Se connecter / S'enregistrer
Votre question

[résolu] Babylon search

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
15 Mai 2011 15:35:20

Bonjour,

Depuis quelques jours, Babylon search s'ouvre à la place de firefox quand je démarre internet.
J'ai pu comprendre qu'il valait mieux le supprimer mais impossible de trouver comment...
Quelqu'un peut m'aider???

Merci beaucoup !

Autres pages sur : resolu babylon search

15 Mai 2011 16:13:48

Bonjour

1


Télécharge DDS et sauvegarde-le sur ton bureau.
  • Désactive tout script bloquant, tels qu'un antivirus, un logiciel comme ad-block, noscript etc.
  • Double-clique sur dds.scr pour lancer l'outil.
  • Une fois le scan fini, un document texte, DDS.txt, va s'ouvrir .
  • Clique Oui à la prochaine invite Optional Scan.
  • Sauvegarde les deux rapports sur ton bureau et poste-moi uniquement le DDS.txt.

    <@_@>**<@_@>**<@_@>**<@_@>**<@_@>**@_@>**<@_@><@_@>**<@_@>**<@_@>**<@_@>**


    2
  • Télécharge Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau.

    /!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\

  • Double-clique sur AD-R situé sur ton Bureau pour le lancer.
    (Sous Vista/Seven, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
  • Choisis la langue F pour français.
  • Au menu principal, choisis l'option Scanner.

    /!\ Laisse travailler l'outil /!\

  • Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).
    /!\ Pense à réactiver ton antivirus /!\

    15 Mai 2011 16:24:52

    Bonjour

    Oups Grillé par le rapide sham rock

    Bonne désinfection :) 
    Contenus similaires
    15 Mai 2011 17:25:50

    Voici le rapport dds.txt

    Je passe à la suite.



    DDS (Ver_11-03-05.01) - NTFSx86
    Run by Propri‚taire at 17:20:14,90 on 15/05/2011
    Internet Explorer: 8.0.7600.16385
    Microsoft Windows 7 Édition Familiale Premium 6.1.7600.0.1252.33.1036.18.3005.1826 [GMT 2:00]
    .
    AV: McAfee AntiVirus et AntiSpyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: McAfee AntiVirus et AntiSpyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
    FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
    .
    ============== Running Processes ===============
    .
    C:\windows\system32\wininit.exe
    C:\windows\system32\lsm.exe
    C:\windows\system32\svchost.exe -k DcomLaunch
    C:\windows\system32\svchost.exe -k RPCSS
    C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\windows\system32\svchost.exe -k netsvcs
    C:\windows\system32\svchost.exe -k LocalService
    C:\windows\system32\svchost.exe -k NetworkService
    C:\windows\System32\spoolsv.exe
    C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
    C:\windows\system32\Dwm.exe
    C:\windows\Explorer.EXE
    C:\windows\system32\mfevtps.exe
    C:\windows\system32\rundll32.exe
    C:\windows\system32\taskhost.exe
    C:\Program Files\CyberLink\Shared files\RichVideo.exe
    C:\Program Files\Microsoft\BingBar\SeaPort.EXE
    C:\windows\system32\svchost.exe -k imgsvc
    C:\windows\system32\taskeng.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
    C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
    C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
    C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
    C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
    C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
    C:\windows\system32\igfxext.exe
    C:\windows\system32\igfxsrvc.exe
    C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
    C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\McAfee.com\Agent\mcagent.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\windows\system32\SearchIndexer.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\windows\System32\svchost.exe -k LocalServicePeerNet
    C:\windows\system32\DllHost.exe
    C:\windows\system32\svchost.exe -k SDRSVC
    C:\windows\system32\wuauclt.exe
    C:\PROGRA~1\McAfee\MSM\McSmtFwk.exe
    C:\PROGRA~1\COMMON~1\McAfee\MSC\McUICnt.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Users\Propriétaire\Desktop\dds.scr
    C:\windows\system32\conhost.exe
    C:\windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://google.com/
    uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
    mSearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=3ed7899b000000000000e839dfbc3ff4&tlver=1.4.19.19&ss=1&affID=18026
    BHO: ShopperReports: {100eb1fd-d03e-47fd-81f3-ee91287f9465} - c:\program files\shopperreports3\bin\3.0.517.0\ShopperReports.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
    BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20101226133217.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
    BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
    BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll"
    TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
    TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll"
    EB: ShopperReports – Price Comparison: {a7cddcdc-beeb-4685-a062-978f5e07ceee} - c:\program files\shopperreports3\bin\3.0.517.0\ShopperReports.dll
    uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
    mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
    mRun: [UpdateLBPShortCut] "c:\program files\cyberlink\labelprint\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\labelprint" updatewithcreateonce "software\cyberlink\labelprint\2.5"
    mRun: [CLMLServer] "c:\program files\cyberlink\power2go\CLMLSvc.exe"
    mRun: [UpdateP2GoShortCut] "c:\program files\cyberlink\power2go\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\power2go" updatewithcreateonce "software\cyberlink\power2go\6.0"
    mRun: [UpdatePDRShortCut] "c:\program files\cyberlink\powerdirector\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\powerdirector" updatewithcreateonce "software\cyberlink\powerdirector\7.0"
    mRun: [RemoteControl8] "c:\program files\cyberlink\powerdvd8\PDVD8Serv.exe"
    mRun: [PDVD8LanguageShortcut] "c:\program files\cyberlink\powerdvd8\language\Language.exe"
    mRun: [UpdatePPShortCut] "c:\program files\cyberlink\powerproducer\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\powerproducer" updatewithcreateonce "software\cyberlink\powerproducer\5.0"
    mRun: [UpdatePSTShortCut] "c:\program files\cyberlink\dvd suite\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\dvd suite" updatewithcreateonce "software\cyberlink\PowerStarter"
    mRun: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
    mRun: [UCam_Menu] "c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\youcam" updatewithcreateonce "software\cyberlink\youcam\2.0"
    mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableLUA = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
    IE: E&xporter vers Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
    IE: {C5428486-50A0-4a02-9D20-520B59A9F9B2} - {C9CCBB35-D123-4a31-AFFC-9B2933132116} - c:\program files\shopperreports3\bin\3.0.517.0\ShopperReports.dll
    IE: {C5428486-50A0-4a02-9D20-520B59A9F9B3} - {A16AD1E9-F69A-45af-9462-B1C286708842} - c:\program files\shopperreports3\bin\3.0.517.0\ShopperReports.dll
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
    Notify: igfxcui - igfxdev.dll
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\users\propri~1\appdata\roaming\mozilla\firefox\profiles\qc4ayffz.default\
    FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
    FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?babsrc=HP_ss&mntrId=3ed7899b000000000000e839dfbc3ff4&tlver=1.4.19.19&ss=1&affID=18026
    FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=3ed7899b000000000000e839dfbc3ff4&tlver=1.4.19.19&instlRef=sst&ss=1&affID=18026&q=
    FF - prefs.js: network.proxy.type - 0
    FF - component: c:\program files\mcafee\siteadvisor\components\McFFPlg.dll
    FF - component: c:\program files\shopperreports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.dll
    FF - component: c:\users\propriétaire\appdata\roaming\mozilla\firefox\profiles\qc4ayffz.default\extensions\{4be68a18-deba-49e0-9e09-ee7796f3b62a}\components\billeotoolbar.dll
    FF - component: c:\users\propriétaire\appdata\roaming\mozilla\firefox\profiles\qc4ayffz.default\extensions\{8a9386b4-e958-4c4c-adf4-8f26db3e4829}\components\PriceGongFF.dll
    FF - component: c:\users\propriétaire\appdata\roaming\mozilla\firefox\profiles\qc4ayffz.default\extensions\ffxtlbr@babylon.com\components\FFHst.dll
    FF - plugin: c:\program files\microsoft silverlight\4.0.60310.0\npctrlui.dll
    FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
    FF - plugin: c:\users\propriã©taire\appdata\roaming\mozilla\firefox\profiles\qc4ayffz.default\extensions\{4be68a18-deba-49e0-9e09-ee7796f3b62a}\plugins\npbilleo.dll
    .
    ---- FIREFOX POLICIES ----
    user_pref(extensions.kwiclick.channel.campaign,'AddonFoxInt');
    user_pref(extensions.kwiclick.channel.content,'AddonFoxInt');
    user_pref(extensions.kwiclick.channel.id,'AddonFoxInt');
    user_pref(extensions.kwiclick.channel.cse,'009607407620987551725:3hfwsbgoj80');
    user_pref(extensions.kwiclick.channel.medium,'cpa');
    user_pref(extensions.kwiclick.channel.source,'AddonFoxInt');
    user_pref(extensions.kwiclick.channel.set,true);
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2010-12-26 386840]
    R1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\drivers\mfenlfk.sys [2010-12-26 64304]
    R1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2010-12-26 164840]
    R1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\drivers\SABI.sys [2010-6-14 10752]
    R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
    R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2010-6-14 203280]
    R2 McMPFSvc;Service McAfee Personal Firewall;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-12-26 271480]
    R2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-12-26 271480]
    R2 McProxy;McAfee Proxy Service;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-12-26 271480]
    R2 McShield;McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2010-12-26 171168]
    R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2010-12-26 188136]
    R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2010-12-26 141792]
    R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-12-26 55840]
    R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2010-6-13 122880]
    R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2010-12-26 152960]
    R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2010-12-26 52104]
    R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-12-26 313288]
    R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-9-28 315392]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
    S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-2-28 183560]
    S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2010-12-27 39264]
    S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
    S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-12-26 84264]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-6-10 139776]
    S3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\wat\WatAdminSvc.exe [2010-12-26 1343400]
    S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
    .
    =============== Created Last 30 ================
    .
    2011-05-15 13:08:32 89048 ----a-w- c:\program files\mozilla firefox\libEGL.dll
    2011-05-15 13:08:32 781272 ----a-w- c:\program files\mozilla firefox\mozsqlite3.dll
    2011-05-15 13:08:32 465880 ----a-w- c:\program files\mozilla firefox\libGLESv2.dll
    2011-05-15 13:08:32 1874904 ----a-w- c:\program files\mozilla firefox\mozjs.dll
    2011-05-15 13:08:32 15832 ----a-w- c:\program files\mozilla firefox\mozalloc.dll
    2011-05-15 13:08:31 1892184 ----a-w- c:\program files\mozilla firefox\d3dx9_42.dll
    2011-05-15 13:08:31 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
    2011-05-15 13:08:30 1974616 ----a-w- c:\program files\mozilla firefox\D3DCompiler_42.dll
    2011-05-15 09:32:22 -------- d-----w- c:\users\propri~1\appdata\local\{58E8F29E-A4A6-4C27-AFC7-E2CD25BE7715}
    2011-05-14 10:08:43 -------- d-----w- c:\users\propri~1\appdata\local\{B8432E18-6ACC-45CA-B9C1-6FBA9E6F99EB}
    2011-05-12 15:41:53 -------- d-----w- c:\users\propri~1\appdata\local\{D2A8EF55-8D08-4C27-B396-5A1F097379FA}
    2011-05-11 13:26:41 3957632 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2011-05-11 13:26:40 3901824 ----a-w- c:\windows\system32\ntoskrnl.exe
    2011-05-11 10:54:41 -------- d-----w- c:\users\propri~1\appdata\local\{77F821FA-4861-4473-A19E-9DEA2BE4E23C}
    2011-05-10 15:50:11 -------- d-----w- c:\users\propri~1\appdata\local\{4A9CCD76-B6BA-4AA1-BA2F-1887960E483A}
    2011-05-09 14:15:00 -------- d-----w- c:\users\propri~1\appdata\local\{5A16B6F5-24F9-4A7E-986E-01DF8A6A78D6}
    2011-05-08 20:02:37 -------- d-----w- c:\users\propri~1\appdata\local\{20A10AEC-167D-43AD-94AA-125461E25D42}
    2011-05-08 08:16:36 639296 ----a-w- c:\progra~2\microsoft\ehome\packages\mcespotlight\mcespotlight-2\SpotlightResources.dll
    2011-05-08 08:02:09 -------- d-----w- c:\users\propri~1\appdata\local\{273C8A35-E60A-4F67-8731-4928AE0E943A}
    2011-05-07 19:08:31 -------- d-----w- c:\users\propri~1\appdata\local\{F4D12C1B-2091-437E-8A84-EA62D4045722}
    2011-05-07 17:01:49 -------- d-----w- c:\users\propri~1\appdata\local\{EFD83424-D1A9-44F9-9EAA-0C988115D0A6}
    2011-05-06 17:21:22 -------- d-----w- c:\users\propri~1\appdata\local\{00D1D917-107E-4927-BF13-54767CAE02FD}
    2011-05-06 12:04:02 -------- d-----w- c:\users\propri~1\appdata\local\{92164246-CAE7-4E63-B8DA-5A116E5E9B87}
    2011-05-06 08:46:18 -------- d-----w- c:\users\propri~1\appdata\local\{6B7E3170-631A-484E-BE99-273B1CB9A0D2}
    2011-05-05 18:34:02 -------- d-----w- c:\users\propri~1\appdata\local\{58A2B04B-47C4-4FCD-9A1A-43B1BCE9C2E7}
    2011-05-05 12:49:50 -------- d-----w- c:\users\propri~1\appdata\local\{9B89DCDC-3638-4650-B96F-BA7F01B327E3}
    2011-05-05 08:45:53 -------- d-----w- c:\users\propri~1\appdata\local\{D114D3B7-F15A-42D4-8CDD-74AAD6763838}
    2011-05-04 20:33:26 -------- d-----w- c:\users\propri~1\appdata\local\{65C9B370-D52E-4BD5-8F00-E328A452815C}
    2011-05-04 11:13:00 -------- d-----w- c:\users\propri~1\appdata\local\{27213A27-D431-4852-A04A-446A3C30CF60}
    2011-05-03 10:56:20 -------- d-----w- c:\users\propri~1\appdata\local\{0FF38AA4-6190-4FE1-AC06-3EC0142DBEB3}
    2011-05-02 09:45:57 -------- d-----w- c:\users\propri~1\appdata\local\{C343BDC2-3B0E-463B-9950-5CF9DF9C2287}
    2011-05-01 07:58:40 -------- d-----w- c:\users\propri~1\appdata\local\{C6DA6E26-8B9A-480D-930C-469D69DC652E}
    2011-04-30 05:48:05 -------- d-----w- c:\users\propri~1\appdata\local\{E0F0964E-7FBD-4D47-9919-1AEE79EC7E5A}
    2011-04-28 10:15:19 -------- d-----w- c:\users\propri~1\appdata\local\{29A86DF1-EAC5-4B7F-86DB-437F3571ACC9}
    2011-04-27 19:59:30 -------- d-----w- c:\users\propri~1\appdata\local\{A5252DC0-181F-4120-9EBB-67BAABCDCDE3}
    2011-04-27 13:52:41 -------- d-----w- c:\program files\Mirror of Beauty
    2011-04-27 07:58:44 -------- d-----w- c:\users\propri~1\appdata\local\{76CB7870-2947-4712-8878-5C731420C5FA}
    2011-04-25 08:45:40 -------- d-----w- c:\users\propri~1\appdata\local\{FA221AD4-343B-4473-B99C-487667B33CD6}
    2011-04-24 11:20:15 -------- d-----w- c:\users\propri~1\appdata\local\{6700CEDF-6813-432A-8E69-32CB1127D5CA}
    2011-04-23 21:57:54 -------- d-----w- c:\users\propri~1\appdata\local\{25804C97-7FDE-40E7-BFBE-2E3D18A596AE}
    2011-04-23 06:56:10 -------- d-----w- c:\users\propri~1\appdata\local\{7CF7C8A2-3D9F-48F5-BC89-2D153B0EDE8D}
    2011-04-22 16:39:07 -------- d-----w- c:\users\propri~1\appdata\local\{0C1F024C-0B2D-4AF2-A58D-73B2576EE798}
    2011-04-21 16:59:00 -------- d-----w- c:\users\propri~1\appdata\local\{2E60B3A0-52F5-4C8F-B1AF-844097BBFF4E}
    2011-04-21 04:58:18 -------- d-----w- c:\users\propri~1\appdata\local\{E699CC0D-4B1E-464C-8809-F6E8BFBF72CA}
    2011-04-20 18:25:56 2306328 ----a-w- c:\progra~2\microsoft\ehome\packages\mceclientux\updateablemarkup-2\markup.dll
    2011-04-20 18:25:27 42776 ----a-w- c:\progra~2\microsoft\ehome\packages\mceclientux\dsm-2\StartResources.dll
    2011-04-20 11:46:54 -------- d-----w- c:\users\propri~1\appdata\local\{0E8D1EED-04D0-4D16-B6BE-6D92DD362613}
    2011-04-19 20:06:01 -------- d-----w- c:\users\propri~1\appdata\local\{775139E5-30DE-4A51-9DA7-91AA8B15DC0C}
    2011-04-19 04:52:52 -------- d-----w- c:\users\propri~1\appdata\local\{D322D19C-52F9-4AA5-B71E-9A3AB6F8BE6D}
    2011-04-18 16:50:01 -------- d-----w- c:\users\propri~1\appdata\local\{863D7D54-C868-45CF-A42E-3E28C7BFD168}
    2011-04-17 09:37:01 -------- d-----w- c:\users\propri~1\appdata\local\{6056C8F0-81C1-46C8-96BD-9A4B91B0895A}
    2011-04-16 21:36:18 -------- d-----w- c:\users\propri~1\appdata\local\{1408F579-2EFE-4013-AD66-A65C1DA96539}
    2011-04-16 07:01:10 -------- d-----w- c:\users\propri~1\appdata\local\{0AABA165-C36D-48E8-BEF3-D971D48AAC0C}
    .
    ==================== Find3M ====================
    .
    2011-03-12 11:31:58 442880 ----a-w- c:\windows\system32\XpsPrint.dll
    2011-03-11 05:40:24 1164288 ----a-w- c:\windows\system32\mfc42u.dll
    2011-03-11 05:40:24 1137664 ----a-w- c:\windows\system32\mfc42.dll
    2011-03-11 05:39:35 1686016 ----a-w- c:\windows\system32\esent.dll
    2011-03-11 05:37:34 74240 ----a-w- c:\windows\system32\fsutil.exe
    2011-03-08 05:38:13 740864 ----a-w- c:\windows\system32\inetcomm.dll
    2011-03-03 05:29:23 132608 ----a-w- c:\windows\system32\dnsrslvr.dll
    2011-03-03 05:27:30 28672 ----a-w- c:\windows\system32\dnscacheugc.exe
    2011-03-03 03:31:32 2331136 ----a-w- c:\windows\system32\win32k.sys
    2011-02-26 05:33:07 2614784 ----a-w- c:\windows\explorer.exe
    2011-02-24 05:32:52 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll
    2011-02-24 05:32:44 981504 ----a-w- c:\windows\system32\wininet.dll
    2011-02-24 05:30:16 44544 ----a-w- c:\windows\system32\licmgr10.dll
    2011-02-24 04:23:48 386048 ----a-w- c:\windows\system32\html.iec
    2011-02-24 03:50:26 1638912 ----a-w- c:\windows\system32\mshtml.tlb
    2011-02-19 05:33:11 802304 ----a-w- c:\windows\system32\FntCache.dll
    2011-02-19 05:32:48 1074176 ----a-w- c:\windows\system32\DWrite.dll
    2011-02-19 05:32:35 739840 ----a-w- c:\windows\system32\d2d1.dll
    2011-02-19 05:32:08 34304 ----a-w- c:\windows\system32\atmlib.dll
    2011-02-19 03:37:02 294912 ----a-w- c:\windows\system32\atmfd.dll
    2011-02-18 05:36:26 428032 ----a-w- c:\windows\system32\vbscript.dll
    2011-02-18 05:33:29 31232 ----a-w- c:\windows\system32\prevhost.exe
    .
    ============= FINISH: 17:21:39,21 ===============
    .




    DDS (Ver_11-03-05.01) - NTFSx86
    Run by Propri‚taire at 17:20:14,90 on 15/05/2011
    Internet Explorer: 8.0.7600.16385
    Microsoft Windows 7 Édition Familiale Premium 6.1.7600.0.1252.33.1036.18.3005.1826 [GMT 2:00]
    .
    AV: McAfee AntiVirus et AntiSpyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: McAfee AntiVirus et AntiSpyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
    FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
    .
    ============== Running Processes ===============
    .
    C:\windows\system32\wininit.exe
    C:\windows\system32\lsm.exe
    C:\windows\system32\svchost.exe -k DcomLaunch
    C:\windows\system32\svchost.exe -k RPCSS
    C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\windows\system32\svchost.exe -k netsvcs
    C:\windows\system32\svchost.exe -k LocalService
    C:\windows\system32\svchost.exe -k NetworkService
    C:\windows\System32\spoolsv.exe
    C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
    C:\windows\system32\Dwm.exe
    C:\windows\Explorer.EXE
    C:\windows\system32\mfevtps.exe
    C:\windows\system32\rundll32.exe
    C:\windows\system32\taskhost.exe
    C:\Program Files\CyberLink\Shared files\RichVideo.exe
    C:\Program Files\Microsoft\BingBar\SeaPort.EXE
    C:\windows\system32\svchost.exe -k imgsvc
    C:\windows\system32\taskeng.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
    C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
    C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
    C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
    C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
    C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
    C:\windows\system32\igfxext.exe
    C:\windows\system32\igfxsrvc.exe
    C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
    C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\McAfee.com\Agent\mcagent.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\windows\system32\SearchIndexer.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\windows\System32\svchost.exe -k LocalServicePeerNet
    C:\windows\system32\DllHost.exe
    C:\windows\system32\svchost.exe -k SDRSVC
    C:\windows\system32\wuauclt.exe
    C:\PROGRA~1\McAfee\MSM\McSmtFwk.exe
    C:\PROGRA~1\COMMON~1\McAfee\MSC\McUICnt.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Users\Propriétaire\Desktop\dds.scr
    C:\windows\system32\conhost.exe
    C:\windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://google.com/
    uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
    mSearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=3ed7899b000000000000e839dfbc3ff4&tlver=1.4.19.19&ss=1&affID=18026
    BHO: ShopperReports: {100eb1fd-d03e-47fd-81f3-ee91287f9465} - c:\program files\shopperreports3\bin\3.0.517.0\ShopperReports.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
    BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20101226133217.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
    BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
    BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll"
    TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
    TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll"
    EB: ShopperReports – Price Comparison: {a7cddcdc-beeb-4685-a062-978f5e07ceee} - c:\program files\shopperreports3\bin\3.0.517.0\ShopperReports.dll
    uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
    mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
    mRun: [UpdateLBPShortCut] "c:\program files\cyberlink\labelprint\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\labelprint" updatewithcreateonce "software\cyberlink\labelprint\2.5"
    mRun: [CLMLServer] "c:\program files\cyberlink\power2go\CLMLSvc.exe"
    mRun: [UpdateP2GoShortCut] "c:\program files\cyberlink\power2go\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\power2go" updatewithcreateonce "software\cyberlink\power2go\6.0"
    mRun: [UpdatePDRShortCut] "c:\program files\cyberlink\powerdirector\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\powerdirector" updatewithcreateonce "software\cyberlink\powerdirector\7.0"
    mRun: [RemoteControl8] "c:\program files\cyberlink\powerdvd8\PDVD8Serv.exe"
    mRun: [PDVD8LanguageShortcut] "c:\program files\cyberlink\powerdvd8\language\Language.exe"
    mRun: [UpdatePPShortCut] "c:\program files\cyberlink\powerproducer\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\powerproducer" updatewithcreateonce "software\cyberlink\powerproducer\5.0"
    mRun: [UpdatePSTShortCut] "c:\program files\cyberlink\dvd suite\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\dvd suite" updatewithcreateonce "software\cyberlink\PowerStarter"
    mRun: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
    mRun: [UCam_Menu] "c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\youcam" updatewithcreateonce "software\cyberlink\youcam\2.0"
    mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableLUA = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
    IE: E&xporter vers Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
    IE: {C5428486-50A0-4a02-9D20-520B59A9F9B2} - {C9CCBB35-D123-4a31-AFFC-9B2933132116} - c:\program files\shopperreports3\bin\3.0.517.0\ShopperReports.dll
    IE: {C5428486-50A0-4a02-9D20-520B59A9F9B3} - {A16AD1E9-F69A-45af-9462-B1C286708842} - c:\program files\shopperreports3\bin\3.0.517.0\ShopperReports.dll
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
    Notify: igfxcui - igfxdev.dll
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\users\propri~1\appdata\roaming\mozilla\firefox\profiles\qc4ayffz.default\
    FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
    FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?babsrc=HP_ss&mntrId=3ed7899b000000000000e839dfbc3ff4&tlver=1.4.19.19&ss=1&affID=18026
    FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=3ed7899b000000000000e839dfbc3ff4&tlver=1.4.19.19&instlRef=sst&ss=1&affID=18026&q=
    FF - prefs.js: network.proxy.type - 0
    FF - component: c:\program files\mcafee\siteadvisor\components\McFFPlg.dll
    FF - component: c:\program files\shopperreports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.dll
    FF - component: c:\users\propriétaire\appdata\roaming\mozilla\firefox\profiles\qc4ayffz.default\extensions\{4be68a18-deba-49e0-9e09-ee7796f3b62a}\components\billeotoolbar.dll
    FF - component: c:\users\propriétaire\appdata\roaming\mozilla\firefox\profiles\qc4ayffz.default\extensions\{8a9386b4-e958-4c4c-adf4-8f26db3e4829}\components\PriceGongFF.dll
    FF - component: c:\users\propriétaire\appdata\roaming\mozilla\firefox\profiles\qc4ayffz.default\extensions\ffxtlbr@babylon.com\components\FFHst.dll
    FF - plugin: c:\program files\microsoft silverlight\4.0.60310.0\npctrlui.dll
    FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
    FF - plugin: c:\users\propriã©taire\appdata\roaming\mozilla\firefox\profiles\qc4ayffz.default\extensions\{4be68a18-deba-49e0-9e09-ee7796f3b62a}\plugins\npbilleo.dll
    .
    ---- FIREFOX POLICIES ----
    user_pref(extensions.kwiclick.channel.campaign,'AddonFoxInt');
    user_pref(extensions.kwiclick.channel.content,'AddonFoxInt');
    user_pref(extensions.kwiclick.channel.id,'AddonFoxInt');
    user_pref(extensions.kwiclick.channel.cse,'009607407620987551725:3hfwsbgoj80');
    user_pref(extensions.kwiclick.channel.medium,'cpa');
    user_pref(extensions.kwiclick.channel.source,'AddonFoxInt');
    user_pref(extensions.kwiclick.channel.set,true);
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2010-12-26 386840]
    R1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\drivers\mfenlfk.sys [2010-12-26 64304]
    R1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2010-12-26 164840]
    R1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\drivers\SABI.sys [2010-6-14 10752]
    R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
    R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2010-6-14 203280]
    R2 McMPFSvc;Service McAfee Personal Firewall;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-12-26 271480]
    R2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-12-26 271480]
    R2 McProxy;McAfee Proxy Service;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-12-26 271480]
    R2 McShield;McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2010-12-26 171168]
    R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2010-12-26 188136]
    R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2010-12-26 141792]
    R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-12-26 55840]
    R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2010-6-13 122880]
    R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2010-12-26 152960]
    R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2010-12-26 52104]
    R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-12-26 313288]
    R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-9-28 315392]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
    S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-2-28 183560]
    S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2010-12-27 39264]
    S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
    S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-12-26 84264]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-6-10 139776]
    S3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\wat\WatAdminSvc.exe [2010-12-26 1343400]
    S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
    .
    =============== Created Last 30 ================
    .
    2011-05-15 13:08:32 89048 ----a-w- c:\program files\mozilla firefox\libEGL.dll
    2011-05-15 13:08:32 781272 ----a-w- c:\program files\mozilla firefox\mozsqlite3.dll
    2011-05-15 13:08:32 465880 ----a-w- c:\program files\mozilla firefox\libGLESv2.dll
    2011-05-15 13:08:32 1874904 ----a-w- c:\program files\mozilla firefox\mozjs.dll
    2011-05-15 13:08:32 15832 ----a-w- c:\program files\mozilla firefox\mozalloc.dll
    2011-05-15 13:08:31 1892184 ----a-w- c:\program files\mozilla firefox\d3dx9_42.dll
    2011-05-15 13:08:31 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
    2011-05-15 13:08:30 1974616 ----a-w- c:\program files\mozilla firefox\D3DCompiler_42.dll
    2011-05-15 09:32:22 -------- d-----w- c:\users\propri~1\appdata\local\{58E8F29E-A4A6-4C27-AFC7-E2CD25BE7715}
    2011-05-14 10:08:43 -------- d-----w- c:\users\propri~1\appdata\local\{B8432E18-6ACC-45CA-B9C1-6FBA9E6F99EB}
    2011-05-12 15:41:53 -------- d-----w- c:\users\propri~1\appdata\local\{D2A8EF55-8D08-4C27-B396-5A1F097379FA}
    2011-05-11 13:26:41 3957632 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2011-05-11 13:26:40 3901824 ----a-w- c:\windows\system32\ntoskrnl.exe
    2011-05-11 10:54:41 -------- d-----w- c:\users\propri~1\appdata\local\{77F821FA-4861-4473-A19E-9DEA2BE4E23C}
    2011-05-10 15:50:11 -------- d-----w- c:\users\propri~1\appdata\local\{4A9CCD76-B6BA-4AA1-BA2F-1887960E483A}
    2011-05-09 14:15:00 -------- d-----w- c:\users\propri~1\appdata\local\{5A16B6F5-24F9-4A7E-986E-01DF8A6A78D6}
    2011-05-08 20:02:37 -------- d-----w- c:\users\propri~1\appdata\local\{20A10AEC-167D-43AD-94AA-125461E25D42}
    2011-05-08 08:16:36 639296 ----a-w- c:\progra~2\microsoft\ehome\packages\mcespotlight\mcespotlight-2\SpotlightResources.dll
    2011-05-08 08:02:09 -------- d-----w- c:\users\propri~1\appdata\local\{273C8A35-E60A-4F67-8731-4928AE0E943A}
    2011-05-07 19:08:31 -------- d-----w- c:\users\propri~1\appdata\local\{F4D12C1B-2091-437E-8A84-EA62D4045722}
    2011-05-07 17:01:49 -------- d-----w- c:\users\propri~1\appdata\local\{EFD83424-D1A9-44F9-9EAA-0C988115D0A6}
    2011-05-06 17:21:22 -------- d-----w- c:\users\propri~1\appdata\local\{00D1D917-107E-4927-BF13-54767CAE02FD}
    2011-05-06 12:04:02 -------- d-----w- c:\users\propri~1\appdata\local\{92164246-CAE7-4E63-B8DA-5A116E5E9B87}
    2011-05-06 08:46:18 -------- d-----w- c:\users\propri~1\appdata\local\{6B7E3170-631A-484E-BE99-273B1CB9A0D2}
    2011-05-05 18:34:02 -------- d-----w- c:\users\propri~1\appdata\local\{58A2B04B-47C4-4FCD-9A1A-43B1BCE9C2E7}
    2011-05-05 12:49:50 -------- d-----w- c:\users\propri~1\appdata\local\{9B89DCDC-3638-4650-B96F-BA7F01B327E3}
    2011-05-05 08:45:53 -------- d-----w- c:\users\propri~1\appdata\local\{D114D3B7-F15A-42D4-8CDD-74AAD6763838}
    2011-05-04 20:33:26 -------- d-----w- c:\users\propri~1\appdata\local\{65C9B370-D52E-4BD5-8F00-E328A452815C}
    2011-05-04 11:13:00 -------- d-----w- c:\users\propri~1\appdata\local\{27213A27-D431-4852-A04A-446A3C30CF60}
    2011-05-03 10:56:20 -------- d-----w- c:\users\propri~1\appdata\local\{0FF38AA4-6190-4FE1-AC06-3EC0142DBEB3}
    2011-05-02 09:45:57 -------- d-----w- c:\users\propri~1\appdata\local\{C343BDC2-3B0E-463B-9950-5CF9DF9C2287}
    2011-05-01 07:58:40 -------- d-----w- c:\users\propri~1\appdata\local\{C6DA6E26-8B9A-480D-930C-469D69DC652E}
    2011-04-30 05:48:05 -------- d-----w- c:\users\propri~1\appdata\local\{E0F0964E-7FBD-4D47-9919-1AEE79EC7E5A}
    2011-04-28 10:15:19 -------- d-----w- c:\users\propri~1\appdata\local\{29A86DF1-EAC5-4B7F-86DB-437F3571ACC9}
    2011-04-27 19:59:30 -------- d-----w- c:\users\propri~1\appdata\local\{A5252DC0-181F-4120-9EBB-67BAABCDCDE3}
    2011-04-27 13:52:41 -------- d-----w- c:\program files\Mirror of Beauty
    2011-04-27 07:58:44 -------- d-----w- c:\users\propri~1\appdata\local\{76CB7870-2947-4712-8878-5C731420C5FA}
    2011-04-25 08:45:40 -------- d-----w- c:\users\propri~1\appdata\local\{FA221AD4-343B-4473-B99C-487667B33CD6}
    2011-04-24 11:20:15 -------- d-----w- c:\users\propri~1\appdata\local\{6700CEDF-6813-432A-8E69-32CB1127D5CA}
    2011-04-23 21:57:54 -------- d-----w- c:\users\propri~1\appdata\local\{25804C97-7FDE-40E7-BFBE-2E3D18A596AE}
    2011-04-23 06:56:10 -------- d-----w- c:\users\propri~1\appdata\local\{7CF7C8A2-3D9F-48F5-BC89-2D153B0EDE8D}
    2011-04-22 16:39:07 -------- d-----w- c:\users\propri~1\appdata\local\{0C1F024C-0B2D-4AF2-A58D-73B2576EE798}
    2011-04-21 16:59:00 -------- d-----w- c:\users\propri~1\appdata\local\{2E60B3A0-52F5-4C8F-B1AF-844097BBFF4E}
    2011-04-21 04:58:18 -------- d-----w- c:\users\propri~1\appdata\local\{E699CC0D-4B1E-464C-8809-F6E8BFBF72CA}
    2011-04-20 18:25:56 2306328 ----a-w- c:\progra~2\microsoft\ehome\packages\mceclientux\updateablemarkup-2\markup.dll
    2011-04-20 18:25:27 42776 ----a-w- c:\progra~2\microsoft\ehome\packages\mceclientux\dsm-2\StartResources.dll
    2011-04-20 11:46:54 -------- d-----w- c:\users\propri~1\appdata\local\{0E8D1EED-04D0-4D16-B6BE-6D92DD362613}
    2011-04-19 20:06:01 -------- d-----w- c:\users\propri~1\appdata\local\{775139E5-30DE-4A51-9DA7-91AA8B15DC0C}
    2011-04-19 04:52:52 -------- d-----w- c:\users\propri~1\appdata\local\{D322D19C-52F9-4AA5-B71E-9A3AB6F8BE6D}
    2011-04-18 16:50:01 -------- d-----w- c:\users\propri~1\appdata\local\{863D7D54-C868-45CF-A42E-3E28C7BFD168}
    2011-04-17 09:37:01 -------- d-----w- c:\users\propri~1\appdata\local\{6056C8F0-81C1-46C8-96BD-9A4B91B0895A}
    2011-04-16 21:36:18 -------- d-----w- c:\users\propri~1\appdata\local\{1408F579-2EFE-4013-AD66-A65C1DA96539}
    2011-04-16 07:01:10 -------- d-----w- c:\users\propri~1\appdata\local\{0AABA165-C36D-48E8-BEF3-D971D48AAC0C}
    .
    ==================== Find3M ====================
    .
    2011-03-12 11:31:58 442880 ----a-w- c:\windows\system32\XpsPrint.dll
    2011-03-11 05:40:24 1164288 ----a-w- c:\windows\system32\mfc42u.dll
    2011-03-11 05:40:24 1137664 ----a-w- c:\windows\system32\mfc42.dll
    2011-03-11 05:39:35 1686016 ----a-w- c:\windows\system32\esent.dll
    2011-03-11 05:37:34 74240 ----a-w- c:\windows\system32\fsutil.exe
    2011-03-08 05:38:13 740864 ----a-w- c:\windows\system32\inetcomm.dll
    2011-03-03 05:29:23 132608 ----a-w- c:\windows\system32\dnsrslvr.dll
    2011-03-03 05:27:30 28672 ----a-w- c:\windows\system32\dnscacheugc.exe
    2011-03-03 03:31:32 2331136 ----a-w- c:\windows\system32\win32k.sys
    2011-02-26 05:33:07 2614784 ----a-w- c:\windows\explorer.exe
    2011-02-24 05:32:52 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll
    2011-02-24 05:32:44 981504 ----a-w- c:\windows\system32\wininet.dll
    2011-02-24 05:30:16 44544 ----a-w- c:\windows\system32\licmgr10.dll
    2011-02-24 04:23:48 386048 ----a-w- c:\windows\system32\html.iec
    2011-02-24 03:50:26 1638912 ----a-w- c:\windows\system32\mshtml.tlb
    2011-02-19 05:33:11 802304 ----a-w- c:\windows\system32\FntCache.dll
    2011-02-19 05:32:48 1074176 ----a-w- c:\windows\system32\DWrite.dll
    2011-02-19 05:32:35 739840 ----a-w- c:\windows\system32\d2d1.dll
    2011-02-19 05:32:08 34304 ----a-w- c:\windows\system32\atmlib.dll
    2011-02-19 03:37:02 294912 ----a-w- c:\windows\system32\atmfd.dll
    2011-02-18 05:36:26 428032 ----a-w- c:\windows\system32\vbscript.dll
    2011-02-18 05:33:29 31232 ----a-w- c:\windows\system32\prevhost.exe
    .
    ============= FINISH: 17:21:39,21 ===============
    15 Mai 2011 17:33:47

    et le rapport ad-remover :


    ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

    Mis à jour par TeamXscript le 12/04/11
    Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
    Site web: http://www.teamxscript.org

    C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 17:29:11 le 15/05/2011, Mode normal

    Microsoft Windows 7 Édition Familiale Premium (X86)
    Propriétaire@PROPRIÉTAIRE-PC (SAMSUNG ELECTRONICS CO., LTD. R530/R730)

    ============== RECHERCHE ==============


    Dossier trouvé: C:\Users\Propriétaire\AppData\LocalLow\PriceGong
    Dossier trouvé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports
    Dossier trouvé: C:\Users\Propriétaire\AppData\Roaming\ShopperReports3
    Dossier trouvé: C:\Users\Propriétaire\AppData\LocalLow\ShopperReports3
    Dossier trouvé: C:\Program Files\ShopperReports3

    Clé trouvée: HKLM\Software\Classes\CLSID\{09325003-167C-483d-A4BA-8B3122ABB432}
    Clé trouvée: HKLM\Software\Classes\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227}
    Clé trouvée: HKLM\Software\Classes\CLSID\{100EB1FD-D03E-47fd-81F3-EE91287F9465}
    Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100EB1FD-D03E-47fd-81F3-EE91287F9465}
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{100EB1FD-D03E-47fd-81F3-EE91287F9465}
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{100EB1FD-D03E-47fd-81F3-EE91287F9465}
    Clé trouvée: HKLM\Software\Classes\CLSID\{20EA9658-6BC3-4599-A87D-6371FE9295FC}
    Clé trouvée: HKLM\Software\Classes\CLSID\{2721A8E5-BFDB-4562-9912-9E0531CA616C}
    Clé trouvée: HKLM\Software\Classes\AppID\{7025E484-D4B0-441a-9F0B-69063BD679CE}
    Clé trouvée: HKLM\Software\Classes\CLSID\{396CFC12-932D-496b-A0A8-5D7201E105E1}
    Clé trouvée: HKLM\Software\Classes\AppID\{A89256AD-EC17-4a83-BEF5-4B8BC4F39306}
    Clé trouvée: HKLM\Software\Classes\CLSID\{60DA826C-B1C6-4358-BDEC-4837CED45470}
    Clé trouvée: HKLM\Software\Classes\CLSID\{6DD76B7B-6423-4df0-9A07-84A6CAD973A0}
    Clé trouvée: HKLM\Software\Classes\CLSID\{74C22317-5B90-471f-9AD2-FEC049870A16}
    Clé trouvée: HKLM\Software\Classes\CLSID\{7F6CFB6A-9227-4bb8-B941-F2B067E76F51}
    Clé trouvée: HKLM\Software\Classes\CLSID\{A16AD1E9-F69A-45af-9462-B1C286708842}
    Clé trouvée: HKLM\Software\Classes\CLSID\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE}
    Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE}
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE}
    Clé trouvée: HKLM\Software\Classes\CLSID\{AB0EE208-DF60-4fa7-A617-C4269760033E}
    Clé trouvée: HKLM\Software\Classes\CLSID\{C1089F63-7AFC-4538-B0EB-BEA0F4225A57}
    Clé trouvée: HKLM\Software\Classes\CLSID\{C9CCBB35-D123-4a31-AFFC-9B2933132116}
    Clé trouvée: HKLM\Software\Classes\CLSID\{CC7BD6F1-565C-47ce-A5BB-9C935E77B59D}
    Clé trouvée: HKLM\Software\Classes\CLSID\{CFC16189-8A92-4a29-A940-60248385F426}
    Clé trouvée: HKLM\Software\Classes\CLSID\{DEE758B4-C3FB-4a5b-9939-848B9C77A2FB}
    Clé trouvée: HKLM\Software\Classes\AppID\{8258B35C-05B8-4c0e-9525-9BCCC70F8F2D}
    Clé trouvée: HKLM\Software\Classes\CLSID\{E12AEAB6-7D12-4c07-8E36-5892EFB4DAFB}
    Clé trouvée: HKLM\Software\Classes\CLSID\{E2F2C137-A782-4fb5-81AF-086156F5EB0A}
    Clé trouvée: HKLM\Software\Classes\CLSID\{F1D06C9F-51F0-4476-BEDE-5DDF91BE304E}
    Clé trouvée: HKLM\Software\Classes\CLSID\{F3A32DF2-7413-4fb1-B575-1AC920A17B76}
    Clé trouvée: HKLM\Software\Classes\Interface\{17BF1E05-C0E8-413C-BD1F-A481EEA3B8E9}
    Clé trouvée: HKLM\Software\Classes\Interface\{21BA420E-161C-413A-B21E-4E42AE1F4226}
    Clé trouvée: HKLM\Software\Classes\Interface\{453DB0C5-F41C-4D97-8DD6-CC72ECD5F699}
    Clé trouvée: HKLM\Software\Classes\Interface\{4AFC07D0-59BB-46B8-B097-1A46E88EEF71}
    Clé trouvée: HKLM\Software\Classes\Interface\{6511CE4C-4722-40D0-AD3D-4AFA2F50978A}
    Clé trouvée: HKLM\Software\Classes\Interface\{83B2FE06-BA20-4F7D-96C6-6FC3A4E877D3}
    Clé trouvée: HKLM\Software\Classes\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB}
    Clé trouvée: HKLM\Software\Classes\Interface\{9BEC9B38-BF39-4899-806E-A1C5DFEB60A2}
    Clé trouvée: HKLM\Software\Classes\Interface\{AEBF09E2-0C15-43C8-99BF-928C645D98A0}
    Clé trouvée: HKLM\Software\Classes\Interface\{B32966A2-F7C2-4362-A6CF-399EC8B44110}
    Clé trouvée: HKLM\Software\Classes\Interface\{B86D82BF-D39F-439A-A07C-43EDDC6F6EA6}
    Clé trouvée: HKLM\Software\Classes\Interface\{D8560AC2-21B5-4C1A-BDD4-BD12BC83B082}
    Clé trouvée: HKLM\Software\Classes\Interface\{DA6305B9-0869-4235-8C1D-533A65E639E5}
    Clé trouvée: HKLM\Software\Classes\Interface\{E25DA6D6-C365-46CF-ABAF-DC5893135D7A}
    Clé trouvée: HKLM\Software\Classes\Interface\{E6961C59-CFCE-4CCD-B794-BC78DB98413A}
    Clé trouvée: HKLM\Software\Classes\Interface\{F8B4EC8A-2407-4BE0-AEE2-0F430D65A90D}
    Clé trouvée: HKLM\Software\Classes\TypeLib\{02AED140-2B62-4B49-8B3B-179020CC39B9}
    Clé trouvée: HKLM\Software\Classes\TypeLib\{573F4ABB-A1A2-44ED-9BA9-A8DAD40AAC46}
    Clé trouvée: HKLM\Software\Classes\TypeLib\{5FE0CEAE-CB69-40AF-A323-40F94257DACB}
    Clé trouvée: HKLM\Software\Classes\TypeLib\{ACC62306-9A63-4864-BD2F-C8825D2D7EA6}
    Clé trouvée: HKLM\Software\Classes\TypeLib\{CDCA70D8-C6A6-49EE-9BED-7429D6C477A2}
    Clé trouvée: HKLM\Software\Classes\TypeLib\{D136987F-E1C4-4CCC-A220-893DF03EC5DF}
    Clé trouvée: HKLM\Software\Classes\TypeLib\{E343EDFC-1E6C-4CB5-AA29-E9C922641C80}
    Clé trouvée: HKLM\Software\Classes\TypeLib\{F1A1892C-2A6C-4817-98B4-FF81443CBA20}
    Clé trouvée: HKLM\Software\Classes\ShopperReports.AsyncReporter
    Clé trouvée: HKLM\Software\Classes\ShopperReports.AsyncReporter.1
    Clé trouvée: HKLM\Software\Classes\ShopperReports.CntntDic
    Clé trouvée: HKLM\Software\Classes\ShopperReports.CntntDic.1
    Clé trouvée: HKLM\Software\Classes\ShopperReports.CntntDisp
    Clé trouvée: HKLM\Software\Classes\ShopperReports.CntntDisp.1
    Clé trouvée: HKLM\Software\Classes\ShopperReports.Dwnldr
    Clé trouvée: HKLM\Software\Classes\ShopperReports.Dwnldr.1
    Clé trouvée: HKLM\Software\Classes\ShopperReports.HbAx
    Clé trouvée: HKLM\Software\Classes\ShopperReports.HbAx.1
    Clé trouvée: HKLM\Software\Classes\ShopperReports.HbGuru
    Clé trouvée: HKLM\Software\Classes\ShopperReports.HbGuru.1
    Clé trouvée: HKLM\Software\Classes\ShopperReports.HbInfoBand
    Clé trouvée: HKLM\Software\Classes\ShopperReports.HbInfoBand.1
    Clé trouvée: HKLM\Software\Classes\ShopperReports.IEButton
    Clé trouvée: HKLM\Software\Classes\ShopperReports.IEButton.1
    Clé trouvée: HKLM\Software\Classes\ShopperReports.IEButtonA
    Clé trouvée: HKLM\Software\Classes\ShopperReports.IEButtonA.1
    Clé trouvée: HKLM\Software\Classes\ShopperReports.KOPFF
    Clé trouvée: HKLM\Software\Classes\ShopperReports.KOPFF.1
    Clé trouvée: HKLM\Software\Classes\ShopperReports.MozillaNvgtnTrpr
    Clé trouvée: HKLM\Software\Classes\ShopperReports.MozillaNvgtnTrpr.1
    Clé trouvée: HKLM\Software\Classes\ShopperReports.MozillaPSExecuter
    Clé trouvée: HKLM\Software\Classes\ShopperReports.MozillaPSExecuter.1
    Clé trouvée: HKLM\Software\Classes\ShopperReports.ReportData
    Clé trouvée: HKLM\Software\Classes\ShopperReports.ReportData.1
    Clé trouvée: HKLM\Software\Classes\ShopperReports.Reporter
    Clé trouvée: HKLM\Software\Classes\ShopperReports.Reporter.1
    Clé trouvée: HKLM\Software\Classes\ShopperReports.RprtCtrl
    Clé trouvée: HKLM\Software\Classes\ShopperReports.RprtCtrl.1
    Clé trouvée: HKLM\Software\Classes\ShopperReports.Scopes
    Clé trouvée: HKLM\Software\Classes\ShopperReports.Scopes.1
    Clé trouvée: HKLM\Software\Classes\ShopperReports.Stock
    Clé trouvée: HKLM\Software\Classes\ShopperReports.Stock.1
    Clé trouvée: HKLM\Software\Classes\ShopperReports.TriggerImmidiate
    Clé trouvée: HKLM\Software\Classes\ShopperReports.TriggerImmidiate.1
    Clé trouvée: HKLM\Software\Classes\ShopperReports.TriggerImmidiateOrRandomTS
    Clé trouvée: HKLM\Software\Classes\ShopperReports.TriggerImmidiateOrRandomTS.1
    Clé trouvée: HKLM\Software\Classes\ShopperReports.TriggerOnceInDay
    Clé trouvée: HKLM\Software\Classes\ShopperReports.TriggerOnceInDay.1
    Clé trouvée: HKLM\Software\Classes\AppID\BRNstIE.DLL
    Clé trouvée: HKLM\Software\Classes\AppID\CmndFF.DLL
    Clé trouvée: HKLM\Software\Classes\AppID\mozillaps.dll
    Clé trouvée: HKLM\Software\Classes\AppID\Pltfrm.DLL
    Clé trouvée: HKLM\Software\ShopperReports3
    Clé trouvée: HKCU\Software\ShopperReports3
    Clé trouvée: HKCU\Software\AppDataLow\Software\PriceGong
    Clé trouvée: HKCU\Software\AppDataLow\Software\ShopperReports3
    Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
    Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}
    Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ShopperReportsSA
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B2}
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B3}
    Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2}
    Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3}
    Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{89F88394-3828-4D03-A0CF-8203604C3DA6}
    Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4233F04-1789-483C-A137-731E8F113DD5}

    Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|ShopperReports 3.0.517.0
    Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|SRS_IT_E8790472BD765B5634AA98
    Valeur trouvée: HKLM\Software\Mozilla\Firefox\Extensions|ShopperReports@ShopperReports.com


    ============== SCAN ADDITIONNEL ==============

    **** Mozilla Firefox Version [4.0.1 (fr)] ****

    Searchplugins\babylon.xml (hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=3ed7899b000000000000e839dfbc3ff4&tlver=1.4.19.19&ss=1&affID=18026/)
    Searchplugins\bing.xml ( hxxp://www.bing.com/search)
    Components\browsercomps.dll (Mozilla Foundation)
    Components\Scriptff.dll (McAfee, Inc.)
    HKLM_Extensions|{B7082FAA-CB62-4872-9106-E42DD88EDE45} - C:\Program Files\McAfee\SiteAdvisor
    HKLM_Extensions|ShopperReports@ShopperReports.com - C:\Program Files\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions

    -- C:\Users\Propriétaire\AppData\Roaming\Mozilla\FireFox\Profiles\qc4ayffz.default --
    Extensions\ffxtlbr@babylon.com (Babylon)
    Extensions\vinceturk@gmail.com (KwiClick)
    Extensions\{4be68a18-deba-49e0-9e09-ee7796f3b62a} (Billeo)
    Extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829} (PriceGong)
    Prefs.js - browser.download.lastDir, C:\\Users\\Propriétaire\\Pictures
    Prefs.js - browser.search.selectedEngine, Search the web (Babylon)
    Prefs.js - browser.startup.homepage, hxxp://search.babylon.com/?babsrc=HP_ss&mntrId=3ed7899b000000000000e839dfbc3ff4&tlver=1.4.19.1...
    Prefs.js - browser.startup.homepage_override.buildID, 20110413222027
    Prefs.js - browser.startup.homepage_override.mstone, rv:2.0.1
    Prefs.js - keyword.URL, hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=3ed7899b000000000000e839dfbc3ff4&tlver=1.4.19.19&instlRef=ss...

    ========================================

    **** Internet Explorer Version [8.0.7600.16385] ****

    HKCU_Main|Default_Page_URL - hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
    HKCU_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
    HKCU_Main|Start Page - hxxp://google.com/
    HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157
    HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
    HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
    HKLM_Main|Start Page - hxxp://go.microsoft.com/fwlink/?LinkId=69157
    HKCU_SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5} - "Search the web (Babylon)" (hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=3ed7899b000000000...)
    HKCU_SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} - "?" (?)
    HKLM_Toolbar|{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} (c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll)
    HKLM_Toolbar|{8dcb7100-df86-4384-8842-8fa844297b3f} ("C:\Program Files\Microsoft\BingBar\BingExt.dll") (x)
    HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\System32\wpcer.exe (x)
    HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\System32\winfxdocobj.exe (x)
    HKLM_ElevationPolicy\{1FCCD250-A453-4348-86C1-E5EA9B76FADB} - C:\Program Files\McAfee\VirusScan\mcvsmap.exe (McAfee, Inc.)
    HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
    HKLM_ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} - C:\Program Files\ClickPotatoLite\bin\10.0.646.0\Weather.exe (x)
    HKLM_ElevationPolicy\{A6E2003F-95C5-4591-BA9A-0093080FDB5C} - C:\Program Files\Common Files\Oberon Media\OberonBroker\1.0.0.63\OberonBroker.exe (?)
    HKLM_ElevationPolicy\{A8F94DF3-F6C6-422a-8BFC-7EE0F60A8609} - C:\Program Files\McAfee\VirusScan\mcvsshld.exe (McAfee, Inc.)
    HKLM_ElevationPolicy\{aa851425-0109-43f3-9ed2-7b7090125861} - C:\Program Files\Microsoft\BingBar\BingBar.exe (Microsoft Corporation.)
    HKLM_ElevationPolicy\{DAABE21E-DB8C-49b8-9511-9E6547ECBC5F} - c:\Program Files\McAfee\SiteAdvisor\McSACore.exe (?)
    HKCU_Extensions\{97ED3A9F-CD6F-473A-8FE1-7505C1B844C3} - "Billeo" (billeo.dll,219)
    HKLM_Extensions\{C5428486-50A0-4a02-9D20-520B59A9F9B2} - "ShopperReports - Compare product prices" (C:\Program Files\ShopperReports3\bin\3.0.517.0\ShopperReports.dll,203)
    HKLM_Extensions\{C5428486-50A0-4a02-9D20-520B59A9F9B3} - "ShopperReports - Compare travel rates" (C:\Program Files\ShopperReports3\bin\3.0.517.0\ShopperReports.dll,201)
    BHO\{100EB1FD-D03E-47fd-81F3-EE91287F9465} - "ShopperReports" (C:\Program Files\ShopperReports3\bin\3.0.517.0\ShopperReports.dll)
    BHO\{27B4851A-3207-45A2-B947-BE8AFE6163AB} - "McAfee Phishing Filter" (c:\progra~1\mcafee\msk\mskapbho.dll)
    BHO\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} - "scriptproxy" (C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20101226133217.dll)
    BHO\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} - "McAfee SiteAdvisor BHO" (c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll)
    BHO\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "Bing Bar Helper" ("C:\Program Files\Microsoft\BingBar\BingExt.dll") (x)

    ========================================

    C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
    C:\Program Files\Ad-Remover\Backup: 1 Fichier(s)

    C:\Ad-Report-SCAN[1].txt - 15/05/2011 17:29:19 (14570 Octet(s))

    Fin à: 17:30:29, 15/05/2011

    ============== E.O.F ==============
    15 Mai 2011 21:29:16

    re

    Tu ferais bien de lire: Les toolbars c'est pas obligatoire!



    /!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\

  • Double-clique sur AD-R situé sur ton Bureau pour le lancer.
    (Sous Vista/Seven, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
  • Choisis la langue F pour français.
  • Au menu principal, choisis l'option Nettoyer.

    /!\ Laisse travailler l'outil /!\

  • Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).
    /!\ Pense à réactiver ton antivirus /!\

    +++++++++++++++++++



    15 Mai 2011 21:40:09

    Merci du conseil !

    Voilà le rapport :


    ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

    Mis à jour par TeamXscript le 12/04/11
    Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
    Site web: http://www.teamxscript.org

    C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 21:35:10 le 15/05/2011, Mode normal

    Microsoft Windows 7 Édition Familiale Premium (X86)
    Propriétaire@PROPRIÉTAIRE-PC (SAMSUNG ELECTRONICS CO., LTD. R530/R730)

    ============== ACTION(S) ==============


    Dossier supprimé: C:\Users\Propriétaire\AppData\LocalLow\PriceGong
    Dossier supprimé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports
    Dossier supprimé: C:\Users\Propriétaire\AppData\Roaming\ShopperReports3
    Dossier supprimé: C:\Users\Propriétaire\AppData\LocalLow\ShopperReports3
    Dossier supprimé: C:\Program Files\ShopperReports3

    (!) -- Fichiers temporaires supprimés.


    Clé supprimée: HKLM\Software\Classes\CLSID\{09325003-167C-483d-A4BA-8B3122ABB432}
    Clé supprimée: HKLM\Software\Classes\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227}
    Clé supprimée: HKLM\Software\Classes\CLSID\{100EB1FD-D03E-47fd-81F3-EE91287F9465}
    Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100EB1FD-D03E-47fd-81F3-EE91287F9465}
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{100EB1FD-D03E-47fd-81F3-EE91287F9465}
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{100EB1FD-D03E-47fd-81F3-EE91287F9465}
    Clé supprimée: HKLM\Software\Classes\CLSID\{20EA9658-6BC3-4599-A87D-6371FE9295FC}
    Clé supprimée: HKLM\Software\Classes\CLSID\{2721A8E5-BFDB-4562-9912-9E0531CA616C}
    Clé supprimée: HKLM\Software\Classes\AppID\{7025E484-D4B0-441a-9F0B-69063BD679CE}
    Clé supprimée: HKLM\Software\Classes\CLSID\{396CFC12-932D-496b-A0A8-5D7201E105E1}
    Clé supprimée: HKLM\Software\Classes\AppID\{A89256AD-EC17-4a83-BEF5-4B8BC4F39306}
    Clé supprimée: HKLM\Software\Classes\CLSID\{60DA826C-B1C6-4358-BDEC-4837CED45470}
    Clé supprimée: HKLM\Software\Classes\CLSID\{6DD76B7B-6423-4df0-9A07-84A6CAD973A0}
    Clé supprimée: HKLM\Software\Classes\CLSID\{74C22317-5B90-471f-9AD2-FEC049870A16}
    Clé supprimée: HKLM\Software\Classes\CLSID\{7F6CFB6A-9227-4bb8-B941-F2B067E76F51}
    Clé supprimée: HKLM\Software\Classes\CLSID\{A16AD1E9-F69A-45af-9462-B1C286708842}
    Clé supprimée: HKLM\Software\Classes\CLSID\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE}
    Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE}
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE}
    Clé supprimée: HKLM\Software\Classes\CLSID\{AB0EE208-DF60-4fa7-A617-C4269760033E}
    Clé supprimée: HKLM\Software\Classes\CLSID\{C1089F63-7AFC-4538-B0EB-BEA0F4225A57}
    Clé supprimée: HKLM\Software\Classes\CLSID\{C9CCBB35-D123-4a31-AFFC-9B2933132116}
    Clé supprimée: HKLM\Software\Classes\CLSID\{CC7BD6F1-565C-47ce-A5BB-9C935E77B59D}
    Clé supprimée: HKLM\Software\Classes\CLSID\{CFC16189-8A92-4a29-A940-60248385F426}
    Clé supprimée: HKLM\Software\Classes\CLSID\{DEE758B4-C3FB-4a5b-9939-848B9C77A2FB}
    Clé supprimée: HKLM\Software\Classes\AppID\{8258B35C-05B8-4c0e-9525-9BCCC70F8F2D}
    Clé supprimée: HKLM\Software\Classes\CLSID\{E12AEAB6-7D12-4c07-8E36-5892EFB4DAFB}
    Clé supprimée: HKLM\Software\Classes\CLSID\{E2F2C137-A782-4fb5-81AF-086156F5EB0A}
    Clé supprimée: HKLM\Software\Classes\CLSID\{F1D06C9F-51F0-4476-BEDE-5DDF91BE304E}
    Clé supprimée: HKLM\Software\Classes\CLSID\{F3A32DF2-7413-4fb1-B575-1AC920A17B76}
    Clé supprimée: HKLM\Software\Classes\Interface\{17BF1E05-C0E8-413C-BD1F-A481EEA3B8E9}
    Clé supprimée: HKLM\Software\Classes\Interface\{21BA420E-161C-413A-B21E-4E42AE1F4226}
    Clé supprimée: HKLM\Software\Classes\Interface\{453DB0C5-F41C-4D97-8DD6-CC72ECD5F699}
    Clé supprimée: HKLM\Software\Classes\Interface\{4AFC07D0-59BB-46B8-B097-1A46E88EEF71}
    Clé supprimée: HKLM\Software\Classes\Interface\{6511CE4C-4722-40D0-AD3D-4AFA2F50978A}
    Clé supprimée: HKLM\Software\Classes\Interface\{83B2FE06-BA20-4F7D-96C6-6FC3A4E877D3}
    Clé supprimée: HKLM\Software\Classes\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB}
    Clé supprimée: HKLM\Software\Classes\Interface\{9BEC9B38-BF39-4899-806E-A1C5DFEB60A2}
    Clé supprimée: HKLM\Software\Classes\Interface\{AEBF09E2-0C15-43C8-99BF-928C645D98A0}
    Clé supprimée: HKLM\Software\Classes\Interface\{B32966A2-F7C2-4362-A6CF-399EC8B44110}
    Clé supprimée: HKLM\Software\Classes\Interface\{B86D82BF-D39F-439A-A07C-43EDDC6F6EA6}
    Clé supprimée: HKLM\Software\Classes\Interface\{D8560AC2-21B5-4C1A-BDD4-BD12BC83B082}
    Clé supprimée: HKLM\Software\Classes\Interface\{DA6305B9-0869-4235-8C1D-533A65E639E5}
    Clé supprimée: HKLM\Software\Classes\Interface\{E25DA6D6-C365-46CF-ABAF-DC5893135D7A}
    Clé supprimée: HKLM\Software\Classes\Interface\{E6961C59-CFCE-4CCD-B794-BC78DB98413A}
    Clé supprimée: HKLM\Software\Classes\Interface\{F8B4EC8A-2407-4BE0-AEE2-0F430D65A90D}
    Clé supprimée: HKLM\Software\Classes\TypeLib\{02AED140-2B62-4B49-8B3B-179020CC39B9}
    Clé supprimée: HKLM\Software\Classes\TypeLib\{573F4ABB-A1A2-44ED-9BA9-A8DAD40AAC46}
    Clé supprimée: HKLM\Software\Classes\TypeLib\{5FE0CEAE-CB69-40AF-A323-40F94257DACB}
    Clé supprimée: HKLM\Software\Classes\TypeLib\{ACC62306-9A63-4864-BD2F-C8825D2D7EA6}
    Clé supprimée: HKLM\Software\Classes\TypeLib\{CDCA70D8-C6A6-49EE-9BED-7429D6C477A2}
    Clé supprimée: HKLM\Software\Classes\TypeLib\{D136987F-E1C4-4CCC-A220-893DF03EC5DF}
    Clé supprimée: HKLM\Software\Classes\TypeLib\{E343EDFC-1E6C-4CB5-AA29-E9C922641C80}
    Clé supprimée: HKLM\Software\Classes\TypeLib\{F1A1892C-2A6C-4817-98B4-FF81443CBA20}
    Clé supprimée: HKLM\Software\Classes\ShopperReports.AsyncReporter
    Clé supprimée: HKLM\Software\Classes\ShopperReports.AsyncReporter.1
    Clé supprimée: HKLM\Software\Classes\ShopperReports.CntntDic
    Clé supprimée: HKLM\Software\Classes\ShopperReports.CntntDic.1
    Clé supprimée: HKLM\Software\Classes\ShopperReports.CntntDisp
    Clé supprimée: HKLM\Software\Classes\ShopperReports.CntntDisp.1
    Clé supprimée: HKLM\Software\Classes\ShopperReports.Dwnldr
    Clé supprimée: HKLM\Software\Classes\ShopperReports.Dwnldr.1
    Clé supprimée: HKLM\Software\Classes\ShopperReports.HbAx
    Clé supprimée: HKLM\Software\Classes\ShopperReports.HbAx.1
    Clé supprimée: HKLM\Software\Classes\ShopperReports.HbGuru
    Clé supprimée: HKLM\Software\Classes\ShopperReports.HbGuru.1
    Clé supprimée: HKLM\Software\Classes\ShopperReports.HbInfoBand
    Clé supprimée: HKLM\Software\Classes\ShopperReports.HbInfoBand.1
    Clé supprimée: HKLM\Software\Classes\ShopperReports.IEButton
    Clé supprimée: HKLM\Software\Classes\ShopperReports.IEButton.1
    Clé supprimée: HKLM\Software\Classes\ShopperReports.IEButtonA
    Clé supprimée: HKLM\Software\Classes\ShopperReports.IEButtonA.1
    Clé supprimée: HKLM\Software\Classes\ShopperReports.KOPFF
    Clé supprimée: HKLM\Software\Classes\ShopperReports.KOPFF.1
    Clé supprimée: HKLM\Software\Classes\ShopperReports.MozillaNvgtnTrpr
    Clé supprimée: HKLM\Software\Classes\ShopperReports.MozillaNvgtnTrpr.1
    Clé supprimée: HKLM\Software\Classes\ShopperReports.MozillaPSExecuter
    Clé supprimée: HKLM\Software\Classes\ShopperReports.MozillaPSExecuter.1
    Clé supprimée: HKLM\Software\Classes\ShopperReports.ReportData
    Clé supprimée: HKLM\Software\Classes\ShopperReports.ReportData.1
    Clé supprimée: HKLM\Software\Classes\ShopperReports.Reporter
    Clé supprimée: HKLM\Software\Classes\ShopperReports.Reporter.1
    Clé supprimée: HKLM\Software\Classes\ShopperReports.RprtCtrl
    Clé supprimée: HKLM\Software\Classes\ShopperReports.RprtCtrl.1
    Clé supprimée: HKLM\Software\Classes\ShopperReports.Scopes
    Clé supprimée: HKLM\Software\Classes\ShopperReports.Scopes.1
    Clé supprimée: HKLM\Software\Classes\ShopperReports.Stock
    Clé supprimée: HKLM\Software\Classes\ShopperReports.Stock.1
    Clé supprimée: HKLM\Software\Classes\ShopperReports.TriggerImmidiate
    Clé supprimée: HKLM\Software\Classes\ShopperReports.TriggerImmidiate.1
    Clé supprimée: HKLM\Software\Classes\ShopperReports.TriggerImmidiateOrRandomTS
    Clé supprimée: HKLM\Software\Classes\ShopperReports.TriggerImmidiateOrRandomTS.1
    Clé supprimée: HKLM\Software\Classes\ShopperReports.TriggerOnceInDay
    Clé supprimée: HKLM\Software\Classes\ShopperReports.TriggerOnceInDay.1
    Clé supprimée: HKLM\Software\Classes\AppID\BRNstIE.DLL
    Clé supprimée: HKLM\Software\Classes\AppID\CmndFF.DLL
    Clé supprimée: HKLM\Software\Classes\AppID\mozillaps.dll
    Clé supprimée: HKLM\Software\Classes\AppID\Pltfrm.DLL
    Clé supprimée: HKLM\Software\ShopperReports3
    Clé supprimée: HKCU\Software\ShopperReports3
    Clé supprimée: HKCU\Software\AppDataLow\Software\PriceGong
    Clé supprimée: HKCU\Software\AppDataLow\Software\ShopperReports3
    Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
    Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}
    Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ShopperReportsSA
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B2}
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B3}
    Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2}
    Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3}
    Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{89F88394-3828-4D03-A0CF-8203604C3DA6}
    Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4233F04-1789-483C-A137-731E8F113DD5}

    Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|ShopperReports 3.0.517.0
    Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|SRS_IT_E8790472BD765B5634AA98
    Valeur supprimée: HKLM\Software\Mozilla\Firefox\Extensions|ShopperReports@ShopperReports.com


    ============== SCAN ADDITIONNEL ==============

    **** Mozilla Firefox Version [4.0.1 (fr)] ****

    Searchplugins\babylon.xml (hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=3ed7899b000000000000e839dfbc3ff4&tlver=1.4.19.19&ss=1&affID=18026/)
    Searchplugins\bing.xml ( hxxp://www.bing.com/search)
    Components\browsercomps.dll (Mozilla Foundation)
    Components\Scriptff.dll (McAfee, Inc.)
    HKLM_Extensions|{B7082FAA-CB62-4872-9106-E42DD88EDE45} - C:\Program Files\McAfee\SiteAdvisor

    -- C:\Users\Propriétaire\AppData\Roaming\Mozilla\FireFox\Profiles\qc4ayffz.default --
    Extensions\ffxtlbr@babylon.com (Babylon)
    Extensions\vinceturk@gmail.com (KwiClick)
    Extensions\{4be68a18-deba-49e0-9e09-ee7796f3b62a} (Billeo)
    Extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829} (PriceGong)
    Prefs.js - browser.download.lastDir, C:\\Users\\Propriétaire\\Pictures
    Prefs.js - browser.search.selectedEngine, Search the web (Babylon)
    Prefs.js - browser.startup.homepage, hxxp://search.babylon.com/?babsrc=HP_ss&mntrId=3ed7899b000000000000e839dfbc3ff4&tlver=1.4.19.1...
    Prefs.js - browser.startup.homepage_override.buildID, 20110413222027
    Prefs.js - browser.startup.homepage_override.mstone, rv:2.0.1
    Prefs.js - keyword.URL, hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=3ed7899b000000000000e839dfbc3ff4&tlver=1.4.19.19&instlRef=ss...

    ========================================

    **** Internet Explorer Version [8.0.7600.16385] ****

    HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
    HKCU_Main|Start Page - hxxp://fr.msn.com/
    HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
    HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
    HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Start Page - hxxp://fr.msn.com/
    HKCU_SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} - "?" (?)
    HKLM_Toolbar|{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} (c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll)
    HKLM_Toolbar|{8dcb7100-df86-4384-8842-8fa844297b3f} ("C:\Program Files\Microsoft\BingBar\BingExt.dll") (x)
    HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\System32\wpcer.exe (x)
    HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\System32\winfxdocobj.exe (x)
    HKLM_ElevationPolicy\{1FCCD250-A453-4348-86C1-E5EA9B76FADB} - C:\Program Files\McAfee\VirusScan\mcvsmap.exe (McAfee, Inc.)
    HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
    HKLM_ElevationPolicy\{A6E2003F-95C5-4591-BA9A-0093080FDB5C} - C:\Program Files\Common Files\Oberon Media\OberonBroker\1.0.0.63\OberonBroker.exe (?)
    HKLM_ElevationPolicy\{A8F94DF3-F6C6-422a-8BFC-7EE0F60A8609} - C:\Program Files\McAfee\VirusScan\mcvsshld.exe (McAfee, Inc.)
    HKLM_ElevationPolicy\{aa851425-0109-43f3-9ed2-7b7090125861} - C:\Program Files\Microsoft\BingBar\BingBar.exe (Microsoft Corporation.)
    HKLM_ElevationPolicy\{DAABE21E-DB8C-49b8-9511-9E6547ECBC5F} - c:\Program Files\McAfee\SiteAdvisor\McSACore.exe (?)
    HKCU_Extensions\{97ED3A9F-CD6F-473A-8FE1-7505C1B844C3} - "Billeo" (billeo.dll,219)
    BHO\{27B4851A-3207-45A2-B947-BE8AFE6163AB} - "McAfee Phishing Filter" (c:\progra~1\mcafee\msk\mskapbho.dll)
    BHO\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} - "scriptproxy" (C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20101226133217.dll)
    BHO\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} - "McAfee SiteAdvisor BHO" (c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll)
    BHO\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "Bing Bar Helper" ("C:\Program Files\Microsoft\BingBar\BingExt.dll") (x)

    ========================================

    C:\Program Files\Ad-Remover\Quarantine: 58 Fichier(s)
    C:\Program Files\Ad-Remover\Backup: 15 Fichier(s)

    C:\Ad-Report-CLEAN[1].txt - 15/05/2011 21:35:15 (14106 Octet(s))
    C:\Ad-Report-SCAN[1].txt - 15/05/2011 17:29:19 (14709 Octet(s))

    Fin à: 21:36:10, 15/05/2011

    ============== E.O.F ==============
    15 Mai 2011 21:42:02

    re

    Télécharge MalwareByte's Anti-Malware sur ton Bureau.

  • Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
    Une fois l'installation et la mise à jour effectuées :
  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    ~ Si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    ~~ Si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau.
  • Poste ce rapport.

    REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    Note : Si tu ne parviens à télécharger MBAM à partir de MajorGeeks, tu peux le télécharger ici!

    [#FF0000]Aide
    :
  • Comment utiliser MBAM.

    +++
    ++++++++
    15 Mai 2011 23:41:01

    ok voici le rapport :

    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Version de la base de données: 6585

    Windows 6.1.7600
    Internet Explorer 8.0.7600.16385

    15/05/2011 23:40:29
    mbam-log-2011-05-15 (23-40-29).txt

    Type d'examen: Examen complet (C:\|D:\|)
    Elément(s) analysé(s): 253409
    Temps écoulé: 1 heure(s), 35 minute(s), 45 seconde(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 15

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    c:\program files\ad-remover\quarantine\C\program files\shopperreports3\bin\3.0.517.0\brnstie.dll.vir (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\program files\ad-remover\quarantine\C\program files\shopperreports3\bin\3.0.517.0\cmndff.dll.vir (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\program files\ad-remover\quarantine\C\program files\shopperreports3\bin\3.0.517.0\cntntcntr.dll.vir (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\program files\ad-remover\quarantine\C\program files\shopperreports3\bin\3.0.517.0\mozillaps.dll.vir (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\program files\ad-remover\quarantine\C\program files\shopperreports3\bin\3.0.517.0\pltfrm.dll.vir (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\program files\ad-remover\quarantine\C\program files\shopperreports3\bin\3.0.517.0\shopperreports.dll.vir (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\program files\ad-remover\quarantine\C\program files\shopperreports3\bin\3.0.517.0\shopperreportsuninstaller.exe.vir (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\program files\ad-remover\quarantine\C\program files\shopperreports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\components\brnstff.dll.vir (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\Users\propriétaire\AppData\Local\Temp\ZANEBAE.exe (Adware.ClickPotato) -> Quarantined and deleted successfully.
    c:\Users\propriétaire\AppData\Local\Temp\nscE620.tmp\Install.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\Users\propriétaire\AppData\Local\Temp\nscE620.tmp\Setup.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\Users\propriétaire\AppData\Local\Temp\nsrECE3.tmp\Install.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\Users\propriétaire\AppData\Local\Temp\nsrECE3.tmp\Setup.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\Users\propriétaire\downloads\vlc_setup1.1.5-win32.exe (Adware.Agent) -> Quarantined and deleted successfully.
    c:\Users\propriétaire\downloads\xvid_setup1.2.2-win32.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
    16 Mai 2011 21:10:40

    Bonsoir
    comment se comporte ton pc?
    17 Mai 2011 00:30:37

    Bonsoir
    le pc dans l'ensemble se porte plutôt bien, mais parfois il rame quand je navigue sur internet, peut-être la faute de ce moteur de recherche
    qu'en penses-tu?
    17 Mai 2011 21:27:59

    Bonsoir
    tu as encore des traces de babylon search ?
    17 Mai 2011 21:40:06

    Bonsoir,

    Oui, Internet s'ouvre toujours avec Babylon search comme moteur de recherche
    17 Mai 2011 21:48:16

    ok
    bah tu changes:

    dans firefox, tu cliques sur outils/options/général puis tu remplaces babylon par google...

    après, on va quand même vérifier un truc:



    Télécharge OTL(de OldTimer) sur ton Bureau.
  • Double-clique sur OTL pour le lancer.
  • (Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
  • Une fenêtre apparaît. Dans la section Rapport en haut de cette fenêtre, coche Rapport minimal.
  • Coche également les cases à côté de Recherche Lop et Recherche Purity.
  • Enfin, clique sur le bouton Analyse. Le scan ne prendra pas beaucoup de temps.
  • Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTL (donc par défaut sur le Bureau).
  • Héberge les rapports, puis donne leurs liens.
    Utilise ceci pour les heberger: http://www.sendspace.com/
    17 Mai 2011 21:51:08

    j'ai déjà essayé de changer ma page d'accueil, mais ça ne fonctionne pas, babylon revient toujours à la charge.
    Je fais ce que tu me dis
    17 Mai 2011 22:21:53


  • Double-clique sur OTL pour le lancer.
    (Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
  • Sous l'onglet Personnalisation (dans le cadre blanc) en bas de la fenêtre, copie-colle le texte suivant (entre les deux espaces) :

    :OTL
    FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:2.8
    FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
    FF - prefs.js..extensions.enabledItems: ShopperReports@ShopperReports.com:3.0.517.0
    FF - prefs.js..extensions.enabledItems: ClickPotatoLite@ClickPotatoLite.com:10.0.646.0
    FF - prefs.js..extensions.enabledItems: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.1.0
    FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.1.3
    FF - prefs.js..keyword.URL: "http://search.babylon.com/?babsrc=SP_ss&mntrId=3ed7899b000000000000e839dfbc3ff4&tlver=1.4.19.19&instlRef=sst&ss=1&affID=18026&q="
    [2011/05/15 15:20:36 | 000,000,000 | ---D | M] (Billeo) -- C:\Users\Propriétaire\AppData\Roaming\mozilla\Firefox\Profiles\qc4ayffz.default\extensions\{4be68a18-deba-49e0-9e09-ee7796f3b62a}
    [2011/03/06 22:21:06 | 000,000,000 | ---D | M] (PriceGong) -- C:\Users\Propriétaire\AppData\Roaming\mozilla\Firefox\Profiles\qc4ayffz.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}
    [2011/04/27 15:48:15 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Propriétaire\AppData\Roaming\mozilla\Firefox\Profiles\qc4ayffz.default\extensions\ffxtlbr@babylon.com
    File not found (No name found) -- C:\USERS\PROPRIéTAIRE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QC4AYFFZ.DEFAULT\EXTENSIONS\{4BE68A18-DEBA-49E0-9E09-EE7796F3B62A}
    File not found (No name found) -- C:\USERS\PROPRIéTAIRE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QC4AYFFZ.DEFAULT\EXTENSIONS\{8A9386B4-E958-4C4C-ADF4-8F26DB3E4829}
    File not found (No name found) -- C:\USERS\PROPRIéTAIRE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QC4AYFFZ.DEFAULT\EXTENSIONS\FFXTLBR@BABYLON.COM
    File not found (No name found) -- C:\USERS\PROPRIéTAIRE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QC4AYFFZ.DEFAULT\EXTENSIONS\VINCETURK@GMAIL.COM
    O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
    O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)


    :commands
    [emptytemp]
    [reboot]

  • Puis clique sur le bouton Correction en haut de la fenêtre.
  • Laisse le programme travailler, redémarre une fois le fix terminé.
  • Poste le rapport qui s'affichera après redémarrage.
    18 Mai 2011 18:28:58

    Bonjour
    Encore des soucis? :D 
    18 Mai 2011 19:11:44

    Bonsoir,

    Je crois que tout va bien maintenant !
    Je te remercie d'avoir passer du temps sur mon petit problème !
    26 Novembre 2011 10:08:51

    Bonjour,

    J'ai le même problème. Sous Mozilla apparemment le problème a disparu ou est masqué, par contre sous IE ça apparaît dès que j'ouvre un nouvel onglet.

    Merci si vous pouvez me donner un coup de main !
    a c 547 8 Sécurité
    26 Novembre 2011 11:19:13

    Bonjour Mimache,

    Merci de créer ton propre sujet pour obtenir une prise en charge.

    :jap: 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS