Erreur 403 refusé
Fermé
marijon07
Messages postés
353
Date d'inscription
mercredi 23 février 2011
Statut
Membre
Dernière intervention
11 mai 2017
-
22 sept. 2013 à 15:18
buckhulk Messages postés 13690 Date d'inscription dimanche 21 septembre 2008 Statut Contributeur Dernière intervention 14 novembre 2020 - 11 févr. 2014 à 22:52
buckhulk Messages postés 13690 Date d'inscription dimanche 21 septembre 2008 Statut Contributeur Dernière intervention 14 novembre 2020 - 11 févr. 2014 à 22:52
A voir également:
- Erreur 403 refusé
- Erreur 0x80070643 - Guide
- Refuse iso - Télécharger - Utilitaires
- Erreur 10016 epson - Forum Imprimante
- Erreur c2002 western union ✓ - Forum Vos droits sur internet
- Erreur g030 - Forum Bbox Bouygues
9 réponses
buckhulk
Messages postés
13690
Date d'inscription
dimanche 21 septembre 2008
Statut
Contributeur
Dernière intervention
14 novembre 2020
1 756
22 sept. 2013 à 15:23
22 sept. 2013 à 15:23
bonjour,
virus surement mais tu peux déjà commencer par faire ÇA
virus surement mais tu peux déjà commencer par faire ÇA
marijon07
Messages postés
353
Date d'inscription
mercredi 23 février 2011
Statut
Membre
Dernière intervention
11 mai 2017
1
22 sept. 2013 à 21:36
22 sept. 2013 à 21:36
Bonsoir Buckhulk , merci de ta gentillesse
C'est effectivement un virus ''' Certified Toolbar qui est sur ma barre de navigation
Je n'arrive pas a le supprimer
Je suis novice en informatique
Mais , j'ai un e-commerce , et tres ennuyée
Je ne comprends pas , j'ai un pack anti-virus S F R .que je paie chaque mois
Que dois je faire ?
Pouvez vous m'aider?
Merci de votre aide
cordialement
C'est effectivement un virus ''' Certified Toolbar qui est sur ma barre de navigation
Je n'arrive pas a le supprimer
Je suis novice en informatique
Mais , j'ai un e-commerce , et tres ennuyée
Je ne comprends pas , j'ai un pack anti-virus S F R .que je paie chaque mois
Que dois je faire ?
Pouvez vous m'aider?
Merci de votre aide
cordialement
buckhulk
Messages postés
13690
Date d'inscription
dimanche 21 septembre 2008
Statut
Contributeur
Dernière intervention
14 novembre 2020
1 756
22 sept. 2013 à 23:08
22 sept. 2013 à 23:08
bonsoir marijon
Cela ne sert à rien leur pack antivirus , SFR , ORANGE, ou autre !
c'est pour te prendre de l'argent !
ton e-commerce c'est quoi ?
si tu te sert de Paypal , je te donnerais aussi des conseils si tu le désires
on va essayer de nettoyer ton PC si tu veux bien !
fais moi pour commencer un ZHPDiag :
ZHPDiag, outil de diagnostique comme son nom l'indique !
il me permettra de voir les potentielles infections de ton PC
1) * Télécharge ZHPDiag (de Nicolas coolman) sur ton bureau !!
>> ZHPDiag (de Nicolas coolman)
Mirroir
Si ton système d'exploitation est Vista ou Win7/8, lance les logiciels par simple clic droit et choisis "exécuter en tant qu'administrateur"
a) * Une fois le téléchargement achevé,
b) * double clique (ou clic droit pour seven , vista et 8 <ital>exécuter en tant qu'administrateur<:ital>) sur ZHPDiag2.exe et suis les instructions.
c) *A l'ouverture le programme te proposes "Rechercher" et "Configurer" - Clique sur "Configurer"
* Des icônes apparaissent en bas de la fenêtre.
* Clique sur le tournevis en bas à droite et choisis "Tous" puis "OK"
d) * L'outil va créer 3 icônes de racourcis : ZHPDiag >> ZHPFix >>MBRcheck
2) * Maintenant clique sur "Rechercher".
<ital>* Important >> Pendant l analyse de ton PC par ZHPDIag ne touche à plus rien !!!!!
* Laisse l'outil travailler, il peut être assez long
3) * Le rapport s'affiche sur ton Bureau une fois terminé !
IMPORTANT
les rapports étant trop long, les héberger :
Rappel des dépôts
1 cjoint : Utilisation
2 pjoint
3 up2share
4 FEC
Cela ne sert à rien leur pack antivirus , SFR , ORANGE, ou autre !
c'est pour te prendre de l'argent !
ton e-commerce c'est quoi ?
si tu te sert de Paypal , je te donnerais aussi des conseils si tu le désires
on va essayer de nettoyer ton PC si tu veux bien !
fais moi pour commencer un ZHPDiag :
ZHPDiag, outil de diagnostique comme son nom l'indique !
il me permettra de voir les potentielles infections de ton PC
ZHPDiagsuis bien les instructions
1) * Télécharge ZHPDiag (de Nicolas coolman) sur ton bureau !!
>> ZHPDiag (de Nicolas coolman)
Mirroir
Si ton système d'exploitation est Vista ou Win7/8, lance les logiciels par simple clic droit et choisis "exécuter en tant qu'administrateur"
a) * Une fois le téléchargement achevé,
b) * double clique (ou clic droit pour seven , vista et 8 <ital>exécuter en tant qu'administrateur<:ital>) sur ZHPDiag2.exe et suis les instructions.
c) *A l'ouverture le programme te proposes "Rechercher" et "Configurer" - Clique sur "Configurer"
* Des icônes apparaissent en bas de la fenêtre.
* Clique sur le tournevis en bas à droite et choisis "Tous" puis "OK"
d) * L'outil va créer 3 icônes de racourcis : ZHPDiag >> ZHPFix >>MBRcheck
2) * Maintenant clique sur "Rechercher".
<ital>* Important >> Pendant l analyse de ton PC par ZHPDIag ne touche à plus rien !!!!!
* Laisse l'outil travailler, il peut être assez long
3) * Le rapport s'affiche sur ton Bureau une fois terminé !
IMPORTANT
les rapports étant trop long, les héberger :
Tu peux fermer ZHPDiag
Rappel des dépôts
1 cjoint : Utilisation
2 pjoint
3 up2share
4 FEC
marijon07
Messages postés
353
Date d'inscription
mercredi 23 février 2011
Statut
Membre
Dernière intervention
11 mai 2017
1
23 sept. 2013 à 16:15
23 sept. 2013 à 16:15
Je n'arrive pas a t'envoyer le rapport , effectivement il est trop long
Comment dois je faire que veut dire les héberger
merci
Comment dois je faire que veut dire les héberger
merci
buckhulk
Messages postés
13690
Date d'inscription
dimanche 21 septembre 2008
Statut
Contributeur
Dernière intervention
14 novembre 2020
1 756
23 sept. 2013 à 16:30
23 sept. 2013 à 16:30
tiens tout est indiqué ici : https://www.commentcamarche.net/faq/29493-utiliser-cjoint-pour-heberger-des-fichiers
marijon07
Messages postés
353
Date d'inscription
mercredi 23 février 2011
Statut
Membre
Dernière intervention
11 mai 2017
1
23 sept. 2013 à 17:48
23 sept. 2013 à 17:48
https://www.cjoint.com/?3IxrS0gSkV4
encore merci
encore merci
marijon07
Messages postés
353
Date d'inscription
mercredi 23 février 2011
Statut
Membre
Dernière intervention
11 mai 2017
1
23 sept. 2013 à 08:34
23 sept. 2013 à 08:34
Bonjour Buckhululk ,
Merci énormément de ton aide qui me sera précieuse .
Comme je t'ai dit j'ai une boutique en ligne qui marche doucement depuis 3 ans.
site : nospetitszazous.fr
Je n'arrive plus a ouvrir certain site pour mettre mes publicités comme vivastreet etc....
Je vais essayer de suivre toutes tes indications , car je suis pas tres douée.
J'aime ta petite phrase: Il y a toujours quelqu'un qui sait ce que tu ne sais pas .
cordialement
bonne journée
Merci énormément de ton aide qui me sera précieuse .
Comme je t'ai dit j'ai une boutique en ligne qui marche doucement depuis 3 ans.
site : nospetitszazous.fr
Je n'arrive plus a ouvrir certain site pour mettre mes publicités comme vivastreet etc....
Je vais essayer de suivre toutes tes indications , car je suis pas tres douée.
J'aime ta petite phrase: Il y a toujours quelqu'un qui sait ce que tu ne sais pas .
cordialement
bonne journée
buckhulk
Messages postés
13690
Date d'inscription
dimanche 21 septembre 2008
Statut
Contributeur
Dernière intervention
14 novembre 2020
1 756
23 sept. 2013 à 10:48
23 sept. 2013 à 10:48
merci pour :
j'attend le rapport donc !
J'aime ta petite phraseTu sais moi non plus je ne suis pas "doué" comme certains ici , mais ce site a ça de bien , c'est que chacun peut apporter sa petite contribution car personne ne "sait" tout !!
j'attend le rapport donc !
marijon07
Messages postés
353
Date d'inscription
mercredi 23 février 2011
Statut
Membre
Dernière intervention
11 mai 2017
1
23 sept. 2013 à 16:13
23 sept. 2013 à 16:13
merci de ton aide voici mon rapport Rapport de ZHPDiag v2013.9.22.410 - Nicolas Coolman (22/09/2013)
~ Lancé par christiane (23/09/2013 15:45:20)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16686
MFIE: Mozilla Firefox 24.0 (Defaut)
OBIE: Safari v5.34.57.2
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 3Q6C9
Windows License : OK
~ Windows Remaining Initializations Number : 2
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
Computer Security 12.56.100.0
Pack Sécurité v1.57.391.0
Pack Sécurité v1.57.391.0
McAfee Security Scan Plus v3.0.318.3
Windows Defender W7
---\\ Logiciels d'optimisation du système
CCleaner v3.09 =>Piriform Ltd
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader X
Java 7 Update 25
---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3893 MB (49% free)
System Restore: Activé (Enable)
System drive C: has 817 GB (89%) free of 910 GB
---\\ Mode de connexion au système
~ Computer Name: CHRISTIANE-HP
~ User Name: christiane
~ All Users Names: HomeGroupUser$, christiane, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppData% : C:\Users\christiane\AppData\Roaming\
~ %Desktop% : C:\Users\christiane\Desktop\
~ %Favorites% : C:\Users\christiane\Favorites\
~ %LocalAppData% : C:\Users\christiane\AppData\Local\
~ %StartMenu% : C:\Users\christiane\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 817 Go of 910 Go)
D: Hard drive, Flash drive, Thumb drive (Free 3 Go of 21 Go)
E: CD-ROM drive (Not Inserted)
F: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 38 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.AAFA952E774DDDB0956D3BDFAE5B5B99] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.10/08/2013 - 06:22:18.) -- C:\Windows\System32\wininet.dll [2241024]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/296
~ Mes musiques (My Musics) : 19/2103
~ Mes Videos (My Videos) : 1/38
~ Mes Favoris (My Favorites) : 1/98
~ Mes Documents (My Documents) : 11/433
~ Mon Bureau (My Desktop) : 5/571
~ Menu demarrer (Programs) : 1/24
~ Hidden Files: Scanned in 00mn 10s
---\\ Processus lancés
[MD5.8FA2C363521F1181C32C767F26F0B47E] - (.DigitalPersona, Inc. - DigitalPersona Local Agent.) -- C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe [625416] [PID.1788]
[MD5.F44431CFD96428206039D3556311BF1B] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [19876968] [PID.2448]
[MD5.BD713579A87D698E1F2158CE10E48130] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe [272248] [PID.2776]
[MD5.17BE4BAEC3D4FE887BC5F446FEF4FD97] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files (x86)\SFR\Pack_Securite\fshoster32.exe [163536] [PID.2232]
[MD5.B41552B522C101326A849641F4E823C2] - (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSM32.exe [311976] [PID.3048]
[MD5.3E1E0A83941B0402330858B3851648EB] - (.Easybits - Software update notification.) -- C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1238016] [PID.3068]
[MD5.9ACCBC5891BA51B5B29C1A88F80D4CE3] - (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe [421888] [PID.2848]
[MD5.CE42DFE915F78246364D464902E47360] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.2508]
[MD5.CE5C9977DA751DDC30952AC4DCBCA788] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208] [PID.3268]
[MD5.B7F55E2AE978D3D34F7876EE5D689AAE] - (.CyberLink - YouCam Mirage.) -- C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe [136488] [PID.3900]
[MD5.A9182CE59CFC56F9C1DDE8B3C0AE8378] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [274840] [PID.6088]
[MD5.63DCE64797C64FB6110727B993440EA5] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8000512] [PID.5920]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1160]
[MD5.4FE5C6D40664AE07BE5105874357D2ED] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [57008] [PID.1420]
[MD5.CA793DCC1D5F619021EF1D37CC7A831E] - (.EasyBits Software AS - Shared EasyBits services for Windows.) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232] [PID.2140]
[MD5.45303CDBC1FD8F8D371E726BF126F771] - (.F-Secure Corporation - F-Secure ORSP Service.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\CCF_Reputation\fsorsp.exe [60352] [PID.2316]
[MD5.5AA89E152634954E15E9DB265C6A8557] - (.Pas de propriétaire - HPWMISVC Application.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [27192] [PID.2336]
[MD5.7CF1B716372B89568AE4C0FE769F5869] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872] [PID.2376]
[MD5.9281297DDEAB730CB2EBB27D74069BD3] - (.F-Secure Corporation - F-Secure Gatekeeper Handler 32-bit.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Anti-Virus\FSGK32.exe [621504] [PID.2384]
[MD5.5E53CF8AD0FD33B35000C113656AB37B] - (.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2754984] [PID.2956]
[MD5.E319535A8124F25C1C9C5288CACF3101] - (.TomTom - Windows Service for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [92632] [PID.3096]
[MD5.F13DA74969897359A88F2A739F54A250] - (.Ulead Systems, Inc. - ULCDRSvr.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152] [PID.3144]
[MD5.C2251C602EDFC49E71D13D660AB7F625] - (.F-Secure Corporation - F-Secure Management Agent.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSMA32.exe [213672] [PID.4228]
[MD5.9CB3D8D519DB7A70A463387B8E9AD924] - (.F-Secure Corporation - F-Secure Scanner Manager 32-bit.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Anti-Virus\fssm32.exe [1039296] [PID.4548]
[MD5.0955C23C041451FB4E7099D6B2CF1C06] - (.Hewlett-Packard Company - HP Software Framework WMI Service.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [988216] [PID.2576]
~ Processes Running: Scanned in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\prefs.js
C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\user.js
C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\prefs.js
C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\user.js
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\ask-search.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\Ask.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\bingp.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\delta.xml =>Toolbar.DeltaSearch
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\inbox-search.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\search.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\Search_Results.xml =>PUP.SearchResults
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\search_the_web.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\Web Search.xml =>Parasite.Pugi
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\ask-search.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\Ask.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\bingp.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\delta.xml =>Toolbar.DeltaSearch
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\inbox-search.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\search.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\Search_Results.xml =>PUP.SearchResults
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\search_the_web.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\Web Search.xml =>Parasite.Pugi
M3 - MFPP: Plugins - [christiane] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\Ask.xml
M3 - MFPP: Plugins - [christiane] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\avg-secure-search.xml
M3 - MFPP: Plugins - [christiane] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\babylon.xml =>Toolbar.Babylon
M3 - MFPP: Plugins - [christiane] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\fcmdSrchadj.xml =>Adware.Facemoods
M3 - MFPP: Plugins - [christiane] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\Search_Results.xml =>PUP.SearchResults
M3 - MFPP: Plugins - [christiane] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\Web Search.xml =>Parasite.Pugi
M0 - MFSP: prefs.js [christiane - Solo_912457] http://ww7.certified-toolbar.com =>PUP.CertifiedToolbar
M2 - MFEP: prefs.js [christiane - mnsyx3xp.default\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}] [] uTorrentBar_FR v10.20.0.513 (..) =>P2P.µTorrent
M2 - MFEP: prefs.js [christiane - Solo_912457\inboxcomtoolbar@inbox.com] [] Inbox Toolbar v (..)
M2 - MFEP: prefs.js [christiane - Solo_912457\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}] [] uTorrentBar_FR v10.16.70.505 (..) =>P2P.µTorrent
M2 - MFEP: prefs.js [christiane - Solo_912457\{3d86a75b-cb6b-4764-885d-ca6336f04ba2}] [] Movies Toolbar (Dist. by Bandoo Media, Inc.) v1.6.2.0 (..) =>Adware.Bandoo
M2 - MFEP: prefs.js [christiane - Solo_912457\{F008E9D6-2FF2-E796-08BA-80504C331C97}] [] New tab v5.0.0.9178 (..)
~ Firefox Browser: 50 Legitimates Filtered in 00mn 01s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://ww7.certified-toolbar.com =>PUP.CertifiedToolbar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ww7.certified-toolbar.com =>PUP.CertifiedToolbar
~ IE Browser: 14 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 0
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{D4027C7F-154A-4066-A1AD-4243D8127440} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{EEE6C35B-6118-11DC-9C72-001320C79847} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{BA14329E-9550-4989-B3F2-9732E92D17CC} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Ulead VideoStudio SE DVD.lnk . (.Ulead Systems, Inc. - Ulead VideoStudio.) -- C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\vstudio.exe
O4 - GS\Program [Public]: HP SimplePass Identity Protection.lnk . (.DigitalPersona, Inc. - User Dashboard.) -- C:\Program Files (x86)\DigitalPersona\Bin\DPUserConsole.exe
O4 - GS\Program [Public]: Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\QuickLaunch [christiane]: Apple Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\QuickLaunch [christiane]: Light Image Resizer 4.lnk . (.ObviousIdea SARL - ImageResizer.) -- C:\Program Files (x86)\ObviousIdea\Image Resizer 4\Resize.exe
O4 - GS\TaskBar [christiane]: HP MediaSmart.lnk . (...) -- C:\Program Files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (.not file.)
O4 - GS\TaskBar [christiane]: OpenOffice 4.0.0.lnk . (.Apache Software Foundation - OpenOffice 4.0.0.) -- C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
O4 - GS\TaskBar [christiane]: Power2Go.lnk . (.CyberLink Corp. - Power2Go.) -- C:\Program Files (x86)\CyberLink\Power2Go\Power2Go.exe
O4 - GS\Desktop [christiane]: Images - Raccourci.lnk . (...) -- C:\Users\christiane\AppData\Roaming\Microsoft\Windows\Libraries\Pictures.library-ms
O4 - GS\Desktop [christiane]: Light Image Resizer 4.lnk . (.ObviousIdea SARL - ImageResizer.) -- C:\Program Files (x86)\ObviousIdea\Image Resizer 4\Resize.exe
O4 - GS\Desktop [christiane]: Téléchargements - Raccourci.lnk . (...) -- C:\Users\christiane\Downloads
~ Global Startup: 75 Legitimates Filtered in 00mn 02s
---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: McAfee Security Scan Plus.lnk . (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
O4 - GS\Startup [christiane]: Alertes de surveillance de l'encre - HP Photosmart 5520 series (réseau).lnk . (.Hewlett-Packard Co. - Print Driver Status Business Logic.) -- C:\Program Files\HP\HP Photosmart 5520 series\bin\HPStatusBL.dll =>.Hewlett-Packard Co
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKCU\..\Run: [SSync] . (.Pas de propriétaire - Lua Launcher.) -- C:\Users\christiane\AppData\Roaming\SSync\SSync.exe
O4 - HKCU\..\Run: [DataMgr] . (.HTTO Group, Ltd. - Updater.) -- C:\Users\christiane\AppData\Roaming\DataMgr\DataMgr.exe
O4 - HKCU\..\Run: [SCheck] . (.Pas de propriétaire - Lua Launcher.) -- C:\Users\christiane\AppData\Roaming\SCheck\SCheck.exe
O4 - HKCU\..\Run: [Intermediate] . (.Pas de propriétaire - Lua Launcher.) -- C:\Users\christiane\AppData\Roaming\Intermediate\Intermediate.exe
O4 - HKCU\..\Run: [HP Photosmart 5520 series (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Wow6432Node\Run: [Tutorials] Clé orpheline =>Spyware.AgenceExclusive
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [F-Secure Hoster (44996)] . (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files (x86)\SFR\Pack_Securite\fshoster32.exe
O4 - HKLM\..\Wow6432Node\Run: [F-Secure Manager] . (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSM32.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [Magic Desktop for HP notification] . (.Easybits - Software update notification.) -- C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [Search Protection] C:\ProgramData\Search Protection\SearchProtection.exe (.not file.) =>Toolbar.Conduit
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-518999118-2613084225-3299785174-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-21-518999118-2613084225-3299785174-1001\..\Run: [SSync] . (.Pas de propriétaire - Lua Launcher.) -- C:\Users\christiane\AppData\Roaming\SSync\SSync.exe
O4 - HKUS\S-1-5-21-518999118-2613084225-3299785174-1001\..\Run: [DataMgr] . (.HTTO Group, Ltd. - Updater.) -- C:\Users\christiane\AppData\Roaming\DataMgr\DataMgr.exe
O4 - HKUS\S-1-5-21-518999118-2613084225-3299785174-1001\..\Run: [SCheck] . (.Pas de propriétaire - Lua Launcher.) -- C:\Users\christiane\AppData\Roaming\SCheck\SCheck.exe
O4 - HKUS\S-1-5-21-518999118-2613084225-3299785174-1001\..\Run: [Intermediate] . (.Pas de propriétaire - Lua Launcher.) -- C:\Users\christiane\AppData\Roaming\Intermediate\Intermediate.exe
O4 - HKUS\S-1-5-21-518999118-2613084225-3299785174-1001\..\Run: [HP Photosmart 5520 series (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe =>.Hewlett-Packard Co
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 [64Bits] - {bd707fe6-39f6-4bda-9265-86a76719bdc5} . (...) -- C:\Program Files\Motorola\Bluetooth\bluetooth.ico
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{10D298AE-28D8-47DB-BCD9-79E8A30A61C3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{A74BB713-CB40-42EA-8826-CACEAC0BF685}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{A74BB713-CB40-42EA-8826-CACEAC0BF685}: DhcpDomain = lan
O17 - HKLM\System\CS1\Services\Tcpip\..\{10D298AE-28D8-47DB-BCD9-79E8A30A61C3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{A74BB713-CB40-42EA-8826-CACEAC0BF685}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{A74BB713-CB40-42EA-8826-CACEAC0BF685}: DhcpDomain = lan
O17 - HKLM\System\CS2\Services\Tcpip\..\{10D298AE-28D8-47DB-BCD9-79E8A30A61C3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{A74BB713-CB40-42EA-8826-CACEAC0BF685}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{A74BB713-CB40-42EA-8826-CACEAC0BF685}: DhcpDomain = lan
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Antivirus Scheduled Scan] (...) -- C:\Program Files (x86)\AD-AWA~1\AdAwareLauncher.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{656E54B0-04F7-4599-B862-9787DD084E3A}] (...) -- C:\Users\christiane\Downloads\nero-7_nero_7.11.6.0_mise_a_jour_francais_10297.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{802AAF1F-9073-4B83-A60C-C929ADEB853F}] (...) -- C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\uninstbb.exe (.not file.) [0] =>Toolbar.Babylon
[MD5.00000000000000000000000000000000] [APT] [{A14BDE4C-8383-4989-ADF2-2C4B1800B080}] (...) -- C:\Users\christiane\Local Settings\Application Data\Bundled software uninstaller\biclient.exe (.not file.) [0] =>Adware.MegaSearch
[MD5.00000000000000000000000000000000] [APT] [{A4C9CB56-7F21-4469-8628-BCB9B24792A0}] (...) -- E:\sources\Photosmart 8000-slp_dd_hathi_110_017.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{B2A9761E-2C2A-45F1-8435-6C3FDEE32360}] (...) -- E:\TROUBLESHOOT\INSTMSIA.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{D6A90C27-B68F-4242-B8B2-9819C53AF0D5}] (...) -- E:\sources\Photosmart 8000-ConvergedIO_HPCOM_V3.exe (.not file.) [0]
~ Scheduled Task: 18 Legitimates Filtered in 00mn 06s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\5f0daddbc68b942]
[HKCU\Software\APN DTX]
[HKCU\Software\BI]
[HKCU\Software\BabylonToolbar] =>Toolbar.Babylon
[HKCU\Software\Blabbers] =>PUP.Blabbers
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\Cr_Installer] =>PUP.CrossRider
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr
[HKCU\Software\HTTOGroup]
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\OfferMosquito] =>Toolbar.OfferMosquito
[HKCU\Software\Protector]
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\SpeedMaxPc] =>PUP.SpeedMaxPc
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKCU\Software\Tuto4PC] =>PUP.Eorezo
[HKCU\Software\TutoTag] =>Spyware.AgenceExclusive
[HKCU\Software\Tutorials] =>Spyware.AgenceExclusive
[HKCU\Software\YahooPartnerToolbar] =>Toolbar.Yahoo
[HKCU\Software\delta LTD]
[HKCU\Software\iLivid] =>Adware.Bandoo
[HKCU\Software\fAfvfSfP [fVf#f" fEfBfU [fh'Å ¶ ¬'³'ê'½f [fJf< fAfvfSfP [fVf#f"]
[HKLM\Software\Tarma Installer] =>Toolbar.Tarma
[HKLM\Software\Wow6432Node\5f0daddbc68b942]
[HKLM\Software\Wow6432Node\AskTBar]
[HKLM\Software\Wow6432Node\Babylon] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Datamngr] =>PUP.Datamngr
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\IncrediMail]
[HKLM\Software\Wow6432Node\SpeedMaxPc] =>PUP.SpeedMaxPc
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Youyan]
[HKLM\Software\Wow6432Node\babylontoolbar] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\iLividSRTB] =>Adware.Bandoo
~ Key Software: 302 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 17/10/2012 - 11:43:18 - [1,827] ----D C:\Program Files (x86)\Conduit
O43 - CFD: 08/09/2013 - 20:58:28 - [0] ----D C:\Program Files (x86)\PC Cleaner =>USP.PCCleaner
O43 - CFD: 19/06/2013 - 14:49:29 - [0,050] ----D C:\Program Files (x86)\Common Files\Spigot =>PUP.Dealio
O43 - CFD: 17/08/2013 - 12:27:29 - [0] ----D C:\ProgramData\APN
O43 - CFD: 11/10/2012 - 10:02:48 - [0] ----D C:\ProgramData\Ask
O43 - CFD: 03/04/2013 - 17:00:05 - [0] ----D C:\ProgramData\Babylon =>Toolbar.Babylon
O43 - CFD: 01/09/2013 - 10:59:04 - [0] ----D C:\ProgramData\Browser Manager
O43 - CFD: 11/09/2013 - 15:13:14 - [0] ----D C:\ProgramData\SpeedMaxPc =>PUP.SpeedMaxPc
O43 - CFD: 17/10/2012 - 11:34:38 - [0,281] ----D C:\ProgramData\Tarma Installer =>Toolbar.Tarma
O43 - CFD: 03/04/2013 - 17:00:05 - [0,009] ----D C:\Users\christiane\AppData\Roaming\Babylon =>Toolbar.Babylon
O43 - CFD: 18/03/2012 - 11:14:35 - [0,002] ----D C:\Users\christiane\AppData\Roaming\com.socialbox.socialbox
O43 - CFD: 19/06/2013 - 15:51:58 - [0,161] ----D C:\Users\christiane\AppData\Roaming\DataMgr
O43 - CFD: 11/09/2013 - 15:05:02 - [0] ----D C:\Users\christiane\AppData\Roaming\SpeedMaxPc =>PUP.SpeedMaxPc
O43 - CFD: 20/03/2013 - 09:21:15 - [0] ----D C:\Users\christiane\AppData\Local\Conduit
O43 - CFD: 10/09/2013 - 09:51:28 - [0,005] ----D C:\Users\christiane\AppData\Local\iLivid =>Adware.Bandoo
~ 357 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 632 Legitimates Filtered in 01mn 41s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.E1ECC27DD412B33318CD46CD5C77A6D2] - 17/09/2013 - 07:05:08 ---A- . (...) -- C:\Windows\IE10_main.log [1347]
O44 - LFC:[MD5.1B2CE85F36F5BB6DEC7AE685978DB825] - 10/09/2013 - 08:57:42 ---A- . (.Pas de propriétaire - Toolbar_Exe_Launcher_Form.) -- C:\Windows\Launcher.exe [32328]
~ Files: 144 Legitimates Filtered in 00mn 58s
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.FA4EB479B10BF167AA7FD14B1D8210EC] - 23/09/2013 - 08:55:26 ---A- - C:\Windows\Prefetch\TRIGGER.EXE-041875CA.pf
O45 - LFCP:[MD5.0A7DEBCB1EA2F2E5F99B72E5C74C37E4] - 23/09/2013 - 10:20:48 ---A- - C:\Windows\Prefetch\IEUNATT.EXE-94DA8E02.pf
O45 - LFCP:[MD5.A67FA94F28BE71844BE22D888669B51D] - 23/09/2013 - 14:42:54 ---A- - C:\Windows\Prefetch\FSADMINSETTINGS.EXE-740AA57D.pf
~ Prefetcher: 92 Legitimates Filtered in 00mn 01s
---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{e5f3d40e-cf88-11e2-9979-643150592632}\AutoRun\command. (...) -- G:\DPFMate.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\Badoo Desktop [Key] . (...) -- C:\ProgramData\Badoo\Badoo desktop\1.6.48.1082\Badoo.desktop.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Browser companion helper [Key] . (...) -- C:\Program Files (x86)\BrowserCompanion\BCHelper.exe (.not file.) =>PUP.Blabbers
O53 - SMSR:HKLM\...\startupreg\offerbox [Key] . (...) -- C:\Program Files (x86)\OfferBox\OfferBox.exe (.not file.) =>PUP.OfferBox
~ SMSR Keys: 26 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.9573E8C7C3B3D1625FD941841FD0859C] - 24/06/2010 - 21:32:52 . (.Windows (R) Win 7 DDK provider - CyberLink WebCam Virtual Driver.) -- C:\Windows\System32\Drivers\clwvd.sys [32880]
O58 - SDL:[MD5.343786E182B9C9AE3066E00DEC650F50] - 27/02/2013 - 21:37:16 ---A- . (...) -- C:\Windows\SysWOW64\drivers\fsbts.sys [42672]
~ Drivers: 19 Legitimates Filtered in 00mn 00s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <Safari.exe> <Safari>[HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe
O68 - StartMenuInternet: <Torch> <>[HKLM\..\Shell\open\Command] (.Not Key.)
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_TMP_city", "BOULOGNE-BILLANCOURT");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_TMP_country", "FR");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_country", "FRANCE");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_locId", "FRXX0281");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_location", "Boulogne-Billancourt, France");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_region", "FR");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_temp_dis", "c");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_wind_dis", "kmh");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.weatherData", "{\"icon\":\"28.png\",\"temperature\":\"19ÃfÆ'ââ'¬Å¡Ãfâ€sÃ'°C\",\"temperatureClear\":[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.Facebook_Mode.enc", "Mg==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.Facebook_User_Locale.enc", "ZnI=");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.Facebook_ctid_Connect_send_new.enc", "c2VuZGVk");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.FirstTime", "true");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.FirstTimeFF3", "true");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.PG_ENABLE", "dHJ1ZQ==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.PG_ENABLE.enc", "dHJ1ZQ==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.SF_JUST_INSTALLED.enc", "RkFMU0U=");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.SF_STATUS.enc", "RU5BQkxFRA==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.SearchAppState.enc", "Mg==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2851639&SearchSource=2&CUI=UN8451[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.UserID", "UN84510811223764668");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.addressBarTakeOverEnabledInHidden", "true");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.browser.search.defaultthis.engineName", true);
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.countryCode", "FR");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.embeddedsData", "[{\"appId\":\"129351529700743801\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFra[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.enableFix404ByUser", "FALSE");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.firstTimeDialogOpened", "true");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.fixPageNotFoundErrorByUser", "TRUE");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.fixPageNotFoundErrorInHidden", "true");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.fixUrls", true);
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.fullUserID", "UN84510811223764668.UP.20130710092159");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.homepageuserchanged", true);
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.installType", "Unknown");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.isCheckedStartAsHidden", true);
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.isFirstTimeToolbarLoading", "false");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.keyword", true);
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"http://search.conduit.com/?ctid=CT2851639&octid=CT2[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.lastVersion", "10.16.4.519");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appStateReportTime.enc", "MTM3NDY0NDU4MDE2Ng==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appState_CouponBuddy.enc", "b2Zm");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appState_Easytobook.enc", "b2Zm");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appState_Easytobook_targeted.enc", "b2Zm");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appState_PriceGong.enc", "b2Zm"); =>Adware.PriceGong
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appState_WindowShopper.enc", "b2Zm");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY2[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_calledSetupService.enc", "MQ==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IkVhc3l0b2Jvb2tfdGFyZ2V0ZWQiLCJjcml0ZXJpYXMiOlt7I[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_currentVersion.enc", "MS45LjAuNA==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_eventsCache.enc", "eyI5NjliYmQwZi00N2M5LTQ0MmMtOGZjMy0yZmYzZmRmODg4M2YiOnsidG9waWMiOiJzZW5kVXNhZ2UiLCJ[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_existingUsersRecoveryDone.enc", "MQ==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_first_time.enc", "MQ==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_gadgetOpen.enc", "MA==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_installer_preapproved.enc", "RkFMU0U=");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_lastLoginTime.enc", "MTM3NDY0NDU4MDA5MQ==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_localization.enc", "eyJkbWJveDEiOnsiVGV4dCI6IlByb21vXG5kdSBqb3VyIn0sImRtYm94MiI6eyJUZXh0IjoiTGl2cmFpc2[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_mamEnabled.enc", "ZmFsc2U=");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_settings1.8.0.4.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNDZfMCI[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_settings1.9.0.4.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiODRfMCI[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_showCloseButton.enc", "dHJ1ZQ==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_userId.enc", "ZmE4MjQ2MDEtYjNhMi00MzA0LTg3YWEtMDdjNjNiNDkyZjMz");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_user_approval_interacted.enc", "MQ==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.migrateAppsAndComponents", true);
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"http%3A%2F%2Fwww.pmu.fr%2F\",\"EB_M[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.originalSearchAddressUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2851639&SearchSource=2&CUI=UN845[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.price-gong.isManagedApp", "true");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.search.searchAppId", "129351529700743801");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.search.searchCount", "0");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.searchFromAddressBarEnabledByUser", "true");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.searchInNewTabEnabledByUser", "true");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.searchInNewTabEnabledInHidden", "true");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.searchSuggestEnabledByUser", "true");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.searchUserMode", "1");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2851639\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"http://uTorrent[...] =>P2P.µTorrent
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"uTorrentBar_FR\[...] =>P2P.µTorrent
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_Configuration_lastUpdate", "1374608463592");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1374506502179");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_appsMetadata_lastUpdate", "1374607447166");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1374569734926");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_location_lastUpdate", "1373313893003");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_login_10.15.0.562_lastUpdate", "1369339416564");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_login_10.16.2.509_lastUpdate", "1373384040933");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_login_10.16.4.519_lastUpdate", "1374644697280");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1374569734975");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_searchAPI_lastUpdate", "1374608463436");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_serviceMap_lastUpdate", "1374608463334");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_setupAPI_lastUpdate", "1366088608892");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_toolbarContextMenu_lastUpdate", "1374569734973");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_toolbarSettings_lastUpdate", "1374644697402");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_translation_lastUpdate", "1374608463465");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.settingsINI", true);
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.showToolbarPermission", "false");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.smartbar.CTID", "CT2851639"); =>Hijacker.SmartBar
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.smartbar.Uninstall", "0"); =>Hijacker.SmartBar
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.smartbar.homepage", true); =>Hijacker.SmartBar
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.smartbar.toolbarName", "uTorrentBar_FR "); =>Hijacker.SmartBar
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.toolbarBornServerTime", "15-4-2013");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.toolbarCurrentServerTime", "24-7-2013");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.toolbarDisabled", "true");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.toolbarLoginClientTime", "Tue Apr 16 2013 07:03:28 GMT+0200");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1374644576147,\"isWithState\"[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("Smartbar.ConduitHomepagesList", "http://search.conduit.com/?ctid=CT2851639&SearchSource=13&CUI=UN84510811223764668&UM=1[...] =>Hijacker.SmartBar
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("Smartbar.ConduitSearchEngineList", "uTorrentBar_FR Customized Web Search"); =>Hijacker.SmartBar
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("Smartbar.ConduitSearchUrlList", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2851639&SearchSource=2&CUI=UN84510811[...] =>Hijacker.SmartBar
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("browser.search.defaultengine", "Web Search");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("browser.search.order.1", "Web Search");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.crossrider.bic", "13e1139e0f29abf200aa21fbab394007"); =>PUP.CrossRider
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.admin", false);
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.aflt", "babsst");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.autoRvrt", "false");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.bbDpng", "16");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.cntry", "FR");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.dfltLng", "en");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.excTlbr", false);
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.hdrMd5", "40E87F75823456273CECCC3FC445D3B0");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.id", "46448de3000000000000e02a8211ef36");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.instlDay", "15798");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.instlRef", "sst");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.lastVrsnTs", "1.8.10.017:00:25");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.newTab", false);
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.prdct", "delta");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.prtnrId", "delta");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.rvrt", "false");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.sg", "azb");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.smplGrp", "none");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.tlbrId", "base");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.tlbrSrchUrl", "");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.vrsn", "1.8.10.0");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.vrsnTs", "1.8.10.017:00:25");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.vrsni", "1.8.10.0");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("smartbar.conduitHomepageList", "http://search.conduit.com/?ctid=CT2851639&SearchSource=13&CUI=UN84510811223764668&UM=1"[...] =>Hijacker.SmartBar
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("smartbar.conduitSearchAddressUrlList", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2851639&SearchSource=2&CUI=UN8[...] =>Hijacker.SmartBar
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.RevertDialog.enable", "false"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "0"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.Visibility.enable", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.Visibility.intervaldays", "7"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.cda.HideOveride.enable", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.cda.returnValue", "disable"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.0.enable", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.0.height", "335"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.0.url", "http://www.sweetim.com/simffbar/options_remote_ff.asp?lang=$locale_id;&toolbar_version[...] =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.0.width", "761"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.1.enable", "true&
~ Lancé par christiane (23/09/2013 15:45:20)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16686
MFIE: Mozilla Firefox 24.0 (Defaut)
OBIE: Safari v5.34.57.2
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 3Q6C9
Windows License : OK
~ Windows Remaining Initializations Number : 2
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
Computer Security 12.56.100.0
Pack Sécurité v1.57.391.0
Pack Sécurité v1.57.391.0
McAfee Security Scan Plus v3.0.318.3
Windows Defender W7
---\\ Logiciels d'optimisation du système
CCleaner v3.09 =>Piriform Ltd
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader X
Java 7 Update 25
---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3893 MB (49% free)
System Restore: Activé (Enable)
System drive C: has 817 GB (89%) free of 910 GB
---\\ Mode de connexion au système
~ Computer Name: CHRISTIANE-HP
~ User Name: christiane
~ All Users Names: HomeGroupUser$, christiane, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppData% : C:\Users\christiane\AppData\Roaming\
~ %Desktop% : C:\Users\christiane\Desktop\
~ %Favorites% : C:\Users\christiane\Favorites\
~ %LocalAppData% : C:\Users\christiane\AppData\Local\
~ %StartMenu% : C:\Users\christiane\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 817 Go of 910 Go)
D: Hard drive, Flash drive, Thumb drive (Free 3 Go of 21 Go)
E: CD-ROM drive (Not Inserted)
F: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 38 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.AAFA952E774DDDB0956D3BDFAE5B5B99] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.10/08/2013 - 06:22:18.) -- C:\Windows\System32\wininet.dll [2241024]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/296
~ Mes musiques (My Musics) : 19/2103
~ Mes Videos (My Videos) : 1/38
~ Mes Favoris (My Favorites) : 1/98
~ Mes Documents (My Documents) : 11/433
~ Mon Bureau (My Desktop) : 5/571
~ Menu demarrer (Programs) : 1/24
~ Hidden Files: Scanned in 00mn 10s
---\\ Processus lancés
[MD5.8FA2C363521F1181C32C767F26F0B47E] - (.DigitalPersona, Inc. - DigitalPersona Local Agent.) -- C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe [625416] [PID.1788]
[MD5.F44431CFD96428206039D3556311BF1B] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [19876968] [PID.2448]
[MD5.BD713579A87D698E1F2158CE10E48130] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe [272248] [PID.2776]
[MD5.17BE4BAEC3D4FE887BC5F446FEF4FD97] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files (x86)\SFR\Pack_Securite\fshoster32.exe [163536] [PID.2232]
[MD5.B41552B522C101326A849641F4E823C2] - (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSM32.exe [311976] [PID.3048]
[MD5.3E1E0A83941B0402330858B3851648EB] - (.Easybits - Software update notification.) -- C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1238016] [PID.3068]
[MD5.9ACCBC5891BA51B5B29C1A88F80D4CE3] - (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe [421888] [PID.2848]
[MD5.CE42DFE915F78246364D464902E47360] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.2508]
[MD5.CE5C9977DA751DDC30952AC4DCBCA788] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208] [PID.3268]
[MD5.B7F55E2AE978D3D34F7876EE5D689AAE] - (.CyberLink - YouCam Mirage.) -- C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe [136488] [PID.3900]
[MD5.A9182CE59CFC56F9C1DDE8B3C0AE8378] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [274840] [PID.6088]
[MD5.63DCE64797C64FB6110727B993440EA5] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8000512] [PID.5920]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1160]
[MD5.4FE5C6D40664AE07BE5105874357D2ED] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [57008] [PID.1420]
[MD5.CA793DCC1D5F619021EF1D37CC7A831E] - (.EasyBits Software AS - Shared EasyBits services for Windows.) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232] [PID.2140]
[MD5.45303CDBC1FD8F8D371E726BF126F771] - (.F-Secure Corporation - F-Secure ORSP Service.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\CCF_Reputation\fsorsp.exe [60352] [PID.2316]
[MD5.5AA89E152634954E15E9DB265C6A8557] - (.Pas de propriétaire - HPWMISVC Application.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [27192] [PID.2336]
[MD5.7CF1B716372B89568AE4C0FE769F5869] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872] [PID.2376]
[MD5.9281297DDEAB730CB2EBB27D74069BD3] - (.F-Secure Corporation - F-Secure Gatekeeper Handler 32-bit.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Anti-Virus\FSGK32.exe [621504] [PID.2384]
[MD5.5E53CF8AD0FD33B35000C113656AB37B] - (.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2754984] [PID.2956]
[MD5.E319535A8124F25C1C9C5288CACF3101] - (.TomTom - Windows Service for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [92632] [PID.3096]
[MD5.F13DA74969897359A88F2A739F54A250] - (.Ulead Systems, Inc. - ULCDRSvr.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152] [PID.3144]
[MD5.C2251C602EDFC49E71D13D660AB7F625] - (.F-Secure Corporation - F-Secure Management Agent.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSMA32.exe [213672] [PID.4228]
[MD5.9CB3D8D519DB7A70A463387B8E9AD924] - (.F-Secure Corporation - F-Secure Scanner Manager 32-bit.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Anti-Virus\fssm32.exe [1039296] [PID.4548]
[MD5.0955C23C041451FB4E7099D6B2CF1C06] - (.Hewlett-Packard Company - HP Software Framework WMI Service.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [988216] [PID.2576]
~ Processes Running: Scanned in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\prefs.js
C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\user.js
C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\prefs.js
C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\user.js
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\ask-search.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\Ask.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\bingp.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\delta.xml =>Toolbar.DeltaSearch
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\inbox-search.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\search.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\Search_Results.xml =>PUP.SearchResults
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\search_the_web.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\Web Search.xml =>Parasite.Pugi
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\ask-search.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\Ask.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\bingp.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\delta.xml =>Toolbar.DeltaSearch
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\inbox-search.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\search.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\Search_Results.xml =>PUP.SearchResults
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\search_the_web.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\Web Search.xml =>Parasite.Pugi
M3 - MFPP: Plugins - [christiane] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\Ask.xml
M3 - MFPP: Plugins - [christiane] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\avg-secure-search.xml
M3 - MFPP: Plugins - [christiane] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\babylon.xml =>Toolbar.Babylon
M3 - MFPP: Plugins - [christiane] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\fcmdSrchadj.xml =>Adware.Facemoods
M3 - MFPP: Plugins - [christiane] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\Search_Results.xml =>PUP.SearchResults
M3 - MFPP: Plugins - [christiane] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\Web Search.xml =>Parasite.Pugi
M0 - MFSP: prefs.js [christiane - Solo_912457] http://ww7.certified-toolbar.com =>PUP.CertifiedToolbar
M2 - MFEP: prefs.js [christiane - mnsyx3xp.default\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}] [] uTorrentBar_FR v10.20.0.513 (..) =>P2P.µTorrent
M2 - MFEP: prefs.js [christiane - Solo_912457\inboxcomtoolbar@inbox.com] [] Inbox Toolbar v (..)
M2 - MFEP: prefs.js [christiane - Solo_912457\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}] [] uTorrentBar_FR v10.16.70.505 (..) =>P2P.µTorrent
M2 - MFEP: prefs.js [christiane - Solo_912457\{3d86a75b-cb6b-4764-885d-ca6336f04ba2}] [] Movies Toolbar (Dist. by Bandoo Media, Inc.) v1.6.2.0 (..) =>Adware.Bandoo
M2 - MFEP: prefs.js [christiane - Solo_912457\{F008E9D6-2FF2-E796-08BA-80504C331C97}] [] New tab v5.0.0.9178 (..)
~ Firefox Browser: 50 Legitimates Filtered in 00mn 01s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://ww7.certified-toolbar.com =>PUP.CertifiedToolbar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ww7.certified-toolbar.com =>PUP.CertifiedToolbar
~ IE Browser: 14 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 0
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{D4027C7F-154A-4066-A1AD-4243D8127440} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{EEE6C35B-6118-11DC-9C72-001320C79847} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{BA14329E-9550-4989-B3F2-9732E92D17CC} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Ulead VideoStudio SE DVD.lnk . (.Ulead Systems, Inc. - Ulead VideoStudio.) -- C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\vstudio.exe
O4 - GS\Program [Public]: HP SimplePass Identity Protection.lnk . (.DigitalPersona, Inc. - User Dashboard.) -- C:\Program Files (x86)\DigitalPersona\Bin\DPUserConsole.exe
O4 - GS\Program [Public]: Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\QuickLaunch [christiane]: Apple Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\QuickLaunch [christiane]: Light Image Resizer 4.lnk . (.ObviousIdea SARL - ImageResizer.) -- C:\Program Files (x86)\ObviousIdea\Image Resizer 4\Resize.exe
O4 - GS\TaskBar [christiane]: HP MediaSmart.lnk . (...) -- C:\Program Files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (.not file.)
O4 - GS\TaskBar [christiane]: OpenOffice 4.0.0.lnk . (.Apache Software Foundation - OpenOffice 4.0.0.) -- C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
O4 - GS\TaskBar [christiane]: Power2Go.lnk . (.CyberLink Corp. - Power2Go.) -- C:\Program Files (x86)\CyberLink\Power2Go\Power2Go.exe
O4 - GS\Desktop [christiane]: Images - Raccourci.lnk . (...) -- C:\Users\christiane\AppData\Roaming\Microsoft\Windows\Libraries\Pictures.library-ms
O4 - GS\Desktop [christiane]: Light Image Resizer 4.lnk . (.ObviousIdea SARL - ImageResizer.) -- C:\Program Files (x86)\ObviousIdea\Image Resizer 4\Resize.exe
O4 - GS\Desktop [christiane]: Téléchargements - Raccourci.lnk . (...) -- C:\Users\christiane\Downloads
~ Global Startup: 75 Legitimates Filtered in 00mn 02s
---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: McAfee Security Scan Plus.lnk . (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
O4 - GS\Startup [christiane]: Alertes de surveillance de l'encre - HP Photosmart 5520 series (réseau).lnk . (.Hewlett-Packard Co. - Print Driver Status Business Logic.) -- C:\Program Files\HP\HP Photosmart 5520 series\bin\HPStatusBL.dll =>.Hewlett-Packard Co
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKCU\..\Run: [SSync] . (.Pas de propriétaire - Lua Launcher.) -- C:\Users\christiane\AppData\Roaming\SSync\SSync.exe
O4 - HKCU\..\Run: [DataMgr] . (.HTTO Group, Ltd. - Updater.) -- C:\Users\christiane\AppData\Roaming\DataMgr\DataMgr.exe
O4 - HKCU\..\Run: [SCheck] . (.Pas de propriétaire - Lua Launcher.) -- C:\Users\christiane\AppData\Roaming\SCheck\SCheck.exe
O4 - HKCU\..\Run: [Intermediate] . (.Pas de propriétaire - Lua Launcher.) -- C:\Users\christiane\AppData\Roaming\Intermediate\Intermediate.exe
O4 - HKCU\..\Run: [HP Photosmart 5520 series (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Wow6432Node\Run: [Tutorials] Clé orpheline =>Spyware.AgenceExclusive
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [F-Secure Hoster (44996)] . (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files (x86)\SFR\Pack_Securite\fshoster32.exe
O4 - HKLM\..\Wow6432Node\Run: [F-Secure Manager] . (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSM32.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [Magic Desktop for HP notification] . (.Easybits - Software update notification.) -- C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [Search Protection] C:\ProgramData\Search Protection\SearchProtection.exe (.not file.) =>Toolbar.Conduit
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-518999118-2613084225-3299785174-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-21-518999118-2613084225-3299785174-1001\..\Run: [SSync] . (.Pas de propriétaire - Lua Launcher.) -- C:\Users\christiane\AppData\Roaming\SSync\SSync.exe
O4 - HKUS\S-1-5-21-518999118-2613084225-3299785174-1001\..\Run: [DataMgr] . (.HTTO Group, Ltd. - Updater.) -- C:\Users\christiane\AppData\Roaming\DataMgr\DataMgr.exe
O4 - HKUS\S-1-5-21-518999118-2613084225-3299785174-1001\..\Run: [SCheck] . (.Pas de propriétaire - Lua Launcher.) -- C:\Users\christiane\AppData\Roaming\SCheck\SCheck.exe
O4 - HKUS\S-1-5-21-518999118-2613084225-3299785174-1001\..\Run: [Intermediate] . (.Pas de propriétaire - Lua Launcher.) -- C:\Users\christiane\AppData\Roaming\Intermediate\Intermediate.exe
O4 - HKUS\S-1-5-21-518999118-2613084225-3299785174-1001\..\Run: [HP Photosmart 5520 series (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe =>.Hewlett-Packard Co
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 [64Bits] - {bd707fe6-39f6-4bda-9265-86a76719bdc5} . (...) -- C:\Program Files\Motorola\Bluetooth\bluetooth.ico
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{10D298AE-28D8-47DB-BCD9-79E8A30A61C3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{A74BB713-CB40-42EA-8826-CACEAC0BF685}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{A74BB713-CB40-42EA-8826-CACEAC0BF685}: DhcpDomain = lan
O17 - HKLM\System\CS1\Services\Tcpip\..\{10D298AE-28D8-47DB-BCD9-79E8A30A61C3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{A74BB713-CB40-42EA-8826-CACEAC0BF685}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{A74BB713-CB40-42EA-8826-CACEAC0BF685}: DhcpDomain = lan
O17 - HKLM\System\CS2\Services\Tcpip\..\{10D298AE-28D8-47DB-BCD9-79E8A30A61C3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{A74BB713-CB40-42EA-8826-CACEAC0BF685}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{A74BB713-CB40-42EA-8826-CACEAC0BF685}: DhcpDomain = lan
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Antivirus Scheduled Scan] (...) -- C:\Program Files (x86)\AD-AWA~1\AdAwareLauncher.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{656E54B0-04F7-4599-B862-9787DD084E3A}] (...) -- C:\Users\christiane\Downloads\nero-7_nero_7.11.6.0_mise_a_jour_francais_10297.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{802AAF1F-9073-4B83-A60C-C929ADEB853F}] (...) -- C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\uninstbb.exe (.not file.) [0] =>Toolbar.Babylon
[MD5.00000000000000000000000000000000] [APT] [{A14BDE4C-8383-4989-ADF2-2C4B1800B080}] (...) -- C:\Users\christiane\Local Settings\Application Data\Bundled software uninstaller\biclient.exe (.not file.) [0] =>Adware.MegaSearch
[MD5.00000000000000000000000000000000] [APT] [{A4C9CB56-7F21-4469-8628-BCB9B24792A0}] (...) -- E:\sources\Photosmart 8000-slp_dd_hathi_110_017.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{B2A9761E-2C2A-45F1-8435-6C3FDEE32360}] (...) -- E:\TROUBLESHOOT\INSTMSIA.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{D6A90C27-B68F-4242-B8B2-9819C53AF0D5}] (...) -- E:\sources\Photosmart 8000-ConvergedIO_HPCOM_V3.exe (.not file.) [0]
~ Scheduled Task: 18 Legitimates Filtered in 00mn 06s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\5f0daddbc68b942]
[HKCU\Software\APN DTX]
[HKCU\Software\BI]
[HKCU\Software\BabylonToolbar] =>Toolbar.Babylon
[HKCU\Software\Blabbers] =>PUP.Blabbers
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\Cr_Installer] =>PUP.CrossRider
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr
[HKCU\Software\HTTOGroup]
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\OfferMosquito] =>Toolbar.OfferMosquito
[HKCU\Software\Protector]
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\SpeedMaxPc] =>PUP.SpeedMaxPc
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKCU\Software\Tuto4PC] =>PUP.Eorezo
[HKCU\Software\TutoTag] =>Spyware.AgenceExclusive
[HKCU\Software\Tutorials] =>Spyware.AgenceExclusive
[HKCU\Software\YahooPartnerToolbar] =>Toolbar.Yahoo
[HKCU\Software\delta LTD]
[HKCU\Software\iLivid] =>Adware.Bandoo
[HKCU\Software\fAfvfSfP [fVf#f" fEfBfU [fh'Å ¶ ¬'³'ê'½f [fJf< fAfvfSfP [fVf#f"]
[HKLM\Software\Tarma Installer] =>Toolbar.Tarma
[HKLM\Software\Wow6432Node\5f0daddbc68b942]
[HKLM\Software\Wow6432Node\AskTBar]
[HKLM\Software\Wow6432Node\Babylon] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Datamngr] =>PUP.Datamngr
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\IncrediMail]
[HKLM\Software\Wow6432Node\SpeedMaxPc] =>PUP.SpeedMaxPc
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Youyan]
[HKLM\Software\Wow6432Node\babylontoolbar] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\iLividSRTB] =>Adware.Bandoo
~ Key Software: 302 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 17/10/2012 - 11:43:18 - [1,827] ----D C:\Program Files (x86)\Conduit
O43 - CFD: 08/09/2013 - 20:58:28 - [0] ----D C:\Program Files (x86)\PC Cleaner =>USP.PCCleaner
O43 - CFD: 19/06/2013 - 14:49:29 - [0,050] ----D C:\Program Files (x86)\Common Files\Spigot =>PUP.Dealio
O43 - CFD: 17/08/2013 - 12:27:29 - [0] ----D C:\ProgramData\APN
O43 - CFD: 11/10/2012 - 10:02:48 - [0] ----D C:\ProgramData\Ask
O43 - CFD: 03/04/2013 - 17:00:05 - [0] ----D C:\ProgramData\Babylon =>Toolbar.Babylon
O43 - CFD: 01/09/2013 - 10:59:04 - [0] ----D C:\ProgramData\Browser Manager
O43 - CFD: 11/09/2013 - 15:13:14 - [0] ----D C:\ProgramData\SpeedMaxPc =>PUP.SpeedMaxPc
O43 - CFD: 17/10/2012 - 11:34:38 - [0,281] ----D C:\ProgramData\Tarma Installer =>Toolbar.Tarma
O43 - CFD: 03/04/2013 - 17:00:05 - [0,009] ----D C:\Users\christiane\AppData\Roaming\Babylon =>Toolbar.Babylon
O43 - CFD: 18/03/2012 - 11:14:35 - [0,002] ----D C:\Users\christiane\AppData\Roaming\com.socialbox.socialbox
O43 - CFD: 19/06/2013 - 15:51:58 - [0,161] ----D C:\Users\christiane\AppData\Roaming\DataMgr
O43 - CFD: 11/09/2013 - 15:05:02 - [0] ----D C:\Users\christiane\AppData\Roaming\SpeedMaxPc =>PUP.SpeedMaxPc
O43 - CFD: 20/03/2013 - 09:21:15 - [0] ----D C:\Users\christiane\AppData\Local\Conduit
O43 - CFD: 10/09/2013 - 09:51:28 - [0,005] ----D C:\Users\christiane\AppData\Local\iLivid =>Adware.Bandoo
~ 357 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 632 Legitimates Filtered in 01mn 41s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.E1ECC27DD412B33318CD46CD5C77A6D2] - 17/09/2013 - 07:05:08 ---A- . (...) -- C:\Windows\IE10_main.log [1347]
O44 - LFC:[MD5.1B2CE85F36F5BB6DEC7AE685978DB825] - 10/09/2013 - 08:57:42 ---A- . (.Pas de propriétaire - Toolbar_Exe_Launcher_Form.) -- C:\Windows\Launcher.exe [32328]
~ Files: 144 Legitimates Filtered in 00mn 58s
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.FA4EB479B10BF167AA7FD14B1D8210EC] - 23/09/2013 - 08:55:26 ---A- - C:\Windows\Prefetch\TRIGGER.EXE-041875CA.pf
O45 - LFCP:[MD5.0A7DEBCB1EA2F2E5F99B72E5C74C37E4] - 23/09/2013 - 10:20:48 ---A- - C:\Windows\Prefetch\IEUNATT.EXE-94DA8E02.pf
O45 - LFCP:[MD5.A67FA94F28BE71844BE22D888669B51D] - 23/09/2013 - 14:42:54 ---A- - C:\Windows\Prefetch\FSADMINSETTINGS.EXE-740AA57D.pf
~ Prefetcher: 92 Legitimates Filtered in 00mn 01s
---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{e5f3d40e-cf88-11e2-9979-643150592632}\AutoRun\command. (...) -- G:\DPFMate.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\Badoo Desktop [Key] . (...) -- C:\ProgramData\Badoo\Badoo desktop\1.6.48.1082\Badoo.desktop.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Browser companion helper [Key] . (...) -- C:\Program Files (x86)\BrowserCompanion\BCHelper.exe (.not file.) =>PUP.Blabbers
O53 - SMSR:HKLM\...\startupreg\offerbox [Key] . (...) -- C:\Program Files (x86)\OfferBox\OfferBox.exe (.not file.) =>PUP.OfferBox
~ SMSR Keys: 26 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.9573E8C7C3B3D1625FD941841FD0859C] - 24/06/2010 - 21:32:52 . (.Windows (R) Win 7 DDK provider - CyberLink WebCam Virtual Driver.) -- C:\Windows\System32\Drivers\clwvd.sys [32880]
O58 - SDL:[MD5.343786E182B9C9AE3066E00DEC650F50] - 27/02/2013 - 21:37:16 ---A- . (...) -- C:\Windows\SysWOW64\drivers\fsbts.sys [42672]
~ Drivers: 19 Legitimates Filtered in 00mn 00s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <Safari.exe> <Safari>[HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe
O68 - StartMenuInternet: <Torch> <>[HKLM\..\Shell\open\Command] (.Not Key.)
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_TMP_city", "BOULOGNE-BILLANCOURT");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_TMP_country", "FR");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_country", "FRANCE");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_locId", "FRXX0281");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_location", "Boulogne-Billancourt, France");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_region", "FR");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_temp_dis", "c");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_wind_dis", "kmh");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.weatherData", "{\"icon\":\"28.png\",\"temperature\":\"19ÃfÆ'ââ'¬Å¡Ãfâ€sÃ'°C\",\"temperatureClear\":[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.Facebook_Mode.enc", "Mg==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.Facebook_User_Locale.enc", "ZnI=");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.Facebook_ctid_Connect_send_new.enc", "c2VuZGVk");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.FirstTime", "true");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.FirstTimeFF3", "true");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.PG_ENABLE", "dHJ1ZQ==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.PG_ENABLE.enc", "dHJ1ZQ==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.SF_JUST_INSTALLED.enc", "RkFMU0U=");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.SF_STATUS.enc", "RU5BQkxFRA==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.SearchAppState.enc", "Mg==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2851639&SearchSource=2&CUI=UN8451[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.UserID", "UN84510811223764668");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.addressBarTakeOverEnabledInHidden", "true");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.browser.search.defaultthis.engineName", true);
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.countryCode", "FR");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.embeddedsData", "[{\"appId\":\"129351529700743801\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFra[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.enableFix404ByUser", "FALSE");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.firstTimeDialogOpened", "true");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.fixPageNotFoundErrorByUser", "TRUE");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.fixPageNotFoundErrorInHidden", "true");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.fixUrls", true);
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.fullUserID", "UN84510811223764668.UP.20130710092159");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.homepageuserchanged", true);
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.installType", "Unknown");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.isCheckedStartAsHidden", true);
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.isFirstTimeToolbarLoading", "false");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.keyword", true);
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"http://search.conduit.com/?ctid=CT2851639&octid=CT2[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.lastVersion", "10.16.4.519");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appStateReportTime.enc", "MTM3NDY0NDU4MDE2Ng==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appState_CouponBuddy.enc", "b2Zm");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appState_Easytobook.enc", "b2Zm");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appState_Easytobook_targeted.enc", "b2Zm");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appState_PriceGong.enc", "b2Zm"); =>Adware.PriceGong
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appState_WindowShopper.enc", "b2Zm");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY2[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_calledSetupService.enc", "MQ==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IkVhc3l0b2Jvb2tfdGFyZ2V0ZWQiLCJjcml0ZXJpYXMiOlt7I[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_currentVersion.enc", "MS45LjAuNA==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_eventsCache.enc", "eyI5NjliYmQwZi00N2M5LTQ0MmMtOGZjMy0yZmYzZmRmODg4M2YiOnsidG9waWMiOiJzZW5kVXNhZ2UiLCJ[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_existingUsersRecoveryDone.enc", "MQ==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_first_time.enc", "MQ==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_gadgetOpen.enc", "MA==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_installer_preapproved.enc", "RkFMU0U=");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_lastLoginTime.enc", "MTM3NDY0NDU4MDA5MQ==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_localization.enc", "eyJkbWJveDEiOnsiVGV4dCI6IlByb21vXG5kdSBqb3VyIn0sImRtYm94MiI6eyJUZXh0IjoiTGl2cmFpc2[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_mamEnabled.enc", "ZmFsc2U=");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_settings1.8.0.4.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNDZfMCI[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_settings1.9.0.4.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiODRfMCI[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_showCloseButton.enc", "dHJ1ZQ==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_userId.enc", "ZmE4MjQ2MDEtYjNhMi00MzA0LTg3YWEtMDdjNjNiNDkyZjMz");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_user_approval_interacted.enc", "MQ==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.migrateAppsAndComponents", true);
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"http%3A%2F%2Fwww.pmu.fr%2F\",\"EB_M[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.originalSearchAddressUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2851639&SearchSource=2&CUI=UN845[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.price-gong.isManagedApp", "true");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.search.searchAppId", "129351529700743801");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.search.searchCount", "0");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.searchFromAddressBarEnabledByUser", "true");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.searchInNewTabEnabledByUser", "true");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.searchInNewTabEnabledInHidden", "true");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.searchSuggestEnabledByUser", "true");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.searchUserMode", "1");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2851639\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"http://uTorrent[...] =>P2P.µTorrent
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"uTorrentBar_FR\[...] =>P2P.µTorrent
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_Configuration_lastUpdate", "1374608463592");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1374506502179");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_appsMetadata_lastUpdate", "1374607447166");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1374569734926");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_location_lastUpdate", "1373313893003");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_login_10.15.0.562_lastUpdate", "1369339416564");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_login_10.16.2.509_lastUpdate", "1373384040933");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_login_10.16.4.519_lastUpdate", "1374644697280");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1374569734975");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_searchAPI_lastUpdate", "1374608463436");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_serviceMap_lastUpdate", "1374608463334");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_setupAPI_lastUpdate", "1366088608892");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_toolbarContextMenu_lastUpdate", "1374569734973");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_toolbarSettings_lastUpdate", "1374644697402");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_translation_lastUpdate", "1374608463465");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.settingsINI", true);
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.showToolbarPermission", "false");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.smartbar.CTID", "CT2851639"); =>Hijacker.SmartBar
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.smartbar.Uninstall", "0"); =>Hijacker.SmartBar
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.smartbar.homepage", true); =>Hijacker.SmartBar
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.smartbar.toolbarName", "uTorrentBar_FR "); =>Hijacker.SmartBar
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.toolbarBornServerTime", "15-4-2013");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.toolbarCurrentServerTime", "24-7-2013");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.toolbarDisabled", "true");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.toolbarLoginClientTime", "Tue Apr 16 2013 07:03:28 GMT+0200");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1374644576147,\"isWithState\"[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("Smartbar.ConduitHomepagesList", "http://search.conduit.com/?ctid=CT2851639&SearchSource=13&CUI=UN84510811223764668&UM=1[...] =>Hijacker.SmartBar
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("Smartbar.ConduitSearchEngineList", "uTorrentBar_FR Customized Web Search"); =>Hijacker.SmartBar
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("Smartbar.ConduitSearchUrlList", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2851639&SearchSource=2&CUI=UN84510811[...] =>Hijacker.SmartBar
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("browser.search.defaultengine", "Web Search");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("browser.search.order.1", "Web Search");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.crossrider.bic", "13e1139e0f29abf200aa21fbab394007"); =>PUP.CrossRider
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.admin", false);
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.aflt", "babsst");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.autoRvrt", "false");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.bbDpng", "16");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.cntry", "FR");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.dfltLng", "en");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.excTlbr", false);
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.hdrMd5", "40E87F75823456273CECCC3FC445D3B0");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.id", "46448de3000000000000e02a8211ef36");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.instlDay", "15798");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.instlRef", "sst");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.lastVrsnTs", "1.8.10.017:00:25");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.newTab", false);
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.prdct", "delta");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.prtnrId", "delta");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.rvrt", "false");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.sg", "azb");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.smplGrp", "none");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.tlbrId", "base");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.tlbrSrchUrl", "");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.vrsn", "1.8.10.0");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.vrsnTs", "1.8.10.017:00:25");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.vrsni", "1.8.10.0");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("smartbar.conduitHomepageList", "http://search.conduit.com/?ctid=CT2851639&SearchSource=13&CUI=UN84510811223764668&UM=1"[...] =>Hijacker.SmartBar
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("smartbar.conduitSearchAddressUrlList", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2851639&SearchSource=2&CUI=UN8[...] =>Hijacker.SmartBar
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.RevertDialog.enable", "false"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "0"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.Visibility.enable", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.Visibility.intervaldays", "7"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.cda.HideOveride.enable", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.cda.returnValue", "disable"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.0.enable", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.0.height", "335"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.0.url", "http://www.sweetim.com/simffbar/options_remote_ff.asp?lang=$locale_id;&toolbar_version[...] =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.0.width", "761"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.1.enable", "true&
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
marijon07
Messages postés
353
Date d'inscription
mercredi 23 février 2011
Statut
Membre
Dernière intervention
11 mai 2017
1
23 sept. 2013 à 16:11
23 sept. 2013 à 16:11
merci voici mon rapport
J'espere pouvoir me dépanner Rapport de ZHPDiag v2013.9.22.410 - Nicolas Coolman (22/09/2013)
~ Lancé par christiane (23/09/2013 15:45:20)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16686
MFIE: Mozilla Firefox 24.0 (Defaut)
OBIE: Safari v5.34.57.2
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 3Q6C9
Windows License : OK
~ Windows Remaining Initializations Number : 2
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
Computer Security 12.56.100.0
Pack Sécurité v1.57.391.0
Pack Sécurité v1.57.391.0
McAfee Security Scan Plus v3.0.318.3
Windows Defender W7
---\\ Logiciels d'optimisation du système
CCleaner v3.09 =>Piriform Ltd
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader X
Java 7 Update 25
---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3893 MB (49% free)
System Restore: Activé (Enable)
System drive C: has 817 GB (89%) free of 910 GB
---\\ Mode de connexion au système
~ Computer Name: CHRISTIANE-HP
~ User Name: christiane
~ All Users Names: HomeGroupUser$, christiane, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppData% : C:\Users\christiane\AppData\Roaming\
~ %Desktop% : C:\Users\christiane\Desktop\
~ %Favorites% : C:\Users\christiane\Favorites\
~ %LocalAppData% : C:\Users\christiane\AppData\Local\
~ %StartMenu% : C:\Users\christiane\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 817 Go of 910 Go)
D: Hard drive, Flash drive, Thumb drive (Free 3 Go of 21 Go)
E: CD-ROM drive (Not Inserted)
F: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 38 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.AAFA952E774DDDB0956D3BDFAE5B5B99] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.10/08/2013 - 06:22:18.) -- C:\Windows\System32\wininet.dll [2241024]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/296
~ Mes musiques (My Musics) : 19/2103
~ Mes Videos (My Videos) : 1/38
~ Mes Favoris (My Favorites) : 1/98
~ Mes Documents (My Documents) : 11/433
~ Mon Bureau (My Desktop) : 5/571
~ Menu demarrer (Programs) : 1/24
~ Hidden Files: Scanned in 00mn 10s
---\\ Processus lancés
[MD5.8FA2C363521F1181C32C767F26F0B47E] - (.DigitalPersona, Inc. - DigitalPersona Local Agent.) -- C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe [625416] [PID.1788]
[MD5.F44431CFD96428206039D3556311BF1B] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [19876968] [PID.2448]
[MD5.BD713579A87D698E1F2158CE10E48130] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe [272248] [PID.2776]
[MD5.17BE4BAEC3D4FE887BC5F446FEF4FD97] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files (x86)\SFR\Pack_Securite\fshoster32.exe [163536] [PID.2232]
[MD5.B41552B522C101326A849641F4E823C2] - (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSM32.exe [311976] [PID.3048]
[MD5.3E1E0A83941B0402330858B3851648EB] - (.Easybits - Software update notification.) -- C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1238016] [PID.3068]
[MD5.9ACCBC5891BA51B5B29C1A88F80D4CE3] - (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe [421888] [PID.2848]
[MD5.CE42DFE915F78246364D464902E47360] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.2508]
[MD5.CE5C9977DA751DDC30952AC4DCBCA788] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208] [PID.3268]
[MD5.B7F55E2AE978D3D34F7876EE5D689AAE] - (.CyberLink - YouCam Mirage.) -- C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe [136488] [PID.3900]
[MD5.A9182CE59CFC56F9C1DDE8B3C0AE8378] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [274840] [PID.6088]
[MD5.63DCE64797C64FB6110727B993440EA5] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8000512] [PID.5920]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1160]
[MD5.4FE5C6D40664AE07BE5105874357D2ED] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [57008] [PID.1420]
[MD5.CA793DCC1D5F619021EF1D37CC7A831E] - (.EasyBits Software AS - Shared EasyBits services for Windows.) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232] [PID.2140]
[MD5.45303CDBC1FD8F8D371E726BF126F771] - (.F-Secure Corporation - F-Secure ORSP Service.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\CCF_Reputation\fsorsp.exe [60352] [PID.2316]
[MD5.5AA89E152634954E15E9DB265C6A8557] - (.Pas de propriétaire - HPWMISVC Application.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [27192] [PID.2336]
[MD5.7CF1B716372B89568AE4C0FE769F5869] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872] [PID.2376]
[MD5.9281297DDEAB730CB2EBB27D74069BD3] - (.F-Secure Corporation - F-Secure Gatekeeper Handler 32-bit.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Anti-Virus\FSGK32.exe [621504] [PID.2384]
[MD5.5E53CF8AD0FD33B35000C113656AB37B] - (.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2754984] [PID.2956]
[MD5.E319535A8124F25C1C9C5288CACF3101] - (.TomTom - Windows Service for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [92632] [PID.3096]
[MD5.F13DA74969897359A88F2A739F54A250] - (.Ulead Systems, Inc. - ULCDRSvr.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152] [PID.3144]
[MD5.C2251C602EDFC49E71D13D660AB7F625] - (.F-Secure Corporation - F-Secure Management Agent.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSMA32.exe [213672] [PID.4228]
[MD5.9CB3D8D519DB7A70A463387B8E9AD924] - (.F-Secure Corporation - F-Secure Scanner Manager 32-bit.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Anti-Virus\fssm32.exe [1039296] [PID.4548]
[MD5.0955C23C041451FB4E7099D6B2CF1C06] - (.Hewlett-Packard Company - HP Software Framework WMI Service.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [988216] [PID.2576]
~ Processes Running: Scanned in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\prefs.js
C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\user.js
C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\prefs.js
C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\user.js
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\ask-search.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\Ask.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\bingp.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\delta.xml =>Toolbar.DeltaSearch
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\inbox-search.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\search.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\Search_Results.xml =>PUP.SearchResults
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\search_the_web.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\Web Search.xml =>Parasite.Pugi
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\ask-search.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\Ask.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\bingp.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\delta.xml =>Toolbar.DeltaSearch
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\inbox-search.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\search.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\Search_Results.xml =>PUP.SearchResults
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\search_the_web.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\Web Search.xml =>Parasite.Pugi
M3 - MFPP: Plugins - [christiane] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\Ask.xml
M3 - MFPP: Plugins - [christiane] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\avg-secure-search.xml
M3 - MFPP: Plugins - [christiane] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\babylon.xml =>Toolbar.Babylon
M3 - MFPP: Plugins - [christiane] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\fcmdSrchadj.xml =>Adware.Facemoods
M3 - MFPP: Plugins - [christiane] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\Search_Results.xml =>PUP.SearchResults
M3 - MFPP: Plugins - [christiane] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\Web Search.xml =>Parasite.Pugi
M0 - MFSP: prefs.js [christiane - Solo_912457] http://ww7.certified-toolbar.com =>PUP.CertifiedToolbar
M2 - MFEP: prefs.js [christiane - mnsyx3xp.default\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}] [] uTorrentBar_FR v10.20.0.513 (..) =>P2P.µTorrent
M2 - MFEP: prefs.js [christiane - Solo_912457\inboxcomtoolbar@inbox.com] [] Inbox Toolbar v (..)
M2 - MFEP: prefs.js [christiane - Solo_912457\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}] [] uTorrentBar_FR v10.16.70.505 (..) =>P2P.µTorrent
M2 - MFEP: prefs.js [christiane - Solo_912457\{3d86a75b-cb6b-4764-885d-ca6336f04ba2}] [] Movies Toolbar (Dist. by Bandoo Media, Inc.) v1.6.2.0 (..) =>Adware.Bandoo
M2 - MFEP: prefs.js [christiane - Solo_912457\{F008E9D6-2FF2-E796-08BA-80504C331C97}] [] New tab v5.0.0.9178 (..)
~ Firefox Browser: 50 Legitimates Filtered in 00mn 01s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://ww7.certified-toolbar.com =>PUP.CertifiedToolbar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ww7.certified-toolbar.com =>PUP.CertifiedToolbar
~ IE Browser: 14 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 0
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{D4027C7F-154A-4066-A1AD-4243D8127440} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{EEE6C35B-6118-11DC-9C72-001320C79847} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{BA14329E-9550-4989-B3F2-9732E92D17CC} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Ulead VideoStudio SE DVD.lnk . (.Ulead Systems, Inc. - Ulead VideoStudio.) -- C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\vstudio.exe
O4 - GS\Program [Public]: HP SimplePass Identity Protection.lnk . (.DigitalPersona, Inc. - User Dashboard.) -- C:\Program Files (x86)\DigitalPersona\Bin\DPUserConsole.exe
O4 - GS\Program [Public]: Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\QuickLaunch [christiane]: Apple Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\QuickLaunch [christiane]: Light Image Resizer 4.lnk . (.ObviousIdea SARL - ImageResizer.) -- C:\Program Files (x86)\ObviousIdea\Image Resizer 4\Resize.exe
O4 - GS\TaskBar [christiane]: HP MediaSmart.lnk . (...) -- C:\Program Files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (.not file.)
O4 - GS\TaskBar [christiane]: OpenOffice 4.0.0.lnk . (.Apache Software Foundation - OpenOffice 4.0.0.) -- C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
O4 - GS\TaskBar [christiane]: Power2Go.lnk . (.CyberLink Corp. - Power2Go.) -- C:\Program Files (x86)\CyberLink\Power2Go\Power2Go.exe
O4 - GS\Desktop [christiane]: Images - Raccourci.lnk . (...) -- C:\Users\christiane\AppData\Roaming\Microsoft\Windows\Libraries\Pictures.library-ms
O4 - GS\Desktop [christiane]: Light Image Resizer 4.lnk . (.ObviousIdea SARL - ImageResizer.) -- C:\Program Files (x86)\ObviousIdea\Image Resizer 4\Resize.exe
O4 - GS\Desktop [christiane]: Téléchargements - Raccourci.lnk . (...) -- C:\Users\christiane\Downloads
~ Global Startup: 75 Legitimates Filtered in 00mn 02s
---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: McAfee Security Scan Plus.lnk . (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
O4 - GS\Startup [christiane]: Alertes de surveillance de l'encre - HP Photosmart 5520 series (réseau).lnk . (.Hewlett-Packard Co. - Print Driver Status Business Logic.) -- C:\Program Files\HP\HP Photosmart 5520 series\bin\HPStatusBL.dll =>.Hewlett-Packard Co
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKCU\..\Run: [SSync] . (.Pas de propriétaire - Lua Launcher.) -- C:\Users\christiane\AppData\Roaming\SSync\SSync.exe
O4 - HKCU\..\Run: [DataMgr] . (.HTTO Group, Ltd. - Updater.) -- C:\Users\christiane\AppData\Roaming\DataMgr\DataMgr.exe
O4 - HKCU\..\Run: [SCheck] . (.Pas de propriétaire - Lua Launcher.) -- C:\Users\christiane\AppData\Roaming\SCheck\SCheck.exe
O4 - HKCU\..\Run: [Intermediate] . (.Pas de propriétaire - Lua Launcher.) -- C:\Users\christiane\AppData\Roaming\Intermediate\Intermediate.exe
O4 - HKCU\..\Run: [HP Photosmart 5520 series (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Wow6432Node\Run: [Tutorials] Clé orpheline =>Spyware.AgenceExclusive
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [F-Secure Hoster (44996)] . (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files (x86)\SFR\Pack_Securite\fshoster32.exe
O4 - HKLM\..\Wow6432Node\Run: [F-Secure Manager] . (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSM32.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [Magic Desktop for HP notification] . (.Easybits - Software update notification.) -- C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [Search Protection] C:\ProgramData\Search Protection\SearchProtection.exe (.not file.) =>Toolbar.Conduit
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-518999118-2613084225-3299785174-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-21-518999118-2613084225-3299785174-1001\..\Run: [SSync] . (.Pas de propriétaire - Lua Launcher.) -- C:\Users\christiane\AppData\Roaming\SSync\SSync.exe
O4 - HKUS\S-1-5-21-518999118-2613084225-3299785174-1001\..\Run: [DataMgr] . (.HTTO Group, Ltd. - Updater.) -- C:\Users\christiane\AppData\Roaming\DataMgr\DataMgr.exe
O4 - HKUS\S-1-5-21-518999118-2613084225-3299785174-1001\..\Run: [SCheck] . (.Pas de propriétaire - Lua Launcher.) -- C:\Users\christiane\AppData\Roaming\SCheck\SCheck.exe
O4 - HKUS\S-1-5-21-518999118-2613084225-3299785174-1001\..\Run: [Intermediate] . (.Pas de propriétaire - Lua Launcher.) -- C:\Users\christiane\AppData\Roaming\Intermediate\Intermediate.exe
O4 - HKUS\S-1-5-21-518999118-2613084225-3299785174-1001\..\Run: [HP Photosmart 5520 series (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe =>.Hewlett-Packard Co
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 [64Bits] - {bd707fe6-39f6-4bda-9265-86a76719bdc5} . (...) -- C:\Program Files\Motorola\Bluetooth\bluetooth.ico
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{10D298AE-28D8-47DB-BCD9-79E8A30A61C3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{A74BB713-CB40-42EA-8826-CACEAC0BF685}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{A74BB713-CB40-42EA-8826-CACEAC0BF685}: DhcpDomain = lan
O17 - HKLM\System\CS1\Services\Tcpip\..\{10D298AE-28D8-47DB-BCD9-79E8A30A61C3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{A74BB713-CB40-42EA-8826-CACEAC0BF685}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{A74BB713-CB40-42EA-8826-CACEAC0BF685}: DhcpDomain = lan
O17 - HKLM\System\CS2\Services\Tcpip\..\{10D298AE-28D8-47DB-BCD9-79E8A30A61C3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{A74BB713-CB40-42EA-8826-CACEAC0BF685}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{A74BB713-CB40-42EA-8826-CACEAC0BF685}: DhcpDomain = lan
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Antivirus Scheduled Scan] (...) -- C:\Program Files (x86)\AD-AWA~1\AdAwareLauncher.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{656E54B0-04F7-4599-B862-9787DD084E3A}] (...) -- C:\Users\christiane\Downloads\nero-7_nero_7.11.6.0_mise_a_jour_francais_10297.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{802AAF1F-9073-4B83-A60C-C929ADEB853F}] (...) -- C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\uninstbb.exe (.not file.) [0] =>Toolbar.Babylon
[MD5.00000000000000000000000000000000] [APT] [{A14BDE4C-8383-4989-ADF2-2C4B1800B080}] (...) -- C:\Users\christiane\Local Settings\Application Data\Bundled software uninstaller\biclient.exe (.not file.) [0] =>Adware.MegaSearch
[MD5.00000000000000000000000000000000] [APT] [{A4C9CB56-7F21-4469-8628-BCB9B24792A0}] (...) -- E:\sources\Photosmart 8000-slp_dd_hathi_110_017.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{B2A9761E-2C2A-45F1-8435-6C3FDEE32360}] (...) -- E:\TROUBLESHOOT\INSTMSIA.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{D6A90C27-B68F-4242-B8B2-9819C53AF0D5}] (...) -- E:\sources\Photosmart 8000-ConvergedIO_HPCOM_V3.exe (.not file.) [0]
~ Scheduled Task: 18 Legitimates Filtered in 00mn 06s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\5f0daddbc68b942]
[HKCU\Software\APN DTX]
[HKCU\Software\BI]
[HKCU\Software\BabylonToolbar] =>Toolbar.Babylon
[HKCU\Software\Blabbers] =>PUP.Blabbers
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\Cr_Installer] =>PUP.CrossRider
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr
[HKCU\Software\HTTOGroup]
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\OfferMosquito] =>Toolbar.OfferMosquito
[HKCU\Software\Protector]
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\SpeedMaxPc] =>PUP.SpeedMaxPc
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKCU\Software\Tuto4PC] =>PUP.Eorezo
[HKCU\Software\TutoTag] =>Spyware.AgenceExclusive
[HKCU\Software\Tutorials] =>Spyware.AgenceExclusive
[HKCU\Software\YahooPartnerToolbar] =>Toolbar.Yahoo
[HKCU\Software\delta LTD]
[HKCU\Software\iLivid] =>Adware.Bandoo
[HKCU\Software\fAfvfSfP [fVf#f" fEfBfU [fh'Å ¶ ¬'³'ê'½f [fJf< fAfvfSfP [fVf#f"]
[HKLM\Software\Tarma Installer] =>Toolbar.Tarma
[HKLM\Software\Wow6432Node\5f0daddbc68b942]
[HKLM\Software\Wow6432Node\AskTBar]
[HKLM\Software\Wow6432Node\Babylon] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Datamngr] =>PUP.Datamngr
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\IncrediMail]
[HKLM\Software\Wow6432Node\SpeedMaxPc] =>PUP.SpeedMaxPc
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Youyan]
[HKLM\Software\Wow6432Node\babylontoolbar] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\iLividSRTB] =>Adware.Bandoo
~ Key Software: 302 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 17/10/2012 - 11:43:18 - [1,827] ----D C:\Program Files (x86)\Conduit
O43 - CFD: 08/09/2013 - 20:58:28 - [0] ----D C:\Program Files (x86)\PC Cleaner =>USP.PCCleaner
O43 - CFD: 19/06/2013 - 14:49:29 - [0,050] ----D C:\Program Files (x86)\Common Files\Spigot =>PUP.Dealio
O43 - CFD: 17/08/2013 - 12:27:29 - [0] ----D C:\ProgramData\APN
O43 - CFD: 11/10/2012 - 10:02:48 - [0] ----D C:\ProgramData\Ask
O43 - CFD: 03/04/2013 - 17:00:05 - [0] ----D C:\ProgramData\Babylon =>Toolbar.Babylon
O43 - CFD: 01/09/2013 - 10:59:04 - [0] ----D C:\ProgramData\Browser Manager
O43 - CFD: 11/09/2013 - 15:13:14 - [0] ----D C:\ProgramData\SpeedMaxPc =>PUP.SpeedMaxPc
O43 - CFD: 17/10/2012 - 11:34:38 - [0,281] ----D C:\ProgramData\Tarma Installer =>Toolbar.Tarma
O43 - CFD: 03/04/2013 - 17:00:05 - [0,009] ----D C:\Users\christiane\AppData\Roaming\Babylon =>Toolbar.Babylon
O43 - CFD: 18/03/2012 - 11:14:35 - [0,002] ----D C:\Users\christiane\AppData\Roaming\com.socialbox.socialbox
O43 - CFD: 19/06/2013 - 15:51:58 - [0,161] ----D C:\Users\christiane\AppData\Roaming\DataMgr
O43 - CFD: 11/09/2013 - 15:05:02 - [0] ----D C:\Users\christiane\AppData\Roaming\SpeedMaxPc =>PUP.SpeedMaxPc
O43 - CFD: 20/03/2013 - 09:21:15 - [0] ----D C:\Users\christiane\AppData\Local\Conduit
O43 - CFD: 10/09/2013 - 09:51:28 - [0,005] ----D C:\Users\christiane\AppData\Local\iLivid =>Adware.Bandoo
~ 357 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 632 Legitimates Filtered in 01mn 41s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.E1ECC27DD412B33318CD46CD5C77A6D2] - 17/09/2013 - 07:05:08 ---A- . (...) -- C:\Windows\IE10_main.log [1347]
O44 - LFC:[MD5.1B2CE85F36F5BB6DEC7AE685978DB825] - 10/09/2013 - 08:57:42 ---A- . (.Pas de propriétaire - Toolbar_Exe_Launcher_Form.) -- C:\Windows\Launcher.exe [32328]
~ Files: 144 Legitimates Filtered in 00mn 58s
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.FA4EB479B10BF167AA7FD14B1D8210EC] - 23/09/2013 - 08:55:26 ---A- - C:\Windows\Prefetch\TRIGGER.EXE-041875CA.pf
O45 - LFCP:[MD5.0A7DEBCB1EA2F2E5F99B72E5C74C37E4] - 23/09/2013 - 10:20:48 ---A- - C:\Windows\Prefetch\IEUNATT.EXE-94DA8E02.pf
O45 - LFCP:[MD5.A67FA94F28BE71844BE22D888669B51D] - 23/09/2013 - 14:42:54 ---A- - C:\Windows\Prefetch\FSADMINSETTINGS.EXE-740AA57D.pf
~ Prefetcher: 92 Legitimates Filtered in 00mn 01s
---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{e5f3d40e-cf88-11e2-9979-643150592632}\AutoRun\command. (...) -- G:\DPFMate.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\Badoo Desktop [Key] . (...) -- C:\ProgramData\Badoo\Badoo desktop\1.6.48.1082\Badoo.desktop.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Browser companion helper [Key] . (...) -- C:\Program Files (x86)\BrowserCompanion\BCHelper.exe (.not file.) =>PUP.Blabbers
O53 - SMSR:HKLM\...\startupreg\offerbox [Key] . (...) -- C:\Program Files (x86)\OfferBox\OfferBox.exe (.not file.) =>PUP.OfferBox
~ SMSR Keys: 26 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.9573E8C7C3B3D1625FD941841FD0859C] - 24/06/2010 - 21:32:52 . (.Windows (R) Win 7 DDK provider - CyberLink WebCam Virtual Driver.) -- C:\Windows\System32\Drivers\clwvd.sys [32880]
O58 - SDL:[MD5.343786E182B9C9AE3066E00DEC650F50] - 27/02/2013 - 21:37:16 ---A- . (...) -- C:\Windows\SysWOW64\drivers\fsbts.sys [42672]
~ Drivers: 19 Legitimates Filtered in 00mn 00s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <Safari.exe> <Safari>[HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe
O68 - StartMenuInternet: <Torch> <>[HKLM\..\Shell\open\Command] (.Not Key.)
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_TMP_city", "BOULOGNE-BILLANCOURT");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_TMP_country", "FR");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_country", "FRANCE");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_locId", "FRXX0281");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_location", "Boulogne-Billancourt, France");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_region", "FR");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_temp_dis", "c");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_wind_dis", "kmh");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.weatherData", "{\"icon\":\"28.png\",\"temperature\":\"19ÃfÆ'ââ'¬Å¡Ãfâ€sÃ'°C\",\"temperatureClear\":[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.Facebook_Mode.enc", "Mg==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.Facebook_User_Locale.enc", "ZnI=");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.Facebook_ctid_Connect_send_new.enc", "c2VuZGVk");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.FirstTime", "true");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.FirstTimeFF3", "true");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.PG_ENABLE", "dHJ1ZQ==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.PG_ENABLE.enc", "dHJ1ZQ==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.SF_JUST_INSTALLED.enc", "RkFMU0U=");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.SF_STATUS.enc", "RU5BQkxFRA==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.SearchAppState.enc", "Mg==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2851639&SearchSource=2&CUI=UN8451[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.UserID", "UN84510811223764668");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.addressBarTakeOverEnabledInHidden", "true");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.browser.search.defaultthis.engineName", true);
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.countryCode", "FR");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.embeddedsData", "[{\"appId\":\"129351529700743801\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFra[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.enableFix404ByUser", "FALSE");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.firstTimeDialogOpened", "true");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.fixPageNotFoundErrorByUser", "TRUE");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.fixPageNotFoundErrorInHidden", "true");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.fixUrls", true);
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.fullUserID", "UN84510811223764668.UP.20130710092159");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.homepageuserchanged", true);
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.installType", "Unknown");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.isCheckedStartAsHidden", true);
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.isFirstTimeToolbarLoading", "false");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.keyword", true);
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"http://search.conduit.com/?ctid=CT2851639&octid=CT2[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.lastVersion", "10.16.4.519");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appStateReportTime.enc", "MTM3NDY0NDU4MDE2Ng==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appState_CouponBuddy.enc", "b2Zm");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appState_Easytobook.enc", "b2Zm");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appState_Easytobook_targeted.enc", "b2Zm");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appState_PriceGong.enc", "b2Zm"); =>Adware.PriceGong
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appState_WindowShopper.enc", "b2Zm");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY2[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_calledSetupService.enc", "MQ==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IkVhc3l0b2Jvb2tfdGFyZ2V0ZWQiLCJjcml0ZXJpYXMiOlt7I[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_currentVersion.enc", "MS45LjAuNA==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_eventsCache.enc", "eyI5NjliYmQwZi00N2M5LTQ0MmMtOGZjMy0yZmYzZmRmODg4M2YiOnsidG9waWMiOiJzZW5kVXNhZ2UiLCJ[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_existingUsersRecoveryDone.enc", "MQ==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_first_time.enc", "MQ==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_gadgetOpen.enc", "MA==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_installer_preapproved.enc", "RkFMU0U=");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_lastLoginTime.enc", "MTM3NDY0NDU4MDA5MQ==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_localization.enc", "eyJkbWJveDEiOnsiVGV4dCI6IlByb21vXG5kdSBqb3VyIn0sImRtYm94MiI6eyJUZXh0IjoiTGl2cmFpc2[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_mamEnabled.enc", "ZmFsc2U=");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_settings1.8.0.4.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNDZfMCI[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_settings1.9.0.4.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiODRfMCI[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_showCloseButton.enc", "dHJ1ZQ==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_userId.enc", "ZmE4MjQ2MDEtYjNhMi00MzA0LTg3YWEtMDdjNjNiNDkyZjMz");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_user_approval_interacted.enc", "MQ==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.migrateAppsAndComponents", true);
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"http%3A%2F%2Fwww.pmu.fr%2F\",\"EB_M[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.originalSearchAddressUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2851639&SearchSource=2&CUI=UN845[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.price-gong.isManagedApp", "true");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.search.searchAppId", "129351529700743801");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.search.searchCount", "0");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.searchFromAddressBarEnabledByUser", "true");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.searchInNewTabEnabledByUser", "true");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.searchInNewTabEnabledInHidden", "true");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.searchSuggestEnabledByUser", "true");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.searchUserMode", "1");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2851639\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"http://uTorrent[...] =>P2P.µTorrent
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"uTorrentBar_FR\[...] =>P2P.µTorrent
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_Configuration_lastUpdate", "1374608463592");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1374506502179");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_appsMetadata_lastUpdate", "1374607447166");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1374569734926");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_location_lastUpdate", "1373313893003");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_login_10.15.0.562_lastUpdate", "1369339416564");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_login_10.16.2.509_lastUpdate", "1373384040933");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_login_10.16.4.519_lastUpdate", "1374644697280");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1374569734975");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_searchAPI_lastUpdate", "1374608463436");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_serviceMap_lastUpdate", "1374608463334");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_setupAPI_lastUpdate", "1366088608892");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_toolbarContextMenu_lastUpdate", "1374569734973");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_toolbarSettings_lastUpdate", "1374644697402");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_translation_lastUpdate", "1374608463465");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.settingsINI", true);
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.showToolbarPermission", "false");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.smartbar.CTID", "CT2851639"); =>Hijacker.SmartBar
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.smartbar.Uninstall", "0"); =>Hijacker.SmartBar
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.smartbar.homepage", true); =>Hijacker.SmartBar
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.smartbar.toolbarName", "uTorrentBar_FR "); =>Hijacker.SmartBar
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.toolbarBornServerTime", "15-4-2013");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.toolbarCurrentServerTime", "24-7-2013");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.toolbarDisabled", "true");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.toolbarLoginClientTime", "Tue Apr 16 2013 07:03:28 GMT+0200");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1374644576147,\"isWithState\"[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("Smartbar.ConduitHomepagesList", "http://search.conduit.com/?ctid=CT2851639&SearchSource=13&CUI=UN84510811223764668&UM=1[...] =>Hijacker.SmartBar
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("Smartbar.ConduitSearchEngineList", "uTorrentBar_FR Customized Web Search"); =>Hijacker.SmartBar
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("Smartbar.ConduitSearchUrlList", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2851639&SearchSource=2&CUI=UN84510811[...] =>Hijacker.SmartBar
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("browser.search.defaultengine", "Web Search");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("browser.search.order.1", "Web Search");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.crossrider.bic", "13e1139e0f29abf200aa21fbab394007"); =>PUP.CrossRider
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.admin", false);
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.aflt", "babsst");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.autoRvrt", "false");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.bbDpng", "16");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.cntry", "FR");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.dfltLng", "en");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.excTlbr", false);
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.hdrMd5", "40E87F75823456273CECCC3FC445D3B0");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.id", "46448de3000000000000e02a8211ef36");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.instlDay", "15798");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.instlRef", "sst");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.lastVrsnTs", "1.8.10.017:00:25");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.newTab", false);
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.prdct", "delta");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.prtnrId", "delta");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.rvrt", "false");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.sg", "azb");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.smplGrp", "none");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.tlbrId", "base");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.tlbrSrchUrl", "");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.vrsn", "1.8.10.0");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.vrsnTs", "1.8.10.017:00:25");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.vrsni", "1.8.10.0");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("smartbar.conduitHomepageList", "http://search.conduit.com/?ctid=CT2851639&SearchSource=13&CUI=UN84510811223764668&UM=1"[...] =>Hijacker.SmartBar
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("smartbar.conduitSearchAddressUrlList", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2851639&SearchSource=2&CUI=UN8[...] =>Hijacker.SmartBar
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.RevertDialog.enable", "false"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "0"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.Visibility.enable", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.Visibility.intervaldays", "7"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.cda.HideOveride.enable", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.cda.returnValue", "disable"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.0.enable", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.0.height", "335"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.0.url", "http://www.sweetim.com/simffbar/options_remote_ff.asp?lang=$locale_id;&toolbar_version[...] =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.0.width", "761"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.1
J'espere pouvoir me dépanner Rapport de ZHPDiag v2013.9.22.410 - Nicolas Coolman (22/09/2013)
~ Lancé par christiane (23/09/2013 15:45:20)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16686
MFIE: Mozilla Firefox 24.0 (Defaut)
OBIE: Safari v5.34.57.2
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 3Q6C9
Windows License : OK
~ Windows Remaining Initializations Number : 2
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
Computer Security 12.56.100.0
Pack Sécurité v1.57.391.0
Pack Sécurité v1.57.391.0
McAfee Security Scan Plus v3.0.318.3
Windows Defender W7
---\\ Logiciels d'optimisation du système
CCleaner v3.09 =>Piriform Ltd
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader X
Java 7 Update 25
---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3893 MB (49% free)
System Restore: Activé (Enable)
System drive C: has 817 GB (89%) free of 910 GB
---\\ Mode de connexion au système
~ Computer Name: CHRISTIANE-HP
~ User Name: christiane
~ All Users Names: HomeGroupUser$, christiane, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppData% : C:\Users\christiane\AppData\Roaming\
~ %Desktop% : C:\Users\christiane\Desktop\
~ %Favorites% : C:\Users\christiane\Favorites\
~ %LocalAppData% : C:\Users\christiane\AppData\Local\
~ %StartMenu% : C:\Users\christiane\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 817 Go of 910 Go)
D: Hard drive, Flash drive, Thumb drive (Free 3 Go of 21 Go)
E: CD-ROM drive (Not Inserted)
F: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 38 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.AAFA952E774DDDB0956D3BDFAE5B5B99] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.10/08/2013 - 06:22:18.) -- C:\Windows\System32\wininet.dll [2241024]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/296
~ Mes musiques (My Musics) : 19/2103
~ Mes Videos (My Videos) : 1/38
~ Mes Favoris (My Favorites) : 1/98
~ Mes Documents (My Documents) : 11/433
~ Mon Bureau (My Desktop) : 5/571
~ Menu demarrer (Programs) : 1/24
~ Hidden Files: Scanned in 00mn 10s
---\\ Processus lancés
[MD5.8FA2C363521F1181C32C767F26F0B47E] - (.DigitalPersona, Inc. - DigitalPersona Local Agent.) -- C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe [625416] [PID.1788]
[MD5.F44431CFD96428206039D3556311BF1B] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [19876968] [PID.2448]
[MD5.BD713579A87D698E1F2158CE10E48130] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe [272248] [PID.2776]
[MD5.17BE4BAEC3D4FE887BC5F446FEF4FD97] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files (x86)\SFR\Pack_Securite\fshoster32.exe [163536] [PID.2232]
[MD5.B41552B522C101326A849641F4E823C2] - (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSM32.exe [311976] [PID.3048]
[MD5.3E1E0A83941B0402330858B3851648EB] - (.Easybits - Software update notification.) -- C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1238016] [PID.3068]
[MD5.9ACCBC5891BA51B5B29C1A88F80D4CE3] - (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe [421888] [PID.2848]
[MD5.CE42DFE915F78246364D464902E47360] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.2508]
[MD5.CE5C9977DA751DDC30952AC4DCBCA788] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208] [PID.3268]
[MD5.B7F55E2AE978D3D34F7876EE5D689AAE] - (.CyberLink - YouCam Mirage.) -- C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe [136488] [PID.3900]
[MD5.A9182CE59CFC56F9C1DDE8B3C0AE8378] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [274840] [PID.6088]
[MD5.63DCE64797C64FB6110727B993440EA5] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8000512] [PID.5920]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1160]
[MD5.4FE5C6D40664AE07BE5105874357D2ED] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [57008] [PID.1420]
[MD5.CA793DCC1D5F619021EF1D37CC7A831E] - (.EasyBits Software AS - Shared EasyBits services for Windows.) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232] [PID.2140]
[MD5.45303CDBC1FD8F8D371E726BF126F771] - (.F-Secure Corporation - F-Secure ORSP Service.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\CCF_Reputation\fsorsp.exe [60352] [PID.2316]
[MD5.5AA89E152634954E15E9DB265C6A8557] - (.Pas de propriétaire - HPWMISVC Application.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [27192] [PID.2336]
[MD5.7CF1B716372B89568AE4C0FE769F5869] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872] [PID.2376]
[MD5.9281297DDEAB730CB2EBB27D74069BD3] - (.F-Secure Corporation - F-Secure Gatekeeper Handler 32-bit.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Anti-Virus\FSGK32.exe [621504] [PID.2384]
[MD5.5E53CF8AD0FD33B35000C113656AB37B] - (.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2754984] [PID.2956]
[MD5.E319535A8124F25C1C9C5288CACF3101] - (.TomTom - Windows Service for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [92632] [PID.3096]
[MD5.F13DA74969897359A88F2A739F54A250] - (.Ulead Systems, Inc. - ULCDRSvr.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152] [PID.3144]
[MD5.C2251C602EDFC49E71D13D660AB7F625] - (.F-Secure Corporation - F-Secure Management Agent.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSMA32.exe [213672] [PID.4228]
[MD5.9CB3D8D519DB7A70A463387B8E9AD924] - (.F-Secure Corporation - F-Secure Scanner Manager 32-bit.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Anti-Virus\fssm32.exe [1039296] [PID.4548]
[MD5.0955C23C041451FB4E7099D6B2CF1C06] - (.Hewlett-Packard Company - HP Software Framework WMI Service.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [988216] [PID.2576]
~ Processes Running: Scanned in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\prefs.js
C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\user.js
C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\prefs.js
C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\user.js
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\ask-search.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\Ask.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\bingp.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\delta.xml =>Toolbar.DeltaSearch
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\inbox-search.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\search.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\Search_Results.xml =>PUP.SearchResults
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\search_the_web.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\Web Search.xml =>Parasite.Pugi
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\ask-search.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\Ask.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\bingp.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\delta.xml =>Toolbar.DeltaSearch
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\inbox-search.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\search.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\Search_Results.xml =>PUP.SearchResults
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\search_the_web.xml
M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\Web Search.xml =>Parasite.Pugi
M3 - MFPP: Plugins - [christiane] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\Ask.xml
M3 - MFPP: Plugins - [christiane] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\avg-secure-search.xml
M3 - MFPP: Plugins - [christiane] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\babylon.xml =>Toolbar.Babylon
M3 - MFPP: Plugins - [christiane] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\fcmdSrchadj.xml =>Adware.Facemoods
M3 - MFPP: Plugins - [christiane] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\Search_Results.xml =>PUP.SearchResults
M3 - MFPP: Plugins - [christiane] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\Web Search.xml =>Parasite.Pugi
M0 - MFSP: prefs.js [christiane - Solo_912457] http://ww7.certified-toolbar.com =>PUP.CertifiedToolbar
M2 - MFEP: prefs.js [christiane - mnsyx3xp.default\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}] [] uTorrentBar_FR v10.20.0.513 (..) =>P2P.µTorrent
M2 - MFEP: prefs.js [christiane - Solo_912457\inboxcomtoolbar@inbox.com] [] Inbox Toolbar v (..)
M2 - MFEP: prefs.js [christiane - Solo_912457\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}] [] uTorrentBar_FR v10.16.70.505 (..) =>P2P.µTorrent
M2 - MFEP: prefs.js [christiane - Solo_912457\{3d86a75b-cb6b-4764-885d-ca6336f04ba2}] [] Movies Toolbar (Dist. by Bandoo Media, Inc.) v1.6.2.0 (..) =>Adware.Bandoo
M2 - MFEP: prefs.js [christiane - Solo_912457\{F008E9D6-2FF2-E796-08BA-80504C331C97}] [] New tab v5.0.0.9178 (..)
~ Firefox Browser: 50 Legitimates Filtered in 00mn 01s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://ww7.certified-toolbar.com =>PUP.CertifiedToolbar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ww7.certified-toolbar.com =>PUP.CertifiedToolbar
~ IE Browser: 14 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 0
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{D4027C7F-154A-4066-A1AD-4243D8127440} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{EEE6C35B-6118-11DC-9C72-001320C79847} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{BA14329E-9550-4989-B3F2-9732E92D17CC} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Ulead VideoStudio SE DVD.lnk . (.Ulead Systems, Inc. - Ulead VideoStudio.) -- C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\vstudio.exe
O4 - GS\Program [Public]: HP SimplePass Identity Protection.lnk . (.DigitalPersona, Inc. - User Dashboard.) -- C:\Program Files (x86)\DigitalPersona\Bin\DPUserConsole.exe
O4 - GS\Program [Public]: Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\QuickLaunch [christiane]: Apple Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\QuickLaunch [christiane]: Light Image Resizer 4.lnk . (.ObviousIdea SARL - ImageResizer.) -- C:\Program Files (x86)\ObviousIdea\Image Resizer 4\Resize.exe
O4 - GS\TaskBar [christiane]: HP MediaSmart.lnk . (...) -- C:\Program Files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (.not file.)
O4 - GS\TaskBar [christiane]: OpenOffice 4.0.0.lnk . (.Apache Software Foundation - OpenOffice 4.0.0.) -- C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
O4 - GS\TaskBar [christiane]: Power2Go.lnk . (.CyberLink Corp. - Power2Go.) -- C:\Program Files (x86)\CyberLink\Power2Go\Power2Go.exe
O4 - GS\Desktop [christiane]: Images - Raccourci.lnk . (...) -- C:\Users\christiane\AppData\Roaming\Microsoft\Windows\Libraries\Pictures.library-ms
O4 - GS\Desktop [christiane]: Light Image Resizer 4.lnk . (.ObviousIdea SARL - ImageResizer.) -- C:\Program Files (x86)\ObviousIdea\Image Resizer 4\Resize.exe
O4 - GS\Desktop [christiane]: Téléchargements - Raccourci.lnk . (...) -- C:\Users\christiane\Downloads
~ Global Startup: 75 Legitimates Filtered in 00mn 02s
---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: McAfee Security Scan Plus.lnk . (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
O4 - GS\Startup [christiane]: Alertes de surveillance de l'encre - HP Photosmart 5520 series (réseau).lnk . (.Hewlett-Packard Co. - Print Driver Status Business Logic.) -- C:\Program Files\HP\HP Photosmart 5520 series\bin\HPStatusBL.dll =>.Hewlett-Packard Co
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKCU\..\Run: [SSync] . (.Pas de propriétaire - Lua Launcher.) -- C:\Users\christiane\AppData\Roaming\SSync\SSync.exe
O4 - HKCU\..\Run: [DataMgr] . (.HTTO Group, Ltd. - Updater.) -- C:\Users\christiane\AppData\Roaming\DataMgr\DataMgr.exe
O4 - HKCU\..\Run: [SCheck] . (.Pas de propriétaire - Lua Launcher.) -- C:\Users\christiane\AppData\Roaming\SCheck\SCheck.exe
O4 - HKCU\..\Run: [Intermediate] . (.Pas de propriétaire - Lua Launcher.) -- C:\Users\christiane\AppData\Roaming\Intermediate\Intermediate.exe
O4 - HKCU\..\Run: [HP Photosmart 5520 series (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Wow6432Node\Run: [Tutorials] Clé orpheline =>Spyware.AgenceExclusive
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [F-Secure Hoster (44996)] . (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files (x86)\SFR\Pack_Securite\fshoster32.exe
O4 - HKLM\..\Wow6432Node\Run: [F-Secure Manager] . (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSM32.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [Magic Desktop for HP notification] . (.Easybits - Software update notification.) -- C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [Search Protection] C:\ProgramData\Search Protection\SearchProtection.exe (.not file.) =>Toolbar.Conduit
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-518999118-2613084225-3299785174-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-21-518999118-2613084225-3299785174-1001\..\Run: [SSync] . (.Pas de propriétaire - Lua Launcher.) -- C:\Users\christiane\AppData\Roaming\SSync\SSync.exe
O4 - HKUS\S-1-5-21-518999118-2613084225-3299785174-1001\..\Run: [DataMgr] . (.HTTO Group, Ltd. - Updater.) -- C:\Users\christiane\AppData\Roaming\DataMgr\DataMgr.exe
O4 - HKUS\S-1-5-21-518999118-2613084225-3299785174-1001\..\Run: [SCheck] . (.Pas de propriétaire - Lua Launcher.) -- C:\Users\christiane\AppData\Roaming\SCheck\SCheck.exe
O4 - HKUS\S-1-5-21-518999118-2613084225-3299785174-1001\..\Run: [Intermediate] . (.Pas de propriétaire - Lua Launcher.) -- C:\Users\christiane\AppData\Roaming\Intermediate\Intermediate.exe
O4 - HKUS\S-1-5-21-518999118-2613084225-3299785174-1001\..\Run: [HP Photosmart 5520 series (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe =>.Hewlett-Packard Co
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 [64Bits] - {bd707fe6-39f6-4bda-9265-86a76719bdc5} . (...) -- C:\Program Files\Motorola\Bluetooth\bluetooth.ico
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{10D298AE-28D8-47DB-BCD9-79E8A30A61C3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{A74BB713-CB40-42EA-8826-CACEAC0BF685}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{A74BB713-CB40-42EA-8826-CACEAC0BF685}: DhcpDomain = lan
O17 - HKLM\System\CS1\Services\Tcpip\..\{10D298AE-28D8-47DB-BCD9-79E8A30A61C3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{A74BB713-CB40-42EA-8826-CACEAC0BF685}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{A74BB713-CB40-42EA-8826-CACEAC0BF685}: DhcpDomain = lan
O17 - HKLM\System\CS2\Services\Tcpip\..\{10D298AE-28D8-47DB-BCD9-79E8A30A61C3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{A74BB713-CB40-42EA-8826-CACEAC0BF685}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{A74BB713-CB40-42EA-8826-CACEAC0BF685}: DhcpDomain = lan
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Antivirus Scheduled Scan] (...) -- C:\Program Files (x86)\AD-AWA~1\AdAwareLauncher.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{656E54B0-04F7-4599-B862-9787DD084E3A}] (...) -- C:\Users\christiane\Downloads\nero-7_nero_7.11.6.0_mise_a_jour_francais_10297.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{802AAF1F-9073-4B83-A60C-C929ADEB853F}] (...) -- C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\uninstbb.exe (.not file.) [0] =>Toolbar.Babylon
[MD5.00000000000000000000000000000000] [APT] [{A14BDE4C-8383-4989-ADF2-2C4B1800B080}] (...) -- C:\Users\christiane\Local Settings\Application Data\Bundled software uninstaller\biclient.exe (.not file.) [0] =>Adware.MegaSearch
[MD5.00000000000000000000000000000000] [APT] [{A4C9CB56-7F21-4469-8628-BCB9B24792A0}] (...) -- E:\sources\Photosmart 8000-slp_dd_hathi_110_017.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{B2A9761E-2C2A-45F1-8435-6C3FDEE32360}] (...) -- E:\TROUBLESHOOT\INSTMSIA.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{D6A90C27-B68F-4242-B8B2-9819C53AF0D5}] (...) -- E:\sources\Photosmart 8000-ConvergedIO_HPCOM_V3.exe (.not file.) [0]
~ Scheduled Task: 18 Legitimates Filtered in 00mn 06s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\5f0daddbc68b942]
[HKCU\Software\APN DTX]
[HKCU\Software\BI]
[HKCU\Software\BabylonToolbar] =>Toolbar.Babylon
[HKCU\Software\Blabbers] =>PUP.Blabbers
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\Cr_Installer] =>PUP.CrossRider
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr
[HKCU\Software\HTTOGroup]
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\OfferMosquito] =>Toolbar.OfferMosquito
[HKCU\Software\Protector]
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\SpeedMaxPc] =>PUP.SpeedMaxPc
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKCU\Software\Tuto4PC] =>PUP.Eorezo
[HKCU\Software\TutoTag] =>Spyware.AgenceExclusive
[HKCU\Software\Tutorials] =>Spyware.AgenceExclusive
[HKCU\Software\YahooPartnerToolbar] =>Toolbar.Yahoo
[HKCU\Software\delta LTD]
[HKCU\Software\iLivid] =>Adware.Bandoo
[HKCU\Software\fAfvfSfP [fVf#f" fEfBfU [fh'Å ¶ ¬'³'ê'½f [fJf< fAfvfSfP [fVf#f"]
[HKLM\Software\Tarma Installer] =>Toolbar.Tarma
[HKLM\Software\Wow6432Node\5f0daddbc68b942]
[HKLM\Software\Wow6432Node\AskTBar]
[HKLM\Software\Wow6432Node\Babylon] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Datamngr] =>PUP.Datamngr
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\IncrediMail]
[HKLM\Software\Wow6432Node\SpeedMaxPc] =>PUP.SpeedMaxPc
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Youyan]
[HKLM\Software\Wow6432Node\babylontoolbar] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\iLividSRTB] =>Adware.Bandoo
~ Key Software: 302 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 17/10/2012 - 11:43:18 - [1,827] ----D C:\Program Files (x86)\Conduit
O43 - CFD: 08/09/2013 - 20:58:28 - [0] ----D C:\Program Files (x86)\PC Cleaner =>USP.PCCleaner
O43 - CFD: 19/06/2013 - 14:49:29 - [0,050] ----D C:\Program Files (x86)\Common Files\Spigot =>PUP.Dealio
O43 - CFD: 17/08/2013 - 12:27:29 - [0] ----D C:\ProgramData\APN
O43 - CFD: 11/10/2012 - 10:02:48 - [0] ----D C:\ProgramData\Ask
O43 - CFD: 03/04/2013 - 17:00:05 - [0] ----D C:\ProgramData\Babylon =>Toolbar.Babylon
O43 - CFD: 01/09/2013 - 10:59:04 - [0] ----D C:\ProgramData\Browser Manager
O43 - CFD: 11/09/2013 - 15:13:14 - [0] ----D C:\ProgramData\SpeedMaxPc =>PUP.SpeedMaxPc
O43 - CFD: 17/10/2012 - 11:34:38 - [0,281] ----D C:\ProgramData\Tarma Installer =>Toolbar.Tarma
O43 - CFD: 03/04/2013 - 17:00:05 - [0,009] ----D C:\Users\christiane\AppData\Roaming\Babylon =>Toolbar.Babylon
O43 - CFD: 18/03/2012 - 11:14:35 - [0,002] ----D C:\Users\christiane\AppData\Roaming\com.socialbox.socialbox
O43 - CFD: 19/06/2013 - 15:51:58 - [0,161] ----D C:\Users\christiane\AppData\Roaming\DataMgr
O43 - CFD: 11/09/2013 - 15:05:02 - [0] ----D C:\Users\christiane\AppData\Roaming\SpeedMaxPc =>PUP.SpeedMaxPc
O43 - CFD: 20/03/2013 - 09:21:15 - [0] ----D C:\Users\christiane\AppData\Local\Conduit
O43 - CFD: 10/09/2013 - 09:51:28 - [0,005] ----D C:\Users\christiane\AppData\Local\iLivid =>Adware.Bandoo
~ 357 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 632 Legitimates Filtered in 01mn 41s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.E1ECC27DD412B33318CD46CD5C77A6D2] - 17/09/2013 - 07:05:08 ---A- . (...) -- C:\Windows\IE10_main.log [1347]
O44 - LFC:[MD5.1B2CE85F36F5BB6DEC7AE685978DB825] - 10/09/2013 - 08:57:42 ---A- . (.Pas de propriétaire - Toolbar_Exe_Launcher_Form.) -- C:\Windows\Launcher.exe [32328]
~ Files: 144 Legitimates Filtered in 00mn 58s
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.FA4EB479B10BF167AA7FD14B1D8210EC] - 23/09/2013 - 08:55:26 ---A- - C:\Windows\Prefetch\TRIGGER.EXE-041875CA.pf
O45 - LFCP:[MD5.0A7DEBCB1EA2F2E5F99B72E5C74C37E4] - 23/09/2013 - 10:20:48 ---A- - C:\Windows\Prefetch\IEUNATT.EXE-94DA8E02.pf
O45 - LFCP:[MD5.A67FA94F28BE71844BE22D888669B51D] - 23/09/2013 - 14:42:54 ---A- - C:\Windows\Prefetch\FSADMINSETTINGS.EXE-740AA57D.pf
~ Prefetcher: 92 Legitimates Filtered in 00mn 01s
---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{e5f3d40e-cf88-11e2-9979-643150592632}\AutoRun\command. (...) -- G:\DPFMate.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\Badoo Desktop [Key] . (...) -- C:\ProgramData\Badoo\Badoo desktop\1.6.48.1082\Badoo.desktop.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Browser companion helper [Key] . (...) -- C:\Program Files (x86)\BrowserCompanion\BCHelper.exe (.not file.) =>PUP.Blabbers
O53 - SMSR:HKLM\...\startupreg\offerbox [Key] . (...) -- C:\Program Files (x86)\OfferBox\OfferBox.exe (.not file.) =>PUP.OfferBox
~ SMSR Keys: 26 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.9573E8C7C3B3D1625FD941841FD0859C] - 24/06/2010 - 21:32:52 . (.Windows (R) Win 7 DDK provider - CyberLink WebCam Virtual Driver.) -- C:\Windows\System32\Drivers\clwvd.sys [32880]
O58 - SDL:[MD5.343786E182B9C9AE3066E00DEC650F50] - 27/02/2013 - 21:37:16 ---A- . (...) -- C:\Windows\SysWOW64\drivers\fsbts.sys [42672]
~ Drivers: 19 Legitimates Filtered in 00mn 00s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <Safari.exe> <Safari>[HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe
O68 - StartMenuInternet: <Torch> <>[HKLM\..\Shell\open\Command] (.Not Key.)
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_TMP_city", "BOULOGNE-BILLANCOURT");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_TMP_country", "FR");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_country", "FRANCE");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_locId", "FRXX0281");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_location", "Boulogne-Billancourt, France");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_region", "FR");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_temp_dis", "c");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_wind_dis", "kmh");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.weatherData", "{\"icon\":\"28.png\",\"temperature\":\"19ÃfÆ'ââ'¬Å¡Ãfâ€sÃ'°C\",\"temperatureClear\":[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.Facebook_Mode.enc", "Mg==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.Facebook_User_Locale.enc", "ZnI=");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.Facebook_ctid_Connect_send_new.enc", "c2VuZGVk");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.FirstTime", "true");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.FirstTimeFF3", "true");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.PG_ENABLE", "dHJ1ZQ==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.PG_ENABLE.enc", "dHJ1ZQ==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.SF_JUST_INSTALLED.enc", "RkFMU0U=");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.SF_STATUS.enc", "RU5BQkxFRA==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.SearchAppState.enc", "Mg==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2851639&SearchSource=2&CUI=UN8451[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.UserID", "UN84510811223764668");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.addressBarTakeOverEnabledInHidden", "true");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.browser.search.defaultthis.engineName", true);
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.countryCode", "FR");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.embeddedsData", "[{\"appId\":\"129351529700743801\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFra[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.enableFix404ByUser", "FALSE");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.firstTimeDialogOpened", "true");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.fixPageNotFoundErrorByUser", "TRUE");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.fixPageNotFoundErrorInHidden", "true");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.fixUrls", true);
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.fullUserID", "UN84510811223764668.UP.20130710092159");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.homepageuserchanged", true);
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.installType", "Unknown");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.isCheckedStartAsHidden", true);
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.isFirstTimeToolbarLoading", "false");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.keyword", true);
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"http://search.conduit.com/?ctid=CT2851639&octid=CT2[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.lastVersion", "10.16.4.519");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appStateReportTime.enc", "MTM3NDY0NDU4MDE2Ng==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appState_CouponBuddy.enc", "b2Zm");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appState_Easytobook.enc", "b2Zm");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appState_Easytobook_targeted.enc", "b2Zm");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appState_PriceGong.enc", "b2Zm"); =>Adware.PriceGong
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appState_WindowShopper.enc", "b2Zm");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY2[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_calledSetupService.enc", "MQ==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IkVhc3l0b2Jvb2tfdGFyZ2V0ZWQiLCJjcml0ZXJpYXMiOlt7I[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_currentVersion.enc", "MS45LjAuNA==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_eventsCache.enc", "eyI5NjliYmQwZi00N2M5LTQ0MmMtOGZjMy0yZmYzZmRmODg4M2YiOnsidG9waWMiOiJzZW5kVXNhZ2UiLCJ[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_existingUsersRecoveryDone.enc", "MQ==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_first_time.enc", "MQ==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_gadgetOpen.enc", "MA==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_installer_preapproved.enc", "RkFMU0U=");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_lastLoginTime.enc", "MTM3NDY0NDU4MDA5MQ==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_localization.enc", "eyJkbWJveDEiOnsiVGV4dCI6IlByb21vXG5kdSBqb3VyIn0sImRtYm94MiI6eyJUZXh0IjoiTGl2cmFpc2[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_mamEnabled.enc", "ZmFsc2U=");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_settings1.8.0.4.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNDZfMCI[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_settings1.9.0.4.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiODRfMCI[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_showCloseButton.enc", "dHJ1ZQ==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_userId.enc", "ZmE4MjQ2MDEtYjNhMi00MzA0LTg3YWEtMDdjNjNiNDkyZjMz");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_user_approval_interacted.enc", "MQ==");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.migrateAppsAndComponents", true);
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"http%3A%2F%2Fwww.pmu.fr%2F\",\"EB_M[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.originalSearchAddressUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2851639&SearchSource=2&CUI=UN845[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.price-gong.isManagedApp", "true");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.search.searchAppId", "129351529700743801");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.search.searchCount", "0");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.searchFromAddressBarEnabledByUser", "true");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.searchInNewTabEnabledByUser", "true");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.searchInNewTabEnabledInHidden", "true");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.searchSuggestEnabledByUser", "true");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.searchUserMode", "1");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2851639\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"http://uTorrent[...] =>P2P.µTorrent
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"uTorrentBar_FR\[...] =>P2P.µTorrent
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_Configuration_lastUpdate", "1374608463592");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1374506502179");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_appsMetadata_lastUpdate", "1374607447166");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1374569734926");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_location_lastUpdate", "1373313893003");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_login_10.15.0.562_lastUpdate", "1369339416564");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_login_10.16.2.509_lastUpdate", "1373384040933");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_login_10.16.4.519_lastUpdate", "1374644697280");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1374569734975");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_searchAPI_lastUpdate", "1374608463436");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_serviceMap_lastUpdate", "1374608463334");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_setupAPI_lastUpdate", "1366088608892");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_toolbarContextMenu_lastUpdate", "1374569734973");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_toolbarSettings_lastUpdate", "1374644697402");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_translation_lastUpdate", "1374608463465");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.settingsINI", true);
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.showToolbarPermission", "false");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.smartbar.CTID", "CT2851639"); =>Hijacker.SmartBar
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.smartbar.Uninstall", "0"); =>Hijacker.SmartBar
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.smartbar.homepage", true); =>Hijacker.SmartBar
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.smartbar.toolbarName", "uTorrentBar_FR "); =>Hijacker.SmartBar
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.toolbarBornServerTime", "15-4-2013");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.toolbarCurrentServerTime", "24-7-2013");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.toolbarDisabled", "true");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.toolbarLoginClientTime", "Tue Apr 16 2013 07:03:28 GMT+0200");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1374644576147,\"isWithState\"[...]
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("Smartbar.ConduitHomepagesList", "http://search.conduit.com/?ctid=CT2851639&SearchSource=13&CUI=UN84510811223764668&UM=1[...] =>Hijacker.SmartBar
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("Smartbar.ConduitSearchEngineList", "uTorrentBar_FR Customized Web Search"); =>Hijacker.SmartBar
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("Smartbar.ConduitSearchUrlList", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2851639&SearchSource=2&CUI=UN84510811[...] =>Hijacker.SmartBar
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("browser.search.defaultengine", "Web Search");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("browser.search.order.1", "Web Search");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.crossrider.bic", "13e1139e0f29abf200aa21fbab394007"); =>PUP.CrossRider
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.admin", false);
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.aflt", "babsst");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.autoRvrt", "false");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.bbDpng", "16");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.cntry", "FR");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.dfltLng", "en");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.excTlbr", false);
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.hdrMd5", "40E87F75823456273CECCC3FC445D3B0");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.id", "46448de3000000000000e02a8211ef36");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.instlDay", "15798");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.instlRef", "sst");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.lastVrsnTs", "1.8.10.017:00:25");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.newTab", false);
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.prdct", "delta");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.prtnrId", "delta");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.rvrt", "false");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.sg", "azb");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.smplGrp", "none");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.tlbrId", "base");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.tlbrSrchUrl", "");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.vrsn", "1.8.10.0");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.vrsnTs", "1.8.10.017:00:25");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.vrsni", "1.8.10.0");
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("smartbar.conduitHomepageList", "http://search.conduit.com/?ctid=CT2851639&SearchSource=13&CUI=UN84510811223764668&UM=1"[...] =>Hijacker.SmartBar
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("smartbar.conduitSearchAddressUrlList", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2851639&SearchSource=2&CUI=UN8[...] =>Hijacker.SmartBar
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.RevertDialog.enable", "false"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "0"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.Visibility.enable", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.Visibility.intervaldays", "7"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.cda.HideOveride.enable", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.cda.returnValue", "disable"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.0.enable", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.0.height", "335"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.0.url", "http://www.sweetim.com/simffbar/options_remote_ff.asp?lang=$locale_id;&toolbar_version[...] =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.0.width", "761"); =>PUP.SweetIM
O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.1
buckhulk
Messages postés
13690
Date d'inscription
dimanche 21 septembre 2008
Statut
Contributeur
Dernière intervention
14 novembre 2020
1 756
23 sept. 2013 à 18:16
23 sept. 2013 à 18:16
oui donc pas mal de virus enfin des "trucs" habituels !!!
passe adw Cleaner :
1 - Téléchargez AdwCleaner et lance son exécution.
>>>ICI<<<
Mirror
2 - L'interface du programme va s'ouvrir.
Cliques sur le bouton Scanner afin de lancer la détection, celle-ci ne prendra que quelques secondes, patientes.
Le rapport est automatiquement enregistré à la racine de votre disque dur principal, en général C:
3 - Fermes le rapport puis cliques sur le bouton Suppression
4 - Dès la suppression effective, le logiciel demande de redémarrer l'ordinateur, cliques sur Ok.
au redémarrage :
5 - Poste les deux rapports , recherche et suppression
(CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller)
6 - Tu peux fermer AdwCleaner
passe adw Cleaner :
AdwCleaner: Logiciel très simple d'utilisation
1 - Téléchargez AdwCleaner et lance son exécution.
>>>ICI<<<
Mirror
2 - L'interface du programme va s'ouvrir.
Cliques sur le bouton Scanner afin de lancer la détection, celle-ci ne prendra que quelques secondes, patientes.
Le rapport est automatiquement enregistré à la racine de votre disque dur principal, en général C:
3 - Fermes le rapport puis cliques sur le bouton Suppression
SIAdwCleaner a trouvé des choses dans les différents onglets
4 - Dès la suppression effective, le logiciel demande de redémarrer l'ordinateur, cliques sur Ok.
au redémarrage :
5 - Poste les deux rapports , recherche et suppression
(CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller)
6 - Tu peux fermer AdwCleaner
marijon07
Messages postés
353
Date d'inscription
mercredi 23 février 2011
Statut
Membre
Dernière intervention
11 mai 2017
1
23 sept. 2013 à 19:29
23 sept. 2013 à 19:29
Buckhulk ,
j'ai télécharge AdwCleaner , scanné
j'ai trouvé le rapport sur mon disque C , et après je sais plus , je n'ai pas trouvé suppression
j'ai télécharge AdwCleaner , scanné
j'ai trouvé le rapport sur mon disque C , et après je sais plus , je n'ai pas trouvé suppression
buckhulk
Messages postés
13690
Date d'inscription
dimanche 21 septembre 2008
Statut
Contributeur
Dernière intervention
14 novembre 2020
1 756
23 sept. 2013 à 19:41
23 sept. 2013 à 19:41
alors déjà il faut que tu mette les rtapports ici ou sur cjoint comme tout à l'heure ensuite si le logiciel a disparu , tu recommences , et dsl c'est pas suppression c'est nettoyer !
marijon07
Messages postés
353
Date d'inscription
mercredi 23 février 2011
Statut
Membre
Dernière intervention
11 mai 2017
1
23 sept. 2013 à 19:42
23 sept. 2013 à 19:42
J ai ce rapport
via ks24846.kimsufi.com
via ks24846.kimsufi.com
buckhulk
Messages postés
13690
Date d'inscription
dimanche 21 septembre 2008
Statut
Contributeur
Dernière intervention
14 novembre 2020
1 756
23 sept. 2013 à 19:43
23 sept. 2013 à 19:43
c'est quoi ça ?
buckhulk
Messages postés
13690
Date d'inscription
dimanche 21 septembre 2008
Statut
Contributeur
Dernière intervention
14 novembre 2020
1 756
23 sept. 2013 à 19:44
23 sept. 2013 à 19:44
j'ai vu , mais là je peux pas l'examiner le rapport , c'est pour ça qu'il vaut mieux les héberger sur cjoint !
buckhulk
Messages postés
13690
Date d'inscription
dimanche 21 septembre 2008
Statut
Contributeur
Dernière intervention
14 novembre 2020
1 756
24 sept. 2013 à 09:21
24 sept. 2013 à 09:21
bizarre ! passe JRT pour voir !
Téléchargement : JRT
1 - Enregistre-le sur ton bureau.
2 - Fermes toutes les applications en cours.
3 - Fais un clic droit => Exécuter en tant qu'administrateur
4 - Une fois le logiciel ouvert, appuis sur la touche Entrée.
5 - Patientes le temps que l'outil travaille (cela peut être assez long)
6 - le bureau va disparaître quelques instants, c'est tout à fait normal.
À la fin de l'analyse, un rapport nommé JRT.txt va s'ouvrir
Il va falloir que tu patientes ne touche à rien même si tu as l'impression que cela n'avance pas !
Poste le rapport
JRT
Téléchargement : JRT
1 - Enregistre-le sur ton bureau.
2 - Fermes toutes les applications en cours.
3 - Fais un clic droit => Exécuter en tant qu'administrateur
4 - Une fois le logiciel ouvert, appuis sur la touche Entrée.
5 - Patientes le temps que l'outil travaille (cela peut être assez long)
6 - le bureau va disparaître quelques instants, c'est tout à fait normal.
À la fin de l'analyse, un rapport nommé JRT.txt va s'ouvrir
Il va falloir que tu patientes ne touche à rien même si tu as l'impression que cela n'avance pas !
Poste le rapport
ne t'inquiète pas si tu as l'impression qu'il ne "travaille" pas !!
patiente !
marijon07
Messages postés
353
Date d'inscription
mercredi 23 février 2011
Statut
Membre
Dernière intervention
11 mai 2017
1
24 sept. 2013 à 14:54
24 sept. 2013 à 14:54
Bonjour , je passe directement sur le scan , il m'indique que j'ai 615 erreurs
il me propose d'acheter pour corriger
merci
il me propose d'acheter pour corriger
merci
buckhulk
Messages postés
13690
Date d'inscription
dimanche 21 septembre 2008
Statut
Contributeur
Dernière intervention
14 novembre 2020
1 756
24 sept. 2013 à 15:21
24 sept. 2013 à 15:21
je comprend pas sur JRT ? c'est gratuit !
tu clique sur télécharger et tu attends , il télécharge direct !
tu clique sur télécharger et tu attends , il télécharge direct !
marijon07
Messages postés
353
Date d'inscription
mercredi 23 février 2011
Statut
Membre
Dernière intervention
11 mai 2017
1
24 sept. 2013 à 19:27
24 sept. 2013 à 19:27
Oui je suis d'accord mais toujours ce probleme 403 qui me bloque.
buckhulk
Messages postés
13690
Date d'inscription
dimanche 21 septembre 2008
Statut
Contributeur
Dernière intervention
14 novembre 2020
1 756
24 sept. 2013 à 20:54
24 sept. 2013 à 20:54
désactive ton anti virus ! et passe Roguekiller :
RogueKiller est un outil (créé par Tigzy) permettant de tuer les processus appartenant à des rogues de manière automatique. Dans la mesure où certaines infections empêchent l'exécution des scans antivirus/antimalware habituels, cet outil est un outil préliminaire à un processus complet de désinfection.
Téléchargement :Roguekiller officiel
Attention, afin d'éviter tout désagrément dû aux anciennes versions de Roguekiller, il est fortement recommandé d'utiliser le lien de téléchargement officiel de Roguekiller
bien choisir sa version :
1/ Quitter tous les programmes en cours.
2/ Sous Vista/Seven, clique droit => Éxécuter en tant qu'administrateur
3/ Sinon lancer simplement RogueKiller.exe
Si Roguekiller ne se lance pas, il ne faut pas hésiter à le renommer en Winlogon.
4/ Cliquer sur Scan .
5/ Attendre la fin du scan. A ce stade aucune modification n'a été apportée au système
à la demande relancer Roguekiller et
6/ Cliquer sur le bouton Suppression.
A l'inverse du bouton Scan, ce bouton supprime les infections de type rogue et modifie donc le système.
Le rapport a été généré sur le bureau.
7/ Poster le rapport :(CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller)
Important : Pour quitter l'outil
Il faut passer par le bouton Fichier -> Quitter.
Ce mode est le moyen de fermer l'outil correctement. En effet, si l'on ferme RogueKiller sans avoir utilisé ce mode, le driver créé par l'outil ne sera pas supprimé.
Important : Toute sorte de manipulation avec un logiciel de désinfection peut planter le PC.
Si vous utilisez seul un logiciel, c'est à vos risques et périls
tutoriel officiel
ICI
Roguekiller
RogueKiller est un outil (créé par Tigzy) permettant de tuer les processus appartenant à des rogues de manière automatique. Dans la mesure où certaines infections empêchent l'exécution des scans antivirus/antimalware habituels, cet outil est un outil préliminaire à un processus complet de désinfection.
Téléchargement :Roguekiller officiel
Attention, afin d'éviter tout désagrément dû aux anciennes versions de Roguekiller, il est fortement recommandé d'utiliser le lien de téléchargement officiel de Roguekiller
bien choisir sa version :
1/ Quitter tous les programmes en cours.
2/ Sous Vista/Seven, clique droit => Éxécuter en tant qu'administrateur
3/ Sinon lancer simplement RogueKiller.exe
Si Roguekiller ne se lance pas, il ne faut pas hésiter à le renommer en Winlogon.
4/ Cliquer sur Scan .
5/ Attendre la fin du scan. A ce stade aucune modification n'a été apportée au système
à la demande relancer Roguekiller et
6/ Cliquer sur le bouton Suppression.
A l'inverse du bouton Scan, ce bouton supprime les infections de type rogue et modifie donc le système.
Le rapport a été généré sur le bureau.
7/ Poster le rapport :(CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller)
Important : Pour quitter l'outil
Il faut passer par le bouton Fichier -> Quitter.
Ce mode est le moyen de fermer l'outil correctement. En effet, si l'on ferme RogueKiller sans avoir utilisé ce mode, le driver créé par l'outil ne sera pas supprimé.
Important : Toute sorte de manipulation avec un logiciel de désinfection peut planter le PC.
Si vous utilisez seul un logiciel, c'est à vos risques et périls
tutoriel officiel
ICI
buckhulk
Messages postés
13690
Date d'inscription
dimanche 21 septembre 2008
Statut
Contributeur
Dernière intervention
14 novembre 2020
1 756
11 févr. 2014 à 22:52
11 févr. 2014 à 22:52
il faut que tu ouvres ton topic et que tu t'inscrives...
mais tu peux essayer ça :
essaye plusieurs choses
tu renommes Roguekiller et tu le retelecharges
tu peux aussi passer Rkill juste avant de télécharger Roguekiller et après JRT !
sinon essaye de passer cet antivirus en ligne :
ESET
tu peux essayer aussi en mode sans echec !
mais tu peux essayer ça :
essaye plusieurs choses
tu renommes Roguekiller et tu le retelecharges
tu peux aussi passer Rkill juste avant de télécharger Roguekiller et après JRT !
sinon essaye de passer cet antivirus en ligne :
ESET
tu peux essayer aussi en mode sans echec !