Ouverture IE avec message getwindoinfo

fled91 Messages postés 8 Date d'inscription Statut Membre Dernière intervention -
Malekal_morte- Messages postés 180304 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention - 27 mars 2014 à 11:44

Bonjour,
Je viens de voir que d'autres membres ont signalé le même problème en fevrier, mais je ne sais pas si je peux appliquer le même cheminement et en plus comme j'y connais pas grand chose, ça me paraît compliqué.
J'ai déjà nettoyer mon pc avec adw cleaner (car j'avais vu qu'il succèdait à ADremover) et effectivement il a supprimé pas mal de choses dont des traces de awesomewehp et search machin chose... mais le bug getwindoinfo est resté.
donc est-ce que je passe également par ZHPDiag ?
Merci d'avance.

Afficher la suite

A voir également:

Ouverture IE avec message getwindoinfo
Recuperer message whatsapp supprimé - Guide
Message supprimé whatsapp - Guide
Message absence thunderbird - Guide
Epingler un message whatsapp - Accueil - Messagerie instantanée
Message du pere noel gratuit whatsapp - Accueil - Messagerie instantanée

9 réponses

Réponse 1 / 9

Malekal_morte- Messages postés 180304 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention 24 686

Salut,

Tu as installé des adwares et programmes parasites sur ton PC.
Voici la procédure à suivre pour les supprimer :

Un nettoyage AdwCleaner (environ 10/15min) :
======================================
Suis ce tutorial https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/?t=33839&start= AdwCleaner ( d'Xplode ) sur ton bureau.
Vas sur le lien, télécharge AdwCleaner comme indiqué.
Lance AdwCleaner, clique sur [Scanner].
Le scan peux durer plusieurs minutes, patienter.
Une fois le scan terminé, clique sur [Nettoyer]

Une fois le nettoyage terminé, un rapport s'ouvrira. Copie/colle le contenu du rapport dans ta prochaine réponse par un copier/coller.
Si cela ne fonctionne pas, utilise le site http://pjjoint.malekal.com pour héberger le rapport, donne le lien du rapport dans un nouveau message.

Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt

puis :

Scan Malwarebytes (temps : environ 40min de scan):
==================================================
Télécharge et installe Malwarebyte : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Mets le à jour puis lance un examen.

A la fin du scan, clic sur "Mettre tout en quarantaine" en bas à gauche.
Redémarre l'ordinateur si besoin.
Après redémarrage, relance Malwarebytes.
Vas chercher le rapport dans l'onglet Historique.
A gauche Journal des examens.
Doube-clic sur l'examen dans la liste.
Puis en bas Copier dans le presse papier
et colle ici le rapport dans un message en réponse.

Réponse 2 / 9

fled91 Messages postés 8 Date d'inscription Statut Membre Dernière intervention

Merci du retour,

Comme j'avais déjà utilisé adwcleaner, le rapport est visiblement vide.
Pr contre effectivement avec malwarebytes, pas mal de choses sont retenues.
au redemarrage après malwarebytes, le fameuse fen^tre getwindoinfo est réapparue en tout cas.
Les deux rapport ci-après
Merci d'avance pour la suite ....

adwcleaner ===================================:
# AdwCleaner v3.022 - Rapport créé le 26/03/2014 à 10:34:00
# Mis à jour le 13/03/2014 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : Admin - ADMIN-PC
# Exécuté depuis : C:\Users\Admin\Desktop\adwcleaner.exe
# Option : Nettoyer

***** [ Services ] *****

***** [ Fichiers / Dossiers ] *****

***** [ Raccourcis ] *****

***** [ Registre ] *****

***** [ Navigateurs ] *****

-\\ Internet Explorer v11.0.9600.16521

-\\ Google Chrome v33.0.1750.154

[ Fichier : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [24422 octets] - [25/03/2014 05:06:29]
AdwCleaner[R1].txt - [24413 octets] - [25/03/2014 05:08:05]
AdwCleaner[R2].txt - [1391 octets] - [25/03/2014 05:48:52]
AdwCleaner[R3].txt - [2482 octets] - [25/03/2014 06:15:49]
AdwCleaner[R4].txt - [1223 octets] - [26/03/2014 10:27:00]
AdwCleaner[S0].txt - [19556 octets] - [25/03/2014 05:14:43]
AdwCleaner[S1].txt - [1460 octets] - [25/03/2014 05:50:01]
AdwCleaner[S2].txt - [1567 octets] - [25/03/2014 06:16:38]
AdwCleaner[S3].txt - [1145 octets] - [26/03/2014 10:34:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1205 octets] ##########

malwarebytes =================================:
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 26/03/2014
Scan Time: 11:19:07
Logfile:
Administrator: Yes

Version: 2.00.0.1000
Malware Database: v2014.03.26.03
Rootkit Database: v2014.03.25.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Admin

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 305365
Time Elapsed: 15 min, 31 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 1
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe, 2096, Delete-on-Reboot, [25b666a144378caa192f55ff7a88d62a]

Modules: 1
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdate.dll, Delete-on-Reboot, [2eadc245601bb6800aae3f142ad8b050],

Registry Keys: 73
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdate.OneClickCtrl.9, Quarantined, [35a6e3247308e452d576e27260a2e21e],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdate.OneClickProcessLauncherMachine, Quarantined, [3c9f08ffcab1bc7af9524a0aee14b749],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdate.OneClickProcessLauncherMachine.1.0, Quarantined, [c318ff08cfaca78f311a01530bf7ca36],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdate.Update3WebControl.3, Quarantined, [746713f435467abccd7d5ff5de2455ab],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.CoCreateAsync, Quarantined, [2ab19176b3c8f3439ab1d28233cf8f71],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.CoCreateAsync.1.0, Quarantined, [9348b3542853a69071da3f152ed4e21e],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.CoreClass, Quarantined, [934853b4304b8babda71351f9969758b],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.CoreClass.1, Quarantined, [1cbf13f4bbc0b87e0f3cf26218eaa65a],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.CoreMachineClass, Quarantined, [5b807d8abdbe1a1c2724a1b3bb47d927],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.CoreMachineClass.1, Quarantined, [e6f5e621790263d36eddc88c61a1a25e],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.CredentialDialogMachine, Quarantined, [d90250b7e19ae94da7a4e56ffd056c94],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.CredentialDialogMachine.1.0, Quarantined, [9843ae593a41ac8a63e8b2a247bb7c84],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.OnDemandCOMClassMachine, Quarantined, [fedd6c9b691243f3d675b1a31ae8857b],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.OnDemandCOMClassMachine.1.0, Quarantined, [9a41db2cf883e353f358bd97639f10f0],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.OnDemandCOMClassMachineFallback, Quarantined, [3ba09a6db8c339fd1b302d27b34f14ec],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.OnDemandCOMClassMachineFallback.1.0, Quarantined, [c01b0ef9de9d251177d477ddea18f20e],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.OnDemandCOMClassSvc, Quarantined, [c9125bacdf9c181eda715bf9ef131ce4],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.OnDemandCOMClassSvc.1.0, Quarantined, [16c525e27a011026fd4e6be90ff3fb05],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.ProcessLauncher, Quarantined, [bc1fcd3ac2b9f244b09b8cc8f50dc937],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.ProcessLauncher.1.0, Quarantined, [0ecdac5b0675e2541b30163eac564fb1],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.Update3COMClassService, Quarantined, [ca11a95e5526ec4abc8fcd8750b2dd23],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.Update3COMClassService.1.0, Quarantined, [7d5eb94edd9e5dd9af9c153f679b847c],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.Update3WebMachine, Quarantined, [b328a7602f4cd95daf9cc49006fca35d],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.Update3WebMachine.1.0, Quarantined, [c219ef18433879bd61eac490a260966a],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.Update3WebMachineFallback, Quarantined, [b922a36494e71521bb902d2753af728e],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.Update3WebMachineFallback.1.0, Quarantined, [32a95fa81b60aa8c2f1c3b190ff3d52b],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.Update3WebSvc, Quarantined, [26b566a1d1aa84b2113ac98b1fe3bc44],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.Update3WebSvc.1.0, Quarantined, [66755bac4e2dc373f556a9abbd457a86],
PUP.Optional.Awesomehp.A, HKLM\SOFTWARE\WOW6432NODE\awesomehpSoftware, Quarantined, [05d6f314b9c2fd396457510dec164ab6],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdate.OneClickCtrl.9, Quarantined, [2caf9d6a5427082e4704351f6a986997],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdate.OneClickProcessLauncherMachine, Quarantined, [15c6c344b4c7171f7dcede767191a759],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdate.OneClickProcessLauncherMachine.1.0, Quarantined, [568556b126553ef8b59698bcee14817f],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdate.Update3WebControl.3, Quarantined, [5c7f39ce22593303f85279db16ecd12f],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.CoCreateAsync, Quarantined, [6f6cdc2bf28989ad53f8ce8661a18a76],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.CoCreateAsync.1.0, Quarantined, [b12a24e3601b90a6a9a2193b24deb848],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.CoreClass, Quarantined, [c61523e4aad1102688c377dd2bd7d030],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.CoreClass.1, Quarantined, [1cbff90eec8f51e5ec5f0f459d654fb1],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.CoreMachineClass, Quarantined, [4398f41366151c1a78d36aea0bf7ca36],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.CoreMachineClass.1, Quarantined, [eaf1d037e49723132922d57fc141847c],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.CredentialDialogMachine, Quarantined, [31aa52b57cff75c11f2caba919e912ee],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.CredentialDialogMachine.1.0, Quarantined, [05d6ee19abd0db5b5deed3813ec4cb35],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.OnDemandCOMClassMachine, Quarantined, [b8234dbaf08b85b15cef8ec6e919966a],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.OnDemandCOMClassMachine.1.0, Quarantined, [0ecd85827b00cf6718333e162cd629d7],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.OnDemandCOMClassMachineFallback, Quarantined, [ecefea1d27548da974d7d57f06fc8977],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.OnDemandCOMClassMachineFallback.1.0, Quarantined, [e3f839ce5229ca6c77d4b69e748eed13],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.OnDemandCOMClassSvc, Quarantined, [f4e7b94edc9f57dfb299d57fcd35c739],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.OnDemandCOMClassSvc.1.0, Quarantined, [7e5dd92e16658ea83b1093c1da28f10f],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.ProcessLauncher, Quarantined, [e6f59374b9c21323ec5fd381010149b7],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.ProcessLauncher.1.0, Quarantined, [6675bf48aecd2511400bf46052b035cb],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.Update3COMClassService, Quarantined, [e8f30304abd02610b19a6be921e18878],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.Update3COMClassService.1.0, Quarantined, [e0fbaf58156663d360eb90c411f18779],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.Update3WebMachine, Quarantined, [5d7eb354740778be25262e268c7648b8],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.Update3WebMachine.1.0, Quarantined, [06d5977057247db96ae176dee71b669a],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.Update3WebMachineFallback, Quarantined, [09d216f1e893f93dfa516ee6ca38c23e],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.Update3WebMachineFallback.1.0, Quarantined, [bd1e897ede9d39fdbc8f2c28b25023dd],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.Update3WebSvc, Quarantined, [d5066a9d84f7b185c982c78d37cb2ad6],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.Update3WebSvc.1.0, Quarantined, [d803b0570774191d3c0f2034d1316e92],
PUP.Optional.QuickStart.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pelmeidfhdlhlbjimpabfcbnnojbboma, Quarantined, [35a66c9b5e1d64d26619ba9b10f27f81],
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SWEETIM, Quarantined, [d00b65a282f93bfbcb4c9fdaed160ff1],
PUP.Optional.PriceMeter.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\pricemeterliveUpdate, Quarantined, [25b666a144378caa192f55ff7a88d62a],
PUP.Optional.PriceMeter.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\pricemeterliveUpdatem, Quarantined, [25b666a144378caa192f55ff7a88d62a],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\PRICEMETERLIVEUPDATE.EXE, Quarantined, [25b666a144378caa192f55ff7a88d62a],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\PRICEMETERLIVEUPDATE.EXE, Quarantined, [25b666a144378caa192f55ff7a88d62a],
PUP.Optional.Feven.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Feven 2.2, Quarantined, [a4374abd9cdf71c5101d134ab84a9a66],
PUP.Optional.PriceGong.A, HKU\S-1-5-21-1225852041-1575644295-3242496591-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PriceGong, Quarantined, [21ba27e0d8a380b6c65f0e4efe04847c],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{89449F37-4AB2-46ED-A566-BB3A7797701B}, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{89449F37-4AB2-46ED-A566-BB3A7797701B}, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{89449F37-4AB2-46ED-A566-BB3A7797701B}, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{F509ADC2-B40E-470F-A7B7-45191486B5CB}, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F509ADC2-B40E-470F-A7B7-45191486B5CB}, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{F509ADC2-B40E-470F-A7B7-45191486B5CB}, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4211E851-747F-4470-923D-6EF683EE79CA}, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{74930D00-2198-46FE-B6BC-FEEC60C666C9}, Quarantined, [2eadc245601bb6800aae3f142ad8b050],

Registry Values: 1
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SWEETIM|simapp_id, {AEB37401-3348-11E2-9E46-742F685330B0}, Quarantined, [d00b65a282f93bfbcb4c9fdaed160ff1]

Registry Data: 1
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Replaced,[ab30fb0c80fb75c19e98d82d11f36a96]

Folders: 35
PUP.Optional.Conduit.A, C:\Users\Admin\AppData\Local\Temp\ct3244149, Quarantined, [edee1fe897e45adcf1fe95b7b84a7888],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\img, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\img\weather, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\js, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\_locales, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\_locales\en, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\_locales\es, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\_locales\es_419, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\_locales\fr, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\_locales\fr-BE, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\_locales\fr-CA, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\_locales\fr-CH, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\_locales\fr-LU, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\_locales\it, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\_locales\it-CH, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\_locales\pl, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\_locales\pt_BR, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\_locales\ru, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\_locales\ru-MO, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\_locales\tr, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\_locales\vi, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\_locales\zh_CN, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\_locales\zh_TW, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.PriceMeter.A, C:\Users\Admin\AppData\Roaming\PriceMeterUpdater, Quarantined, [04d74eb9e695df575d5ab99a7a88857b],
PUP.Optional.PriceMeter.A, C:\Users\Admin\AppData\Roaming\PriceMeterUpdater\UpdateProc, Quarantined, [04d74eb9e695df575d5ab99a7a88857b],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate, Delete-on-Reboot, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\CrashReports, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update, Delete-on-Reboot, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0, Delete-on-Reboot, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\Download, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\Install, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\Offline, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\Offline\{24C6764A-439E-4480-B303-186EA2A33354}, Quarantined, [2eadc245601bb6800aae3f142ad8b050],

Files: 122
PUP.Optional.InstallCore.A, C:\Users\Admin\AppData\Roaming\FlvPlayer\FLVPlayerApp.exe, Quarantined, [429959ae1b6044f275f6d268b848af51],
PUP.Optional.Conduit.A, C:\Users\Admin\AppData\Local\Temp\airC1C6.exe, Quarantined, [4695689fc4b7b77fd0c4ee25b54c916f],
PUP.Optional.SearchProtect.A, C:\Users\Admin\AppData\Local\Temp\nssDDC5.exe, Quarantined, [a53660a7d9a2211575f3ba6601009f61],
PUP.Optional.SearchProtect.A, C:\Users\Admin\AppData\Local\Temp\nsiDB64.exe, Quarantined, [a83347c07efd171f69ffc45cbe43d22e],
PUP.Optional.SearchProtect.A, C:\Users\Admin\AppData\Local\Temp\nsn371.exe, Quarantined, [ca1160a7abd0f0463a2e36eac83939c7],
PUP.Optional.SearchProtect.A, C:\Users\Admin\AppData\Local\Temp\nsn594.exe, Quarantined, [6d6e55b2e5968fa7baae2af6c33e56aa],
PUP.Optional.SearchProtect.A, C:\Users\Admin\AppData\Local\Temp\nss345C.exe, Quarantined, [42990601087377bfa1c71010c73a5ca4],
PUP.Optional.Babylon.A, C:\Users\Admin\AppData\Local\Temp\toolbar3319030.exe, Quarantined, [f5e6d33429527eb89b1ebd61db2556aa],
PUP.Optional.PriceMeter.A, C:\Users\Admin\AppData\Local\Temp\air5FA.exe, Quarantined, [6774b651601bec4ad9c12639f20f639d],
PUP.Optional.GoForFiles.A, C:\Users\Admin\AppData\Local\Temp\uninstall2320140.exe, Quarantined, [bb20b156fb80d95dce5c0a0811f0d52b],
PUP.Optional.Conduit, C:\Users\Admin\AppData\Local\Temp\ct3244149\ieLogic.exe, Quarantined, [9546b057b2c932047902d55ad729af51],
PUP.Optional.Conduit.A, C:\Users\Admin\AppData\Local\Temp\nsyC92B\SpSetup.exe, Quarantined, [8b5034d3b8c3c0763325ac69bb46e719],
PUP.Optional.Bandoo, C:\Users\Admin\Downloads\iLividSetup-r197-n-bi.exe, Quarantined, [6279f61199e2dd597a418779d92852ae],
PUP.Optional.SweetIM, C:\Windows\Installer\23f0338.msi, Quarantined, [1ebd6f9874070d2981416bbc907408f8],
PUP.Optional.PriceMeter.A, C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineCore.job, Quarantined, [10cb0304b7c43ef81a32292bba484bb5],
PUP.Optional.PriceMeter.A, C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineUA.job, Quarantined, [3ba01fe80378ef47d17b3b1961a1f10f],
PUP.Optional.PriceMeter.A, C:\Windows\Tasks\PriceMeterUpdater.job, Quarantined, [48932add156648ee8bc274e06c969b65],
PUP.Optional.Bubbledock.A, C:\Users\Admin\AppData\Roaming\Bubble Dock.boostrap.log, Quarantined, [8c4f967156250c2ae86470f18979ec14],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe, Delete-on-Reboot, [25b666a144378caa192f55ff7a88d62a],
PUP.Optional.Conduit.A, C:\Users\Admin\AppData\Local\Temp\ct3244149\statisticsStub.exe, Quarantined, [edee1fe897e45adcf1fe95b7b84a7888],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\index.html, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\manifest.json, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\style.css, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\img\default_logo.png, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\img\icon128.png, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\img\icon16.png, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\img\icon48.png, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\img\loading.gif, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\img\weather\0.png, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\js\background.js, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\js\ga.js, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\js\jquery-base.js, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\js\jquery.autocomplete.js, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\js\js.js, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\js\xagainit.js, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\_locales\en\messages.json, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\_locales\es\messages.json, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\_locales\es_419\messages.json, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\_locales\fr\messages.json, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\_locales\fr-BE\messages.json, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\_locales\fr-CA\messages.json, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\_locales\fr-CH\messages.json, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\_locales\fr-LU\messages.json, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\_locales\it\messages.json, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\_locales\it-CH\messages.json, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\_locales\pl\messages.json, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\_locales\pt_BR\messages.json, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\_locales\ru\messages.json, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\_locales\ru-MO\messages.json, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\_locales\tr\messages.json, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\_locales\vi\messages.json, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\_locales\zh_CN\messages.json, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.QuickStart.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.3_0\_locales\zh_TW\messages.json, Quarantined, [d10a699e99e2c76f2cffde75eb17ac54],
PUP.Optional.PriceMeter.A, C:\Users\Admin\AppData\Roaming\PriceMeterUpdater\UpdateProc\config.dat, Quarantined, [04d74eb9e695df575d5ab99a7a88857b],
PUP.Optional.PriceMeter.A, C:\Users\Admin\AppData\Roaming\PriceMeterUpdater\UpdateProc\info.dat, Quarantined, [04d74eb9e695df575d5ab99a7a88857b],
PUP.Optional.PriceMeter.A, C:\Users\Admin\AppData\Roaming\PriceMeterUpdater\UpdateProc\STTL.DAT, Quarantined, [04d74eb9e695df575d5ab99a7a88857b],
PUP.Optional.PriceMeter.A, C:\Users\Admin\AppData\Roaming\PriceMeterUpdater\UpdateProc\TTL.DAT, Quarantined, [04d74eb9e695df575d5ab99a7a88857b],
PUP.Optional.PriceMeter.A, C:\Users\Admin\AppData\Roaming\PriceMeterUpdater\UpdateProc\UpdateTask.exe, Quarantined, [04d74eb9e695df575d5ab99a7a88857b],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_de.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_el.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_en-GB.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_en.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_es-419.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_es.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_et.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_fa.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_fi.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_fil.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_fr.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_gu.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_hi.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_hr.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_hu.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_id.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_it.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_iw.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_ja.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_kn.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_ko.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_lt.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_lv.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_ml.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_mr.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_ms.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_nl.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_no.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_pl.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_pt-BR.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_pt-PT.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_ro.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdate.dll, Delete-on-Reboot, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_am.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_ar.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_bg.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_bn.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_ca.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_cs.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_sk.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_sl.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_sr.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_sv.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_sw.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_ta.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_te.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_th.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_tr.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_uk.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_ur.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_vi.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_zh-CN.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_zh-TW.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\npGoogleUpdate3.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\PriceMeterLiveUpdate.exe, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\PriceMeterLiveUpdateBroker.exe, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\PriceMeterLiveUpdateHandler.exe, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\PriceMeterLiveUpdateHelper.msi, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\PriceMeterLiveUpdateOnDemand.exe, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\psmachine.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\psuser.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_da.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_is.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],
PUP.Optional.PriceMeter.A, C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_ru.dll, Quarantined, [2eadc245601bb6800aae3f142ad8b050],

Physical Sectors: 0
(No malicious items detected)

(end)

Réponse 3 / 9

Malekal_morte- Messages postés 180304 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention 24 686

Sur Firefox : Menu Outils / Modules complémentaires
Onglet Extension.
Donne la liste.

Sur Google Chrome : Menu en haut à droite puis Outils / Extensions
Donne la liste.

puis :

Faire un Scan OTL - Temps : Environ 40min
=============================================
OTL permet de diagnostiquer les programmes qui tournent et déceler des infections - Le programme va générer deux rapports OTL.txt et Extras.txt
Fournir les deux rapports :

Tu peux suivre les indications de cette page pour t'aider : https://www.malekal.com/tutorial-otl/

* Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)

Dans le cas d'Avast!, ne pas lancer le programme dans la Sandbox (voir lien d'aide ci-dessus).

* Lance OTL
* En haut à droite de Analyse rapide, coche "tous les utilisateurs"
* Clique sur le bouton Analyse.

**** Si durant le scan - OTL ne répond pas, ne touche à rien et laisse le scan se poursuivre ****

* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer le rapport OTL.txt (et Extra.txt si présent).
Donne le ou les liens pjjoint qui pointent vers ces rapports ici dans une réponse.
Je répète : donne le lien du rapport pjjoint ici en réponse.

NE PAS COPIER/COLLER LE RAPPORT ICI - DONNER LE LIEN PJJOINT DANS UN NOUVEAU MESSAGE

Réponse 4 / 9

fled91 Messages postés 8 Date d'inscription Statut Membre Dernière intervention

Je n'ai pas Firefox

Pour Google chrome, il n'y a pas d'extension

concernant le scan otl, voici le lien su rapport ;
https://pjjoint.malekal.com/files.php?read=OTL_20140326_i9z1295x12

merci d'avance

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question

Réponse 5 / 9

Malekal_morte- Messages postés 180304 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention 24 686

Relance OTL.
o sous Personnalisation (Custom Scan), copie_colle le contenu du cadre ci dessous (bien prendre :OTL en début).
Clic Correction (Fix), un rapport apparraitra, copie/colle le contenu ici:

:OTL
O4:[b]64bit:[/b] - HKLM..\Run: [Windows DLL Host Monitor] C:\Program Files\Update Software\ntvmon32.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [Windows DLL System Manager] C:\Program Files\Update Software\dllmon32.exe ()
O4 - HKLM..\Run: [WebInternetSecurity] C:\Program Files (x86)\Webinternetsecurity\WebInternetSecurity.exe File not found
[2014/03/25 05:59:25 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\PriceMeterLiveUpdate
[2014/03/25 05:59:25 | 000,000,000 | ---D | C] -- C:\ProgramData\PriceMeterLiveUpdate
[2014/03/18 21:29:35 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\FlvPlayer
[2014/03/18 21:29:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlvPlayer
[2014/03/18 08:01:53 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\WebInternetSecurity
[2014/03/18 07:11:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Update Software
[2014/03/18 07:11:55 | 000,000,000 | ---D | C] -- C:\Program Files\Update Software
[2014/03/18 07:09:49 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Software

* poste le rapport ici

Redémarre l'ordinateur

Réponse 6 / 9

fled91 Messages postés 8 Date d'inscription Statut Membre Dernière intervention

Ok, voilà le rapport après correction:
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\WebInternetSecurity deleted successfully.
C:\Users\Admin\AppData\Local\PriceMeterLiveUpdate\CrashReports folder moved successfully.
C:\Users\Admin\AppData\Local\PriceMeterLiveUpdate folder moved successfully.
C:\ProgramData\PriceMeterLiveUpdate\Update\Log folder moved successfully.
C:\ProgramData\PriceMeterLiveUpdate\Update folder moved successfully.
C:\ProgramData\PriceMeterLiveUpdate folder moved successfully.
C:\Users\Admin\AppData\Roaming\FlvPlayer folder moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlvPlayer folder moved successfully.
C:\Users\Admin\AppData\Local\WebInternetSecurity folder moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Update Software folder moved successfully.
C:\Program Files\Update Software folder moved successfully.
C:\Users\Admin\AppData\Local\Software\CrashReports folder moved successfully.
C:\Users\Admin\AppData\Local\Software folder moved successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 03262014_175605

Réponse 7 / 9

fled91 Messages postés 8 Date d'inscription Statut Membre Dernière intervention

je viens juste de me rendre compte que je n'avais pas envoyer le rapport OTL extras.
il est dispo sur ce lien :
https://pjjoint.malekal.com/files.php?read=OTL_Extras_20140326_d11i8r13o12z15
en tout cas après redémarrage du PC, je ne vois pas le message getwindoinfo, c'est top.
Dis moi s'il faut une manip supplémentaire suite au rapport extras d'otl.
J'ai aussi un message de mise à jour internet explorer avec Windows ..
Merci :)

fled91 Messages postés 8 Date d'inscription Statut Membre Dernière intervention

je voulais dire que je ne sais plus s'il faut se fier aux mises à jour automatique via Windows update.
là c'est une proposition de mise à jour IE .... et j'ai vu effectivement dans l'actu qu'une mise à jour était sortie. Faut donc la faire non

Malekal_morte- Messages postés 180304 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention 24 686

tu as donné Extra.txt mais pas OTL.txt

fled91 Messages postés 8 Date d'inscription Statut Membre Dernière intervention

ben c'est ce que j'ai fait via le lien dans message de 12h35.
Faut recommencer ?

Malekal_morte- Messages postés 180304 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention 24 686

non tu n'as pas donné OTL.txt

Réponse 8 / 9

fled91 Messages postés 8 Date d'inscription Statut Membre Dernière intervention

Bonjour,
Pardon, je pensais avoir posté le rapport otl texte,
voici le lien je viens de le poster :
https://pjjoint.malekal.com/files.php?read=OTL_20140327_t13x1314w15n14
Comme je disais plus haut la fenêtre getwindo a déjà disparu, mais je veux aller au bout du truc...
merci encore !!

Réponse 9 / 9

Malekal_morte- Messages postés 180304 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention 24 686

Ben en fait là, on a viré manuellement les programmes pourris.
Mais ils peuvent rester dans la liste des programmes installés, c'est ça qu'il te reste comme probleme ?

Discussions similaires

SMS message vocal arnaque ?

Signification de ^^

Ca veut dire quoi ^^

Message ne s'envoie pas données mobiles Redmi

Forum Virus

Trouvez des solutions pour détecter et éliminer les menaces, des astuces pour prévenir les infections, et discutez des dernières menaces en ligne