Price peep
Fermé
joto26
Messages postés
6
Date d'inscription
lundi 9 septembre 2013
Statut
Membre
Dernière intervention
10 septembre 2013
-
9 sept. 2013 à 14:13
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 10 sept. 2013 à 15:17
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 10 sept. 2013 à 15:17
A voir également:
- Price peep
- Amazon best price europe - Guide
- Eurosaver-amazon product price comparison - Guide
- Telegram premium price - Guide
- Gta 6 price - Guide
- Atfly phone price - Guide
5 réponses
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 651
9 sept. 2013 à 14:16
9 sept. 2013 à 14:16
Salut,
Télécharge https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/?t=33839&start= AdwCleaner ( d'Xplode ) sur ton bureau.
Sur la page d'AdwCleaner, à droite, clic sur la disquette grise avec la flèche verte pour lancer le téléchargement.
Lance AdwCleaner, clique sur [Scanner] puis patiente (PAS besoin de copier/coller le rapport ici).
Quand cela est terminé, clic sur [Nettoyage].
!!! je répète faire [Nettoyage] !!!
Clic sur Rapport puis copie/colle le contenu du rapport dans ta prochaine réponse par un copier/coller.
Si cela ne fonctionne pas, utilise le site http://pjjoint.malekal.com pour héberger le rapport, donne le lien du rapport dans un nouveau message.
Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt
puis:
Sur Firefox : Menu Outils / Modules complémentaires
Onglet Extension.
Donne la liste.
Sur Google Chrome : Menu en haut à droite puis Outils / Extensions
Donne la liste.
Télécharge https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/?t=33839&start= AdwCleaner ( d'Xplode ) sur ton bureau.
Sur la page d'AdwCleaner, à droite, clic sur la disquette grise avec la flèche verte pour lancer le téléchargement.
Lance AdwCleaner, clique sur [Scanner] puis patiente (PAS besoin de copier/coller le rapport ici).
Quand cela est terminé, clic sur [Nettoyage].
!!! je répète faire [Nettoyage] !!!
Clic sur Rapport puis copie/colle le contenu du rapport dans ta prochaine réponse par un copier/coller.
Si cela ne fonctionne pas, utilise le site http://pjjoint.malekal.com pour héberger le rapport, donne le lien du rapport dans un nouveau message.
Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt
puis:
Sur Firefox : Menu Outils / Modules complémentaires
Onglet Extension.
Donne la liste.
Sur Google Chrome : Menu en haut à droite puis Outils / Extensions
Donne la liste.
joto26
Messages postés
6
Date d'inscription
lundi 9 septembre 2013
Statut
Membre
Dernière intervention
10 septembre 2013
10 sept. 2013 à 02:06
10 sept. 2013 à 02:06
~ Rapport de ZHPDiag v2013.9.9.18 - Nicolas Coolman (2013-09-09)
~ Lancé par jocelyne (2013-09-09 19:43:40)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16660
MFIE: Mozilla Firefox 15.0
GCIE: Google Chrome v29.0.1547.66 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium Edition, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, RETAIL channel
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
avast! Free Antivirus v8.0.1489.0
Windows Defender W7
---\\ Logiciels d'optimisation du système
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader X
Java 7 Update 25
---\\ Informations sur le système
~ Processor: x86 Family 6 Model 15 Stepping 2, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2038 MB (36% free)
System Restore: Activé (Enable)
System drive C: has 81 GB (43%) free of 185 GB
---\\ Mode de connexion au système
~ Computer Name: JOCELYNE-PC
~ User Name: jocelyne
~ All Users Names: jocelyne, Guest, Administrator,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppData% : C:\Users\jocelyne\AppData\Roaming\
~ %Desktop% : C:\Users\jocelyne\Desktop\
~ %Favorites% : C:\Users\jocelyne\Favorites\
~ %LocalAppData% : C:\Users\jocelyne\AppData\Local\
~ %StartMenu% : C:\Users\jocelyne\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C:\ Hard drive, Flash drive, Thumb drive (Free 81 Go of 185 Go)
D:\ CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
~ Security Center: 26 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.40D777B7A95E00593EB1568C68514493] - (.Microsoft Corporation - Windows Explorer.) (.2010-11-20 - 07:17:09.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Windows Start-Up Application.) (.2009-07-13 - 20:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.DAA3903F06116AE9EE7AC1D1B93684A4] - (.Microsoft Corporation - Internet Extensions for Win32.) (.2013-07-25 - 22:13:24.) -- C:\Windows\System32\wininet.dll [1767936]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Windows Logon Application.) (.2010-11-20 - 07:17:54.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Software Licensing Library.) (.2010-11-20 - 07:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.9EBBBA55060F786F0FCAA3893BFA2806] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.2011-04-24 - 21:18:03.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.2009-07-13 - 20:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.2009-07-13 - 18:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.2010-11-20 - 03:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.2010-11-20 - 03:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.2010-11-20 - 04:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - i8042 Port Driver.) (.2009-07-13 - 18:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.2009-07-13 - 18:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.2011-04-26 - 21:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.2010-11-20 - 03:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.5E43D2B0EE64123D4880DFA6626DEFDE] - (.Microsoft Corporation - NT File System Driver.) (.2013-04-12 - 08:45:29.) -- C:\Windows\system32\Drivers\ntfs.sys [1211752]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Parallel Port Driver.) (.2009-07-13 - 18:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.2009-07-13 - 18:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.2009-07-13 - 18:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.2010-11-20 - 03:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Volume Shadow Copy Driver.) (.2010-11-20 - 07:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 01s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/11723
~ Mes musiques (My Musics) : 15/1601
~ Mes Videos (My Videos) : 1/51
~ Mes Favoris (My Favorites) : 1/99
~ Mes Documents (My Documents) : 3/16983
~ Mon Bureau (My Desktop) : 1/4
~ Menu demarrer (Programs) : 1/27
~ Hidden Files: Scanned in 00mn 28s
---\\ Processus lancés au démarrage du système
[MD5.68239842340DDFF8993DFD9127553EDA] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [141848] [PID.3488]
[MD5.004763BDF8E48244DBB9FDFDE3065EBC] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [173592] [PID.3496]
[MD5.CD1102E5D340216138C7F56FA8D26998] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [150552] [PID.3504]
[MD5.D9C51528488EA0D98D3C4D02ABD16759] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [252952] [PID.3568]
[MD5.80638A0BD43E0E10BBA267C2F2590E04] - (.Nikon Corporation - Nikon Transfer Monitor.) -- C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe [485208] [PID.3600]
[MD5.A7810B302294793DE88542AAE177D1B1] - (.ArcSoft Inc. - ArcSoft Connect Daemon.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424] [PID.3620]
[MD5.F400694D7D2785F60133C20F7F2F4F7A] - (.ArcSoft Inc. - ArcSoft Connect Notifier.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac [309824] [PID.3724]
[MD5.A387D093B66727BF3EDF517E2F4D87C5] - (.Garmin - Garmin Lifetime Updater.) -- C:\Program Files\Garmin\Lifetime Updater\GarminLifetime.exe [1466760] [PID.3736]
[MD5.51E86C2B0530E37597B21C0564B3FA76] - (.Western Digital - WD Drive Auto Unlock.) -- C:\Program Files\Western Digital\WD Security\WDDriveAutoUnlock.exe [1688008] [PID.3796]
[MD5.64222197C3C5BA92D474A4992A25EFA7] - (.Western Digital Technologies, Inc. - WD Quick View.) -- C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe [5235128] [PID.3884]
[MD5.3F11B20D12D89365D7721BDC860CE5F0] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968] [PID.3900]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816] [PID.4084]
[MD5.CE42DFE915F78246364D464902E47360] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [152392] [PID.1536]
[MD5.F7E9D8DE72862C885465D7BB17AEE908] - (.Pelmorex Media Inc. - Pas de description.) -- C:\Users\jocelyne\AppData\Local\MétéoMédia\MétéoÉclair\WeatherEye.exe [309104] [PID.1024]
[MD5.D5543E09953C8A8B12801A3A7AFEE155] - (.Apple Inc. - iCloud.) -- C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [59720] [PID.868]
[MD5.CC37819A9C45FDF9E0577D71D8044319] - (.Apple Inc. - ApplePhotoStreams.exe.) -- C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720] [PID.376]
[MD5.61E4289E91E88C90478D7F4BEB10DCF7] - (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720] [PID.3024]
[MD5.2E0B0A051FFAA86E358465BB0880D453] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [53784] [PID.4388]
[MD5.7BA1862B8A5698DC5FCFDFF3BC359DE9] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [770648] [PID.5628]
[MD5.DF1BBA1168C0AD1D080A1F1B99576A76] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [829392] [PID.1208]
[MD5.A9BFA26F37B85EDA665CBC32B3B8561D] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [7921664] [PID.4444]
~ Processes Running: Scanned in 00mn 02s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\jocelyne\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] https://www.msn.com/en-ca?checklang=1
G0 - GCSP: Preference [User Data\Default] https://www.msn.com/en-ca?checklang=1
G2 - GCE: Preference [User Data\Default] [licjnkifamhpbaefhdpacpmihicfbomb] PricePeep v.2.2.0.3 (Activé) =>Adware.PricePeep
G2 - GCE: Preference [User Data\Default] [ogkdmggpdfpodahejeckklcncacambmo] Bungalow v.1 (Activé)
G2 - GCE: Preference [User Data\Default] [paoponfhfdfnjgddpnpjkambkcgdaaib] uTorrentBar_FR v.2.3.15.10 (Désactivé) =>P2P.µTorrent
~ Google Browser: 15 Legitimates Filtered in 00mn 33s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\jocelyne\AppData\Roaming\Mozilla\Firefox\Profiles\xzxv2wab.default\prefs.js
~ Firefox Browser: 22 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! WebRep - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Garmin Lifetime Updater.lnk . (.Garmin - Garmin Lifetime Updater.) -- C:\Program Files\Garmin\Lifetime Updater\GarminLifetime.exe
O4 - GS\Desktop [Public]: Google Earth.lnk . (.Google - Google Earth.) -- C:\Program Files\Google\Google Earth\client\googleearth.exe
O4 - GS\Desktop [Public]: iTunes.lnk . (.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe
O4 - GS\Desktop [Public]: Nikon Transfer.lnk . (.Nikon Corporation - Nikon Transfer Application.) -- C:\Program Files\Nikon\Nikon Transfer\NktTransfer.exe
O4 - GS\Desktop [Public]: ViewNX.lnk . (.Nikon Corporation - ViewNX.) -- C:\Program Files\Nikon\ViewNX\ViewNX.exe
O4 - GS\Desktop [Public]: WD Drive Utilities.lnk . (.Western Digital - WD Drive Utilities.) -- C:\Program Files\Western Digital\WD Utilities\WDDriveUtilities.exe
O4 - GS\Desktop [Public]: WD SmartWare.lnk . (.Western Digital - WD SmartWare.) -- C:\Program Files\Western Digital\WD SmartWare\WDSmartWare.exe
O4 - GS\Desktop [Public]: ZoomBrowser EX.lnk . (...) -- C:\Program Files\Canon\ZoomBrowser EX\Program\ZoomBrowser.exe
O4 - GS\Program [Public]: Windows Movie Maker 2.6.lnk . (.Microsoft Corporation - Windows Movie Maker.) -- C:\Windows\Installer\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}\MOVIEMK.exe
O4 - GS\QuickLaunch [jocelyne]: iLivid.lnk . (...) -- C:\Users\jocelyne\AppData\Local\iLivid\iLivid.exe (.not file.) =>Adware.Bandoo
O4 - GS\QuickLaunch [jocelyne]: OtShot.lnk . (...) -- C:\Program Files\OtShot\OtShot.exe (.not file.)
O4 - GS\Accessories [jocelyne]: Notepad.lnk . (.Microsoft Corporation - Notepad.) -- C:\Windows\system32\notepad.exe
O4 - GS\SendTo [jocelyne]: Format Factory.lnk . (.Free Time - FormatFactory.) -- C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe
O4 - GS\Desktop [jocelyne]: Format Factory.lnk . (.Free Time - FormatFactory.) -- C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe
O4 - GS\Desktop [jocelyne]: MétéoÉclair.lnk . (.Pelmorex Media Inc. - Pas de description.) -- C:\Users\jocelyne\AppData\Local\MétéoMédia\MétéoÉclair\WeatherEye.exe
O4 - GS\Desktop [jocelyne]: OtShot.lnk . (...) -- C:\Program Files\OtShot\otshot.exe (.not file.)
~ Global Startup: 50 Legitimates Filtered in 00mn 02s
---\\ Applications lancées au démarrage du sytème (O4)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Nikon Transfer Monitor] . (.Nikon Corporation - Nikon Transfer Monitor.) -- C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] . (.ArcSoft Inc. - ArcSoft Connect Daemon.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [Garmin Lifetime Updater] . (.Garmin - Garmin Lifetime Updater.) -- C:\Program Files\Garmin\Lifetime Updater\GarminLifetime.exe
O4 - HKLM\..\Run: [WD Drive Unlocker] . (.Western Digital - WD Drive Auto Unlock.) -- C:\Program Files\Western Digital\WD Security\WDDriveAutoUnlock.exe
O4 - HKLM\..\Run: [WD Quick View] . (.Western Digital Technologies, Inc. - WD Quick View.) -- C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\jocelyne\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (.not file.) =>P2P.µTorrent
O4 - HKCU\..\Run: [WeatherEye] . (.Pelmorex Media Inc. - Pas de description.) -- C:\Users\jocelyne\AppData\Local\MétéoMédia\MétéoÉclair\WeatherEye.exe
O4 - HKCU\..\Run: [iCloudServices] . (.Apple Inc. - iCloud.) -- C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] . (.Apple Inc. - ApplePhotoStreams.exe.) -- C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-1171817889-1633980863-1648130375-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\jocelyne\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-1171817889-1633980863-1648130375-1000\..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (.not file.) =>P2P.µTorrent
O4 - HKUS\S-1-5-21-1171817889-1633980863-1648130375-1000\..\Run: [WeatherEye] . (.Pelmorex Media Inc. - Pas de description.) -- C:\Users\jocelyne\AppData\Local\MétéoMédia\MétéoÉclair\WeatherEye.exe
O4 - HKUS\S-1-5-21-1171817889-1633980863-1648130375-1000\..\Run: [iCloudServices] . (.Apple Inc. - iCloud.) -- C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKUS\S-1-5-21-1171817889-1633980863-1648130375-1000\..\Run: [ApplePhotoStreams] . (.Apple Inc. - ApplePhotoStreams.exe.) -- C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\OFFICE11\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: Garmin Communicator Plug-In (Garmin Communicator Plug-In) - https://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB
O16 - DPF: Microsoft XML Parser for Java - (Microsoft XML Parser for Java) - (.not file.) - C:\Windows\Java\classes\xmldso.cab
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} ((no name)) - https://kitchenplanner.ikea.com/ca/Core/Player/2020PlayerAX_IKEA_Win32.cab
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} ((no name)) - http://www.walmartphotocentre.ca/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} ((no name)) - http://game.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} ((no name)) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} ((no name)) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldfr-ca.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{BA589CB6-558C-4870-A9D1-89632992B770}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{BA589CB6-558C-4870-A9D1-89632992B770}: DhcpDomain = gateway.2wire.net
O17 - HKLM\System\CS1\Services\Tcpip\..\{BA589CB6-558C-4870-A9D1-89632992B770}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{BA589CB6-558C-4870-A9D1-89632992B770}: DhcpDomain = gateway.2wire.net
O17 - HKLM\System\CS2\Services\Tcpip\..\{BA589CB6-558C-4870-A9D1-89632992B770}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{BA589CB6-558C-4870-A9D1-89632992B770}: DhcpDomain = gateway.2wire.net
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
~ Domain: Scanned in 00mn 00s
---\\ Titr_HJT34=Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [{7B6FE029-1814-4D4A-AB2C-C46A1DCB1FDA}] (...) -- D:\SETUP.exe (.not file.) [0]
~ Scheduled Task: 18 Legitimates Filtered in 00mn 10s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\ChrmTB]
[HKCU\Software\Tables]
[HKCU\Software\Trance Pad]
[HKLM\Software\Productivity_3.2]
[HKLM\Software\URLs]
[HKLM\Software\Widgets]
~ Key Software: 137 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 2011-12-16 - 21:41:52 - [0] ----D C:\Program Files\Productivity_3.2
O43 - CFD: 2010-08-21 - 19:11:51 - [0,000] ----D C:\ProgramData\Analog Pad
O43 - CFD: 2010-08-21 - 18:56:26 - [0,000] ----D C:\ProgramData\laserjet
~ 1776 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 1972 Legitimates Filtered in 01mn 55s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.B680134BA1813B78B47FDD1DFF223CA5] - 2013-05-09 - 03:59:10 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [49376]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 2009-07-13 - 16:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
~ Drivers: 16 Legitimates Filtered in 00mn 00s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s
---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 19 Legitimates Filtered in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {2B86D49A-C4FD-4AEE-802F-1820ECD12BDE} - (Ask Search) - http://www.search.ask.com/?o=10148&l=dis =>Toolbar.Ask
~ Keys: Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.89142A5D0C81D7DE49ED62BFDB0C174E] [SPRF][2013-09-07] (...) -- C:\Users\jocelyne\AppData\Local\Temp\apnuserid.dat [16]
[MD5.9C82C7143C102B71C593D98D96093FDE] [SPRF][2013-09-07] (...) -- C:\Users\jocelyne\AppData\Local\Temp\appid.dat [3]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][1601-01-01] (...) -- C:\Users\jocelyne\AppData\Local\Temp\BundleSweetIMSetup.exe [9] =>PUP.SweetIM
[MD5.E7BFAEC48B638814F9DA09FF1F4B723A] [SPRF][2013-05-08] (.Conduit - Search Protect by Conduit.) -- C:\Users\jocelyne\AppData\Local\Temp\cltmng.exe [2852640] =>Toolbar.Conduit
[MD5.698A76975115174703ECD32F876FAB3E] [SPRF][2012-12-27] (.Conduit - Pas de description.) -- C:\Users\jocelyne\AppData\Local\Temp\conduitinstaller.exe [85992] =>Adware.Bloson
[MD5.3865856CA8B2339A64002757602D4D05] [SPRF][2012-01-21] (...) -- C:\Users\jocelyne\AppData\Local\Temp\extension2841115320384970667.dll [163840]
[MD5.8F9B702DC246990ABCC3C298C321040E] [SPRF][2012-01-21] (...) -- C:\Users\jocelyne\AppData\Local\Temp\extension8103421296305740307.dll [49152]
[MD5.85F50C18C0FB191F33EF72BE2559D925] [SPRF][2010-11-04] (...) -- C:\Users\jocelyne\AppData\Local\Temp\FFSetupSoftonic260.exe [36895984] =>Toolbar.Conduit
[MD5.5C9F59022F9B62D722C3CB494D58CB1D] [SPRF][2010-10-18] (...) -- C:\Users\jocelyne\AppData\Local\Temp\GLF899F.tmp.ConduitEngineSetup.exe [157536] =>Toolbar.Conduit
[MD5.51D1C5B1831CBA5343C7CD5A87B14864] [SPRF][2013-01-13] (...) -- C:\Users\jocelyne\AppData\Local\Temp\HotShot_installerNewNoStartUp.exe [5134903]
[MD5.35BF88E0C1141A21911E626A29BA68DD] [SPRF][2013-06-18] (...) -- C:\Users\jocelyne\AppData\Local\Temp\l6otevxy.dll [3584]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][1601-01-01] (...) -- C:\Users\jocelyne\AppData\Local\Temp\MybabylonTB.exe [11] =>Toolbar.Babylon
[MD5.CBB0857B4E4C5D947A0933733F19AFFC] [SPRF][2013-05-08] (.Conduit - SP Usage Sender.) -- C:\Users\jocelyne\AppData\Local\Temp\nsg7017.exe [110936] =>Toolbar.Conduit
[MD5.CBB0857B4E4C5D947A0933733F19AFFC] [SPRF][2013-05-08] (.Conduit - SP Usage Sender.) -- C:\Users\jocelyne\AppData\Local\Temp\nsmD6D8.exe [110936] =>Toolbar.Conduit
[MD5.5B4935F79CC67A354065773CE49D6AA3] [SPRF][2011-11-16] (.Conduit Ltd. - Conduit Toolbar.) -- C:\Users\jocelyne\AppData\Local\Temp\nsoCF70.tmp.tbProd.dll [4397864] =>Toolbar.Conduit
[MD5.CBB0857B4E4C5D947A0933733F19AFFC] [SPRF][2013-05-08] (.Conduit - SP Usage Sender.) -- C:\Users\jocelyne\AppData\Local\Temp\nsqDE56.exe [110936] =>Toolbar.Conduit
[MD5.CBB0857B4E4C5D947A0933733F19AFFC] [SPRF][2013-05-08] (.Conduit - SP Usage Sender.) -- C:\Users\jocelyne\AppData\Local\Temp\nsr71CC.exe [110936] =>Toolbar.Conduit
[MD5.1B80378EA920FCD0EA146B28C3DBA2AE] [SPRF][2013-09-07] (...) -- C:\Users\jocelyne\AppData\Local\Temp\propsys.dll [6]
[MD5.3BF79E6868B44D3ADB2796BA99521891] [SPRF][2013-09-07] (...) -- C:\Users\jocelyne\AppData\Local\Temp\Quarantine.exe [344583]
[MD5.E755E4FB5F0A5310EC637E9598037426] [SPRF][2013-09-07] (...) -- C:\Users\jocelyne\AppData\Local\Temp\rep.dat [268]
[MD5.8DE77AA7D8C6E80824EC145FD840CA24] [SPRF][2010-11-07] (...) -- C:\Users\jocelyne\AppData\Local\Temp\Softonic_France_FF.exe [2495824] =>Toolbar.Conduit
[MD5.EA5C1D73FB6840B69E5034ACE95684AF] [SPRF][2013-07-17] (.Conduit - Search Protect by conduit.) -- C:\Users\jocelyne\AppData\Local\Temp\SPStub.exe [68968] =>Toolbar.Conduit
[MD5.8CB22BDD0B7BA1AB13D742E22EED8DA2] [SPRF][2013-09-07] (...) -- C:\Users\jocelyne\AppData\Local\Temp\sysid.dat [3]
[MD5.73406FA9287B36CA4163797C73A2CD04] [SPRF][2012-07-16] (.Conduit Ltd. - Conduit Toolbar.) -- C:\Users\jocelyne\AppData\Local\Temp\tbedrs.dll [4451144] =>Toolbar.Conduit
[MD5.E4CC410BD005958125CD87C5F6E66371] [SPRF][2010-10-18] (.Conduit Ltd. - Conduit Toolbar.) -- C:\Users\jocelyne\AppData\Local\Temp\tbSoft.dll [3908192] =>Toolbar.Conduit
[MD5.73406FA9287B36CA4163797C73A2CD04] [SPRF][2012-07-16] (.Conduit Ltd. - Conduit Toolbar.) -- C:\Users\jocelyne\AppData\Local\Temp\tbuTor.dll [4451144] =>Toolbar.Conduit
[MD5.943F313974A830D4634C73BEB8103F5E] [SPRF][2013-07-17] (.Conduit Ltd. - ToolbarHelper Application.) -- C:\Users\jocelyne\AppData\Local\Temp\ToolbarHelper.exe [86816] =>Toolbar.Conduit
[MD5.BDEE9D936EFB7C76DF778F45F1CF130D] [SPRF][2013-09-07] (...) -- C:\Users\jocelyne\AppData\Local\Temp\trackid.dat [6]
[MD5.00E220222110A2355391758C1041CDC7] [SPRF][2012-09-04] (...) -- C:\Users\jocelyne\AppData\Local\Temp\utt8F86.tmp.bat [53]
[MD5.D190911614D682369192C40D909F4E66] [SPRF][2012-09-04] (...) -- C:\Users\jocelyne\AppData\Local\Temp\uttE22A.tmp.exe [6040064]
[MD5.1AF873D82D3D6E4EA80026C82AB8E5C6] [SPRF][2010-04-15] (.PhotoChannel Networks - PhotoCenter Active X control.) -- C:\Windows\Downloaded Program Files\Photochannel.dll [732296]
~ Files: 68 Legitimates Filtered in 00mn 24s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{79F428D2-8674-40B7-9F8A-98D4B7529CE1}" |In - Private - P6 - TRUE | .(...) -- C:\Users\jocelyne\Downloads\AviConverterSetup.exe (.not file.)
O87 - FAEL: "{2F1AF183-D55F-4B4B-99B7-00987E69D63E}" |In - Private - P17 - TRUE | .(...) -- C:\Users\jocelyne\Downloads\AviConverterSetup.exe (.not file.)
~ Firewall: 185 Legitimates Filtered in 00mn 01s
---\\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 2010-03-18 113152 | (ACDaemon) . (.ArcSoft Inc..) - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
SR - | Auto 2013-05-10 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 2013-08-20 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 2012-12-21 57008 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 2013-05-09 46808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 2011-08-30 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Auto 2010-10-24 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 2010-10-24 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 2005-04-03 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
SR - | Demand 2013-08-16 553288 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Demand 2013-02-04 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 2013-03-01 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SR - | Auto 2012-06-14 1151424 | (WDBackup) . (.Western Digital.) - C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe
SR - | Auto 2012-09-06 248248 | (WDDriveService) . (.Western Digital.) - C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe
SR - | Auto 2012-06-14 1177536 | (WDRulesService) . (.Western Digital.) - C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
SR - | Auto 2009-07-13 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 2009-07-13 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 01mn 07s
---\\ Scan Additionnel (O88)
Database Version : 12895 - (2013-09-09)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 2
Fichiers trouvés (Files found) : 29
[HKLM\Software\Google\Chrome\Extensions\licjnkifamhpbaefhdpacpmihicfbomb] =>Adware.PricePeep^
C:\Users\jocelyne\AppData\LocalLow\Softonic_France_FF =>Toolbar.Conduit
C:\Users\jocelyne\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb =>Adware.PricePeep
C:\Users\jocelyne\AppData\Local\Temp\BundleSweetIMSetup.exe =>PUP.SweetIM^
C:\Users\jocelyne\AppData\Local\Temp\cltmng.exe =>Toolbar.Conduit^
C:\Users\jocelyne\AppData\Local\Temp\conduitinstaller.exe =>Adware.Bloson^
C:\Users\jocelyne\AppData\Local\Temp\FFSetupSoftonic260.exe =>Toolbar.Conduit^
C:\Users\jocelyne\AppData\Local\Temp\GLF899F.tmp.ConduitEngineSetup.exe =>Toolbar.Conduit^
C:\Users\jocelyne\AppData\Local\Temp\MybabylonTB.exe =>Toolbar.Babylon^
C:\Users\jocelyne\AppData\Local\Temp\nsg7017.exe =>Toolbar.Conduit^
C:\Users\jocelyne\AppData\Local\Temp\nsmD6D8.exe =>Toolbar.Conduit^
C:\Users\jocelyne\AppData\Local\Temp\nsoCF70.tmp.tbProd.dll =>Toolbar.Conduit^
C:\Users\jocelyne\AppData\Local\Temp\nsqDE56.exe =>Toolbar.Conduit^
C:\Users\jocelyne\AppData\Local\Temp\nsr71CC.exe =>Toolbar.Conduit^
C:\Users\jocelyne\AppData\Local\Temp\Softonic_France_FF.exe =>Toolbar.Conduit^
C:\Users\jocelyne\AppData\Local\Temp\SPStub.exe =>Toolbar.Conduit^
C:\Users\jocelyne\AppData\Local\Temp\tbedrs.dll =>Toolbar.Conduit^
C:\Users\jocelyne\AppData\Local\Temp\tbSoft.dll =>Toolbar.Conduit^
C:\Users\jocelyne\AppData\Local\Temp\tbuTor.dll =>Toolbar.Conduit^
C:\Users\jocelyne\AppData\Local\Temp\ToolbarHelper.exe =>Toolbar.Conduit^
~ Additionnel Scan: 394556 Items scanned in 01mn 55s
---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/26611092-adware-bandoo =>Adware.Bandoo
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/32755958-adware-bloson =>Adware.Bloson
~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>Toolbar.Babylon
~ MSI: 6 link(s) detected in 01mn 55s
~ 2753 Legitimates filtered by white list
End of the scan (463 lines in 07mn 39s)(0)
~ Lancé par jocelyne (2013-09-09 19:43:40)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16660
MFIE: Mozilla Firefox 15.0
GCIE: Google Chrome v29.0.1547.66 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium Edition, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, RETAIL channel
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
avast! Free Antivirus v8.0.1489.0
Windows Defender W7
---\\ Logiciels d'optimisation du système
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader X
Java 7 Update 25
---\\ Informations sur le système
~ Processor: x86 Family 6 Model 15 Stepping 2, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2038 MB (36% free)
System Restore: Activé (Enable)
System drive C: has 81 GB (43%) free of 185 GB
---\\ Mode de connexion au système
~ Computer Name: JOCELYNE-PC
~ User Name: jocelyne
~ All Users Names: jocelyne, Guest, Administrator,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppData% : C:\Users\jocelyne\AppData\Roaming\
~ %Desktop% : C:\Users\jocelyne\Desktop\
~ %Favorites% : C:\Users\jocelyne\Favorites\
~ %LocalAppData% : C:\Users\jocelyne\AppData\Local\
~ %StartMenu% : C:\Users\jocelyne\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C:\ Hard drive, Flash drive, Thumb drive (Free 81 Go of 185 Go)
D:\ CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
~ Security Center: 26 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.40D777B7A95E00593EB1568C68514493] - (.Microsoft Corporation - Windows Explorer.) (.2010-11-20 - 07:17:09.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Windows Start-Up Application.) (.2009-07-13 - 20:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.DAA3903F06116AE9EE7AC1D1B93684A4] - (.Microsoft Corporation - Internet Extensions for Win32.) (.2013-07-25 - 22:13:24.) -- C:\Windows\System32\wininet.dll [1767936]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Windows Logon Application.) (.2010-11-20 - 07:17:54.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Software Licensing Library.) (.2010-11-20 - 07:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.9EBBBA55060F786F0FCAA3893BFA2806] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.2011-04-24 - 21:18:03.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.2009-07-13 - 20:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.2009-07-13 - 18:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.2010-11-20 - 03:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.2010-11-20 - 03:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.2010-11-20 - 04:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - i8042 Port Driver.) (.2009-07-13 - 18:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.2009-07-13 - 18:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.2011-04-26 - 21:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.2010-11-20 - 03:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.5E43D2B0EE64123D4880DFA6626DEFDE] - (.Microsoft Corporation - NT File System Driver.) (.2013-04-12 - 08:45:29.) -- C:\Windows\system32\Drivers\ntfs.sys [1211752]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Parallel Port Driver.) (.2009-07-13 - 18:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.2009-07-13 - 18:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.2009-07-13 - 18:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.2010-11-20 - 03:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Volume Shadow Copy Driver.) (.2010-11-20 - 07:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 01s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/11723
~ Mes musiques (My Musics) : 15/1601
~ Mes Videos (My Videos) : 1/51
~ Mes Favoris (My Favorites) : 1/99
~ Mes Documents (My Documents) : 3/16983
~ Mon Bureau (My Desktop) : 1/4
~ Menu demarrer (Programs) : 1/27
~ Hidden Files: Scanned in 00mn 28s
---\\ Processus lancés au démarrage du système
[MD5.68239842340DDFF8993DFD9127553EDA] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [141848] [PID.3488]
[MD5.004763BDF8E48244DBB9FDFDE3065EBC] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [173592] [PID.3496]
[MD5.CD1102E5D340216138C7F56FA8D26998] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [150552] [PID.3504]
[MD5.D9C51528488EA0D98D3C4D02ABD16759] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [252952] [PID.3568]
[MD5.80638A0BD43E0E10BBA267C2F2590E04] - (.Nikon Corporation - Nikon Transfer Monitor.) -- C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe [485208] [PID.3600]
[MD5.A7810B302294793DE88542AAE177D1B1] - (.ArcSoft Inc. - ArcSoft Connect Daemon.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424] [PID.3620]
[MD5.F400694D7D2785F60133C20F7F2F4F7A] - (.ArcSoft Inc. - ArcSoft Connect Notifier.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac [309824] [PID.3724]
[MD5.A387D093B66727BF3EDF517E2F4D87C5] - (.Garmin - Garmin Lifetime Updater.) -- C:\Program Files\Garmin\Lifetime Updater\GarminLifetime.exe [1466760] [PID.3736]
[MD5.51E86C2B0530E37597B21C0564B3FA76] - (.Western Digital - WD Drive Auto Unlock.) -- C:\Program Files\Western Digital\WD Security\WDDriveAutoUnlock.exe [1688008] [PID.3796]
[MD5.64222197C3C5BA92D474A4992A25EFA7] - (.Western Digital Technologies, Inc. - WD Quick View.) -- C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe [5235128] [PID.3884]
[MD5.3F11B20D12D89365D7721BDC860CE5F0] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968] [PID.3900]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816] [PID.4084]
[MD5.CE42DFE915F78246364D464902E47360] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [152392] [PID.1536]
[MD5.F7E9D8DE72862C885465D7BB17AEE908] - (.Pelmorex Media Inc. - Pas de description.) -- C:\Users\jocelyne\AppData\Local\MétéoMédia\MétéoÉclair\WeatherEye.exe [309104] [PID.1024]
[MD5.D5543E09953C8A8B12801A3A7AFEE155] - (.Apple Inc. - iCloud.) -- C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [59720] [PID.868]
[MD5.CC37819A9C45FDF9E0577D71D8044319] - (.Apple Inc. - ApplePhotoStreams.exe.) -- C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720] [PID.376]
[MD5.61E4289E91E88C90478D7F4BEB10DCF7] - (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720] [PID.3024]
[MD5.2E0B0A051FFAA86E358465BB0880D453] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [53784] [PID.4388]
[MD5.7BA1862B8A5698DC5FCFDFF3BC359DE9] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [770648] [PID.5628]
[MD5.DF1BBA1168C0AD1D080A1F1B99576A76] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [829392] [PID.1208]
[MD5.A9BFA26F37B85EDA665CBC32B3B8561D] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [7921664] [PID.4444]
~ Processes Running: Scanned in 00mn 02s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\jocelyne\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] https://www.msn.com/en-ca?checklang=1
G0 - GCSP: Preference [User Data\Default] https://www.msn.com/en-ca?checklang=1
G2 - GCE: Preference [User Data\Default] [licjnkifamhpbaefhdpacpmihicfbomb] PricePeep v.2.2.0.3 (Activé) =>Adware.PricePeep
G2 - GCE: Preference [User Data\Default] [ogkdmggpdfpodahejeckklcncacambmo] Bungalow v.1 (Activé)
G2 - GCE: Preference [User Data\Default] [paoponfhfdfnjgddpnpjkambkcgdaaib] uTorrentBar_FR v.2.3.15.10 (Désactivé) =>P2P.µTorrent
~ Google Browser: 15 Legitimates Filtered in 00mn 33s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\jocelyne\AppData\Roaming\Mozilla\Firefox\Profiles\xzxv2wab.default\prefs.js
~ Firefox Browser: 22 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! WebRep - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Garmin Lifetime Updater.lnk . (.Garmin - Garmin Lifetime Updater.) -- C:\Program Files\Garmin\Lifetime Updater\GarminLifetime.exe
O4 - GS\Desktop [Public]: Google Earth.lnk . (.Google - Google Earth.) -- C:\Program Files\Google\Google Earth\client\googleearth.exe
O4 - GS\Desktop [Public]: iTunes.lnk . (.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe
O4 - GS\Desktop [Public]: Nikon Transfer.lnk . (.Nikon Corporation - Nikon Transfer Application.) -- C:\Program Files\Nikon\Nikon Transfer\NktTransfer.exe
O4 - GS\Desktop [Public]: ViewNX.lnk . (.Nikon Corporation - ViewNX.) -- C:\Program Files\Nikon\ViewNX\ViewNX.exe
O4 - GS\Desktop [Public]: WD Drive Utilities.lnk . (.Western Digital - WD Drive Utilities.) -- C:\Program Files\Western Digital\WD Utilities\WDDriveUtilities.exe
O4 - GS\Desktop [Public]: WD SmartWare.lnk . (.Western Digital - WD SmartWare.) -- C:\Program Files\Western Digital\WD SmartWare\WDSmartWare.exe
O4 - GS\Desktop [Public]: ZoomBrowser EX.lnk . (...) -- C:\Program Files\Canon\ZoomBrowser EX\Program\ZoomBrowser.exe
O4 - GS\Program [Public]: Windows Movie Maker 2.6.lnk . (.Microsoft Corporation - Windows Movie Maker.) -- C:\Windows\Installer\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}\MOVIEMK.exe
O4 - GS\QuickLaunch [jocelyne]: iLivid.lnk . (...) -- C:\Users\jocelyne\AppData\Local\iLivid\iLivid.exe (.not file.) =>Adware.Bandoo
O4 - GS\QuickLaunch [jocelyne]: OtShot.lnk . (...) -- C:\Program Files\OtShot\OtShot.exe (.not file.)
O4 - GS\Accessories [jocelyne]: Notepad.lnk . (.Microsoft Corporation - Notepad.) -- C:\Windows\system32\notepad.exe
O4 - GS\SendTo [jocelyne]: Format Factory.lnk . (.Free Time - FormatFactory.) -- C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe
O4 - GS\Desktop [jocelyne]: Format Factory.lnk . (.Free Time - FormatFactory.) -- C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe
O4 - GS\Desktop [jocelyne]: MétéoÉclair.lnk . (.Pelmorex Media Inc. - Pas de description.) -- C:\Users\jocelyne\AppData\Local\MétéoMédia\MétéoÉclair\WeatherEye.exe
O4 - GS\Desktop [jocelyne]: OtShot.lnk . (...) -- C:\Program Files\OtShot\otshot.exe (.not file.)
~ Global Startup: 50 Legitimates Filtered in 00mn 02s
---\\ Applications lancées au démarrage du sytème (O4)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Nikon Transfer Monitor] . (.Nikon Corporation - Nikon Transfer Monitor.) -- C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] . (.ArcSoft Inc. - ArcSoft Connect Daemon.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [Garmin Lifetime Updater] . (.Garmin - Garmin Lifetime Updater.) -- C:\Program Files\Garmin\Lifetime Updater\GarminLifetime.exe
O4 - HKLM\..\Run: [WD Drive Unlocker] . (.Western Digital - WD Drive Auto Unlock.) -- C:\Program Files\Western Digital\WD Security\WDDriveAutoUnlock.exe
O4 - HKLM\..\Run: [WD Quick View] . (.Western Digital Technologies, Inc. - WD Quick View.) -- C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\jocelyne\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (.not file.) =>P2P.µTorrent
O4 - HKCU\..\Run: [WeatherEye] . (.Pelmorex Media Inc. - Pas de description.) -- C:\Users\jocelyne\AppData\Local\MétéoMédia\MétéoÉclair\WeatherEye.exe
O4 - HKCU\..\Run: [iCloudServices] . (.Apple Inc. - iCloud.) -- C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] . (.Apple Inc. - ApplePhotoStreams.exe.) -- C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-1171817889-1633980863-1648130375-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\jocelyne\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-1171817889-1633980863-1648130375-1000\..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (.not file.) =>P2P.µTorrent
O4 - HKUS\S-1-5-21-1171817889-1633980863-1648130375-1000\..\Run: [WeatherEye] . (.Pelmorex Media Inc. - Pas de description.) -- C:\Users\jocelyne\AppData\Local\MétéoMédia\MétéoÉclair\WeatherEye.exe
O4 - HKUS\S-1-5-21-1171817889-1633980863-1648130375-1000\..\Run: [iCloudServices] . (.Apple Inc. - iCloud.) -- C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKUS\S-1-5-21-1171817889-1633980863-1648130375-1000\..\Run: [ApplePhotoStreams] . (.Apple Inc. - ApplePhotoStreams.exe.) -- C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\OFFICE11\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: Garmin Communicator Plug-In (Garmin Communicator Plug-In) - https://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB
O16 - DPF: Microsoft XML Parser for Java - (Microsoft XML Parser for Java) - (.not file.) - C:\Windows\Java\classes\xmldso.cab
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} ((no name)) - https://kitchenplanner.ikea.com/ca/Core/Player/2020PlayerAX_IKEA_Win32.cab
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} ((no name)) - http://www.walmartphotocentre.ca/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} ((no name)) - http://game.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} ((no name)) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} ((no name)) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldfr-ca.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{BA589CB6-558C-4870-A9D1-89632992B770}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{BA589CB6-558C-4870-A9D1-89632992B770}: DhcpDomain = gateway.2wire.net
O17 - HKLM\System\CS1\Services\Tcpip\..\{BA589CB6-558C-4870-A9D1-89632992B770}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{BA589CB6-558C-4870-A9D1-89632992B770}: DhcpDomain = gateway.2wire.net
O17 - HKLM\System\CS2\Services\Tcpip\..\{BA589CB6-558C-4870-A9D1-89632992B770}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{BA589CB6-558C-4870-A9D1-89632992B770}: DhcpDomain = gateway.2wire.net
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
~ Domain: Scanned in 00mn 00s
---\\ Titr_HJT34=Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [{7B6FE029-1814-4D4A-AB2C-C46A1DCB1FDA}] (...) -- D:\SETUP.exe (.not file.) [0]
~ Scheduled Task: 18 Legitimates Filtered in 00mn 10s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\ChrmTB]
[HKCU\Software\Tables]
[HKCU\Software\Trance Pad]
[HKLM\Software\Productivity_3.2]
[HKLM\Software\URLs]
[HKLM\Software\Widgets]
~ Key Software: 137 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 2011-12-16 - 21:41:52 - [0] ----D C:\Program Files\Productivity_3.2
O43 - CFD: 2010-08-21 - 19:11:51 - [0,000] ----D C:\ProgramData\Analog Pad
O43 - CFD: 2010-08-21 - 18:56:26 - [0,000] ----D C:\ProgramData\laserjet
~ 1776 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 1972 Legitimates Filtered in 01mn 55s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.B680134BA1813B78B47FDD1DFF223CA5] - 2013-05-09 - 03:59:10 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [49376]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 2009-07-13 - 16:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
~ Drivers: 16 Legitimates Filtered in 00mn 00s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s
---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 19 Legitimates Filtered in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {2B86D49A-C4FD-4AEE-802F-1820ECD12BDE} - (Ask Search) - http://www.search.ask.com/?o=10148&l=dis =>Toolbar.Ask
~ Keys: Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.89142A5D0C81D7DE49ED62BFDB0C174E] [SPRF][2013-09-07] (...) -- C:\Users\jocelyne\AppData\Local\Temp\apnuserid.dat [16]
[MD5.9C82C7143C102B71C593D98D96093FDE] [SPRF][2013-09-07] (...) -- C:\Users\jocelyne\AppData\Local\Temp\appid.dat [3]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][1601-01-01] (...) -- C:\Users\jocelyne\AppData\Local\Temp\BundleSweetIMSetup.exe [9] =>PUP.SweetIM
[MD5.E7BFAEC48B638814F9DA09FF1F4B723A] [SPRF][2013-05-08] (.Conduit - Search Protect by Conduit.) -- C:\Users\jocelyne\AppData\Local\Temp\cltmng.exe [2852640] =>Toolbar.Conduit
[MD5.698A76975115174703ECD32F876FAB3E] [SPRF][2012-12-27] (.Conduit - Pas de description.) -- C:\Users\jocelyne\AppData\Local\Temp\conduitinstaller.exe [85992] =>Adware.Bloson
[MD5.3865856CA8B2339A64002757602D4D05] [SPRF][2012-01-21] (...) -- C:\Users\jocelyne\AppData\Local\Temp\extension2841115320384970667.dll [163840]
[MD5.8F9B702DC246990ABCC3C298C321040E] [SPRF][2012-01-21] (...) -- C:\Users\jocelyne\AppData\Local\Temp\extension8103421296305740307.dll [49152]
[MD5.85F50C18C0FB191F33EF72BE2559D925] [SPRF][2010-11-04] (...) -- C:\Users\jocelyne\AppData\Local\Temp\FFSetupSoftonic260.exe [36895984] =>Toolbar.Conduit
[MD5.5C9F59022F9B62D722C3CB494D58CB1D] [SPRF][2010-10-18] (...) -- C:\Users\jocelyne\AppData\Local\Temp\GLF899F.tmp.ConduitEngineSetup.exe [157536] =>Toolbar.Conduit
[MD5.51D1C5B1831CBA5343C7CD5A87B14864] [SPRF][2013-01-13] (...) -- C:\Users\jocelyne\AppData\Local\Temp\HotShot_installerNewNoStartUp.exe [5134903]
[MD5.35BF88E0C1141A21911E626A29BA68DD] [SPRF][2013-06-18] (...) -- C:\Users\jocelyne\AppData\Local\Temp\l6otevxy.dll [3584]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][1601-01-01] (...) -- C:\Users\jocelyne\AppData\Local\Temp\MybabylonTB.exe [11] =>Toolbar.Babylon
[MD5.CBB0857B4E4C5D947A0933733F19AFFC] [SPRF][2013-05-08] (.Conduit - SP Usage Sender.) -- C:\Users\jocelyne\AppData\Local\Temp\nsg7017.exe [110936] =>Toolbar.Conduit
[MD5.CBB0857B4E4C5D947A0933733F19AFFC] [SPRF][2013-05-08] (.Conduit - SP Usage Sender.) -- C:\Users\jocelyne\AppData\Local\Temp\nsmD6D8.exe [110936] =>Toolbar.Conduit
[MD5.5B4935F79CC67A354065773CE49D6AA3] [SPRF][2011-11-16] (.Conduit Ltd. - Conduit Toolbar.) -- C:\Users\jocelyne\AppData\Local\Temp\nsoCF70.tmp.tbProd.dll [4397864] =>Toolbar.Conduit
[MD5.CBB0857B4E4C5D947A0933733F19AFFC] [SPRF][2013-05-08] (.Conduit - SP Usage Sender.) -- C:\Users\jocelyne\AppData\Local\Temp\nsqDE56.exe [110936] =>Toolbar.Conduit
[MD5.CBB0857B4E4C5D947A0933733F19AFFC] [SPRF][2013-05-08] (.Conduit - SP Usage Sender.) -- C:\Users\jocelyne\AppData\Local\Temp\nsr71CC.exe [110936] =>Toolbar.Conduit
[MD5.1B80378EA920FCD0EA146B28C3DBA2AE] [SPRF][2013-09-07] (...) -- C:\Users\jocelyne\AppData\Local\Temp\propsys.dll [6]
[MD5.3BF79E6868B44D3ADB2796BA99521891] [SPRF][2013-09-07] (...) -- C:\Users\jocelyne\AppData\Local\Temp\Quarantine.exe [344583]
[MD5.E755E4FB5F0A5310EC637E9598037426] [SPRF][2013-09-07] (...) -- C:\Users\jocelyne\AppData\Local\Temp\rep.dat [268]
[MD5.8DE77AA7D8C6E80824EC145FD840CA24] [SPRF][2010-11-07] (...) -- C:\Users\jocelyne\AppData\Local\Temp\Softonic_France_FF.exe [2495824] =>Toolbar.Conduit
[MD5.EA5C1D73FB6840B69E5034ACE95684AF] [SPRF][2013-07-17] (.Conduit - Search Protect by conduit.) -- C:\Users\jocelyne\AppData\Local\Temp\SPStub.exe [68968] =>Toolbar.Conduit
[MD5.8CB22BDD0B7BA1AB13D742E22EED8DA2] [SPRF][2013-09-07] (...) -- C:\Users\jocelyne\AppData\Local\Temp\sysid.dat [3]
[MD5.73406FA9287B36CA4163797C73A2CD04] [SPRF][2012-07-16] (.Conduit Ltd. - Conduit Toolbar.) -- C:\Users\jocelyne\AppData\Local\Temp\tbedrs.dll [4451144] =>Toolbar.Conduit
[MD5.E4CC410BD005958125CD87C5F6E66371] [SPRF][2010-10-18] (.Conduit Ltd. - Conduit Toolbar.) -- C:\Users\jocelyne\AppData\Local\Temp\tbSoft.dll [3908192] =>Toolbar.Conduit
[MD5.73406FA9287B36CA4163797C73A2CD04] [SPRF][2012-07-16] (.Conduit Ltd. - Conduit Toolbar.) -- C:\Users\jocelyne\AppData\Local\Temp\tbuTor.dll [4451144] =>Toolbar.Conduit
[MD5.943F313974A830D4634C73BEB8103F5E] [SPRF][2013-07-17] (.Conduit Ltd. - ToolbarHelper Application.) -- C:\Users\jocelyne\AppData\Local\Temp\ToolbarHelper.exe [86816] =>Toolbar.Conduit
[MD5.BDEE9D936EFB7C76DF778F45F1CF130D] [SPRF][2013-09-07] (...) -- C:\Users\jocelyne\AppData\Local\Temp\trackid.dat [6]
[MD5.00E220222110A2355391758C1041CDC7] [SPRF][2012-09-04] (...) -- C:\Users\jocelyne\AppData\Local\Temp\utt8F86.tmp.bat [53]
[MD5.D190911614D682369192C40D909F4E66] [SPRF][2012-09-04] (...) -- C:\Users\jocelyne\AppData\Local\Temp\uttE22A.tmp.exe [6040064]
[MD5.1AF873D82D3D6E4EA80026C82AB8E5C6] [SPRF][2010-04-15] (.PhotoChannel Networks - PhotoCenter Active X control.) -- C:\Windows\Downloaded Program Files\Photochannel.dll [732296]
~ Files: 68 Legitimates Filtered in 00mn 24s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{79F428D2-8674-40B7-9F8A-98D4B7529CE1}" |In - Private - P6 - TRUE | .(...) -- C:\Users\jocelyne\Downloads\AviConverterSetup.exe (.not file.)
O87 - FAEL: "{2F1AF183-D55F-4B4B-99B7-00987E69D63E}" |In - Private - P17 - TRUE | .(...) -- C:\Users\jocelyne\Downloads\AviConverterSetup.exe (.not file.)
~ Firewall: 185 Legitimates Filtered in 00mn 01s
---\\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 2010-03-18 113152 | (ACDaemon) . (.ArcSoft Inc..) - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
SR - | Auto 2013-05-10 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 2013-08-20 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 2012-12-21 57008 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 2013-05-09 46808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 2011-08-30 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Auto 2010-10-24 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 2010-10-24 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 2005-04-03 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
SR - | Demand 2013-08-16 553288 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Demand 2013-02-04 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 2013-03-01 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SR - | Auto 2012-06-14 1151424 | (WDBackup) . (.Western Digital.) - C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe
SR - | Auto 2012-09-06 248248 | (WDDriveService) . (.Western Digital.) - C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe
SR - | Auto 2012-06-14 1177536 | (WDRulesService) . (.Western Digital.) - C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
SR - | Auto 2009-07-13 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 2009-07-13 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 01mn 07s
---\\ Scan Additionnel (O88)
Database Version : 12895 - (2013-09-09)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 2
Fichiers trouvés (Files found) : 29
[HKLM\Software\Google\Chrome\Extensions\licjnkifamhpbaefhdpacpmihicfbomb] =>Adware.PricePeep^
C:\Users\jocelyne\AppData\LocalLow\Softonic_France_FF =>Toolbar.Conduit
C:\Users\jocelyne\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb =>Adware.PricePeep
C:\Users\jocelyne\AppData\Local\Temp\BundleSweetIMSetup.exe =>PUP.SweetIM^
C:\Users\jocelyne\AppData\Local\Temp\cltmng.exe =>Toolbar.Conduit^
C:\Users\jocelyne\AppData\Local\Temp\conduitinstaller.exe =>Adware.Bloson^
C:\Users\jocelyne\AppData\Local\Temp\FFSetupSoftonic260.exe =>Toolbar.Conduit^
C:\Users\jocelyne\AppData\Local\Temp\GLF899F.tmp.ConduitEngineSetup.exe =>Toolbar.Conduit^
C:\Users\jocelyne\AppData\Local\Temp\MybabylonTB.exe =>Toolbar.Babylon^
C:\Users\jocelyne\AppData\Local\Temp\nsg7017.exe =>Toolbar.Conduit^
C:\Users\jocelyne\AppData\Local\Temp\nsmD6D8.exe =>Toolbar.Conduit^
C:\Users\jocelyne\AppData\Local\Temp\nsoCF70.tmp.tbProd.dll =>Toolbar.Conduit^
C:\Users\jocelyne\AppData\Local\Temp\nsqDE56.exe =>Toolbar.Conduit^
C:\Users\jocelyne\AppData\Local\Temp\nsr71CC.exe =>Toolbar.Conduit^
C:\Users\jocelyne\AppData\Local\Temp\Softonic_France_FF.exe =>Toolbar.Conduit^
C:\Users\jocelyne\AppData\Local\Temp\SPStub.exe =>Toolbar.Conduit^
C:\Users\jocelyne\AppData\Local\Temp\tbedrs.dll =>Toolbar.Conduit^
C:\Users\jocelyne\AppData\Local\Temp\tbSoft.dll =>Toolbar.Conduit^
C:\Users\jocelyne\AppData\Local\Temp\tbuTor.dll =>Toolbar.Conduit^
C:\Users\jocelyne\AppData\Local\Temp\ToolbarHelper.exe =>Toolbar.Conduit^
~ Additionnel Scan: 394556 Items scanned in 01mn 55s
---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/26611092-adware-bandoo =>Adware.Bandoo
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/32755958-adware-bloson =>Adware.Bloson
~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>Toolbar.Babylon
~ MSI: 6 link(s) detected in 01mn 55s
~ 2753 Legitimates filtered by white list
End of the scan (463 lines in 07mn 39s)(0)
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 651
10 sept. 2013 à 10:41
10 sept. 2013 à 10:41
Je n'ai pas demandé de rapport ZHPDiag.
joto26
Messages postés
6
Date d'inscription
lundi 9 septembre 2013
Statut
Membre
Dernière intervention
10 septembre 2013
10 sept. 2013 à 13:14
10 sept. 2013 à 13:14
désolé, voici le lien: https://pjjoint.malekal.com/files.php?id=ZHPDiag_20130910_f13h7x5h5r12
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 651
10 sept. 2013 à 14:10
10 sept. 2013 à 14:10
c'est tjrs un rapport ZHPDiag.
Lire et Appliquer ça : https://forums.commentcamarche.net/forum/affich-28681373-price-peep#1
Lire et Appliquer ça : https://forums.commentcamarche.net/forum/affich-28681373-price-peep#1
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
joto26
Messages postés
6
Date d'inscription
lundi 9 septembre 2013
Statut
Membre
Dernière intervention
10 septembre 2013
10 sept. 2013 à 14:31
10 sept. 2013 à 14:31
donc il y a quelque chose que je ne comprends pas
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 651
10 sept. 2013 à 15:17
10 sept. 2013 à 15:17
As-tu lu mon premier message?
