Votre question

Toujours iexplore.exe en Gestionnaire des tâches

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
12 Mai 2011 18:44:10

Bonsoir,

J'ai depuis peu un problème, lorsque je vais dans mon gestionnaire des tâches, j'ai toujours deux iexplore.exe qui me bouffent énormément de place. Pas moyen d'arrêter le processus, il se relance toujours après un message d'erreur.

Voici mon rapport HijackThis:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:43:26, on 12/05/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19048)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\SYSTEM32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Mozilla Firefox\management\MFsurf1.exe
C:\Program Files\Hercules\WiFi Station N\WiFiN.exe
C:\Program Files\Mozilla Firefox\management\MFsurf2.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10m_ActiveX.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\management\firefox_download.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.medion.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/?pc=AVBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.facemoods.com/?a=ddr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.medion.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tropal.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddr&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSoft.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSoft.dll
O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.4.17.5\bh\facemoods.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: (no name) - {f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5} - (no file)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Program Files\No1 Video Converter\msdxm.ocx
O3 - Toolbar: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSoft.dll
O3 - Toolbar: facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com\facemoods\1.4.17.5\facemoodsTlbr.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Romain\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O4 - Global Startup: firefox_reload.lnk = C:\Program Files\Mozilla Firefox\management\MFsurf1.exe
O4 - Global Startup: WiFi Station N.lnk = C:\Program Files\Hercules\WiFi Station N\WiFiN.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jh...
O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O16 - DPF: {254AA86E-5655-4518-AA87-185D7CC41801} (LogMeIn Rescue Technician Console) - https://secure.logmeinrescue.com/FR/TechConsole/x86/Res...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {C212D449-8B3C-41F2-BD9A-047BD770550F} (Perparer Class) - http://www.fiaa.eu/OPLauncher.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: acaptuser32.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe
O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HerculesWiFi - Guillemot Corporation - C:\Program Files\Hercules\WiFi Station N\HerculesWiFiService.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe
O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: User Privilege Service (usprserv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\uxtuneup.dll,-4096 (UxTuneUp) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

--
End of file - 23556 bytes


Merci d'avance !

Autres pages sur : iexplore exe gestionnaire taches

a c 295 8 Sécurité
a b 9 Windows
12 Mai 2011 21:00:06

Bonjour,

  • Désinstalle Softonic_France Toolbar.

    As-tu des pubs intempestives ? Des redirections ?
    13 Mai 2011 16:43:39

    Bonjour, j'utilise personnellement firefox et je n'ai pas de redirection et de pubs qui s'affichent. Merci de ton aide !

    EDIT: J'ai désinstaller la toolbar et aucunes améliorations.
    Contenus similaires
    13 Mai 2011 19:05:59

    J'ai installé IE9, toujours le même problème. Je te renvoi un rapport HijackThis:

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 19:05:36, on 13/05/2011
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
    C:\Windows\SYSTEM32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
    C:\Program Files\RocketDock\RocketDock.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Mozilla Firefox\management\MFsurf1.exe
    C:\Program Files\Hercules\WiFi Station N\WiFiN.exe
    C:\Program Files\Mozilla Firefox\management\MFsurf2.exe
    C:\Program Files\Mozilla Firefox\management\firefox_download.exe
    C:\Program Files\Skype\Plugin Manager\skypePM.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil10p_ActiveX.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.medion.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/?pc=AVBR
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.facemoods.com/?a=ddr
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.medion.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tropal.net/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddr&s={searchTerms}&f=4
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.4.17.5\bh\facemoods.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O2 - BHO: (no name) - {f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5} - (no file)
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Program Files\No1 Video Converter\msdxm.ocx
    O3 - Toolbar: facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com\facemoods\1.4.17.5\facemoodsTlbr.dll
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
    O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
    O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
    O4 - HKCU\..\Run: [Google Update] "C:\Users\Romain\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
    O4 - Global Startup: firefox_reload.lnk = C:\Program Files\Mozilla Firefox\management\MFsurf1.exe
    O4 - Global Startup: WiFi Station N.lnk = C:\Program Files\Hercules\WiFi Station N\WiFiN.exe
    O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jh...
    O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convertir au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {254AA86E-5655-4518-AA87-185D7CC41801} (LogMeIn Rescue Technician Console) - https://secure.logmeinrescue.com/FR/TechConsole/x86/Res...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {C212D449-8B3C-41F2-BD9A-047BD770550F} (Perparer Class) - http://www.fiaa.eu/OPLauncher.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O20 - AppInit_DLLs: acaptuser32.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
    O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
    O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe
    O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
    O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
    O23 - Service: HerculesWiFi - Guillemot Corporation - C:\Program Files\Hercules\WiFi Station N\HerculesWiFiService.exe
    O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe
    O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\maconfservice.exe
    O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
    O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
    O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe
    O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
    O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
    O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe
    O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
    O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe
    O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe
    O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
    O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
    O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
    O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
    O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
    O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
    O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: User Privilege Service (usprserv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\uxtuneup.dll,-4096 (UxTuneUp) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
    O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
    O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
    O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
    O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

    --
    End of file - 23620 bytes
    13 Mai 2011 19:20:57

    Voici mon rapport:

    ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

    Mis à jour par TeamXscript le 12/04/11
    Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
    Site web: http://www.teamxscript.org

    C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 19:31:09 le 13/05/2011, Mode normal

    Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 2 (X86)
    Romain@PC-DE-ROMAIN (MEDIONPC MS-7366)

    ============== RECHERCHE ==============


    Fichier trouvé: C:\Program Files\Mozilla FireFox\Components\AskHPRFF.js
    Fichier trouvé: C:\Program Files\Mozilla FireFox\Components\AskSearch.js
    Dossier trouvé: C:\Program Files\Mozilla FireFox\extensions\{AC57FCAF-E6FC-4BE9-ADC0-D00129C4C1E7}
    Fichier trouvé: C:\Windows\system32\ConduitEngine.tmp
    Fichier trouvé: C:\Windows\system32\f3PSSavr.scr
    Fichier trouvé: C:\Users\Romain\AppData\Roaming\Mozilla\FireFox\Profiles\apdyd6m8.default\searchplugins\askcom.xml
    Dossier trouvé: C:\Users\Romain\AppData\Roaming\Mozilla\FireFox\Profiles\apdyd6m8.default\conduit
    Dossier trouvé: C:\Users\Romain\AppData\Roaming\Mozilla\FireFox\Profiles\apdyd6m8.default\ConduitEngine
    Dossier trouvé: C:\Users\Romain\AppData\Roaming\Mozilla\FireFox\Profiles\apdyd6m8.default\extensions\engine@conduit.com
    Fichier trouvé: C:\Users\Romain\AppData\Roaming\Mozilla\FireFox\Profiles\apdyd6m8.default\searchplugins\conduit.xml
    Dossier trouvé: C:\Users\Romain\AppData\Local\Conduit
    Dossier trouvé: C:\Users\Romain\AppData\LocalLow\Conduit
    Dossier trouvé: C:\Users\Romain\AppData\Local\ConduitEngine
    Dossier trouvé: C:\Users\Romain\AppData\LocalLow\FunWebProducts
    Dossier trouvé: C:\Program Files\FunWebProducts
    Dossier trouvé: C:\Users\Romain\AppData\LocalLow\MyWebSearch
    Dossier trouvé: C:\Program Files\MyWebSearch
    Dossier trouvé: C:\Users\Romain\AppData\Roaming\OpenCandy
    Dossier trouvé: C:\ProgramData\PopCap Games
    Dossier trouvé: C:\Program Files\PopCap Games
    Dossier trouvé: C:\Users\Romain\AppData\Roaming\PriceGong
    Dossier trouvé: C:\Users\Romain\AppData\LocalLow\PriceGong
    Dossier trouvé: C:\Program Files\ShoppingReport2
    Dossier trouvé: C:\Users\Romain\AppData\Roaming\EoRezo
    Dossier trouvé: C:\Users\Romain\AppData\Roaming\OfferBox
    Fichier trouvé: C:\Program Files\Windows Live\Messenger\Riched20.dll

    -- Fichier ouvert: C:\Users\Romain\AppData\Roaming\Mozilla\FireFox\Profiles\apdyd6m8.default\Prefs.js --
    Ligne trouvée: user_pref("CT2463487.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT246...
    Ligne trouvée: user_pref("CT2844151.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT284...
    Ligne trouvée: user_pref("CommunityToolbar.CantToolbarBeEngineOwner", "CT2463487");
    Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1236201/1231874/FR", "\"0\"...
    Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/585702/581564/FR", "\"0\"")...
    Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/669150/665011/FR", "\"0\"")...
    Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/857155/852957/FR", "\"0\"")...
    Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/FR", "\"0\"")...
    Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2463487", ...
    Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo...
    Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo...
    Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc...
    Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc...
    Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo...
    Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo...
    Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local...
    Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local...
    Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\...
    Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63433363123173...
    Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2844151&octid=...
    Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2463487/CT2463487...
    Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634...
    Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=fr", "\"634...
    Ligne trouvée: user_pref("CommunityToolbar.EngineOwner", "CT2844151");
    Ligne trouvée: user_pref("CommunityToolbar.EngineOwnerGuid", "{8d0e4687-02fa-460f-a530-e999413b9fba}");
    Ligne trouvée: user_pref("CommunityToolbar.EngineOwnerToolbarId", "dpstream");
    Ligne trouvée: user_pref("CommunityToolbar.IsEngineShown", true);
    Ligne trouvée: user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
    Ligne trouvée: user_pref("CommunityToolbar.OriginalEngineOwner", "CT2844151");
    Ligne trouvée: user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{8d0e4687-02fa-460f-a530-e999413b9fba}");
    Ligne trouvée: user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "dpstream");
    Ligne trouvée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.conduit.com/ResultsExt.asp...
    Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList", "CT2844151,ConduitEngine,CT2463487");
    Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList2", "CT2844151,CT2463487");
    Ligne trouvée: user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Mon Mar 21 2011 20:26:42 GMT+01...
    Ligne trouvée: user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
    Ligne trouvée: user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Fri May 13 2011 19:03:10 GMT+0200");
    Ligne trouvée: user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
    Ligne trouvée: user_pref("CommunityToolbar.alert.locale", "en");
    Ligne trouvée: user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
    Ligne trouvée: user_pref("CommunityToolbar.alert.loginLastCheckTime", "Fri May 13 2011 19:16:42 GMT+0200");
    Ligne trouvée: user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1303303927");
    Ligne trouvée: user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
    Ligne trouvée: user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
    Ligne trouvée: user_pref("CommunityToolbar.alert.showTrayIcon", false);
    Ligne trouvée: user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
    Ligne trouvée: user_pref("CommunityToolbar.alert.userId", "d504efb1-fe07-4c96-87d5-a4e251c17c44");
    Ligne trouvée: user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
    Ligne trouvée: user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
    Ligne trouvée: user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2463487");
    Ligne trouvée: user_pref("ConduitEngine.FirstServerDate", "01/17/2011 21");
    Ligne trouvée: user_pref("ConduitEngine.FirstTime", true);
    Ligne trouvée: user_pref("ConduitEngine.FirstTimeFF3", true);
    Ligne trouvée: user_pref("ConduitEngine.HasUserGlobalKeys", true);
    Ligne trouvée: user_pref("ConduitEngine.Initialize", true);
    Ligne trouvée: user_pref("ConduitEngine.InitializeCommonPrefs", true);
    Ligne trouvée: user_pref("ConduitEngine.InstalledDate", "Mon Jan 17 2011 19:43:41 GMT+0100");
    Ligne trouvée: user_pref("ConduitEngine.IsMulticommunity", false);
    Ligne trouvée: user_pref("ConduitEngine.IsOpenThankYouPage", false);
    Ligne trouvée: user_pref("ConduitEngine.IsOpenUninstallPage", true);
    Ligne trouvée: user_pref("ConduitEngine.LanguagePackLastCheckTime", "Mon Jan 17 2011 19:42:52 GMT+0100");
    Ligne trouvée: user_pref("ConduitEngine.LastLogin_3.2.4.0", "Mon Jan 17 2011 19:43:24 GMT+0100");
    Ligne trouvée: user_pref("ConduitEngine.PublisherContainerWidth", 0);
    Ligne trouvée: user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
    Ligne trouvée: user_pref("ConduitEngine.SettingsLastCheckTime", "Mon Jan 17 2011 19:42:52 GMT+0100");
    Ligne trouvée: user_pref("ConduitEngine.UserID", "UN31759968384571223");
    Ligne trouvée: user_pref("ConduitEngine.engineLocale", "fr");
    Ligne trouvée: user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Mon Jan 17 2011 19:42:52 GMT+0100");
    Ligne trouvée: user_pref("ConduitEngine.initDone", true);
    Ligne trouvée: user_pref("browser.search.defaultengine", "Ask.com");
    Ligne trouvée: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2844151&Sea...
    Ligne trouvée: user_pref("browser.search.order.1", "Ask.com");
    Ligne trouvée: user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{20a82645-c095-...
    Ligne trouvée: user_pref("extensions.m3ffxtbr@mywebsearch.com.install-event-fired", true);
    Ligne trouvée: user_pref("extensions.toolbar@ask.com.install-event-fired", true);
    Ligne trouvée: user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2844151&q=");
    -- Fichier Fermé --


    Clé trouvée: HKLM\Software\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
    Clé trouvée: HKLM\Software\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
    Clé trouvée: HKLM\Software\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
    Clé trouvée: HKLM\Software\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
    Clé trouvée: HKLM\Software\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
    Clé trouvée: HKLM\Software\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
    Clé trouvée: HKLM\Software\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
    Clé trouvée: HKLM\Software\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
    Clé trouvée: HKLM\Software\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
    Clé trouvée: HKLM\Software\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
    Clé trouvée: HKLM\Software\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
    Clé trouvée: HKLM\Software\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
    Clé trouvée: HKLM\Software\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}
    Clé trouvée: HKLM\Software\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}
    Clé trouvée: HKLM\Software\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}
    Clé trouvée: HKLM\Software\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}
    Clé trouvée: HKLM\Software\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
    Clé trouvée: HKLM\Software\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
    Clé trouvée: HKLM\Software\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}
    Clé trouvée: HKLM\Software\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
    Clé trouvée: HKLM\Software\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
    Clé trouvée: HKLM\Software\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
    Clé trouvée: HKLM\Software\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
    Clé trouvée: HKLM\Software\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
    Clé trouvée: HKLM\Software\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
    Clé trouvée: HKLM\Software\Classes\Conduit.Engine
    Clé trouvée: HKLM\Software\Classes\Toolbar.CT2207610
    Clé trouvée: HKLM\Software\Classes\Toolbar.CT2542115
    Clé trouvée: HKLM\Software\Classes\Toolbar.CT2552113
    Clé trouvée: HKLM\Software\Conduit
    Clé trouvée: HKLM\Software\EoRezo
    Clé trouvée: HKLM\Software\FocusInteractive
    Clé trouvée: HKLM\Software\Fun Web Products
    Clé trouvée: HKLM\Software\MyWebSearch
    Clé trouvée: HKCU\Software\Conduit
    Clé trouvée: HKCU\Software\EoRezo
    Clé trouvée: HKCU\Software\MyWebSearch
    Clé trouvée: HKCU\Software\OfferBox
    Clé trouvée: HKCU\Software\PopCap
    Clé trouvée: HKCU\Software\PriceGong
    Clé trouvée: HKCU\Software\AppDataLow\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
    Clé trouvée: HKCU\Software\AppDataLow\AskBarDis
    Clé trouvée: HKCU\Software\AppDataLow\Software\Conduit
    Clé trouvée: HKCU\Software\AppDataLow\Software\Fun Web Products
    Clé trouvée: HKCU\Software\AppDataLow\Software\FunWebProducts
    Clé trouvée: HKCU\Software\AppDataLow\Software\MyWebSearch
    Clé trouvée: HKCU\Software\AppDataLow\Software\PriceGong
    Clé trouvée: HKLM\Software\Cheat Engine\OpenCandy
    Clé trouvée: HKLM\Software\mIRC\OpenCandy
    Clé trouvée: HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\My Web Search Bar Search Scope Monitor
    Clé trouvée: HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\MyWebSearch Email Plugin
    Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
    Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
    Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
    Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
    Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Ask Toolbar_is1
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyWebSearch bar Uninstall
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdate_is1
    Clé trouvée: HKCU\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
    Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
    Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
    Clé trouvée: HKLM\Software\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
    Clé trouvée: HKLM\Software\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin
    Clé trouvée: HKLM\Software\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin
    Clé trouvée: HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin

    Valeur trouvée: HKLM\Software\Microsoft\Windows Media\Wmsdk\Sources|F3PopularScreenSavers
    Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\post platform|FunWebProducts
    Valeur trouvée: HKLM\Software\Mozilla\Firefox\Extensions|m3ffxtbr@mywebsearch.com
    Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}


    ============== SCAN ADDITIONNEL ==============

    **** Mozilla Firefox Version [4.0.1 (fr)] ****

    Plugins\npBitCometAgent.dll (BitComet)
    Plugins\npijjiautoinstallpluginff.dll (NHN USA Inc.)
    Plugins\npijjiFFPlugin1.dll (NHN USA Inc.)
    Plugins\npPandoWebInst.dll (Pando Networks)
    Plugins\nppopcaploader.dll (PopCap Games)
    Plugins\npwachk.dll (Nullsoft, Inc.)
    HKLM_MozillaPlugins\@gamersfirst.com/LiveLauncher (x)
    HKLM_MozillaPlugins\@idsoftware.com/QuakeLive (x)
    HKLM_MozillaPlugins\@mywebsearch.com/Plugin (x)
    HKLM_MozillaPlugins\@ngm.nexoneu.com/NxGame (x)
    HKLM_MozillaPlugins\@pandonetworks.com/PandoWebPlugin (x)
    HKLM_MozillaPlugins\@zylom.com/ZylomGamesPlayer (x)
    HKCU_MozillaPlugins\pandonetworks.com/PandoWebPlugin (x)
    Searchplugins\bing.xml ( hxxp://www.bing.com/search)
    Searchplugins\fcmdSrchddr.xml ( hxxp://start.facemoods.com/?a=ddr&f=4&q={searchTerms}/)
    Components\AskHPRFF.js
    Components\AskSearch.js
    Components\browsercomps.dll (Mozilla Foundation)
    Extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} (Skype extension )
    Extensions\{AC57FCAF-E6FC-4BE9-ADC0-D00129C4C1E7} (BarDiscover)
    HKLM_Extensions|m3ffxtbr@mywebsearch.com - C:\Program Files\MyWebSearch\bar\3.bin

    -- C:\Users\Romain\AppData\Roaming\Mozilla\FireFox\Profiles\apdyd6m8.default --
    Extensions\battlefieldheroespatcher@ea.com (Battlefield Heroes Updater)
    Extensions\bejeweledblitz3cheat@thecybershadow(57).net (CyberShadow's Bejeweled Blitz 3 Cheat)
    Extensions\bejeweledblitz3cheat@thecybershadow.net (CyberShadow's Bejeweled Blitz 3 Cheat)
    Extensions\eafo3fflauncher@ea.com (FIFA Online Web Launcher)
    Extensions\engine@conduit.com (Conduit Engine )
    Extensions\ffxtlbr@Facemoods.com (Facemoods)
    Extensions\kos@dontblynk.com (K.O.S. Web Launcher)
    Extensions\radiobar@toolbar (RadioBar Toolbar)
    Extensions\silvermelxt@pardal.de (Silvermel and Charamel XT)
    Extensions\TechnicianConsole@logmeinrescue.com (LogMeIn, Inc. Rescue Technician Console)
    Extensions\{7a88e876-d715-4503-a7bf-a8eba13ca3f9} (SocialPlus)
    Extensions\{8d0e4687-02fa-460f-a530-e999413b9fba} (DPStream Community Toolbar)
    Extensions\{b905bc9d-6059-4517-a6b4-950d26299a2b} (radiodofus Community Toolbar)
    Extensions\{e8de9422-3b2c-4243-bf6f-235da84d8ef8} (Brothersoft Community Toolbar)
    Searchplugins\askcom.xml (?)
    Searchplugins\conduit.xml (hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2844151&SearchSource=3&q={searchTerms} /)
    Prefs.js - browser.download.lastDir, C:\\Users\\Romain\\Downloads
    Prefs.js - browser.search.defaultenginename, Facemoods Search
    Prefs.js - browser.search.defaulturl, hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2844151&SearchSource=3&q={searchTerms}
    Prefs.js - browser.search.selectedEngine, Facemoods Search
    Prefs.js - browser.startup.homepage, hxxp://www.google.fr/
    Prefs.js - browser.startup.homepage_override.buildID, 20110413222027
    Prefs.js - browser.startup.homepage_override.mstone, rv:2.0.1
    Prefs.js - keyword.URL, hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2844151&q=

    ========================================

    **** Google Chrome Version [11.0.696.65] ****

    Extension\ihflimipbcaljfnojhhknppphnnciiif (C:\Program Files\facemoods.com\facemoods\1.4.17.5\facemoods.crx) (?)
    Extension\lifbcibllhkdhoafpjfnlhfpfgnpldfl (C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx) (?)

    -- C:\Users\Romain\AppData\Local\Google\Chrome\User Data\Default --
    Preferences - default_search_provider: "facemoods" (Activé: ) (hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4)
    Preferences - homepage: hxxp://start.facemoods.com/?a=ddr
    Preferences - homepage_is_newtabpage: false
    Plugin - BitCometAgent (Activé: true) (C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll)
    Plugin - Pando Web Installer (Activé: true) (C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll)
    Plugin - Windows Live Photo Gallery (Activé: true) (C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll)
    Plugin - QUAKE LIVE (Activé: true) (C:\ProgramData\id Software\QuakeLive\npquakezero.dll)
    Plugin - "My Web Search Plugin Stub" (Activé: true)
    Plugin - "Windows Live Photo Gallery" (Activé: true)
    Plugin - "DivX Player" (Activé: true)
    Plugin - "BitCometAgent" (Activé: true)
    Plugin - "Nexon Game Controller" (Activé: true)
    Plugin - "Pando Web Installer" (Activé: true)
    Plugin - "DNA Plug-in" (Activé: true)
    Plugin - "ijji Web Launching Plugin for FF" (Activé: true)
    Plugin - "ijji Auto Install Plugin for Mozilla" (Activé: true)
    Plugin - "PopCap Games Plugin" (Activé: true)
    Plugin - "QUAKE LIVE" (Activé: true)
    Plugin - "Winamp Application Detector" (Activé: true)
    Plugin - "Zylom Plugin" (Activé: true)

    ========================================

    **** Internet Explorer Version [9.0.8112.16421] ****

    HKCU_Main|Default_Page_URL - hxxp://www.medion.com
    HKCU_Main|Search bar - hxxp://www.google.com/ie
    HKCU_Main|Search Page - hxxp://www.bing.com/?pc=AVBR
    HKCU_Main|Start Page - hxxp://start.facemoods.com/?a=ddr
    HKLM_Main|Default_Page_URL - hxxp://www.medion.com
    HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
    HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
    HKLM_Main|Start Page - hxxp://www.tropal.net/
    HKCU_SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A} - "Facemoods Search" (hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4)
    HKCU_SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - "Ask Search" (hxxp://websearch.ask.com/redirect?client=ie&tb=BT5&o=15443&src=crm&q={searchTerm...)
    HKCU_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "Setuprog Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...)
    HKCU_SearchScopes\{B7B664DF-3AF9-4C8E-8148-F42BB7831D27} - "Ask" (hxxp://www.ask.com/web?o=15710&l=dis&q={searchTerms})
    HKCU_SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420} - "Ask Search" (hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q={searchTerms}&c...)
    HKLM_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "Setuprog Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...)
    HKLM_SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420} - "Ask Search" (hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q={searchTerms}&c...)
    HKCU_Toolbar\WebBrowser|{A057A204-BACC-4D26-8287-79A187E26987} (x)
    HKCU_Toolbar\WebBrowser|{47833539-D0C5-4125-9FA8-0819E2EAAC93} (C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll)
    HKCU_Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440} (x)
    HKLM_Toolbar|{47833539-D0C5-4125-9FA8-0819E2EAAC93} (C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll)
    HKLM_Toolbar|{8E718888-423F-11D2-876E-00A0C9082467} (C:\Program Files\No1 Video Converter\msdxm.ocx)
    HKLM_Toolbar|{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} (C:\Program Files\facemoods.com\facemoods\1.4.17.5\facemoodsTlbr.dll)
    HKCU_ElevationPolicy\{0D83314F-C62E-4B07-9613-3F2F73EB640F} - C:\Program Files\Mumble\mumble.exe (Thorvald Natvig)
    HKCU_ElevationPolicy\{44C07905-FD75-498B-83DF-91447287B318} - C:\Program Files\BitTorrent\bittorrent.exe (x)
    HKLM_ElevationPolicy\23514e33-3da1-4080-a979-0d4ea3afce6f - C:\Program Files\Softonic_France_FF\Softonic_France_FFToolbarHelper.exe (x)
    HKLM_ElevationPolicy\748b6bb0-cacf-4fb1-b172-97a6f645dcbb - C:\Program Files\Setuprog\SetuprogToolbarHelper.exe (x)
    HKLM_ElevationPolicy\92a8ada5-6393-484c-bbc1-a9c29ddf0c25 - C:\Program Files\Setuprog\SetuprogToolbarHelper.exe (x)
    HKLM_ElevationPolicy\{05A3020F-486D-49C6-BFC3-595AD99C5EA6} - C:\Users\Romain\AppData\Local\Conduit\CT2552113\SetuprogAutoUpdaterHelper.exe (?)
    HKLM_ElevationPolicy\{09B74B5E-2912-48de-9167-D80158E2A379} - C:\Program Files\CA VMN Anti-Spyware\CA_VMN_antispyware.exe (x)
    HKLM_ElevationPolicy\{0C5365B7-358F-402d-A440-F1270AEF1175} - C:\ProgramData\EmailNotifier\EmailNotifier.exe (x)
    HKLM_ElevationPolicy\{3644F00E-747A-44aa-8DC3-139CCBEF5BFB} - C:\Program Files\Pando Networks\Media Booster\PMB.exe (?)
    HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
    HKLM_ElevationPolicy\{74351F14-5437-4d87-805B-04D409B09976} - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (x)
    HKLM_ElevationPolicy\{8E750B9A-1B01-431E-8FCE-4CEBD134E4CA} - C:\Program Files\Setuprog\SetuprogToolbarHelper1.exe (x)
    HKLM_ElevationPolicy\{a9870188-b7c0-4ddb-bdd2-04cf56f1c24c} - C:\Windows\Downloaded Program Files\RescueBroker.exe (LogMeIn, Inc.)
    HKLM_ElevationPolicy\{C9BDBBC1-2B4F-4669-BB5A-51C8D1770C1A} - C:\Windows\Downloaded Program Files\LMIGuardian.exe (LogMeIn, Inc.)
    HKLM_ElevationPolicy\{fdf4a77a-03e2-4bba-a389-08c96add3eee} - C:\Windows\Downloaded Program Files\LMIProxyHelper.exe (?)
    HKLM_ElevationPolicy\{FFDF9EF3-3C3A-4f05-9A6E-5D3B778EC567} - C:\Program Files\facemoods.com\facemoods\1.4.17.5\facemoodssrv.exe (facemoods.com)
    BHO\{02478D38-C3F9-4efb-9B51-7695ECA05670} (?)
    BHO\{64182481-4F71-486b-A045-B233BD0DA8FC} - "CescrtHlpr Object" (C:\Program Files\facemoods.com\facemoods\1.4.17.5\bh\facemoods.dll)
    BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)
    BHO\{f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5} (?)

    ========================================

    C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
    C:\Program Files\Ad-Remover\Backup: 1 Fichier(s)

    C:\Ad-Report-SCAN[1].txt - 13/05/2011 19:31:13 (25014 Octet(s))

    Fin à: 19:32:10, 13/05/2011

    ============== E.O.F ==============
    a c 295 8 Sécurité
    a b 9 Windows
    13 Mai 2011 20:23:46

    Ok, relance Ad-Remover, utilise l'option "Nettoyer" et poste le rapport.
    13 Mai 2011 22:18:12

    Voilà mon rapport:

    ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

    Mis à jour par TeamXscript le 12/04/11
    Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
    Site web: http://www.teamxscript.org

    C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 22:02:44 le 13/05/2011, Mode normal

    Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 2 (X86)
    Romain@PC-DE-ROMAIN (MEDIONPC MS-7366)

    ============== ACTION(S) ==============


    Fichier supprimé: C:\Program Files\Mozilla FireFox\Components\AskHPRFF.js
    Fichier supprimé: C:\Program Files\Mozilla FireFox\Components\AskSearch.js
    Dossier supprimé: C:\Program Files\Mozilla FireFox\extensions\{AC57FCAF-E6FC-4BE9-ADC0-D00129C4C1E7}
    Fichier supprimé: C:\Windows\system32\ConduitEngine.tmp
    Fichier supprimé: C:\Windows\system32\f3PSSavr.scr
    Fichier supprimé: C:\Users\Romain\AppData\Roaming\Mozilla\FireFox\Profiles\apdyd6m8.default\searchplugins\askcom.xml
    Dossier supprimé: C:\Users\Romain\AppData\Roaming\Mozilla\FireFox\Profiles\apdyd6m8.default\conduit
    Dossier supprimé: C:\Users\Romain\AppData\Roaming\Mozilla\FireFox\Profiles\apdyd6m8.default\ConduitEngine
    Dossier supprimé: C:\Users\Romain\AppData\Roaming\Mozilla\FireFox\Profiles\apdyd6m8.default\extensions\engine@conduit.com
    Fichier supprimé: C:\Users\Romain\AppData\Roaming\Mozilla\FireFox\Profiles\apdyd6m8.default\searchplugins\conduit.xml
    Dossier supprimé: C:\Users\Romain\AppData\Local\Conduit
    Dossier supprimé: C:\Users\Romain\AppData\LocalLow\Conduit
    Dossier supprimé: C:\Users\Romain\AppData\Local\ConduitEngine
    Dossier supprimé: C:\Users\Romain\AppData\LocalLow\FunWebProducts
    Dossier supprimé: C:\Program Files\FunWebProducts
    Dossier supprimé: C:\Users\Romain\AppData\LocalLow\MyWebSearch
    Dossier supprimé: C:\Program Files\MyWebSearch
    Dossier supprimé: C:\Users\Romain\AppData\Roaming\OpenCandy
    Dossier supprimé: C:\ProgramData\PopCap Games
    Dossier supprimé: C:\Program Files\PopCap Games
    Dossier supprimé: C:\Users\Romain\AppData\Roaming\PriceGong
    Dossier supprimé: C:\Users\Romain\AppData\LocalLow\PriceGong
    Dossier supprimé: C:\Program Files\ShoppingReport2
    Dossier supprimé: C:\Users\Romain\AppData\Roaming\EoRezo
    Dossier supprimé: C:\Users\Romain\AppData\Roaming\OfferBox
    Fichier supprimé: C:\Program Files\Windows Live\Messenger\Riched20.dll

    (!) -- Fichiers temporaires supprimés.


    -- Fichier ouvert: C:\Users\Romain\AppData\Roaming\Mozilla\FireFox\Profiles\apdyd6m8.default\Prefs.js --
    Ligne supprimée: user_pref("CT2463487.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT246...
    Ligne supprimée: user_pref("CT2844151.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT284...
    Ligne supprimée: user_pref("CommunityToolbar.CantToolbarBeEngineOwner", "CT2463487");
    Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1236201/1231874/FR", "\"0\"...
    Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/585702/581564/FR", "\"0\"")...
    Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/669150/665011/FR", "\"0\"")...
    Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/857155/852957/FR", "\"0\"")...
    Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/FR", "\"0\"")...
    Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2463487", ...
    Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo...
    Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo...
    Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc...
    Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc...
    Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo...
    Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo...
    Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local...
    Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local...
    Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\...
    Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63433363123173...
    Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2844151&octid=...
    Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2463487/CT2463487...
    Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634...
    Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=fr", "\"634...
    Ligne supprimée: user_pref("CommunityToolbar.EngineOwner", "CT2844151");
    Ligne supprimée: user_pref("CommunityToolbar.EngineOwnerGuid", "{8d0e4687-02fa-460f-a530-e999413b9fba}");
    Ligne supprimée: user_pref("CommunityToolbar.EngineOwnerToolbarId", "dpstream");
    Ligne supprimée: user_pref("CommunityToolbar.IsEngineShown", true);
    Ligne supprimée: user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
    Ligne supprimée: user_pref("CommunityToolbar.OriginalEngineOwner", "CT2844151");
    Ligne supprimée: user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{8d0e4687-02fa-460f-a530-e999413b9fba}");
    Ligne supprimée: user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "dpstream");
    Ligne supprimée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.conduit.com/ResultsExt.asp...
    Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList", "CT2844151,ConduitEngine,CT2463487");
    Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList2", "CT2844151,CT2463487");
    Ligne supprimée: user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Mon Mar 21 2011 20:26:42 GMT+01...
    Ligne supprimée: user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
    Ligne supprimée: user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Fri May 13 2011 19:03:10 GMT+0200");
    Ligne supprimée: user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
    Ligne supprimée: user_pref("CommunityToolbar.alert.locale", "en");
    Ligne supprimée: user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
    Ligne supprimée: user_pref("CommunityToolbar.alert.loginLastCheckTime", "Fri May 13 2011 19:16:42 GMT+0200");
    Ligne supprimée: user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1303303927");
    Ligne supprimée: user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
    Ligne supprimée: user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
    Ligne supprimée: user_pref("CommunityToolbar.alert.showTrayIcon", false);
    Ligne supprimée: user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
    Ligne supprimée: user_pref("CommunityToolbar.alert.userId", "d504efb1-fe07-4c96-87d5-a4e251c17c44");
    Ligne supprimée: user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
    Ligne supprimée: user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
    Ligne supprimée: user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2463487");
    Ligne supprimée: user_pref("ConduitEngine.FirstServerDate", "01/17/2011 21");
    Ligne supprimée: user_pref("ConduitEngine.FirstTime", true);
    Ligne supprimée: user_pref("ConduitEngine.FirstTimeFF3", true);
    Ligne supprimée: user_pref("ConduitEngine.HasUserGlobalKeys", true);
    Ligne supprimée: user_pref("ConduitEngine.Initialize", true);
    Ligne supprimée: user_pref("ConduitEngine.InitializeCommonPrefs", true);
    Ligne supprimée: user_pref("ConduitEngine.InstalledDate", "Mon Jan 17 2011 19:43:41 GMT+0100");
    Ligne supprimée: user_pref("ConduitEngine.IsMulticommunity", false);
    Ligne supprimée: user_pref("ConduitEngine.IsOpenThankYouPage", false);
    Ligne supprimée: user_pref("ConduitEngine.IsOpenUninstallPage", true);
    Ligne supprimée: user_pref("ConduitEngine.LanguagePackLastCheckTime", "Mon Jan 17 2011 19:42:52 GMT+0100");
    Ligne supprimée: user_pref("ConduitEngine.LastLogin_3.2.4.0", "Mon Jan 17 2011 19:43:24 GMT+0100");
    Ligne supprimée: user_pref("ConduitEngine.PublisherContainerWidth", 0);
    Ligne supprimée: user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
    Ligne supprimée: user_pref("ConduitEngine.SettingsLastCheckTime", "Mon Jan 17 2011 19:42:52 GMT+0100");
    Ligne supprimée: user_pref("ConduitEngine.UserID", "UN31759968384571223");
    Ligne supprimée: user_pref("ConduitEngine.engineLocale", "fr");
    Ligne supprimée: user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Mon Jan 17 2011 19:42:52 GMT+0100");
    Ligne supprimée: user_pref("ConduitEngine.initDone", true);
    Ligne supprimée: user_pref("browser.search.defaultengine", "Ask.com");
    Ligne supprimée: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2844151&Sea...
    Ligne supprimée: user_pref("browser.search.order.1", "Ask.com");
    Ligne supprimée: user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{20a82645-c095-...
    Ligne supprimée: user_pref("extensions.m3ffxtbr@mywebsearch.com.install-event-fired", true);
    Ligne supprimée: user_pref("extensions.toolbar@ask.com.install-event-fired", true);
    Ligne supprimée: user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2844151&q=");
    -- Fichier Fermé --


    Clé supprimée: HKLM\Software\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
    Clé supprimée: HKLM\Software\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
    Clé supprimée: HKLM\Software\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
    Clé supprimée: HKLM\Software\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
    Clé supprimée: HKLM\Software\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
    Clé supprimée: HKLM\Software\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
    Clé supprimée: HKLM\Software\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
    Clé supprimée: HKLM\Software\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
    Clé supprimée: HKLM\Software\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
    Clé supprimée: HKLM\Software\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
    Clé supprimée: HKLM\Software\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
    Clé supprimée: HKLM\Software\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
    Clé supprimée: HKLM\Software\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}
    Clé supprimée: HKLM\Software\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}
    Clé supprimée: HKLM\Software\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}
    Clé supprimée: HKLM\Software\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}
    Clé supprimée: HKLM\Software\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
    Clé supprimée: HKLM\Software\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
    Clé supprimée: HKLM\Software\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}
    Clé supprimée: HKLM\Software\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
    Clé supprimée: HKLM\Software\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
    Clé supprimée: HKLM\Software\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
    Clé supprimée: HKLM\Software\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
    Clé supprimée: HKLM\Software\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
    Clé supprimée: HKLM\Software\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
    Clé supprimée: HKLM\Software\Classes\Conduit.Engine
    Clé supprimée: HKLM\Software\Classes\Toolbar.CT2207610
    Clé supprimée: HKLM\Software\Classes\Toolbar.CT2542115
    Clé supprimée: HKLM\Software\Classes\Toolbar.CT2552113
    Clé supprimée: HKLM\Software\Conduit
    Clé supprimée: HKLM\Software\EoRezo
    Clé supprimée: HKLM\Software\FocusInteractive
    Clé supprimée: HKLM\Software\Fun Web Products
    Clé supprimée: HKLM\Software\MyWebSearch
    Clé supprimée: HKCU\Software\Conduit
    Clé supprimée: HKCU\Software\EoRezo
    Clé supprimée: HKCU\Software\MyWebSearch
    Clé supprimée: HKCU\Software\OfferBox
    Clé supprimée: HKCU\Software\PopCap
    Clé supprimée: HKCU\Software\PriceGong
    Clé supprimée: HKCU\Software\AppDataLow\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
    Clé supprimée: HKCU\Software\AppDataLow\AskBarDis
    Clé supprimée: HKCU\Software\AppDataLow\Software\Conduit
    Clé supprimée: HKCU\Software\AppDataLow\Software\Fun Web Products
    Clé supprimée: HKCU\Software\AppDataLow\Software\FunWebProducts
    Clé supprimée: HKCU\Software\AppDataLow\Software\MyWebSearch
    Clé supprimée: HKCU\Software\AppDataLow\Software\PriceGong
    Clé supprimée: HKLM\Software\Cheat Engine\OpenCandy
    Clé supprimée: HKLM\Software\mIRC\OpenCandy
    Clé supprimée: HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\My Web Search Bar Search Scope Monitor
    Clé supprimée: HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\MyWebSearch Email Plugin
    Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
    Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
    Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
    Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
    Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Ask Toolbar_is1
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyWebSearch bar Uninstall
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdate_is1
    Clé supprimée: HKCU\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
    Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
    Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
    Clé supprimée: HKLM\Software\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
    Clé supprimée: HKLM\Software\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin
    Clé supprimée: HKLM\Software\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin
    Clé supprimée: HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin

    Valeur supprimée: HKLM\Software\Microsoft\Windows Media\Wmsdk\Sources|F3PopularScreenSavers
    Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\post platform|FunWebProducts
    Valeur supprimée: HKLM\Software\Mozilla\Firefox\Extensions|m3ffxtbr@mywebsearch.com
    Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}


    ============== SCAN ADDITIONNEL ==============

    **** Mozilla Firefox Version [4.0.1 (fr)] ****

    Plugins\npBitCometAgent.dll (BitComet)
    Plugins\npijjiautoinstallpluginff.dll (NHN USA Inc.)
    Plugins\npijjiFFPlugin1.dll (NHN USA Inc.)
    Plugins\npPandoWebInst.dll (Pando Networks)
    Plugins\nppopcaploader.dll (PopCap Games)
    Plugins\npwachk.dll (Nullsoft, Inc.)
    HKLM_MozillaPlugins\@gamersfirst.com/LiveLauncher (x)
    HKLM_MozillaPlugins\@idsoftware.com/QuakeLive (x)
    HKLM_MozillaPlugins\@ngm.nexoneu.com/NxGame (x)
    HKLM_MozillaPlugins\@pandonetworks.com/PandoWebPlugin (x)
    HKLM_MozillaPlugins\@zylom.com/ZylomGamesPlayer (x)
    HKCU_MozillaPlugins\pandonetworks.com/PandoWebPlugin (x)
    Searchplugins\bing.xml ( hxxp://www.bing.com/search)
    Searchplugins\fcmdSrchddr.xml ( hxxp://start.facemoods.com/?a=ddr&f=4&q={searchTerms}/)
    Components\browsercomps.dll (Mozilla Foundation)
    Extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} (Skype extension )

    -- C:\Users\Romain\AppData\Roaming\Mozilla\FireFox\Profiles\apdyd6m8.default --
    Extensions\battlefieldheroespatcher@ea.com (Battlefield Heroes Updater)
    Extensions\bejeweledblitz3cheat@thecybershadow(57).net (CyberShadow's Bejeweled Blitz 3 Cheat)
    Extensions\bejeweledblitz3cheat@thecybershadow.net (CyberShadow's Bejeweled Blitz 3 Cheat)
    Extensions\eafo3fflauncher@ea.com (FIFA Online Web Launcher)
    Extensions\ffxtlbr@Facemoods.com (Facemoods)
    Extensions\kos@dontblynk.com (K.O.S. Web Launcher)
    Extensions\radiobar@toolbar (RadioBar Toolbar)
    Extensions\silvermelxt@pardal.de (Silvermel and Charamel XT)
    Extensions\TechnicianConsole@logmeinrescue.com (LogMeIn, Inc. Rescue Technician Console)
    Extensions\{7a88e876-d715-4503-a7bf-a8eba13ca3f9} (SocialPlus)
    Extensions\{8d0e4687-02fa-460f-a530-e999413b9fba} (DPStream Community Toolbar)
    Extensions\{b905bc9d-6059-4517-a6b4-950d26299a2b} (radiodofus Community Toolbar)
    Extensions\{e8de9422-3b2c-4243-bf6f-235da84d8ef8} (Brothersoft Community Toolbar)
    Prefs.js - browser.download.lastDir, C:\\Users\\Romain\\Downloads
    Prefs.js - browser.search.defaultenginename, Facemoods Search
    Prefs.js - browser.search.selectedEngine, Facemoods Search
    Prefs.js - browser.startup.homepage, hxxp://www.google.fr/
    Prefs.js - browser.startup.homepage_override.buildID, 20110413222027
    Prefs.js - browser.startup.homepage_override.mstone, rv:2.0.1

    ========================================

    **** Google Chrome Version [11.0.696.65] ****

    Extension\ihflimipbcaljfnojhhknppphnnciiif (C:\Program Files\facemoods.com\facemoods\1.4.17.5\facemoods.crx) (?)
    Extension\lifbcibllhkdhoafpjfnlhfpfgnpldfl (C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx) (?)

    -- C:\Users\Romain\AppData\Local\Google\Chrome\User Data\Default --
    Preferences - default_search_provider: "facemoods" (Activé: ) (hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4)
    Preferences - homepage: hxxp://start.facemoods.com/?a=ddr
    Preferences - homepage_is_newtabpage: false
    Plugin - BitCometAgent (Activé: true) (C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll)
    Plugin - Pando Web Installer (Activé: true) (C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll)
    Plugin - Windows Live Photo Gallery (Activé: true) (C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll)
    Plugin - QUAKE LIVE (Activé: true) (C:\ProgramData\id Software\QuakeLive\npquakezero.dll)
    Plugin - "My Web Search Plugin Stub" (Activé: true)
    Plugin - "Windows Live Photo Gallery" (Activé: true)
    Plugin - "DivX Player" (Activé: true)
    Plugin - "BitCometAgent" (Activé: true)
    Plugin - "Nexon Game Controller" (Activé: true)
    Plugin - "Pando Web Installer" (Activé: true)
    Plugin - "DNA Plug-in" (Activé: true)
    Plugin - "ijji Web Launching Plugin for FF" (Activé: true)
    Plugin - "ijji Auto Install Plugin for Mozilla" (Activé: true)
    Plugin - "PopCap Games Plugin" (Activé: true)
    Plugin - "QUAKE LIVE" (Activé: true)
    Plugin - "Winamp Application Detector" (Activé: true)
    Plugin - "Zylom Plugin" (Activé: true)

    ========================================

    **** Internet Explorer Version [9.0.8112.16421] ****

    HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
    HKCU_Main|Start Page - hxxp://fr.msn.com/
    HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
    HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
    HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Start Page - hxxp://fr.msn.com/
    HKCU_SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A} - "Facemoods Search" (hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4)
    HKCU_SearchScopes\{B7B664DF-3AF9-4C8E-8148-F42BB7831D27} - "Ask" (hxxp://www.ask.com/web?o=15710&l=dis&q={searchTerms})
    HKCU_Toolbar\WebBrowser|{A057A204-BACC-4D26-8287-79A187E26987} (x)
    HKCU_Toolbar\WebBrowser|{47833539-D0C5-4125-9FA8-0819E2EAAC93} (C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll)
    HKLM_Toolbar|{47833539-D0C5-4125-9FA8-0819E2EAAC93} (C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll)
    HKLM_Toolbar|{8E718888-423F-11D2-876E-00A0C9082467} (C:\Program Files\No1 Video Converter\msdxm.ocx)
    HKLM_Toolbar|{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} (C:\Program Files\facemoods.com\facemoods\1.4.17.5\facemoodsTlbr.dll)
    HKCU_ElevationPolicy\{0D83314F-C62E-4B07-9613-3F2F73EB640F} - C:\Program Files\Mumble\mumble.exe (Thorvald Natvig)
    HKCU_ElevationPolicy\{44C07905-FD75-498B-83DF-91447287B318} - C:\Program Files\BitTorrent\bittorrent.exe (x)
    HKLM_ElevationPolicy\23514e33-3da1-4080-a979-0d4ea3afce6f - C:\Program Files\Softonic_France_FF\Softonic_France_FFToolbarHelper.exe (x)
    HKLM_ElevationPolicy\748b6bb0-cacf-4fb1-b172-97a6f645dcbb - C:\Program Files\Setuprog\SetuprogToolbarHelper.exe (x)
    HKLM_ElevationPolicy\92a8ada5-6393-484c-bbc1-a9c29ddf0c25 - C:\Program Files\Setuprog\SetuprogToolbarHelper.exe (x)
    HKLM_ElevationPolicy\{05A3020F-486D-49C6-BFC3-595AD99C5EA6} - C:\Users\Romain\AppData\Local\Conduit\CT2552113\SetuprogAutoUpdaterHelper.exe (x)
    HKLM_ElevationPolicy\{09B74B5E-2912-48de-9167-D80158E2A379} - C:\Program Files\CA VMN Anti-Spyware\CA_VMN_antispyware.exe (x)
    HKLM_ElevationPolicy\{0C5365B7-358F-402d-A440-F1270AEF1175} - C:\ProgramData\EmailNotifier\EmailNotifier.exe (x)
    HKLM_ElevationPolicy\{3644F00E-747A-44aa-8DC3-139CCBEF5BFB} - C:\Program Files\Pando Networks\Media Booster\PMB.exe (?)
    HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
    HKLM_ElevationPolicy\{74351F14-5437-4d87-805B-04D409B09976} - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (x)
    HKLM_ElevationPolicy\{8E750B9A-1B01-431E-8FCE-4CEBD134E4CA} - C:\Program Files\Setuprog\SetuprogToolbarHelper1.exe (x)
    HKLM_ElevationPolicy\{a9870188-b7c0-4ddb-bdd2-04cf56f1c24c} - C:\Windows\Downloaded Program Files\RescueBroker.exe (LogMeIn, Inc.)
    HKLM_ElevationPolicy\{C9BDBBC1-2B4F-4669-BB5A-51C8D1770C1A} - C:\Windows\Downloaded Program Files\LMIGuardian.exe (LogMeIn, Inc.)
    HKLM_ElevationPolicy\{fdf4a77a-03e2-4bba-a389-08c96add3eee} - C:\Windows\Downloaded Program Files\LMIProxyHelper.exe (?)
    HKLM_ElevationPolicy\{FFDF9EF3-3C3A-4f05-9A6E-5D3B778EC567} - C:\Program Files\facemoods.com\facemoods\1.4.17.5\facemoodssrv.exe (facemoods.com)
    BHO\{02478D38-C3F9-4efb-9B51-7695ECA05670} (?)
    BHO\{64182481-4F71-486b-A045-B233BD0DA8FC} - "CescrtHlpr Object" (C:\Program Files\facemoods.com\facemoods\1.4.17.5\bh\facemoods.dll)
    BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)
    BHO\{f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5} (?)

    ========================================

    C:\Program Files\Ad-Remover\Quarantine: 316 Fichier(s)
    C:\Program Files\Ad-Remover\Backup: 17 Fichier(s)

    C:\Ad-Report-CLEAN[1].txt - 13/05/2011 22:02:47 (24041 Octet(s))
    C:\Ad-Report-SCAN[1].txt - 13/05/2011 19:31:13 (25153 Octet(s))

    Fin à: 22:04:07, 13/05/2011

    ============== E.O.F ==============
    a c 295 8 Sécurité
    a b 9 Windows
    13 Mai 2011 22:21:11

  • Relance Ad-Remover et choisis Désinstaller.

    Des changements ?
    13 Mai 2011 22:32:32

    Me revoilà, malheureusement non :/ . Pour informations, depuis que j'ai IE9 (Bien que je continu à utiliser Firefox) il m'arrive assez souvent (5-10m) que j'ai un message d'erreur qui apparait en disant que IE9 a cessé de fonctionné, mais j'ai cette deuxième erreur qui suit l'autre, et qui est aussi la même quand j'essaye de fermer le processus d'iexplore.exe:



    Un nouveau rapport HiJackThis:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 22:32:18, on 13/05/2011
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\SYSTEM32\taskeng.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
    C:\Program Files\RocketDock\RocketDock.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Mozilla Firefox\management\MFsurf1.exe
    C:\Program Files\Hercules\WiFi Station N\WiFiN.exe
    C:\Program Files\Mozilla Firefox\management\MFsurf2.exe
    C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
    C:\Program Files\Mozilla Firefox\management\firefox_download.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Users\Romain\Desktop\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.4.17.5\bh\facemoods.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O2 - BHO: (no name) - {f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5} - (no file)
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Program Files\No1 Video Converter\msdxm.ocx
    O3 - Toolbar: facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com\facemoods\1.4.17.5\facemoodsTlbr.dll
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
    O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
    O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
    O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
    O4 - HKCU\..\Run: [Google Update] "C:\Users\Romain\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
    O4 - Global Startup: firefox_reload.lnk = C:\Program Files\Mozilla Firefox\management\MFsurf1.exe
    O4 - Global Startup: WiFi Station N.lnk = C:\Program Files\Hercules\WiFi Station N\WiFiN.exe
    O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convertir au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O13 - Gopher Prefix:
    O16 - DPF: {254AA86E-5655-4518-AA87-185D7CC41801} (LogMeIn Rescue Technician Console) - https://secure.logmeinrescue.com/FR/TechConsole/x86/Res...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {C212D449-8B3C-41F2-BD9A-047BD770550F} (Perparer Class) - http://www.fiaa.eu/OPLauncher.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
    O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
    O23 - Service: HerculesWiFi - Guillemot Corporation - C:\Program Files\Hercules\WiFi Station N\HerculesWiFiService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
    O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
    O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
    O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
    O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
    O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

    --
    End of file - 9107 bytes
    13 Mai 2011 22:37:01

    Je te joins aussi un screen de mon GDT:

    a c 295 8 Sécurité
    a b 9 Windows
    13 Mai 2011 22:38:44

    Citation :
    C:\Program Files\Mozilla Firefox\management\MFsurf1.exe
    C:\Program Files\Mozilla Firefox\management\MFsurf2.exe
    C:\Program Files\Mozilla Firefox\management\firefox_download.exe

    --> Je ne sais pas ce que c'est. Tu as installé quelque chose par rapport à Firefox ?
    13 Mai 2011 22:51:45

    Eh bien pas spécialement non, mais je n'ai aucuns souvenirs d'avoir installer ceci.
    a c 295 8 Sécurité
    a b 9 Windows
    13 Mai 2011 23:14:10

  • Fais une analyse de ces trois fichiers sur VirusTotal et poste les liens des analyses :
    http://www.virustotal.com/
    13 Mai 2011 23:35:09

    firefox_download.exe :

    a c 295 8 Sécurité
    a b 9 Windows
    13 Mai 2011 23:49:06

    Bizarre quand même.

  • Télécharge OTL (par OldTimer) sur ton Bureau.
  • Double-clique sur OTL pour le lancer.
    (Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
  • Une fenêtre apparaît. Dans la section Rapport en haut de cette fenêtre, coche Rapport minimal.
  • Coche également les cases à côté de Recherche Lop et Recherche Purity.
  • Enfin, clique sur le bouton Analyse. Le scan ne prend pas beaucoup de temps.
  • Une fois l'analyse terminée, deux fenêtres Bloc-notes vont s'ouvrir : OTL.txt et Extras.txt. Ils se trouvent au même endroit qu'OTL.

    Pour me transmettre les rapports :
  • Clique sur ce lien : http://www.cijoint.fr/
  • Clique sur Parcourir... et cherche le fichier du rapport que tu souhaites me transmettre.
  • Clique sur Ouvrir.
  • Clique sur Cliquez ici pour déposer le fichier.
  • Un lien de cette forme, hxxp://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt, est ajouté dans la page.
  • Copie-colle ce lien dans ta réponse.
    a c 295 8 Sécurité
    a b 9 Windows
    14 Mai 2011 01:28:51

  • Double-clique sur OTL pour le lancer.
    (Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
  • Sous l'onglet Personnalisation en bas de la fenêtre, copie-colle le texte suivant (entre les deux espaces) :

    :OTL
    [2010/02/16 20:35:59 | 000,155,648 | ---- | M] (PopCap Games) -- C:\Program Files\Mozilla Firefox\plugins\nppopcaploader.dll
    O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
    [2005/04/15 23:42:22 | 000,081,055 | -H-- | C] () -- C:\Users\Romain\AppData\Roaming\logs.dat
    [2010/02/25 16:21:08 | 000,000,000 | ---D | M] -- C:\Users\Romain\AppData\Roaming\Cerberus

    :files
    C:\Program Files\Mozilla Firefox\management

    :commands
    [emptytemp]

  • Puis clique sur le bouton Correction en haut de la fenêtre.
  • Laisse le programme travailler, redémarre une fois le fix terminé.
  • Poste le rapport qui s'affichera après redémarrage.
    15 Mai 2011 15:25:46

    Voilà le rapport:

    All processes killed
    ========== OTL ==========
    C:\Program Files\Mozilla Firefox\plugins\nppopcaploader.dll moved successfully.
    Starting removal of ActiveX control {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\ not found.
    C:\Users\Romain\AppData\Roaming\logs.dat moved successfully.
    C:\Users\Romain\AppData\Roaming\Cerberus folder moved successfully.
    ========== FILES ==========
    Folder move failed. C:\Program Files\Mozilla Firefox\management scheduled to be moved on reboot.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes
    ->Flash cache emptied: 56587 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Public

    User: Romain
    ->Temp folder emptied: 200825899 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Java cache emptied: 84048536 bytes
    ->FireFox cache emptied: 241662994 bytes
    ->Google Chrome cache emptied: 819568 bytes
    ->Apple Safari cache emptied: 0 bytes
    ->Opera cache emptied: 4617013 bytes
    ->Flash cache emptied: 79016 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 597780428 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 7525595 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
    RecycleBin emptied: 376 bytes

    Total Files Cleaned = 1 085,00 mb


    OTL by OldTimer - Version 3.2.22.3 log created on 05152011_145154

    Files\Folders moved on Reboot...
    C:\Program Files\Mozilla Firefox\management folder moved successfully.

    Registry entries deleted on Reboot...

    ----------------------------------------------
    J'ai également eu une erreur, concernant firefox_dowload me semble-t-il. Une erreur de ligne ou je ne sais quoi. iexplore.exe toujours présent.
    a c 295 8 Sécurité
    a b 9 Windows
    15 Mai 2011 18:26:04

    Au démarrage ?
    15 Mai 2011 19:03:09

    Non, quand OTL tournait.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS