Virus
Fermé
miktof73
Messages postés
4
Date d'inscription
samedi 16 novembre 2013
Statut
Membre
Dernière intervention
28 novembre 2013
-
16 nov. 2013 à 13:51
lilidurhone Messages postés 43347 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 31 octobre 2024 - 17 nov. 2013 à 18:14
lilidurhone Messages postés 43347 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 31 octobre 2024 - 17 nov. 2013 à 18:14
A voir également:
- Virus
- Youtu.be virus - Accueil - Guide virus
- Svchost.exe virus - Guide
- Faux message virus ordinateur - Accueil - Arnaque
- Faux message virus iphone - Forum iPhone
- Softonic virus ✓ - Forum Virus
6 réponses
miktof73
Messages postés
4
Date d'inscription
samedi 16 novembre 2013
Statut
Membre
Dernière intervention
28 novembre 2013
17 nov. 2013 à 16:54
17 nov. 2013 à 16:54
bonjour kapersky met trop de temps a analyser donc j'ai le rapport de Avast qui me dit : - certain fichiers n'ont pu etre scannés chemin spécifié introuvable
- Menace: VBS:FlufferMiner-D [trj]
- Menace: VBS:FlufferMiner-D [trj]
lilidurhone
Messages postés
43347
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
31 octobre 2024
3 806
Modifié par lilidurhone le 17/11/2013 à 16:59
Modifié par lilidurhone le 17/11/2013 à 16:59
Tu as un autre sujet où je t'ai répondu...
=>
https://forums.commentcamarche.net/forum/affich-29117879-infection
Si problème il y a il existe toujours une solution
N'oubliez pas de passer votre sujet en résolu
=>
https://forums.commentcamarche.net/forum/affich-29117879-infection
Si problème il y a il existe toujours une solution
N'oubliez pas de passer votre sujet en résolu
miktof73
Messages postés
4
Date d'inscription
samedi 16 novembre 2013
Statut
Membre
Dernière intervention
28 novembre 2013
17 nov. 2013 à 17:54
17 nov. 2013 à 17:54
rapport kapersky analyse rapide : 13 problemes detectés
"Le lancement automatique depuis les disques durs est activé"
"Le lancement automatique depuis les disques réseau est activé"
"Le lancement automatique depuis le CD/DVD est activé"
"Le lancement automatique depuis les lecteurs amovibles est activé"
"Explorateur Windows - désactiver l'affichage des extensions des fichiers dont le type est connu du système"
"Microsoft Internet Explorer : purger l'historique des adresses URL saisies"
"Microsoft Internet Explorer : désactiver la mise en mémoire tampon des données reçues via le canal protégé"
"Microsoft Internet Explorer : désactiver l'envoi de rapports sur les erreurs"
"Microsoft Internet Explorer : purger la liste des domaines de confiance"
"Microsoft Internet Explorer : purger la liste des exclusions du blocage de fenêtres pop-up"
"Microsoft Internet Explorer : activer la purge automatique du cache au moment de quitter le navigateur"
"Explorateur Windows : l'affichage des extensions de fichiers dont le type est connu du système est désactivé"
"Microsoft Internet Explorer : purger la page d'accueil"
"Le lancement automatique depuis les disques durs est activé"
"Le lancement automatique depuis les disques réseau est activé"
"Le lancement automatique depuis le CD/DVD est activé"
"Le lancement automatique depuis les lecteurs amovibles est activé"
"Explorateur Windows - désactiver l'affichage des extensions des fichiers dont le type est connu du système"
"Microsoft Internet Explorer : purger l'historique des adresses URL saisies"
"Microsoft Internet Explorer : désactiver la mise en mémoire tampon des données reçues via le canal protégé"
"Microsoft Internet Explorer : désactiver l'envoi de rapports sur les erreurs"
"Microsoft Internet Explorer : purger la liste des domaines de confiance"
"Microsoft Internet Explorer : purger la liste des exclusions du blocage de fenêtres pop-up"
"Microsoft Internet Explorer : activer la purge automatique du cache au moment de quitter le navigateur"
"Explorateur Windows : l'affichage des extensions de fichiers dont le type est connu du système est désactivé"
"Microsoft Internet Explorer : purger la page d'accueil"
miktof73
Messages postés
4
Date d'inscription
samedi 16 novembre 2013
Statut
Membre
Dernière intervention
28 novembre 2013
17 nov. 2013 à 17:57
17 nov. 2013 à 17:57
Rapport de ZHPDiag v2013.11.17.37 - Nicolas Coolman (17/11/2013)
~ Lancé par nath (17/11/2013 17:47:56)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Forums gratuits d'Assistance à la désinfection : https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 25.0.1 (Defaut)
GCIE: Google Chrome v30.0.1599.101
---\\ Informations sur les produits Windows
~ Langage: Français
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
Windows Automatic Updates : OK
---\\ Logiciels de protection du système
avast! Free Antivirus v8.0.1497.0
Microsoft Security Client FR-FR Language Pack v2.1.1116.0
Norton Internet Security v10.1.0.26
Norton AntiVirus v14.1.0.27
Norton Protection Center v2007.1.2.11
Kaspersky Security Scan v12.0.1.340
Spybot - Search & Destroy v1.6.2
---\\ Logiciels d'optimisation du système
CCleaner =>Piriform Ltd
---\\ Logiciels de partage PeerToPeer
eMule
---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader 9.5.5 - Français
---\\ Informations sur le système
~ Processor: x86 Family 15 Model 6 Stepping 5, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1790 MB (33% free)
System Restore: Activé (Enable)
System drive C: has 71 GB (50%) free of 141 GB
---\\ Mode de connexion au système
~ Computer Name: PC-DE-NATH
~ User Name: nath
~ All Users Names: nath, ASPNET, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\nath\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\nath\AppData\Roaming\
~ %Desktop% : C:\Users\nath\Desktop\
~ %Favorites% : C:\Users\nath\Favorites\
~ %LocalAppData% : C:\Users\nath\AppData\Local\
~ %StartMenu% : C:\Users\nath\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 71 Go of 141 Go)
D: Floppy drive, Flash card reader, USB Key (Not Inserted)
E: Floppy drive, Flash card reader, USB Key (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
~ Security Center: 50 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.19/01/2008 - 08:33:37.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.C8ADAA6948993D839D14524847EA5B75] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/09/2013 - 11:13:22.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.19/01/2008 - 06:28:02.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.19/01/2008 - 06:49:18.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.19/01/2008 - 06:56:28.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.03/03/2013 - 20:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [1082232]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.19/01/2008 - 06:56:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.E8BD98D46F2ED77132BA927FCCB47D8B] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.02/11/2006 - 10:03:00.) -- C:\Windows\system32\Drivers\rdpdr.sys [242688]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Generic Processes: Scanned in 00mn 02s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/132
~ Mes musiques (My Musics) : 37/1325
~ Mes Videos (My Videos) : 1/3
~ Mes Favoris (My Favorites) : 1/30
~ Mes Documents (My Documents) : 2/507
~ Mon Bureau (My Desktop) : 3/20
~ Menu demarrer (Programs) : 1/35
~ Hidden Files: Scanned in 00mn 14s
---\\ Processus lancés
[MD5.EE4FB1BB6757675625699A32E0F80E20] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [4468736] [PID.2708]
[MD5.CBC7D8E5416AD30CF16DC2FD4A6AA399] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968] [PID.2716]
[MD5.CE5C9977DA751DDC30952AC4DCBCA788] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\hpwuschd2.exe [49208] [PID.2724]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [PID.2736]
[MD5.4B555106290BD117334E9A08761C035A] - (...) -- ystem32\RunDll32.exe [0] [PID.2764]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.2904]
[MD5.077D59BA0FD4007E841B6C670862B065] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [275568] [PID.2968]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.740]
[MD5.2E0B0A051FFAA86E358465BB0880D453] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [53784] [PID.4608]
[MD5.6EFBC82722D0F7B35283993189ECE9D0] - (.Kaspersky Lab ZAO - Kaspersky Security Scan.) -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202328] [PID.4704]
[MD5.824512C3EAE3462388B8861986907E28] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8227328] [PID.2744]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1316]
[MD5.9330941C8F6DF417F6DBBE998DB6687E] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808] [PID.1640]
[MD5.293E66AA529F0FBA1AA56340E293A389] - (.Spigot, Inc. - Application Updater.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe [380928] [PID.1248] =>PUP.Dealio
[MD5.DA1485749B785ADCEB421874F5F3405B] - (.France Telecom SA - Pas de description.) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe [65536] [PID.2292]
[MD5.0DDFDCAA92C7F553328DB06BA599BEA9] - (.Logitech Inc. - Logitech LVPrcSrv Module..) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [154136] [PID.2424]
[MD5.910FBA95EE4F56449AA81315884C8EFD] - (.Sonic Solutions - RoxSniffer9 Module.) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [166648] [PID.2604]
[MD5.794D4B48DFB6E999537C7C3947863463] - (.Safer Networking Ltd. - Spybot-S&D Security Center integration.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368] [PID.3300]
[MD5.9638E5820858593A12005C753B03CEAE] - (.Sonic Solutions - RoxMediaDB9 Module.) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [887544] [PID.3884]
[MD5.C559672F31ABE6BA7277DD73C4502238] - (.Microsoft Corporation - Installateur Windows®.) -- C:\Windows\system32\msiexec.exe [73216] [PID.5004]
~ Processes Running: Scanned in 00mn 05s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\nath\AppData\Local\Google\Chrome\User Data\Default\Preferences
~ Google Browser: 13 Legitimates Filtered in 00mn 22s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\nath\AppData\Roaming\Mozilla\Firefox\Profiles\k5yp8f7l.default\prefs.js
M3 - MFPP: Plugins - [nath] -- C:\Users\nath\AppData\Roaming\Mozilla\Firefox\Profiles\k5yp8f7l.default\searchplugins\conduit.xml
M1 - SPR:Search Page Redirection - C:\Program Files\Mozilla FireFox\extensions\searchsettings@spigot.com =>Adware.SearchSettings
M2 - MFEP: prefs.js [nath - k5yp8f7l.default\{ba14329e-9550-4989-b3f2-9732e92d17cc}(47)] [] Vuze Remote Community Toolbar v3.18.0.7 (..) =>P2P.Azureus
P2 - FPN: [HKCU] [@facebook.com/FBPlugin,version=1.0.3] - (.Pas de propriétaire - Provides additional functionality on Facebook. See <a href="http://www.) -- C:\Users\nath\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll =>.Facebook
~ Firefox Browser: 26 Legitimates Filtered in 00mn 01s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.msn.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.msn.com/fr-fr/
R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} . (.Pas de propriétaire - Provides additional functionality on Facebook. See <a href="http://www.) (No version) -- (.not file.) =>.Facebook
R3 - URLSearchHook: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (.Pas de propriétaire - Provides additional functionality on Facebook. See <a href="http://www.) (No version) -- (.not file.) =>.Facebook
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Pas de propriétaire - Provides additional functionality on Facebook. See <a href="http://www.) (No version) -- (.not file.) =>.Facebook
~ IE Browser: 11 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 14s
~ Nombre de lignes (Lines number): 15212
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} . (.Spigot, Inc. - Search Settings IE.) -- C:\Program Files\Search Settings\SearchSettings.dll =>Adware.SearchSettings
~ BHO: 22 Legitimates Filtered in 00mn 01s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Show Norton Toolbar - [HKLM]{90222687-F593-4738-B738-FBEE9C7B26DF} . (.Symantec Corporation - UIBhoImpl.) -- C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: avast! Online Security - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Bing Bar - [HKLM]{eec0f710-38b5-4aba-99bf-ec87564a4e13} . (.Microsoft Corporation. - Extensions du client Bing.) -- C:\Program Files\Microsoft\BingBar\7.2.241.0\BingExt.dll =>Toolbar.Bing
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{BA14329E-9550-4989-B3F2-9732E92D17CC} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Creator 9.lnk . (...) -- C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\Main\Roxio_Central33.exe
O4 - GS\Desktop [Public]: eMule.lnk . (.https://www.emule-project.net/home/perl/general.cgi?l=1 - eMule.) -- C:\Program Files\eMule\emule.exe
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: Google Desktop.lnk . (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Vuze.lnk - Clé orpheline =>P2P.Azureus
O4 - GS\QuickLaunch [nath]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [nath]: Horaires de Trains.lnk - Clé orpheline
O4 - GS\QuickLaunch [nath]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [nath]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch [nath]: Vuze.lnk - Clé orpheline =>P2P.Azureus
O4 - GS\Program [nath]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [nath]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [nath]: Horaires de Trains.lnk - Clé orpheline
O4 - GS\Desktop [nath]: Images - Raccourci.lnk . (...) -- C:\Users\nath\Pictures
O4 - GS\Desktop [nath]: Internet - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop [nath]: Kaspersky Security Scan.lnk . (.Kaspersky Lab ZAO - Kaspersky Security Scan.) -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
O4 - GS\Desktop [nath]: Spybot - Search & Destroy.lnk . (.Safer Networking Limited - Spybot - Search & Destroy.) -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
~ Global Startup: 71 Legitimates Filtered in 00mn 03s
---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [nath]: Alertes de surveillance de l'encre - HP Deskjet 2510 series.lnk . (.Hewlett-Packard Co. - Print Driver Status Business Logic.) -- C:\Program Files\HP\HP Deskjet 2510 series\bin\HPStatusBL.dll =>.Hewlett-Packard Co
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [EoEngine] Clé orpheline
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKCU\..\Run: [KSS] . (.Kaspersky Lab ZAO - Kaspersky Security Scan.) -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] C:\Program Files\MSN Messenger\msnmsgr.exe (.not file.)
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] . (.Google Inc. - Picasa.) -- C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] Clé orpheline
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] Clé orpheline
O4 - HKUS\S-1-5-21-285062104-3620527859-2794723330-1002\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-285062104-3620527859-2794723330-1002\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKUS\S-1-5-21-285062104-3620527859-2794723330-1002\..\Run: [KSS] . (.Kaspersky Lab ZAO - Kaspersky Security Scan.) -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -- Clé orpheline
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} ((no name)) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{8C4A76E9-B223-43A6-8830-AD41E55F64C1}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{8C4A76E9-B223-43A6-8830-AD41E55F64C1}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{8C4A76E9-B223-43A6-8830-AD41E55F64C1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.Google - Google Desktop.) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll
~ AppInit DLL: Scanned in 00mn 00s
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Application Updater (Application Updater) . (.Spigot, Inc. - Application Updater.) - C:\Program Files\Application Updater\ApplicationUpdater.exe =>PUP.Dealio
O23 - Service: Securitoo Control Parental (OPTENET_FILTER) . (...) - C:\Program Files\Securitoo\Controle Parental\bin\optproxy.exe (.not file.)
O23 - Service: SBSD Security Center Service (SBSDWSCService) . (.Safer Networking Ltd. - Spybot-S&D Security Center integration.) - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
~ Services: 8 Legitimates Filtered in 00mn 15s
---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Daily 1)] (...) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Daily 2)] (...) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Daily 3)] (...) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Daily 4)] (...) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Weekly)] (...) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [BFGLaunch_bfgclient] (...) -- C:\Program Files\bfgclient\bfgclient.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [BFGLaunch_insaniquarium] (...) -- C:\Users\nath\AppData\Local\Temp\insaniquarium.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{0DEE5737-7B66-493F-9621-319E8BEEB345}] (...) -- H:\atw.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{A2F9B678-EABF-486E-944C-A85A01A938C5}] (...) -- H:\KitWanadoo.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{E44ADB2E-A8C0-4FC9-AE08-BD902D5BB7A0}] (...) -- H:\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{FABA8151-036A-4F95-B3B0-9DCB06FB43B7}] (...) -- I:\nero\setupx.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{FC203897-C40C-456A-9DFA-BB9E2F05C6DF}] (...) -- I:\nero\setup.exe (.not file.) [0]
~ Scheduled Task: 32 Legitimates Filtered in 00mn 10s
---\\ Logiciels installés (O42)
O42 - Logiciel: Search Settings v1.2.3 - (.Spigot, Inc..) [HKLM] -- {5F05C28D-DEA9-4AD6-A73A-064175988EAB} =>Adware.SearchSettings
O42 - Logiciel: Video SIS V7.14.10.5051 - (...) [HKLM] -- VIDEO_SIS
~ Logic: 114 Legitimates Filtered in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\EoRezo] =>PUP.Eorezo
[HKCU\Software\ItsLabel] =>PUP.ItsLabel
[HKCU\Software\PCTools]
[HKCU\Software\Winsudate] =>Adware.Gibmedia
[HKCU\Software\YahooPartnerToolbar]
[HKLM\Software\Conduit] =>Toolbar.Conduit
[HKLM\Software\EoRezo] =>PUP.Eorezo
[HKLM\Software\GamesBarSetup] =>Adware.GamesBar
[HKLM\Software\PCTools]
[HKLM\Software\Search Settings] =>Adware.SearchSettings
[HKLM\Software\TENCENT] =>Adware.TencentAddressBar
[HKLM\Software\Vittalia] =>PUP.Vittalia
~ Key Software: 197 Legitimates Filtered in 00mn 01s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 23/07/2010 - 21:31:21 - [0,102] ----D C:\Program Files\EoRezo =>PUP.Eorezo
O43 - CFD: 23/08/2009 - 11:43:58 - [0,002] ----D C:\Program Files\GamesBar =>Adware.GamesBar
O43 - CFD: 22/05/2010 - 10:36:29 - [2,066] ----D C:\Program Files\Search Settings =>Adware.SearchSettings
O43 - CFD: 08/04/2012 - 17:19:15 - [34,459] ----D C:\Program Files\Spyware Doctor
O43 - CFD: 14/07/2011 - 19:32:14 - [1,385] ----D C:\Users\nath\AppData\Roaming\EoRezo =>PUP.Eorezo
O43 - CFD: 23/08/2009 - 11:44:58 - [0] ----D C:\Users\nath\AppData\Roaming\iWin
O43 - CFD: 22/07/2012 - 21:56:57 - [0] ----D C:\Users\nath\AppData\Local\Conduit
~ 1 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 204 Legitimates Filtered in 01mn 52s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.6E659710270B43777FBBF9FD5525BD7A] - 17/11/2013 - 16:21:39 ---A- . (...) -- C:\lxcz.log [3402848]
~ Files: 10 Legitimates Filtered in 00mn 13s
---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{a60950f8-fe34-11de-b820-001d7d5409c9}\AutoRun\command. (...) -- I:\autorunner.exe (.not file.)
O51 - MPSK:{c3e67b94-e8e2-11de-914d-001d7d5409c9}\AutoRun\command. (...) -- I:\WD SmartWare.exe (.not file.)
O51 - MPSK:{f6493d28-4ce6-11dc-8ffc-806e6f6e6963}\AutoRun\command. (...) -- H:\Setup.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.FA72FA503F580C3C628DD8C7D7622E37] - 30/08/2013 - 08:48:12 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [49376]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
~ Drivers: 18 Legitimates Filtered in 00mn 00s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <Launcher.exe> <>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files\OrangeHSS\Launcher\Launcher.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: C:\Users\nath\AppData\Roaming\Mozilla\Firefox\Profiles\k5yp8f7l.default\searchplugins\conduit.xml
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091..clientLogIsEnabled", false);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091..clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091..uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.AboutPrivacyUrl", "http://www.conduit.com");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.AppTrackingLastCheckTime", "Fri Aug 10 2012 22:52:35 GMT+0200");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.BrowserCompStateIsOpen_1000515", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.BrowserCompStateIsOpen_129707804829376918", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.BrowserCompStateIsOpen_129990558296257215", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.BrowserCompStateIsOpen_1359634298000", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.CT2504091", "CT2504091");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.CommunitiesChangesLastCheckTime", "0");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.CurrentServerDate", "8-3-2013");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.DSChangedManually", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.DSInstall", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.DialogsAlignMode", "LTR");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.DialogsGetterLastCheckTime", "Fri Mar 08 2013 13:42:31 GMT+0100");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.DownloadReferralCookieData", "");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.EMailNotifierPollDate", "Sun Jul 22 2012 22:57:01 GMT+0200");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.FeedLastCount129079840422964131", 0);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.FeedPollDate128891351169457140", "Sun Jul 22 2012 22:52:01 GMT+0200");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.FeedPollDate129079840422964131", "Sun Jul 22 2012 22:52:01 GMT+0200");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.FeedTTL128891351169457140", 40);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.FirstServerDate", "7-6-2012");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.FirstTime", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.FirstTimeFF3", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.FirstTimeHiddenVer", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.FixPageNotFoundErrors", false);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.GroupingInvalidateCache", false);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.GroupingLastCheckTime", "0");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.GroupingLastServerUpdateTime", "0");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.GroupingServerCheckInterval", 1440);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.GroupingServiceUrl", "http://grouping.services.conduit.com/");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.HPInstall", false);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.HasUserGlobalKeys", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.HomePageProtectorEnabled", false);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.HomepageBeforeUnload", "www.google.fr");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.Initialize", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.InitializeCommonPrefs", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.InstallationAndCookieDataSentCount", 3);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.InstallationType", "Unknown");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.InstalledDate", "Thu Jun 07 2012 21:49:59 GMT+0200");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.InvalidateCache", false);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.IsAlertDBUpdated", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.IsGrouping", false);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.IsInitSetupIni", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.IsMulticommunity", false);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.IsOpenThankYouPage", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.IsOpenUninstallPage", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.IsProtectorsInit", true); =>PUP.Mocaflix
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.LanguagePackLastCheckTime", "Fri Mar 08 2013 13:42:31 GMT+0100");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.LanguagePackReloadIntervalMM", 1440);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.LastLogin_3.13.0.6", "Sun Jul 22 2012 22:52:03 GMT+0200");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.LastLogin_3.14.1.0", "Wed Aug 22 2012 16:56:39 GMT+0200");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.LastLogin_3.15.1.0", "Sun Dec 09 2012 16:59:13 GMT+0100");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.LastLogin_3.16.0.3", "Fri Mar 08 2013 13:42:31 GMT+0100");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.LatestVersion", "3.18.0.7");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.Locale", "en-us");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.MCDetectTooltipHeight", "83");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.MCDetectTooltipShow", false);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.MCDetectTooltipUrl", "http://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.MCDetectTooltipWidth", "295");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.MyStuffEnabledAtInstallation", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.OriginalFirstVersion", "3.13.0.6");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.RadioLastCheckTime", "0");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.RadioLastUpdateIPServer", "0");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.RadioLastUpdateServer", "0");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.RadioShrinked", "expanded");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.RadioShrinkedFromSetup", false);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.SHRINK_TOOLBAR", 1);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.SearchBoxWidth", 166);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.SearchCaption", "Web Search");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.SearchEngineBeforeUnload", "chrome://browser-region/locale/region.properties");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.SearchFromAddressBarIsInit", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=2&q=");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.SearchInNewTabEnabled", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.SearchInNewTabIntervalMM", 1440);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.SearchInNewTabLastCheckTime", "Fri Mar 08 2013 13:42:26 GMT+0100");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID"); =>Toolbar.Conduit
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.SearchProtectorEnabled", false); =>Toolbar.Conduit
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.SearchProtectorToolbarDisabled", false); =>Toolbar.Conduit
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.SendProtectorDataViaLogin", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.ServiceMapLastCheckTime", "Fri Mar 08 2013 13:42:28 GMT+0100");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.SettingsLastCheckTime", "Fri Mar 08 2013 13:42:17 GMT+0100");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.SettingsLastUpdate", "1362726771");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.TBHomePageUrl", "http://search.conduit.com/?ctid=CT2504091&SearchSource=13");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.ThirdPartyComponentsInterval", 504);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.ThirdPartyComponentsLastCheck", "Fri Mar 08 2013 13:42:21 GMT+0100");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.ThirdPartyComponentsLastUpdate", "1331805997");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.ToolbarShrinkedFromSetup", false);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.TrusteLinkUrl", "http://trust.conduit.com/CT2504091");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolb[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.UserID", "UN97731598066263594");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.ValidationData_Search", 2);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.ValidationData_Toolbar", 2);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.alertChannelId", "897164");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.approveUntrustedApps", false);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7e+x305",
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7e.:2z527",
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7e/x305",
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A7473717672767577787D242F4B49474F42357D5D5C3D");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7e0x305",
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7e1x305",
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7e31;cj4bk@elhlfjf(pe", "247E61393F236B2576727072722B222D6F4250454E337B35414F584D525955595[...]
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7e31;cj7>k;:ma9%peh", "247E61393F236B25727173722A212C6E414F444D327A34434A574746594D45315C5[...]
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7e31;cj7fk;kg#ncep@mc+vkn", "247E61393F236B25737471712A212C6E414F444D327A344352574757532F5[...]
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7e31;cj:?7:!habkgo(shk", "247E61393F236B257671717A742B222D6F4250454E337B35474C44472E554E4F[...]
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7e31;cjc<=fbj#k@",
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7e31;cjfj?l<;#k@", "247E61393F236B2576777773752B222D6F4250454E337B3553574C59494830584D3F36[...]
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7e31;cji8a k@c", "247E61393F236B256F75287E2A6C3F4D424B30783253424B2A554A4D3A313C7E4B47515D[...]
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7e31;cjig=ki\"mbe", "247E61393F236B2574717829202B6D404E434C31793354524856542D584D503D343F2[...]
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7e3x305",
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7e4x305", "247E302C407642373A276F29777B74762E2530413E4F494A522B55553A233C2B2F2829413843545[...]
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7e5x305",
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7e6x305",
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7e9x305",
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7e;x305",
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D334B[...]
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7ebx305",
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7ecx305",
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7etx305",
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b-0?3g@6:5;", "");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D44307832332A354448584C3A232E333E58604F645[...]
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b/556,bi5a>g", "6E6D6C6D736E6C707773797878");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6A696B7273747576");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b333=>@44i48?", "372C2D326975763342363341484775213F3E484F4E4D4648502B564B4E2E5959595F4C564F376[...]
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b5ba==9cjag", "693A6A69736C71747A4644457877474B78784B7A4D");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6B706C706F717177787575");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b9643g3/9e", "6A");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b;45>:bi9i7ie", "2B2E2C3D");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b<:222h64<", "393F352F3E");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b<:222h64<l8daj", "6D70707076737379776F2A7976727875757E21");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b=+03eh8h8j?:", "4443");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52")[...]
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b?b0d:8aj62<h", "6D");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage.cb_experience_000", "38");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage.cb_firstuse0100", "31");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage.cb_user_id_000", "43423737323930333632343139375F46697265666F78");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage.cbcountry_000", "4652");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage.cbcountry_001", "4652");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage.cbfirsttime", "546875204A756E20303720323031322032313A35303A303420474D542B30323030");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage.cbopenmamsettings", "30");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage.facebook_mode", "32");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage.facebook_user_locale", "6672");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage.pg_enable", "74727565");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage.searchappstate", "33");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage.searchapptracking", "73656E74");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage.shoppingapp.gk.exipres", "467269204A756C20323720323031322032323A35323A303820474D542B30323030")[...]
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage.shoppingapp.gk.geolocation", "6672616E6365");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage.url_history0001",
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.components.1000515", false);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.components.129079840422182852", false);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.components.129079840422339107", false);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.components.129079840422964131", false);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.components.129079849636241789", false);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.components.129707804829376918", false);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;se[...]
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.globalFirstTimeInfoLastCheckTime", "Fri Mar 08 2013 13:42:32 GMT+0100");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.homepageProtectorEnableByLogin", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.initDone", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.isAppTrackingManagerOn", false);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.isFirstRadioInstallation", false);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.myStuffEnabled", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.myStuffPublihserMinWidth", 400);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&oct[...]
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.myStuffServiceIntervalMM", 1440);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.navigateToUrlOnSearch", false);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.oldAppsList", "129079840421557838,129079840422026594,111,129079849636241789,129079840422182852,12907984042233[...]
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.revertSettingsEnabled", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.searchProtectorDialogDelayInSec", 10); =>Toolbar.Conduit
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.searchProtectorEnableByLogin", true); =>Toolbar.Conduit
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.testingCtid", "");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.toolbarAppMetaDataLastCheckTime", "Fri Mar 08 2013 13:42:31 GMT+0100");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.toolbarContextMenuLastCheckTime", "Fri Mar 08 2013 13:42:32 GMT+0100");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.undefined", "Sun Jul 22 2012 22:52:01 GMT+0200");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.usagesFlag", 2);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.ConduitSearchList", "Web Search");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.ETag.http://settings.toolbar.search.conduit.com/root/CT2504091/CT2504091", "\"63e412f55abc547acbded66d[...]
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.ETag.http://alerts.conduit-services.com/root/897164/892962/FR", "\"0\""); =>Toolbar.Conduit
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.ETag.http://appsmetadata.toolbar.conduit-services.com/?ctid=CT2504091", "\"1354582230\""); =>Toolbar.Conduit
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en-us", "G9mW7heT/8xIX1fr[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en-us", "2E1/v7EfCEDbv3VaB[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en-us", "UgzXjW7BIkfdx+x3[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en-us", "4BgM4MhF/sOgPsDNmIs[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"8076e3ce381dcd1:0\""); =>Toolbar.Conduit
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13.0.6", "\"80b45d28468cd1:0\"")[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14.1.0", "\"0e0a4327275cd1:0\"")[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15.1.0", "\"0343677cfb1cd1:0\"")[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16.0.3", "\"0343677cfb1cd1:0\"")[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.ETag.http://servicemap.conduit-services.com/Toolbar/?ownerId=CT2504091", "\"7b33d175177495d719efe50bcb[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.ETag.http://translation.toolbar.conduit-services.com/?locale=EB_LOCALE", "\"21ed730ee334d4e0ee90f0a1c0[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.ETag.http://translation.toolbar.conduit-services.com/?locale=en-us", "\"395ad1b3585943ae02a52b573fe3d6[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\nath\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\k5yp8f7l.defa[...]
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.16.0.3");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.MiniIPageGadgetSize.http://pricegong.conduitapps.com/v4//agreement/agree.html#pg_ext_msg_key_89c1dfa3,[...] =>Adware.PriceGong
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.ToolbarsList", "CT2504091");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.ToolbarsList2", "CT2504091");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.ToolbarsList4", "CT2504091");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.globalUserId", "8f37edf9-0e49-4752-9fec-04fa8a82894d");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2504091");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Fri Mar 08 2013 13:42:31 GMT+0100");
O69 - SBI: prefs.js [nath -
~ Lancé par nath (17/11/2013 17:47:56)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Forums gratuits d'Assistance à la désinfection : https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 25.0.1 (Defaut)
GCIE: Google Chrome v30.0.1599.101
---\\ Informations sur les produits Windows
~ Langage: Français
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
Windows Automatic Updates : OK
---\\ Logiciels de protection du système
avast! Free Antivirus v8.0.1497.0
Microsoft Security Client FR-FR Language Pack v2.1.1116.0
Norton Internet Security v10.1.0.26
Norton AntiVirus v14.1.0.27
Norton Protection Center v2007.1.2.11
Kaspersky Security Scan v12.0.1.340
Spybot - Search & Destroy v1.6.2
---\\ Logiciels d'optimisation du système
CCleaner =>Piriform Ltd
---\\ Logiciels de partage PeerToPeer
eMule
---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader 9.5.5 - Français
---\\ Informations sur le système
~ Processor: x86 Family 15 Model 6 Stepping 5, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1790 MB (33% free)
System Restore: Activé (Enable)
System drive C: has 71 GB (50%) free of 141 GB
---\\ Mode de connexion au système
~ Computer Name: PC-DE-NATH
~ User Name: nath
~ All Users Names: nath, ASPNET, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\nath\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\nath\AppData\Roaming\
~ %Desktop% : C:\Users\nath\Desktop\
~ %Favorites% : C:\Users\nath\Favorites\
~ %LocalAppData% : C:\Users\nath\AppData\Local\
~ %StartMenu% : C:\Users\nath\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 71 Go of 141 Go)
D: Floppy drive, Flash card reader, USB Key (Not Inserted)
E: Floppy drive, Flash card reader, USB Key (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
~ Security Center: 50 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.19/01/2008 - 08:33:37.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.C8ADAA6948993D839D14524847EA5B75] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/09/2013 - 11:13:22.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.19/01/2008 - 06:28:02.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.19/01/2008 - 06:49:18.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.19/01/2008 - 06:56:28.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.03/03/2013 - 20:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [1082232]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.19/01/2008 - 06:56:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.E8BD98D46F2ED77132BA927FCCB47D8B] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.02/11/2006 - 10:03:00.) -- C:\Windows\system32\Drivers\rdpdr.sys [242688]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Generic Processes: Scanned in 00mn 02s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/132
~ Mes musiques (My Musics) : 37/1325
~ Mes Videos (My Videos) : 1/3
~ Mes Favoris (My Favorites) : 1/30
~ Mes Documents (My Documents) : 2/507
~ Mon Bureau (My Desktop) : 3/20
~ Menu demarrer (Programs) : 1/35
~ Hidden Files: Scanned in 00mn 14s
---\\ Processus lancés
[MD5.EE4FB1BB6757675625699A32E0F80E20] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [4468736] [PID.2708]
[MD5.CBC7D8E5416AD30CF16DC2FD4A6AA399] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968] [PID.2716]
[MD5.CE5C9977DA751DDC30952AC4DCBCA788] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\hpwuschd2.exe [49208] [PID.2724]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [PID.2736]
[MD5.4B555106290BD117334E9A08761C035A] - (...) -- ystem32\RunDll32.exe [0] [PID.2764]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.2904]
[MD5.077D59BA0FD4007E841B6C670862B065] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [275568] [PID.2968]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.740]
[MD5.2E0B0A051FFAA86E358465BB0880D453] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [53784] [PID.4608]
[MD5.6EFBC82722D0F7B35283993189ECE9D0] - (.Kaspersky Lab ZAO - Kaspersky Security Scan.) -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202328] [PID.4704]
[MD5.824512C3EAE3462388B8861986907E28] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8227328] [PID.2744]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1316]
[MD5.9330941C8F6DF417F6DBBE998DB6687E] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808] [PID.1640]
[MD5.293E66AA529F0FBA1AA56340E293A389] - (.Spigot, Inc. - Application Updater.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe [380928] [PID.1248] =>PUP.Dealio
[MD5.DA1485749B785ADCEB421874F5F3405B] - (.France Telecom SA - Pas de description.) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe [65536] [PID.2292]
[MD5.0DDFDCAA92C7F553328DB06BA599BEA9] - (.Logitech Inc. - Logitech LVPrcSrv Module..) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [154136] [PID.2424]
[MD5.910FBA95EE4F56449AA81315884C8EFD] - (.Sonic Solutions - RoxSniffer9 Module.) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [166648] [PID.2604]
[MD5.794D4B48DFB6E999537C7C3947863463] - (.Safer Networking Ltd. - Spybot-S&D Security Center integration.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368] [PID.3300]
[MD5.9638E5820858593A12005C753B03CEAE] - (.Sonic Solutions - RoxMediaDB9 Module.) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [887544] [PID.3884]
[MD5.C559672F31ABE6BA7277DD73C4502238] - (.Microsoft Corporation - Installateur Windows®.) -- C:\Windows\system32\msiexec.exe [73216] [PID.5004]
~ Processes Running: Scanned in 00mn 05s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\nath\AppData\Local\Google\Chrome\User Data\Default\Preferences
~ Google Browser: 13 Legitimates Filtered in 00mn 22s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\nath\AppData\Roaming\Mozilla\Firefox\Profiles\k5yp8f7l.default\prefs.js
M3 - MFPP: Plugins - [nath] -- C:\Users\nath\AppData\Roaming\Mozilla\Firefox\Profiles\k5yp8f7l.default\searchplugins\conduit.xml
M1 - SPR:Search Page Redirection - C:\Program Files\Mozilla FireFox\extensions\searchsettings@spigot.com =>Adware.SearchSettings
M2 - MFEP: prefs.js [nath - k5yp8f7l.default\{ba14329e-9550-4989-b3f2-9732e92d17cc}(47)] [] Vuze Remote Community Toolbar v3.18.0.7 (..) =>P2P.Azureus
P2 - FPN: [HKCU] [@facebook.com/FBPlugin,version=1.0.3] - (.Pas de propriétaire - Provides additional functionality on Facebook. See <a href="http://www.) -- C:\Users\nath\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll =>.Facebook
~ Firefox Browser: 26 Legitimates Filtered in 00mn 01s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.msn.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.msn.com/fr-fr/
R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} . (.Pas de propriétaire - Provides additional functionality on Facebook. See <a href="http://www.) (No version) -- (.not file.) =>.Facebook
R3 - URLSearchHook: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (.Pas de propriétaire - Provides additional functionality on Facebook. See <a href="http://www.) (No version) -- (.not file.) =>.Facebook
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Pas de propriétaire - Provides additional functionality on Facebook. See <a href="http://www.) (No version) -- (.not file.) =>.Facebook
~ IE Browser: 11 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 14s
~ Nombre de lignes (Lines number): 15212
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} . (.Spigot, Inc. - Search Settings IE.) -- C:\Program Files\Search Settings\SearchSettings.dll =>Adware.SearchSettings
~ BHO: 22 Legitimates Filtered in 00mn 01s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Show Norton Toolbar - [HKLM]{90222687-F593-4738-B738-FBEE9C7B26DF} . (.Symantec Corporation - UIBhoImpl.) -- C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: avast! Online Security - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Bing Bar - [HKLM]{eec0f710-38b5-4aba-99bf-ec87564a4e13} . (.Microsoft Corporation. - Extensions du client Bing.) -- C:\Program Files\Microsoft\BingBar\7.2.241.0\BingExt.dll =>Toolbar.Bing
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{BA14329E-9550-4989-B3F2-9732E92D17CC} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Creator 9.lnk . (...) -- C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\Main\Roxio_Central33.exe
O4 - GS\Desktop [Public]: eMule.lnk . (.https://www.emule-project.net/home/perl/general.cgi?l=1 - eMule.) -- C:\Program Files\eMule\emule.exe
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: Google Desktop.lnk . (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Vuze.lnk - Clé orpheline =>P2P.Azureus
O4 - GS\QuickLaunch [nath]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [nath]: Horaires de Trains.lnk - Clé orpheline
O4 - GS\QuickLaunch [nath]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [nath]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch [nath]: Vuze.lnk - Clé orpheline =>P2P.Azureus
O4 - GS\Program [nath]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [nath]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [nath]: Horaires de Trains.lnk - Clé orpheline
O4 - GS\Desktop [nath]: Images - Raccourci.lnk . (...) -- C:\Users\nath\Pictures
O4 - GS\Desktop [nath]: Internet - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop [nath]: Kaspersky Security Scan.lnk . (.Kaspersky Lab ZAO - Kaspersky Security Scan.) -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
O4 - GS\Desktop [nath]: Spybot - Search & Destroy.lnk . (.Safer Networking Limited - Spybot - Search & Destroy.) -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
~ Global Startup: 71 Legitimates Filtered in 00mn 03s
---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [nath]: Alertes de surveillance de l'encre - HP Deskjet 2510 series.lnk . (.Hewlett-Packard Co. - Print Driver Status Business Logic.) -- C:\Program Files\HP\HP Deskjet 2510 series\bin\HPStatusBL.dll =>.Hewlett-Packard Co
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [EoEngine] Clé orpheline
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKCU\..\Run: [KSS] . (.Kaspersky Lab ZAO - Kaspersky Security Scan.) -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] C:\Program Files\MSN Messenger\msnmsgr.exe (.not file.)
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] . (.Google Inc. - Picasa.) -- C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] Clé orpheline
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] Clé orpheline
O4 - HKUS\S-1-5-21-285062104-3620527859-2794723330-1002\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-285062104-3620527859-2794723330-1002\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKUS\S-1-5-21-285062104-3620527859-2794723330-1002\..\Run: [KSS] . (.Kaspersky Lab ZAO - Kaspersky Security Scan.) -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -- Clé orpheline
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} ((no name)) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{8C4A76E9-B223-43A6-8830-AD41E55F64C1}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{8C4A76E9-B223-43A6-8830-AD41E55F64C1}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{8C4A76E9-B223-43A6-8830-AD41E55F64C1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.Google - Google Desktop.) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll
~ AppInit DLL: Scanned in 00mn 00s
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Application Updater (Application Updater) . (.Spigot, Inc. - Application Updater.) - C:\Program Files\Application Updater\ApplicationUpdater.exe =>PUP.Dealio
O23 - Service: Securitoo Control Parental (OPTENET_FILTER) . (...) - C:\Program Files\Securitoo\Controle Parental\bin\optproxy.exe (.not file.)
O23 - Service: SBSD Security Center Service (SBSDWSCService) . (.Safer Networking Ltd. - Spybot-S&D Security Center integration.) - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
~ Services: 8 Legitimates Filtered in 00mn 15s
---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Daily 1)] (...) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Daily 2)] (...) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Daily 3)] (...) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Daily 4)] (...) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Weekly)] (...) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [BFGLaunch_bfgclient] (...) -- C:\Program Files\bfgclient\bfgclient.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [BFGLaunch_insaniquarium] (...) -- C:\Users\nath\AppData\Local\Temp\insaniquarium.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{0DEE5737-7B66-493F-9621-319E8BEEB345}] (...) -- H:\atw.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{A2F9B678-EABF-486E-944C-A85A01A938C5}] (...) -- H:\KitWanadoo.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{E44ADB2E-A8C0-4FC9-AE08-BD902D5BB7A0}] (...) -- H:\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{FABA8151-036A-4F95-B3B0-9DCB06FB43B7}] (...) -- I:\nero\setupx.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{FC203897-C40C-456A-9DFA-BB9E2F05C6DF}] (...) -- I:\nero\setup.exe (.not file.) [0]
~ Scheduled Task: 32 Legitimates Filtered in 00mn 10s
---\\ Logiciels installés (O42)
O42 - Logiciel: Search Settings v1.2.3 - (.Spigot, Inc..) [HKLM] -- {5F05C28D-DEA9-4AD6-A73A-064175988EAB} =>Adware.SearchSettings
O42 - Logiciel: Video SIS V7.14.10.5051 - (...) [HKLM] -- VIDEO_SIS
~ Logic: 114 Legitimates Filtered in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\EoRezo] =>PUP.Eorezo
[HKCU\Software\ItsLabel] =>PUP.ItsLabel
[HKCU\Software\PCTools]
[HKCU\Software\Winsudate] =>Adware.Gibmedia
[HKCU\Software\YahooPartnerToolbar]
[HKLM\Software\Conduit] =>Toolbar.Conduit
[HKLM\Software\EoRezo] =>PUP.Eorezo
[HKLM\Software\GamesBarSetup] =>Adware.GamesBar
[HKLM\Software\PCTools]
[HKLM\Software\Search Settings] =>Adware.SearchSettings
[HKLM\Software\TENCENT] =>Adware.TencentAddressBar
[HKLM\Software\Vittalia] =>PUP.Vittalia
~ Key Software: 197 Legitimates Filtered in 00mn 01s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 23/07/2010 - 21:31:21 - [0,102] ----D C:\Program Files\EoRezo =>PUP.Eorezo
O43 - CFD: 23/08/2009 - 11:43:58 - [0,002] ----D C:\Program Files\GamesBar =>Adware.GamesBar
O43 - CFD: 22/05/2010 - 10:36:29 - [2,066] ----D C:\Program Files\Search Settings =>Adware.SearchSettings
O43 - CFD: 08/04/2012 - 17:19:15 - [34,459] ----D C:\Program Files\Spyware Doctor
O43 - CFD: 14/07/2011 - 19:32:14 - [1,385] ----D C:\Users\nath\AppData\Roaming\EoRezo =>PUP.Eorezo
O43 - CFD: 23/08/2009 - 11:44:58 - [0] ----D C:\Users\nath\AppData\Roaming\iWin
O43 - CFD: 22/07/2012 - 21:56:57 - [0] ----D C:\Users\nath\AppData\Local\Conduit
~ 1 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 204 Legitimates Filtered in 01mn 52s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.6E659710270B43777FBBF9FD5525BD7A] - 17/11/2013 - 16:21:39 ---A- . (...) -- C:\lxcz.log [3402848]
~ Files: 10 Legitimates Filtered in 00mn 13s
---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{a60950f8-fe34-11de-b820-001d7d5409c9}\AutoRun\command. (...) -- I:\autorunner.exe (.not file.)
O51 - MPSK:{c3e67b94-e8e2-11de-914d-001d7d5409c9}\AutoRun\command. (...) -- I:\WD SmartWare.exe (.not file.)
O51 - MPSK:{f6493d28-4ce6-11dc-8ffc-806e6f6e6963}\AutoRun\command. (...) -- H:\Setup.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.FA72FA503F580C3C628DD8C7D7622E37] - 30/08/2013 - 08:48:12 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [49376]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
~ Drivers: 18 Legitimates Filtered in 00mn 00s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <Launcher.exe> <>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files\OrangeHSS\Launcher\Launcher.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: C:\Users\nath\AppData\Roaming\Mozilla\Firefox\Profiles\k5yp8f7l.default\searchplugins\conduit.xml
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091..clientLogIsEnabled", false);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091..clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091..uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.AboutPrivacyUrl", "http://www.conduit.com");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.AppTrackingLastCheckTime", "Fri Aug 10 2012 22:52:35 GMT+0200");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.BrowserCompStateIsOpen_1000515", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.BrowserCompStateIsOpen_129707804829376918", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.BrowserCompStateIsOpen_129990558296257215", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.BrowserCompStateIsOpen_1359634298000", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.CT2504091", "CT2504091");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.CommunitiesChangesLastCheckTime", "0");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.CurrentServerDate", "8-3-2013");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.DSChangedManually", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.DSInstall", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.DialogsAlignMode", "LTR");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.DialogsGetterLastCheckTime", "Fri Mar 08 2013 13:42:31 GMT+0100");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.DownloadReferralCookieData", "");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.EMailNotifierPollDate", "Sun Jul 22 2012 22:57:01 GMT+0200");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.FeedLastCount129079840422964131", 0);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.FeedPollDate128891351169457140", "Sun Jul 22 2012 22:52:01 GMT+0200");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.FeedPollDate129079840422964131", "Sun Jul 22 2012 22:52:01 GMT+0200");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.FeedTTL128891351169457140", 40);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.FirstServerDate", "7-6-2012");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.FirstTime", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.FirstTimeFF3", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.FirstTimeHiddenVer", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.FixPageNotFoundErrors", false);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.GroupingInvalidateCache", false);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.GroupingLastCheckTime", "0");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.GroupingLastServerUpdateTime", "0");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.GroupingServerCheckInterval", 1440);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.GroupingServiceUrl", "http://grouping.services.conduit.com/");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.HPInstall", false);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.HasUserGlobalKeys", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.HomePageProtectorEnabled", false);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.HomepageBeforeUnload", "www.google.fr");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.Initialize", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.InitializeCommonPrefs", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.InstallationAndCookieDataSentCount", 3);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.InstallationType", "Unknown");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.InstalledDate", "Thu Jun 07 2012 21:49:59 GMT+0200");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.InvalidateCache", false);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.IsAlertDBUpdated", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.IsGrouping", false);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.IsInitSetupIni", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.IsMulticommunity", false);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.IsOpenThankYouPage", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.IsOpenUninstallPage", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.IsProtectorsInit", true); =>PUP.Mocaflix
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.LanguagePackLastCheckTime", "Fri Mar 08 2013 13:42:31 GMT+0100");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.LanguagePackReloadIntervalMM", 1440);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.LastLogin_3.13.0.6", "Sun Jul 22 2012 22:52:03 GMT+0200");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.LastLogin_3.14.1.0", "Wed Aug 22 2012 16:56:39 GMT+0200");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.LastLogin_3.15.1.0", "Sun Dec 09 2012 16:59:13 GMT+0100");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.LastLogin_3.16.0.3", "Fri Mar 08 2013 13:42:31 GMT+0100");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.LatestVersion", "3.18.0.7");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.Locale", "en-us");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.MCDetectTooltipHeight", "83");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.MCDetectTooltipShow", false);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.MCDetectTooltipUrl", "http://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.MCDetectTooltipWidth", "295");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.MyStuffEnabledAtInstallation", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.OriginalFirstVersion", "3.13.0.6");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.RadioLastCheckTime", "0");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.RadioLastUpdateIPServer", "0");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.RadioLastUpdateServer", "0");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.RadioShrinked", "expanded");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.RadioShrinkedFromSetup", false);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.SHRINK_TOOLBAR", 1);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.SearchBoxWidth", 166);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.SearchCaption", "Web Search");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.SearchEngineBeforeUnload", "chrome://browser-region/locale/region.properties");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.SearchFromAddressBarIsInit", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=2&q=");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.SearchInNewTabEnabled", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.SearchInNewTabIntervalMM", 1440);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.SearchInNewTabLastCheckTime", "Fri Mar 08 2013 13:42:26 GMT+0100");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID"); =>Toolbar.Conduit
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.SearchProtectorEnabled", false); =>Toolbar.Conduit
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.SearchProtectorToolbarDisabled", false); =>Toolbar.Conduit
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.SendProtectorDataViaLogin", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.ServiceMapLastCheckTime", "Fri Mar 08 2013 13:42:28 GMT+0100");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.SettingsLastCheckTime", "Fri Mar 08 2013 13:42:17 GMT+0100");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.SettingsLastUpdate", "1362726771");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.TBHomePageUrl", "http://search.conduit.com/?ctid=CT2504091&SearchSource=13");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.ThirdPartyComponentsInterval", 504);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.ThirdPartyComponentsLastCheck", "Fri Mar 08 2013 13:42:21 GMT+0100");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.ThirdPartyComponentsLastUpdate", "1331805997");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.ToolbarShrinkedFromSetup", false);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.TrusteLinkUrl", "http://trust.conduit.com/CT2504091");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolb[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.UserID", "UN97731598066263594");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.ValidationData_Search", 2);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.ValidationData_Toolbar", 2);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.alertChannelId", "897164");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.approveUntrustedApps", false);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7e+x305",
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7e.:2z527",
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7e/x305",
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A7473717672767577787D242F4B49474F42357D5D5C3D");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7e0x305",
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7e1x305",
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7e31;cj4bk@elhlfjf(pe", "247E61393F236B2576727072722B222D6F4250454E337B35414F584D525955595[...]
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7e31;cj7>k;:ma9%peh", "247E61393F236B25727173722A212C6E414F444D327A34434A574746594D45315C5[...]
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7e31;cj7fk;kg#ncep@mc+vkn", "247E61393F236B25737471712A212C6E414F444D327A344352574757532F5[...]
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7e31;cj:?7:!habkgo(shk", "247E61393F236B257671717A742B222D6F4250454E337B35474C44472E554E4F[...]
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7e31;cjc<=fbj#k@",
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7e31;cjfj?l<;#k@", "247E61393F236B2576777773752B222D6F4250454E337B3553574C59494830584D3F36[...]
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7e31;cji8a k@c", "247E61393F236B256F75287E2A6C3F4D424B30783253424B2A554A4D3A313C7E4B47515D[...]
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7e31;cjig=ki\"mbe", "247E61393F236B2574717829202B6D404E434C31793354524856542D584D503D343F2[...]
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7e3x305",
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7e4x305", "247E302C407642373A276F29777B74762E2530413E4F494A522B55553A233C2B2F2829413843545[...]
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7e5x305",
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7e6x305",
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7e9x305",
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7e;x305",
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D334B[...]
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7ebx305",
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7ecx305",
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b+7etx305",
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b-0?3g@6:5;", "");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D44307832332A354448584C3A232E333E58604F645[...]
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b/556,bi5a>g", "6E6D6C6D736E6C707773797878");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6A696B7273747576");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b333=>@44i48?", "372C2D326975763342363341484775213F3E484F4E4D4648502B564B4E2E5959595F4C564F376[...]
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b5ba==9cjag", "693A6A69736C71747A4644457877474B78784B7A4D");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6B706C706F717177787575");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b9643g3/9e", "6A");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b;45>:bi9i7ie", "2B2E2C3D");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b<:222h64<", "393F352F3E");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b<:222h64<l8daj", "6D70707076737379776F2A7976727875757E21");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b=+03eh8h8j?:", "4443");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52")[...]
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9b?b0d:8aj62<h", "6D");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage.cb_experience_000", "38");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage.cb_firstuse0100", "31");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage.cb_user_id_000", "43423737323930333632343139375F46697265666F78");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage.cbcountry_000", "4652");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage.cbcountry_001", "4652");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage.cbfirsttime", "546875204A756E20303720323031322032313A35303A303420474D542B30323030");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage.cbopenmamsettings", "30");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage.facebook_mode", "32");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage.facebook_user_locale", "6672");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage.pg_enable", "74727565");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage.searchappstate", "33");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage.searchapptracking", "73656E74");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage.shoppingapp.gk.exipres", "467269204A756C20323720323031322032323A35323A303820474D542B30323030")[...]
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage.shoppingapp.gk.geolocation", "6672616E6365");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.backendstorage.url_history0001",
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.components.1000515", false);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.components.129079840422182852", false);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.components.129079840422339107", false);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.components.129079840422964131", false);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.components.129079849636241789", false);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.components.129707804829376918", false);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;se[...]
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.globalFirstTimeInfoLastCheckTime", "Fri Mar 08 2013 13:42:32 GMT+0100");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.homepageProtectorEnableByLogin", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.initDone", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.isAppTrackingManagerOn", false);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.isFirstRadioInstallation", false);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.myStuffEnabled", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.myStuffPublihserMinWidth", 400);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&oct[...]
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.myStuffServiceIntervalMM", 1440);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.navigateToUrlOnSearch", false);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.oldAppsList", "129079840421557838,129079840422026594,111,129079849636241789,129079840422182852,12907984042233[...]
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.revertSettingsEnabled", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.searchProtectorDialogDelayInSec", 10); =>Toolbar.Conduit
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.searchProtectorEnableByLogin", true); =>Toolbar.Conduit
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.testingCtid", "");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.toolbarAppMetaDataLastCheckTime", "Fri Mar 08 2013 13:42:31 GMT+0100");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.toolbarContextMenuLastCheckTime", "Fri Mar 08 2013 13:42:32 GMT+0100");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.undefined", "Sun Jul 22 2012 22:52:01 GMT+0200");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CT2504091.usagesFlag", 2);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.ConduitSearchList", "Web Search");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.ETag.http://settings.toolbar.search.conduit.com/root/CT2504091/CT2504091", "\"63e412f55abc547acbded66d[...]
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.ETag.http://alerts.conduit-services.com/root/897164/892962/FR", "\"0\""); =>Toolbar.Conduit
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.ETag.http://appsmetadata.toolbar.conduit-services.com/?ctid=CT2504091", "\"1354582230\""); =>Toolbar.Conduit
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en-us", "G9mW7heT/8xIX1fr[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en-us", "2E1/v7EfCEDbv3VaB[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en-us", "UgzXjW7BIkfdx+x3[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en-us", "4BgM4MhF/sOgPsDNmIs[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"8076e3ce381dcd1:0\""); =>Toolbar.Conduit
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13.0.6", "\"80b45d28468cd1:0\"")[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14.1.0", "\"0e0a4327275cd1:0\"")[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15.1.0", "\"0343677cfb1cd1:0\"")[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16.0.3", "\"0343677cfb1cd1:0\"")[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.ETag.http://servicemap.conduit-services.com/Toolbar/?ownerId=CT2504091", "\"7b33d175177495d719efe50bcb[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.ETag.http://translation.toolbar.conduit-services.com/?locale=EB_LOCALE", "\"21ed730ee334d4e0ee90f0a1c0[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.ETag.http://translation.toolbar.conduit-services.com/?locale=en-us", "\"395ad1b3585943ae02a52b573fe3d6[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\nath\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\k5yp8f7l.defa[...]
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.16.0.3");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.MiniIPageGadgetSize.http://pricegong.conduitapps.com/v4//agreement/agree.html#pg_ext_msg_key_89c1dfa3,[...] =>Adware.PriceGong
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.ToolbarsList", "CT2504091");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.ToolbarsList2", "CT2504091");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.ToolbarsList4", "CT2504091");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.globalUserId", "8f37edf9-0e49-4752-9fec-04fa8a82894d");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2504091");
O69 - SBI: prefs.js [nath - k5yp8f7l.default] user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Fri Mar 08 2013 13:42:31 GMT+0100");
O69 - SBI: prefs.js [nath -
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
lilidurhone
Messages postés
43347
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
31 octobre 2024
3 806
17 nov. 2013 à 18:14
17 nov. 2013 à 18:14
Désinstalles
Microsoft Security Client FR-FR Language Pack v2.1.1116.0
Norton Internet Security v10.1.0.26
Norton AntiVirus v14.1.0.27
Norton Protection Center v2007.1.2.11
Kaspersky Security Scan v12.0.1.340
Spybot - Search & Destroy v1.6.2
Inutile de continuer sur ce sujet répond sur l'autre!
Microsoft Security Client FR-FR Language Pack v2.1.1116.0
Norton Internet Security v10.1.0.26
Norton AntiVirus v14.1.0.27
Norton Protection Center v2007.1.2.11
Kaspersky Security Scan v12.0.1.340
Spybot - Search & Destroy v1.6.2
Inutile de continuer sur ce sujet répond sur l'autre!
@res
Messages postés
546
Date d'inscription
lundi 4 novembre 2013
Statut
Membre
Dernière intervention
11 janvier 2014
36
16 nov. 2013 à 13:54
16 nov. 2013 à 13:54
Bonjour télécharger le scan de kaspersky
https://www.kaspersky.fr/downloads
Et publié le rapport
https://www.kaspersky.fr/downloads
Et publié le rapport
