Se connecter / S'enregistrer
Votre question

Auto-virus

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
Anonyme
22 Mai 2011 11:10:55

Bonjour ,


Je suis infesté de virus suite a une installation d'un logiciel .

J'ai fait un scan antivir , il m'en a detecté 12 et j'ai fait une restauration systeme .
Ca a l'air d'aller mieux mais je pense que tous n'est pas clean .
Il y avait des processus comme Qdujoa ou comme ca qui etait actif .

Je voudrais donc savoir comment verifier tous ca ? ( Hijackthis ? anti-spyware? )


Cordialement

Autres pages sur : auto virus

22 Mai 2011 12:17:26

Bonjour

Télécharge DDS et sauvegarde-le sur ton bureau.
  • Désactive tout script bloquant, tels qu'un antivirus, un logiciel comme ad-block, noscript etc.
  • Double-clique sur dds.scr pour lancer l'outil.
  • Une fois le scan fini, un document texte, DDS.txt, va s'ouvrir .
  • Clique Oui à la prochaine invite Optional Scan.
  • Sauvegarde les deux rapports sur ton bureau et poste-moi uniquement le DDS.txt.

    <@_@>**<@_@>**<@_@>**<@_@>**<@_@>**@_@>**<@_@><@_@>**<@_@>**<@_@>**<@_@>**
    Anonyme
    22 Mai 2011 13:00:53

    .
    DDS (Ver_11-05-19.01) - NTFSx86
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_20
    Run by Nico at 12:58:49 on 2011-05-22
    Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.3071.2345 [GMT 2:00]
    .
    AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
    svchost.exe
    svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Dassault Systemes\B18\intel_a\code\bin\CATSysDemon.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\System32\svchost.exe -k HTTPFilter
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\Real\RealPlayer\update\realsched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
    C:\Program Files\iTunes\iTunes.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
    C:\Program Files\Fichiers communs\Apple\Apple Application Support\distnoted.exe
    C:\Documents and Settings\Nico\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Nico\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Nico\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Nico\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Nico\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Nico\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Nico\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Nico\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Nico\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Documents and Settings\Nico\Mes documents\Downloads\dds.scr
    C:\WINDOWS\system32\WSCRIPT.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://vshare.toolbarhome.com/?hp=df
    uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
    uSearch Bar = hxxp://g.msn.fr/0SEFRFR/SAOS02
    mStart Page = hxxp://www.foozir.com/
    uInternet Settings,ProxyOverride = local;*.local
    mSearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=8465785e00000000000020cf304f80c7&tlver=1.4.19.19&affID=17161
    uURLSearchHooks: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - c:\program files\dvdvideosofttb\tbDVD0.dll
    mWinlogon: Userinit=c:\windows\system32\userinit.exe,c:\windows\system32\msybqp32.exe,
    BHO: Objet d'aide à la navigation SFR: {0f6e720a-1a6b-40e1-a294-1d4d19f156c8} - c:\program files\sfr\kit\SFRNavErrorHelper.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\fichiers communs\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: CescrtHlpr Object: {2eecd738-5844-4a99-b4b6-146bf802613b} - c:\program files\babylontoolbar\babylontoolbar\1.4.19.19\bh\BabylonToolbar.dll
    BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
    BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
    BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
    BHO: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - c:\program files\dvdvideosofttb\tbDVD0.dll
    BHO: Programme d'aide de l'Assistant de connexion Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\fichiers communs\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    BHO: OfferBox: {fc0d62c2-9640-4aeb-a5d5-cf25df11fa8c} - c:\program files\offerbox\OfferBoxBHO.dll
    TB: Barre d'outils MSN: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\msn toolbar\01.01.2607.0\fr\msntb.dll
    TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
    TB: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - c:\program files\dvdvideosofttb\tbDVD0.dll
    TB: Babylon Toolbar: {98889811-442d-49dd-99d7-dc866be87dbc} - c:\program files\babylontoolbar\babylontoolbar\1.4.19.19\BabylonToolbarTlbr.dll
    TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
    TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [ISUSPM] "c:\program files\fichiers communs\installshield\updateservice\isuspm.exe" -scheduler
    uRun: [Google Update] "c:\documents and settings\nico\local settings\application data\google\update\GoogleUpdate.exe" /c
    uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockwave 11\SwHelper_1150596.exe -Update -1150596 -"Mozilla/5.0_(Windows;_U;_Windows_NT_5.1;_en-US)_AppleWebKit/534.16_(KHTML,_like_Gecko)_Chrome/10.0.648.204_Safari/534.16" -"http://media.jaludo.com/street_skate/street_skate_2/ind..."
    mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
    mRun: [soft2PC]
    mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    mRun: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    mRun: [ASUS Update Checker] c:\program files\asus\asusupdate\updatechecker\UpdateChecker.exe
    mRun: [RTHDCPL] RTHDCPL.EXE
    mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /install
    mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [BabylonToolbar] "c:\program files\babylontoolbar\babylontoolbar\1.4.19.19\BabylonToolbarsrv.exe" /md I
    mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
    mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
    dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
    StartupFolder: c:\docume~1\alluse~1\menudm~1\progra~1\dmarra~1\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
    IE: E&xporter vers Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
    IE: Free YouTube to Mp3 Converter - c:\documents and settings\nico\application data\dvdvideosoftiehelpers\youtubetomp3.htm
    IE: {90EAE591-7E7E-434a-8E28-ECFD00071806} - c:\program files\pokerstars.fr\PokerStarsUpdate.exe
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
    Trusted Zone: localhost
    DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll
    DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
    Notify: LBTWlgn - c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
    Hosts: 127.0.0.1 www.spywareinfo.com
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\documents and settings\nico\application data\mozilla\firefox\profiles\6gwspdjs.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}
    FF - prefs.js: browser.startup.homepage - hxxp://vshare.toolbarhome.com/?hp=df
    FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=8465785e00000000000020cf304f80c7&tlver=1.4.19.19&instlRef=sst&affID=17161&q=
    FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
    FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll
    FF - component: c:\documents and settings\nico\application data\mozilla\firefox\profiles\6gwspdjs.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\FFExternalAlert.dll
    FF - component: c:\documents and settings\nico\application data\mozilla\firefox\profiles\6gwspdjs.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\RadioWMPCore.dll
    FF - component: c:\documents and settings\nico\application data\mozilla\firefox\profiles\6gwspdjs.default\extensions\ffxtlbr@babylon.com\components\FFHst.dll
    FF - component: c:\program files\offerbox\offerboxffx@offerbox.com\components\OfferBoxXpCom.dll
    FF - plugin: c:\docume~1\nico\applic~1\powerc~1\nppowerloader.dll
    FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
    FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
    FF - plugin: c:\documents and settings\nico\application data\mozilla\firefox\profiles\6gwspdjs.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll
    FF - plugin: c:\documents and settings\nico\local settings\application data\google\update\1.3.21.53\npGoogleUpdate3.dll
    FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
    FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll
    FF - plugin: c:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll
    FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
    FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll
    FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\NPAskSBr.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npbittorrent.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
    FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
    FF - plugin: c:\program files\veetle\player\npvlc.dll
    FF - plugin: c:\program files\veetle\plugins\npVeetle.dll
    FF - plugin: c:\program files\veetle\vlcbroadcast\npvbp.dll
    FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
    FF - Ext: Babylon: ffxtlbr@babylon.com - %profile%\extensions\ffxtlbr@babylon.com
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    FF - Ext: UltraSurf Firefox Tool: {5B52016C-D097-4aec-BE61-9F129D8FDDBA} - %profile%\extensions\{5B52016C-D097-4aec-BE61-9F129D8FDDBA}
    FF - Ext: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - %profile%\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
    FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
    FF - Ext: Ma-config.com: {bb628310-0ab7-11db-9cd8-0800200c9a66} - %profile%\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}
    FF - Ext: vShare: vshare@toolbar - %profile%\extensions\vshare@toolbar
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
    FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
    FF - Ext: OfferBox: offerboxffx@offerbox.com - c:\program files\offerbox\offerboxffx@offerbox.com
    FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\Ext
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: yahoo.homepage.dontask - true
    FF - user.js: keyword.URL - hxxp://redirecterror.sfr.fr/?q=
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2010-12-28 11448]
    R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2009-10-21 11608]
    R1 LUMDriver;LUMDriver;c:\windows\system32\drivers\LUMDriver.sys [2007-4-24 16688]
    R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\avira\antivir desktop\sched.exe [2009-10-21 108289]
    R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2009-10-21 185089]
    R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-10-21 56816]
    R2 BBDemon;Backbone Service;c:\program files\dassault systemes\b18\intel_a\code\bin\CATSysDemon.exe [2007-5-4 36864]
    R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-11-6 54752]
    R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [2010-12-28 56992]
    S2 gupdate;Service Google Update (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-5-14 136176]
    S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-12-17 1691480]
    S3 Amps2prt;Compatible PS/2 Port Mouse Driver;c:\windows\system32\drivers\Amps2prt.sys [2007-4-19 14336]
    S3 cpuz130;cpuz130;\??\c:\docume~1\nico\locals~1\temp\cpuz130\cpuz_x32.sys --> c:\docume~1\nico\locals~1\temp\cpuz130\cpuz_x32.sys [?]
    S3 fsssvc;Service Windows Live Contrôle parental;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864]
    S3 gupdatem;Service Google Update (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-5-14 136176]
    S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2011-3-10 311744]
    S3 sea3bus;Sony Ericsson Device 0A3 driver (WDM);c:\windows\system32\drivers\sea3bus.sys [2010-8-7 61600]
    S3 sea3mdfl;Sony Ericsson Device 0A3 USB WMC Modem Filter;c:\windows\system32\drivers\sea3mdfl.sys [2010-8-7 9392]
    S3 sea3mdm;Sony Ericsson Device 0A3 USB WMC Modem Driver;c:\windows\system32\drivers\sea3mdm.sys [2010-8-7 97152]
    S3 sea3mgmt;Sony Ericsson Device 0A3 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\sea3mgmt.sys [2010-8-7 88656]
    S3 sea3nd5;Sony Ericsson Device 0A3 USB Ethernet Emulation SEMCA3 (NDIS);c:\windows\system32\drivers\sea3nd5.sys [2010-8-7 18736]
    S3 sea3obex;Sony Ericsson Device 0A3 USB WMC OBEX Interface;c:\windows\system32\drivers\sea3obex.sys [2010-8-7 86464]
    S3 sea3unic;Sony Ericsson Device 0A3 USB Ethernet Emulation SEMCA3 (WDM);c:\windows\system32\drivers\sea3unic.sys [2010-8-7 90832]
    S3 ZTEusbvoice;ZTE VoUSB Port;c:\windows\system32\drivers\ZTEusbvoice.sys [2011-4-7 105344]
    .
    =============== Created Last 30 ================
    .
    2011-05-22 08:53:47 -------- d-----w- c:\windows\system32\wbem\repository\FS
    2011-05-22 08:53:47 -------- d-----w- c:\windows\system32\wbem\Repository
    2011-05-21 10:54:33 -------- d-----w- c:\documents and settings\nico\application data\Unity
    2011-05-21 10:48:19 -------- d-----w- c:\documents and settings\nico\local settings\application data\Unity
    2011-05-21 08:31:02 -------- d-----w- c:\documents and settings\nico\application data\ptc
    2011-05-21 08:22:09 -------- d-----w- c:\program files\PTC
    2011-05-21 08:12:02 -------- d-----w- c:\program files\proeWildfire 5.0
    2011-05-10 19:46:33 10915840 ----a-w- c:\windows\system32\libmfxhw32.dll
    2011-05-10 19:46:33 10833920 ----a-w- c:\windows\system32\libmfxsw32.dll
    2011-05-10 19:40:01 -------- d-----w- c:\program files\Total Video Converter
    2011-05-10 19:37:00 -------- d-----w- c:\documents and settings\nico\application data\FreeVideoConverter
    2011-05-10 19:28:44 11776 ----a-w- c:\program files\mozilla firefox\plugins\nprjplug.dll
    2011-05-10 19:28:36 -------- d-----w- c:\program files\fichiers communs\xing shared
    2011-05-10 19:28:28 150712 ----a-w- c:\program files\mozilla firefox\plugins\nppl3260.dll
    2011-05-10 19:28:24 105472 ----a-w- c:\program files\mozilla firefox\plugins\nprpjplug.dll
    2011-05-07 14:30:44 33104 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll
    2011-05-07 14:30:44 32656 ----a-w- c:\windows\system32\msonpmon.dll
    2011-05-07 14:23:14 -------- d-----w- c:\program files\Microsoft Visual Studio 8
    2011-05-07 14:22:36 -------- d-----w- c:\documents and settings\nico\local settings\application data\Microsoft Help
    2011-04-26 11:47:06 -------- d-----w- c:\documents and settings\all users\application data\Codemasters
    2011-04-26 11:40:25 17686528 ----a-w- c:\windows\system32\mkl_blueripple.dll
    2011-04-26 11:40:25 1380352 ----a-w- c:\windows\system32\rapture3d_oal.dll
    2011-04-26 11:40:24 -------- d-----w- c:\program files\BRS
    2011-04-26 11:40:22 809560 ----a-r- c:\windows\system32\tmpF9.tmp
    2011-04-26 11:40:22 809560 ----a-r- c:\windows\system32\tmpF8.tmp
    2011-04-26 11:24:46 -------- d-----w- c:\program files\Codemasters
    .
    ==================== Find3M ====================
    .
    2011-05-21 08:42:52 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
    2011-05-10 19:28:19 348160 ----a-w- c:\windows\system32\msvcr71.dll
    2011-04-26 11:40:23 445016 ----a-w- c:\windows\system32\wrap_oal.dll
    2011-04-26 11:40:23 109144 ----a-w- c:\windows\system32\OpenAL32.dll
    2011-04-10 18:58:24 137176 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
    2011-04-10 18:58:19 268952 ----a-w- c:\windows\system32\PnkBstrB.xtr
    2011-04-10 18:58:19 268952 ----a-w- c:\windows\system32\PnkBstrB.exe
    2011-04-10 11:07:07 268952 ----a-w- c:\windows\system32\PnkBstrB.ex0
    2011-03-22 14:10:02 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
    2011-03-07 05:33:47 692736 ----a-w- c:\windows\system32\inetcomm.dll
    2011-03-04 06:36:19 420864 ----a-w- c:\windows\system32\vbscript.dll
    2011-03-03 13:53:37 1858048 ----a-w- c:\windows\system32\win32k.sys
    2011-02-26 01:19:32 41872 ----a-w- c:\windows\system32\xfcodec.dll
    2011-02-22 23:05:48 916480 ----a-w- c:\windows\system32\wininet.dll
    2011-02-22 23:05:47 43520 ----a-w- c:\windows\system32\licmgr10.dll
    2011-02-22 23:05:47 1469440 ------w- c:\windows\system32\inetcpl.cpl
    2011-02-22 11:42:13 385024 ----a-w- c:\windows\system32\html.iec
    .
    ============= FINISH: 13:00:03,82 ===============
    22 Mai 2011 14:45:44

    re

    désinstalle Spybot, c'est devenu complètement obsolète...

    Tu ferais bien de lire: Les toolbars c'est pas obligatoire!

  • Télécharge Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau.

    /!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\

  • Double-clique sur AD-R situé sur ton Bureau pour le lancer.
    (Sous Vista/Seven, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
  • Choisis la langue F pour français.
  • Au menu principal, choisis l'option Scanner.

    /!\ Laisse travailler l'outil /!\

  • Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).
    /!\ Pense à réactiver ton antivirus /!\


    +++++++++++++++++++++++++++++++
    Anonyme
    22 Mai 2011 14:58:51

    ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

    Mis à jour par TeamXscript le 12/04/11
    Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
    Site web: http://www.teamxscript.org

    C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 14:54:37 le 22/05/2011, Mode normal

    Microsoft Windows XP Professionnel Service Pack 3 (X86)
    Nico@DOKHELAR-A30165 ( )

    ============== RECHERCHE ==============


    Fichier trouvé: C:\Program Files\Mozilla FireFox\plugins\NPAskSBr.dll
    Fichier trouvé: C:\WINDOWS\system32\ConduitEngine.tmp
    Dossier trouvé: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\conduit
    Fichier trouvé: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\searchplugins\conduit.xml
    Dossier trouvé: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\extensions\vshare@toolbar
    Fichier trouvé: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\searchplugins\web-search.xml
    Dossier trouvé: C:\Documents and Settings\Nico\Local Settings\Application Data\Conduit
    Dossier trouvé: C:\Program Files\Conduit
    Dossier trouvé: C:\Documents and Settings\Nico\Local Settings\Application Data\ConduitEngine
    Dossier trouvé: C:\Program Files\ConduitEngine
    Dossier trouvé: C:\Documents and Settings\Nico\Application Data\PriceGong
    Dossier trouvé: C:\Documents and Settings\Nico\Application Data\Soft2PC
    Dossier trouvé: C:\Documents and Settings\Nico\Application Data\OfferBox
    Dossier trouvé: C:\Documents and Settings\Camille\Application Data\OfferBox
    Dossier trouvé: C:\Program Files\OfferBox
    Dossier trouvé: C:\Program Files\Red Kawa\Video Converter App\OpenCandy

    -- Fichier ouvert: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\Prefs.js --
    Ligne trouvée: user_pref("CT1460988.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT146...
    Ligne trouvée: user_pref("CT2269050.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER...
    Ligne trouvée: user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226...
    Ligne trouvée: user_pref("CommunityToolbar.MyGadgetsIntervalMM", 1440);
    Ligne trouvée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr...
    Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList", "CT1460988,CT2269050");
    Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList2", "CT1460988,CT2269050");
    Ligne trouvée: user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2269050");
    Ligne trouvée: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&Sea...
    Ligne trouvée: user_pref("browser.startup.homepage", "hxxp://vshare.toolbarhome.com/?hp=df");
    Ligne trouvée: user_pref("extensions.enabledItems", "ffxtlbr@babylon.com:1.1.3,{ACAA314B-EEBA-48e4-AD47-84E31C44796...
    Ligne trouvée: user_pref("extensions.vshare@toolbar.update.enabled", false);
    Ligne trouvée: user_pref("vshare.install.date", "1302912000000");
    Ligne trouvée: user_pref("vshare.install.dumpFileCount", 0);
    Ligne trouvée: user_pref("vshare.install.dumpFileDisabled", false);
    Ligne trouvée: user_pref("vshare.install.finished", "1.0.0");
    Ligne trouvée: user_pref("vshare.install.guid", "{de50f7b3-6b66-4a6d-ae99-c70e829426f0}");
    Ligne trouvée: user_pref("vshare.install.istoolbarhp", true);
    Ligne trouvée: user_pref("vshare.install.istoolbarsearch", true);
    Ligne trouvée: user_pref("vshare.install.laststatreq", "1305763200000");
    Ligne trouvée: user_pref("vshare.install.newtab", true);
    Ligne trouvée: user_pref("vshare.install.overlayVersion", 1);
    Ligne trouvée: user_pref("vshare.install.userHPSettings", "");
    Ligne trouvée: user_pref("vshare.install.userSPSettings", "");
    -- Fichier Fermé --


    -- Fichier ouvert: C:\Documents and Settings\Benjamin\Application Data\Mozilla\FireFox\Profiles\gxcu4dax.default\Prefs.js --
    Ligne trouvée: user_pref("CT1460988.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT146...
    Ligne trouvée: user_pref("CommunityToolbar.MyGadgetsIntervalMM", 1440);
    Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList", "CT1460988");
    -- Fichier Fermé --


    -- Fichier ouvert: C:\Documents and Settings\Camille\Application Data\Mozilla\FireFox\Profiles\rqvjaecq.default\Prefs.js --
    Ligne trouvée: user_pref("CT1460988.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT146...
    Ligne trouvée: user_pref("CommunityToolbar.MyGadgetsIntervalMM", 1440);
    Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList", "CT1460988");
    -- Fichier Fermé --


    Clé trouvée: HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Clé trouvée: HKLM\Software\Classes\CLSID\{A4439ABD-2A99-43D3-A138-6F544489408B}
    Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A4439ABD-2A99-43D3-A138-6F544489408B}
    Clé trouvée: HKLM\Software\Classes\CLSID\{A7E8C343-7860-4A95-9AA8-AAF30D0F6D1E}
    Clé trouvée: HKLM\Software\Classes\CLSID\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
    Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
    Clé trouvée: HKLM\Software\Classes\Interface\{6612AFDD-34AD-4B89-A236-7E6D07C3FDCD}
    Clé trouvée: HKLM\Software\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
    Clé trouvée: HKLM\Software\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
    Clé trouvée: HKLM\Software\Classes\TypeLib\{ED85AEBE-F834-4088-B5D3-97EB2478A6CD}
    Clé trouvée: HKLM\Software\Classes\Conduit.Engine
    Clé trouvée: HKLM\Software\Classes\OfferBox.OfferBoxServer
    Clé trouvée: HKLM\Software\Classes\OfferBox.OfferBoxServer.1
    Clé trouvée: HKLM\Software\Classes\Toolbar.CT2269050
    Clé trouvée: HKLM\Software\Conduit
    Clé trouvée: HKLM\Software\conduitEngine
    Clé trouvée: HKLM\Software\OfferBox
    Clé trouvée: HKLM\Software\OpenCandy
    Clé trouvée: HKLM\Software\soft2PC
    Clé trouvée: HKCU\Software\Conduit
    Clé trouvée: HKCU\Software\conduitEngine
    Clé trouvée: HKCU\Software\OfferBox
    Clé trouvée: HKCU\Software\pacificpoker
    Clé trouvée: HKCU\Software\pokerinstaller
    Clé trouvée: HKCU\Software\PriceGong
    Clé trouvée: HKCU\Software\soft2PC
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Pacific Poker
    Clé trouvée: HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\helper
    Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
    Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
    Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37F4A335-D085-423e-A425-0370799166FB}
    Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D402D124-DE78-4040-8CFD-A2F00421B63C}
    Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\OfferBox Browser
    Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Software_is1
    Clé trouvée: HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom

    Valeur trouvée: HKLM\Software\Mozilla\Firefox\Extensions|offerboxffx@offerbox.com
    Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|soft2PC


    ============== SCAN ADDITIONNEL ==============

    **** Mozilla Firefox Version [3.0.19 (fr)] ****

    Plugins\NPAskSBr.dll (Ask.com)
    HKLM_MozillaPlugins\@pandonetworks.com/PandoWebPlugin (x)
    HKLM_MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 (x)
    HKCU_MozillaPlugins\@powerchallenge.com/PowerLoader (x)
    HKCU_MozillaPlugins\pandonetworks.com/PandoWebPlugin (x)
    Searchplugins\babylon.xml (hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=8465785e00000000000020cf304f80c7&tlver=1.4.19.19&affID=17161/)
    Searchplugins\fcmdSrch.xml ( hxxp://start.facemoods.com/?a=iron&f=4&q={searchTerms}/)
    Components\aboutRights.js
    Components\aboutRobots.js
    Components\nsPostUpdateWin.js
    HKLM_Extensions|offerboxffx@offerbox.com - C:\Program Files\OfferBox\offerboxffx@offerbox.com

    -- C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default --
    Extensions\ffxtlbr@babylon.com (Babylon)
    Extensions\vshare@toolbar (vShare)
    Extensions\{5B52016C-D097-4aec-BE61-9F129D8FDDBA} (UltraSurf Firefox Tool)
    Extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} (DVDVideoSoftTB Toolbar)
    Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} (DVDVideoSoft Menu)
    Extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66} (Ma-config.com)
    Searchplugins\conduit.xml (hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}/)
    Searchplugins\web-search.xml (?)
    User.js - keyword.URL, hxxp://redirecterror.sfr.fr/?q=
    Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\Nico\\Bureau
    Prefs.js - browser.search.defaultenginename, Web Search...
    Prefs.js - browser.search.defaulturl, hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}
    Prefs.js - browser.startup.homepage, hxxp://vshare.toolbarhome.com/?hp=df
    Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.0.19
    Prefs.js - keyword.URL, hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=8465785e00000000000020cf304f80c7&tlver=1.4.19.19&instlRef=ss...

    -- C:\Documents and Settings\Benjamin\Application Data\Mozilla\FireFox\Profiles\gxcu4dax.default --
    Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.0.19

    -- C:\Documents and Settings\Camille\Application Data\Mozilla\FireFox\Profiles\rqvjaecq.default --
    Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\Camille\\Mes documents\\Mes images\\28 ans gael
    Prefs.js - browser.search.defaultenginename, Bing
    Prefs.js - browser.search.defaulturl, hxxp://www.bing.com/search?FORM=IEFM1&q=
    Prefs.js - browser.search.selectedEngine, Google
    Prefs.js - browser.startup.homepage, hxxp://go.microsoft.com/fwlink/?LinkId=69157
    Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.0.19
    Prefs.js - keyword.URL, hxxp://www.bing.com/search?FORM=IEFM1&q=

    ========================================

    **** Google Chrome Version [11.0.696.68] ****

    Extension\bjeikeheijdjdfjbmknpefojickbkmom (C:\Program Files\OfferBox\OfferBoxChromeExtension.crx) (?)
    Extension\dhkplhfnhceodhffomolpfigojocbpcb (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbar.crx) (?)
    Extension\jfmjfhklogoienhpfnppmbcbjfjnkonk (C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx) (?)

    -- C:\Documents and Settings\Nico\Local Settings\Application Data\Google\Chrome\User Data\Default --
    Preferences - default_search_provider: "Google" (Activé: true) (?)
    Preferences - homepage: hxxp://www.google.com/webhp?hl=fr
    Preferences - homepage_is_newtabpage: false
    Plugin - Microsoft DRM (Activé: true) (C:\Program Files\Windows Media Player\npdrmv2.dll)
    Plugin - Microsoft DRM (Activé: true) (C:\Program Files\Windows Media Player\npwmsdrm.dll)
    Plugin - Pando Web Plugin (Activé: true) (C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll)
    Plugin - Veetle TV Player (Activé: true) (C:\Program Files\Veetle\Player\npvlc.dll)
    Plugin - Veetle Broadcaster Plugin (Activé: true) (C:\Program Files\Veetle\VLCBroadcast\npvbp.dll)
    Plugin - Veetle TV Core (Activé: true) (C:\Program Files\Veetle\plugins\npVeetle.dll)
    Plugin - Windows Live Photo Gallery (Activé: true) (C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll)
    Plugin - "Ask Toolbar Plugin Stub" (Activé: true)
    Plugin - "Windows Live Photo Gallery" (Activé: true)
    Plugin - "DivX Player" (Activé: true)
    Plugin - "Pando Web Plugin" (Activé: true)
    Plugin - "Veetle TV Core" (Activé: true)
    Plugin - "BitTorrent" (Activé: true)
    Plugin - "DNA Plug-in" (Activé: true)
    Plugin - "Microsoft DRM" (Activé: true)
    Plugin - "Power Challenge Loader" (Activé: true)
    Plugin - "Veetle Broadcaster Plugin" (Activé: true)
    Plugin - "Veetle TV Player" (Activé: true)

    ========================================

    **** Internet Explorer Version [8.0.6001.18702] ****

    HKCU_Main|SearchMigratedDefaultURL - hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
    HKCU_Main|Search bar - hxxp://g.msn.fr/0SEFRFR/SAOS02
    HKCU_Main|Search Page - hxxp://home.microsoft.com/access/allinone.asp
    HKCU_Main|Start Page - hxxp://vshare.toolbarhome.com/?hp=df
    HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157
    HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
    HKLM_Main|Start Page - hxxp://www.foozir.com/
    HKCU_URLSearchHooks|{872b5b88-9db5-4310-bdd0-ac189557e5f5} - "DVDVideoSoftTB Toolbar" (C:\Program Files\DVDVideoSoftTB\tbDVD0.dll)
    HKCU_SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A} - "Facemoods Search" (hxxp://start.facemoods.com/?a=iron&s={searchTerms}&f=4)
    HKCU_SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5} - "Search the web (Babylon)" (hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=8465785e000000000...)
    HKCU_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "DVDVideoSoftTB Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...)
    HKCU_Toolbar\WebBrowser|{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll)
    HKCU_Toolbar\WebBrowser|{32099AAC-C132-4136-9E9A-4E364A424E17} (x)
    HKCU_Toolbar\WebBrowser|{872B5B88-9DB5-4310-BDD0-AC189557E5F5} (C:\Program Files\DVDVideoSoftTB\tbDVD0.dll)
    HKLM_Toolbar|{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll)
    HKLM_Toolbar|{872b5b88-9db5-4310-bdd0-ac189557e5f5} (C:\Program Files\DVDVideoSoftTB\tbDVD0.dll)
    HKLM_Toolbar|{98889811-442D-49dd-99D7-DC866BE87DBC} (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll)
    HKCU_ElevationPolicy\{1A84286C-B9A7-4CB6-AB1A-A81E9E0B05E5} - C:\Program Files\Veetle\VLCBroadcast\lbclient.exe (?)
    HKCU_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files\Veetle\Player\vtl_hfs.exe (?)
    HKCU_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files\Veetle\Player\player.exe (?)
    HKCU_ElevationPolicy\{AD6C7CB1-6324-401E-94F4-A09BDC10C866} - C:\Program Files\Veetle\VLCBroadcast\vlc_encoder.exe (?)
    HKCU_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files\Veetle\Player\vtl_hfax.exe (?)
    HKLM_ElevationPolicy\${ELV_GUID} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.)
    HKLM_ElevationPolicy\e664cb25-f367-47a6-97c8-11ada701f75d - C:\Program Files\DVDVideoSoftTB\DVDVideoSoftTBToolbarHelper.exe (?)
    HKLM_ElevationPolicy\{37F4A335-D085-423e-A425-0370799166FB} - C:\Program Files\OfferBox\OfferBox.exe (Secure Digital Services Limited)
    HKLM_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files\Veetle\Player\vtl_hfs.exe (?)
    HKLM_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files\Veetle\Player\player.exe (?)
    HKLM_ElevationPolicy\{B2321D2F-1154-4d97-AD3E-2FE0BAE2897B} - C:\Program Files\SFR\Kit\9launch.exe (SFR)
    HKLM_ElevationPolicy\{D402D124-DE78-4040-8CFD-A2F00421B63C} - C:\Program Files\ConduitEngine\ConduitEngineHelper.exe (Conduit Ltd.)
    HKLM_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files\Veetle\Player\vtl_hfax.exe (?)
    HKLM_ElevationPolicy\{F601DC8A-BF3B-4AB9-B0FA-03D0954AD5CC} - C:\Program Files\DVDVideoSoftTB\DVDVideoSoftTBToolbarHelper1.exe (Conduit Ltd.)
    HKLM_Extensions\{90EAE591-7E7E-434a-8E28-ECFD00071806} - "PokerStars.fr" (C:\Program Files\PokerStars.FR\main.ico)
    HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
    BHO\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - "Objet d'aide à la navigation SFR" (C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll)
    BHO\{2EECD738-5844-4a99-B4B6-146BF802613B} - "CescrtHlpr Object" (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll)
    BHO\{30F9B915-B755-4826-820B-08FBA6BD249D} - "Conduit Engine" (C:\Program Files\ConduitEngine\ConduitEngine.dll)
    BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
    BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)
    BHO\{872b5b88-9db5-4310-bdd0-ac189557e5f5} - "DVDVideoSoftTB Toolbar" (C:\Program Files\DVDVideoSoftTB\tbDVD0.dll)
    BHO\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} - "OfferBox" (C:\Program Files\OfferBox\OfferBoxBHO.dll)

    ========================================

    C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
    C:\Program Files\Ad-Remover\Backup: 1 Fichier(s)

    C:\Ad-Report-SCAN[1].txt - 22/05/2011 14:54:42 (12936 Octet(s))

    Fin à: 14:55:19, 22/05/2011

    ============== E.O.F ==============
    22 Mai 2011 15:02:10

    re
    faut vraiment lire le lien que je t'ai passé ci-dessus..
    tu sais que tu n'es pas obligé d'installer tout et n'importe quoi sur ton pc... faut un peu lire avant de cliquer sur oui/suivant... :lol: 



    /!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\

  • Double-clique sur AD-R situé sur ton Bureau pour le lancer.
    (Sous Vista/Seven, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
  • Choisis la langue F pour français.
  • Au menu principal, choisis l'option Nettoyer.

    /!\ Laisse travailler l'outil /!\

  • Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).
    /!\ Pense à réactiver ton antivirus /!\
    Anonyme
    22 Mai 2011 20:09:19

    Ouais désinstallé quoi par exemple ?

    Merci pour l'instant ;) 


    ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

    Mis à jour par TeamXscript le 12/04/11
    Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
    Site web: http://www.teamxscript.org

    C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 14:54:37 le 22/05/2011, Mode normal

    Microsoft Windows XP Professionnel Service Pack 3 (X86)
    Nico@DOKHELAR-A30165 ( )

    ============== RECHERCHE ==============


    Fichier trouvé: C:\Program Files\Mozilla FireFox\plugins\NPAskSBr.dll
    Fichier trouvé: C:\WINDOWS\system32\ConduitEngine.tmp
    Dossier trouvé: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\conduit
    Fichier trouvé: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\searchplugins\conduit.xml
    Dossier trouvé: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\extensions\vshare@toolbar
    Fichier trouvé: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\searchplugins\web-search.xml
    Dossier trouvé: C:\Documents and Settings\Nico\Local Settings\Application Data\Conduit
    Dossier trouvé: C:\Program Files\Conduit
    Dossier trouvé: C:\Documents and Settings\Nico\Local Settings\Application Data\ConduitEngine
    Dossier trouvé: C:\Program Files\ConduitEngine
    Dossier trouvé: C:\Documents and Settings\Nico\Application Data\PriceGong
    Dossier trouvé: C:\Documents and Settings\Nico\Application Data\Soft2PC
    Dossier trouvé: C:\Documents and Settings\Nico\Application Data\OfferBox
    Dossier trouvé: C:\Documents and Settings\Camille\Application Data\OfferBox
    Dossier trouvé: C:\Program Files\OfferBox
    Dossier trouvé: C:\Program Files\Red Kawa\Video Converter App\OpenCandy

    -- Fichier ouvert: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\Prefs.js --
    Ligne trouvée: user_pref("CT1460988.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT146...
    Ligne trouvée: user_pref("CT2269050.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER...
    Ligne trouvée: user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226...
    Ligne trouvée: user_pref("CommunityToolbar.MyGadgetsIntervalMM", 1440);
    Ligne trouvée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr...
    Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList", "CT1460988,CT2269050");
    Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList2", "CT1460988,CT2269050");
    Ligne trouvée: user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2269050");
    Ligne trouvée: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&Sea...
    Ligne trouvée: user_pref("browser.startup.homepage", "hxxp://vshare.toolbarhome.com/?hp=df");
    Ligne trouvée: user_pref("extensions.enabledItems", "ffxtlbr@babylon.com:1.1.3,{ACAA314B-EEBA-48e4-AD47-84E31C44796...
    Ligne trouvée: user_pref("extensions.vshare@toolbar.update.enabled", false);
    Ligne trouvée: user_pref("vshare.install.date", "1302912000000");
    Ligne trouvée: user_pref("vshare.install.dumpFileCount", 0);
    Ligne trouvée: user_pref("vshare.install.dumpFileDisabled", false);
    Ligne trouvée: user_pref("vshare.install.finished", "1.0.0");
    Ligne trouvée: user_pref("vshare.install.guid", "{de50f7b3-6b66-4a6d-ae99-c70e829426f0}");
    Ligne trouvée: user_pref("vshare.install.istoolbarhp", true);
    Ligne trouvée: user_pref("vshare.install.istoolbarsearch", true);
    Ligne trouvée: user_pref("vshare.install.laststatreq", "1305763200000");
    Ligne trouvée: user_pref("vshare.install.newtab", true);
    Ligne trouvée: user_pref("vshare.install.overlayVersion", 1);
    Ligne trouvée: user_pref("vshare.install.userHPSettings", "");
    Ligne trouvée: user_pref("vshare.install.userSPSettings", "");
    -- Fichier Fermé --


    -- Fichier ouvert: C:\Documents and Settings\Benjamin\Application Data\Mozilla\FireFox\Profiles\gxcu4dax.default\Prefs.js --
    Ligne trouvée: user_pref("CT1460988.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT146...
    Ligne trouvée: user_pref("CommunityToolbar.MyGadgetsIntervalMM", 1440);
    Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList", "CT1460988");
    -- Fichier Fermé --


    -- Fichier ouvert: C:\Documents and Settings\Camille\Application Data\Mozilla\FireFox\Profiles\rqvjaecq.default\Prefs.js --
    Ligne trouvée: user_pref("CT1460988.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT146...
    Ligne trouvée: user_pref("CommunityToolbar.MyGadgetsIntervalMM", 1440);
    Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList", "CT1460988");
    -- Fichier Fermé --


    Clé trouvée: HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Clé trouvée: HKLM\Software\Classes\CLSID\{A4439ABD-2A99-43D3-A138-6F544489408B}
    Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A4439ABD-2A99-43D3-A138-6F544489408B}
    Clé trouvée: HKLM\Software\Classes\CLSID\{A7E8C343-7860-4A95-9AA8-AAF30D0F6D1E}
    Clé trouvée: HKLM\Software\Classes\CLSID\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
    Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
    Clé trouvée: HKLM\Software\Classes\Interface\{6612AFDD-34AD-4B89-A236-7E6D07C3FDCD}
    Clé trouvée: HKLM\Software\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
    Clé trouvée: HKLM\Software\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
    Clé trouvée: HKLM\Software\Classes\TypeLib\{ED85AEBE-F834-4088-B5D3-97EB2478A6CD}
    Clé trouvée: HKLM\Software\Classes\Conduit.Engine
    Clé trouvée: HKLM\Software\Classes\OfferBox.OfferBoxServer
    Clé trouvée: HKLM\Software\Classes\OfferBox.OfferBoxServer.1
    Clé trouvée: HKLM\Software\Classes\Toolbar.CT2269050
    Clé trouvée: HKLM\Software\Conduit
    Clé trouvée: HKLM\Software\conduitEngine
    Clé trouvée: HKLM\Software\OfferBox
    Clé trouvée: HKLM\Software\OpenCandy
    Clé trouvée: HKLM\Software\soft2PC
    Clé trouvée: HKCU\Software\Conduit
    Clé trouvée: HKCU\Software\conduitEngine
    Clé trouvée: HKCU\Software\OfferBox
    Clé trouvée: HKCU\Software\pacificpoker
    Clé trouvée: HKCU\Software\pokerinstaller
    Clé trouvée: HKCU\Software\PriceGong
    Clé trouvée: HKCU\Software\soft2PC
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Pacific Poker
    Clé trouvée: HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\helper
    Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
    Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
    Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37F4A335-D085-423e-A425-0370799166FB}
    Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D402D124-DE78-4040-8CFD-A2F00421B63C}
    Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\OfferBox Browser
    Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Software_is1
    Clé trouvée: HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom

    Valeur trouvée: HKLM\Software\Mozilla\Firefox\Extensions|offerboxffx@offerbox.com
    Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|soft2PC


    ============== SCAN ADDITIONNEL ==============

    **** Mozilla Firefox Version [3.0.19 (fr)] ****

    Plugins\NPAskSBr.dll (Ask.com)
    HKLM_MozillaPlugins\@pandonetworks.com/PandoWebPlugin (x)
    HKLM_MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 (x)
    HKCU_MozillaPlugins\@powerchallenge.com/PowerLoader (x)
    HKCU_MozillaPlugins\pandonetworks.com/PandoWebPlugin (x)
    Searchplugins\babylon.xml (hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=8465785e00000000000020cf304f80c7&tlver=1.4.19.19&affID=17161/)
    Searchplugins\fcmdSrch.xml ( hxxp://start.facemoods.com/?a=iron&f=4&q={searchTerms}/)
    Components\aboutRights.js
    Components\aboutRobots.js
    Components\nsPostUpdateWin.js
    HKLM_Extensions|offerboxffx@offerbox.com - C:\Program Files\OfferBox\offerboxffx@offerbox.com

    -- C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default --
    Extensions\ffxtlbr@babylon.com (Babylon)
    Extensions\vshare@toolbar (vShare)
    Extensions\{5B52016C-D097-4aec-BE61-9F129D8FDDBA} (UltraSurf Firefox Tool)
    Extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} (DVDVideoSoftTB Toolbar)
    Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} (DVDVideoSoft Menu)
    Extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66} (Ma-config.com)
    Searchplugins\conduit.xml (hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}/)
    Searchplugins\web-search.xml (?)
    User.js - keyword.URL, hxxp://redirecterror.sfr.fr/?q=
    Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\Nico\\Bureau
    Prefs.js - browser.search.defaultenginename, Web Search...
    Prefs.js - browser.search.defaulturl, hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}
    Prefs.js - browser.startup.homepage, hxxp://vshare.toolbarhome.com/?hp=df
    Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.0.19
    Prefs.js - keyword.URL, hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=8465785e00000000000020cf304f80c7&tlver=1.4.19.19&instlRef=ss...

    -- C:\Documents and Settings\Benjamin\Application Data\Mozilla\FireFox\Profiles\gxcu4dax.default --
    Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.0.19

    -- C:\Documents and Settings\Camille\Application Data\Mozilla\FireFox\Profiles\rqvjaecq.default --
    Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\Camille\\Mes documents\\Mes images\\28 ans gael
    Prefs.js - browser.search.defaultenginename, Bing
    Prefs.js - browser.search.defaulturl, hxxp://www.bing.com/search?FORM=IEFM1&q=
    Prefs.js - browser.search.selectedEngine, Google
    Prefs.js - browser.startup.homepage, hxxp://go.microsoft.com/fwlink/?LinkId=69157
    Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.0.19
    Prefs.js - keyword.URL, hxxp://www.bing.com/search?FORM=IEFM1&q=

    ========================================

    **** Google Chrome Version [11.0.696.68] ****

    Extension\bjeikeheijdjdfjbmknpefojickbkmom (C:\Program Files\OfferBox\OfferBoxChromeExtension.crx) (?)
    Extension\dhkplhfnhceodhffomolpfigojocbpcb (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbar.crx) (?)
    Extension\jfmjfhklogoienhpfnppmbcbjfjnkonk (C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx) (?)

    -- C:\Documents and Settings\Nico\Local Settings\Application Data\Google\Chrome\User Data\Default --
    Preferences - default_search_provider: "Google" (Activé: true) (?)
    Preferences - homepage: hxxp://www.google.com/webhp?hl=fr
    Preferences - homepage_is_newtabpage: false
    Plugin - Microsoft DRM (Activé: true) (C:\Program Files\Windows Media Player\npdrmv2.dll)
    Plugin - Microsoft DRM (Activé: true) (C:\Program Files\Windows Media Player\npwmsdrm.dll)
    Plugin - Pando Web Plugin (Activé: true) (C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll)
    Plugin - Veetle TV Player (Activé: true) (C:\Program Files\Veetle\Player\npvlc.dll)
    Plugin - Veetle Broadcaster Plugin (Activé: true) (C:\Program Files\Veetle\VLCBroadcast\npvbp.dll)
    Plugin - Veetle TV Core (Activé: true) (C:\Program Files\Veetle\plugins\npVeetle.dll)
    Plugin - Windows Live Photo Gallery (Activé: true) (C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll)
    Plugin - "Ask Toolbar Plugin Stub" (Activé: true)
    Plugin - "Windows Live Photo Gallery" (Activé: true)
    Plugin - "DivX Player" (Activé: true)
    Plugin - "Pando Web Plugin" (Activé: true)
    Plugin - "Veetle TV Core" (Activé: true)
    Plugin - "BitTorrent" (Activé: true)
    Plugin - "DNA Plug-in" (Activé: true)
    Plugin - "Microsoft DRM" (Activé: true)
    Plugin - "Power Challenge Loader" (Activé: true)
    Plugin - "Veetle Broadcaster Plugin" (Activé: true)
    Plugin - "Veetle TV Player" (Activé: true)

    ========================================

    **** Internet Explorer Version [8.0.6001.18702] ****

    HKCU_Main|SearchMigratedDefaultURL - hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
    HKCU_Main|Search bar - hxxp://g.msn.fr/0SEFRFR/SAOS02
    HKCU_Main|Search Page - hxxp://home.microsoft.com/access/allinone.asp
    HKCU_Main|Start Page - hxxp://vshare.toolbarhome.com/?hp=df
    HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157
    HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
    HKLM_Main|Start Page - hxxp://www.foozir.com/
    HKCU_URLSearchHooks|{872b5b88-9db5-4310-bdd0-ac189557e5f5} - "DVDVideoSoftTB Toolbar" (C:\Program Files\DVDVideoSoftTB\tbDVD0.dll)
    HKCU_SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A} - "Facemoods Search" (hxxp://start.facemoods.com/?a=iron&s={searchTerms}&f=4)
    HKCU_SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5} - "Search the web (Babylon)" (hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=8465785e000000000...)
    HKCU_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "DVDVideoSoftTB Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...)
    HKCU_Toolbar\WebBrowser|{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll)
    HKCU_Toolbar\WebBrowser|{32099AAC-C132-4136-9E9A-4E364A424E17} (x)
    HKCU_Toolbar\WebBrowser|{872B5B88-9DB5-4310-BDD0-AC189557E5F5} (C:\Program Files\DVDVideoSoftTB\tbDVD0.dll)
    HKLM_Toolbar|{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll)
    HKLM_Toolbar|{872b5b88-9db5-4310-bdd0-ac189557e5f5} (C:\Program Files\DVDVideoSoftTB\tbDVD0.dll)
    HKLM_Toolbar|{98889811-442D-49dd-99D7-DC866BE87DBC} (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll)
    HKCU_ElevationPolicy\{1A84286C-B9A7-4CB6-AB1A-A81E9E0B05E5} - C:\Program Files\Veetle\VLCBroadcast\lbclient.exe (?)
    HKCU_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files\Veetle\Player\vtl_hfs.exe (?)
    HKCU_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files\Veetle\Player\player.exe (?)
    HKCU_ElevationPolicy\{AD6C7CB1-6324-401E-94F4-A09BDC10C866} - C:\Program Files\Veetle\VLCBroadcast\vlc_encoder.exe (?)
    HKCU_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files\Veetle\Player\vtl_hfax.exe (?)
    HKLM_ElevationPolicy\${ELV_GUID} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.)
    HKLM_ElevationPolicy\e664cb25-f367-47a6-97c8-11ada701f75d - C:\Program Files\DVDVideoSoftTB\DVDVideoSoftTBToolbarHelper.exe (?)
    HKLM_ElevationPolicy\{37F4A335-D085-423e-A425-0370799166FB} - C:\Program Files\OfferBox\OfferBox.exe (Secure Digital Services Limited)
    HKLM_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files\Veetle\Player\vtl_hfs.exe (?)
    HKLM_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files\Veetle\Player\player.exe (?)
    HKLM_ElevationPolicy\{B2321D2F-1154-4d97-AD3E-2FE0BAE2897B} - C:\Program Files\SFR\Kit\9launch.exe (SFR)
    HKLM_ElevationPolicy\{D402D124-DE78-4040-8CFD-A2F00421B63C} - C:\Program Files\ConduitEngine\ConduitEngineHelper.exe (Conduit Ltd.)
    HKLM_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files\Veetle\Player\vtl_hfax.exe (?)
    HKLM_ElevationPolicy\{F601DC8A-BF3B-4AB9-B0FA-03D0954AD5CC} - C:\Program Files\DVDVideoSoftTB\DVDVideoSoftTBToolbarHelper1.exe (Conduit Ltd.)
    HKLM_Extensions\{90EAE591-7E7E-434a-8E28-ECFD00071806} - "PokerStars.fr" (C:\Program Files\PokerStars.FR\main.ico)
    HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
    BHO\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - "Objet d'aide à la navigation SFR" (C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll)
    BHO\{2EECD738-5844-4a99-B4B6-146BF802613B} - "CescrtHlpr Object" (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll)
    BHO\{30F9B915-B755-4826-820B-08FBA6BD249D} - "Conduit Engine" (C:\Program Files\ConduitEngine\ConduitEngine.dll)
    BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
    BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)
    BHO\{872b5b88-9db5-4310-bdd0-ac189557e5f5} - "DVDVideoSoftTB Toolbar" (C:\Program Files\DVDVideoSoftTB\tbDVD0.dll)
    BHO\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} - "OfferBox" (C:\Program Files\OfferBox\OfferBoxBHO.dll)

    ========================================

    C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
    C:\Program Files\Ad-Remover\Backup: 1 Fichier(s)

    C:\Ad-Report-SCAN[1].txt - 22/05/2011 14:54:42 (12936 Octet(s))

    Fin à: 14:55:19, 22/05/2011

    ============== E.O.F ==============
    22 Mai 2011 21:21:45

    re
    Citation :
    Ouais désinstallé quoi par exemple ?


    arrête déjà de cliquer sur tout et n'importe quoi... :D 

    +++++++


    Télécharge MalwareByte's Anti-Malware sur ton Bureau.

  • Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
    Une fois l'installation et la mise à jour effectuées :
  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    ~ Si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    ~~ Si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau.
  • Poste ce rapport.

    REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    Note : Si tu ne parviens à télécharger MBAM à partir de MajorGeeks, tu peux le télécharger ici!

    [#FF0000]Aide
    :
  • Comment utiliser MBAM.
    Anonyme
    24 Mai 2011 07:53:51

    J'ai eu encore de nouvelles infections



    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Version de la base de données: 6657

    Windows 5.1.2600 Service Pack 3
    Internet Explorer 8.0.6001.18702

    24/05/2011 07:51:35
    mbam-log-2011-05-24 (07-51-35).txt

    Type d'examen: Examen complet (C:\|)
    Elément(s) analysé(s): 477391
    Temps écoulé: 2 heure(s), 30 minute(s), 38 seconde(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 22

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    c:\system volume information\_restore{0318f4d6-87e7-43a2-992f-2f00abf8cff4}\RP957\A0428191.exe (Trojan.Downloader.VCP) -> Quarantined and deleted successfully.
    c:\system volume information\_restore{0318f4d6-87e7-43a2-992f-2f00abf8cff4}\RP957\A0430856.exe (Trojan.Downloader.VCP) -> Quarantined and deleted successfully.
    c:\system volume information\_restore{0318f4d6-87e7-43a2-992f-2f00abf8cff4}\RP957\A0430890.exe (Trojan.UltraSurf) -> Quarantined and deleted successfully.
    c:\system volume information\_restore{0318f4d6-87e7-43a2-992f-2f00abf8cff4}\RP957\A0430891.exe (Trojan.UltraSurf) -> Quarantined and deleted successfully.
    c:\system volume information\_restore{0318f4d6-87e7-43a2-992f-2f00abf8cff4}\RP918\A0419073.exe (Adware.Agent) -> Quarantined and deleted successfully.
    c:\documents and settings\Nico\application data\Soft2PC\Software\software.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
    c:\documents and settings\Nico\local settings\temp\Qb0.exe (Trojan.Downloader.VCP) -> Quarantined and deleted successfully.
    c:\documents and settings\Nico\local settings\temp\Qb1.exe (Trojan.Downloader.VCP) -> Quarantined and deleted successfully.
    c:\documents and settings\Nico\local settings\temp\Qb2.exe (Trojan.Downloader.VCP) -> Quarantined and deleted successfully.
    c:\documents and settings\Nico\local settings\temp\Qb3.exe (Trojan.Downloader.VCP) -> Quarantined and deleted successfully.
    c:\documents and settings\Nico\local settings\temp\Qb4.exe (Trojan.Downloader.VCP) -> Quarantined and deleted successfully.
    c:\documents and settings\Nico\local settings\temp\Qb5.exe (Trojan.Downloader.VCP) -> Quarantined and deleted successfully.
    c:\documents and settings\Nico\local settings\temp\Qb6.exe (Trojan.Downloader.VCP) -> Quarantined and deleted successfully.
    c:\documents and settings\Nico\local settings\temp\Qb7.exe (Trojan.Downloader.VCP) -> Quarantined and deleted successfully.
    c:\documents and settings\Nico\local settings\temp\Qb8.exe (Trojan.Downloader.VCP) -> Quarantined and deleted successfully.
    c:\documents and settings\Nico\local settings\temp\Qb9.exe (Trojan.Downloader.VCP) -> Quarantined and deleted successfully.
    c:\documents and settings\Nico\local settings\temp\Qbz.exe (Trojan.Downloader.VCP) -> Quarantined and deleted successfully.
    c:\documents and settings\Nico\local settings\temp\Qca.exe (Trojan.Downloader.VCP) -> Quarantined and deleted successfully.
    c:\documents and settings\Nico\local settings\temp\icreinstall\pdfconvertersetup.exe (Adware.Agent) -> Quarantined and deleted successfully.
    c:\WINDOWS\Tasks\{22116563-108c-42c0-a7ce-60161b75e508}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
    c:\WINDOWS\Tasks\{bbaeaeaf-1275-40e2-bd6c-bc8f88bd114a}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
    c:\WINDOWS\Tasks\{810401e2-dde0-454e-b0e2-aa89c9e5967c}.job (Trojan.FraudPack) -> Quarantined and deleted successfully.
    Anonyme
    24 Mai 2011 20:43:06

    UP
    24 Mai 2011 23:20:46

    Citation :
    UP

    J'ai aussi une vie :o 

    +++++++

    Désactive ton antivirus et tout autre type de protection.
    Télécharge ComboFix de sUBs : Combofix
    Sauvegarde-le sur ton bureau et pas ailleurs!

    Double-clic sur ComboFix, Il va te poser une question, suis les invites puis attends que combofix ait terminé, il est possible que ton PC reboot, c’est normal, un rapport sera créé.Poste le rapport:C:\Combofix.txt
    clique dessus pour l'ouvrir, puis édition "sélectionner tout", édition "copier"

    viens sur le forum et édition "coller"

    AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
    * le nom de la partition peut changer

    <@_@>

    +++++++++++++++++++++


    25 Mai 2011 21:11:48

    ComboFix 11-05-24.06 - Nico 25/05/2011 20:57:36.2.2 - x86
    Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.3071.2354 [GMT 2:00]
    Lancé depuis: c:\documents and settings\Nico\Bureau\ComboFix.exe
    AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
    .
    .
    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\documents and settings\Camille\Application Data\OfferBox
    c:\documents and settings\Camille\Application Data\OfferBox\config.dat
    c:\documents and settings\Camille\Application Data\OfferBox\config.xml
    c:\documents and settings\Nico\Application Data\facemoods.com
    c:\documents and settings\Nico\Application Data\OfferBox
    c:\documents and settings\Nico\Application Data\OfferBox\config.dat
    c:\documents and settings\Nico\Application Data\OfferBox\config.xml
    c:\documents and settings\Nico\Application Data\PriceGong
    c:\documents and settings\Nico\Application Data\PriceGong\Data\1.xml
    c:\documents and settings\Nico\Application Data\PriceGong\Data\a.xml
    c:\documents and settings\Nico\Application Data\PriceGong\Data\b.xml
    c:\documents and settings\Nico\Application Data\PriceGong\Data\c.xml
    c:\documents and settings\Nico\Application Data\PriceGong\Data\d.xml
    c:\documents and settings\Nico\Application Data\PriceGong\Data\e.xml
    c:\documents and settings\Nico\Application Data\PriceGong\Data\f.xml
    c:\documents and settings\Nico\Application Data\PriceGong\Data\g.xml
    c:\documents and settings\Nico\Application Data\PriceGong\Data\h.xml
    c:\documents and settings\Nico\Application Data\PriceGong\Data\i.xml
    c:\documents and settings\Nico\Application Data\PriceGong\Data\J.xml
    c:\documents and settings\Nico\Application Data\PriceGong\Data\k.xml
    c:\documents and settings\Nico\Application Data\PriceGong\Data\l.xml
    c:\documents and settings\Nico\Application Data\PriceGong\Data\m.xml
    c:\documents and settings\Nico\Application Data\PriceGong\Data\mru.xml
    c:\documents and settings\Nico\Application Data\PriceGong\Data\n.xml
    c:\documents and settings\Nico\Application Data\PriceGong\Data\o.xml
    c:\documents and settings\Nico\Application Data\PriceGong\Data\p.xml
    c:\documents and settings\Nico\Application Data\PriceGong\Data\q.xml
    c:\documents and settings\Nico\Application Data\PriceGong\Data\r.xml
    c:\documents and settings\Nico\Application Data\PriceGong\Data\s.xml
    c:\documents and settings\Nico\Application Data\PriceGong\Data\t.xml
    c:\documents and settings\Nico\Application Data\PriceGong\Data\u.xml
    c:\documents and settings\Nico\Application Data\PriceGong\Data\v.xml
    c:\documents and settings\Nico\Application Data\PriceGong\Data\w.xml
    c:\documents and settings\Nico\Application Data\PriceGong\Data\x.xml
    c:\documents and settings\Nico\Application Data\PriceGong\Data\y.xml
    c:\documents and settings\Nico\Application Data\PriceGong\Data\z.xml
    c:\documents and settings\Nico\WINDOWS
    C:\Install.exe
    c:\program files\OfferBox
    c:\program files\OfferBox\OfferBox.exe
    c:\program files\OfferBox\OfferBoxBHO.dll
    c:\program files\OfferBox\OfferBoxChromeExtension.crx
    c:\program files\OfferBox\OfferBoxEngine.dll
    c:\program files\OfferBox\offerboxffx@offerbox.com\chrome.manifest
    c:\program files\OfferBox\offerboxffx@offerbox.com\chrome\content\events.js
    c:\program files\OfferBox\offerboxffx@offerbox.com\chrome\content\overlay.xul
    c:\program files\OfferBox\offerboxffx@offerbox.com\components\OfferBoxXpCom.dll
    c:\program files\OfferBox\offerboxffx@offerbox.com\components\OfferBoxXpCom.xpt
    c:\program files\OfferBox\offerboxffx@offerbox.com\install.rdf
    c:\program files\OfferBox\OfferBoxLauncher.exe
    c:\program files\OfferBox\res\language.xml
    c:\program files\OfferBox\res\loader.gif
    c:\program files\OfferBox\uninst.exe
    c:\windows\system32\rnaph.dll
    c:\windows\XSxS
    .
    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2011-04-25 au 2011-05-25 ))))))))))))))))))))))))))))))))))))
    .
    .
    2011-05-22 12:54 . 2011-05-22 12:54 -------- d-----w- c:\program files\Ad-Remover
    2011-05-22 08:53 . 2011-05-22 08:53 -------- d-----w- c:\windows\system32\wbem\Repository
    2011-05-21 10:54 . 2011-05-21 10:54 -------- d-----w- c:\documents and settings\Nico\Application Data\Unity
    2011-05-21 10:48 . 2011-05-21 10:48 -------- d-----w- c:\documents and settings\Nico\Local Settings\Application Data\Unity
    2011-05-21 09:04 . 2011-05-21 09:04 -------- d-----r- c:\documents and settings\LocalService\Favoris
    2011-05-21 08:31 . 2011-05-21 08:31 -------- d-----w- c:\documents and settings\Nico\Application Data\ptc
    2011-05-21 08:22 . 2011-05-21 08:22 -------- d-----w- c:\program files\PTC
    2011-05-21 08:12 . 2011-05-22 08:53 -------- d-----w- c:\program files\proeWildfire 5.0
    2011-05-10 19:46 . 2010-12-02 08:11 10915840 ----a-w- c:\windows\system32\libmfxhw32.dll
    2011-05-10 19:46 . 2010-12-02 08:11 10833920 ----a-w- c:\windows\system32\libmfxsw32.dll
    2011-05-10 19:40 . 2011-05-10 19:41 -------- d-----w- c:\program files\Total Video Converter
    2011-05-10 19:37 . 2011-05-10 19:37 -------- d-----w- c:\documents and settings\Nico\Application Data\FreeVideoConverter
    2011-05-10 19:28 . 2011-05-10 19:28 11776 ----a-w- c:\program files\Mozilla Firefox\plugins\nprjplug.dll
    2011-05-10 19:28 . 2011-05-10 19:28 -------- d-----w- c:\program files\Fichiers communs\xing shared
    2011-05-10 19:28 . 2011-05-10 19:28 150712 ----a-w- c:\program files\Mozilla Firefox\plugins\nppl3260.dll
    2011-05-10 19:28 . 2011-05-10 19:28 105472 ----a-w- c:\program files\Mozilla Firefox\plugins\nprpjplug.dll
    2011-05-10 19:28 . 2011-05-10 19:28 -------- d-----w- c:\program files\Real
    2011-05-08 00:08 . 2011-05-08 00:08 -------- d-----w- c:\documents and settings\Default User\Local Settings\Application Data\Microsoft Help
    2011-05-07 14:30 . 2008-11-10 09:41 32656 ----a-w- c:\windows\system32\msonpmon.dll
    2011-05-07 14:30 . 2006-10-26 17:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
    2011-05-07 14:28 . 2011-05-08 00:09 -------- d-----w- c:\program files\Microsoft Works
    2011-05-07 14:26 . 2011-05-07 14:26 -------- d-----w- c:\program files\Microsoft.NET
    2011-05-07 14:23 . 2011-05-07 14:23 -------- d-----w- c:\program files\Microsoft Visual Studio 8
    2011-05-07 14:22 . 2011-05-07 14:22 -------- d-----w- c:\documents and settings\Nico\Local Settings\Application Data\Microsoft Help
    2011-05-07 14:22 . 2011-05-11 21:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
    2011-05-07 14:21 . 2011-05-07 14:21 -------- d-----r- C:\MSOCache
    2011-04-26 11:47 . 2011-04-26 11:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Codemasters
    2011-04-26 11:40 . 2010-07-28 17:10 1380352 ----a-w- c:\windows\system32\rapture3d_oal.dll
    2011-04-26 11:40 . 2010-03-01 18:51 17686528 ----a-w- c:\windows\system32\mkl_blueripple.dll
    2011-04-26 11:40 . 2011-04-26 11:40 -------- d-----w- c:\program files\BRS
    2011-04-26 11:40 . 2010-08-18 15:10 809560 ----a-r- c:\windows\system32\tmpF9.tmp
    2011-04-26 11:40 . 2010-08-18 15:10 809560 ----a-r- c:\windows\system32\tmpF8.tmp
    2011-04-26 11:24 . 2011-04-26 11:24 -------- d-----w- c:\program files\Codemasters
    .
    .
    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-05-21 08:42 . 2011-02-21 13:31 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
    2011-05-10 19:28 . 2006-07-11 16:35 348160 ----a-w- c:\windows\system32\msvcr71.dll
    2011-04-26 11:40 . 2009-05-31 15:24 445016 ----a-w- c:\windows\system32\wrap_oal.dll
    2011-04-26 11:40 . 2009-05-31 15:24 109144 ----a-w- c:\windows\system32\OpenAL32.dll
    2011-04-10 18:58 . 2008-06-24 19:22 137176 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
    2011-04-10 18:58 . 2009-06-29 23:55 268952 ----a-w- c:\windows\system32\PnkBstrB.xtr
    2011-04-10 18:58 . 2008-06-24 19:22 268952 ----a-w- c:\windows\system32\PnkBstrB.exe
    2011-04-10 11:07 . 2008-06-24 19:22 268952 ----a-w- c:\windows\system32\PnkBstrB.ex0
    2011-03-22 14:10 . 2008-06-24 19:21 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
    2011-03-07 05:33 . 2008-06-18 12:57 692736 ----a-w- c:\windows\system32\inetcomm.dll
    2011-03-04 06:36 . 2004-08-05 12:00 420864 ----a-w- c:\windows\system32\vbscript.dll
    2011-03-03 13:53 . 2004-08-05 12:00 1858048 ----a-w- c:\windows\system32\win32k.sys
    2011-02-26 01:19 . 2011-02-26 01:19 41872 ----a-w- c:\windows\system32\xfcodec.dll
    .
    .
    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4
    .
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files\DVDVideoSoftTB\tbDVD0.dll" [2010-10-18 3908192]
    .
    [HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
    .
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}]
    2009-10-15 08:53 165184 ----a-w- c:\program files\SFR\Kit\SFRNavErrorHelper.dll
    .
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
    2010-10-18 10:26 3908192 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll
    .
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
    2010-10-18 10:26 3908192 ----a-w- c:\program files\DVDVideoSoftTB\tbDVD0.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files\DVDVideoSoftTB\tbDVD0.dll" [2010-10-18 3908192]
    .
    [HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
    .
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
    "{872B5B88-9DB5-4310-BDD0-AC189557E5F5}"= "c:\program files\DVDVideoSoftTB\tbDVD0.dll" [2010-10-18 3908192]
    .
    [HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ISUSPM"="c:\program files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" [2006-09-10 218032]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
    "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-09-21 55824]
    "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-09-21 55824]
    "ASUS Update Checker"="c:\program files\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe" [2009-12-28 121472]
    "RTHDCPL"="RTHDCPL.EXE" [2009-12-15 18789920]
    "nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2009-08-05 1657376]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-08-06 86016]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-06 13877248]
    "BabylonToolbar"="c:\program files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe" [2010-11-07 286720]
    "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
    "TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2011-05-10 273544]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
    .
    c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-11-17 784912]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
    2007-11-15 09:10 72208 ----a-w- c:\program files\Fichiers communs\Logishrd\Bluetooth\LBTWLgn.dll
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
    @=""
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^Nico^Menu Démarrer^Programmes^Démarrage^Game Alarm.lnk]
    path=c:\documents and settings\Nico\Menu Démarrer\Programmes\Démarrage\Game Alarm.lnk
    backup=c:\windows\pss\Game Alarm.lnkStartup
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^Nico^Menu Démarrer^Programmes^Démarrage^GIGABYTE Gamer HUD Lite.lnk]
    path=c:\documents and settings\Nico\Menu Démarrer\Programmes\Démarrage\GIGABYTE Gamer HUD Lite.lnk
    backup=c:\windows\pss\GIGABYTE Gamer HUD Lite.lnkStartup
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
    2010-09-21 18:37 932288 ----a-w- c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    2009-12-22 00:57 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connexion SFR 9props.exe]
    2009-10-15 08:53 959808 ----a-w- c:\program files\SFR\Kit\9props.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
    2009-04-23 13:51 691656 ----a-w- c:\program files\DAEMON Tools Lite\daemon.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
    2010-04-12 22:46 1135912 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
    2009-10-23 17:54 133104 ----atw- c:\documents and settings\Nico\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    2010-12-13 16:16 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
    2010-12-20 16:08 963976 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCW Startup]
    2002-12-20 15:06 321024 ----a-w- c:\program files\Monitor Calibration Wizard\MCW.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
    2009-07-26 15:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia.PCSync]
    2008-03-26 16:41 1232896 ----a-w- c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
    2008-04-16 10:53 1079808 ----a-w- c:\program files\Nokia\Nokia PC Suite 6\PCSuite.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    2010-11-29 16:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Shockwave Updater]
    2009-04-29 10:28 468408 ----a-w- c:\windows\system32\Adobe\Shockwave 11\SwHelper_1150596.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
    2007-03-27 23:07 593920 ----a-r- c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    2010-02-18 09:43 248040 ----a-w- c:\program files\Fichiers communs\Java\Java Update\jusched.exe
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\Messenger\\msmsgs.exe"=
    "c:\\Program Files\\DNA\\btdna.exe"=
    "c:\\Program Files\\Wolfenstein - 2.6B\\ET.exe"=
    "c:\\Program Files\\Xfire\\xfire.exe"=
    "c:\\Program Files\\Wolfenstein - 2.55\\ET.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\eMule\\emule.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
    "c:\\Program Files\\TmNationsForever\\TmForever.exe"=
    "c:\\Program Files\\mIRC\\mirc.exe"=
    "c:\\WINDOWS\\system32\\dpvsetup.exe"=
    "c:\\WINDOWS\\system32\\rtcshare.exe"=
    "c:\\Program Files\\Wolfenstein - 2.6AB\\ET.exe"=
    "c:\\WINDOWS\\system32\\PnkBstrA.exe"=
    "c:\\WINDOWS\\system32\\PnkBstrB.exe"=
    "c:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe"=
    "c:\\Program Files\\BitTorrent\\bittorrent.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
    "c:\\Program Files\\LimeWire\\LimeWire.exe"=
    "c:\\Program Files\\Microsoft Games\\Age of Empires III\\age3.exe"=
    "c:\\Documents and Settings\\Nico\\Local Settings\\Application Data\\Google\\Chrome\\Application\\chrome.exe"=
    "c:\\Program Files\\Mumble\\murmur.exe"=
    "c:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"=
    "c:\\Program Files\\Ubisoft\\Gearbox Software\\Brothers in Arms - Hell's Highway\\Binaries\\biahh.exe"=
    "c:\\Program Files\\Ubisoft\\Techland\\Call of Juarez - Bound in Blood\\CoJBiBGame_x86.exe"=
    "c:\\Program Files\\Eidos\\Batman Arkham Asylum\\Binaries\\ShippingPC-BmGame.exe"=
    "c:\\Documents and Settings\\Nico\\Application Data\\PowerChallenge\\PowerSoccer\\PowerSoccer.exe"=
    "c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
    "c:\\Program Files\\Ubisoft\\Shaun White Snowboarding\\ShaunWhiteSnowboardingGame.exe"=
    "c:\\Program Files\\Ubisoft\\Shaun White Snowboarding\\ShaunWhiteSnowboarding.exe"=
    "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "c:\\Program Files\\Dassault Systemes\\B17\\intel_a\\code\\bin\\orbixd.exe"=
    "c:\\Program Files\\Dassault Systemes\\B17\\intel_a\\code\\bin\\CNEXT.exe"=
    "c:\\Program Files\\iTunes\\iTunes.exe"=
    "c:\\Program Files\\uTorrent\\uTorrent.exe"=
    "c:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"=
    "c:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"=
    "c:\\Program Files\\Dassault Systemes\\B18\\intel_a\\code\\bin\\orbixd.exe"=
    "c:\\Program Files\\Dassault Systemes\\B18\\intel_a\\code\\bin\\CNEXT.exe"=
    "c:\\Documents and Settings\\Nico\\Mes documents\\Downloads\\Call_of_Duty_Black_Ops_French1\\BlackOps.exe"=
    "c:\\Documents and Settings\\Nico\\Local Settings\\Application Data\\Xenocode\\Sandbox\\Dassault Systemes Product\\5.20.0.9268\\2010.08.01T09.28\\Virtual\\STUBEXE\\8.0.1135\\@PROGRAMFILES@\\Dassault Systemes\\B20\\intel_a\\code\\bin\\CNEXT.exe"=
    "c:\\Program Files\\Codemasters\\F1 2010\\F1_2010_game.exe"=
    "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
    "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
    "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "56722:TCP"= 56722:TCP:p ando Media Booster
    "56722:UDP"= 56722:UDP:p ando Media Booster
    "8394:TCP"= 8394:TCP:League of Legends Launcher
    "8394:UDP"= 8394:UDP:League of Legends Launcher
    "6888:TCP"= 6888:TCP:League of Legends Launcher
    "6888:UDP"= 6888:UDP:League of Legends Launcher
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
    "AllowInboundEchoRequest"= 1 (0x1)
    "AllowOutboundDestinationUnreachable"= 1 (0x1)
    "AllowOutboundSourceQuench"= 1 (0x1)
    "AllowOutboundTimeExceeded"= 1 (0x1)
    "AllowRedirect"= 1 (0x1)
    .
    R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [13/03/2009 18:33 721904]
    R1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [28/12/2010 19:26 11448]
    R1 LUMDriver;LUMDriver;c:\windows\system32\drivers\LUMDriver.sys [24/04/2007 19:52 16688]
    R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [21/10/2009 18:37 108289]
    R2 BBDemon;Backbone Service;c:\program files\Dassault Systemes\B18\intel_a\code\bin\CATSysDemon.exe [04/05/2007 15:24 36864]
    R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [28/12/2010 19:48 56992]
    S2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [14/05/2010 13:41 136176]
    S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [17/12/2010 09:38 1691480]
    S3 Amps2prt;Compatible PS/2 Port Mouse Driver;c:\windows\system32\drivers\Amps2prt.sys [19/04/2007 15:45 14336]
    S3 cpuz130;cpuz130;\??\c:\docume~1\Nico\LOCALS~1\Temp\cpuz130\cpuz_x32.sys --> c:\docume~1\Nico\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [?]
    S3 gupdatem;Service Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [14/05/2010 13:41 136176]
    S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [10/03/2011 15:42 311744]
    S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [16/10/2009 23:31 38224]
    S3 sea3bus;Sony Ericsson Device 0A3 driver (WDM);c:\windows\system32\drivers\sea3bus.sys [07/08/2010 01:02 61600]
    S3 sea3mdfl;Sony Ericsson Device 0A3 USB WMC Modem Filter;c:\windows\system32\drivers\sea3mdfl.sys [07/08/2010 01:02 9392]
    S3 sea3mdm;Sony Ericsson Device 0A3 USB WMC Modem Driver;c:\windows\system32\drivers\sea3mdm.sys [07/08/2010 01:02 97152]
    S3 sea3mgmt;Sony Ericsson Device 0A3 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\sea3mgmt.sys [07/08/2010 01:02 88656]
    S3 sea3nd5;Sony Ericsson Device 0A3 USB Ethernet Emulation SEMCA3 (NDIS);c:\windows\system32\drivers\sea3nd5.sys [07/08/2010 01:02 18736]
    S3 sea3obex;Sony Ericsson Device 0A3 USB WMC OBEX Interface;c:\windows\system32\drivers\sea3obex.sys [07/08/2010 01:02 86464]
    S3 sea3unic;Sony Ericsson Device 0A3 USB Ethernet Emulation SEMCA3 (WDM);c:\windows\system32\drivers\sea3unic.sys [07/08/2010 01:02 90832]
    S3 ZTEusbvoice;ZTE VoUSB Port;c:\windows\system32\drivers\ZTEusbvoice.sys [07/04/2011 18:42 105344]
    .
    Contenu du dossier 'Tâches planifiées'
    .
    2011-05-19 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
    .
    2011-05-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-05-14 13:13]
    .
    2011-05-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-05-14 13:13]
    .
    2011-05-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-2052111302-839522115-1003Core.job
    - c:\documents and settings\Nico\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-10-23 17:54]
    .
    2011-05-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-2052111302-839522115-1003UA.job
    - c:\documents and settings\Nico\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-10-23 17:54]
    .
    2011-05-25 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-2052111302-839522115-1003.job
    - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47]
    .
    2011-05-21 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-2052111302-839522115-1003.job
    - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47]
    .
    .
    ------- Examen supplémentaire -------
    .
    uStart Page = hxxp://vshare.toolbarhome.com/?hp=df
    uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
    mStart Page = hxxp://www.foozir.com/
    uInternet Settings,ProxyOverride = local;*.local
    IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
    IE: Free YouTube to Mp3 Converter - c:\documents and settings\Nico\Application Data\DVDVideoSoftIEHelpers\youtubetomp3.htm
    IE: {{90EAE591-7E7E-434a-8E28-ECFD00071806} - c:\program files\PokerStars.FR\PokerStarsUpdate.exe
    Trusted Zone: localhost
    FF - ProfilePath - c:\documents and settings\Nico\Application Data\Mozilla\Firefox\Profiles\6gwspdjs.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}
    FF - prefs.js: browser.startup.homepage - hxxp://vshare.toolbarhome.com/?hp=df
    FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=8465785e00000000000020cf304f80c7&tlver=1.4.19.19&instlRef=sst&affID=17161&q=
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
    FF - Ext: Babylon: ffxtlbr@babylon.com - %profile%\extensions\ffxtlbr@babylon.com
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    FF - Ext: UltraSurf Firefox Tool: {5B52016C-D097-4aec-BE61-9F129D8FDDBA} - %profile%\extensions\{5B52016C-D097-4aec-BE61-9F129D8FDDBA}
    FF - Ext: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - %profile%\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
    FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
    FF - Ext: Ma-config.com: {bb628310-0ab7-11db-9cd8-0800200c9a66} - %profile%\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}
    FF - Ext: vShare: vshare@toolbar - %profile%\extensions\vshare@toolbar
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
    FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
    FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
    FF - user.js: yahoo.homepage.dontask - true
    FF - user.js: keyword.URL - hxxp://redirecterror.sfr.fr/?q=
    .
    - - - - ORPHELINS SUPPRIMES - - - -
    .
    HKLM-Run-soft2PC - (no file)
    MSConfigStartUp-Helper - c:\documents and settings\Nico\Application Data\Soft2PC\Software\SoftwareHP.exe
    AddRemove-GameCenter_is1 - c:\program files\Cyanide\GameCenter\unins000.exe
    AddRemove-MotoRacer2CurrentVer - c:\program files\MotoRacer2Demo\DeIsL1.isu
    AddRemove-OfferBox Browser - c:\program files\OfferBox\uninst.exe
    AddRemove-ROSTER MEGA PATCH 08-09 V1 - c:\documents and settings\Nico\Mes documents\EA SPORTS(TM) Rugby 08\ROSTER MEGA PATCH 08-09 V1
    .
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2011-05-25 21:04
    Windows 5.1.2600 Service Pack 3 NTFS
    .
    Recherche de processus cachés ...
    .
    Recherche d'éléments en démarrage automatique cachés ...
    .
    Recherche de fichiers cachés ...
    .
    Scan terminé avec succès
    Fichiers cachés: 0
    .
    **************************************************************************
    .
    --------------------- CLES DE REGISTRE BLOQUEES ---------------------
    .
    [HKEY_USERS\S-1-5-21-1801674531-2052111302-839522115-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
    @Allowed: (Read) (RestrictedCode)
    @Allowed: (Read) (RestrictedCode)
    "??"=hex:e9,0d,13,ef,64,61,a5,f3,0d,3d,9d,77,4e,c2,ef,16,2a,92,02,0e,ff,f2,6c,
    1d,4a,b1,f7,ac,ca,a0,f6,aa,03,63,da,09,42,6a,7d,c4,48,b2,a9,8d,83,5d,56,4a,\
    "??"=hex:2f,de,89,13,c0,0d,9d,35,85,7a,60,0e,d9,27,9c,cd
    .
    [HKEY_USERS\S-1-5-21-1801674531-2052111302-839522115-1003\Software\SecuROM\License information*]
    "datasecu"=hex:D f,ea,24,e9,9c,a5,f4,34,53,6b,e5,89,47,7a,0d,35,91,a8,c3,b3,68,
    3e,e8,4e,d1,ec,98,87,36,95,b1,c0,1f,ae,e7,70,ee,cc,d9,6f,8c,27,60,79,98,7a,\
    "rkeysecu"=hex:b6,24,49,bf,1c,73,16,6c,20,90,8b,ec,40,8b,c5,fa
    .
    --------------------- DLLs chargées dans les processus actifs ---------------------
    .
    - - - - - - - > 'winlogon.exe'(840)
    c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll
    c:\program files\fichiers communs\logishrd\bluetooth\LBTServ.dll
    .
    Heure de fin: 2011-05-25 21:07:14
    ComboFix-quarantined-files.txt 2011-05-25 19:06
    ComboFix2.txt 2009-10-19 20:39
    .
    Avant-CF: 29 967 618 048 octets libres
    Après-CF: 31 127 506 944 octets libres
    .
    WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
    [operating systems]
    c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    UnsupportedDebug="do not select this" /debug
    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect /usepmtimer
    .
    - - End Of File - - 76D18BBD183BA29D15202853F126F61D
    26 Mai 2011 22:36:12

    Bonsoir

    Il a rien trouvé


    AhnLab-V3 2011.05.27.00 2011.05.26 -
    AntiVir 7.11.8.151 2011.05.26 -
    Antiy-AVL 2.0.3.7 2011.05.26 -
    Avast 4.8.1351.0 2011.05.26 -
    Avast5 5.0.677.0 2011.05.26 -
    AVG 10.0.0.1190 2011.05.26 -
    BitDefender 7.2 2011.05.26 -
    CAT-QuickHeal 11.00 2011.05.26 -
    ClamAV 0.97.0.0 2011.05.26 -
    Commtouch 5.3.2.6 2011.05.26 -
    Comodo 8846 2011.05.26 -
    DrWeb 5.0.2.03300 2011.05.26 -
    Emsisoft 5.1.0.5 2011.05.26 -
    eSafe 7.0.17.0 2011.05.26 -
    eTrust-Vet 36.1.8349 2011.05.26 -
    F-Prot 4.6.2.117 2011.05.26 -
    F-Secure 9.0.16440.0 2011.05.26 -
    Fortinet 4.2.257.0 2011.05.26 -
    GData 22 2011.05.26 -
    Ikarus T3.1.1.104.0 2011.05.26 -
    Jiangmin 13.0.900 2011.05.26 -
    K7AntiVirus 9.104.4726 2011.05.26 -
    Kaspersky 9.0.0.837 2011.05.26 -
    McAfee 5.400.0.1158 2011.05.26 -
    McAfee-GW-Edition 2010.1D 2011.05.26 -
    Microsoft 1.6903 2011.05.26 -
    NOD32 6156 2011.05.26 -
    nProtect 2011-05-26.01 2011.05.26 -
    Panda 10.0.3.5 2011.05.26 -
    PCTools 7.0.3.5 2011.05.19 -
    Prevx 3.0 2011.05.26 -
    Rising 23.59.02.05 2011.05.25 -
    Sophos 4.65.0 2011.05.26 -
    SUPERAntiSpyware 4.40.0.1006 2011.05.26 -
    Symantec 20111.1.0.186 2011.05.26 -
    TheHacker 6.7.0.1.209 2011.05.26 -
    TrendMicro 9.200.0.1012 2011.05.26 -
    TrendMicro-HouseCall 9.200.0.1012 2011.05.26 -
    VBA32 3.12.16.0 2011.05.26 -
    VIPRE 9398 2011.05.26 -
    ViRobot 2011.5.26.4480 2011.05.26 -
    VirusBuster 13.6.372.0 2011.05.26 -
    27 Mai 2011 20:45:21

    bonsoir
    repasse Ad-Remover, mais clique sur nettoyer cette fois !
    et poste le rapport
    28 Mai 2011 13:56:12

    bonjour et merci


    ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

    Mis à jour par TeamXscript le 12/04/11
    Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
    Site web: http://www.teamxscript.org

    C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 13:42:16 le 28/05/2011, Mode normal

    Microsoft Windows XP Professionnel Service Pack 3 (X86)
    Nico@DOKHELAR-A30165 ( )

    ============== ACTION(S) ==============


    Fichier supprimé: C:\Program Files\Mozilla FireFox\plugins\NPAskSBr.dll
    Fichier supprimé: C:\WINDOWS\system32\ConduitEngine.tmp
    Dossier supprimé: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\conduit
    Fichier supprimé: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\searchplugins\conduit.xml
    Dossier supprimé: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\extensions\vshare@toolbar
    Fichier supprimé: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\searchplugins\web-search.xml
    Dossier supprimé: C:\Documents and Settings\Nico\Local Settings\Application Data\Conduit
    Dossier supprimé: C:\Program Files\Conduit
    Dossier supprimé: C:\Documents and Settings\Nico\Local Settings\Application Data\ConduitEngine
    Dossier supprimé: C:\Program Files\ConduitEngine
    Dossier supprimé: C:\Documents and Settings\Nico\Application Data\PriceGong
    Dossier supprimé: C:\Documents and Settings\Nico\Application Data\Soft2PC
    Dossier supprimé: C:\Program Files\Red Kawa\Video Converter App\OpenCandy

    (!) -- Fichiers temporaires supprimés.


    -- Fichier ouvert: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\Prefs.js --
    Ligne supprimée: user_pref("CT1460988.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT146...
    Ligne supprimée: user_pref("CT2269050.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER...
    Ligne supprimée: user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226...
    Ligne supprimée: user_pref("CommunityToolbar.MyGadgetsIntervalMM", 1440);
    Ligne supprimée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr...
    Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList", "CT1460988,CT2269050");
    Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList2", "CT1460988,CT2269050");
    Ligne supprimée: user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2269050");
    Ligne supprimée: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&Sea...
    Ligne supprimée: user_pref("browser.startup.homepage", "hxxp://vshare.toolbarhome.com/?hp=df");
    Ligne supprimée: user_pref("extensions.enabledItems", "ffxtlbr@babylon.com:1.1.3,{ACAA314B-EEBA-48e4-AD47-84E31C44796...
    Ligne supprimée: user_pref("extensions.vshare@toolbar.update.enabled", false);
    Ligne supprimée: user_pref("vshare.install.date", "1302912000000");
    Ligne supprimée: user_pref("vshare.install.dumpFileCount", 0);
    Ligne supprimée: user_pref("vshare.install.dumpFileDisabled", false);
    Ligne supprimée: user_pref("vshare.install.finished", "1.0.0");
    Ligne supprimée: user_pref("vshare.install.guid", "{de50f7b3-6b66-4a6d-ae99-c70e829426f0}");
    Ligne supprimée: user_pref("vshare.install.istoolbarhp", true);
    Ligne supprimée: user_pref("vshare.install.istoolbarsearch", true);
    Ligne supprimée: user_pref("vshare.install.laststatreq", "1306368000000");
    Ligne supprimée: user_pref("vshare.install.newtab", true);
    Ligne supprimée: user_pref("vshare.install.overlayVersion", 1);
    Ligne supprimée: user_pref("vshare.install.userHPSettings", "");
    Ligne supprimée: user_pref("vshare.install.userSPSettings", "");
    -- Fichier Fermé --


    -- Fichier ouvert: C:\Documents and Settings\Benjamin\Application Data\Mozilla\FireFox\Profiles\gxcu4dax.default\Prefs.js --
    Ligne supprimée: user_pref("CT1460988.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT146...
    Ligne supprimée: user_pref("CommunityToolbar.MyGadgetsIntervalMM", 1440);
    Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList", "CT1460988");
    -- Fichier Fermé --


    -- Fichier ouvert: C:\Documents and Settings\Camille\Application Data\Mozilla\FireFox\Profiles\rqvjaecq.default\Prefs.js --
    Ligne supprimée: user_pref("CT1460988.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT146...
    Ligne supprimée: user_pref("CommunityToolbar.MyGadgetsIntervalMM", 1440);
    Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList", "CT1460988");
    -- Fichier Fermé --


    Clé supprimée: HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Clé supprimée: HKLM\Software\Classes\CLSID\{A4439ABD-2A99-43D3-A138-6F544489408B}
    Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A4439ABD-2A99-43D3-A138-6F544489408B}
    Clé supprimée: HKLM\Software\Classes\Interface\{6612AFDD-34AD-4B89-A236-7E6D07C3FDCD}
    Clé supprimée: HKLM\Software\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
    Clé supprimée: HKLM\Software\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
    Clé supprimée: HKLM\Software\Classes\Conduit.Engine
    Clé supprimée: HKLM\Software\Classes\Toolbar.CT2269050
    Clé supprimée: HKLM\Software\Conduit
    Clé supprimée: HKLM\Software\conduitEngine
    Clé supprimée: HKLM\Software\OpenCandy
    Clé supprimée: HKLM\Software\soft2PC
    Clé supprimée: HKCU\Software\Conduit
    Clé supprimée: HKCU\Software\conduitEngine
    Clé supprimée: HKCU\Software\pacificpoker
    Clé supprimée: HKCU\Software\pokerinstaller
    Clé supprimée: HKCU\Software\PriceGong
    Clé supprimée: HKCU\Software\soft2PC
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Pacific Poker
    Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
    Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
    Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37F4A335-D085-423e-A425-0370799166FB}
    Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D402D124-DE78-4040-8CFD-A2F00421B63C}
    Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
    Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Software_is1
    Clé supprimée: HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom

    Valeur supprimée: HKLM\Software\Mozilla\Firefox\Extensions|offerboxffx@offerbox.com
    Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D}


    ============== SCAN ADDITIONNEL ==============

    **** Mozilla Firefox Version [3.0.19 (fr)] ****

    HKLM_MozillaPlugins\@pandonetworks.com/PandoWebPlugin (x)
    HKLM_MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 (x)
    HKCU_MozillaPlugins\@powerchallenge.com/PowerLoader (x)
    HKCU_MozillaPlugins\pandonetworks.com/PandoWebPlugin (x)
    Searchplugins\babylon.xml (hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=8465785e00000000000020cf304f80c7&tlver=1.4.19.19&affID=17161/)
    Searchplugins\fcmdSrch.xml ( hxxp://start.facemoods.com/?a=iron&f=4&q={searchTerms}/)
    Components\aboutRights.js
    Components\aboutRobots.js
    Components\nsPostUpdateWin.js

    -- C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default --
    Extensions\ffxtlbr@babylon.com (Babylon)
    Extensions\{5B52016C-D097-4aec-BE61-9F129D8FDDBA} (UltraSurf Firefox Tool)
    Extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} (DVDVideoSoftTB Toolbar)
    Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} (DVDVideoSoft Menu)
    Extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66} (Ma-config.com)
    User.js - keyword.URL, hxxp://redirecterror.sfr.fr/?q=
    Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\Nico\\Bureau
    Prefs.js - browser.search.defaultenginename, Web Search...
    Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.0.19
    Prefs.js - keyword.URL, hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=8465785e00000000000020cf304f80c7&tlver=1.4.19.19&instlRef=ss...

    -- C:\Documents and Settings\Benjamin\Application Data\Mozilla\FireFox\Profiles\gxcu4dax.default --
    Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.0.19

    -- C:\Documents and Settings\Camille\Application Data\Mozilla\FireFox\Profiles\rqvjaecq.default --
    Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\Camille\\Mes documents\\Mes images\\28 ans gael
    Prefs.js - browser.search.defaultenginename, Bing
    Prefs.js - browser.search.defaulturl, hxxp://www.bing.com/search?FORM=IEFM1&q=
    Prefs.js - browser.search.selectedEngine, Google
    Prefs.js - browser.startup.homepage, hxxp://go.microsoft.com/fwlink/?LinkId=69157
    Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.0.19
    Prefs.js - keyword.URL, hxxp://www.bing.com/search?FORM=IEFM1&q=

    ========================================

    **** Google Chrome Version [11.0.696.71] ****

    Extension\dhkplhfnhceodhffomolpfigojocbpcb (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbar.crx) (?)
    Extension\jfmjfhklogoienhpfnppmbcbjfjnkonk (C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx) (?)

    -- C:\Documents and Settings\Nico\Local Settings\Application Data\Google\Chrome\User Data\Default --
    Preferences - default_search_provider: "Google" (Activé: true) (?)
    Preferences - homepage: hxxp://www.google.com/webhp?hl=fr
    Preferences - homepage_is_newtabpage: false
    Plugin - Microsoft DRM (Activé: true) (C:\Program Files\Windows Media Player\npdrmv2.dll)
    Plugin - Microsoft DRM (Activé: true) (C:\Program Files\Windows Media Player\npwmsdrm.dll)
    Plugin - Pando Web Plugin (Activé: true) (C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll)
    Plugin - Veetle TV Player (Activé: true) (C:\Program Files\Veetle\Player\npvlc.dll)
    Plugin - Veetle Broadcaster Plugin (Activé: true) (C:\Program Files\Veetle\VLCBroadcast\npvbp.dll)
    Plugin - Veetle TV Core (Activé: true) (C:\Program Files\Veetle\plugins\npVeetle.dll)
    Plugin - Windows Live Photo Gallery (Activé: true) (C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll)
    Plugin - "Ask Toolbar Plugin Stub" (Activé: true)
    Plugin - "Windows Live Photo Gallery" (Activé: true)
    Plugin - "DivX Player" (Activé: true)
    Plugin - "Pando Web Plugin" (Activé: true)
    Plugin - "Veetle TV Core" (Activé: true)
    Plugin - "BitTorrent" (Activé: true)
    Plugin - "DNA Plug-in" (Activé: true)
    Plugin - "Microsoft DRM" (Activé: true)
    Plugin - "Power Challenge Loader" (Activé: true)
    Plugin - "Veetle Broadcaster Plugin" (Activé: true)
    Plugin - "Veetle TV Player" (Activé: true)

    ========================================

    **** Internet Explorer Version [8.0.6001.18702] ****

    HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
    HKCU_Main|Start Page - hxxp://fr.msn.com/
    HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
    HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
    HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Start Page - hxxp://fr.msn.com/
    HKCU_URLSearchHooks|{872b5b88-9db5-4310-bdd0-ac189557e5f5} - "DVDVideoSoftTB Toolbar" (C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll)
    HKCU_SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A} - "Facemoods Search" (hxxp://start.facemoods.com/?a=iron&s={searchTerms}&f=4)
    HKCU_Toolbar\WebBrowser|{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll)
    HKCU_Toolbar\WebBrowser|{32099AAC-C132-4136-9E9A-4E364A424E17} (x)
    HKCU_Toolbar\WebBrowser|{872B5B88-9DB5-4310-BDD0-AC189557E5F5} (C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll)
    HKLM_Toolbar|{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll)
    HKLM_Toolbar|{872b5b88-9db5-4310-bdd0-ac189557e5f5} (C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll)
    HKLM_Toolbar|{98889811-442D-49dd-99D7-DC866BE87DBC} (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll)
    HKCU_ElevationPolicy\{1A84286C-B9A7-4CB6-AB1A-A81E9E0B05E5} - C:\Program Files\Veetle\VLCBroadcast\lbclient.exe (?)
    HKCU_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files\Veetle\Player\vtl_hfs.exe (?)
    HKCU_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files\Veetle\Player\player.exe (?)
    HKCU_ElevationPolicy\{AD6C7CB1-6324-401E-94F4-A09BDC10C866} - C:\Program Files\Veetle\VLCBroadcast\vlc_encoder.exe (?)
    HKCU_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files\Veetle\Player\vtl_hfax.exe (?)
    HKLM_ElevationPolicy\${ELV_GUID} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.)
    HKLM_ElevationPolicy\e664cb25-f367-47a6-97c8-11ada701f75d - C:\Program Files\DVDVideoSoftTB\DVDVideoSoftTBToolbarHelper.exe (?)
    HKLM_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files\Veetle\Player\vtl_hfs.exe (?)
    HKLM_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files\Veetle\Player\player.exe (?)
    HKLM_ElevationPolicy\{B2321D2F-1154-4d97-AD3E-2FE0BAE2897B} - C:\Program Files\SFR\Kit\9launch.exe (SFR)
    HKLM_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files\Veetle\Player\vtl_hfax.exe (?)
    HKLM_ElevationPolicy\{E8C95601-64EA-41D1-9C3C-EBDF476476BF} - C:\Documents and Settings\Nico\Local Settings\Application Data\Conduit\CT2269050\DVDVideoSoftTBAutoUpdaterHelper.exe (x)
    HKLM_ElevationPolicy\{F601DC8A-BF3B-4AB9-B0FA-03D0954AD5CC} - C:\Program Files\DVDVideoSoftTB\DVDVideoSoftTBToolbarHelper.exe (?)
    HKLM_Extensions\{90EAE591-7E7E-434a-8E28-ECFD00071806} - "PokerStars.fr" (C:\Program Files\PokerStars.FR\main.ico)
    HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
    BHO\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - "Objet d'aide à la navigation SFR" (C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll)
    BHO\{2EECD738-5844-4a99-B4B6-146BF802613B} - "CescrtHlpr Object" (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll)
    BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
    BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)
    BHO\{872b5b88-9db5-4310-bdd0-ac189557e5f5} - "DVDVideoSoftTB Toolbar" (C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll)

    ========================================

    C:\Program Files\Ad-Remover\Quarantine: 129 Fichier(s)
    C:\Program Files\Ad-Remover\Backup: 17 Fichier(s)

    C:\Ad-Report-CLEAN[1].txt - 28/05/2011 13:42:22 (15203 Octet(s))
    C:\Ad-Report-SCAN[1].txt - 22/05/2011 14:54:42 (17741 Octet(s))

    Fin à: 13:43:15, 28/05/2011

    ============== E.O.F ==============
    28 Mai 2011 21:16:29

    Bonsoir
    comment se comporte ton pc?

    Clique ICI pour lancer une ligne de scannner ESET.

    Impératif: pour ce scan utiliser Internet Explorer
    Coche Yes ,I accept the Terms of Use
    Clique sur Start
    Autorisez le contrôle ActiveX
    Clique sur Start
    Coche les options suivantes: Remove found threats et Scan archives
    Clique sur Start
    Attend la fin du scan
    Utilise le Bloc-notes pour ouvrir le rapport situé dans C:\Program Files\ESET\ESET online Scanner\log.txt
    Copie et colle ce rapport dans ta prochaine réponse.

    AIDE


    ++++++++++++++++


    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS