Sujet Précédent Sujet Suivant

PC très lent au demarrage (scan ZHP dispo)

Fermé
soulins Messages postés 2 Date d'inscription mardi 4 février 2014 Statut Membre Dernière intervention 4 février 2014 - 4 févr. 2014 à 19:59
lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 18 septembre 2023 - 5 févr. 2014 à 15:50
Bonjour,





Bonjour à tous!
j'ai un soucis et j'espère que vous allez pouvoir y répondre, mon ordi portable à un peu plus de 2 ans et depuis environ 6 mois il est vraiment lent à démarrer.
C'est un pc qui a été utilisé par pas mal de gens différents, donc évidemment, j'ai fait le classique accessible ccleaner, liste de démarrage, defrag etc mais rien d'évident n'apparait je soupçonne un logiciel malveillant voir même diabolique de faire ramer le pc au démarrage et tout à l'heure je suis tombé sur un topic traitant d'un sujet ressemblant où l'on conseillait de faire un scan avec zhpdiag sauf que je ne comprend rien au résultat du scan ... si quelqu'un pouvait avoir l'amabilité de décoder ce ... truc, et de voir si la clé du mystère s'y cache, ce serait vraiment très sympa .

voici le rapport, merci d'avance!!

~ Rapport de ZHPDiag v2014.1.25.26 - Nicolas Coolman (25/01/2014)
~ Lancé par lu&lu (04/02/2014 19:09:49)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Forums gratuits d'Assistance à la désinfection : https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16476 (Defaut)
MFIE: Mozilla Firefox 26.0

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK

---\\ Logiciels de protection du système
Avira Free Antivirus v14.0.2.286
COMODO Internet Security v5.9.25057.2197
Spybot - Search & Destroy v1.6.2
Windows Defender W7

---\\ Logiciels d'optimisation du système
CCleaner v3.22 =>Piriform Ltd

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader XI
Java 7 Update 7

---\\ Informations sur le système
~ Processor: AMD64 Family 18 Model 1 Stepping 0, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 5609 MB (68% free)
System Restore: Activé (Enable)
System drive C: has 496 GB (86%) free of 576 GB

---\\ Mode de connexion au système
~ Computer Name: LULU-HP
~ User Name: lu&lu
~ All Users Names: Mcx1-LULU-HP, lu&lu, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\lu&lu\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\lu&lu\AppData\Roaming\
~ %Desktop% : C:\Users\lu&lu\Desktop\
~ %Favorites% : C:\Users\lu&lu\Favorites\
~ %LocalAppData% : C:\Users\lu&lu\AppData\Local\
~ %StartMenu% : C:\Users\lu&lu\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 496 Go of 576 Go)
D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 16 Go)
E: Hard drive, Flash drive, Thumb drive (Free 1 Go of 4 Go)
F: CD-ROM drive (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Free 0 Go of 2 Go)
Q: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 44 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.24/07/2011 - 17:51:25.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.9B6678DB9C6A232C5A84D2FDFFF8B0E1] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.26/11/2013 - 08:07:57.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.21/11/2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 09:56:43.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/734
~ Mes musiques (My Musics) : 1/21
~ Mes Videos (My Videos) : 1/55
~ Mes Favoris (My Favorites) : 1/63
~ Mes Documents (My Documents) : 1/556
~ Menu demarrer (Programs) : 1/26
~ Hidden Files: Scanned in 00mn 02s



---\\ Processus lancés
[MD5.B7F55E2AE978D3D34F7876EE5D689AAE] - (.CyberLink - YouCam Mirage.) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488] [PID.3932]
[MD5.53966C74A69B0CFE51C8BF01C94028F3] - (.Hewlett-Packard Company - HP QuickWeb Utilities.) -- C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [168504] [PID.3292]
[MD5.DD231039B13EC2ABDE315D76E658EF0E] - (.Avira Operations GmbH & Co. KG - Antivirus System Tray Tool (Desktop).) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600] [PID.3976]
[MD5.8192B2E274607D1D530F5C191698C544] - (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944] [PID.1740]
[MD5.8A3B69683E63808719D24E1C68C21CC7] - (.Hewlett-Packard Development Company, L.P. - HP On Screen Display.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960] [PID.1692]
[MD5.CC02FE4520CA886508069245D9A6962F] - (.Microsoft Corporation - Internet Low-Mic Utility Tool.) -- C:\Program Files (x86)\Internet Explorer\IELowutil.exe [222720] [PID.4676]
[MD5.C8A8321292A459B0A17FB39A782A5C74] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe [806096] [PID.3812]
[MD5.CA25CAEEBDBE25D85565877219F684F8] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8339968] [PID.7012]
~ Processes Running: Scanned in 00mn 06s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\lu&lu\AppData\Roaming\Mozilla\Firefox\Profiles\1lwp7hri.default\prefs.js
M3 - MFPP: Plugins - [lu&lu] -- C:\Users\lu&lu\AppData\Roaming\Mozilla\Firefox\Profiles\1lwp7hri.default\searchplugins\askcom.xml
M2 - MFEP: prefs.js [lu&lu - 1lwp7hri.default\toolbar@ask.com] [] v (..)
M2 - MFEP: prefs.js [lu&lu - 1lwp7hri.default\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}] [] uTorrentBar_FR v10.23.0.822 (..) =>P2P.µTorrent
~ Firefox Browser: 7 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 06s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AMD SteadyVideo BHO [64Bits] - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} Clé orpheline
~ BHO: 9 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{D4027C7F-154A-4066-A1AD-4243D8127440} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch [lu&lu]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [lu&lu]: HP Recommended.LNK . (...) -- C:\Program Files (x86)\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe (.not file.)
O4 - GS\TaskBar [lu&lu]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [lu&lu]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [lu&lu]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Global Startup: 54 Legitimates Filtered in 00mn 02s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [SetDefault] . (.Hewlett-Packard Development Company, L.P. - SetDefault.) -- C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe
O4 - HKLM\..\Run: [COMODO Internet Security] . (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
O4 - HKLM\..\RunOnce: [NCPluginUpdater] . (.Hewlett-Packard - NCPluginUpdater.) -- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\System32\StikyNot.exe =>.Microsoft Corporation
O4 - HKLM\..\Wow6432Node\Run: [HPQuickWebProxy] . (.Hewlett-Packard Company - HP QuickWeb Utilities.) -- C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Antivirus System Tray Tool (Desktop).) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Quick Launch] . (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Wow6432Node\Run: [HPOSD] . (.Hewlett-Packard Development Company, L.P. - HP On Screen Display.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-651014161-304115768-3313067522-1001\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\System32\StikyNot.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 [64Bits] - {25510184-5A38-4A99-B273-DCA8EEF6CD08} . (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\Resources\Icons\HP.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{66F0F7E2-CE65-4FC0-ACE0-8700CC275FCA}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{2CD67C75-00B3-47C0-B237-8CA06EC4D35E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{379FEE13-8AF3-4938-A366-70743A9C6DC2}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{66F0F7E2-CE65-4FC0-ACE0-8700CC275FCA}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS1\Services\Tcpip\..\{2CD67C75-00B3-47C0-B237-8CA06EC4D35E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{379FEE13-8AF3-4938-A366-70743A9C6DC2}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS2\Services\Tcpip\..\{66F0F7E2-CE65-4FC0-ACE0-8700CC275FCA}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS2\Services\Tcpip\..\{2CD67C75-00B3-47C0-B237-8CA06EC4D35E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{379FEE13-8AF3-4938-A366-70743A9C6DC2}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: video/x-flv [64Bits] - {20C75730-7C25-476B-95DC-C65810F9E489} . (.Advanced Micro Devices - MIME Video Detector for IE.) -- C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - C:\Windows\system32\guard64.dll (.not file.)
~ AppInit DLL: Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [Scheduled Update for Ask Toolbar] (...) -- C:\Program Files (x86)\Ask.com\UpdateTask.exe (.not file.) [0] =>Toolbar.Ask
[MD5.00000000000000000000000000000000] [APT] [{C4F09F9C-2777-4E79-A8A3-716D1960552F}] (...) -- C:\Program Files (x86)\BoontyGames\Bejeweled 3\unins000.exe (.not file.) [0]
~ Scheduled Task: 25 Legitimates Filtered in 00mn 10s



---\\ Logiciels installés (O42)
O42 - Logiciel: Ask Toolbar - (.Ask.com.) [HKLM][64Bits] -- {86D4B82A-ABED-442A-BE86-96357B70F4FE} =>Toolbar.Ask
O42 - Logiciel: WinISD beta - (...) [HKLM][64Bits] -- WinISD beta
~ Logic: 46 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\APN]
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\Safe Browser]
[HKCU\Software\WinISD]
[HKLM\Software\Wow6432Node\APN]
[HKLM\Software\Wow6432Node\AskToolbar]
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit
~ Key Software: 302 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 20/02/2012 - 21:34:32 - [0] ----D C:\Program Files (x86)\Conduit
O43 - CFD: 19/02/2012 - 15:56:21 - [2,499] ----D C:\Program Files (x86)\WinISD
O43 - CFD: 14/11/2011 - 12:51:52 - [0,001] ----D C:\Users\lu&lu\AppData\Roaming\newfolder3
O43 - CFD: 11/05/2013 - 10:47:06 - [1,049] ----D C:\Users\lu&lu\AppData\Local\AskToolbar
O43 - CFD: 19/02/2012 - 15:56:19 - [0] ----D C:\Users\lu&lu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinISD beta
~ 138 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 323 Legitimates Filtered in 00mn 38s



---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{ee320917-5d00-11e3-aaea-8abd1e404b70}\AutoRun\command. (...) -- G:\Startme.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\COMODO [Key] . (...) -- C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLA.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\CPA [Key] . (...) -- C:\Program Files\COMODO\COMODO GeekBuddy\VALA.exe (.not file.)
~ SMSR Keys: 13 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 20 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:[MD5.AA3C0336514C239A171F00A6902B59B8] - 17/12/2010 - 12:41:36 ---A- . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\Drivers\stwrt64.sys [520192]
~ Drivers: 20 Legitimates Filtered in 00mn 30s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: C:\Users\lu&lu\AppData\Roaming\Mozilla\Firefox\Profiles\1lwp7hri.default\searchplugins\askcom.xml
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639..clientLogIsEnabled", true);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639..clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639..uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.AboutPrivacyUrl", "http://www.conduit.com");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.BrowserCompStateIsOpen_130064413660070508", true);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.BrowserCompStateIsOpen_1359634298000", true);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.CT2851639.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"http://search.conduit.com/?ctid=CT2851639[...]
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.CTID", "CT2851639");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.ConfigurationLastCheckTime", "Mon Nov 11 2013 02:10:41 GMT+0100");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.CurrentServerDate", "11-11-2013");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.DSInstall", false);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.DialogsAlignMode", "LTR");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.DialogsGetterLastCheckTime", "Thu Nov 07 2013 07:40:30 GMT+0100");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.DownloadReferralCookieData", "");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.EMailNotifierPollDate", "Sat Jun 16 2012 10:55:24 GMT+0200");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.EnableSearchSuggest", false);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.FeedLastCount2548968607390276962", 474);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.FeedPollDate2429156812186649977", "Sat Jun 16 2012 10:55:25 GMT+0200");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.FeedPollDate2429156813040823546", "Sat Jun 16 2012 10:55:25 GMT+0200");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.FeedPollDate2429156813130095866", "Sat Jun 16 2012 10:55:24 GMT+0200");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.FeedPollDate2429156813224203613", "Sat Jun 16 2012 10:55:25 GMT+0200");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.FeedPollDate2429156813230837251", "Sat Jun 16 2012 10:55:25 GMT+0200");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.FeedPollDate2429156813454291735", "Sat Jun 16 2012 10:55:25 GMT+0200");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.FeedPollDate2429156813729834876", "Sat Jun 16 2012 10:55:25 GMT+0200");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.FeedPollDate2429156813860870021", "Sat Jun 16 2012 10:55:25 GMT+0200");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.FeedPollDate2429156814264681793", "Sat Jun 16 2012 10:55:25 GMT+0200");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.FeedPollDate2429156814863075366", "Sat Jun 16 2012 10:55:25 GMT+0200");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.FeedPollDate2429156815257761081", "Sat Jun 16 2012 10:55:25 GMT+0200");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.FeedTTL2429156813040823546", 15);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.FeedTTL2429156813130095866", 10);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.FeedTTL2429156813454291735", 5);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.FeedTTL2429156814264681793", 5);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.FirstServerDate", "6-6-2012");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.FirstTime", true);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.FirstTimeFF3", true);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.FixPageNotFoundErrors", true);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.GroupingServerCheckInterval", 1440);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.GroupingServiceUrl", "http://grouping.services.conduit.com/");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.HPInstall", false);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.HasUserGlobalKeys", true);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.HomePageProtectorEnabled", false);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.HomepageBeforeUnload", "chrome://branding/locale/browserconfig.properties");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.Initialize", true);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.InitializeCommonPrefs", true);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.InstallationAndCookieDataSentCount", 3);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.InstallationId", "ConduitXPEIntegration");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.InstallationType", "ConduitXPEIntegration");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.InstalledDate", "Wed Jun 06 2012 19:23:22 GMT+0200");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.IsAlertDBUpdated", true);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.IsGrouping", false);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.IsInitSetupIni", true);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.IsMulticommunity", false);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.IsOpenThankYouPage", true);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.IsOpenUninstallPage", false);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.LanguagePackLastCheckTime", "Mon Nov 11 2013 02:10:42 GMT+0100");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.LanguagePackReloadIntervalMM", 1440);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.LastLogin_3.13.0.6", "Sun Aug 19 2012 22:24:07 GMT+0200");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.LastLogin_3.14.1.0", "Wed Aug 29 2012 22:39:08 GMT+0200");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.LastLogin_3.15.1.0", "Thu Dec 27 2012 01:41:14 GMT+0100");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.LastLogin_3.16.0.3", "Sun Jan 13 2013 03:57:44 GMT+0100");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.LastLogin_3.18.0.7", "Thu Jul 18 2013 15:12:51 GMT+0200");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.LastLogin_3.19.0.3", "Fri Sep 06 2013 10:46:31 GMT+0200");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.LastLogin_3.20.0.4", "Mon Nov 11 2013 11:32:59 GMT+0100");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.LastLogin_3.9.0.3", "Wed Jun 06 2012 19:23:24 GMT+0200");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.LatestVersion", "3.20.0.4");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.Locale", "fr");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.MCDetectTooltipHeight", "83");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.MCDetectTooltipShow", false);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.MCDetectTooltipUrl", "http://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.MCDetectTooltipWidth", "295");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.MyStuffEnabledAtInstallation", true);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.OriginalFirstVersion", "3.9.0.3");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.SearchAPILastCheckTime", "Mon Nov 11 2013 02:10:41 GMT+0100");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.SearchCaption", "uTorrentBar_FR Customized Web Search"); =>P2P.µTorrent
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.SearchEngineBeforeUnload", "chrome://browser-region/locale/region.properties");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.SearchFromAddressBarIsInit", true);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2851639&SearchSource=2&q=");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.SearchInNewTabEnabled", true);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.SearchInNewTabIntervalMM", 1440);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.SearchInNewTabLastCheckTime", "Fri Sep 06 2013 10:46:19 GMT+0200");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID"); =>Toolbar.Conduit
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.SearchInNewTabURLFromSearchAPI", "http://search.conduit.com/?ctid=CT2851639&octid=CT2851639&SearchSource=15&C[...]
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.SearchProtectorEnabled", false); =>Toolbar.Conduit
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.SearchProtectorToolbarDisabled", false); =>Toolbar.Conduit
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.SendProtectorDataViaLogin", true);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.ServiceMapLastCheckTime", "Mon Nov 11 2013 02:10:41 GMT+0100");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.SettingsLastCheckTime", "Mon Nov 11 2013 11:32:52 GMT+0100");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.SettingsLastUpdate", "1384160275");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.TBHomePageUrl", "http://search.conduit.com/?ctid=CT2851639&SearchSource=13");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.ThirdPartyComponentsInterval", 504);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.ThirdPartyComponentsLastCheck", "Wed Jun 06 2012 19:23:21 GMT+0200");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.ThirdPartyComponentsLastUpdate", "1331805999");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.ToolbarShrinkedFromSetup", false);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolb[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.UserID", "UN28169574936859547");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.ValidationData_Toolbar", 1);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.WeatherNetwork", "");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.WeatherPollDate", "Sat Jun 16 2012 10:55:25 GMT+0200");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.WeatherUnit", "C");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.addressBarTakeOverEnabledInHidden", "true");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.alertChannelId", "1243674");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.approveUntrustedApps", false);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.backendstorage.cbcountry_000", "4652");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.backendstorage.cbcountry_001", "4652");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.backendstorage.cbfirsttime", "576564204A756E20303620323031322031393A32333A323520474D542B30323030");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.backendstorage.facebook_mode", "32");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.backendstorage.facebook_user_locale", "6672");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.backendstorage.url_history0001", "687474703A2F2F74762E7366722E66722F74762D612D6C612D64656D616E64653A3A3A636C6[...]
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.cbcountry_000.from_oldbar.enc", "RlI=");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.cbcountry_001.from_oldbar.enc", "RlI=");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.cbfirsttime.from_oldbar.enc", "V2VkIEp1biAwNiAyMDEyIDE5OjIzOjI1IEdNVCswMjAw");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.components.1000034", false);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.components.1000234", false);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.components.129351529701212556", false);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.components.129351529703087570", false);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.components.129351529703087571", false);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.components.129422840102831305", false);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.components.129544678881551249", false);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.components.129791404828153723", false);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.components.2548968607390276962", false);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.countryCode", "FR");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.facebook_mode.from_oldbar.enc", "Mg==");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.facebook_user_locale.from_oldbar.enc", "ZnI=");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.firstTimeDialogOpened", true);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.fixPageNotFoundErrorByUser", "TRUE");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.fixPageNotFoundErrorInHidden", "true");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.fullUserID", "UN28169574936859547.UP.2161");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;se[...]
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.globalFirstTimeInfoLastCheckTime", "Wed Jun 06 2012 19:23:22 GMT+0200");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.homepageProtectorEnableByLogin", true);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.initDone", true);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.installId", "ConduitXPEIntegration");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.installType", "ConduitXPEIntegration");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.isAppTrackingManagerOn", true);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.isCheckedStartAsHidden", true);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":true}");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.isFirstTimeToolbarLoading", "false");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.isPerformedSmartBarTransition", "true"); =>Hijacker.SmartBar
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.keyword", true);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"http://search.conduit.com/?ctid=CT2851639&octid=CT2[...]
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.lastVersion", "10.23.0.822");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.myStuffEnabled", true);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.myStuffPublihserMinWidth", 400);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&oct[...]
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.myStuffServiceIntervalMM", 1440);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"https%3A%2F%2Fwww.net426.caisse-epa[...]
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.originalHomepage", "chrome://branding/locale/browserconfig.properties");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.originalSearchAddressUrl", "");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.originalSearchEngine", "chrome://browser-region/locale/region.properties");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.revertSettingsEnabled", true);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.searchFromAddressBarEnabledByUser", "true");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.searchInNewTabEnabledByUser", "true");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.searchInNewTabEnabledInHidden", "true");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.searchProtectorDialogDelayInSec", 10); =>Toolbar.Conduit
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.searchProtectorEnableByLogin", true); =>Toolbar.Conduit
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.searchSuggestEnabledByUser", "true");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2851639\"}");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"http://uTorrent[...] =>P2P.µTorrent
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"uTorrentBar_FR [...] =>P2P.µTorrent
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.serviceLayer_services_Configuration_lastUpdate", "1391504600214");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.serviceLayer_services_login_10.20.101.5_lastUpdate", "1386372891836");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.serviceLayer_services_login_10.22.3.518_lastUpdate", "1387717421366");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.serviceLayer_services_login_10.23.0.822_lastUpdate", "1391526091492");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.serviceLayer_services_searchAPI_lastUpdate", "1391504599860");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.serviceLayer_services_serviceMap_lastUpdate", "1391504599654");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.serviceLayer_services_toolbarSettings_lastUpdate", "1391535253645");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.serviceLayer_services_translation_lastUpdate", "1391504599762");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.settingsINI", true);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.showToolbarPermission", "false");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.smartbar.CTID", "CT2851639"); =>Hijacker.SmartBar
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.smartbar.Uninstall", "0"); =>Hijacker.SmartBar
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.smartbar.toolbarName", "uTorrentBar_FR "); =>Hijacker.SmartBar
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.testingCtid", "");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.toolbarAppMetaDataLastCheckTime", "Mon Nov 11 2013 02:10:41 GMT+0100");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.toolbarBornServerTime", "6-6-2012");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.toolbarContextMenuLastCheckTime", "Wed Jun 06 2012 19:23:24 GMT+0200");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.toolbarCurrentServerTime", "4-2-2014");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.toolbarLoginClientTime", "Mon Nov 11 2013 18:56:32 GMT+0100");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.upgradeFromOBVersion", true);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.url_history0001.from_oldbar.enc", "aHR0cDovL3R2LnNmci5mci90di1hLWxhLWRlbWFuZGU6OjpjbGlja2hhbmRsZXI6OjoxMzM5ND[...]
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639.usagesFlag", 2);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CT2851639_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1391535249230,\"isWithState\"[...]
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CommunityToolbar.ETag.http://settings.toolbar.search.conduit.com/root/CT2851639/CT2851639", "\"0814eced0f57718ea0d24cc9[...]
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CommunityToolbar.ETag.http://alerts.conduit-services.com/root/1243674/1239347/FR", "\"0\""); =>Toolbar.Conduit
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CommunityToolbar.ETag.http://appsmetadata.toolbar.conduit-services.com/?ctid=CT2851639", "\"1361967766\""); =>Toolbar.Conduit
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=fr", "y/LORlR12DbewW+JdTT[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=fr", "Jhg1cqt6SMZ2zk/Sj9md[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=fr", "Piuk0Y+XrAdQh3bNgUm[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=fr", "VobDslsbJdJvb4C6TOif7w[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"8076e3ce381dcd1:0\""); =>Toolbar.Conduit
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13.0.6", "\"0e0a4327275cd1:0\"")[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14.1.0", "\"0e0a4327275cd1:0\"")[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15.1.0", "\"0343677cfb1cd1:0\"")[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16.0.3", "\"0343677cfb1cd1:0\"")[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18.0.7", "\"0343677cfb1cd1:0\"")[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.19.0.3", "\"2a1a0d7b586ce1:0\"")[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.20.0.4", "\"dfe74040abc2ce1:0\""[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.0.3", "\"4ead38b3e6bcd1:0\""); =>Toolbar.Conduit
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CommunityToolbar.ETag.http://servicemap.conduit-services.com/Toolbar/?ownerId=CT2851639", "\"52c3f1538cb4af4ada257fcbc6[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CommunityToolbar.ETag.http://translation.toolbar.conduit-services.com/?locale=fr", "\"6fc9ef41c3231ec925076c942468a37c\[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\lu&lu\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\1lwp7hri.def[...]
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.13.0.6");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CommunityToolbar.MiniIPageGadgetSize.http://facebook.conduitapps.com/v3.13/gadget.html", "409x469");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CommunityToolbar.ToolbarsList", "CT2851639");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CommunityToolbar.ToolbarsList2", "CT2851639");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CommunityToolbar.ToolbarsList4", "CT2851639");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CommunityToolbar.globalUserId", "aab72cf3-13ae-42a8-bce3-64d8f573a9be");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2851639");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Thu Jun 14 2012 20:07:02 GMT+0200");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Fri Jun 15 2012 20:07:10 GMT+0200");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CommunityToolbar.notifications.clientsServerUrl", "http://alert.client.conduit.com");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CommunityToolbar.notifications.locale", "en");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Fri Jun 15 2012 20:07:02 GMT+0200");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CommunityToolbar.notifications.servicesServerUrl", "http://alert.services.conduit.com");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CommunityToolbar.notifications.showTrayIcon", false);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CommunityToolbar.notifications.userId", "5be91cb7-e931-487a-a061-dbc5911c0a16");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CommunityToolbar.originalHomepage", "chrome://branding/locale/browserconfig.properties");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties");
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("extensions.asktb.ff-original-keyword-url", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2851639&SearchSource=2&q="[...]
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("keyword.URL", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2851639&SearchSource=2&CUI=UN28169574936859547&UM=&q=&q
A voir également:

4 réponses

Réponse 1 / 4
Utilisateur anonyme
Modifié par rossi46du77 le 4/02/2014 à 20:09
Lu

il aurait fallu l'héberger sur Cjoint par exemple
car il est trop long et donc ton rapport n'est pas en entier

mais avec le peu aperçu trop de protection tue la protection

Logiciels de protection du système
Avira Free Antivirus v14.0.2.286
COMODO Internet Security v5.9.25057.2197
Spybot - Search & Destroy v1.6.2
Windows Defender W7

spybot inutile
des adwares a gogo
un pc et logiciels pas tenu a jour


on va te diriger au bon endroit pour qu'un helper sécu te prenne en charge


Un ascenseur bondé sentira toujours différemment pour un nain
0
soulins
4 févr. 2014 à 20:17
merci pour la réponse et la redirection, désolé pour le post de trois pieds de long ^^
0
Réponse 2 / 4
soulins Messages postés 2 Date d'inscription mardi 4 février 2014 Statut Membre Dernière intervention 4 février 2014
4 févr. 2014 à 20:09
la suite:

tid=CT2851639&SearchSource=2&CUI=UN28169574936859547&UM=&q=")[...]
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("plugin.state.npconduitfirefoxplugin", 2);
O69 - SBI: prefs.js [lu&lu - 1lwp7hri.default] user_pref("smartbar.conduitSearchAddressUrlList", "https://www.bing.com/search?q=%2Chttp&pc=cosp&ptag=G6C999AA2FAC5420A&form=CONADR&conlogo=CT3210127[...] =>Hijacker.SmartBar
O69 - SBI: SearchScopes [HKCU] {039ACC03-903E-4737-A3EC-90FA641C96E5} - (Propositions de recherche Amazon.fr) - https://www.amazon.fr/
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {2fa28606-de77-4029-af96-b231e3b8f827} - (Ask.com) - https://uk.ask.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {b7fca997-d0fb-4fe0-8afd-255e89cf9671} - (Yahoo! Search) - https://fr.search.yahoo.com/
O69 - SBI: SearchScopes [HKCU] {d43b3890-80c7-4010-a95d-1e77b5924dc3} - (Wikipedia) - https://fr.wikipedia.org/wiki/Wikip%C3%A9dia:Accueil_principal
O69 - SBI: SearchScopes [HKCU] {D944BB61-2E34-4DBF-A683-47E505C587DC} - (eBay) - http://rover.ebay.com =>Toolbar.eBay
O69 - SBI: SearchScopes [HKCU] {DAA24306-1C32-467D-ADBC-FF35AFF40C02} - (Ask Search) - http://www.search.ask.com/?o=10148&l=dis =>Toolbar.Ask
~ Keys: Scanned in 00mn 00s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "A28B4D68DEBAA244EB686953B7074FEF" . (.Avira SearchFree Toolbar plus Web Protection.) -- c:\program files (x86)\ask.com\cb_e7b0.ico =>Toolbar.Avira
~ Update Products: 129 Legitimates Filtered in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 11/12/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SS - | Auto 29/10/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 29/10/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 25/12/2013 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 13/07/2012 160944 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 11/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 06/07/2011 204288 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 05/07/2011 365568 | (AMD FUEL Service) . (.Advanced Micro Devices, Inc..) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
SR - | Auto 19/12/2013 440376 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
SR - | Auto 29/11/2013 440376 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 08/11/2012 2828408 | (cmdAgent) . (.COMODO.) - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
SR - | Auto 10/07/1658 0 | (ezSharedSvc) . (.EasyBits Software AS.) - C:\Windows\System32\ezSharedSvcHost.exe =>.EasyBits Software AS
SR - | Auto 27/09/2012 86528 | (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe =>.Hewlett-Packard Co
SR - | Auto 11/10/2010 346168 | (HPClientSvc) . (.Hewlett-Packard Company.) - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
SR - | Auto 06/09/2012 197536 | (HPDrvMntSvc.exe) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
SR - | Demand 06/09/2012 1001376 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
SR - | Auto 05/03/2012 35200 | (HPWMISVC) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
SR - | Auto 24/05/2013 2413056 | (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
SR - | Auto 26/01/2009 1153368 | (SBSDWSCService) . (.Safer Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
SR - | Auto 17/12/2010 276992 | (STacSV) . (.IDT, Inc..) - C:\Program Files\IDT\WDM\STacSV64.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services: Scanned in 00mn 26s



---\\ Scan Additionnel (O88)
Database Version : 13030 - (25/01/2014)
Clés trouvées (Keys found) : 67
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 7
Fichiers trouvés (Files found) : 2

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}] =>Toolbar.Ask^
[HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] =>Toolbar.Ask
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}] =>PUP.Babylon
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}] =>Toolbar.Ask
[HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}] =>Toolbar.Ask
[HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}] =>Toolbar.Ask
[HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Toolbar.Ask
[HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS] =>Toolbar.Bing
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\paoponfhfdfnjgddpnpjkambkcgdaaib] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED] =>Toolbar.Ask
[HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9] =>Adware.MyWebSearch
[HKCU\Software\APN] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\APN] =>Toolbar.Ask
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater] =>Toolbar.Ask
[HKCU\Software\AppDataLow\Software\AskToolbar] =>Toolbar.AskTBar
[HKLM\Software\Wow6432Node\AskToolbar] =>Toolbar.AskTBar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}] =>Adware.SimilarSites
[HKLM\Software\Classes\Prod.cap] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Classes\Interface\{061F450C-37B9-4330-9235-0F25D9F75B33}] =>Toolbar.Ask
[HKLM\Software\Classes\AppID\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Classes\AppID\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40}] =>Toolbar.Ask
[HKLM\Software\Classes\AppID\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Classes\AppID\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F994E0D9-8335-48F1-99C2-A712C21F8D5F}] =>Toolbar.Ask
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}] =>Toolbar.Yahoo
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}] =>Toolbar.Yahoo
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}] =>Toolbar.Yahoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\apnstub_RASAPI32] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Tracing\apnstub_RASMANCS] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Tracing\askpartnercobrandingtool_rasapi32] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Tracing\askpartnercobrandingtool_rasmancs] =>Toolbar.Ask
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Toolbar.Avira
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Toolbar.Avira
C:\Users\lu&lu\AppData\Roaming\Mozilla\Firefox\Profiles\1lwp7hri.default\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} =>P2P.µTorrent^
C:\Program Files (x86)\Conduit =>Toolbar.Conduit
C:\Users\lu&lu\AppData\Local\AskToolbar =>Toolbar.AskTBar
C:\Users\lu&lu\AppData\LocalLow\AskToolbar =>Toolbar.AskTBar
C:\Users\lu&lu\AppData\LocalLow\Conduit =>Toolbar.Conduit
C:\Users\lu&lu\AppData\Roaming\Mozilla\Firefox\Profiles\1lwp7hri.default\Smartbar =>Hijacker.SmartBar
C:\Users\lu&lu\AppData\Roaming\Mozilla\Firefox\Profiles\1lwp7hri.default\Extensions\toolbar@ask.com =>Toolbar.AskTBar
[HKCU\Software\Conduit] =>Toolbar.Conduit^
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit^
~ Additionnel Scan: 250318 Items scanned in 00mn 26s



---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/26990375-hijacker-smartbar =>Hijacker.SmartBar
~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>PUP.Babylon
~ http://nicolascoolman.webs.com/apps/blog/show/27146838-adware-mywebsearch =>Adware.MyWebSearch
~ http://nicolascoolman.webs.com/apps/blog/show/29344956-adware-similarsites =>Adware.SimilarSites
~ MSI: 6 link(s) detected in 00mn 27s



~ 1307 Legitimates filtered by white list
End of the scan (721 lines in 04mn 25s)(0)
0
Réponse 3 / 4
soulins
4 févr. 2014 à 21:50
Bon après quelques petites recherches annexes, j'ai fait des scan/netoyage, avec malwarebytes et adcleaner, j'ai ensuite refait un passage avec zhpdiag et voici le resultat, bien plus court mais j'ai l'impression toujours pas terrible certain adwares ne s'enlèvent pas :

http://cjoint.com/?DBevW5w8YeV

merci d'avance pour les réponses à venir
0
Utilisateur anonyme
5 févr. 2014 à 15:29
ok je vais pour te trouver quelqu'un
je pourrai t'aider mais ce serait limité par rapport a un helper sécu
0
Réponse 4 / 4
lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 18 septembre 2023 3 805
5 févr. 2014 à 15:50
Tu as dû installer des logiciels potentiellement indésirables


Pour éviter ce genre de problème :

- Ne télécharge aucun programme proposé dans des publicités ou sur des sites suspects. A noter que certains sites connus comme O1net, Softronic, Tuto4PC, etc modifient parfois les programmes proposés au téléchargement pour y ajouter des logiciels publicitaires ==> Préfère toujours le téléchargement directement sur le site de l'éditeur.


- Au cours de l'installation d'un programme gratuit, lis bien attentivement et décoche tous les programmes additionnels qui sont proposés, en particulier les barres d'outils.

Pour ton information lis ces dossier sur les Programmes Potentiellement Indésirables et Les Barres d'Outils ce n'est pas obligatoires

* Télécharge cet outil simple d'utilisation

http://general-changelog-team.fr/fr/downloads/viewdownload/20-outils-de-xplode/2-adwcleaner (de Xplode) sur ton bureau.


* Si problème avec le 1er lien prends le ici https://www.commentcamarche.net/telecharger/securite/2759-adwcleaner/

* Lance le (Sous vista/seven/8 clic droit dessus,et sur exécuter en tant qu'administrateur)si tu es sous xp double cliques dessus

* Cliques sur scanner
* Poste le rapport de recherche C:\Adwcleaner[R]

* Note le rapport de recherche est également sauvegardé sous C:\Adwcleaner[R1]
0

Discussions similaires

scan comics
daraen -
dsyren -

1 réponse