Votre question
Résolu

Virus Jerecherche - help please

Tags :
  • Virus
  • Logiciels
  • Sécurité
Dernière réponse : dans Sécurité et virus
2 Avril 2012 22:11:11

Bonjour,
Comme certaines personnes ici j'ai le virus jerecherche sur mon PC (page d acceuil jerecherche que je ne peux pas changer - fenetre qui apparait en bas a droite en me demandant de changer de navigateur - jerecherche en favori dans les moteurs de recherche...)
J ai vu plusieurs posts sur le sujet mais je suis un peu perdu entre les differents logiciels a utiliser (OTL, Malware Byte, pjjoint...)
Pouvez vous svp m aider et me donner la marche a suivre afin d enleverce virus?
Merci a tous pour votre precieuse aide!

Autres pages sur : virus jerecherche help please

2 Avril 2012 23:58:40

Merci Destrio5
Voici le rapport:
# AdwCleaner v1.504 - Logfile created 04/02/2012 at 22:57:07
# Updated 01/04/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Anthony - ANTHONY-HP
# Running from : C:\Users\Anthony\Downloads\adwcleaner(1).exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\ProgramData\Babylon
Folder Found : C:\Users\Anthony\AppData\Roaming\Babylon
Folder Found : C:\Users\Anthony\AppData\LocalLow\Conduit
Folder Found : C:\Users\Anthony\AppData\LocalLow\ConduitEngine
Folder Found : C:\Users\Anthony\AppData\LocalLow\PriceGong
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Users\Anthony\AppData\Roaming\Mozilla\FireFox\Profiles\jud6gq13.default\Conduit
Folder Found : C:\Users\Anthony\AppData\Roaming\Mozilla\FireFox\Profiles\jud6gq13.default\ConduitEngine
Folder Found : C:\Users\Anthony\AppData\Roaming\Mozilla\FireFox\Profiles\jud6gq13.default\extensions\engine@conduit.com
File Found : C:\Users\Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\appinfo.lnk
File Found : C:\Users\Anthony\errorlog.tmp
File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml

***** [H. Navipromo] *****


***** [Registry] *****

  • Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
    Key Found : HKCU\Software\AppDataLow\Toolbar
    Key Found : HKCU\Software\AppDataLow\Software\Conduit
    Key Found : HKCU\Software\AppDataLow\Software\PriceGong
    Key Found : HKLM\SOFTWARE\Babylon
    Key Found : HKLM\SOFTWARE\Conduit
    Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
    Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api
    Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
    Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
    Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
    Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
    Key Found : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
    Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922ee0-8a76-46ae-95d5-bd3c3fe0708d}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{557C21FE-7274-410D-853E-9ED4471BF193}
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\chat-land.org
    Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]

    ***** [Registry (x64)] *****

    Key Found : HKCU\Software\AppDataLow\Toolbar
    Key Found : HKCU\Software\AppDataLow\Software\Conduit
    Key Found : HKCU\Software\AppDataLow\Software\PriceGong
    Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
    Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api
    Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
    Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
    Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
    Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
    Key Found : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
    Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{557C21FE-7274-410D-853E-9ED4471BF193}
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\chat-land.org
    Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]

    ***** [Internet Browsers] *****

    -\\ Internet Explorer v8.0.7601.17514

    [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://www.jerecherche.org
    [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://www.jerecherche.org
    [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Secondary_Page_URL] = hxxp://www.jerecherche.org
    [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page_bak] = hxxp://www.jerecherche.org
    [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://www.jerecherche.org
    [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://www.jerecherche.org/keyword/
    [HKCU\Software\Microsoft\Internet Explorer\Main - SearchMigratedDefaultName] = www.jerecherche.org
    [HKCU\Software\Microsoft\Internet Explorer\Main - SearchMigratedDefaultURL] = hxxp://www.jerecherche.org
    [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://jerecherche.org/?v=d
    [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?AF=100476&babsrc=NT_ss&mntrId=1ae1c9a40000000000001c659d8cd2ad

    -\\ Mozilla Firefox v11.0 (en-GB)

    Profile name : default
    File : C:\Users\Anthony\AppData\Roaming\Mozilla\FireFox\Profiles\jud6gq13.default\prefs.js

    Found : user_pref("CT2786678..clientLogIsEnabled", false);
    Found : user_pref("CT2786678..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
    Found : user_pref("CT2786678..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
    Found : user_pref("CT2786678.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
    Found : user_pref("CT2786678.CTID", "CT2786678");
    Found : user_pref("CT2786678.CurrentServerDate", "9-1-2011");
    Found : user_pref("CT2786678.DialogsAlignMode", "LTR");
    Found : user_pref("CT2786678.DownloadReferralCookieData", "");
    Found : user_pref("CT2786678.EMailNotifierPollDate", "Sun Jan 09 2011 16:10:37 GMT+0000 (GMT Standard Time)"[...]
    Found : user_pref("CT2786678.FeedLastCount5690698542593514850", 299);
    Found : user_pref("CT2786678.FeedPollDate129301619375443753", "Sun Jan 09 2011 15:52:47 GMT+0000 (GMT Standa[...]
    Found : user_pref("CT2786678.FeedPollDate129301619375443759", "Sun Jan 09 2011 15:52:47 GMT+0000 (GMT Standa[...]
    Found : user_pref("CT2786678.FeedPollDate129301619375444699", "Sun Jan 09 2011 15:52:45 GMT+0000 (GMT Standa[...]
    Found : user_pref("CT2786678.FeedPollDate129301619375444705", "Sun Jan 09 2011 15:52:45 GMT+0000 (GMT Standa[...]
    Found : user_pref("CT2786678.FeedPollDate129301619375444711", "Sun Jan 09 2011 15:52:46 GMT+0000 (GMT Standa[...]
    Found : user_pref("CT2786678.FeedPollDate129301619375444717", "Sun Jan 09 2011 15:52:46 GMT+0000 (GMT Standa[...]
    Found : user_pref("CT2786678.FeedPollDate129301619375444723", "Sun Jan 09 2011 15:52:46 GMT+0000 (GMT Standa[...]
    Found : user_pref("CT2786678.FeedPollDate129301619375444729", "Sun Jan 09 2011 15:52:46 GMT+0000 (GMT Standa[...]
    Found : user_pref("CT2786678.FeedPollDate129301619375444735", "Sun Jan 09 2011 15:52:46 GMT+0000 (GMT Standa[...]
    Found : user_pref("CT2786678.FeedPollDate129301619375444741", "Sun Jan 09 2011 15:52:46 GMT+0000 (GMT Standa[...]
    Found : user_pref("CT2786678.FeedPollDate129301619375444747", "Sun Jan 09 2011 15:52:46 GMT+0000 (GMT Standa[...]
    Found : user_pref("CT2786678.FeedTTL129301619375444699", 10);
    Found : user_pref("CT2786678.FeedTTL129301619375444723", 15);
    Found : user_pref("CT2786678.FeedTTL129301619375444735", 5);
    Found : user_pref("CT2786678.FeedTTL129301619375444747", 5);
    Found : user_pref("CT2786678.FirstServerDate", "8-1-2011");
    Found : user_pref("CT2786678.FirstTime", true);
    Found : user_pref("CT2786678.FirstTimeFF3", true);
    Found : user_pref("CT2786678.FixPageNotFoundErrors", false);
    Found : user_pref("CT2786678.GroupingServerCheckInterval", 1440);
    Found : user_pref("CT2786678.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
    Found : user_pref("CT2786678.HasUserGlobalKeys", true);
    Found : user_pref("CT2786678.Initialize", true);
    Found : user_pref("CT2786678.InitializeCommonPrefs", true);
    Found : user_pref("CT2786678.InstallationAndCookieDataSentCount", 3);
    Found : user_pref("CT2786678.InstallationType", "UnknownIntegration");
    Found : user_pref("CT2786678.InstalledDate", "Sat Jan 08 2011 13:59:00 GMT+0000 (GMT Standard Time)");
    Found : user_pref("CT2786678.IsGrouping", false);
    Found : user_pref("CT2786678.IsMulticommunity", false);
    Found : user_pref("CT2786678.IsOpenThankYouPage", true);
    Found : user_pref("CT2786678.IsOpenUninstallPage", false);
    Found : user_pref("CT2786678.LanguagePackLastCheckTime", "Sun Jan 09 2011 15:52:45 GMT+0000 (GMT Standard Ti[...]
    Found : user_pref("CT2786678.LanguagePackReloadIntervalMM", 1440);
    Found : user_pref("CT2786678.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
    Found : user_pref("CT2786678.LastLogin_3.2.5.2", "Sun Jan 09 2011 15:52:46 GMT+0000 (GMT Standard Time)");
    Found : user_pref("CT2786678.LatestVersion", "3.2.5.2");
    Found : user_pref("CT2786678.Locale", "en");
    Found : user_pref("CT2786678.MCDetectTooltipHeight", "83");
    Found : user_pref("CT2786678.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
    Found : user_pref("CT2786678.MCDetectTooltipWidth", "295");
    Found : user_pref("CT2786678.SHRINK_TOOLBAR", 1);
    Found : user_pref("CT2786678.SearchBoxWidth", 148);
    Found : user_pref("CT2786678.SearchFromAddressBarIsInit", true);
    Found : user_pref("CT2786678.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT278[...]
    Found : user_pref("CT2786678.SearchInNewTabEnabled", true);
    Found : user_pref("CT2786678.SearchInNewTabIntervalMM", 1440);
    Found : user_pref("CT2786678.SearchInNewTabLastCheckTime", "Sun Jan 09 2011 15:52:45 GMT+0000 (GMT Standard [...]
    Found : user_pref("CT2786678.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
    Found : user_pref("CT2786678.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
    Found : user_pref("CT2786678.ServiceMapLastCheckTime", "Sun Jan 09 2011 15:52:45 GMT+0000 (GMT Standard Time[...]
    Found : user_pref("CT2786678.SettingsLastCheckTime", "Sun Jan 09 2011 15:52:45 GMT+0000 (GMT Standard Time)"[...]
    Found : user_pref("CT2786678.SettingsLastUpdate", "1292489785");
    Found : user_pref("CT2786678.ThirdPartyComponentsInterval", 504);
    Found : user_pref("CT2786678.ThirdPartyComponentsLastCheck", "Sat Jan 08 2011 13:59:00 GMT+0000 (GMT Standar[...]
    Found : user_pref("CT2786678.ThirdPartyComponentsLastUpdate", "1246790578");
    Found : user_pref("CT2786678.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
    Found : user_pref("CT2786678.UserID", "UN11863367171889727");
    Found : user_pref("CT2786678.ValidationData_Toolbar", 2);
    Found : user_pref("CT2786678.WeatherNetwork", "");
    Found : user_pref("CT2786678.WeatherPollDate", "Sun Jan 09 2011 15:52:47 GMT+0000 (GMT Standard Time)");
    Found : user_pref("CT2786678.WeatherUnit", "C");
    Found : user_pref("CT2786678.alertChannelId", "1178763");
    Found : user_pref("CT2786678.myStuffEnabled", true);
    Found : user_pref("CT2786678.myStuffPublihserMinWidth", 400);
    Found : user_pref("CT2786678.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
    Found : user_pref("CT2786678.myStuffServiceIntervalMM", 1440);
    Found : user_pref("CT2786678.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
    Found : user_pref("CT2786678.testingCtid", "");
    Found : user_pref("CT2786678.toolbarAppMetaDataLastCheckTime", "Sun Jan 09 2011 15:52:45 GMT+0000 (GMT Stand[...]
    Found : user_pref("CT2786678.toolbarContextMenuLastCheckTime", "Sat Jan 08 2011 13:59:01 GMT+0000 (GMT Stand[...]
    Found : user_pref("CT2786678.usagesFlag", 2);
    Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1178763/1174448/UK", "\"0\"[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/UK", "\"0\"")[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2786678", [...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63428984078257[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=12/30/2[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2786678/CT2786678[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634[...]
    Found : user_pref("CommunityToolbar.EngineOwner", "CT2786678");
    Found : user_pref("CommunityToolbar.EngineOwnerGuid", "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}");
    Found : user_pref("CommunityToolbar.EngineOwnerToolbarId", "utorrentbar");
    Found : user_pref("CommunityToolbar.IsEngineShown", true);
    Found : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
    Found : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2786678");
    Found : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}");
    Found : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "utorrentbar");
    Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
    Found : user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine,CT2786678");
    Found : user_pref("CommunityToolbar.ToolbarsList2", "ConduitEngine,CT2786678");
    Found : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Thu Mar 24 2011 21:32:15 GMT+00[...]
    Found : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
    Found : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sat Apr 09 2011 10:56:34 GMT+0100 (GMT D[...]
    Found : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
    Found : user_pref("CommunityToolbar.alert.locale", "en");
    Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
    Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sat Apr 09 2011 10:14:33 GMT+0100 (GMT Dayli[...]
    Found : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1291048634");
    Found : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
    Found : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
    Found : user_pref("CommunityToolbar.alert.showTrayIcon", false);
    Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
    Found : user_pref("CommunityToolbar.alert.userId", "6cc0a410-f3ac-4219-a9d6-52dfddd00c88");
    Found : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sun Jan 09 2011 15:52:45 GMT+0000 (GMT[...]
    Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
    Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
    Found : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Sat Apr 09 2011 13:37:40 GMT+0100 (GMT Daylight[...]
    Found : user_pref("ConduitEngine.CTID", "ConduitEngine");
    Found : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Sat Apr 09 2011 10:14:34 GMT+0100 (GMT Daylig[...]
    Found : user_pref("ConduitEngine.FirstServerDate", "01/08/2011 16");
    Found : user_pref("ConduitEngine.FirstTime", true);
    Found : user_pref("ConduitEngine.FirstTimeFF3", true);
    Found : user_pref("ConduitEngine.FixPageNotFoundErrors", false);
    Found : user_pref("ConduitEngine.HasUserGlobalKeys", true);
    Found : user_pref("ConduitEngine.Initialize", true);
    Found : user_pref("ConduitEngine.InitializeCommonPrefs", true);
    Found : user_pref("ConduitEngine.InstallationType", "UnknownIntegration");
    Found : user_pref("ConduitEngine.InstalledDate", "Sat Jan 08 2011 13:59:00 GMT+0000 (GMT Standard Time)");
    Found : user_pref("ConduitEngine.IsMulticommunity", false);
    Found : user_pref("ConduitEngine.IsOpenThankYouPage", false);
    Found : user_pref("ConduitEngine.IsOpenUninstallPage", false);
    Found : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Sat Apr 09 2011 10:14:35 GMT+0100 (GMT Dayligh[...]
    Found : user_pref("ConduitEngine.LastLogin_3.2.5.2", "Sun Jan 09 2011 15:52:46 GMT+0000 (GMT Standard Time)"[...]
    Found : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Sat Apr 09 2011 19:34:29 GMT+0100 (GMT Daylight Time)"[...]
    Found : user_pref("ConduitEngine.PublisherContainerWidth", 0);
    Found : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
    Found : user_pref("ConduitEngine.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=C[...]
    Found : user_pref("ConduitEngine.SettingsLastCheckTime", "Sat Apr 09 2011 19:34:30 GMT+0100 (GMT Daylight Ti[...]
    Found : user_pref("ConduitEngine.UserID", "UN74088441833528289");
    Found : user_pref("ConduitEngine.engineLocale", "en-GB");
    Found : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Sat Apr 09 2011 10:14:34 GMT+0100 (GMT D[...]
    Found : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Sat Apr 09 2011 19:34:30 GMT+0100 (GMT [...]
    Found : user_pref("ConduitEngine.initDone", true);
    Found : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
    Found : user_pref("ConduitEngine.usagesFlag", 2);
    Found : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
    Found : user_pref("browser.search.order.1", "Search the web (Babylon)");
    Found : user_pref("extensions.BabylonToolbar_i.newTab", true);
    Found : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?AF=100476&babsrc=NT_s[...]
    Found : user_pref("keyword.URL", "hxxp://www.jerecherche.org/result.php?&q=");
    Found : user_pref("newtaburl.def_url", "hxxp://www.jerecherche.org/");

    *************************

    AdwCleaner[R1].txt - [20071 octets] - [02/04/2012 20:59:34]
    AdwCleaner[R2].txt - [20046 octets] - [02/04/2012 22:57:07]

    ########## EOF - C:\AdwCleaner[R2].txt - [20175 octets] ##########
    m
    0
    l
    Contenus similaires
    a c 295 8 Sécurité
    a b 6 Logiciels
    3 Avril 2012 00:04:11

    Ok, relance AdwCleaner, choisis l'option "Suppression" et poste le rapport.
    m
    0
    l
    3 Avril 2012 00:24:41

    Merci, voici le nouveau rapport
    # AdwCleaner v1.504 - Logfile created 04/02/2012 at 23:22:16
    # Updated 01/04/2012 by Xplode
    # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
    # User : Anthony - ANTHONY-HP
    # Running from : C:\Users\Anthony\Downloads\adwcleaner.exe
    # Option [Delete]


    ***** [Services] *****


    ***** [Files / Folders] *****

    Folder Deleted : C:\ProgramData\Babylon
    Folder Deleted : C:\Users\Anthony\AppData\Roaming\Babylon
    Folder Deleted : C:\Users\Anthony\AppData\LocalLow\Conduit
    Folder Deleted : C:\Users\Anthony\AppData\LocalLow\ConduitEngine
    Folder Deleted : C:\Users\Anthony\AppData\LocalLow\PriceGong
    Folder Deleted : C:\Program Files (x86)\Conduit
    Folder Deleted : C:\Users\Anthony\AppData\Roaming\Mozilla\FireFox\Profiles\jud6gq13.default\Conduit
    Folder Deleted : C:\Users\Anthony\AppData\Roaming\Mozilla\FireFox\Profiles\jud6gq13.default\ConduitEngine
    Folder Deleted : C:\Users\Anthony\AppData\Roaming\Mozilla\FireFox\Profiles\jud6gq13.default\extensions\engine@conduit.com
    File Deleted : C:\Users\Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\appinfo.lnk
    File Deleted : C:\Users\Anthony\errorlog.tmp
    File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml

    ***** [H. Navipromo] *****


    ***** [Registry] *****

  • Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
    Key Deleted : HKCU\Software\AppDataLow\Toolbar
    Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
    Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
    Key Deleted : HKLM\SOFTWARE\Babylon
    Key Deleted : HKLM\SOFTWARE\Conduit
    Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
    Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
    Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
    Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
    Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922ee0-8a76-46ae-95d5-bd3c3fe0708d}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{557C21FE-7274-410D-853E-9ED4471BF193}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\chat-land.org
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]

    ***** [Registry (x64)] *****

    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}

    ***** [Internet Browsers] *****

    -\\ Internet Explorer v8.0.7601.17514

    Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://www.jerecherche.org --> hxxp://www.google.fr
    Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://www.jerecherche.org --> hxxp://www.google.fr
    Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Secondary_Page_URL] = hxxp://www.jerecherche.org --> hxxp://www.google.fr
    Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page_bak] = hxxp://www.jerecherche.org --> hxxp://www.google.fr
    Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://www.jerecherche.org --> hxxp://www.google.fr
    Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://www.jerecherche.org/keyword/ --> hxxp://www.google.fr
    Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - SearchMigratedDefaultName] = www.jerecherche.org --> hxxp://www.google.fr
    Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - SearchMigratedDefaultURL] = hxxp://www.jerecherche.org --> hxxp://www.google.fr
    Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://jerecherche.org/?v=d --> hxxp://www.google.fr
    Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?AF=100476&babsrc=NT_ss&mntrId=1ae1c9a40000000000001c659d8cd2ad --> hxxp://www.google.fr

    -\\ Mozilla Firefox v11.0 (en-GB)

    Profile name : default
    File : C:\Users\Anthony\AppData\Roaming\Mozilla\FireFox\Profiles\jud6gq13.default\prefs.js

    C:\Users\Anthony\AppData\Roaming\Mozilla\FireFox\Profiles\jud6gq13.default\user.js ... Deleted !

    Deleted : user_pref("CT2786678..clientLogIsEnabled", false);
    Deleted : user_pref("CT2786678..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
    Deleted : user_pref("CT2786678..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
    Deleted : user_pref("CT2786678.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
    Deleted : user_pref("CT2786678.CTID", "CT2786678");
    Deleted : user_pref("CT2786678.CurrentServerDate", "9-1-2011");
    Deleted : user_pref("CT2786678.DialogsAlignMode", "LTR");
    Deleted : user_pref("CT2786678.DownloadReferralCookieData", "");
    Deleted : user_pref("CT2786678.EMailNotifierPollDate", "Sun Jan 09 2011 16:10:37 GMT+0000 (GMT Standard Time)"[...]
    Deleted : user_pref("CT2786678.FeedLastCount5690698542593514850", 299);
    Deleted : user_pref("CT2786678.FeedPollDate129301619375443753", "Sun Jan 09 2011 15:52:47 GMT+0000 (GMT Standa[...]
    Deleted : user_pref("CT2786678.FeedPollDate129301619375443759", "Sun Jan 09 2011 15:52:47 GMT+0000 (GMT Standa[...]
    Deleted : user_pref("CT2786678.FeedPollDate129301619375444699", "Sun Jan 09 2011 15:52:45 GMT+0000 (GMT Standa[...]
    Deleted : user_pref("CT2786678.FeedPollDate129301619375444705", "Sun Jan 09 2011 15:52:45 GMT+0000 (GMT Standa[...]
    Deleted : user_pref("CT2786678.FeedPollDate129301619375444711", "Sun Jan 09 2011 15:52:46 GMT+0000 (GMT Standa[...]
    Deleted : user_pref("CT2786678.FeedPollDate129301619375444717", "Sun Jan 09 2011 15:52:46 GMT+0000 (GMT Standa[...]
    Deleted : user_pref("CT2786678.FeedPollDate129301619375444723", "Sun Jan 09 2011 15:52:46 GMT+0000 (GMT Standa[...]
    Deleted : user_pref("CT2786678.FeedPollDate129301619375444729", "Sun Jan 09 2011 15:52:46 GMT+0000 (GMT Standa[...]
    Deleted : user_pref("CT2786678.FeedPollDate129301619375444735", "Sun Jan 09 2011 15:52:46 GMT+0000 (GMT Standa[...]
    Deleted : user_pref("CT2786678.FeedPollDate129301619375444741", "Sun Jan 09 2011 15:52:46 GMT+0000 (GMT Standa[...]
    Deleted : user_pref("CT2786678.FeedPollDate129301619375444747", "Sun Jan 09 2011 15:52:46 GMT+0000 (GMT Standa[...]
    Deleted : user_pref("CT2786678.FeedTTL129301619375444699", 10);
    Deleted : user_pref("CT2786678.FeedTTL129301619375444723", 15);
    Deleted : user_pref("CT2786678.FeedTTL129301619375444735", 5);
    Deleted : user_pref("CT2786678.FeedTTL129301619375444747", 5);
    Deleted : user_pref("CT2786678.FirstServerDate", "8-1-2011");
    Deleted : user_pref("CT2786678.FirstTime", true);
    Deleted : user_pref("CT2786678.FirstTimeFF3", true);
    Deleted : user_pref("CT2786678.FixPageNotFoundErrors", false);
    Deleted : user_pref("CT2786678.GroupingServerCheckInterval", 1440);
    Deleted : user_pref("CT2786678.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
    Deleted : user_pref("CT2786678.HasUserGlobalKeys", true);
    Deleted : user_pref("CT2786678.Initialize", true);
    Deleted : user_pref("CT2786678.InitializeCommonPrefs", true);
    Deleted : user_pref("CT2786678.InstallationAndCookieDataSentCount", 3);
    Deleted : user_pref("CT2786678.InstallationType", "UnknownIntegration");
    Deleted : user_pref("CT2786678.InstalledDate", "Sat Jan 08 2011 13:59:00 GMT+0000 (GMT Standard Time)");
    Deleted : user_pref("CT2786678.IsGrouping", false);
    Deleted : user_pref("CT2786678.IsMulticommunity", false);
    Deleted : user_pref("CT2786678.IsOpenThankYouPage", true);
    Deleted : user_pref("CT2786678.IsOpenUninstallPage", false);
    Deleted : user_pref("CT2786678.LanguagePackLastCheckTime", "Sun Jan 09 2011 15:52:45 GMT+0000 (GMT Standard Ti[...]
    Deleted : user_pref("CT2786678.LanguagePackReloadIntervalMM", 1440);
    Deleted : user_pref("CT2786678.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
    Deleted : user_pref("CT2786678.LastLogin_3.2.5.2", "Sun Jan 09 2011 15:52:46 GMT+0000 (GMT Standard Time)");
    Deleted : user_pref("CT2786678.LatestVersion", "3.2.5.2");
    Deleted : user_pref("CT2786678.Locale", "en");
    Deleted : user_pref("CT2786678.MCDetectTooltipHeight", "83");
    Deleted : user_pref("CT2786678.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
    Deleted : user_pref("CT2786678.MCDetectTooltipWidth", "295");
    Deleted : user_pref("CT2786678.SHRINK_TOOLBAR", 1);
    Deleted : user_pref("CT2786678.SearchBoxWidth", 148);
    Deleted : user_pref("CT2786678.SearchFromAddressBarIsInit", true);
    Deleted : user_pref("CT2786678.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT278[...]
    Deleted : user_pref("CT2786678.SearchInNewTabEnabled", true);
    Deleted : user_pref("CT2786678.SearchInNewTabIntervalMM", 1440);
    Deleted : user_pref("CT2786678.SearchInNewTabLastCheckTime", "Sun Jan 09 2011 15:52:45 GMT+0000 (GMT Standard [...]
    Deleted : user_pref("CT2786678.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
    Deleted : user_pref("CT2786678.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
    Deleted : user_pref("CT2786678.ServiceMapLastCheckTime", "Sun Jan 09 2011 15:52:45 GMT+0000 (GMT Standard Time[...]
    Deleted : user_pref("CT2786678.SettingsLastCheckTime", "Sun Jan 09 2011 15:52:45 GMT+0000 (GMT Standard Time)"[...]
    Deleted : user_pref("CT2786678.SettingsLastUpdate", "1292489785");
    Deleted : user_pref("CT2786678.ThirdPartyComponentsInterval", 504);
    Deleted : user_pref("CT2786678.ThirdPartyComponentsLastCheck", "Sat Jan 08 2011 13:59:00 GMT+0000 (GMT Standar[...]
    Deleted : user_pref("CT2786678.ThirdPartyComponentsLastUpdate", "1246790578");
    Deleted : user_pref("CT2786678.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
    Deleted : user_pref("CT2786678.UserID", "UN11863367171889727");
    Deleted : user_pref("CT2786678.ValidationData_Toolbar", 2);
    Deleted : user_pref("CT2786678.WeatherNetwork", "");
    Deleted : user_pref("CT2786678.WeatherPollDate", "Sun Jan 09 2011 15:52:47 GMT+0000 (GMT Standard Time)");
    Deleted : user_pref("CT2786678.WeatherUnit", "C");
    Deleted : user_pref("CT2786678.alertChannelId", "1178763");
    Deleted : user_pref("CT2786678.myStuffEnabled", true);
    Deleted : user_pref("CT2786678.myStuffPublihserMinWidth", 400);
    Deleted : user_pref("CT2786678.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
    Deleted : user_pref("CT2786678.myStuffServiceIntervalMM", 1440);
    Deleted : user_pref("CT2786678.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
    Deleted : user_pref("CT2786678.testingCtid", "");
    Deleted : user_pref("CT2786678.toolbarAppMetaDataLastCheckTime", "Sun Jan 09 2011 15:52:45 GMT+0000 (GMT Stand[...]
    Deleted : user_pref("CT2786678.toolbarContextMenuLastCheckTime", "Sat Jan 08 2011 13:59:01 GMT+0000 (GMT Stand[...]
    Deleted : user_pref("CT2786678.usagesFlag", 2);
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1178763/1174448/UK", "\"0\"[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/UK", "\"0\"")[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2786678", [...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63428984078257[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=12/30/2[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2786678/CT2786678[...]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634[...]
    Deleted : user_pref("CommunityToolbar.EngineOwner", "CT2786678");
    Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}");
    Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "utorrentbar");
    Deleted : user_pref("CommunityToolbar.IsEngineShown", true);
    Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
    Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2786678");
    Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}");
    Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "utorrentbar");
    Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
    Deleted : user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine,CT2786678");
    Deleted : user_pref("CommunityToolbar.ToolbarsList2", "ConduitEngine,CT2786678");
    Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Thu Mar 24 2011 21:32:15 GMT+00[...]
    Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
    Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sat Apr 09 2011 10:56:34 GMT+0100 (GMT D[...]
    Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
    Deleted : user_pref("CommunityToolbar.alert.locale", "en");
    Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
    Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sat Apr 09 2011 10:14:33 GMT+0100 (GMT Dayli[...]
    Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1291048634");
    Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
    Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
    Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
    Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
    Deleted : user_pref("CommunityToolbar.alert.userId", "6cc0a410-f3ac-4219-a9d6-52dfddd00c88");
    Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sun Jan 09 2011 15:52:45 GMT+0000 (GMT[...]
    Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
    Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
    Deleted : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Sat Apr 09 2011 13:37:40 GMT+0100 (GMT Daylight[...]
    Deleted : user_pref("ConduitEngine.CTID", "ConduitEngine");
    Deleted : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Sat Apr 09 2011 10:14:34 GMT+0100 (GMT Daylig[...]
    Deleted : user_pref("ConduitEngine.FirstServerDate", "01/08/2011 16");
    Deleted : user_pref("ConduitEngine.FirstTime", true);
    Deleted : user_pref("ConduitEngine.FirstTimeFF3", true);
    Deleted : user_pref("ConduitEngine.FixPageNotFoundErrors", false);
    Deleted : user_pref("ConduitEngine.HasUserGlobalKeys", true);
    Deleted : user_pref("ConduitEngine.Initialize", true);
    Deleted : user_pref("ConduitEngine.InitializeCommonPrefs", true);
    Deleted : user_pref("ConduitEngine.InstallationType", "UnknownIntegration");
    Deleted : user_pref("ConduitEngine.InstalledDate", "Sat Jan 08 2011 13:59:00 GMT+0000 (GMT Standard Time)");
    Deleted : user_pref("ConduitEngine.IsMulticommunity", false);
    Deleted : user_pref("ConduitEngine.IsOpenThankYouPage", false);
    Deleted : user_pref("ConduitEngine.IsOpenUninstallPage", false);
    Deleted : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Sat Apr 09 2011 10:14:35 GMT+0100 (GMT Dayligh[...]
    Deleted : user_pref("ConduitEngine.LastLogin_3.2.5.2", "Sun Jan 09 2011 15:52:46 GMT+0000 (GMT Standard Time)"[...]
    Deleted : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Sat Apr 09 2011 19:34:29 GMT+0100 (GMT Daylight Time)"[...]
    Deleted : user_pref("ConduitEngine.PublisherContainerWidth", 0);
    Deleted : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
    Deleted : user_pref("ConduitEngine.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=C[...]
    Deleted : user_pref("ConduitEngine.SettingsLastCheckTime", "Sat Apr 09 2011 19:34:30 GMT+0100 (GMT Daylight Ti[...]
    Deleted : user_pref("ConduitEngine.UserID", "UN74088441833528289");
    Deleted : user_pref("ConduitEngine.engineLocale", "en-GB");
    Deleted : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Sat Apr 09 2011 10:14:34 GMT+0100 (GMT D[...]
    Deleted : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Sat Apr 09 2011 19:34:30 GMT+0100 (GMT [...]
    Deleted : user_pref("ConduitEngine.initDone", true);
    Deleted : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
    Deleted : user_pref("ConduitEngine.usagesFlag", 2);
    Deleted : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
    Deleted : user_pref("browser.search.order.1", "Search the web (Babylon)");
    Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true);
    Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?AF=100476&babsrc=NT_s[...]
    Deleted : user_pref("keyword.URL", "hxxp://www.jerecherche.org/result.php?&q=");
    Deleted : user_pref("newtaburl.def_url", "hxxp://www.jerecherche.org/");

    *************************

    AdwCleaner[S1].txt - [19506 octets] - [02/04/2012 23:22:16]

    ########## EOF - C:\AdwCleaner[S1].txt - [19635 octets] ##########
    m
    0
    l
    a c 295 8 Sécurité
    a b 6 Logiciels
    3 Avril 2012 00:26:40

  • Relance AdwCleaner et choisis "Désinstallation".

    On va vérifier qu'il n'y a rien d'autre :

    • Télécharge ZHPDiag (de Nicolas Coolman).
    • Double-clique sur le fichier d'installation. Installe ZHPDiag avec les paramètres par défaut (N'oublie pas de cocher "Créer une icône sur le Bureau ").
    • Lance ZHPDiag en double-cliquant sur le raccourci présent sur ton Bureau.
      (Sous Vista/Win7, il faut cliquer droit sur le raccourci de ZHPDiag et choisir Exécuter en tant qu'administrateur)
    • Clique sur la loupe (Lancer le diagnostic) puis laisse l'outil scanner.
    • Une fois le scan terminé, clique sur l'icône en forme de disquette et enregistre le fichier (le rapport de l'analyse) sur ton Bureau.
    • Pour me transmettre le rapport, utilise le site http://pjjoint.malekal.com/ car le rapport ZHPDiag est plutôt long.
    m
    0
    l
    3 Avril 2012 00:39:20

    Merci encore pour ton aide.
    Le rapport se trouve sur ce lien: http://pjjoint.malekal.com/files.php?id=ZHPDiag_2012040...
    Par contre, sous Firefox j ai encore l option jerecherche dans les moteurs de recherche sur la droite. De plus lorsque je rajoute un onglet sous Firefox j ai la page de Mozilla us qui apparait (au lieu de google)
    m
    0
    l
    a c 295 8 Sécurité
    a b 6 Logiciels
    3 Avril 2012 01:08:28

    • Désinstalle uTorrentBar Toolbar.
    • Copie tout le texte présent en gras ci-dessous (Sélectionne-le, clique droit dessus et choisis "Copier").
      SysRestore
      M3 - MFPP: Plugins - [Anthony] -- C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\jud6gq13.default\searchplugins\jerecherche.xml
      M2 - MFEP: prefs.js [Anthony - jud6gq13.default\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}] [] uTorrentBar Community Toolbar v3.10.0.1 (.Conduit Ltd..)
      R3 - URLSearchHook: uTorrentBar Toolbar [64Bits] - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} . (.Conduit Ltd. - Conduit Toolbar.) (6.4.0.0) -- C:\Program Files (x86)\uTorrentBar\prxtbuTo0.dll
      R3 - URLSearchHook: uTorrentBar Toolbar [64Bits] - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} . (.Conduit Ltd. - Conduit Toolbar.) (6.4.0.0) -- C:\Program Files (x86)\uTorrentBar\prxtbuTo0.dll
      O2 - BHO: uTorrentBar [64Bits] - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\uTorrentBar\prxtbuTo0.dll
      O2 - BHO: Hotspot Shield Class [64Bits] - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} . (...) -- C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll
      O42 - Logiciel: NetAssistant - (.Freeze.com.) [HKLM] -- {1266764D-FC4F-4FA7-B63B-884D53B1680F}
      O42 - Logiciel: NetAssistant for Firefox - (.Freeze.com.) [HKCU] -- NetAssistant 3.6.5
      O42 - Logiciel: uTorrentBar Toolbar - (.uTorrentBar.) [HKLM] -- uTorrentBar Toolbar
      [HKCU\Software\AppDataLow\Software\uTorrentBar]
      [HKCU\Software\AVAST Software]
      [HKCU\Software\AppDataLow\Software\uTorrentBar]
      [HKLM\Software\AVAST Software]
      [HKLM\Software\Freeze.com]
      [HKLM\Software\farselem]
      [HKLM\Software\uTorrentBar]
      O43 - CFD: 10/5/2011 - 8:55:12 PM - [0] ----D- C:\ProgramData\AVAST Software
      O43 - CFD: 11/20/2011 - 3:19:44 PM - [3.668] ----D- C:\Users\Anthony\AppData\Local\Babylon
      O43 - CFD: 3/10/2012 - 6:06:40 PM - [1.730] ----D- C:\Users\Anthony\AppData\Local\Conduit
      O43 - CFD: 3/10/2012 - 6:06:52 PM - [10.601] ----D- C:\Program Files (x86)\uTorrentBar
      O69 - SBI: SearchScopes [HKCU] {c99fdc39-a1ae-4b24-8d71-e5274f8d7c54} - (Private Search) - http://search.hotspotshield.com
      [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
      [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\HssSrv]
      [HKLM\Software\WOW6432Node\freeze.com]
      C:\Program Files (x86)\Hotspot Shield
      O43 - CFD: 11/20/2011 - 3:13:44 PM - [0.027] ----D- C:\Users\Anthony\AppData\Roaming\NetAssistant
      EmptyFlash
      EmptyTemp

    • Puis lance ZHPFix depuis le raccourci situé sur ton Bureau.
      (Sous Vista/Win7, il faut cliquer droit sur le raccourci de ZHPFix et choisir Exécuter en tant qu'administrateur)
    • Une fois ZHPFix ouvert, clique sur le bouton "H" (Coller les lignes Helper).
    • Dans l'encadré principal, tu verras donc les lignes que tu as copié précédemment apparaître. Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.
    • Clique sur "GO" pour lancer le nettoyage. Laisse l'outil travailler et ne touche à rien.
    • Une fois terminé, copie-colle le rapport dans ton prochain message.
    m
    0
    l
    3 Avril 2012 08:52:36

    Bonjour,
    Je viens de faire cette operation, voici le message que j ai a la fin. Merci!
    Rapport de ZHPFix 1.12.3381 par Nicolas Coolman, Update du 08/02/2011
    Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-4-3-2012-7-50-59 AM.txt
    Run by Anthony at 4/3/2012 7:50:59 AM
    Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
    Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.ht...
    Web site : http://nicolascoolman.skyrock.com/

    ========== Software ==========
    NOT FOUND Software Key: {1266764D-FC4F-4FA7-B63B-884D53B1680F}
    DELETED NetAssistant for Firefox
    NOT FOUND Software Key: uTorrentBar Toolbar

    ========== Registry Key ==========
    NOT FOUND Key: CLSID BHO: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
    NOT FOUND Key: CLSID BHO: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
    DELETED Key: HKCU\Software\AppDataLow\Software\uTorrentBar
    DELETED Key: HKCU\Software\AVAST Software
    NOT FOUND Key: HKLM\Software\AVAST Software
    NOT FOUND Key: HKLM\Software\Freeze.com
    NOT FOUND Key: HKLM\Software\farselem
    NOT FOUND Key: HKLM\Software\uTorrentBar
    DELETED Key: SearchScopes :{c99fdc39-a1ae-4b24-8d71-e5274f8d7c54}
    DELETED Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
    NOT FOUND Key: HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\HssSrv
    NOT FOUND Key: HKLM\Software\WOW6432Node\freeze.com

    ========== Registry Value ==========
    DELETED URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}

    ========== Repertory ==========
    DELETED Folder: C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\jud6gq13.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
    DELETE on Reboot Folder**: C:\ProgramData\AVAST Software
    DELETED Folder: C:\Users\Anthony\AppData\Local\Babylon
    DELETED Folder: C:\Users\Anthony\AppData\Local\Conduit
    DELETE on Reboot Folder**: C:\Program Files (x86)\uTorrentBar
    NOT FOUND C:\Users\Anthony\AppData\Roaming\NetAssistant
    DELETED Flash Cookies: 119
    DELETED Window Temporary: : 548

    ========== File ==========
    DELETED File: c:\users\anthony\appdata\roaming\mozilla\firefox\profiles\jud6gq13.default\searchplugins\jerecherche.xml
    DELETE on Reboot c:\program files (x86)\utorrentbar\prxtbuto0.dll
    NOT FOUND File: c:\program files (x86)\hotspot shield\hssie\hssie_64.dll
    NOT FOUND Folder/File: c:\program files (x86)\hotspot shield
    DELETED Flash Cookies: 74
    DELETED Window Temporary: : 4083

    ========== Restoration ==========
    Restore System Point not created


    ========== Summary ==========
    12 : Registry Key
    1 : Registry Value
    8 : Repertory
    6 : File
    3 : Software
    1 : Restoration


    End of clean in 58mn AMs

    ========== Report File ==========
    C:\ZHP\ZHPFix[R1].txt - 4/3/2012 7:50:59 AM [2568]
    m
    0
    l
    a c 295 8 Sécurité
    a b 6 Logiciels
    3 Avril 2012 13:47:41

    Plus de souci ?

    Tu peux me poster un nouveau rapport ZHPDiag ?
    m
    0
    l
    3 Avril 2012 19:50:38

    A priori plus de probleme (meme si lorsque je rajoute un onglet sous Firefox j ai la page de Mozilla us qui apparait (au lieu de google), mais bon c est pas si grave...
    Ci-dessous le dernier rapport ZHPDiag:
    http://pjjoint.malekal.com/files.php?id=ZHPDiag_2012040...

    Merci enormement pour ton aide!
    m
    0
    l
    a c 295 8 Sécurité
    a b 6 Logiciels
    3 Avril 2012 20:19:37

    Tu as bien exécuté ZHPDiag en tant qu'administrateur ?
    m
    0
    l
    a c 295 8 Sécurité
    a b 6 Logiciels
    3 Avril 2012 20:38:41

    Ok, pense à bien lancer ZHPFix en tant qu'administrateur.

    • Copie tout le texte présent dans le cadre ci-dessous (Sélectionne-le, clique droit dessus et choisis "Copier").
      SysRestore
      M0 - MFSP: prefs.js [Anthony - jud6gq13.default] http://www.google.co.uk
      R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com
      R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com
      R3 - URLSearchHook: uTorrentBar Toolbar [64Bits] - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} . (.Conduit Ltd. - Conduit Toolbar.) (6.4.0.0) -- C:\Program Files (x86)\uTorrentBar\prxtbuTo0.dll
      O2 - BHO: Hotspot Shield Class [64Bits] - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} . (...) -- C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll
      O2 - BHO: uTorrentBar [64Bits] - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\uTorrentBar\prxtbuTo0.dll
      O42 - Logiciel: uTorrentBar Toolbar - (.uTorrentBar.) [HKLM] -- uTorrentBar Toolbar
      [HKLM\Software\Freeze.com]
      [HKLM\Software\farselem]
      [HKLM\Software\uTorrentBar]
      O43 - CFD: 3/10/2012 - 6:06:52 PM - [10.601] ----D- C:\Program Files (x86)\uTorrentBar
      O69 - SBI: SearchScopes [HKCU] {8F8458AD-DA19-4AAD-8636-68EBA4EBC931} - (Yahoo) - http://uk.search.yahoo.com
      [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
      [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\HssSrv]
      [HKLM\Software\WOW6432Node\freeze.com]
      EmptyFlash
      EmptyTemp

    • Puis lance ZHPFix depuis le raccourci situé sur ton Bureau.
      (Sous Vista/Win7, il faut cliquer droit sur le raccourci de ZHPFix et choisir Exécuter en tant qu'administrateur)
    • Une fois ZHPFix ouvert, clique sur le bouton "H" (Coller les lignes Helper).
    • Dans l'encadré principal, tu verras donc les lignes que tu as copié précédemment apparaître. Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.
    • Clique sur "GO" pour lancer le nettoyage. Laisse l'outil travailler et ne touche à rien.
    • Une fois terminé, copie-colle le rapport dans ton prochain message.
    m
    0
    l
    3 Avril 2012 20:52:25

    Desole voici le rapport
    Rapport de ZHPFix 1.12.3381 par Nicolas Coolman, Update du 08/02/2011
    Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-4-3-2012-7-51-39 PM.txt
    Run by Anthony at 4/3/2012 7:51:39 PM
    Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
    Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.ht...
    Web site : http://nicolascoolman.skyrock.com/

    ========== Software ==========
    NOT FOUND Software Key: uTorrentBar Toolbar

    ========== Registry Key ==========
    DELETED Key**: CLSID BHO: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
    NOT FOUND Key: CLSID BHO: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
    NOT FOUND Key: HKLM\Software\Freeze.com
    NOT FOUND Key: HKLM\Software\farselem
    NOT FOUND Key: HKLM\Software\uTorrentBar
    DELETED Key: SearchScopes :{8F8458AD-DA19-4AAD-8636-68EBA4EBC931}
    DELETED Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
    DELETED Key: HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\HssSrv
    DELETED Key: HKLM\Software\WOW6432Node\freeze.com

    ========== Registry Value ==========
    NOT FOUND URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}

    ========== Registry Data Items ==========
    REMOVED R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page
    REMOVED R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page

    ========== Browser Profiles ==========
    NOT FOUND Mozilla Pref: http://www.google.co.uk

    ========== Repertory ==========
    DELETED Folder: C:\Program Files (x86)\uTorrentBar
    DELETED Flash Cookies: 20
    DELETED Window Temporary: : 4

    ========== File ==========
    DELETED File: c:\program files (x86)\utorrentbar\prxtbuto0.dll
    NOT FOUND File: c:\program files (x86)\utorrentbar\prxtbuto0.dll
    DELETED Flash Cookies: 6
    DELETED Window Temporary: : 24

    ========== Restoration ==========
    Restore System Point created succefully


    ========== Summary ==========
    9 : Registry Key
    1 : Registry Value
    2 : Registry Data Items
    3 : Repertory
    4 : File
    1 : Software
    1 : Browser Profiles
    1 : Restoration


    End of clean in 25mn AMs

    ========== Report File ==========
    C:\ZHP\ZHPFix[R1].txt - 4/3/2012 6:50:59 AM [2620]
    C:\ZHP\ZHPFix[R2].txt - 4/3/2012 7:51:39 PM [2138]
    m
    0
    l
    a c 295 8 Sécurité
    a b 6 Logiciels
    3 Avril 2012 21:02:07

    Pour Firefox, c'est OK maintenant ?
    m
    0
    l
    3 Avril 2012 21:16:51

    C est parfait! Merci beaucoup pour ton temps et ton aide!
    m
    0
    l
    a c 295 8 Sécurité
    a b 6 Logiciels
    4 Avril 2012 01:00:05

    Pour finir :


      1/

    • Télécharge DelFix sur ton Bureau.
    • Clique droit sur DelFix et choisis Exécuter en tant qu'administrateur.
    • Clique sur le bouton Suppression.
    • Poste le rapport (C:\DelFixSuppr.txt).
    • Supprime DelFix.


      2/

      CCleaner risque de supprimer les identifiants et mots de passe enregistrés dans ton navigateur, tu pourras les remettre.

    • Télécharge et installe CCleaner.
    • Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
    • Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.


      3/

    • Il est nécessaire de supprimer les points de restauration. Ensuite, crée un nouveau point de restauration.



  • ==Prévention==

    Un logiciel utile en cas d'infection :
    http://www.malekal.com/2010/11/12/tutorial-malwarebyte-...

    Voici un dossier sur la prévention et sécurité sur Internet (A lire avec Adobe Reader) : Lien


    ;) 
    m
    0
    l
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS