolbar.notifications.userId", "86c6724a-5dba-46de-ac34-6c52da0f9c15");
Supprimée : user_pref("CommunityToolbar.originalHomepage", "google.be");
Supprimée : user_pref("CommunityToolbar.originalSearchEngine", "Google");
Supprimée : user_pref("browser.search.defaultthis.engineName", "Freecorder Customized Web Search");
Supprimée : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&Sea[...]
Supprimée : user_pref("extensions.enabledAddons", "ffxtlbr@funmoods.com:1.5.0,{972ce4c6-7e08-4474-a285-3208198ce[...]
Supprimée : user_pref("extensions.funmoods.SimilarSitesStorage-pid2", "b29379eacf2f18f6");
Supprimée : user_pref("extensions.funmoods.admin", false);
Supprimée : user_pref("extensions.funmoods.aflt", "bf4");
Supprimée : user_pref("extensions.funmoods.brwsrsrc", "ietlbr");
Supprimée : user_pref("extensions.funmoods.cntry", "BE");
Supprimée : user_pref("extensions.funmoods.dfltLng", "");
Supprimée : user_pref("extensions.funmoods.dfltSrch", true);
Supprimée : user_pref("extensions.funmoods.dfltlng", "EN");
Supprimée : user_pref("extensions.funmoods.dfltsrch", true);
Supprimée : user_pref("extensions.funmoods.excTlbr", false);
Supprimée : user_pref("extensions.funmoods.hdrMd5", "274553DB333C72FF09AFCC18160F7DF7");
Supprimée : user_pref("extensions.funmoods.hmpg", true);
Supprimée : user_pref("extensions.funmoods.hrdid", "0");
Supprimée : user_pref("extensions.funmoods.id", "aa4ae862000000000000001e65ac928e");
Supprimée : user_pref("extensions.funmoods.instlDay", "15396");
Supprimée : user_pref("extensions.funmoods.instlRef", "");
Supprimée : user_pref("extensions.funmoods.instlday", "15388");
Supprimée : user_pref("extensions.funmoods.instlref", "");
Supprimée : user_pref("extensions.funmoods.isdcmntcmplt", false);
Supprimée : user_pref("extensions.funmoods.keywordurl", "");
Supprimée : user_pref("extensions.funmoods.lastVrsnTs", "1.5.12.215:14:04");
Supprimée : user_pref("extensions.funmoods.newTab", true);
Supprimée : user_pref("extensions.funmoods.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=bf4");
Supprimée : user_pref("extensions.funmoods.newtab", true);
Supprimée : user_pref("extensions.funmoods.newtaburl", "hxxp://start.funmoods.com/?f=2&a=bf4");
Supprimée : user_pref("extensions.funmoods.noFFXTlbr", false);
Supprimée : user_pref("extensions.funmoods.prdct", "funmoods");
Supprimée : user_pref("extensions.funmoods.propectorlck", 68418763);
Supprimée : user_pref("extensions.funmoods.prtkhmpg", 1);
Supprimée : user_pref("extensions.funmoods.prtnrId", "funmoods");
Supprimée : user_pref("extensions.funmoods.prtnrid", "funmoods");
Supprimée : user_pref("extensions.funmoods.sg", "none");
Supprimée : user_pref("extensions.funmoods.smplGrp", "none");
Supprimée : user_pref("extensions.funmoods.smplgrp", "none");
Supprimée : user_pref("extensions.funmoods.srch", "");
Supprimée : user_pref("extensions.funmoods.srchPrvdr", "Search");
Supprimée : user_pref("extensions.funmoods.srchprvdr", "Search");
Supprimée : user_pref("extensions.funmoods.stAdmnPrms", true);
Supprimée : user_pref("extensions.funmoods.tlbrId", "base");
Supprimée : user_pref("extensions.funmoods.tlbrSrchUrl", "hxxp://start.funmoods.com/results.php?f=3&a=bf4&q=");
Supprimée : user_pref("extensions.funmoods.tlbrid", "base");
Supprimée : user_pref("extensions.funmoods.tlbrsrchurl", "hxxp://start.funmoods.com/results.php?f=3&a=bf4&q=");
Supprimée : user_pref("extensions.funmoods.vrsn", "1.5.12.2");
Supprimée : user_pref("extensions.funmoods.vrsnTs", "1.5.12.215:14:04");
Supprimée : user_pref("extensions.funmoods.vrsni", "1.5.12.2");
Supprimée : user_pref("extensions.funmoods.vrsnts", "1.5.12.219:02:18");
Supprimée : user_pref("extensions.funmoods_i.aflt", "bf4");
Supprimée : user_pref("extensions.funmoods_i.dfltLng", "");
Supprimée : user_pref("extensions.funmoods_i.dfltSrch", true);
Supprimée : user_pref("extensions.funmoods_i.dnsErr", true);
Supprimée : user_pref("extensions.funmoods_i.excTlbr", false);
Supprimée : user_pref("extensions.funmoods_i.hmpg", true);
Supprimée : user_pref("extensions.funmoods_i.hmpgUrl", "hxxp://start.funmoods.com/?f=1&a=bf4");
Supprimée : user_pref("extensions.funmoods_i.id", "aa4ae862000000000000001e65ac928e");
Supprimée : user_pref("extensions.funmoods_i.instlDay", "15396");
Supprimée : user_pref("extensions.funmoods_i.instlRef", "");
Supprimée : user_pref("extensions.funmoods_i.newTab", true);
Supprimée : user_pref("extensions.funmoods_i.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=bf4");
Supprimée : user_pref("extensions.funmoods_i.prdct", "funmoods");
Supprimée : user_pref("extensions.funmoods_i.prtnrId", "funmoods");
Supprimée : user_pref("extensions.funmoods_i.smplGrp", "none");
Supprimée : user_pref("extensions.funmoods_i.srchPrvdr", "Search");
Supprimée : user_pref("extensions.funmoods_i.tlbrId", "base");
Supprimée : user_pref("extensions.funmoods_i.tlbrSrchUrl", "hxxp://start.funmoods.com/results.php?f=3&a=bf4&q=")[...]
Supprimée : user_pref("extensions.funmoods_i.vrsn", "1.5.12.2");
Supprimée : user_pref("extensions.funmoods_i.vrsnTs", "1.5.12.215:14:04");
Supprimée : user_pref("extensions.funmoods_i.vrsni", "1.5.12.2");
Supprimée : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&SearchSource=2&q=[...]
Supprimée : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Supprimée : user_pref("sweetim.toolbar.previous.browser.search.defaulturl", "");
Supprimée : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Supprimée : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "google.be");
Supprimée : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/");
-\\ Google Chrome v18.0.1025.142
Fichier : C:\Users\Thuy-Tien\AppData\Local\Google\Chrome\User Data\Default\Preferences
Supprimée : "keyword": "funmoods",
Supprimée : "search_url": "hxxp://start.funmoods.com/results.php?f=4&a=bf4&q={searchTerms}",
Supprimée : "homepage": "hxxp://start.funmoods.com/?f=1&a=bf4",
-\\ Opera v11.10.2092.0
Fichier : C:\Users\Thuy-Tien\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] Le fichier ne contient aucune entrée illégitime.
*************************
AdwCleaner[S1].txt - [974 octets] - [08/04/2012 13:51:19]
AdwCleaner[S2].txt - [378 octets] - [08/04/2012 13:54:03]
AdwCleaner[S3].txt - [36798 octets] - [08/04/2012 13:55:29]
########## EOF - C:\AdwCleaner[S3].txt - [36927 octets] ##########
# AdwCleaner v1.505 - Rapport créé le 08/04/2012 à 13:55:29
# Mis à jour le 07/04/2012 par Xplode
# Système d'exploitation : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Nom d'utilisateur : Thuy-Tien - PC-DE-THUY-TIEN
# Exécuté depuis : C:\Users\Thuy-Tien\Desktop\adwcleaner.exe
# Option [Suppression]
***** [Services] *****
***** [Fichiers / Dossiers] *****
Dossier Supprimé : C:\Users\Thuy-Tien\AppData\LocalLow\Toolbar4
Dossier Supprimé : C:\Users\THUY-T~1\AppData\Local\Temp\AskSearch
Dossier Supprimé : C:\Program Files\Ask.com
Dossier Supprimé : C:\Program Files\Conduit
Dossier Supprimé : C:\Program Files\freeTVRadio
Dossier Supprimé : C:\Users\Thuy-Tien\AppData\Roaming\Mozilla\FireFox\Profiles\klw10i5s.default\ConduitCommon
Dossier Supprimé : C:\Users\Thuy-Tien\AppData\Roaming\Mozilla\FireFox\Profiles\klw10i5s.default\extensions\ffxtlbr@funmoods.com
Fichier Supprimé : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
Fichier Supprimé : C:\Windows\system32\conduitEngine.tmp
Fichier Supprimé : C:\Users\Thuy-Tien\AppData\Roaming\Mozilla\FireFox\Profiles\klw10i5s.default\searchplugins\Conduit.xml
Fichier Supprimé : C:\Users\Thuy-Tien\AppData\Roaming\Mozilla\FireFox\Profiles\klw10i5s.default\searchplugins\funmoods.xml
Fichier Supprimé : C:\Users\Thuy-Tien\AppData\Roaming\Mozilla\FireFox\Profiles\klw10i5s.default\searchplugins\SweetIm.xml
***** [H. Navipromo] *****
***** [Registre] *****
[*] Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT1060933
[*] Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2102473
[*] Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2383985
[*] Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2405280
[*] Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2542115
[*] Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2653012
[*] Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2720081
Clé Supprimée : HKCU\Software\Ask&Record
Clé Supprimée : HKCU\Software\Conduit
Clé Supprimée : HKCU\Software\FissaSearch
Clé Supprimée : HKCU\Software\freeTVRadio
Clé Supprimée : HKCU\Software\Softonic
Clé Supprimée : HKCU\Software\Spointer
Clé Supprimée : HKCU\Software\SweetIm
Clé Supprimée : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Clé Supprimée : HKCU\Software\AppDataLow\Software\Fun Web Products
Clé Supprimée : HKCU\Software\AppDataLow\Software\MyWebSearch
Clé Supprimée : HKCU\Software\AppDataLow\Software\PriceGong
Clé Supprimée : HKLM\SOFTWARE\Conduit
Clé Supprimée : HKLM\SOFTWARE\OpenCandy
Clé Supprimée : HKLM\SOFTWARE\Software
Clé Supprimée : HKLM\SOFTWARE\SweetIM
Clé Supprimée : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Clé Supprimée : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Clé Supprimée : HKLM\SOFTWARE\Classes\Conduit.Engine
Clé Supprimée : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr
Clé Supprimée : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1
Clé Supprimée : HKLM\SOFTWARE\Classes\ShopperReports.Reporter
Clé Supprimée : HKLM\SOFTWARE\Classes\ShopperReports.Reporter.1
Clé Supprimée : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Clé Supprimée : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Clé Supprimée : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Clé Supprimée : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{5F05C28D-DEA9-4AD6-A73A-064175988EAB}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C878CD69-85DB-426B-81A3-E71175AAEB91}
Clé Supprimée : HKLM\SOFTWARE\Google\chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{7025E484-D4B0-441A-9F0B-69063BD679CE}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{8258B35C-05B8-4C0E-9525-9BCCC70F8F2D}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{A89256AD-EC17-4A83-BEF5-4B8BC4F39306}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{64182481-4F71-486B-A045-B233BD0DA8FC}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48DD-9B6D-7A13A3E42127}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40FD-8DAE-FF14757F60C7}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467E-B8D4-7786EDA79AE0}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B41306C6-96D0-442A-BCC4-B0F621E82CE9}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467E-B8D4-7786EDA79AE0}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
***** [Navigateurs] *****
-\\ Internet Explorer v9.0.8112.16421
Remplacé : [HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\Software\Policies\Microsoft\Internet Explorer\Main - Start Page] = hxxp://seeearch.com/ --> hxxp://www.google.fr
-\\ Mozilla Firefox v11.0 (fr)
Nom du profil : default
Fichier : C:\Users\Thuy-Tien\AppData\Roaming\Mozilla\FireFox\Profiles\klw10i5s.default\prefs.js
C:\Users\Thuy-Tien\AppData\Roaming\Mozilla\FireFox\Profiles\klw10i5s.default\user.js ... Supprimé !
Supprimée : user_pref("CT1060933..clientLogIsEnabled", false);
Supprimée : user_pref("CT1060933..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Supprimée : user_pref("CT1060933..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Supprimée : user_pref("CT1060933.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Supprimée : user_pref("CT1060933.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Supprimée : user_pref("CT1060933.BrowserCompStateIsOpen_129633202291172081", true);
Supprimée : user_pref("CT1060933.BrowserCompStateIsOpen_129652058719725628", true);
Supprimée : user_pref("CT1060933.CTID", "CT1060933");
Supprimée : user_pref("CT1060933.CurrentServerDate", "24-12-2011");
Supprimée : user_pref("CT1060933.DSChangedManually", false);
Supprimée : user_pref("CT1060933.DSInstall", true);
Supprimée : user_pref("CT1060933.DSProtectChoice", true);
Supprimée : user_pref("CT1060933.DSProtectCount", 1);
Supprimée : user_pref("CT1060933.DialogsAlignMode", "LTR");
Supprimée : user_pref("CT1060933.DialogsGetterLastCheckTime", "Sat Dec 24 2011 21:18:41 GMT+0100");
Supprimée : user_pref("CT1060933.DownloadReferralCookieData", "");
Supprimée : user_pref("CT1060933.FirstServerDate", "10-12-2011");
Supprimée : user_pref("CT1060933.FirstTime", true);
Supprimée : user_pref("CT1060933.FirstTimeFF3", true);
Supprimée : user_pref("CT1060933.FixPageNotFoundErrors", true);
Supprimée : user_pref("CT1060933.GroupingServerCheckInterval", 1440);
Supprimée : user_pref("CT1060933.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Supprimée : user_pref("CT1060933.HPInstall", true);
Supprimée : user_pref("CT1060933.HasUserGlobalKeys", true);
Supprimée : user_pref("CT1060933.HomePageProtectorEnabled", false);
Supprimée : user_pref("CT1060933.HomepageBeforeUnload", "google.be");
Supprimée : user_pref("CT1060933.Initialize", true);
Supprimée : user_pref("CT1060933.InitializeCommonPrefs", true);
Supprimée : user_pref("CT1060933.InstallationAndCookieDataSentCount", 3);
Supprimée : user_pref("CT1060933.InstallationId", "ConduitNSISIntegration");
Supprimée : user_pref("CT1060933.InstallationType", "ConduitXPEIntegration");
Supprimée : user_pref("CT1060933.InstalledDate", "Sat Dec 10 2011 11:07:43 GMT+0100");
Supprimée : user_pref("CT1060933.InvalidateCache", false);
Supprimée : user_pref("CT1060933.IsAlertDBUpdated", true);
Supprimée : user_pref("CT1060933.IsGrouping", false);
Supprimée : user_pref("CT1060933.IsInitSetupIni", true);
Supprimée : user_pref("CT1060933.IsMulticommunity", false);
Supprimée : user_pref("CT1060933.IsOpenThankYouPage", false);
Supprimée : user_pref("CT1060933.IsOpenUninstallPage", true);
Supprimée : user_pref("CT1060933.IsProtectorsInit", true);
Supprimée : user_pref("CT1060933.LanguagePackLastCheckTime", "Sat Dec 24 2011 21:18:41 GMT+0100");
Supprimée : user_pref("CT1060933.LanguagePackReloadIntervalMM", 1440);
Supprimée : user_pref("CT1060933.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Supprimée : user_pref("CT1060933.LastLogin_3.8.1.0", "Sat Dec 24 2011 21:18:41 GMT+0100");
Supprimée : user_pref("CT1060933.LatestVersion", "3.8.1.0");
Supprimée : user_pref("CT1060933.Locale", "en-us");
Supprimée : user_pref("CT1060933.MCDetectTooltipHeight", "83");
Supprimée : user_pref("CT1060933.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Supprimée : user_pref("CT1060933.MCDetectTooltipWidth", "295");
Supprimée : user_pref("CT1060933.MyStuffEnabledAtInstallation", true);
Supprimée : user_pref("CT1060933.OriginalFirstVersion", "3.8.1.0");
Supprimée : user_pref("CT1060933.RadioIsPodcast", false);
Supprimée : user_pref("CT1060933.RadioLastCheckTime", "Sat Dec 24 2011 21:18:43 GMT+0100");
Supprimée : user_pref("CT1060933.RadioLastUpdateIPServer", "0");
Supprimée : user_pref("CT1060933.RadioLastUpdateServer", "129326918102570000");
Supprimée : user_pref("CT1060933.RadioMediaID", "21504191");
Supprimée : user_pref("CT1060933.RadioMediaType", "Media Player");
Supprimée : user_pref("CT1060933.RadioMenuSelectedID", "EBRadioMenu_CT106093321504191");
Supprimée : user_pref("CT1060933.RadioShrinkedFromSetup", false);
Supprimée : user_pref("CT1060933.RadioStationName", "KFOG");
Supprimée : user_pref("CT1060933.RadioStationURL", "hxxp://live.cumulusstreaming.com/KFOG-FM");
Supprimée : user_pref("CT1060933.SavedHomepage", "google.be");
Supprimée : user_pref("CT1060933.SearchCaption", "Freecorder Customized Web Search");
Supprimée : user_pref("CT1060933.SearchEngineBeforeUnload", "Freecorder Customized Web Search");
Supprimée : user_pref("CT1060933.SearchFromAddressBarIsInit", true);
Supprimée : user_pref("CT1060933.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT106[...]
Supprimée : user_pref("CT1060933.SearchInNewTabEnabled", true);
Supprimée : user_pref("CT1060933.SearchInNewTabIntervalMM", 1440);
Supprimée : user_pref("CT1060933.SearchInNewTabLastCheckTime", "Sat Dec 24 2011 21:18:40 GMT+0100");
Supprimée : user_pref("CT1060933.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Supprimée : user_pref("CT1060933.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Supprimée : user_pref("CT1060933.SearchProtectorEnabled", false);
Supprimée : user_pref("CT1060933.SearchProtectorToolbarDisabled", false);
Supprimée : user_pref("CT1060933.SendProtectorDataViaLogin", true);
Supprimée : user_pref("CT1060933.ServiceMapLastCheckTime", "Sat Dec 24 2011 21:18:41 GMT+0100");
Supprimée : user_pref("CT1060933.SettingsLastCheckTime", "Sat Dec 24 2011 21:18:40 GMT+0100");
Supprimée : user_pref("CT1060933.SettingsLastUpdate", "1324548389");
Supprimée : user_pref("CT1060933.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT1060933&SearchSource=13");
Supprimée : user_pref("CT1060933.ThirdPartyComponentsInterval", 504);
Supprimée : user_pref("CT1060933.ThirdPartyComponentsLastCheck", "Sat Dec 10 2011 11:07:22 GMT+0100");
Supprimée : user_pref("CT1060933.ThirdPartyComponentsLastUpdate", "1312887586");
Supprimée : user_pref("CT1060933.ToolbarShrinkedFromSetup", false);
Supprimée : user_pref("CT1060933.TrusteLinkUrl", "hxxp://trust.conduit.com/CT1060933");
Supprimée : user_pref("CT1060933.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Supprimée : user_pref("CT1060933.Uninstall", true);
Supprimée : user_pref("CT1060933.UserID", "UN96339455868453460");
Supprimée : user_pref("CT1060933.ValidationData_Search", 0);
Supprimée : user_pref("CT1060933.ValidationData_Toolbar", 2);
Supprimée : user_pref("CT1060933.alertChannelId", "15651");
Supprimée : user_pref("CT1060933.appApproved.129272674122038321", true);
Supprimée : user_pref("CT1060933.autoDisableScopes", -1);
Supprimée : user_pref("CT1060933.backendstorage./9b+7e+x305", "247E27413334363379453A3D2A722C797A7E7A3128333B4D4[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e,x305", "247E28412F3F3E3779453A3D2A722C797B787D3128333C474[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e-x305", "247E2936303C363679453A3D2A722C797A207B3128333D462[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e.:2z527", "247E6F727174354379453A3D2A722C757A787D312833232[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e.x305", "247E2A4137374434337A463B3E2B732D7A7D7C213229343F5[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e/x305", "247E2B413536327844393C29712B787C7B773027323E4C434[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e06cg5el8:", "6E6D6F6F6E7374707271");
Supprimée : user_pref("CT1060933.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A7473757574797A767877242F4B4947[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e0x305", "247E2C403A407743383B28702A777C757D2F26313E4129554[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e1x305", "247E2D41313D403279453A3D2A722C7A77797E31283341473[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e2x305", "247E2E3542313D3D393A7B473C3F2C742E79207D322934435[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e31;cj7fk;kg#ncep@mc+vkn", "247E61393F236B25737471712A212C6[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e31;cjc<=fbj#om", "247E61393F236B25717772762A212C6E414F444D[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e3x305", "247E2F413F3B36333F47463F7D493E412E76307E222421352[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e4x305", "247E302C407642373A276F29777B74762E2530413E4F494A5[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e5x305", "247E3136422B7743383B28702A79757A772F2631434B3D495[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e6x305", "247E322C3E32323238453E7C483D402D752F7E7B2424342B3[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e7x305", "247E333D2C3F3E3F79453A3D2A722C7B7A797A31283347474[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e8x305", "247E343D3F3B35373B3F367C47472C742E7E7823322934495[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e9x305", "247E35332C3F327844393C29712B7B757979302732484C4F4[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e:x305", "247E36333B38327844393C29712B7B76797A3027324948554[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e;x305", "247E373F333F3738422F7B473C3F2C742E7E7A7A22332A354[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e<x305", "247E38343030442F463644377D493E412E7630217D2426352[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e=x305", "247E3933363F41413739357C483D402D752F207E2022342B3[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e>x305", "247E3A41363F323238387B473C3F2C742E7E20217C332A355[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e?x305", "247E3B2D2F2F334134403A3A7D494C2D752F2023207E342B3[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7e@x305", "247E3C40422B7743383B28702A7B767E782F26314E52543D2[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7eax305", "247E3D3D37387743383B28702A7B7A757E2F26314F4F544A5[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B26[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7ebx305", "247E3E393141303D33454036327E4A3F422F77317B7D23352[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7ecx305", "247E3F3D303043312E7A463B3E2B732D7B207E31283353515[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7edx305", "247E4035422A363879453A3D2A722C7D202F26315247543C4[...]
Supprimée : user_pref("CT1060933.backendstorage./9b+7etx305", "247E6E2F2E3B323342357B44392B732D7A7B7B7C322934215[...]
Supprimée : user_pref("CT1060933.backendstorage./9b-0?3g>d", "3E6D3C3E70426F767A47477774207448764A25517C7B4F2A53[...]
Supprimée : user_pref("CT1060933.backendstorage./9b-0?3g@6:5;", "");
Supprimée : user_pref("CT1060933.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");
Supprimée : user_pref("CT1060933.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F297B7E7D21202F26313E424[...]
Supprimée : user_pref("CT1060933.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6A696B7273747576");
Supprimée : user_pref("CT1060933.backendstorage./9b3=>@44i48?", "372C2D326975763342363341484777213F3E484F4E4D464[...]
Supprimée : user_pref("CT1060933.backendstorage./9b5ba==9cjag", "6A67706B737444737A45437774484A797779204F7E");
Supprimée : user_pref("CT1060933.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6F6F6E7374707078737476");
Supprimée : user_pref("CT1060933.backendstorage./9b9643g3/9e", "6A");
Supprimée : user_pref("CT1060933.backendstorage./9b<:222h64<", "393F352F3E");
Supprimée : user_pref("CT1060933.backendstorage./9b=+03eh8h8j?:", "4443");
Supprimée : user_pref("CT1060933.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B26514649[...]
Supprimée : user_pref("CT1060933.backendstorage./9b?b0d:8aj62<h", "6D");
Supprimée : user_pref("CT1060933.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");
Supprimée : user_pref("CT1060933.backendstorage.autocompletepro_enable", "31");
Supprimée : user_pref("CT1060933.backendstorage.autocompletepro_enable_auto", "31");
Supprimée : user_pref("CT1060933.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Supprimée : user_pref("CT1060933.globalFirstTimeInfoLastCheckTime", "Sat Dec 24 2011 21:18:42 GMT+0100");
Supprimée : user_pref("CT1060933.homepageProtectorEnableByLogin", true);
Supprimée : user_pref("CT1060933.initDone", true);
Supprimée : user_pref("CT1060933.isAppTrackingManagerOn", true);
Supprimée : user_pref("CT1060933.isFirstRadioInstallation", false);
Supprimée : user_pref("CT1060933.myStuffEnabled", true);
Supprimée : user_pref("CT1060933.myStuffPublihserMinWidth", 400);
Supprimée : user_pref("CT1060933.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Supprimée : user_pref("CT1060933.myStuffServiceIntervalMM", 1440);
Supprimée : user_pref("CT1060933.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Supprimée : user_pref("CT1060933.oldAppsList", "128346981843587669,128280995260143876,111,129272674122038321,129[...]
Supprimée : user_pref("CT1060933.revertSettingsEnabled", true);
Supprimée : user_pref("CT1060933.searchProtectorDialogDelayInSec", 10);
Supprimée : user_pref("CT1060933.searchProtectorEnableByLogin", true);
Supprimée : user_pref("CT1060933.testingCtid", "");
Supprimée : user_pref("CT1060933.toolbarAppMetaDataLastCheckTime", "Sat Dec 24 2011 21:18:41 GMT+0100");
Supprimée : user_pref("CT1060933.toolbarContextMenuLastCheckTime", "Sat Dec 24 2011 21:18:41 GMT+0100");
Supprimée : user_pref("CT1060933.usagesFlag", 2);
Supprimée : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT1060933&Search[...]
Supprimée : user_pref("CommunityToolbar.ConduitSearchList", "Freecorder Customized Web Search");
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT1060933/CT1060933[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/15651/15317/BE", "\"1-20911[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT1060933", [...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT1060933",[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/equaliz[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/minimiz[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/play.gi[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/stop.gi[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/vol.gif[...]
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"[...]
Supprimée : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Thuy-Tien\\AppData\\Roaming\\Mozill[...]
Supprimée : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.8.1.0");
Supprimée : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://freecorder.com/fc6/gadget/video.html", "1[...]
Supprimée : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://freecorder.com/fc6/gadget/video.html", "833x2[...]
Supprimée : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://pgcff.pricegong.com/agreement/agree.html#pg_e[...]
Supprimée : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Supprimée : user_pref("CommunityToolbar.ToolbarsList", "CT1060933");
Supprimée : user_pref("CommunityToolbar.ToolbarsList2", "CT1060933");
Supprimée : user_pref("CommunityToolbar.ToolbarsList4", "CT1060933");
Supprimée : user_pref("CommunityToolbar.globalUserId", "751192e7-2476-4727-b27c-7206d1991a37");
Supprimée : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Supprimée : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Supprimée : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT1060933");
Supprimée : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sat Dec 10 2011 11:07:4[...]
Supprimée : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Supprimée : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sat Dec 10 2011 11:08:02 GMT+010[...]
Supprimée : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Supprimée : user_pref("CommunityToolbar.notifications.firstTimeAlertShown", true);
Supprimée : user_pref("CommunityToolbar.notifications.locale", "en");
Supprimée : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Supprimée : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sat Dec 10 2011 11:07:23 GMT+0100");
Supprimée : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Supprimée : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Supprimée : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Supprimée : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Supprimée : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Supprimée : user_pref("CommunityToolbar.notifications.userId", "86c6724a-5dba-46de-ac34-6c52da0f9c15");
Supprimée : user_pref("CommunityToolbar.originalHomepage", "google.be");
Supprimée : user_pref("CommunityToolbar.originalSearchEngine", "Google");
Supprimée : user_pref("browser.search.defaultthis.engineName", "Freecorder Customized Web Search");
Supprimée : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&Sea[...]
Supprimée : user_pref("extensions.enabledAddons", "ffxtlbr@funmoods.com:1.5.0,{972ce4c6-7e08-4474-a285-3208198ce[...]
Supprimée : user_pref("extensions.funmoods.SimilarSitesStorage-pid2", "b29379eacf2f18f6");
Supprimée : user_pref("extensions.funmoods.admin", false);
Supprimée : user_pref("extensions.funmoods.aflt", "bf4");
Supprimée : user_pref("extensions.funmoods.brwsrsrc", "ietlbr");
Supprimée : user_pref("extensions.funmoods.cntry", "BE");
Supprimée : user_pref("extensions.funmoods.dfltLng", "");
Supprimée : user_pref("extensions.funmoods.dfltSrch", true);
Supprimée : user_pref("extensions.funmoods.dfltlng", "EN");
Supprimée : user_pref("extensions.funmoods.dfltsrch", true);
Supprimée : user_pref("extensions.funmoods.excTlbr", false);
Supprimée : user_pref("extensions.funmoods.hdrMd5", "274553DB333C72FF09AFCC18160F7DF7");
Supprimée : user_pref("extensions.funmoods.hmpg", true);
Supprimée : user_pref("extensions.funmoods.hrdid", "0");
Supprimée : user_pref("extensions.funmoods.id", "aa4ae862000000000000001e65ac928e");
Supprimée : user_pref("extensions.funmoods.instlDay", "15396");
Supprimée : user_pref("extensions.funmoods.instlRef", "");
Supprimée : user_pref("extensions.funmoods.instlday", "15388");
Supprimée : user_pref("extensions.funmoods.instlref", "");
Supprimée : user_pref("extensions.funmoods.isdcmntcmplt", false);
Supprimée : user_pref("extensions.funmoods.keywordurl", "");
Supprimée : user_pref("extensions.funmoods.lastVrsnTs", "1.5.12.215:14:04");
Supprimée : user_pref("extensions.funmoods.newTab", true);
Supprimée : user_pref("extensions.funmoods.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=bf4");
Supprimée : user_pref("extensions.funmoods.newtab", true);
Supprimée : user_pref("extensions.funmoods.newtaburl", "hxxp://start.funmoods.com/?f=2&a=bf4");
Supprimée : user_pref("extensions.funmoods.noFFXTlbr", false);
Supprimée : user_pref("extensions.funmoods.prdct", "funmoods");
Supprimée : user_pref("extensions.funmoods.propectorlck", 68418763);
Supprimée : user_pref("extensions.funmoods.prtkhmpg", 1);
Supprimée : user_pref("extensions.funmoods.prtnrId", "funmoods");
Supprimée : user_pref("extensions.funmoods.prtnrid", "funmoods");
Supprimée : user_pref("extensions.funmoods.sg", "none");
Supprimée : user_pref("extensions.funmoods.smplGrp", "none");
Supprimée : user_pref("extensions.funmoods.smplgrp", "none");
Supprimée : user_pref("extensions.funmoods.srch", "");
Supprimée : user_pref("extensions.funmoods.srchPrvdr", "Search");
Supprimée : user_pref("extensions.funmoods.srchprvdr", "Search");
Supprimée : user_pref("extensions.funmoods.stAdmnPrms", true);
Supprimée : user_pref("extensions.funmoods.tlbrId", "base");
Supprimée : user_pref("extensions.funmoods.tlbrSrchUrl", "hxxp://start.funmoods.com/results.php?f=3&a=bf4&q=");
Supprimée : user_pref("extensions.funmoods.tlbrid", "base");
Supprimée : user_pref("extensions.funmoods.tlbrsrchurl", "hxxp://start.funmoods.com/results.php?f=3&a=bf4&q=");
Supprimée : user_pref("extensions.funmoods.vrsn", "1.5.12.2");
Supprimée : user_pref("extensions.funmoods.vrsnTs", "1.5.12.215:14:04");
Supprimée : user_pref("extensions.funmoods.vrsni", "1.5.12.2");
Supprimée : user_pref("extensions.funmoods.vrsnts", "1.5.12.219:02:18");
Supprimée : user_pref("extensions.funmoods_i.aflt", "bf4");
Supprimée : user_pref("extensions.funmoods_i.dfltLng", "");
Supprimée : user_pref("extensions.funmoods_i.dfltSrch", true);
Supprimée : user_pref("extensions.funmoods_i.dnsErr", true);
Supprimée : user_pref("extensions.funmoods_i.excTlbr", false);
Supprimée : user_pref("extensions.funmoods_i.hmpg", true);
Supprimée : user_pref("extensions.funmoods_i.hmpgUrl", "hxxp://start.funmoods.com/?f=1&a=bf4");
Supprimée : user_pref("extensions.funmoods_i.id", "aa4ae862000000000000001e65ac928e");
Supprimée : user_pref("extensions.funmoods_i.instlDay", "15396");
Supprimée : user_pref("extensions.funmoods_i.instlRef", "");
Supprimée : user_pref("extensions.funmoods_i.newTab", true);
Supprimée : user_pref("extensions.funmoods_i.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=bf4");
Supprimée : user_pref("extensions.funmoods_i.prdct", "funmoods");
Supprimée : user_pref("extensions.funmoods_i.prtnrId", "funmoods");
Supprimée : user_pref("extensions.funmoods_i.smplGrp", "none");
Supprimée : user_pref("extensions.funmoods_i.srchPrvdr", "Search");
Supprimée : user_pref("extensions.funmoods_i.tlbrId", "base");
Supprimée : user_pref("extensions.funmoods_i.tlbrSrchUrl", "hxxp://start.funmoods.com/results.php?f=3&a=bf4&q=")[...]
Supprimée : user_pref("extensions.funmoods_i.vrsn", "1.5.12.2");
Supprimée : user_pref("extensions.funmoods_i.vrsnTs", "1.5.12.215:14:04");
Supprimée : user_pref("extensions.funmoods_i.vrsni", "1.5.12.2");
Supprimée : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&SearchSource=2&q=[...]
Supprimée : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Supprimée : user_pref("sweetim.toolbar.previous.browser.search.defaulturl", "");
Supprimée : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Supprimée : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "google.be");
Supprimée : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/");
-\\ Google Chrome v18.0.1025.142
Fichier : C:\Users\Thuy-Tien\AppData\Local\Google\Chrome\User Data\Default\Preferences
Supprimée : "keyword": "funmoods",
Supprimée : "search_url": "hxxp://start.funmoods.com/results.php?f=4&a=bf4&q={searchTerms}",
Supprimée : "homepage": "hxxp://start.funmoods.com/?f=1&a=bf4",
-\\ Opera v11.10.2092.0
Fichier : C:\Users\Thuy-Tien\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] Le fichier ne contient aucune entrée illégitime.
*************************
AdwCleaner[S1].txt - [974 octets] - [08/04/2012 13:51:19]
AdwCleaner[S2].txt - [378 octets] - [08/04/2012 13:54:03]
AdwCleaner[S3].txt - [36798 octets] - [08/04/2012 13:55:29]
########## EOF - C:\AdwCleaner[S3].txt - [36927 octets] ##########
Salut isabelle1996
Refais un scan avec OTL comme la première fois(mode Analyse) avec les mêmes paramètres et la même liste sous personnalisation, tu auras seulement un rapport(OTL.txt) a me poster, voir a utilisé cjoint pour poster le rapport, sinon le rapport n'est pas complet.
Si cela ne fonctionne pas avec cjoint, voir ici :
https://www.filedropper.com/
http://ww38.toofiles.com/fr/
http://www.archive-host.com/index.php
@++ :)
Refais un scan avec OTL comme la première fois(mode Analyse) avec les mêmes paramètres et la même liste sous personnalisation, tu auras seulement un rapport(OTL.txt) a me poster, voir a utilisé cjoint pour poster le rapport, sinon le rapport n'est pas complet.
Si cela ne fonctionne pas avec cjoint, voir ici :
https://www.filedropper.com/
http://ww38.toofiles.com/fr/
http://www.archive-host.com/index.php
@++ :)
Salut isabelle1996
Faire un clique droit sur OTL.exe pour lancer le programme et choisi "Exécuter en tant qu'administrateur".
? Copie la liste qui se trouve en gras ci-dessous, et colle-la dans la zone sous " Personnalisation "
:OTL
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8888;https=127.0.0.1:8888
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O3 - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\..\Toolbar\WebBrowser: (no name) - {4DAAC69C-CBA7-45E2-9BC8-1044483D3352} - No CLSID value found.
O3 - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\..\Toolbar\WebBrowser: (no name) - {E52BE12D-A44A-4F51-9DC1-34F37A488CC7} - No CLSID value found.
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://www.youplay.com/games/3rdParty/YouPlay/popcaploader_v10.cab (PopCapLoader Object)
[2010/07/05 23:04:22 | 000,000,000 | ---D | M] -- C:\Users\Thuy-Tien\AppData\Roaming\moovida-1
[2011/05/15 14:40:00 | 000,000,000 | ---D | M] -- C:\Program Files\Video Download Toolbar
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:862BDB1A
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:D1B5B4F1
:Commands
[Emptytemp]
? Clique sur " Correction " pour lancer la suppression.
? Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer. Accepte en cliquant sur YES.
? Au redémarrage , autorise OTL a s'exécuter.
? Poste le rapport généré par OTL.
Dis moi pour le mode normal...
@++ :)
Faire un clique droit sur OTL.exe pour lancer le programme et choisi "Exécuter en tant qu'administrateur".
? Copie la liste qui se trouve en gras ci-dessous, et colle-la dans la zone sous " Personnalisation "
:OTL
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8888;https=127.0.0.1:8888
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O3 - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\..\Toolbar\WebBrowser: (no name) - {4DAAC69C-CBA7-45E2-9BC8-1044483D3352} - No CLSID value found.
O3 - HKU\S-1-5-21-2666403779-1243288301-2070112608-1000\..\Toolbar\WebBrowser: (no name) - {E52BE12D-A44A-4F51-9DC1-34F37A488CC7} - No CLSID value found.
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://www.youplay.com/games/3rdParty/YouPlay/popcaploader_v10.cab (PopCapLoader Object)
[2010/07/05 23:04:22 | 000,000,000 | ---D | M] -- C:\Users\Thuy-Tien\AppData\Roaming\moovida-1
[2011/05/15 14:40:00 | 000,000,000 | ---D | M] -- C:\Program Files\Video Download Toolbar
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:862BDB1A
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:D1B5B4F1
:Commands
[Emptytemp]
? Clique sur " Correction " pour lancer la suppression.
? Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer. Accepte en cliquant sur YES.
? Au redémarrage , autorise OTL a s'exécuter.
? Poste le rapport généré par OTL.
Dis moi pour le mode normal...
@++ :)