Erreur 403 refusé

marijon07 Messages postés 404 Date d'inscription   Statut Membre Dernière intervention   -  
buckhulk Messages postés 14914 Statut Contributeur -
Bonjour j'ai une erreur (HTTP 403 Refusé)sur 'Internet Explorer impossible de me connecter au site Web, 'il n'est pas autorisé à afficher la page Web.
Cela veut dire quoi ?
Je ne peux pas ouvrir mon site , sur lequel je travaille
Pouvez vous m'aider?
Je suis commerçante sur internet, en auto entrepreneur
C'est urgent
merci beaucoup
cordialement

9 réponses

  1. buckhulk Messages postés 14914 Statut Contributeur 1 757
     
    bonjour,
    virus surement mais tu peux déjà commencer par faire ÇA
    1
  2. marijon07 Messages postés 404 Date d'inscription   Statut Membre Dernière intervention   1
     
    Bonsoir Buckhulk , merci de ta gentillesse
    C'est effectivement un virus ''' Certified Toolbar qui est sur ma barre de navigation
    Je n'arrive pas a le supprimer
    Je suis novice en informatique
    Mais , j'ai un e-commerce , et tres ennuyée
    Je ne comprends pas , j'ai un pack anti-virus S F R .que je paie chaque mois
    Que dois je faire ?
    Pouvez vous m'aider?
    Merci de votre aide
    cordialement
    0
  3. buckhulk Messages postés 14914 Statut Contributeur 1 757
     
    bonsoir marijon
    Cela ne sert à rien leur pack antivirus , SFR , ORANGE, ou autre !
    c'est pour te prendre de l'argent !
    ton e-commerce c'est quoi ?
    si tu te sert de Paypal , je te donnerais aussi des conseils si tu le désires
    on va essayer de nettoyer ton PC si tu veux bien !

    fais moi pour commencer un ZHPDiag :
    ZHPDiag, outil de diagnostique comme son nom l'indique !
    il me permettra de voir les potentielles infections de ton PC

    ZHPDiag
    suis bien les instructions

    1) * Télécharge ZHPDiag (de Nicolas coolman) sur ton bureau !!

    >> ZHPDiag (de Nicolas coolman)
    Mirroir

    Si ton système d'exploitation est Vista ou Win7/8, lance les logiciels par simple clic droit et choisis "exécuter en tant qu'administrateur"

    a) * Une fois le téléchargement achevé,
    b) * double clique (ou clic droit pour seven , vista et 8 <ital>exécuter en tant qu'administrateur<:ital>) sur ZHPDiag2.exe et suis les instructions.
    c) *A l'ouverture le programme te proposes "Rechercher" et "Configurer" - Clique sur "Configurer"
    * Des icônes apparaissent en bas de la fenêtre.
    * Clique sur le tournevis en bas à droite et choisis "Tous" puis "OK"
    d) * L'outil va créer 3 icônes de racourcis : ZHPDiag >> ZHPFix >>MBRcheck

    2) * Maintenant clique sur "Rechercher".

    <ital>* Important >> Pendant l analyse de ton PC par ZHPDIag ne touche à plus rien !!!!!
    * Laisse l'outil travailler, il peut être assez long

    3) * Le rapport s'affiche sur ton Bureau une fois terminé !

    IMPORTANT
    les rapports étant trop long, les héberger :
    Tu peux fermer ZHPDiag

    Rappel des dépôts

    1 cjoint : Utilisation
    2 pjoint
    3 up2share
    4 FEC
    0
    1. marijon07 Messages postés 404 Date d'inscription   Statut Membre Dernière intervention   1
       
      Je n'arrive pas a t'envoyer le rapport , effectivement il est trop long
      Comment dois je faire que veut dire les héberger
      merci
      0
  4. marijon07 Messages postés 404 Date d'inscription   Statut Membre Dernière intervention   1
     
    Bonjour Buckhululk ,
    Merci énormément de ton aide qui me sera précieuse .
    Comme je t'ai dit j'ai une boutique en ligne qui marche doucement depuis 3 ans.
    site : nospetitszazous.fr
    Je n'arrive plus a ouvrir certain site pour mettre mes publicités comme vivastreet etc....
    Je vais essayer de suivre toutes tes indications , car je suis pas tres douée.
    J'aime ta petite phrase: Il y a toujours quelqu'un qui sait ce que tu ne sais pas .
    cordialement
    bonne journée
    0
    1. buckhulk Messages postés 14914 Statut Contributeur 1 757
       
      merci pour :
      J'aime ta petite phrase
      Tu sais moi non plus je ne suis pas "doué" comme certains ici , mais ce site a ça de bien , c'est que chacun peut apporter sa petite contribution car personne ne "sait" tout !!
      j'attend le rapport donc !
      0
    2. marijon07 Messages postés 404 Date d'inscription   Statut Membre Dernière intervention   1
       
      merci de ton aide voici mon rapport Rapport de ZHPDiag v2013.9.22.410 - Nicolas Coolman (22/09/2013)
      ~ Lancé par christiane (23/09/2013 15:45:20)
      ~ Adresse du Site Web https://nicolascoolman.webs.com/
      ~ Traduit par Nicolas Coolman
      ~ Etat de la version :
      ~ Liste blanche : Activée par le programme
      ~ Elévation des Privilèges : OK
      ~ User Account Control (UAC): Deactivate by user


      ---\\ Navigateurs Internet
      MSIE: Internet Explorer v10.0.9200.16686
      MFIE: Mozilla Firefox 24.0 (Defaut)
      OBIE: Safari v5.34.57.2

      ---\\ Informations sur les produits Windows
      ~ Langage: Français
      Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
      Windows Server License Manager Script : OK
      ~ Windows(R) 7, OEM_SLP channel
      System Locked Preinstallation (OEM_SLP) : OK
      Windows ID Activation : OK
      ~ Windows Partial Key : 3Q6C9
      Windows License : OK
      ~ Windows Remaining Initializations Number : 2
      Software Protection Service (Protection logicielle) : OK
      Windows Automatic Updates : OK
      Windows Activation Technologies : OK

      ---\\ Logiciels de protection du système
      Computer Security 12.56.100.0
      Pack Sécurité v1.57.391.0
      Pack Sécurité v1.57.391.0
      McAfee Security Scan Plus v3.0.318.3
      Windows Defender W7

      ---\\ Logiciels d'optimisation du système
      CCleaner v3.09 =>Piriform Ltd

      ---\\ Logiciels de partage PeerToPeer

      ---\\ Surveillance de Logiciels
      Adobe Flash Player 11 Plugin
      Adobe Reader X
      Java 7 Update 25

      ---\\ Informations sur le système
      ~ Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
      ~ Operating System: 64 Bits
      Boot mode: Normal (Normal boot)
      Total RAM: 3893 MB (49% free)
      System Restore: Activé (Enable)
      System drive C: has 817 GB (89%) free of 910 GB

      ---\\ Mode de connexion au système
      ~ Computer Name: CHRISTIANE-HP
      ~ User Name: christiane
      ~ All Users Names: HomeGroupUser$, christiane, Administrateur,
      ~ Unselected Option: None
      Logged in as Administrator

      ---\\ Variables d'environnement
      ~ System Unit : C:\
      ~ %AppData% : C:\Users\christiane\AppData\Roaming\
      ~ %Desktop% : C:\Users\christiane\Desktop\
      ~ %Favorites% : C:\Users\christiane\Favorites\
      ~ %LocalAppData% : C:\Users\christiane\AppData\Local\
      ~ %StartMenu% : C:\Users\christiane\AppData\Roaming\Microsoft\Windows\Start Menu\
      ~ %Windir% : C:\Windows\
      ~ %System% : C:\Windows\System32\

      ---\\ Enumération des unités disques
      C: Hard drive, Flash drive, Thumb drive (Free 817 Go of 910 Go)
      D: Hard drive, Flash drive, Thumb drive (Free 3 Go of 21 Go)
      E: CD-ROM drive (Not Inserted)
      F: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)



      ---\\ Etat du Centre de Sécurité Windows
      [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
      ~ Security Center: 38 Legitimates Filtered in 00mn 00s



      ---\\ Recherche particulière de fichiers génériques
      [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
      [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
      [MD5.AAFA952E774DDDB0956D3BDFAE5B5B99] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.10/08/2013 - 06:22:18.) -- C:\Windows\System32\wininet.dll [2241024]
      [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
      [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
      [MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
      [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
      [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
      [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
      [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
      [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
      [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
      [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
      [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
      [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
      [MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
      [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
      [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
      [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
      [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
      [MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
      ~ Generic Processes: Scanned in 00mn 00s



      ---\\ Etat des fichiers cachés (Caché/Total)
      ~ Mes images (My Pictures) : 2/296
      ~ Mes musiques (My Musics) : 19/2103
      ~ Mes Videos (My Videos) : 1/38
      ~ Mes Favoris (My Favorites) : 1/98
      ~ Mes Documents (My Documents) : 11/433
      ~ Mon Bureau (My Desktop) : 5/571
      ~ Menu demarrer (Programs) : 1/24
      ~ Hidden Files: Scanned in 00mn 10s



      ---\\ Processus lancés
      [MD5.8FA2C363521F1181C32C767F26F0B47E] - (.DigitalPersona, Inc. - DigitalPersona Local Agent.) -- C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe [625416] [PID.1788]
      [MD5.F44431CFD96428206039D3556311BF1B] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [19876968] [PID.2448]
      [MD5.BD713579A87D698E1F2158CE10E48130] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe [272248] [PID.2776]
      [MD5.17BE4BAEC3D4FE887BC5F446FEF4FD97] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files (x86)\SFR\Pack_Securite\fshoster32.exe [163536] [PID.2232]
      [MD5.B41552B522C101326A849641F4E823C2] - (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSM32.exe [311976] [PID.3048]
      [MD5.3E1E0A83941B0402330858B3851648EB] - (.Easybits - Software update notification.) -- C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1238016] [PID.3068]
      [MD5.9ACCBC5891BA51B5B29C1A88F80D4CE3] - (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe [421888] [PID.2848]
      [MD5.CE42DFE915F78246364D464902E47360] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.2508]
      [MD5.CE5C9977DA751DDC30952AC4DCBCA788] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208] [PID.3268]
      [MD5.B7F55E2AE978D3D34F7876EE5D689AAE] - (.CyberLink - YouCam Mirage.) -- C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe [136488] [PID.3900]
      [MD5.A9182CE59CFC56F9C1DDE8B3C0AE8378] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [274840] [PID.6088]
      [MD5.63DCE64797C64FB6110727B993440EA5] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8000512] [PID.5920]
      [MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1160]
      [MD5.4FE5C6D40664AE07BE5105874357D2ED] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [57008] [PID.1420]
      [MD5.CA793DCC1D5F619021EF1D37CC7A831E] - (.EasyBits Software AS - Shared EasyBits services for Windows.) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232] [PID.2140]
      [MD5.45303CDBC1FD8F8D371E726BF126F771] - (.F-Secure Corporation - F-Secure ORSP Service.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\CCF_Reputation\fsorsp.exe [60352] [PID.2316]
      [MD5.5AA89E152634954E15E9DB265C6A8557] - (.Pas de propriétaire - HPWMISVC Application.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [27192] [PID.2336]
      [MD5.7CF1B716372B89568AE4C0FE769F5869] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872] [PID.2376]
      [MD5.9281297DDEAB730CB2EBB27D74069BD3] - (.F-Secure Corporation - F-Secure Gatekeeper Handler 32-bit.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Anti-Virus\FSGK32.exe [621504] [PID.2384]
      [MD5.5E53CF8AD0FD33B35000C113656AB37B] - (.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2754984] [PID.2956]
      [MD5.E319535A8124F25C1C9C5288CACF3101] - (.TomTom - Windows Service for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [92632] [PID.3096]
      [MD5.F13DA74969897359A88F2A739F54A250] - (.Ulead Systems, Inc. - ULCDRSvr.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152] [PID.3144]
      [MD5.C2251C602EDFC49E71D13D660AB7F625] - (.F-Secure Corporation - F-Secure Management Agent.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSMA32.exe [213672] [PID.4228]
      [MD5.9CB3D8D519DB7A70A463387B8E9AD924] - (.F-Secure Corporation - F-Secure Scanner Manager 32-bit.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Anti-Virus\fssm32.exe [1039296] [PID.4548]
      [MD5.0955C23C041451FB4E7099D6B2CF1C06] - (.Hewlett-Packard Company - HP Software Framework WMI Service.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [988216] [PID.2576]
      ~ Processes Running: Scanned in 00mn 00s



      ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
      C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\prefs.js
      C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\user.js
      C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\prefs.js
      C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\user.js
      M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\ask-search.xml
      M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\Ask.xml
      M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\bingp.xml
      M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\delta.xml =>Toolbar.DeltaSearch
      M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\inbox-search.xml
      M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\search.xml
      M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\Search_Results.xml =>PUP.SearchResults
      M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\search_the_web.xml
      M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\Web Search.xml =>Parasite.Pugi
      M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\ask-search.xml
      M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\Ask.xml
      M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\bingp.xml
      M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\delta.xml =>Toolbar.DeltaSearch
      M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\inbox-search.xml
      M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\search.xml
      M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\Search_Results.xml =>PUP.SearchResults
      M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\search_the_web.xml
      M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\Web Search.xml =>Parasite.Pugi
      M3 - MFPP: Plugins - [christiane] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\Ask.xml
      M3 - MFPP: Plugins - [christiane] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\avg-secure-search.xml
      M3 - MFPP: Plugins - [christiane] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\babylon.xml =>Toolbar.Babylon
      M3 - MFPP: Plugins - [christiane] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\fcmdSrchadj.xml =>Adware.Facemoods
      M3 - MFPP: Plugins - [christiane] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\Search_Results.xml =>PUP.SearchResults
      M3 - MFPP: Plugins - [christiane] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\Web Search.xml =>Parasite.Pugi
      M0 - MFSP: prefs.js [christiane - Solo_912457] http://ww7.certified-toolbar.com =>PUP.CertifiedToolbar
      M2 - MFEP: prefs.js [christiane - mnsyx3xp.default\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}] [] uTorrentBar_FR v10.20.0.513 (..) =>P2P.µTorrent
      M2 - MFEP: prefs.js [christiane - Solo_912457\inboxcomtoolbar@inbox.com] [] Inbox Toolbar v (..)
      M2 - MFEP: prefs.js [christiane - Solo_912457\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}] [] uTorrentBar_FR v10.16.70.505 (..) =>P2P.µTorrent
      M2 - MFEP: prefs.js [christiane - Solo_912457\{3d86a75b-cb6b-4764-885d-ca6336f04ba2}] [] Movies Toolbar (Dist. by Bandoo Media, Inc.) v1.6.2.0 (..) =>Adware.Bandoo
      M2 - MFEP: prefs.js [christiane - Solo_912457\{F008E9D6-2FF2-E796-08BA-80504C331C97}] [] New tab v5.0.0.9178 (..)
      ~ Firefox Browser: 50 Legitimates Filtered in 00mn 01s



      ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
      R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://ww7.certified-toolbar.com =>PUP.CertifiedToolbar
      R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ww7.certified-toolbar.com =>PUP.CertifiedToolbar
      ~ IE Browser: 14 Legitimates Filtered in 00mn 00s



      ---\\ Internet Explorer, Proxy Management (R5)
      R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>
      R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
      R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
      R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
      R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
      R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
      R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
      R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
      R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
      ~ Proxy management: Scanned in 00mn 00s



      ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
      F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,
      F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
      F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
      ~ Keys: Scanned in 00mn 00s



      ---\\ Hosts file redirection (O1)
      ~ Le fichier hosts est sain (The hosts file is clean).
      ~ Hosts File: Scanned in 00mn 00s
      ~ Nombre de lignes (Lines number): 0



      ---\\ Internet Explorer Toolbars (O3)
      O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
      O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{D4027C7F-154A-4066-A1AD-4243D8127440} Clé orpheline
      O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{EEE6C35B-6118-11DC-9C72-001320C79847} Clé orpheline
      O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{BA14329E-9550-4989-B3F2-9732E92D17CC} Clé orpheline
      ~ Toolbar: Scanned in 00mn 00s



      ---\\ Autres liens utilisateurs (O4)
      O4 - GS\Desktop [Public]: Ulead VideoStudio SE DVD.lnk . (.Ulead Systems, Inc. - Ulead VideoStudio.) -- C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\vstudio.exe
      O4 - GS\Program [Public]: HP SimplePass Identity Protection.lnk . (.DigitalPersona, Inc. - User Dashboard.) -- C:\Program Files (x86)\DigitalPersona\Bin\DPUserConsole.exe
      O4 - GS\Program [Public]: Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
      O4 - GS\QuickLaunch [christiane]: Apple Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
      O4 - GS\QuickLaunch [christiane]: Light Image Resizer 4.lnk . (.ObviousIdea SARL - ImageResizer.) -- C:\Program Files (x86)\ObviousIdea\Image Resizer 4\Resize.exe
      O4 - GS\TaskBar [christiane]: HP MediaSmart.lnk . (...) -- C:\Program Files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (.not file.)
      O4 - GS\TaskBar [christiane]: OpenOffice 4.0.0.lnk . (.Apache Software Foundation - OpenOffice 4.0.0.) -- C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
      O4 - GS\TaskBar [christiane]: Power2Go.lnk . (.CyberLink Corp. - Power2Go.) -- C:\Program Files (x86)\CyberLink\Power2Go\Power2Go.exe
      O4 - GS\Desktop [christiane]: Images - Raccourci.lnk . (...) -- C:\Users\christiane\AppData\Roaming\Microsoft\Windows\Libraries\Pictures.library-ms
      O4 - GS\Desktop [christiane]: Light Image Resizer 4.lnk . (.ObviousIdea SARL - ImageResizer.) -- C:\Program Files (x86)\ObviousIdea\Image Resizer 4\Resize.exe
      O4 - GS\Desktop [christiane]: Téléchargements - Raccourci.lnk . (...) -- C:\Users\christiane\Downloads
      ~ Global Startup: 75 Legitimates Filtered in 00mn 02s



      ---\\ Applications lancées au démarrage du sytème (O4)
      O4 - GS\Startup [Public]: McAfee Security Scan Plus.lnk . (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
      O4 - GS\Startup [christiane]: Alertes de surveillance de l'encre - HP Photosmart 5520 series (réseau).lnk . (.Hewlett-Packard Co. - Print Driver Status Business Logic.) -- C:\Program Files\HP\HP Photosmart 5520 series\bin\HPStatusBL.dll =>.Hewlett-Packard Co
      O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
      O4 - HKCU\..\Run: [SSync] . (.Pas de propriétaire - Lua Launcher.) -- C:\Users\christiane\AppData\Roaming\SSync\SSync.exe
      O4 - HKCU\..\Run: [DataMgr] . (.HTTO Group, Ltd. - Updater.) -- C:\Users\christiane\AppData\Roaming\DataMgr\DataMgr.exe
      O4 - HKCU\..\Run: [SCheck] . (.Pas de propriétaire - Lua Launcher.) -- C:\Users\christiane\AppData\Roaming\SCheck\SCheck.exe
      O4 - HKCU\..\Run: [Intermediate] . (.Pas de propriétaire - Lua Launcher.) -- C:\Users\christiane\AppData\Roaming\Intermediate\Intermediate.exe
      O4 - HKCU\..\Run: [HP Photosmart 5520 series (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe =>.Hewlett-Packard Co
      O4 - HKLM\..\Wow6432Node\Run: [Tutorials] Clé orpheline =>Spyware.AgenceExclusive
      O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
      O4 - HKLM\..\Wow6432Node\Run: [F-Secure Hoster (44996)] . (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files (x86)\SFR\Pack_Securite\fshoster32.exe
      O4 - HKLM\..\Wow6432Node\Run: [F-Secure Manager] . (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSM32.exe
      O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
      O4 - HKLM\..\Wow6432Node\Run: [Magic Desktop for HP notification] . (.Easybits - Software update notification.) -- C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe
      O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
      O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
      O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
      O4 - HKLM\..\Wow6432Node\Run: [Search Protection] C:\ProgramData\Search Protection\SearchProtection.exe (.not file.) =>Toolbar.Conduit
      O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
      O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
      O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
      O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
      O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
      O4 - HKUS\S-1-5-21-518999118-2613084225-3299785174-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
      O4 - HKUS\S-1-5-21-518999118-2613084225-3299785174-1001\..\Run: [SSync] . (.Pas de propriétaire - Lua Launcher.) -- C:\Users\christiane\AppData\Roaming\SSync\SSync.exe
      O4 - HKUS\S-1-5-21-518999118-2613084225-3299785174-1001\..\Run: [DataMgr] . (.HTTO Group, Ltd. - Updater.) -- C:\Users\christiane\AppData\Roaming\DataMgr\DataMgr.exe
      O4 - HKUS\S-1-5-21-518999118-2613084225-3299785174-1001\..\Run: [SCheck] . (.Pas de propriétaire - Lua Launcher.) -- C:\Users\christiane\AppData\Roaming\SCheck\SCheck.exe
      O4 - HKUS\S-1-5-21-518999118-2613084225-3299785174-1001\..\Run: [Intermediate] . (.Pas de propriétaire - Lua Launcher.) -- C:\Users\christiane\AppData\Roaming\Intermediate\Intermediate.exe
      O4 - HKUS\S-1-5-21-518999118-2613084225-3299785174-1001\..\Run: [HP Photosmart 5520 series (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe =>.Hewlett-Packard Co
      ~ Application: Scanned in 00mn 00s



      ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
      O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 [64Bits] - {bd707fe6-39f6-4bda-9265-86a76719bdc5} . (...) -- C:\Program Files\Motorola\Bluetooth\bluetooth.ico
      ~ IE Extra Buttons: Scanned in 00mn 00s



      ---\\ Modification Domaine/Adresses DNS (O17)
      O17 - HKLM\System\CCS\Services\Tcpip\..\{10D298AE-28D8-47DB-BCD9-79E8A30A61C3}: DhcpNameServer = 192.168.1.1
      O17 - HKLM\System\CCS\Services\Tcpip\..\{A74BB713-CB40-42EA-8826-CACEAC0BF685}: DhcpNameServer = 192.168.1.254
      O17 - HKLM\System\CCS\Services\Tcpip\..\{A74BB713-CB40-42EA-8826-CACEAC0BF685}: DhcpDomain = lan
      O17 - HKLM\System\CS1\Services\Tcpip\..\{10D298AE-28D8-47DB-BCD9-79E8A30A61C3}: DhcpNameServer = 192.168.1.1
      O17 - HKLM\System\CS1\Services\Tcpip\..\{A74BB713-CB40-42EA-8826-CACEAC0BF685}: DhcpNameServer = 192.168.1.254
      O17 - HKLM\System\CS1\Services\Tcpip\..\{A74BB713-CB40-42EA-8826-CACEAC0BF685}: DhcpDomain = lan
      O17 - HKLM\System\CS2\Services\Tcpip\..\{10D298AE-28D8-47DB-BCD9-79E8A30A61C3}: DhcpNameServer = 192.168.1.1
      O17 - HKLM\System\CS2\Services\Tcpip\..\{A74BB713-CB40-42EA-8826-CACEAC0BF685}: DhcpNameServer = 192.168.1.254
      O17 - HKLM\System\CS2\Services\Tcpip\..\{A74BB713-CB40-42EA-8826-CACEAC0BF685}: DhcpDomain = lan
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
      ~ Domain: Scanned in 00mn 00s



      ---\\ Protocole additionnel (O18)
      O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
      O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
      ~ Protocole Additionnel: Scanned in 00mn 00s



      ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
      O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
      ~ Winlogon: Scanned in 00mn 00s



      ---\\ Tâches planifiées en automatique (O39)
      [MD5.00000000000000000000000000000000] [APT] [Ad-Aware Antivirus Scheduled Scan] (...) -- C:\Program Files (x86)\AD-AWA~1\AdAwareLauncher.exe (.not file.) [0]
      [MD5.00000000000000000000000000000000] [APT] [{656E54B0-04F7-4599-B862-9787DD084E3A}] (...) -- C:\Users\christiane\Downloads\nero-7_nero_7.11.6.0_mise_a_jour_francais_10297.exe (.not file.) [0]
      [MD5.00000000000000000000000000000000] [APT] [{802AAF1F-9073-4B83-A60C-C929ADEB853F}] (...) -- C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\uninstbb.exe (.not file.) [0] =>Toolbar.Babylon
      [MD5.00000000000000000000000000000000] [APT] [{A14BDE4C-8383-4989-ADF2-2C4B1800B080}] (...) -- C:\Users\christiane\Local Settings\Application Data\Bundled software uninstaller\biclient.exe (.not file.) [0] =>Adware.MegaSearch
      [MD5.00000000000000000000000000000000] [APT] [{A4C9CB56-7F21-4469-8628-BCB9B24792A0}] (...) -- E:\sources\Photosmart 8000-slp_dd_hathi_110_017.exe (.not file.) [0]
      [MD5.00000000000000000000000000000000] [APT] [{B2A9761E-2C2A-45F1-8435-6C3FDEE32360}] (...) -- E:\TROUBLESHOOT\INSTMSIA.exe (.not file.) [0]
      [MD5.00000000000000000000000000000000] [APT] [{D6A90C27-B68F-4242-B8B2-9819C53AF0D5}] (...) -- E:\sources\Photosmart 8000-ConvergedIO_HPCOM_V3.exe (.not file.) [0]
      ~ Scheduled Task: 18 Legitimates Filtered in 00mn 06s



      ---\\ HKCU & HKLM Software Keys
      [HKCU\Software\5f0daddbc68b942]
      [HKCU\Software\APN DTX]
      [HKCU\Software\BI]
      [HKCU\Software\BabylonToolbar] =>Toolbar.Babylon
      [HKCU\Software\Blabbers] =>PUP.Blabbers
      [HKCU\Software\Conduit] =>Toolbar.Conduit
      [HKCU\Software\Cr_Installer] =>PUP.CrossRider
      [HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr
      [HKCU\Software\HTTOGroup]
      [HKCU\Software\Iminent] =>Adware.IMBooster
      [HKCU\Software\InstallCore] =>Adware.InstallCore
      [HKCU\Software\OfferMosquito] =>Toolbar.OfferMosquito
      [HKCU\Software\Protector]
      [HKCU\Software\Softonic] =>Toolbar.Conduit
      [HKCU\Software\SpeedMaxPc] =>PUP.SpeedMaxPc
      [HKCU\Software\SweetIM] =>PUP.SweetIM
      [HKCU\Software\Tuto4PC] =>PUP.Eorezo
      [HKCU\Software\TutoTag] =>Spyware.AgenceExclusive
      [HKCU\Software\Tutorials] =>Spyware.AgenceExclusive
      [HKCU\Software\YahooPartnerToolbar] =>Toolbar.Yahoo
      [HKCU\Software\delta LTD]
      [HKCU\Software\iLivid] =>Adware.Bandoo
      [HKCU\Software\fAfvfSfP [fVf#f" fEfBfU [fh'Å ¶ ¬'³'ê'½f [fJf< fAfvfSfP [fVf#f"]
      [HKLM\Software\Tarma Installer] =>Toolbar.Tarma
      [HKLM\Software\Wow6432Node\5f0daddbc68b942]
      [HKLM\Software\Wow6432Node\AskTBar]
      [HKLM\Software\Wow6432Node\Babylon] =>Toolbar.Babylon
      [HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit
      [HKLM\Software\Wow6432Node\Datamngr] =>PUP.Datamngr
      [HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
      [HKLM\Software\Wow6432Node\IncrediMail]
      [HKLM\Software\Wow6432Node\SpeedMaxPc] =>PUP.SpeedMaxPc
      [HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
      [HKLM\Software\Wow6432Node\Youyan]
      [HKLM\Software\Wow6432Node\babylontoolbar] =>Toolbar.Babylon
      [HKLM\Software\Wow6432Node\iLividSRTB] =>Adware.Bandoo
      ~ Key Software: 302 Legitimates Filtered in 00mn 00s



      ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
      O43 - CFD: 17/10/2012 - 11:43:18 - [1,827] ----D C:\Program Files (x86)\Conduit
      O43 - CFD: 08/09/2013 - 20:58:28 - [0] ----D C:\Program Files (x86)\PC Cleaner =>USP.PCCleaner
      O43 - CFD: 19/06/2013 - 14:49:29 - [0,050] ----D C:\Program Files (x86)\Common Files\Spigot =>PUP.Dealio
      O43 - CFD: 17/08/2013 - 12:27:29 - [0] ----D C:\ProgramData\APN
      O43 - CFD: 11/10/2012 - 10:02:48 - [0] ----D C:\ProgramData\Ask
      O43 - CFD: 03/04/2013 - 17:00:05 - [0] ----D C:\ProgramData\Babylon =>Toolbar.Babylon
      O43 - CFD: 01/09/2013 - 10:59:04 - [0] ----D C:\ProgramData\Browser Manager
      O43 - CFD: 11/09/2013 - 15:13:14 - [0] ----D C:\ProgramData\SpeedMaxPc =>PUP.SpeedMaxPc
      O43 - CFD: 17/10/2012 - 11:34:38 - [0,281] ----D C:\ProgramData\Tarma Installer =>Toolbar.Tarma
      O43 - CFD: 03/04/2013 - 17:00:05 - [0,009] ----D C:\Users\christiane\AppData\Roaming\Babylon =>Toolbar.Babylon
      O43 - CFD: 18/03/2012 - 11:14:35 - [0,002] ----D C:\Users\christiane\AppData\Roaming\com.socialbox.socialbox
      O43 - CFD: 19/06/2013 - 15:51:58 - [0,161] ----D C:\Users\christiane\AppData\Roaming\DataMgr
      O43 - CFD: 11/09/2013 - 15:05:02 - [0] ----D C:\Users\christiane\AppData\Roaming\SpeedMaxPc =>PUP.SpeedMaxPc
      O43 - CFD: 20/03/2013 - 09:21:15 - [0] ----D C:\Users\christiane\AppData\Local\Conduit
      O43 - CFD: 10/09/2013 - 09:51:28 - [0,005] ----D C:\Users\christiane\AppData\Local\iLivid =>Adware.Bandoo
      ~ 357 Dossiers CLSID vides (CLSID Empty Folders)
      ~ Program Folder: 632 Legitimates Filtered in 01mn 41s



      ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
      O44 - LFC:[MD5.E1ECC27DD412B33318CD46CD5C77A6D2] - 17/09/2013 - 07:05:08 ---A- . (...) -- C:\Windows\IE10_main.log [1347]
      O44 - LFC:[MD5.1B2CE85F36F5BB6DEC7AE685978DB825] - 10/09/2013 - 08:57:42 ---A- . (.Pas de propriétaire - Toolbar_Exe_Launcher_Form.) -- C:\Windows\Launcher.exe [32328]
      ~ Files: 144 Legitimates Filtered in 00mn 58s



      ---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
      O45 - LFCP:[MD5.FA4EB479B10BF167AA7FD14B1D8210EC] - 23/09/2013 - 08:55:26 ---A- - C:\Windows\Prefetch\TRIGGER.EXE-041875CA.pf
      O45 - LFCP:[MD5.0A7DEBCB1EA2F2E5F99B72E5C74C37E4] - 23/09/2013 - 10:20:48 ---A- - C:\Windows\Prefetch\IEUNATT.EXE-94DA8E02.pf
      O45 - LFCP:[MD5.A67FA94F28BE71844BE22D888669B51D] - 23/09/2013 - 14:42:54 ---A- - C:\Windows\Prefetch\FSADMINSETTINGS.EXE-740AA57D.pf
      ~ Prefetcher: 92 Legitimates Filtered in 00mn 01s



      ---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
      O51 - MPSK:{e5f3d40e-cf88-11e2-9979-643150592632}\AutoRun\command. (...) -- G:\DPFMate.exe (.not file.)
      ~ Keys: Scanned in 00mn 00s



      ---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
      O53 - SMSR:HKLM\...\startupreg\Badoo Desktop [Key] . (...) -- C:\ProgramData\Badoo\Badoo desktop\1.6.48.1082\Badoo.desktop.exe (.not file.)
      O53 - SMSR:HKLM\...\startupreg\Browser companion helper [Key] . (...) -- C:\Program Files (x86)\BrowserCompanion\BCHelper.exe (.not file.) =>PUP.Blabbers
      O53 - SMSR:HKLM\...\startupreg\offerbox [Key] . (...) -- C:\Program Files (x86)\OfferBox\OfferBox.exe (.not file.) =>PUP.OfferBox
      ~ SMSR Keys: 26 Legitimates Filtered in 00mn 00s



      ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
      O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
      O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
      O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
      O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
      ~ MWPS: 19 Legitimates Filtered in 00mn 00s



      ---\\ Liste des pilotes du système (SDL) (O58)
      O58 - SDL:[MD5.9573E8C7C3B3D1625FD941841FD0859C] - 24/06/2010 - 21:32:52 . (.Windows (R) Win 7 DDK provider - CyberLink WebCam Virtual Driver.) -- C:\Windows\System32\Drivers\clwvd.sys [32880]
      O58 - SDL:[MD5.343786E182B9C9AE3066E00DEC650F50] - 27/02/2013 - 21:37:16 ---A- . (...) -- C:\Windows\SysWOW64\drivers\fsbts.sys [42672]
      ~ Drivers: 19 Legitimates Filtered in 00mn 00s



      ---\\ Liste des outils de désinfection (LATC) (O63)
      O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
      ~ ADS: Scanned in 00mn 00s



      ---\\ Menu de démarrage Internet (SMI) (O68)
      O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
      O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
      O68 - StartMenuInternet: <Safari.exe> <Safari>[HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe
      O68 - StartMenuInternet: <Torch> <>[HKLM\..\Shell\open\Command] (.Not Key.)
      ~ Keys: Scanned in 00mn 00s



      ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_TMP_city", "BOULOGNE-BILLANCOURT");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_TMP_country", "FR");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_country", "FRANCE");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_locId", "FRXX0281");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_location", "Boulogne-Billancourt, France");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_region", "FR");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_temp_dis", "c");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_wind_dis", "kmh");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.weatherData", "{\"icon\":\"28.png\",\"temperature\":\"19ÃfÆ'ââ'¬Å¡Ãfâ€sÃ'°C\",\"temperatureClear\":[...]
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.Facebook_Mode.enc", "Mg==");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.Facebook_User_Locale.enc", "ZnI=");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.Facebook_ctid_Connect_send_new.enc", "c2VuZGVk");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.FirstTime", "true");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.FirstTimeFF3", "true");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.PG_ENABLE", "dHJ1ZQ==");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.PG_ENABLE.enc", "dHJ1ZQ==");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.SF_JUST_INSTALLED.enc", "RkFMU0U=");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.SF_STATUS.enc", "RU5BQkxFRA==");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.SearchAppState.enc", "Mg==");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2851639&SearchSource=2&CUI=UN8451[...]
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.UserID", "UN84510811223764668");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.addressBarTakeOverEnabledInHidden", "true");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.browser.search.defaultthis.engineName", true);
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.countryCode", "FR");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.embeddedsData", "[{\"appId\":\"129351529700743801\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFra[...]
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.enableFix404ByUser", "FALSE");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.firstTimeDialogOpened", "true");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.fixPageNotFoundErrorByUser", "TRUE");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.fixPageNotFoundErrorInHidden", "true");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.fixUrls", true);
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.fullUserID", "UN84510811223764668.UP.20130710092159");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.homepageuserchanged", true);
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.installType", "Unknown");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.isCheckedStartAsHidden", true);
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.isFirstTimeToolbarLoading", "false");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.keyword", true);
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"http://search.conduit.com/?ctid=CT2851639&octid=CT2[...]
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.lastVersion", "10.16.4.519");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appStateReportTime.enc", "MTM3NDY0NDU4MDE2Ng==");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appState_CouponBuddy.enc", "b2Zm");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appState_Easytobook.enc", "b2Zm");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appState_Easytobook_targeted.enc", "b2Zm");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appState_PriceGong.enc", "b2Zm"); =>Adware.PriceGong
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appState_WindowShopper.enc", "b2Zm");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY2[...]
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_calledSetupService.enc", "MQ==");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IkVhc3l0b2Jvb2tfdGFyZ2V0ZWQiLCJjcml0ZXJpYXMiOlt7I[...]
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_currentVersion.enc", "MS45LjAuNA==");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_eventsCache.enc", "eyI5NjliYmQwZi00N2M5LTQ0MmMtOGZjMy0yZmYzZmRmODg4M2YiOnsidG9waWMiOiJzZW5kVXNhZ2UiLCJ[...]
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_existingUsersRecoveryDone.enc", "MQ==");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_first_time.enc", "MQ==");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_gadgetOpen.enc", "MA==");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_installer_preapproved.enc", "RkFMU0U=");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_lastLoginTime.enc", "MTM3NDY0NDU4MDA5MQ==");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_localization.enc", "eyJkbWJveDEiOnsiVGV4dCI6IlByb21vXG5kdSBqb3VyIn0sImRtYm94MiI6eyJUZXh0IjoiTGl2cmFpc2[...]
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_mamEnabled.enc", "ZmFsc2U=");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_settings1.8.0.4.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNDZfMCI[...]
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_settings1.9.0.4.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiODRfMCI[...]
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_showCloseButton.enc", "dHJ1ZQ==");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_userId.enc", "ZmE4MjQ2MDEtYjNhMi00MzA0LTg3YWEtMDdjNjNiNDkyZjMz");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_user_approval_interacted.enc", "MQ==");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.migrateAppsAndComponents", true);
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"http%3A%2F%2Fwww.pmu.fr%2F\",\"EB_M[...]
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.originalSearchAddressUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2851639&SearchSource=2&CUI=UN845[...]
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.price-gong.isManagedApp", "true");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.search.searchAppId", "129351529700743801");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.search.searchCount", "0");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.searchFromAddressBarEnabledByUser", "true");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.searchInNewTabEnabledByUser", "true");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.searchInNewTabEnabledInHidden", "true");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.searchSuggestEnabledByUser", "true");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.searchUserMode", "1");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2851639\"}");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"http://uTorrent[...] =>P2P.µTorrent
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"uTorrentBar_FR\[...] =>P2P.µTorrent
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_Configuration_lastUpdate", "1374608463592");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1374506502179");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_appsMetadata_lastUpdate", "1374607447166");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1374569734926");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_location_lastUpdate", "1373313893003");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_login_10.15.0.562_lastUpdate", "1369339416564");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_login_10.16.2.509_lastUpdate", "1373384040933");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_login_10.16.4.519_lastUpdate", "1374644697280");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1374569734975");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_searchAPI_lastUpdate", "1374608463436");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_serviceMap_lastUpdate", "1374608463334");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_setupAPI_lastUpdate", "1366088608892");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_toolbarContextMenu_lastUpdate", "1374569734973");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_toolbarSettings_lastUpdate", "1374644697402");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_translation_lastUpdate", "1374608463465");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.settingsINI", true);
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.showToolbarPermission", "false");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.smartbar.CTID", "CT2851639"); =>Hijacker.SmartBar
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.smartbar.Uninstall", "0"); =>Hijacker.SmartBar
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.smartbar.homepage", true); =>Hijacker.SmartBar
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.smartbar.toolbarName", "uTorrentBar_FR "); =>Hijacker.SmartBar
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.toolbarBornServerTime", "15-4-2013");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.toolbarCurrentServerTime", "24-7-2013");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.toolbarDisabled", "true");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.toolbarLoginClientTime", "Tue Apr 16 2013 07:03:28 GMT+0200");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1374644576147,\"isWithState\"[...]
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("Smartbar.ConduitHomepagesList", "http://search.conduit.com/?ctid=CT2851639&SearchSource=13&CUI=UN84510811223764668&UM=1[...] =>Hijacker.SmartBar
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("Smartbar.ConduitSearchEngineList", "uTorrentBar_FR Customized Web Search"); =>Hijacker.SmartBar
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("Smartbar.ConduitSearchUrlList", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2851639&SearchSource=2&CUI=UN84510811[...] =>Hijacker.SmartBar
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("browser.search.defaultengine", "Web Search");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("browser.search.order.1", "Web Search");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.crossrider.bic", "13e1139e0f29abf200aa21fbab394007"); =>PUP.CrossRider
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.admin", false);
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.aflt", "babsst");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.autoRvrt", "false");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.bbDpng", "16");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.cntry", "FR");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.dfltLng", "en");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.excTlbr", false);
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.hdrMd5", "40E87F75823456273CECCC3FC445D3B0");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.id", "46448de3000000000000e02a8211ef36");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.instlDay", "15798");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.instlRef", "sst");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.lastVrsnTs", "1.8.10.017:00:25");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.newTab", false);
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.prdct", "delta");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.prtnrId", "delta");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.rvrt", "false");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.sg", "azb");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.smplGrp", "none");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.tlbrId", "base");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.tlbrSrchUrl", "");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.vrsn", "1.8.10.0");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.vrsnTs", "1.8.10.017:00:25");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.vrsni", "1.8.10.0");
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("smartbar.conduitHomepageList", "http://search.conduit.com/?ctid=CT2851639&SearchSource=13&CUI=UN84510811223764668&UM=1"[...] =>Hijacker.SmartBar
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("smartbar.conduitSearchAddressUrlList", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2851639&SearchSource=2&CUI=UN8[...] =>Hijacker.SmartBar
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.RevertDialog.enable", "false"); =>PUP.SweetIM
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true"); =>PUP.SweetIM
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "0"); =>PUP.SweetIM
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.Visibility.enable", "true"); =>PUP.SweetIM
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.Visibility.intervaldays", "7"); =>PUP.SweetIM
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true"); =>PUP.SweetIM
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.cda.HideOveride.enable", "true"); =>PUP.SweetIM
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true"); =>PUP.SweetIM
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.cda.returnValue", "disable"); =>PUP.SweetIM
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.0.enable", "true"); =>PUP.SweetIM
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js"); =>PUP.SweetIM
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.0.height", "335"); =>PUP.SweetIM
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog"); =>PUP.SweetIM
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;"); =>PUP.SweetIM
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.0.url", "http://www.sweetim.com/simffbar/options_remote_ff.asp?lang=$locale_id;&toolbar_version[...] =>PUP.SweetIM
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.0.width", "761"); =>PUP.SweetIM
      O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.1.enable", "true&
      0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. marijon07 Messages postés 404 Date d'inscription   Statut Membre Dernière intervention   1
     
    merci voici mon rapport
    J'espere pouvoir me dépanner Rapport de ZHPDiag v2013.9.22.410 - Nicolas Coolman (22/09/2013)
    ~ Lancé par christiane (23/09/2013 15:45:20)
    ~ Adresse du Site Web https://nicolascoolman.webs.com/
    ~ Traduit par Nicolas Coolman
    ~ Etat de la version :
    ~ Liste blanche : Activée par le programme
    ~ Elévation des Privilèges : OK
    ~ User Account Control (UAC): Deactivate by user

    ---\\ Navigateurs Internet
    MSIE: Internet Explorer v10.0.9200.16686
    MFIE: Mozilla Firefox 24.0 (Defaut)
    OBIE: Safari v5.34.57.2

    ---\\ Informations sur les produits Windows
    ~ Langage: Français
    Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
    Windows Server License Manager Script : OK
    ~ Windows(R) 7, OEM_SLP channel
    System Locked Preinstallation (OEM_SLP) : OK
    Windows ID Activation : OK
    ~ Windows Partial Key : 3Q6C9
    Windows License : OK
    ~ Windows Remaining Initializations Number : 2
    Software Protection Service (Protection logicielle) : OK
    Windows Automatic Updates : OK
    Windows Activation Technologies : OK

    ---\\ Logiciels de protection du système
    Computer Security 12.56.100.0
    Pack Sécurité v1.57.391.0
    Pack Sécurité v1.57.391.0
    McAfee Security Scan Plus v3.0.318.3
    Windows Defender W7

    ---\\ Logiciels d'optimisation du système
    CCleaner v3.09 =>Piriform Ltd

    ---\\ Logiciels de partage PeerToPeer

    ---\\ Surveillance de Logiciels
    Adobe Flash Player 11 Plugin
    Adobe Reader X
    Java 7 Update 25

    ---\\ Informations sur le système
    ~ Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
    ~ Operating System: 64 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 3893 MB (49% free)
    System Restore: Activé (Enable)
    System drive C: has 817 GB (89%) free of 910 GB

    ---\\ Mode de connexion au système
    ~ Computer Name: CHRISTIANE-HP
    ~ User Name: christiane
    ~ All Users Names: HomeGroupUser$, christiane, Administrateur,
    ~ Unselected Option: None
    Logged in as Administrator

    ---\\ Variables d'environnement
    ~ System Unit : C:\
    ~ %AppData% : C:\Users\christiane\AppData\Roaming\
    ~ %Desktop% : C:\Users\christiane\Desktop\
    ~ %Favorites% : C:\Users\christiane\Favorites\
    ~ %LocalAppData% : C:\Users\christiane\AppData\Local\
    ~ %StartMenu% : C:\Users\christiane\AppData\Roaming\Microsoft\Windows\Start Menu\
    ~ %Windir% : C:\Windows\
    ~ %System% : C:\Windows\System32\

    ---\\ Enumération des unités disques
    C: Hard drive, Flash drive, Thumb drive (Free 817 Go of 910 Go)
    D: Hard drive, Flash drive, Thumb drive (Free 3 Go of 21 Go)
    E: CD-ROM drive (Not Inserted)
    F: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)

    ---\\ Etat du Centre de Sécurité Windows
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
    ~ Security Center: 38 Legitimates Filtered in 00mn 00s

    ---\\ Recherche particulière de fichiers génériques
    [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
    [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
    [MD5.AAFA952E774DDDB0956D3BDFAE5B5B99] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.10/08/2013 - 06:22:18.) -- C:\Windows\System32\wininet.dll [2241024]
    [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
    [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
    [MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
    [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
    [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
    [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
    [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
    [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
    [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
    [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
    [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
    [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
    [MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
    [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
    [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
    [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
    [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
    [MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
    ~ Generic Processes: Scanned in 00mn 00s

    ---\\ Etat des fichiers cachés (Caché/Total)
    ~ Mes images (My Pictures) : 2/296
    ~ Mes musiques (My Musics) : 19/2103
    ~ Mes Videos (My Videos) : 1/38
    ~ Mes Favoris (My Favorites) : 1/98
    ~ Mes Documents (My Documents) : 11/433
    ~ Mon Bureau (My Desktop) : 5/571
    ~ Menu demarrer (Programs) : 1/24
    ~ Hidden Files: Scanned in 00mn 10s

    ---\\ Processus lancés
    [MD5.8FA2C363521F1181C32C767F26F0B47E] - (.DigitalPersona, Inc. - DigitalPersona Local Agent.) -- C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe [625416] [PID.1788]
    [MD5.F44431CFD96428206039D3556311BF1B] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [19876968] [PID.2448]
    [MD5.BD713579A87D698E1F2158CE10E48130] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe [272248] [PID.2776]
    [MD5.17BE4BAEC3D4FE887BC5F446FEF4FD97] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files (x86)\SFR\Pack_Securite\fshoster32.exe [163536] [PID.2232]
    [MD5.B41552B522C101326A849641F4E823C2] - (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSM32.exe [311976] [PID.3048]
    [MD5.3E1E0A83941B0402330858B3851648EB] - (.Easybits - Software update notification.) -- C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1238016] [PID.3068]
    [MD5.9ACCBC5891BA51B5B29C1A88F80D4CE3] - (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe [421888] [PID.2848]
    [MD5.CE42DFE915F78246364D464902E47360] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.2508]
    [MD5.CE5C9977DA751DDC30952AC4DCBCA788] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208] [PID.3268]
    [MD5.B7F55E2AE978D3D34F7876EE5D689AAE] - (.CyberLink - YouCam Mirage.) -- C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe [136488] [PID.3900]
    [MD5.A9182CE59CFC56F9C1DDE8B3C0AE8378] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [274840] [PID.6088]
    [MD5.63DCE64797C64FB6110727B993440EA5] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8000512] [PID.5920]
    [MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1160]
    [MD5.4FE5C6D40664AE07BE5105874357D2ED] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [57008] [PID.1420]
    [MD5.CA793DCC1D5F619021EF1D37CC7A831E] - (.EasyBits Software AS - Shared EasyBits services for Windows.) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232] [PID.2140]
    [MD5.45303CDBC1FD8F8D371E726BF126F771] - (.F-Secure Corporation - F-Secure ORSP Service.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\CCF_Reputation\fsorsp.exe [60352] [PID.2316]
    [MD5.5AA89E152634954E15E9DB265C6A8557] - (.Pas de propriétaire - HPWMISVC Application.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [27192] [PID.2336]
    [MD5.7CF1B716372B89568AE4C0FE769F5869] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872] [PID.2376]
    [MD5.9281297DDEAB730CB2EBB27D74069BD3] - (.F-Secure Corporation - F-Secure Gatekeeper Handler 32-bit.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Anti-Virus\FSGK32.exe [621504] [PID.2384]
    [MD5.5E53CF8AD0FD33B35000C113656AB37B] - (.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2754984] [PID.2956]
    [MD5.E319535A8124F25C1C9C5288CACF3101] - (.TomTom - Windows Service for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [92632] [PID.3096]
    [MD5.F13DA74969897359A88F2A739F54A250] - (.Ulead Systems, Inc. - ULCDRSvr.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152] [PID.3144]
    [MD5.C2251C602EDFC49E71D13D660AB7F625] - (.F-Secure Corporation - F-Secure Management Agent.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSMA32.exe [213672] [PID.4228]
    [MD5.9CB3D8D519DB7A70A463387B8E9AD924] - (.F-Secure Corporation - F-Secure Scanner Manager 32-bit.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Anti-Virus\fssm32.exe [1039296] [PID.4548]
    [MD5.0955C23C041451FB4E7099D6B2CF1C06] - (.Hewlett-Packard Company - HP Software Framework WMI Service.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [988216] [PID.2576]
    ~ Processes Running: Scanned in 00mn 00s

    ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
    C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\prefs.js
    C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\user.js
    C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\prefs.js
    C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\user.js
    M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\ask-search.xml
    M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\Ask.xml
    M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\bingp.xml
    M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\delta.xml =>Toolbar.DeltaSearch
    M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\inbox-search.xml
    M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\search.xml
    M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\Search_Results.xml =>PUP.SearchResults
    M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\search_the_web.xml
    M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\mnsyx3xp.default\searchplugins\Web Search.xml =>Parasite.Pugi
    M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\ask-search.xml
    M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\Ask.xml
    M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\bingp.xml
    M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\delta.xml =>Toolbar.DeltaSearch
    M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\inbox-search.xml
    M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\search.xml
    M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\Search_Results.xml =>PUP.SearchResults
    M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\search_the_web.xml
    M3 - MFPP: Plugins - [christiane] -- C:\Users\christiane\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_912457\searchplugins\Web Search.xml =>Parasite.Pugi
    M3 - MFPP: Plugins - [christiane] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\Ask.xml
    M3 - MFPP: Plugins - [christiane] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\avg-secure-search.xml
    M3 - MFPP: Plugins - [christiane] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\babylon.xml =>Toolbar.Babylon
    M3 - MFPP: Plugins - [christiane] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\fcmdSrchadj.xml =>Adware.Facemoods
    M3 - MFPP: Plugins - [christiane] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\Search_Results.xml =>PUP.SearchResults
    M3 - MFPP: Plugins - [christiane] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\Web Search.xml =>Parasite.Pugi
    M0 - MFSP: prefs.js [christiane - Solo_912457] http://ww7.certified-toolbar.com =>PUP.CertifiedToolbar
    M2 - MFEP: prefs.js [christiane - mnsyx3xp.default\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}] [] uTorrentBar_FR v10.20.0.513 (..) =>P2P.µTorrent
    M2 - MFEP: prefs.js [christiane - Solo_912457\inboxcomtoolbar@inbox.com] [] Inbox Toolbar v (..)
    M2 - MFEP: prefs.js [christiane - Solo_912457\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}] [] uTorrentBar_FR v10.16.70.505 (..) =>P2P.µTorrent
    M2 - MFEP: prefs.js [christiane - Solo_912457\{3d86a75b-cb6b-4764-885d-ca6336f04ba2}] [] Movies Toolbar (Dist. by Bandoo Media, Inc.) v1.6.2.0 (..) =>Adware.Bandoo
    M2 - MFEP: prefs.js [christiane - Solo_912457\{F008E9D6-2FF2-E796-08BA-80504C331C97}] [] New tab v5.0.0.9178 (..)
    ~ Firefox Browser: 50 Legitimates Filtered in 00mn 01s

    ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
    R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://ww7.certified-toolbar.com =>PUP.CertifiedToolbar
    R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ww7.certified-toolbar.com =>PUP.CertifiedToolbar
    ~ IE Browser: 14 Legitimates Filtered in 00mn 00s

    ---\\ Internet Explorer, Proxy Management (R5)
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
    R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
    R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
    ~ Proxy management: Scanned in 00mn 00s

    ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
    F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,
    F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
    F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
    ~ Keys: Scanned in 00mn 00s

    ---\\ Hosts file redirection (O1)
    ~ Le fichier hosts est sain (The hosts file is clean).
    ~ Hosts File: Scanned in 00mn 00s
    ~ Nombre de lignes (Lines number): 0

    ---\\ Internet Explorer Toolbars (O3)
    O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
    O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{D4027C7F-154A-4066-A1AD-4243D8127440} Clé orpheline
    O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{EEE6C35B-6118-11DC-9C72-001320C79847} Clé orpheline
    O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{BA14329E-9550-4989-B3F2-9732E92D17CC} Clé orpheline
    ~ Toolbar: Scanned in 00mn 00s

    ---\\ Autres liens utilisateurs (O4)
    O4 - GS\Desktop [Public]: Ulead VideoStudio SE DVD.lnk . (.Ulead Systems, Inc. - Ulead VideoStudio.) -- C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\vstudio.exe
    O4 - GS\Program [Public]: HP SimplePass Identity Protection.lnk . (.DigitalPersona, Inc. - User Dashboard.) -- C:\Program Files (x86)\DigitalPersona\Bin\DPUserConsole.exe
    O4 - GS\Program [Public]: Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
    O4 - GS\QuickLaunch [christiane]: Apple Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
    O4 - GS\QuickLaunch [christiane]: Light Image Resizer 4.lnk . (.ObviousIdea SARL - ImageResizer.) -- C:\Program Files (x86)\ObviousIdea\Image Resizer 4\Resize.exe
    O4 - GS\TaskBar [christiane]: HP MediaSmart.lnk . (...) -- C:\Program Files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (.not file.)
    O4 - GS\TaskBar [christiane]: OpenOffice 4.0.0.lnk . (.Apache Software Foundation - OpenOffice 4.0.0.) -- C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
    O4 - GS\TaskBar [christiane]: Power2Go.lnk . (.CyberLink Corp. - Power2Go.) -- C:\Program Files (x86)\CyberLink\Power2Go\Power2Go.exe
    O4 - GS\Desktop [christiane]: Images - Raccourci.lnk . (...) -- C:\Users\christiane\AppData\Roaming\Microsoft\Windows\Libraries\Pictures.library-ms
    O4 - GS\Desktop [christiane]: Light Image Resizer 4.lnk . (.ObviousIdea SARL - ImageResizer.) -- C:\Program Files (x86)\ObviousIdea\Image Resizer 4\Resize.exe
    O4 - GS\Desktop [christiane]: Téléchargements - Raccourci.lnk . (...) -- C:\Users\christiane\Downloads
    ~ Global Startup: 75 Legitimates Filtered in 00mn 02s

    ---\\ Applications lancées au démarrage du sytème (O4)
    O4 - GS\Startup [Public]: McAfee Security Scan Plus.lnk . (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
    O4 - GS\Startup [christiane]: Alertes de surveillance de l'encre - HP Photosmart 5520 series (réseau).lnk . (.Hewlett-Packard Co. - Print Driver Status Business Logic.) -- C:\Program Files\HP\HP Photosmart 5520 series\bin\HPStatusBL.dll =>.Hewlett-Packard Co
    O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
    O4 - HKCU\..\Run: [SSync] . (.Pas de propriétaire - Lua Launcher.) -- C:\Users\christiane\AppData\Roaming\SSync\SSync.exe
    O4 - HKCU\..\Run: [DataMgr] . (.HTTO Group, Ltd. - Updater.) -- C:\Users\christiane\AppData\Roaming\DataMgr\DataMgr.exe
    O4 - HKCU\..\Run: [SCheck] . (.Pas de propriétaire - Lua Launcher.) -- C:\Users\christiane\AppData\Roaming\SCheck\SCheck.exe
    O4 - HKCU\..\Run: [Intermediate] . (.Pas de propriétaire - Lua Launcher.) -- C:\Users\christiane\AppData\Roaming\Intermediate\Intermediate.exe
    O4 - HKCU\..\Run: [HP Photosmart 5520 series (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe =>.Hewlett-Packard Co
    O4 - HKLM\..\Wow6432Node\Run: [Tutorials] Clé orpheline =>Spyware.AgenceExclusive
    O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
    O4 - HKLM\..\Wow6432Node\Run: [F-Secure Hoster (44996)] . (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files (x86)\SFR\Pack_Securite\fshoster32.exe
    O4 - HKLM\..\Wow6432Node\Run: [F-Secure Manager] . (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSM32.exe
    O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
    O4 - HKLM\..\Wow6432Node\Run: [Magic Desktop for HP notification] . (.Easybits - Software update notification.) -- C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe
    O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
    O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
    O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
    O4 - HKLM\..\Wow6432Node\Run: [Search Protection] C:\ProgramData\Search Protection\SearchProtection.exe (.not file.) =>Toolbar.Conduit
    O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
    O4 - HKUS\S-1-5-21-518999118-2613084225-3299785174-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
    O4 - HKUS\S-1-5-21-518999118-2613084225-3299785174-1001\..\Run: [SSync] . (.Pas de propriétaire - Lua Launcher.) -- C:\Users\christiane\AppData\Roaming\SSync\SSync.exe
    O4 - HKUS\S-1-5-21-518999118-2613084225-3299785174-1001\..\Run: [DataMgr] . (.HTTO Group, Ltd. - Updater.) -- C:\Users\christiane\AppData\Roaming\DataMgr\DataMgr.exe
    O4 - HKUS\S-1-5-21-518999118-2613084225-3299785174-1001\..\Run: [SCheck] . (.Pas de propriétaire - Lua Launcher.) -- C:\Users\christiane\AppData\Roaming\SCheck\SCheck.exe
    O4 - HKUS\S-1-5-21-518999118-2613084225-3299785174-1001\..\Run: [Intermediate] . (.Pas de propriétaire - Lua Launcher.) -- C:\Users\christiane\AppData\Roaming\Intermediate\Intermediate.exe
    O4 - HKUS\S-1-5-21-518999118-2613084225-3299785174-1001\..\Run: [HP Photosmart 5520 series (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe =>.Hewlett-Packard Co
    ~ Application: Scanned in 00mn 00s

    ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
    O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 [64Bits] - {bd707fe6-39f6-4bda-9265-86a76719bdc5} . (...) -- C:\Program Files\Motorola\Bluetooth\bluetooth.ico
    ~ IE Extra Buttons: Scanned in 00mn 00s

    ---\\ Modification Domaine/Adresses DNS (O17)
    O17 - HKLM\System\CCS\Services\Tcpip\..\{10D298AE-28D8-47DB-BCD9-79E8A30A61C3}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\..\{A74BB713-CB40-42EA-8826-CACEAC0BF685}: DhcpNameServer = 192.168.1.254
    O17 - HKLM\System\CCS\Services\Tcpip\..\{A74BB713-CB40-42EA-8826-CACEAC0BF685}: DhcpDomain = lan
    O17 - HKLM\System\CS1\Services\Tcpip\..\{10D298AE-28D8-47DB-BCD9-79E8A30A61C3}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CS1\Services\Tcpip\..\{A74BB713-CB40-42EA-8826-CACEAC0BF685}: DhcpNameServer = 192.168.1.254
    O17 - HKLM\System\CS1\Services\Tcpip\..\{A74BB713-CB40-42EA-8826-CACEAC0BF685}: DhcpDomain = lan
    O17 - HKLM\System\CS2\Services\Tcpip\..\{10D298AE-28D8-47DB-BCD9-79E8A30A61C3}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CS2\Services\Tcpip\..\{A74BB713-CB40-42EA-8826-CACEAC0BF685}: DhcpNameServer = 192.168.1.254
    O17 - HKLM\System\CS2\Services\Tcpip\..\{A74BB713-CB40-42EA-8826-CACEAC0BF685}: DhcpDomain = lan
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    ~ Domain: Scanned in 00mn 00s

    ---\\ Protocole additionnel (O18)
    O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
    O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
    ~ Protocole Additionnel: Scanned in 00mn 00s

    ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
    O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
    ~ Winlogon: Scanned in 00mn 00s

    ---\\ Tâches planifiées en automatique (O39)
    [MD5.00000000000000000000000000000000] [APT] [Ad-Aware Antivirus Scheduled Scan] (...) -- C:\Program Files (x86)\AD-AWA~1\AdAwareLauncher.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{656E54B0-04F7-4599-B862-9787DD084E3A}] (...) -- C:\Users\christiane\Downloads\nero-7_nero_7.11.6.0_mise_a_jour_francais_10297.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{802AAF1F-9073-4B83-A60C-C929ADEB853F}] (...) -- C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\uninstbb.exe (.not file.) [0] =>Toolbar.Babylon
    [MD5.00000000000000000000000000000000] [APT] [{A14BDE4C-8383-4989-ADF2-2C4B1800B080}] (...) -- C:\Users\christiane\Local Settings\Application Data\Bundled software uninstaller\biclient.exe (.not file.) [0] =>Adware.MegaSearch
    [MD5.00000000000000000000000000000000] [APT] [{A4C9CB56-7F21-4469-8628-BCB9B24792A0}] (...) -- E:\sources\Photosmart 8000-slp_dd_hathi_110_017.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{B2A9761E-2C2A-45F1-8435-6C3FDEE32360}] (...) -- E:\TROUBLESHOOT\INSTMSIA.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{D6A90C27-B68F-4242-B8B2-9819C53AF0D5}] (...) -- E:\sources\Photosmart 8000-ConvergedIO_HPCOM_V3.exe (.not file.) [0]
    ~ Scheduled Task: 18 Legitimates Filtered in 00mn 06s

    ---\\ HKCU & HKLM Software Keys
    [HKCU\Software\5f0daddbc68b942]
    [HKCU\Software\APN DTX]
    [HKCU\Software\BI]
    [HKCU\Software\BabylonToolbar] =>Toolbar.Babylon
    [HKCU\Software\Blabbers] =>PUP.Blabbers
    [HKCU\Software\Conduit] =>Toolbar.Conduit
    [HKCU\Software\Cr_Installer] =>PUP.CrossRider
    [HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr
    [HKCU\Software\HTTOGroup]
    [HKCU\Software\Iminent] =>Adware.IMBooster
    [HKCU\Software\InstallCore] =>Adware.InstallCore
    [HKCU\Software\OfferMosquito] =>Toolbar.OfferMosquito
    [HKCU\Software\Protector]
    [HKCU\Software\Softonic] =>Toolbar.Conduit
    [HKCU\Software\SpeedMaxPc] =>PUP.SpeedMaxPc
    [HKCU\Software\SweetIM] =>PUP.SweetIM
    [HKCU\Software\Tuto4PC] =>PUP.Eorezo
    [HKCU\Software\TutoTag] =>Spyware.AgenceExclusive
    [HKCU\Software\Tutorials] =>Spyware.AgenceExclusive
    [HKCU\Software\YahooPartnerToolbar] =>Toolbar.Yahoo
    [HKCU\Software\delta LTD]
    [HKCU\Software\iLivid] =>Adware.Bandoo
    [HKCU\Software\fAfvfSfP [fVf#f" fEfBfU [fh'Å ¶ ¬'³'ê'½f [fJf< fAfvfSfP [fVf#f"]
    [HKLM\Software\Tarma Installer] =>Toolbar.Tarma
    [HKLM\Software\Wow6432Node\5f0daddbc68b942]
    [HKLM\Software\Wow6432Node\AskTBar]
    [HKLM\Software\Wow6432Node\Babylon] =>Toolbar.Babylon
    [HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit
    [HKLM\Software\Wow6432Node\Datamngr] =>PUP.Datamngr
    [HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
    [HKLM\Software\Wow6432Node\IncrediMail]
    [HKLM\Software\Wow6432Node\SpeedMaxPc] =>PUP.SpeedMaxPc
    [HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
    [HKLM\Software\Wow6432Node\Youyan]
    [HKLM\Software\Wow6432Node\babylontoolbar] =>Toolbar.Babylon
    [HKLM\Software\Wow6432Node\iLividSRTB] =>Adware.Bandoo
    ~ Key Software: 302 Legitimates Filtered in 00mn 00s

    ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
    O43 - CFD: 17/10/2012 - 11:43:18 - [1,827] ----D C:\Program Files (x86)\Conduit
    O43 - CFD: 08/09/2013 - 20:58:28 - [0] ----D C:\Program Files (x86)\PC Cleaner =>USP.PCCleaner
    O43 - CFD: 19/06/2013 - 14:49:29 - [0,050] ----D C:\Program Files (x86)\Common Files\Spigot =>PUP.Dealio
    O43 - CFD: 17/08/2013 - 12:27:29 - [0] ----D C:\ProgramData\APN
    O43 - CFD: 11/10/2012 - 10:02:48 - [0] ----D C:\ProgramData\Ask
    O43 - CFD: 03/04/2013 - 17:00:05 - [0] ----D C:\ProgramData\Babylon =>Toolbar.Babylon
    O43 - CFD: 01/09/2013 - 10:59:04 - [0] ----D C:\ProgramData\Browser Manager
    O43 - CFD: 11/09/2013 - 15:13:14 - [0] ----D C:\ProgramData\SpeedMaxPc =>PUP.SpeedMaxPc
    O43 - CFD: 17/10/2012 - 11:34:38 - [0,281] ----D C:\ProgramData\Tarma Installer =>Toolbar.Tarma
    O43 - CFD: 03/04/2013 - 17:00:05 - [0,009] ----D C:\Users\christiane\AppData\Roaming\Babylon =>Toolbar.Babylon
    O43 - CFD: 18/03/2012 - 11:14:35 - [0,002] ----D C:\Users\christiane\AppData\Roaming\com.socialbox.socialbox
    O43 - CFD: 19/06/2013 - 15:51:58 - [0,161] ----D C:\Users\christiane\AppData\Roaming\DataMgr
    O43 - CFD: 11/09/2013 - 15:05:02 - [0] ----D C:\Users\christiane\AppData\Roaming\SpeedMaxPc =>PUP.SpeedMaxPc
    O43 - CFD: 20/03/2013 - 09:21:15 - [0] ----D C:\Users\christiane\AppData\Local\Conduit
    O43 - CFD: 10/09/2013 - 09:51:28 - [0,005] ----D C:\Users\christiane\AppData\Local\iLivid =>Adware.Bandoo
    ~ 357 Dossiers CLSID vides (CLSID Empty Folders)
    ~ Program Folder: 632 Legitimates Filtered in 01mn 41s

    ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
    O44 - LFC:[MD5.E1ECC27DD412B33318CD46CD5C77A6D2] - 17/09/2013 - 07:05:08 ---A- . (...) -- C:\Windows\IE10_main.log [1347]
    O44 - LFC:[MD5.1B2CE85F36F5BB6DEC7AE685978DB825] - 10/09/2013 - 08:57:42 ---A- . (.Pas de propriétaire - Toolbar_Exe_Launcher_Form.) -- C:\Windows\Launcher.exe [32328]
    ~ Files: 144 Legitimates Filtered in 00mn 58s

    ---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
    O45 - LFCP:[MD5.FA4EB479B10BF167AA7FD14B1D8210EC] - 23/09/2013 - 08:55:26 ---A- - C:\Windows\Prefetch\TRIGGER.EXE-041875CA.pf
    O45 - LFCP:[MD5.0A7DEBCB1EA2F2E5F99B72E5C74C37E4] - 23/09/2013 - 10:20:48 ---A- - C:\Windows\Prefetch\IEUNATT.EXE-94DA8E02.pf
    O45 - LFCP:[MD5.A67FA94F28BE71844BE22D888669B51D] - 23/09/2013 - 14:42:54 ---A- - C:\Windows\Prefetch\FSADMINSETTINGS.EXE-740AA57D.pf
    ~ Prefetcher: 92 Legitimates Filtered in 00mn 01s

    ---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
    O51 - MPSK:{e5f3d40e-cf88-11e2-9979-643150592632}\AutoRun\command. (...) -- G:\DPFMate.exe (.not file.)
    ~ Keys: Scanned in 00mn 00s

    ---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
    O53 - SMSR:HKLM\...\startupreg\Badoo Desktop [Key] . (...) -- C:\ProgramData\Badoo\Badoo desktop\1.6.48.1082\Badoo.desktop.exe (.not file.)
    O53 - SMSR:HKLM\...\startupreg\Browser companion helper [Key] . (...) -- C:\Program Files (x86)\BrowserCompanion\BCHelper.exe (.not file.) =>PUP.Blabbers
    O53 - SMSR:HKLM\...\startupreg\offerbox [Key] . (...) -- C:\Program Files (x86)\OfferBox\OfferBox.exe (.not file.) =>PUP.OfferBox
    ~ SMSR Keys: 26 Legitimates Filtered in 00mn 00s

    ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
    O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
    O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
    O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
    O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
    ~ MWPS: 19 Legitimates Filtered in 00mn 00s

    ---\\ Liste des pilotes du système (SDL) (O58)
    O58 - SDL:[MD5.9573E8C7C3B3D1625FD941841FD0859C] - 24/06/2010 - 21:32:52 . (.Windows (R) Win 7 DDK provider - CyberLink WebCam Virtual Driver.) -- C:\Windows\System32\Drivers\clwvd.sys [32880]
    O58 - SDL:[MD5.343786E182B9C9AE3066E00DEC650F50] - 27/02/2013 - 21:37:16 ---A- . (...) -- C:\Windows\SysWOW64\drivers\fsbts.sys [42672]
    ~ Drivers: 19 Legitimates Filtered in 00mn 00s

    ---\\ Liste des outils de désinfection (LATC) (O63)
    O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
    ~ ADS: Scanned in 00mn 00s

    ---\\ Menu de démarrage Internet (SMI) (O68)
    O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
    O68 - StartMenuInternet: <Safari.exe> <Safari>[HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe
    O68 - StartMenuInternet: <Torch> <>[HKLM\..\Shell\open\Command] (.Not Key.)
    ~ Keys: Scanned in 00mn 00s

    ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_TMP_city", "BOULOGNE-BILLANCOURT");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_TMP_country", "FR");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_country", "FRANCE");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_locId", "FRXX0281");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_location", "Boulogne-Billancourt, France");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_region", "FR");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_temp_dis", "c");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.TWC_wind_dis", "kmh");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.1000234.weatherData", "{\"icon\":\"28.png\",\"temperature\":\"19ÃfÆ'ââ'¬Å¡Ãfâ€sÃ'°C\",\"temperatureClear\":[...]
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.Facebook_Mode.enc", "Mg==");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.Facebook_User_Locale.enc", "ZnI=");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.Facebook_ctid_Connect_send_new.enc", "c2VuZGVk");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.FirstTime", "true");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.FirstTimeFF3", "true");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.PG_ENABLE", "dHJ1ZQ==");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.PG_ENABLE.enc", "dHJ1ZQ==");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.SF_JUST_INSTALLED.enc", "RkFMU0U=");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.SF_STATUS.enc", "RU5BQkxFRA==");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.SearchAppState.enc", "Mg==");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2851639&SearchSource=2&CUI=UN8451[...]
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.UserID", "UN84510811223764668");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.addressBarTakeOverEnabledInHidden", "true");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.browser.search.defaultthis.engineName", true);
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.countryCode", "FR");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.embeddedsData", "[{\"appId\":\"129351529700743801\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFra[...]
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.enableFix404ByUser", "FALSE");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.firstTimeDialogOpened", "true");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.fixPageNotFoundErrorByUser", "TRUE");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.fixPageNotFoundErrorInHidden", "true");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.fixUrls", true);
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.fullUserID", "UN84510811223764668.UP.20130710092159");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.homepageuserchanged", true);
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.installType", "Unknown");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.isCheckedStartAsHidden", true);
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.isFirstTimeToolbarLoading", "false");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.keyword", true);
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"http://search.conduit.com/?ctid=CT2851639&octid=CT2[...]
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.lastVersion", "10.16.4.519");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appStateReportTime.enc", "MTM3NDY0NDU4MDE2Ng==");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appState_CouponBuddy.enc", "b2Zm");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appState_Easytobook.enc", "b2Zm");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appState_Easytobook_targeted.enc", "b2Zm");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appState_PriceGong.enc", "b2Zm"); =>Adware.PriceGong
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appState_WindowShopper.enc", "b2Zm");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY2[...]
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_calledSetupService.enc", "MQ==");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IkVhc3l0b2Jvb2tfdGFyZ2V0ZWQiLCJjcml0ZXJpYXMiOlt7I[...]
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_currentVersion.enc", "MS45LjAuNA==");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_eventsCache.enc", "eyI5NjliYmQwZi00N2M5LTQ0MmMtOGZjMy0yZmYzZmRmODg4M2YiOnsidG9waWMiOiJzZW5kVXNhZ2UiLCJ[...]
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_existingUsersRecoveryDone.enc", "MQ==");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_first_time.enc", "MQ==");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_gadgetOpen.enc", "MA==");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_installer_preapproved.enc", "RkFMU0U=");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_lastLoginTime.enc", "MTM3NDY0NDU4MDA5MQ==");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_localization.enc", "eyJkbWJveDEiOnsiVGV4dCI6IlByb21vXG5kdSBqb3VyIn0sImRtYm94MiI6eyJUZXh0IjoiTGl2cmFpc2[...]
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_mamEnabled.enc", "ZmFsc2U=");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_settings1.8.0.4.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNDZfMCI[...]
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_settings1.9.0.4.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiODRfMCI[...]
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_showCloseButton.enc", "dHJ1ZQ==");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_userId.enc", "ZmE4MjQ2MDEtYjNhMi00MzA0LTg3YWEtMDdjNjNiNDkyZjMz");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.mam_gk_user_approval_interacted.enc", "MQ==");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.migrateAppsAndComponents", true);
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"http%3A%2F%2Fwww.pmu.fr%2F\",\"EB_M[...]
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.originalSearchAddressUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2851639&SearchSource=2&CUI=UN845[...]
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.price-gong.isManagedApp", "true");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.search.searchAppId", "129351529700743801");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.search.searchCount", "0");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.searchFromAddressBarEnabledByUser", "true");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.searchInNewTabEnabledByUser", "true");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.searchInNewTabEnabledInHidden", "true");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.searchSuggestEnabledByUser", "true");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.searchUserMode", "1");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2851639\"}");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"http://uTorrent[...] =>P2P.µTorrent
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"uTorrentBar_FR\[...] =>P2P.µTorrent
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_Configuration_lastUpdate", "1374608463592");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1374506502179");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_appsMetadata_lastUpdate", "1374607447166");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1374569734926");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_location_lastUpdate", "1373313893003");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_login_10.15.0.562_lastUpdate", "1369339416564");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_login_10.16.2.509_lastUpdate", "1373384040933");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_login_10.16.4.519_lastUpdate", "1374644697280");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1374569734975");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_searchAPI_lastUpdate", "1374608463436");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_serviceMap_lastUpdate", "1374608463334");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_setupAPI_lastUpdate", "1366088608892");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_toolbarContextMenu_lastUpdate", "1374569734973");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_toolbarSettings_lastUpdate", "1374644697402");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.serviceLayer_services_translation_lastUpdate", "1374608463465");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.settingsINI", true);
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.showToolbarPermission", "false");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.smartbar.CTID", "CT2851639"); =>Hijacker.SmartBar
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.smartbar.Uninstall", "0"); =>Hijacker.SmartBar
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.smartbar.homepage", true); =>Hijacker.SmartBar
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.smartbar.toolbarName", "uTorrentBar_FR "); =>Hijacker.SmartBar
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.toolbarBornServerTime", "15-4-2013");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.toolbarCurrentServerTime", "24-7-2013");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.toolbarDisabled", "true");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639.toolbarLoginClientTime", "Tue Apr 16 2013 07:03:28 GMT+0200");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("CT2851639_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1374644576147,\"isWithState\"[...]
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("Smartbar.ConduitHomepagesList", "http://search.conduit.com/?ctid=CT2851639&SearchSource=13&CUI=UN84510811223764668&UM=1[...] =>Hijacker.SmartBar
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("Smartbar.ConduitSearchEngineList", "uTorrentBar_FR Customized Web Search"); =>Hijacker.SmartBar
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("Smartbar.ConduitSearchUrlList", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2851639&SearchSource=2&CUI=UN84510811[...] =>Hijacker.SmartBar
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("browser.search.defaultengine", "Web Search");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("browser.search.order.1", "Web Search");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.crossrider.bic", "13e1139e0f29abf200aa21fbab394007"); =>PUP.CrossRider
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.admin", false);
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.aflt", "babsst");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.autoRvrt", "false");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.bbDpng", "16");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.cntry", "FR");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.dfltLng", "en");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.excTlbr", false);
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.hdrMd5", "40E87F75823456273CECCC3FC445D3B0");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.id", "46448de3000000000000e02a8211ef36");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.instlDay", "15798");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.instlRef", "sst");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.lastVrsnTs", "1.8.10.017:00:25");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.newTab", false);
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.prdct", "delta");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.prtnrId", "delta");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.rvrt", "false");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.sg", "azb");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.smplGrp", "none");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.tlbrId", "base");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.tlbrSrchUrl", "");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.vrsn", "1.8.10.0");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.vrsnTs", "1.8.10.017:00:25");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("extensions.delta.vrsni", "1.8.10.0");
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("smartbar.conduitHomepageList", "http://search.conduit.com/?ctid=CT2851639&SearchSource=13&CUI=UN84510811223764668&UM=1"[...] =>Hijacker.SmartBar
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("smartbar.conduitSearchAddressUrlList", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2851639&SearchSource=2&CUI=UN8[...] =>Hijacker.SmartBar
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.RevertDialog.enable", "false"); =>PUP.SweetIM
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true"); =>PUP.SweetIM
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "0"); =>PUP.SweetIM
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.Visibility.enable", "true"); =>PUP.SweetIM
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.Visibility.intervaldays", "7"); =>PUP.SweetIM
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true"); =>PUP.SweetIM
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.cda.HideOveride.enable", "true"); =>PUP.SweetIM
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true"); =>PUP.SweetIM
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.cda.returnValue", "disable"); =>PUP.SweetIM
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.0.enable", "true"); =>PUP.SweetIM
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js"); =>PUP.SweetIM
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.0.height", "335"); =>PUP.SweetIM
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog"); =>PUP.SweetIM
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;"); =>PUP.SweetIM
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.0.url", "http://www.sweetim.com/simffbar/options_remote_ff.asp?lang=$locale_id;&toolbar_version[...] =>PUP.SweetIM
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.0.width", "761"); =>PUP.SweetIM
    O69 - SBI: prefs.js [christiane - mnsyx3xp.default] user_pref("sweetim.toolbar.dialogs.1
    0
  7. buckhulk Messages postés 14914 Statut Contributeur 1 757
     
    oui donc pas mal de virus enfin des "trucs" habituels !!!
    passe adw Cleaner :
    AdwCleaner
    : Logiciel très simple d'utilisation

    1 - Téléchargez AdwCleaner et lance son exécution.
    >>>ICI<<<
    Mirror

    2 - L'interface du programme va s'ouvrir.
    Cliques sur le bouton Scanner afin de lancer la détection, celle-ci ne prendra que quelques secondes, patientes.
    Le rapport est automatiquement enregistré à la racine de votre disque dur principal, en général C:

    3 - Fermes le rapport puis cliques sur le bouton Suppression
    SI
    AdwCleaner a trouvé des choses dans les différents onglets
    4 - Dès la suppression effective, le logiciel demande de redémarrer l'ordinateur, cliques sur Ok.
    au redémarrage :
    5 - Poste les deux rapports , recherche et suppression

    (CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller)

    6 - Tu peux fermer AdwCleaner

    0
    1. marijon07 Messages postés 404 Date d'inscription   Statut Membre Dernière intervention   1
       
      Buckhulk ,
      j'ai télécharge AdwCleaner , scanné
      j'ai trouvé le rapport sur mon disque C , et après je sais plus , je n'ai pas trouvé suppression
      0
    2. buckhulk Messages postés 14914 Statut Contributeur 1 757
       
      alors déjà il faut que tu mette les rtapports ici ou sur cjoint comme tout à l'heure ensuite si le logiciel a disparu , tu recommences , et dsl c'est pas suppression c'est nettoyer !
      0
    3. marijon07 Messages postés 404 Date d'inscription   Statut Membre Dernière intervention   1
       
      J ai ce rapport
      via ks24846.kimsufi.com
      0
    4. buckhulk Messages postés 14914 Statut Contributeur 1 757
       
      c'est quoi ça ?
      0
    5. buckhulk Messages postés 14914 Statut Contributeur 1 757
       
      j'ai vu , mais là je peux pas l'examiner le rapport , c'est pour ça qu'il vaut mieux les héberger sur cjoint !
      0
  8. buckhulk Messages postés 14914 Statut Contributeur 1 757
     
    bizarre ! passe JRT pour voir !
    JRT

    Téléchargement : JRT
    1 - Enregistre-le sur ton bureau.
    2 - Fermes toutes les applications en cours.
    3 - Fais un clic droit => Exécuter en tant qu'administrateur
    4 - Une fois le logiciel ouvert, appuis sur la touche Entrée.
    5 - Patientes le temps que l'outil travaille (cela peut être assez long)
    6 - le bureau va disparaître quelques instants, c'est tout à fait normal.

    À la fin de l'analyse, un rapport nommé JRT.txt va s'ouvrir
    Il va falloir que tu patientes ne touche à rien même si tu as l'impression que cela n'avance pas !

    Poste le rapport

    ne t'inquiète pas si tu as l'impression qu'il ne "travaille" pas !!
    patiente !

    0
    1. marijon07 Messages postés 404 Date d'inscription   Statut Membre Dernière intervention   1
       
      Bonjour , je passe directement sur le scan , il m'indique que j'ai 615 erreurs
      il me propose d'acheter pour corriger
      merci
      0
    2. buckhulk Messages postés 14914 Statut Contributeur 1 757
       
      je comprend pas sur JRT ? c'est gratuit !
      tu clique sur télécharger et tu attends , il télécharge direct !
      0
    3. marijon07 Messages postés 404 Date d'inscription   Statut Membre Dernière intervention   1
       
      Oui je suis d'accord mais toujours ce probleme 403 qui me bloque.
      0
    4. buckhulk Messages postés 14914 Statut Contributeur 1 757
       
      désactive ton anti virus ! et passe Roguekiller :
      Roguekiller

      RogueKiller est un outil (créé par Tigzy) permettant de tuer les processus appartenant à des rogues de manière automatique. Dans la mesure où certaines infections empêchent l'exécution des scans antivirus/antimalware habituels, cet outil est un outil préliminaire à un processus complet de désinfection.

      Téléchargement :Roguekiller officiel

      Attention, afin d'éviter tout désagrément dû aux anciennes versions de Roguekiller, il est fortement recommandé d'utiliser le lien de téléchargement officiel de Roguekiller
      bien choisir sa version :

      1/ Quitter tous les programmes en cours.
      2/ Sous Vista/Seven, clique droit => Éxécuter en tant qu'administrateur
      3/ Sinon lancer simplement RogueKiller.exe
      Si Roguekiller ne se lance pas, il ne faut pas hésiter à le renommer en Winlogon.
      4/ Cliquer sur Scan .
      5/ Attendre la fin du scan. A ce stade aucune modification n'a été apportée au système
      à la demande relancer Roguekiller et
      6/ Cliquer sur le bouton Suppression.
      A l'inverse du bouton Scan, ce bouton supprime les infections de type rogue et modifie donc le système.
      Le rapport a été généré sur le bureau.
      7/ Poster le rapport :(CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller)

      Important : Pour quitter l'outil
      Il faut passer par le bouton Fichier -> Quitter.
      Ce mode est le moyen de fermer l'outil correctement. En effet, si l'on ferme RogueKiller sans avoir utilisé ce mode, le driver créé par l'outil ne sera pas supprimé.

      Important :
      Toute sorte de manipulation avec un logiciel de désinfection peut planter le PC.
      Si vous utilisez seul un logiciel, c'est à vos risques et périls

      tutoriel officiel
      ICI
      0
  9. tavana
     
    Faut que je face quoi arrive pas telercharger
    0
  10. buckhulk Messages postés 14914 Statut Contributeur 1 757
     
    il faut que tu ouvres ton topic et que tu t'inscrives...
    mais tu peux essayer ça :
    essaye plusieurs choses
    tu renommes Roguekiller et tu le retelecharges
    tu peux aussi passer Rkill juste avant de télécharger Roguekiller et après JRT !
    sinon essaye de passer cet antivirus en ligne :
    ESET
    tu peux essayer aussi en mode sans echec !

    0