Se connecter / S'enregistrer
Votre question

Publicite intempestives(resolu)

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
21 Mars 2010 22:33:21

bonjour a tous
Lorsque j'ouvre une page sous Firefox, il y en a d'autre qui s'ouvre en arrière.Il y en a même une qui s'ouvre sans que je demande,merci d'avance pour votre aide

Autres pages sur : publicite intempestives resolu

21 Mars 2010 22:42:32

Bonsoir :) 

1
Télécharge DDS et sauvegarde-le sur ton bureau.
  • Désactive tout script bloquant, tel q'un antivirus, un logiciel comme ad-block, noscript etc.
  • Double-clique sur dds.scr pour lancer l'outil.
  • Une fois le scan fini, un document texte, DDS.txt, va s'ouvrir .
  • Clique Oui à la prochaine invite Optional Scan.
  • Sauvegarde les deux rapports sur ton bureau et poste-moi uniquement le DDS.txt.
    2
  • Télécharge Catchme ([#ff0000]Gmer[/#f]) sur ton Bureau.
  • Double clique sur catchme.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Lorsque la recherche sera terminée, poste le rapport catchme.log dans ta prochaine réponse. (Ce rapport est sur ton bureau.)

    21 Mars 2010 23:15:55

    merci de me repondre si vite,j'espere que c'est ca

    DDS (Ver_10-03-17.01) - NTFSX64
    Run by emmanuel at 22:59:18,18 on 21/03/2010
    Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_17
    Microsoft Windows 7 Édition Intégrale 6.1.7600.0.1252.33.1036.18.3071.1495 [GMT 1:00]


    ============== Running Processes ===============

    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\svchost.exe -k apphost
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
    C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
    c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    C:\Windows\system32\rundll32.exe
    C:\Windows\SysWOW64\rundll32.exe
    C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
    C:\Program Files (x86)\Google\Update\1.2.183.23\GoogleCrashHandler.exe
    C:\Program Files (x86)\McAfee\MSK\MskSrver.exe
    C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
    C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
    C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
    C:\Program Files (x86)\TeamViewer\Version4\TeamViewer_Service.exe
    C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
    C:\Program Files (x86)\RapidSolution\Tunebite 7\VCDWriter\64\VCDAudioService.exe
    C:\Windows\system32\svchost.exe -k iissvcs
    C:\Program Files (x86)\TeamViewer\Version4\TeamViewer.exe
    C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\WUDFHost.exe
    c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\taskhost.exe
    c:\PROGRA~2\mcafee.com\agent\mcagent.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Windows\Ldegub.exe
    C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\uTorrent\uTorrent.exe
    C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe
    C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe
    C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
    C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    C:\Windows\SysWOW64\ctfmon.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\System32\svchost.exe -k swprv
    C:\Users\emmanuel\AppData\Local\Temp\Lld.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Users\emmanuel\Desktop\dds.scr
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://home.sweetim.com
    mStart Page = hxxp://home.sweetim.com
    mLocal Page = c:\windows\syswow64\blank.htm
    uInternet Settings,ProxyOverride = local
    mSearchAssistant = hxxp://www.ask.com/web?q={searchTerms}&o=14482&l=dis
    uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
    uURLSearchHooks: Radio Bar 1 Toolbar: {0fc85f5d-6207-4515-a490-45a549d285c0} - c:\program files (x86)\radio_bar_1\tbRadi.dll
    uURLSearchHooks: SweetIM ToolbarURLSearchHook Class: {eee6c35d-6118-11dc-9c72-001320c79847} - c:\program files (x86)\sweetim\toolbars\internet explorer\mgHelper.dll
    mURLSearchHooks: Radio Bar 1 Toolbar: {0fc85f5d-6207-4515-a490-45a549d285c0} - c:\program files (x86)\radio_bar_1\tbRadi.dll
    mWinlogon: Userinit=userinit.exe
    BHO: Google Plus: {01677b4b-0610-4814-94a0-5f570dd7a88f} - c:\progra~2\google~1\17GOOG~1.DLL
    BHO: Radio Bar 1 Toolbar: {0fc85f5d-6207-4515-a490-45a549d285c0} - c:\program files (x86)\radio_bar_1\tbRadi.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Automated Content Enhancer: {1d74e9dd-8987-448b-b2cb-67fff2b8a932} - c:\program files (x86)\automated content enhancer\4.2.0.5360\ACEIEAddOn.dll
    BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~2\mcafee\msk\mskapbho.dll
    BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files (x86)\real\realplayer\rpbrowserrecordplugin.dll
    BHO: Customized Platform Advancer: {42c7c39f-3128-4a17-bdb7-91c46032b5b9} - c:\program files (x86)\customized platform advancer\4.2.0.2050\CPAIEAddOn.dll
    BHO: D: {5e20e48b-9d4b-3287-92b7-5a8e31a7a848} - c:\windows\syswow64\jh86383.dll
    BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files (x86)\mcafee\virusscan\scriptsn.dll
    BHO: Programme d'aide de l'Assistant de connexion Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files (x86)\google\googletoolbarnotifier\5.5.4723.1820\swg.dll
    BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
    BHO: Content Management Wizard: {b72681c0-a222-4b21-a0e2-53a5a5ca3d41} - c:\program files (x86)\content management wizard\1.2.0.2080\CMWIE.dll
    BHO: Textual Content Provider: {cac89ff9-34a9-4431-8cfe-292a47f843bc} - c:\program files (x86)\textual content provider\1.2.0.2040\TCPIE.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll
    BHO: Web Search Operator: {eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} - c:\program files (x86)\web search operator\4.2.0.2150\wso.dll
    BHO: SweetIM Toolbar Helper: {eee6c35c-6118-11dc-9c72-001320c79847} - c:\program files (x86)\sweetim\toolbars\internet explorer\mgToolbarIE.dll
    TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
    TB: Radio Bar 1 Toolbar: {0fc85f5d-6207-4515-a490-45a549d285c0} - c:\program files (x86)\radio_bar_1\tbRadi.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll
    TB: SweetIM Toolbar for Internet Explorer: {eee6c35b-6118-11dc-9c72-001320c79847} - c:\program files (x86)\sweetim\toolbars\internet explorer\mgToolbarIE.dll
    TB: {D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2} - No File
    uRun: [<NO NAME>]
    uRun: [DAEMON Tools Lite] "c:\program files (x86)\daemon tools lite\DTLite.exe" -autorun
    uRun: [swg] "c:\program files (x86)\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
    uRun: [uTorrent] "c:\program files (x86)\utorrent\uTorrent.exe"
    uRun: [Canaveral] rundll32.exe c:\windows\system32\sshnas21.dll,BackupReadW
    uRun: [YVIBBBHA8C] c:\users\emmanuel\appdata\local\temp\Lld.exe
    mRun: [mcagent_exe] "c:\program files (x86)\mcafee.com\agent\mcagent.exe" /runkey
    mRun: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] c:\program files (x86)\google\gmail notifier\gnotify.exe
    mRun: [QuickTime Task] "c:\program files (x86)\quicktime\QTTask.exe" -atboottime
    mRun: [Google Quick Search Box] "c:\program files (x86)\google\quick search box\GoogleQuickSearchBox.exe" /autorun
    mRun: [JMB36X IDE Setup] c:\windows\raidtool\xInsIDE.exe
    mRun: [SweetIM] c:\program files (x86)\sweetim\messenger\SweetIM.exe
    mRun: [DivXUpdate] "c:\program files (x86)\divx\divx update\DivXUpdate.exe" /CHECKNOW
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: Google Sidewiki... - c:\program files (x86)\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
    IE: ????3?? - c:\users\emmanuel\appdata\roaming\flashgetbho\GetUrl.htm
    IE: ????3?????? - c:\users\emmanuel\appdata\roaming\flashgetbho\GetAllUrl.htm
    IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
    Trusted Zone: kuaiche.com\software
    DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} - hxxp://www.vexcast.com/download/vexcast.cab
    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~2\mcafee\sitead~1\McIEPlg.dll
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~2\mcafee\sitead~1\McIEPlg.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~2\common~1\skype\SKYPE4~1.DLL
    mASetup: {9C450606-ED24-4958-92BA-B8940C99D441} - c:\program files (x86)\pixiepack codec pack\InstallerHelper.exe
    IFEO: ctfmon.exe - c:\windows\system32\ctfmon_jv.exe
    {27B4851A-3207-45A2-B947-BE8AFE6163AB}
    {7DB2D5A0-7241-4E79-B68D-6309F01C5231}
    {AA58ED58-01DD-4d91-8333-CF10577473F7}
    {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
    {B164E929-A1B6-4A06-B104-2CD0E90A88FF}
    {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}
    {2318C2B1-4965-11d4-9B18-009027A5CD4F}
    TB-X64: {D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2} - No File
    TB-X64: {0FC85F5D-6207-4515-A490-45A549D285C0} - No File
    TB-X64: {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
    IFEO-X64: ctfmon.exe - c:\windows\system32\ctfmon_jv.exe

    ================= FIREFOX ===================

    FF - ProfilePath - c:\users\emmanuel\appdata\roaming\mozilla\firefox\profiles\q4nxgn9j.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q=
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - prefs.js: browser.startup.homepage - hxxp://www.theprizeday.com/today.php|google.fr
    FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q=
    FF - component: c:\program files (x86)\automated content enhancer\4.2.0.5360\ff\components\ACEFFAddOn.dll
    FF - component: c:\program files (x86)\customized platform advancer\4.2.0.2050\ff\components\CPAFFAddOn.dll
    FF - component: c:\program files (x86)\mcafee\siteadvisor\components\McFFPlg.dll
    FF - component: c:\program files (x86)\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
    FF - component: c:\program files (x86)\web search operator\4.2.0.2150\ff\components\WSOFFAddOn.dll
    FF - component: c:\users\emmanuel\appdata\roaming\mozilla\firefox\profiles\q4nxgn9j.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
    FF - component: c:\users\emmanuel\appdata\roaming\mozilla\firefox\profiles\q4nxgn9j.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
    FF - plugin: c:\program files (x86)\divx\divx plus web player\npdivx32.dll
    FF - plugin: c:\program files (x86)\google\google earth\plugin\npgeplugin.dll
    FF - plugin: c:\program files (x86)\google\google updater\2.4.1851.5542\npCIDetect14.dll
    FF - plugin: c:\program files (x86)\google\picasa3\npPicasa3.dll
    FF - plugin: c:\program files (x86)\google\update\1.2.183.23\npGoogleOneClick8.dll
    FF - plugin: c:\users\emmanuel\appdata\roaming\mozilla\firefox\profiles\q4nxgn9j.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
    FF - plugin: c:\users\emmanuel\appdata\roaming\mozilla\firefox\profiles\q4nxgn9j.default\extensions\{e2883e8f-472f-4fb0-9522-ac9bf37916a7}\plugins\np_gp.dll
    FF - plugin: c:\users\emmanuel\appdata\roaming\mozilla\firefox\profiles\q4nxgn9j.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

    ---- FIREFOX POLICIES ----
    FF - user.js: network.http.max-persistent-connections-per-server - 4
    FF - user.js: nglayout.initialpaint.delay - 600
    FF - user.js: content.notify.interval - 600000
    FF - user.js: content.max.tokenizing.time - 1800000
    FF - user.js: content.switch.threshold - 600000
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
    c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

    ============= SERVICES / DRIVERS ===============

    R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-12-19 308296]
    R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 59904]
    R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/01/01 01:45:01];c:\program files (x86)\cyberlink\powerdvd9\000.fcl [2009-5-7 146928]
    R2 LVPrcS64;Process Monitor;c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe [2009-10-7 191000]
    R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files (x86)\mcafee\siteadvisor\mcsacore.exe [2009-12-23 110312]
    R2 McProxy;McAfee Proxy Service;c:\progra~2\common~1\mcafee\mcproxy\mcproxy.exe [2009-12-19 359952]
    R2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe [2009-12-19 155456]
    R2 TeamViewer4;TeamViewer 4;c:\program files (x86)\teamviewer\version4\TeamViewer_Service.exe [2009-10-7 185640]
    R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\tuneup utilities 2010\TuneUpUtilitiesService64.exe [2009-12-17 1394504]
    R2 Virtual CDAudio Service;Virtual CDAudio Service;c:\program files (x86)\rapidsolution\tunebite 7\vcdwriter\64\VCDAudioService.exe [2009-12-10 148848]
    R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l160x64.sys [2009-10-13 61440]
    R3 lvpepf64;Volume Adapter;c:\windows\system32\drivers\lv302a64.sys [2009-12-20 15896]
    R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\drivers\LVPr2M64.sys [2009-10-7 30232]
    R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\drivers\lvrs64.sys [2009-12-20 327576]
    R3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys [2008-7-26 50072]
    R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2009-12-19 102472]
    R3 Ph3xIB64;Philips 713x Inbox PCI TV Card;c:\windows\system32\drivers\Ph3xIB64.sys [2009-6-10 1627520]
    R3 RRNetCapMP;RRNetCapMP;c:\windows\system32\drivers\rrnetcap.sys [2009-12-10 31264]
    R3 rsvcdwdr;rsvcdwdr;c:\windows\system32\drivers\rsvcdwdr.sys [2009-12-10 29216]
    R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\tuneup utilities 2010\TuneUpUtilitiesDriver64.sys [2009-10-14 11856]
    S2 gupdate;Service Google Update (gupdate);c:\program files (x86)\google\update\GoogleUpdate.exe [2009-12-19 133104]
    S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-12-19 40904]
    S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-12-19 49480]
    S3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys [2009-10-6 25088]
    S3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys [2009-10-6 18944]
    S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2009-12-24 31800]
    S3 RRNetCap;RRNetCap Service;c:\windows\system32\drivers\rrnetcap.sys [2009-12-10 31264]
    S4 McSysmon;McAfee SystemGuards;c:\progra~2\mcafee\viruss~1\mcsysmon.exe [2009-12-19 606736]

    =============== Created Last 30 ================

    2010-03-21 09:17:04 160768 ----a-w- c:\windows\Ldegub.exe
    2010-03-20 22:27:06 160768 ----a-w- c:\windows\Ldegua.exe
    2010-03-20 22:27:00 193536 ----a-w- c:\windows\syswow64\sshnas21.dll
    2010-03-20 22:02:39 0 d-----w- c:\programdata\DivX
    2010-03-19 18:31:17 0 d-----w- c:\program files (x86)\Zattoo4
    2010-03-16 19:44:44 0 d-----w- c:\programdata\SweetIM
    2010-03-16 19:44:44 0 d-----w- c:\program files (x86)\SweetIM
    2010-03-14 15:30:51 0 d-----w- c:\users\emmanuel\appdata\roaming\QuickScan
    2010-03-13 21:21:06 315904 ----a-w- c:\windows\syswow64\Difx6382.rra
    2010-03-08 17:59:18 94208 ----a-w- c:\windows\syswow64\dpl100.dll
    2010-03-08 16:56:43 0 d-----w- c:\program files (x86)\Conduit
    2010-03-08 16:56:42 0 d-----w- c:\program files (x86)\Radio_Bar_1
    2010-03-02 18:16:04 353592 ----a-w- c:\windows\syswow64\DivXControlPanelApplet.cpl

    ==================== Find3M ====================

    2010-03-21 17:11:49 798232 ----a-w- c:\windows\system32\perfh00C.dat
    2010-03-21 17:11:49 168096 ----a-w- c:\windows\system32\perfc00C.dat
    2010-02-23 21:34:06 53248 ----a-w- c:\windows\syswow64\CSVer.dll
    2010-02-19 19:27:36 720384 ----a-w- c:\windows\syswow64\DivX.dll
    2010-02-19 19:27:16 856064 ----a-w- c:\windows\syswow64\divx_xx0c.dll
    2010-02-19 19:27:16 856064 ----a-w- c:\windows\syswow64\divx_xx07.dll
    2010-02-19 19:27:16 847872 ----a-w- c:\windows\syswow64\divx_xx0a.dll
    2010-02-19 19:27:16 843776 ----a-w- c:\windows\syswow64\divx_xx16.dll
    2010-02-19 19:27:16 839680 ----a-w- c:\windows\syswow64\divx_xx11.dll
    2010-02-02 08:36:47 2048 ----a-w- c:\windows\system32\tzres.dll
    2010-02-02 07:45:54 2048 ----a-w- c:\windows\syswow64\tzres.dll
    2010-01-30 22:27:42 2183680 ----a-w- c:\windows\syswow64\libvlccore.dll
    2010-01-30 22:27:42 114176 ----a-w- c:\windows\syswow64\libvlc.dll
    2010-01-27 15:58:38 115312 ----a-w- c:\windows\system32\drivers\jraid.sys
    2010-01-19 09:28:44 1976944 ----a-w- c:\windows\syswow64\xRaidSetup.exe
    2010-01-19 09:28:22 158320 ----a-w- c:\windows\syswow64\xRaidAPI.dll
    2010-01-19 09:05:57 424960 ----a-w- c:\windows\system32\secproc.dll
    2010-01-19 09:05:57 422912 ----a-w- c:\windows\system32\secproc_isv.dll
    2010-01-19 09:05:57 121856 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
    2010-01-19 09:05:57 121856 ----a-w- c:\windows\system32\secproc_ssp.dll
    2010-01-19 09:00:44 305152 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
    2010-01-19 09:00:43 357888 ----a-w- c:\windows\system32\RMActivate_isv.exe
    2010-01-19 09:00:37 356352 ----a-w- c:\windows\system32\RMActivate.exe
    2010-01-19 09:00:37 306688 ----a-w- c:\windows\system32\RMActivate_ssp.exe
    2010-01-18 23:29:31 85504 ----a-w- c:\windows\syswow64\secproc_ssp_isv.dll
    2010-01-18 23:29:31 85504 ----a-w- c:\windows\syswow64\secproc_ssp.dll
    2010-01-18 23:29:31 365568 ----a-w- c:\windows\syswow64\secproc_isv.dll
    2010-01-18 23:29:30 369152 ----a-w- c:\windows\syswow64\secproc.dll
    2010-01-18 23:28:33 324608 ----a-w- c:\windows\syswow64\RMActivate_isv.exe
    2010-01-18 23:28:33 277504 ----a-w- c:\windows\syswow64\RMActivate_ssp_isv.exe
    2010-01-18 23:28:30 320512 ----a-w- c:\windows\syswow64\RMActivate.exe
    2010-01-18 23:28:30 280064 ----a-w- c:\windows\syswow64\RMActivate_ssp.exe
    2010-01-11 22:19:00 159336 ----a-w- c:\windows\system32\nvvsvc.exe
    2010-01-11 22:19:00 14822504 ----a-w- c:\windows\system32\nvcpl.dll
    2010-01-11 22:19:00 116328 ----a-w- c:\windows\system32\nvmctray.dll
    2010-01-11 22:19:00 1037416 ----a-w- c:\windows\system32\nvsvc64.dll
    2010-01-11 07:12:38 381440 ----a-w- c:\windows\syswow64\iedkcs32.dll
    2009-12-22 08:36:19 243200 ----a-w- c:\windows\system32\wow64.dll
    2009-12-22 08:24:35 14336 ----a-w- c:\windows\syswow64\ntvdm64.dll
    2009-12-22 08:23:35 25600 ----a-w- c:\windows\syswow64\setup16.exe
    2009-12-22 08:22:10 5120 ----a-w- c:\windows\syswow64\wow32.dll
    2009-12-22 04:28:10 7680 ----a-w- c:\windows\syswow64\instnm.exe
    2009-12-22 04:28:08 2048 ----a-w- c:\windows\syswow64\user.exe
    2009-07-14 15:24:01 38160 ----a-w- c:\windows\inf\perflib\040c\perfd.dat
    2009-07-14 15:24:01 38160 ----a-w- c:\windows\inf\perflib\040c\perfc.dat
    2009-07-14 15:24:01 344522 ----a-w- c:\windows\inf\perflib\040c\perfi.dat
    2009-07-14 15:24:01 344522 ----a-w- c:\windows\inf\perflib\040c\perfh.dat
    2009-07-14 04:54:24 174 --sha-w- c:\program files\desktop.ini
    2009-07-14 04:54:24 174 --sha-w- c:\program files (x86)\desktop.ini
    2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
    2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
    2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
    2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
    2009-06-10 20:44:08 9633792 --sha-r- c:\windows\fonts\StaticCache.dat
    2009-07-14 01:39:53 398848 --sha-w- c:\windows\winsxs\amd64_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_4d4d1f2f696639a2\WinMail.exe
    2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

    ============= FINISH: 22:59:34,29 ===============
    Contenus similaires
    21 Mars 2010 23:25:31

    bonsoir
    j'ai oublie celui ci
    detected NTDLL code modification:
    ZwEnumerateKey 0 != 47, ZwQueryKey 0 != 19, ZwOpenKey 0 != 15, ZwClose 0 != 12, ZwEnumerateValueKey 0 != 16, ZwQueryValueKey 0 != 20, ZwOpenFile 0 != 48, ZwQueryDirectoryFile 0 != 50, ZwQuerySystemInformation 0 != 51Initialization error

    22 Mars 2010 20:15:19

    re


  • Télécharge Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau.


    /!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\

  • Double-clique sur AD-R situé sur ton Bureau pour le lancer.
    (Sous Vista, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
  • Choisis la langue F pour français.
  • Au menu principal, choisis l'option Scanner.

    /!\ Laisse travailler l'outil /!\

  • Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).
    /!\ Pense à réactiver ton antivirus /!\
    22 Mars 2010 20:34:20

    bonsoir sham
    voila le rapport du scan
    .
    ======= RAPPORT D'AD-REMOVER 2.0.0.0,B | UNIQUEMENT XP/VISTA/7 =======
    .
    Mis à jour par C_XX le 22/03/10 à 19:30
    Contact: AdRemover.contact@gmail.com
    Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
    .
    Lancé à: 20:27:06 le 22/03/2010 | Mode normal | Option: SCAN
    Exécuté de: C:\Ad-Remover\ADR.exe
    SE: Microsoft® Windows 7™ Ultimate - X64
    Nom du PC: EMMANUEL-PC | Utilisateur actuel: emmanuel (Administrateur)
    .
    ============== ÉLÉMENT(S) TROUVÉ(S) ==============
    .
    .
    C:\Program Files (x86)\Automated Content Enhancer
    C:\Program Files (x86)\BrowserZinc
    C:\Program Files (x86)\Content Management Wizard
    C:\Program Files (x86)\Customized Platform Advancer
    C:\Program Files (x86)\Internet Today
    C:\Program Files (x86)\SweetIM
    C:\Program Files (x86)\Textual Content Provider
    C:\Program Files (x86)\Web Search Operator
    C:\ProgramData\SweetIM
    C:\Users\emmanuel\AppData\Local\Customized Platform Advancer
    C:\Users\emmanuel\AppData\Local\Internet Today
    C:\Users\emmanuel\AppData\LocalLow\Automated Content Enhancer
    C:\Users\emmanuel\AppData\LocalLow\SweetIM
    C:\Users\emmanuel\AppData\LocalLow\Textual Content Provider
    C:\Users\emmanuel\AppData\LocalLow\Web Search Operator
    C:\Users\emmanuel\AppData\Roaming\DesktopIcon
    C:\Users\emmanuel\AppData\Roaming\Mozilla\FireFox\Profiles\q4nxgn9j.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
    C:\Users\emmanuel\AppData\Roaming\Mozilla\FireFox\Profiles\q4nxgn9j.default\searchplugins\sweetim.xml
    C:\Users\emmanuel\AppData\Roaming\Mozilla\FireFox\Profiles\q4nxgn9j.default\SweetIMToolbarData
    .
    HKCU\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
    HKCU\Software\32 Vegas Casino
    HKCU\Software\AppDataLow\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
    HKCU\Software\AppDataLow\Software\Automated Content Enhancer
    HKCU\Software\AppDataLow\Software\CMW
    HKCU\Software\AppDataLow\Software\Customized Platform Advancer
    HKCU\Software\AppDataLow\Software\Media Access Startup
    HKCU\Software\AppDataLow\Software\Web Search Operator
    HKCU\Software\Automated Content Enhancer
    HKCU\Software\Customized Platform Advancer
    HKCU\Software\Microsoft\Explorer\Bars\{B72681C0-A222-4b21-A0E2-53A5A5CA3D411}
    HKCU\Software\Microsoft\Explorer\Bars\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
    HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
    HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1D74E9DD-8987-448B-B2CB-67FFF2B8A932}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{42C7C39F-3128-4A17-BDB7-91C46032B5B9}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B72681C0-A222-4B21-A0E2-53A5A5CA3D41}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EB4A577D-BCAD-4B1C-8AF2-9A74B8DD3431}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D74E9DD-8987-448B-B2CB-67FFF2B8A932}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{42C7C39F-3128-4A17-BDB7-91C46032B5B9}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B72681C0-A222-4B21-A0E2-53A5A5CA3D41}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB4A577D-BCAD-4B1C-8AF2-9A74B8DD3431}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
    HKCU\Software\SweetIM
    HKLM64\Software\Classes\ExplorerBar.CMW
    HKLM64\Software\Classes\ExplorerBar.CMW.1
    HKLM64\Software\Classes\ExplorerBar.FunExplorer
    HKLM64\Software\Classes\ExplorerBar.FunExplorer.1
    HKLM64\Software\Classes\ExplorerBar.FunRedirector
    HKLM64\Software\Classes\ExplorerBar.FunRedirector.1
    HKLM64\Software\Classes\ExplorerBar.tcp
    HKLM64\Software\Classes\ExplorerBar.tcp.1
    HKLM64\Software\Classes\Interface\{1081D532-7DE4-40BD-B912-388FA6B27C78}
    HKLM64\Software\Classes\Interface\{480098C6-F6AD-4C61-9B5C-2BAE228A34D1}
    HKLM64\Software\Classes\Interface\{6160F76A-1992-4B17-A32D-0C706D159105}
    HKLM64\Software\Classes\Interface\{629CD6C2-E4C5-4554-AEB8-12E4E2CD40FF}
    HKLM64\Software\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
    HKLM64\Software\Classes\Interface\{877F3EAB-4462-44DF-8475-6064EAFD7FBF}
    HKLM64\Software\Classes\MediaPlayer.GraphicsUtils
    HKLM64\Software\Classes\MediaPlayer.GraphicsUtils.1
    HKLM64\Software\Classes\MgMediaPlayer.GifAnimator
    HKLM64\Software\Classes\MgMediaPlayer.GifAnimator.1
    HKLM64\Software\Classes\SWEETIE.IEToolbar
    HKLM64\Software\Classes\SWEETIE.IEToolbar.1
    HKLM64\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook
    HKLM64\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1
    HKLM64\Software\Classes\Toolbar3.SWEETIE
    HKLM64\Software\Classes\Toolbar3.SWEETIE.1
    HKLM64\Software\Classes\TypeLib\{2A743834-05F4-4ED4-8A1C-41332B10AC0C}
    HKLM64\Software\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
    HKLM64\Software\Classes\TypeLib\{565DD573-549E-4DA9-8CD7-6AE3DF25339A}
    HKLM64\Software\Classes\TypeLib\{883DFC00-8A21-411D-956C-73A4E4B7D16F}
    HKLM64\Software\Classes\TypeLib\{AC5AB953-ED25-4F9C-87F0-B086B0178FFA}
    HKLM64\Software\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
    HKLM64\Software\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
    HKLM64\Software\Classes\TypeLib\{F5B8C69C-9B45-4A6A-9380-DF225C546AE7}
    HKLM64\Software\Microsoft\Shared Tools\MSConfig\startupreg\Internet Today Task
    HKLM64\Software\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2}
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{EEE6C35B-6118-11DC-9C72-001320C79847}
    HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{EEE6C35D-6118-11DC-9C72-001320C79847}
    .
    ============== SCAN ADDITIONNEL ==============
    .
    * Mozilla FireFox Version Impossible d'obtenir la version *
    .
    C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - browser.search.defaultenginename: SweetIM Search
    C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - browser.search.defaulturl: hxxp://search.sweetim.com/search.asp?src=2&q=
    C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - browser.search.selectedEngine: Google
    C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - browser.startup.homepage: hxxp://www.theprizeday.com/today.php|google.fr
    C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - browser.startup.homepage_override.mstone: rv:1.9.2
    C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - keyword.URL: hxxp://search.sweetim.com/search.asp?src=2&q=
    C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - sweetim.toolbar.previous.browser.search.defaultenginename: Google
    C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - sweetim.toolbar.previous.browser.startup.homepage: hxxp://www.theprizeday.com/today.php|google.fr
    C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - sweetim.toolbar.previous.keyword.URL: chrome://browser-region/locale/region.properties
    .
    TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("browser.search.defaultenginename", "SweetIM Search");
    TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("browser.search.defaulturl", "hxxp://search.sweetim.com/search.asp?src=2&q=");
    TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("keyword.URL", "hxxp://search.sweetim.com/search.asp?src=2&q=");
    TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
    TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
    TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
    TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
    TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
    TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.mode.debug", "false");
    TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "Google");
    TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://www.theprizeday.com/today.php|google.fr");
    TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.previous.keyword.URL", "chrome://browser-region/locale/region.properties");
    TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.yahoo.com/*\" param=\"p=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.sweetim.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://*.live.*/*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://*youtube.com/\" param=\"search_query=\" /><EXTERNAL_SEARCH engine=\"hxxp://*.ebay.*/search/*\" param=\"satitle=\" /><EXTERNAL_SEARCH engine=\"hxxp://*.amazon.com/s/*\" param=\"field-keywords=\" /></TOOLBAR>");
    TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.search.history", "free,kadokado");
    TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.search.history.capacity", "10");
    TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.simapp_id", "{01B126B4-085F-4DEA-8CF7-51496BB221AE}");
    TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com");
    TROUVÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.version", "1.0.0.10");
    .
    * Internet Explorer Version 8.0.7600.16385 *
    .
    [HKCU\Software\Microsoft\Internet Explorer\Main]
    .
    Do404Search: 0x01000000
    Enable Browser Extensions: yes
    Local Page: C:\Windows\system32\blank.htm
    Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Show_ToolBar: yes
    Start Page: hxxp://home.sweetim.com
    Start Page Restore: hxxp://home.mykeysearch.com
    Use Custom Search URL: 0
    Use Search Asst: no
    .
    [HKLM64\Software\Microsoft\Internet Explorer\Main]
    .
    AutoHide: yes
    Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
    Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Delete_Temp_Files_On_Exit: yes
    Local Page: C:\Windows\System32\blank.htm
    Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Start Page: hxxp://go.microsoft.com/fwlink/?LinkId=69157
    .
    [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
    .
    Tabs: res://ieframe.dll/tabswelcome.htm
    Blank: res://mshtml.dll/blank.htm
    .
    ============== SUSPECT(S) ==============
    .
    C:\Users\emmanuel\AppData\Local\Temp\HouseCall\bspatch.exe
    C:\Users\emmanuel\AppData\Roaming\uTorrent\O&O DiskRecovery v4.1.1334 Tech Edition multi incl. Keygen.torrent
    C:\Users\emmanuel\Documents\Downloads\Cacheman.7.0.0.0.Incl_KEYGEN-FFF__by.z0r\Cacheman7_keygen.exe
    C:\Users\emmanuel\Documents\Downloads\Cacheman.7.0.0.0.Incl_KEYGEN-FFF__by.z0r\cachm700.exe
    C:\Users\emmanuel\Documents\Downloads\Cacheman.7.0.0.0.Incl_KEYGEN-FFF__by.z0r\FFF.NFO
    C:\Users\emmanuel\Documents\Downloads\Cacheman.7.0.0.0.Incl_KEYGEN-FFF__by.z0r.zip
    C:\Users\emmanuel\Documents\Downloads\Divx 7.2 serial by pa1ze2.rar
    C:\Users\emmanuel\Documents\newsgroup\!RnE - 2010.01.18 17.22.06 - tHE dArKwOLf\tHE dArKwOLf\WINZIP KEYGEN\FFF.NFO
    C:\Users\emmanuel\Documents\newsgroup\!RnE - 2010.01.18 17.22.06 - tHE dArKwOLf\tHE dArKwOLf\WINZIP KEYGEN\keygen.exe
    .
    ========================================
    .
    C:\Users\emmanuel\AppData\Local\Temp: 570 Fichier(s), 248 Dossier(s)
    C:\Windows\temp: 216 Fichier(s), 14 Dossier(s)
    C:\Users\emmanuel\AppData\Roaming\Microsoft\Windows\Cookies: 107 Fichier(s), 2 Dossier(s)
    Temporary Internet Files: 333 Fichier(s), 14 Dossier(s)
    .
    C:\Ad-Remover\Quarantine: 0 Fichier(s)
    C:\Ad-Remover\Backup: 1 Fichier(s)
    .
    C:\Ad-Report-SCAN[1].txt - 12506 Octet(s)
    .
    Fin à: 20:29:47, 22/03/2010
    .
    ============== E.O.F - SCAN[1] ==============
    22 Mars 2010 20:42:01

    re
    vire tes cracks pourris :o 

    /!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\

  • Double-clique sur AD-R situé sur ton Bureau pour le lancer.
    (Sous Vista, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
  • Choisis la langue F pour français.
  • Au menu principal, choisis l'option Nettoyer.

    /!\ Laisse travailler l'outil /!\

  • Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).
    [fixed]/!\ Pense à réactiver ton antivirus /!\
    22 Mars 2010 20:55:04

    re
    il m'a demande de redemarrer pour finaliser le nettoyage.j'attends que tu me dise si je le fait tout de suite ou j'attends un peu voila le rapport
    .
    ======= RAPPORT D'AD-REMOVER 2.0.0.0,B | UNIQUEMENT XP/VISTA/7 =======
    .
    Mis à jour par C_XX le 22/03/10 à 19:30
    Contact: AdRemover.contact@gmail.com
    Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
    .
    Lancé à: 20:46:40 le 22/03/2010 | Mode normal | Option: CLEAN
    Exécuté de: C:\Ad-Remover\ADR.exe
    SE: Microsoft® Windows 7™ Ultimate - X64
    Nom du PC: EMMANUEL-PC | Utilisateur actuel: emmanuel (Administrateur)
    .
    ============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
    .
    .
    C:\Program Files (x86)\Automated Content Enhancer
    C:\Program Files (x86)\BrowserZinc
    C:\Program Files (x86)\Content Management Wizard
    C:\Program Files (x86)\Customized Platform Advancer
    C:\Program Files (x86)\Internet Today
    C:\Program Files (x86)\SweetIM
    C:\Program Files (x86)\Textual Content Provider
    C:\Program Files (x86)\Web Search Operator
    C:\ProgramData\SweetIM
    C:\Users\emmanuel\AppData\Local\Customized Platform Advancer
    C:\Users\emmanuel\AppData\Local\Internet Today
    C:\Users\emmanuel\AppData\LocalLow\Automated Content Enhancer
    C:\Users\emmanuel\AppData\LocalLow\SweetIM
    C:\Users\emmanuel\AppData\LocalLow\Textual Content Provider
    C:\Users\emmanuel\AppData\LocalLow\Web Search Operator
    C:\Users\emmanuel\AppData\Roaming\DesktopIcon
    C:\Users\emmanuel\AppData\Roaming\Mozilla\FireFox\Profiles\q4nxgn9j.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
    C:\Users\emmanuel\AppData\Roaming\Mozilla\FireFox\Profiles\q4nxgn9j.default\searchplugins\sweetim.xml
    C:\Users\emmanuel\AppData\Roaming\Mozilla\FireFox\Profiles\q4nxgn9j.default\SweetIMToolbarData

    (!) -- Fichiers temporaires supprimés.
    .
    HKCU\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
    HKCU\Software\32 Vegas Casino
    HKCU\Software\AppDataLow\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
    HKCU\Software\AppDataLow\Software\Automated Content Enhancer
    HKCU\Software\AppDataLow\Software\CMW
    HKCU\Software\AppDataLow\Software\Customized Platform Advancer
    HKCU\Software\AppDataLow\Software\Media Access Startup
    HKCU\Software\AppDataLow\Software\Web Search Operator
    HKCU\Software\Automated Content Enhancer
    HKCU\Software\Customized Platform Advancer
    HKCU\Software\Microsoft\Explorer\Bars\{B72681C0-A222-4b21-A0E2-53A5A5CA3D411}
    HKCU\Software\Microsoft\Explorer\Bars\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
    HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
    HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1D74E9DD-8987-448B-B2CB-67FFF2B8A932}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{42C7C39F-3128-4A17-BDB7-91C46032B5B9}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B72681C0-A222-4B21-A0E2-53A5A5CA3D41}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EB4A577D-BCAD-4B1C-8AF2-9A74B8DD3431}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D74E9DD-8987-448B-B2CB-67FFF2B8A932}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{42C7C39F-3128-4A17-BDB7-91C46032B5B9}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B72681C0-A222-4B21-A0E2-53A5A5CA3D41}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB4A577D-BCAD-4B1C-8AF2-9A74B8DD3431}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
    HKCU\Software\SweetIM
    HKLM64\Software\Classes\ExplorerBar.CMW
    HKLM64\Software\Classes\ExplorerBar.CMW.1
    HKLM64\Software\Classes\ExplorerBar.FunExplorer
    HKLM64\Software\Classes\ExplorerBar.FunExplorer.1
    HKLM64\Software\Classes\ExplorerBar.FunRedirector
    HKLM64\Software\Classes\ExplorerBar.FunRedirector.1
    HKLM64\Software\Classes\ExplorerBar.tcp
    HKLM64\Software\Classes\ExplorerBar.tcp.1
    HKLM64\Software\Classes\Interface\{1081D532-7DE4-40BD-B912-388FA6B27C78}
    HKLM64\Software\Classes\Interface\{480098C6-F6AD-4C61-9B5C-2BAE228A34D1}
    HKLM64\Software\Classes\Interface\{6160F76A-1992-4B17-A32D-0C706D159105}
    HKLM64\Software\Classes\Interface\{629CD6C2-E4C5-4554-AEB8-12E4E2CD40FF}
    HKLM64\Software\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
    HKLM64\Software\Classes\Interface\{877F3EAB-4462-44DF-8475-6064EAFD7FBF}
    HKLM64\Software\Classes\MediaPlayer.GraphicsUtils
    HKLM64\Software\Classes\MediaPlayer.GraphicsUtils.1
    HKLM64\Software\Classes\MgMediaPlayer.GifAnimator
    HKLM64\Software\Classes\MgMediaPlayer.GifAnimator.1
    HKLM64\Software\Classes\SWEETIE.IEToolbar
    HKLM64\Software\Classes\SWEETIE.IEToolbar.1
    HKLM64\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook
    HKLM64\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1
    HKLM64\Software\Classes\Toolbar3.SWEETIE
    HKLM64\Software\Classes\Toolbar3.SWEETIE.1
    HKLM64\Software\Classes\TypeLib\{2A743834-05F4-4ED4-8A1C-41332B10AC0C}
    HKLM64\Software\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
    HKLM64\Software\Classes\TypeLib\{565DD573-549E-4DA9-8CD7-6AE3DF25339A}
    HKLM64\Software\Classes\TypeLib\{883DFC00-8A21-411D-956C-73A4E4B7D16F}
    HKLM64\Software\Classes\TypeLib\{AC5AB953-ED25-4F9C-87F0-B086B0178FFA}
    HKLM64\Software\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
    HKLM64\Software\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
    HKLM64\Software\Classes\TypeLib\{F5B8C69C-9B45-4A6A-9380-DF225C546AE7}
    HKLM64\Software\Microsoft\Shared Tools\MSConfig\startupreg\Internet Today Task
    HKLM64\Software\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2}
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{EEE6C35B-6118-11DC-9C72-001320C79847}
    HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{EEE6C35D-6118-11DC-9C72-001320C79847}
    .
    ============== SCAN ADDITIONNEL ==============
    .
    * Mozilla FireFox Version Impossible d'obtenir la version *
    .
    C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - browser.search.defaultenginename: SweetIM Search
    C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - browser.search.defaulturl: hxxp://search.sweetim.com/search.asp?src=2&q=
    C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - browser.search.selectedEngine: Google
    C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - browser.startup.homepage: hxxp://www.theprizeday.com/today.php|google.fr
    C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - browser.startup.homepage_override.mstone: rv:1.9.2
    C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - keyword.URL: hxxp://search.sweetim.com/search.asp?src=2&q=
    C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - sweetim.toolbar.previous.browser.search.defaultenginename: Google
    C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - sweetim.toolbar.previous.browser.startup.homepage: hxxp://www.theprizeday.com/today.php|google.fr
    C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - sweetim.toolbar.previous.keyword.URL: chrome://browser-region/locale/region.properties
    .
    EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("browser.search.defaultenginename", "SweetIM Search");
    EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("browser.search.defaulturl", "hxxp://search.sweetim.com/search.asp?src=2&q=");
    EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("keyword.URL", "hxxp://search.sweetim.com/search.asp?src=2&q=");
    EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
    EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
    EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
    EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
    EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
    EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.mode.debug", "false");
    EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "Google");
    EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://www.theprizeday.com/today.php|google.fr");
    EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.previous.keyword.URL", "chrome://browser-region/locale/region.properties");
    EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.yahoo.com/*\" param=\"p=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.sweetim.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://*.live.*/*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://*youtube.com/\" param=\"search_query=\" /><EXTERNAL_SEARCH engine=\"hxxp://*.ebay.*/search/*\" param=\"satitle=\" /><EXTERNAL_SEARCH engine=\"hxxp://*.amazon.com/s/*\" param=\"field-keywords=\" /></TOOLBAR>");
    EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.search.history", "free,kadokado");
    EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.search.history.capacity", "10");
    EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.simapp_id", "{01B126B4-085F-4DEA-8CF7-51496BB221AE}");
    EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com");
    EFFACÉ: C:\Users\emmanuel\..\q4nxgn9j.default\prefs.js - user_pref("sweetim.toolbar.version", "1.0.0.10");
    .
    * Internet Explorer Version 8.0.7600.16385 *
    .
    [HKCU\Software\Microsoft\Internet Explorer\Main]
    .
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Do404Search: 0x01000000
    Enable Browser Extensions: yes
    Local Page: C:\Windows\system32\blank.htm
    Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
    Show_ToolBar: yes
    Start Page: hxxp://fr.msn.com/
    Use Custom Search URL: 0
    Use Search Asst: no
    .
    [HKLM64\Software\Microsoft\Internet Explorer\Main]
    .
    AutoHide: yes
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Delete_Temp_Files_On_Exit: yes
    Local Page: C:\Windows\System32\blank.htm
    Search bar: hxxp://search.msn.com/spbasic.htm
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start Page: hxxp://fr.msn.com/
    .
    [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
    .
    Tabs: res://ieframe.dll/tabswelcome.htm
    Blank: res://mshtml.dll/blank.htm
    .
    ============== SUSPECT(S) ==============
    .
    C:\Users\emmanuel\AppData\Roaming\uTorrent\O&O DiskRecovery v4.1.1334 Tech Edition multi incl. Keygen.torrent
    C:\Users\emmanuel\Documents\Downloads\Cacheman.7.0.0.0.Incl_KEYGEN-FFF__by.z0r\Cacheman7_keygen.exe
    C:\Users\emmanuel\Documents\Downloads\Cacheman.7.0.0.0.Incl_KEYGEN-FFF__by.z0r\cachm700.exe
    C:\Users\emmanuel\Documents\Downloads\Cacheman.7.0.0.0.Incl_KEYGEN-FFF__by.z0r\FFF.NFO
    C:\Users\emmanuel\Documents\Downloads\Cacheman.7.0.0.0.Incl_KEYGEN-FFF__by.z0r.zip
    C:\Users\emmanuel\Documents\Downloads\Divx 7.2 serial by pa1ze2.rar
    C:\Users\emmanuel\Documents\newsgroup\!RnE - 2010.01.18 17.22.06 - tHE dArKwOLf\tHE dArKwOLf\WINZIP KEYGEN\FFF.NFO
    C:\Users\emmanuel\Documents\newsgroup\!RnE - 2010.01.18 17.22.06 - tHE dArKwOLf\tHE dArKwOLf\WINZIP KEYGEN\keygen.exe
    .
    ========================================
    .
    C:\Users\emmanuel\AppData\Local\Temp: 7 Fichier(s), 248 Dossier(s)
    C:\Windows\temp: 11 Fichier(s), 14 Dossier(s)
    C:\Users\emmanuel\AppData\Roaming\Microsoft\Windows\Cookies: 2 Fichier(s), 2 Dossier(s)
    Temporary Internet Files: 9 Fichier(s), 14 Dossier(s)
    .
    C:\Ad-Remover\Quarantine: 786 Fichier(s)
    C:\Ad-Remover\Backup: 15 Fichier(s)
    .
    C:\Ad-Report-CLEAN[1].txt - 12672 Octet(s)
    C:\Ad-Report-SCAN[1].txt - 12631 Octet(s)
    .
    Fin à: 20:49:03, 22/03/2010
    .
    ============== E.O.F - CLEAN[1] ==============
    22 Mars 2010 21:09:25

    redémarre
    puis:

    Télécharge MalwareByte's Anti-Malware sur ton Bureau.

  • Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
    Une fois l'installation et la mise à jour effectuées :
  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    ~ Si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    ~~ Si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau.


    REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    Note : Si tu ne parviens à télécharger MBAM à partir de MajorGeeks, tu peux le télécharger ici!

    [#FF0000]Aide
    :
  • Comment utiliser MBAM.
    22 Mars 2010 22:35:18

    re
    ca y est le scan est fini.je pense que le rapport t'interesse donc le voilà
    Malwarebytes' Anti-Malware 1.44
    Version de la base de données: 3901
    Windows 6.1.7600
    Internet Explorer 8.0.7600.16385

    22/03/2010 22:28:17
    mbam-log-2010-03-22 (22-28-01).txt

    Type de recherche: Examen complet (C:\|E:\|)
    Eléments examinés: 241312
    Temps écoulé: 1 hour(s), 8 minute(s), 59 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 37
    Valeur(s) du Registre infectée(s): 5
    Elément(s) de données du Registre infecté(s): 1
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 9

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CLASSES_ROOT\Interface\{480098c6-f6ad-4c61-9b5c-2bae228a34d1} (Adware.DoubleD) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{6160f76a-1992-4b17-a32d-0c706d159105} (Adware.DoubleD) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{3de88beb-f271-484a-ba71-01d30f439f0c} (Adware.DoubleD) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{50ad41d2-b1f0-47cc-9ea7-395355eaeebd} (Adware.DoubleD) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{8ceb185e-81a5-46d3-bc20-c555d605afbd} (Adware.DoubleD) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{a72522ba-9ff3-4c83-abc6-9b476728a396} (Adware.DoubleD) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{c5762628-ae15-4ca6-96c4-b00dd17f3419} (Adware.DoubleD) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{d062e03e-65ca-49e4-9b15-31938ba98922} (Adware.DoubleD) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{78ff2f80-613a-47d7-8871-912b1236f704} (Trojan.BHO) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> No action taken.
    HKEY_CLASSES_ROOT\TypeLib\{1e825264-1715-3526-9373-6a2338335fc1} (Trojan.BHO) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{de6705cf-7e3c-30d0-9c85-7624ddadd0ea} (Trojan.BHO) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{5e20e48b-9d4b-3287-92b7-5a8e31a7a848} (Trojan.BHO) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\{5e20e48b-9d4b-3287-92b7-5a8e31a7a848} (Trojan.BHO) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5e20e48b-9d4b-3287-92b7-5a8e31a7a848} (Trojan.BHO) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{5e20e48b-9d4b-3287-92b7-5a8e31a7a848} (Trojan.BHO) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5e20e48b-9d4b-3287-92b7-5a8e31a7a848} (Trojan.BHO) -> No action taken.
    HKEY_CURRENT_USER\Software\YVIBBBHA8C (Trojan.Agent) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\BrowserZinc (Adware.BrowserZinc) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\32 Vegas Casino (Adware.21Nova) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\AppDataLow\SOFTWARE\Internet Today (Adware.DoubleD) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Web Search Operator (Adware.DoubleD) -> No action taken.
    HKEY_CLASSES_ROOT\D (Trojan.Agent) -> No action taken.
    HKEY_CLASSES_ROOT\D.1 (Trojan.Agent) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ctfmon.exe (Security.Hijack) -> No action taken.
    HKEY_CURRENT_USER\Software\WEK9EMDHI9 (Trojan.Agent) -> No action taken.

    Valeur(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{8141440e-08f0-4339-9959-5c31c6a69f23} (Adware.DoubleD) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{e63605fc-d583-4c81-867f-9457bdb3ea1b} (Adware.DoubleD) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{e889f097-b0be-471b-89ad-b86b6f04b506} (Adware.DoubleD) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\yvibbbha8c (Trojan.FakeAlert) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\canaveral (Trojan.Downloader) -> No action taken.

    Elément(s) de données du Registre infecté(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken.

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\Users\emmanuel\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000c1c (Trojan.Downloader) -> No action taken.
    C:\Users\emmanuel\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000c1e (Trojan.Downloader) -> No action taken.
    C:\Users\emmanuel\Downloads\Setup.exe (Adware.Agent) -> No action taken.
    C:\Windows\System32\jh86383.dll (Trojan.BHO) -> No action taken.
    C:\Windows\SysWOW64\jh86383.dll (Trojan.BHO) -> No action taken.
    C:\Users\emmanuel\AppData\Local\Temp\Lld.exe (Trojan.FakeAlert) -> No action taken.
    C:\Windows\System32\sshnas21.dll (Trojan.Downloader) -> No action taken.
    C:\Windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job (Trojan.Downloader) -> No action taken.
    C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> No action taken.
    23 Mars 2010 21:28:39

    re
    Tu as mal lu la procédure:
    dans ton rapport:
    Citation :
    HKEY_CLASSES_ROOT\Interface\{480098c6-f6ad-4c61-9b5c-2bae228a34d1} (Adware.DoubleD)-> No action taken.


    Quand l'outil a trouvé quelque-chose, à la fin, il faut cliquer sur "Supprimer la sélection".

    Recommence stp
    23 Mars 2010 21:35:31

    bonsoir,
    excuse je me suis tromper de rapport
    Malwarebytes' Anti-Malware 1.44
    Version de la base de données: 3901
    Windows 6.1.7600
    Internet Explorer 8.0.7600.16385

    22/03/2010 22:28:41
    mbam-log-2010-03-22 (22-28-41).txt

    Type de recherche: Examen complet (C:\|E:\|)
    Eléments examinés: 241312
    Temps écoulé: 1 hour(s), 8 minute(s), 59 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 37
    Valeur(s) du Registre infectée(s): 5
    Elément(s) de données du Registre infecté(s): 1
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 9

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CLASSES_ROOT\Interface\{480098c6-f6ad-4c61-9b5c-2bae228a34d1} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{6160f76a-1992-4b17-a32d-0c706d159105} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{3de88beb-f271-484a-ba71-01d30f439f0c} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{50ad41d2-b1f0-47cc-9ea7-395355eaeebd} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{8ceb185e-81a5-46d3-bc20-c555d605afbd} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{a72522ba-9ff3-4c83-abc6-9b476728a396} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{c5762628-ae15-4ca6-96c4-b00dd17f3419} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{d062e03e-65ca-49e4-9b15-31938ba98922} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{78ff2f80-613a-47d7-8871-912b1236f704} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{1e825264-1715-3526-9373-6a2338335fc1} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{de6705cf-7e3c-30d0-9c85-7624ddadd0ea} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{5e20e48b-9d4b-3287-92b7-5a8e31a7a848} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\{5e20e48b-9d4b-3287-92b7-5a8e31a7a848} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5e20e48b-9d4b-3287-92b7-5a8e31a7a848} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{5e20e48b-9d4b-3287-92b7-5a8e31a7a848} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5e20e48b-9d4b-3287-92b7-5a8e31a7a848} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\YVIBBBHA8C (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\BrowserZinc (Adware.BrowserZinc) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\32 Vegas Casino (Adware.21Nova) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\AppDataLow\SOFTWARE\Internet Today (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Web Search Operator (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\D (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\D.1 (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ctfmon.exe (Security.Hijack) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\WEK9EMDHI9 (Trojan.Agent) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{8141440e-08f0-4339-9959-5c31c6a69f23} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{e63605fc-d583-4c81-867f-9457bdb3ea1b} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{e889f097-b0be-471b-89ad-b86b6f04b506} (Adware.DoubleD) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\yvibbbha8c (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\canaveral (Trojan.Downloader) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\Users\emmanuel\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000c1c (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\Users\emmanuel\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000c1e (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\Users\emmanuel\Downloads\Setup.exe (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Windows\System32\jh86383.dll (Trojan.BHO) -> Quarantined and deleted successfully.
    C:\Windows\SysWOW64\jh86383.dll (Trojan.BHO) -> Quarantined and deleted successfully.
    C:\Users\emmanuel\AppData\Local\Temp\Lld.exe (Trojan.FakeAlert) -> Delete on reboot.
    C:\Windows\System32\sshnas21.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\Windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
    23 Mars 2010 21:53:13

    re
    comment se comporte ton pc?
    reposte un rapport DDS stp
    23 Mars 2010 22:04:42

    re
    ca a l'air d'aller beaucoup mieux en tout cas il n'y a plus toutes ces pages qui s'ouvraient lorsque j'allais sur un site j'ai quand meme l'impression que mac afee c'est une passoire,enfin voila le rapport dds

    DDS (Ver_10-03-17.01) - NTFSX64
    Run by emmanuel at 21:58:43,19 on 23/03/2010
    Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_17
    Microsoft Windows 7 Édition Intégrale 6.1.7600.0.1252.33.1036.18.3071.1926 [GMT 1:00]


    ============== Running Processes ===============

    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\svchost.exe -k apphost
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
    C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
    c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    C:\Program Files (x86)\Google\Update\1.2.183.23\GoogleCrashHandler.exe
    C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
    C:\Windows\system32\rundll32.exe
    C:\Windows\SysWOW64\rundll32.exe
    C:\Program Files (x86)\McAfee\MSK\MskSrver.exe
    C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
    C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\TeamViewer\Version4\TeamViewer_Service.exe
    C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
    C:\Program Files (x86)\RapidSolution\Tunebite 7\VCDWriter\64\VCDAudioService.exe
    C:\Windows\system32\svchost.exe -k iissvcs
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\TeamViewer\Version4\TeamViewer.exe
    C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe
    C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files (x86)\uTorrent\uTorrent.exe
    C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe
    C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe
    C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe
    C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\WUDFHost.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\vssvc.exe
    C:\Windows\System32\svchost.exe -k swprv
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Users\emmanuel\Desktop\dds.scr
    C:\Windows\system32\conhost.exe

    ============== Pseudo HJT Report ===============

    uWindow Title =
    mStart Page = hxxp://home.sweetim.com
    mLocal Page = c:\windows\syswow64\blank.htm
    uInternet Settings,ProxyOverride = local
    mSearchAssistant = hxxp://www.ask.com/web?q={searchTerms}&o=14482&l=dis
    uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
    uURLSearchHooks: Radio Bar 1 Toolbar: {0fc85f5d-6207-4515-a490-45a549d285c0} - c:\program files (x86)\radio_bar_1\tbRadi.dll
    mURLSearchHooks: Radio Bar 1 Toolbar: {0fc85f5d-6207-4515-a490-45a549d285c0} - c:\program files (x86)\radio_bar_1\tbRadi.dll
    BHO: Google Plus: {01677b4b-0610-4814-94a0-5f570dd7a88f} - c:\progra~2\google~1\17GOOG~1.DLL
    BHO: Radio Bar 1 Toolbar: {0fc85f5d-6207-4515-a490-45a549d285c0} - c:\program files (x86)\radio_bar_1\tbRadi.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~2\mcafee\msk\mskapbho.dll
    BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files (x86)\real\realplayer\rpbrowserrecordplugin.dll
    BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files (x86)\mcafee\virusscan\scriptsn.dll
    BHO: Programme d'aide de l'Assistant de connexion Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files (x86)\google\googletoolbarnotifier\5.5.4723.1820\swg.dll
    BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll
    BHO: SweetIM Toolbar Helper: {eee6c35c-6118-11dc-9c72-001320c79847} - c:\program files (x86)\sweetim\toolbars\internet explorer\mgToolbarIE.dll
    TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
    TB: Radio Bar 1 Toolbar: {0fc85f5d-6207-4515-a490-45a549d285c0} - c:\program files (x86)\radio_bar_1\tbRadi.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll
    TB: SweetIM Toolbar for Internet Explorer: {eee6c35b-6118-11dc-9c72-001320c79847} - c:\program files (x86)\sweetim\toolbars\internet explorer\mgToolbarIE.dll
    uRun: [<NO NAME>]
    uRun: [DAEMON Tools Lite] "c:\program files (x86)\daemon tools lite\DTLite.exe" -autorun
    uRun: [swg] "c:\program files (x86)\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
    uRun: [uTorrent] "c:\program files (x86)\utorrent\uTorrent.exe"
    mRun: [mcagent_exe] "c:\program files (x86)\mcafee.com\agent\mcagent.exe" /runkey
    mRun: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] c:\program files (x86)\google\gmail notifier\gnotify.exe
    mRun: [QuickTime Task] "c:\program files (x86)\quicktime\QTTask.exe" -atboottime
    mRun: [Google Quick Search Box] "c:\program files (x86)\google\quick search box\GoogleQuickSearchBox.exe" /autorun
    mRun: [JMB36X IDE Setup] c:\windows\raidtool\xInsIDE.exe
    mRun: [SweetIM] c:\program files (x86)\sweetim\messenger\SweetIM.exe
    mRun: [DivXUpdate] "c:\program files (x86)\divx\divx update\DivXUpdate.exe" /CHECKNOW
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: Google Sidewiki... - c:\program files (x86)\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
    IE: ????3?? - c:\users\emmanuel\appdata\roaming\flashgetbho\GetUrl.htm
    IE: ????3?????? - c:\users\emmanuel\appdata\roaming\flashgetbho\GetAllUrl.htm
    IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
    Trusted Zone: kuaiche.com\software
    DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} - hxxp://www.vexcast.com/download/vexcast.cab
    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~2\mcafee\sitead~1\McIEPlg.dll
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~2\mcafee\sitead~1\McIEPlg.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~2\common~1\skype\SKYPE4~1.DLL
    mASetup: {9C450606-ED24-4958-92BA-B8940C99D441} - c:\program files (x86)\pixiepack codec pack\InstallerHelper.exe
    {27B4851A-3207-45A2-B947-BE8AFE6163AB}
    {7DB2D5A0-7241-4E79-B68D-6309F01C5231}
    {AA58ED58-01DD-4d91-8333-CF10577473F7}
    {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
    {B164E929-A1B6-4A06-B104-2CD0E90A88FF}
    {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}
    {2318C2B1-4965-11d4-9B18-009027A5CD4F}
    TB-X64: {0FC85F5D-6207-4515-A490-45A549D285C0} - No File

    ================= FIREFOX ===================

    FF - ProfilePath - c:\users\emmanuel\appdata\roaming\mozilla\firefox\profiles\q4nxgn9j.default\
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - prefs.js: browser.startup.homepage - google.fr
    FF - component: c:\program files (x86)\mcafee\siteadvisor\components\McFFPlg.dll
    FF - component: c:\program files (x86)\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
    FF - component: c:\users\emmanuel\appdata\roaming\mozilla\firefox\profiles\q4nxgn9j.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
    FF - component: c:\users\emmanuel\appdata\roaming\mozilla\firefox\profiles\q4nxgn9j.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
    FF - plugin: c:\program files (x86)\divx\divx plus web player\npdivx32.dll
    FF - plugin: c:\program files (x86)\google\google earth\plugin\npgeplugin.dll
    FF - plugin: c:\program files (x86)\google\google updater\2.4.1851.5542\npCIDetect14.dll
    FF - plugin: c:\program files (x86)\google\picasa3\npPicasa3.dll
    FF - plugin: c:\program files (x86)\google\update\1.2.183.23\npGoogleOneClick8.dll
    FF - plugin: c:\users\emmanuel\appdata\roaming\mozilla\firefox\profiles\q4nxgn9j.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
    FF - plugin: c:\users\emmanuel\appdata\roaming\mozilla\firefox\profiles\q4nxgn9j.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

    ---- FIREFOX POLICIES ----
    FF - user.js: network.http.max-persistent-connections-per-server - 4
    FF - user.js: nglayout.initialpaint.delay - 600
    FF - user.js: content.notify.interval - 600000
    FF - user.js: content.max.tokenizing.time - 1800000
    FF - user.js: content.switch.threshold - 600000
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
    c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

    ============= SERVICES / DRIVERS ===============

    R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-12-19 308296]
    R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 59904]
    R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/01/01 01:45:01];c:\program files (x86)\cyberlink\powerdvd9\000.fcl [2009-5-7 146928]
    R2 LVPrcS64;Process Monitor;c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe [2009-10-7 191000]
    R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files (x86)\mcafee\siteadvisor\mcsacore.exe [2009-12-23 110312]
    R2 McProxy;McAfee Proxy Service;c:\progra~2\common~1\mcafee\mcproxy\mcproxy.exe [2009-12-19 359952]
    R2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe [2009-12-19 155456]
    R2 TeamViewer4;TeamViewer 4;c:\program files (x86)\teamviewer\version4\TeamViewer_Service.exe [2009-10-7 185640]
    R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\tuneup utilities 2010\TuneUpUtilitiesService64.exe [2009-12-17 1394504]
    R2 Virtual CDAudio Service;Virtual CDAudio Service;c:\program files (x86)\rapidsolution\tunebite 7\vcdwriter\64\VCDAudioService.exe [2009-12-10 148848]
    R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l160x64.sys [2009-10-13 61440]
    R3 lvpepf64;Volume Adapter;c:\windows\system32\drivers\lv302a64.sys [2009-12-20 15896]
    R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\drivers\LVPr2M64.sys [2009-10-7 30232]
    R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\drivers\lvrs64.sys [2009-12-20 327576]
    R3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys [2008-7-26 50072]
    R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2009-12-19 102472]
    R3 Ph3xIB64;Philips 713x Inbox PCI TV Card;c:\windows\system32\drivers\Ph3xIB64.sys [2009-6-10 1627520]
    R3 RRNetCapMP;RRNetCapMP;c:\windows\system32\drivers\rrnetcap.sys [2009-12-10 31264]
    R3 rsvcdwdr;rsvcdwdr;c:\windows\system32\drivers\rsvcdwdr.sys [2009-12-10 29216]
    R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\tuneup utilities 2010\TuneUpUtilitiesDriver64.sys [2009-10-14 11856]
    S2 gupdate;Service Google Update (gupdate);c:\program files (x86)\google\update\GoogleUpdate.exe [2009-12-19 133104]
    S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-12-19 40904]
    S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-12-19 49480]
    S3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys [2009-10-6 25088]
    S3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys [2009-10-6 18944]
    S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2009-12-24 31800]
    S3 RRNetCap;RRNetCap Service;c:\windows\system32\drivers\rrnetcap.sys [2009-12-10 31264]
    S4 McSysmon;McAfee SystemGuards;c:\progra~2\mcafee\viruss~1\mcsysmon.exe [2009-12-19 606736]

    =============== Created Last 30 ================

    2010-03-22 20:16:14 0 d-----w- c:\users\emmanuel\appdata\roaming\Malwarebytes
    2010-03-22 20:16:09 0 d-----w- c:\programdata\Malwarebytes
    2010-03-22 20:16:08 22104 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-03-22 20:16:08 0 d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
    2010-03-22 19:27:05 0 d-----w- C:\Ad-Remover
    2010-03-21 09:17:04 160768 ----a-w- c:\windows\Ldegub.exe
    2010-03-20 22:27:06 160768 ----a-w- c:\windows\Ldegua.exe
    2010-03-20 22:02:39 0 d-----w- c:\programdata\DivX
    2010-03-19 18:31:17 0 d-----w- c:\program files (x86)\Zattoo4
    2010-03-14 15:30:51 0 d-----w- c:\users\emmanuel\appdata\roaming\QuickScan
    2010-03-13 21:21:06 315904 ----a-w- c:\windows\syswow64\Difx6382.rra
    2010-03-08 17:59:18 94208 ----a-w- c:\windows\syswow64\dpl100.dll
    2010-03-08 16:56:43 0 d-----w- c:\program files (x86)\Conduit
    2010-03-08 16:56:42 0 d-----w- c:\program files (x86)\Radio_Bar_1
    2010-03-02 18:16:04 353592 ----a-w- c:\windows\syswow64\DivXControlPanelApplet.cpl

    ==================== Find3M ====================

    2010-03-22 22:05:11 798232 ----a-w- c:\windows\system32\perfh00C.dat
    2010-03-22 22:05:11 168096 ----a-w- c:\windows\system32\perfc00C.dat
    2010-02-23 21:34:06 53248 ----a-w- c:\windows\syswow64\CSVer.dll
    2010-02-19 19:27:36 720384 ----a-w- c:\windows\syswow64\DivX.dll
    2010-02-19 19:27:16 856064 ----a-w- c:\windows\syswow64\divx_xx0c.dll
    2010-02-19 19:27:16 856064 ----a-w- c:\windows\syswow64\divx_xx07.dll
    2010-02-19 19:27:16 847872 ----a-w- c:\windows\syswow64\divx_xx0a.dll
    2010-02-19 19:27:16 843776 ----a-w- c:\windows\syswow64\divx_xx16.dll
    2010-02-19 19:27:16 839680 ----a-w- c:\windows\syswow64\divx_xx11.dll
    2010-02-02 08:36:47 2048 ----a-w- c:\windows\system32\tzres.dll
    2010-02-02 07:45:54 2048 ----a-w- c:\windows\syswow64\tzres.dll
    2010-01-30 22:27:42 2183680 ----a-w- c:\windows\syswow64\libvlccore.dll
    2010-01-30 22:27:42 114176 ----a-w- c:\windows\syswow64\libvlc.dll
    2010-01-27 15:58:38 115312 ----a-w- c:\windows\system32\drivers\jraid.sys
    2010-01-19 09:28:44 1976944 ----a-w- c:\windows\syswow64\xRaidSetup.exe
    2010-01-19 09:28:22 158320 ----a-w- c:\windows\syswow64\xRaidAPI.dll
    2010-01-19 09:05:57 424960 ----a-w- c:\windows\system32\secproc.dll
    2010-01-19 09:05:57 422912 ----a-w- c:\windows\system32\secproc_isv.dll
    2010-01-19 09:05:57 121856 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
    2010-01-19 09:05:57 121856 ----a-w- c:\windows\system32\secproc_ssp.dll
    2010-01-19 09:00:44 305152 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
    2010-01-19 09:00:43 357888 ----a-w- c:\windows\system32\RMActivate_isv.exe
    2010-01-19 09:00:37 356352 ----a-w- c:\windows\system32\RMActivate.exe
    2010-01-19 09:00:37 306688 ----a-w- c:\windows\system32\RMActivate_ssp.exe
    2010-01-18 23:29:31 85504 ----a-w- c:\windows\syswow64\secproc_ssp_isv.dll
    2010-01-18 23:29:31 85504 ----a-w- c:\windows\syswow64\secproc_ssp.dll
    2010-01-18 23:29:31 365568 ----a-w- c:\windows\syswow64\secproc_isv.dll
    2010-01-18 23:29:30 369152 ----a-w- c:\windows\syswow64\secproc.dll
    2010-01-18 23:28:33 324608 ----a-w- c:\windows\syswow64\RMActivate_isv.exe
    2010-01-18 23:28:33 277504 ----a-w- c:\windows\syswow64\RMActivate_ssp_isv.exe
    2010-01-18 23:28:30 320512 ----a-w- c:\windows\syswow64\RMActivate.exe
    2010-01-18 23:28:30 280064 ----a-w- c:\windows\syswow64\RMActivate_ssp.exe
    2010-01-11 22:19:00 159336 ----a-w- c:\windows\system32\nvvsvc.exe
    2010-01-11 22:19:00 14822504 ----a-w- c:\windows\system32\nvcpl.dll
    2010-01-11 22:19:00 116328 ----a-w- c:\windows\system32\nvmctray.dll
    2010-01-11 22:19:00 1037416 ----a-w- c:\windows\system32\nvsvc64.dll
    2010-01-11 07:12:38 381440 ----a-w- c:\windows\syswow64\iedkcs32.dll
    2009-07-14 15:24:01 38160 ----a-w- c:\windows\inf\perflib\040c\perfd.dat
    2009-07-14 15:24:01 38160 ----a-w- c:\windows\inf\perflib\040c\perfc.dat
    2009-07-14 15:24:01 344522 ----a-w- c:\windows\inf\perflib\040c\perfi.dat
    2009-07-14 15:24:01 344522 ----a-w- c:\windows\inf\perflib\040c\perfh.dat
    2009-07-14 04:54:24 174 --sha-w- c:\program files\desktop.ini
    2009-07-14 04:54:24 174 --sha-w- c:\program files (x86)\desktop.ini
    2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
    2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
    2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
    2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
    2009-06-10 20:44:08 9633792 --sha-r- c:\windows\fonts\StaticCache.dat
    2009-07-14 01:39:53 398848 --sha-w- c:\windows\winsxs\amd64_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_4d4d1f2f696639a2\WinMail.exe
    2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

    ============= FINISH: 21:58:58,14 ===============
    23 Mars 2010 22:19:30

    re
    voila le rapport
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 22:17:35, on 23/03/2010
    Platform: Unknown Windows (WinNT 6.01.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.16385)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files (x86)\uTorrent\uTorrent.exe
    C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe
    C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe
    C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe
    C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.ask.com/web?q={searchTerms}&o=14482&l=dis
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    R3 - URLSearchHook: Radio Bar 1 Toolbar - {0fc85f5d-6207-4515-a490-45a549d285c0} - C:\Program Files (x86)\Radio_Bar_1\tbRadi.dll
    O2 - BHO: Google Plus - {01677B4B-0610-4814-94A0-5F570DD7A88F} - C:\PROGRA~2\GOOGLE~1\17GOOG~1.DLL
    O2 - BHO: Radio Bar 1 Toolbar - {0fc85f5d-6207-4515-a490-45a549d285c0} - C:\Program Files (x86)\Radio_Bar_1\tbRadi.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~2\mcafee\msk\mskapbho.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
    O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (file missing)
    O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O3 - Toolbar: Radio Bar 1 Toolbar - {0fc85f5d-6207-4515-a490-45a549d285c0} - C:\Program Files (x86)\Radio_Bar_1\tbRadi.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (file missing)
    O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe" /runkey
    O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
    O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
    O4 - HKLM\..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
    O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
    O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
    O13 - Gopher Prefix:
    O15 - Trusted Zone: http://software.kuaiche.com
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} (VodClient Control Class) - http://www.vexcast.com/download/vexcast.cab
    O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe
    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files (x86)\McAfee\MSK\MskSrver.exe
    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NMSAccessU - Unknown owner - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version4\TeamViewer_Service.exe
    O23 - Service: @C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
    O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: Virtual CDAudio Service - RapidSolution Software AG - C:\Program Files (x86)\RapidSolution\Tunebite 7\VCDWriter\64\VCDAudioService.exe
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 12327 bytes
    23 Mars 2010 23:11:40

    re
    tu vas tout finir manuellement :) 
    désinstalle SweetIM via ajouts/suppressions de programmes si toujours présent (je suis presque sûr qu'il n'est plus là)
    ~Lance Hijackthis comme suit:
    clic-droit sur Hijackthis.exe et choisir "Exécuter en tant qu'administrateur" puis:
    Do a system scan only.
    Coche les lignes qui suivent si encore présentes et uniquement celles-là.
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
    O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (file missing)
    O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (file missing)
    O4 - HKLM\..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe

    Clique sur Fix checked (en bas à gauche)

    +++++++++++++++++++++++

    Supprime tous les programmes installés pour la désinfection.


    Merci de consulter ce dossier (en pdf) pour en connaître davantage sur les risques du Net.



    Si tu trouves ce document intéressant, n'hésite pas à le transmettre à tes contacts.

    Si tu en as assez d'être assailli de publicités durant ta navigation, installe Firefox sécurisé avec les extensions noscript et AdBlock Plus.

    ~Edite ton premier message et marque [résolu] dans le titre.
    Si ton nom de session correspond à ton véritable nom, tu as la possibilité de le changer en éditant tes posts.

    :hello: 

    24 Mars 2010 07:13:28

    bonjour,
    je n'arrive pas a supprimer ce que tu m'as dit apres avoir fait fix checked j'ai refait un scan et il sont toujours present
    24 Mars 2010 19:57:58

    bonsoir,
    j'ai du redemarrer pour desactive l'uac et apres un nouveau scan avec hijack this il n'y avait plus aucune trace de tout ce que tu m'avais dit de fixer,merci encore je n'ai plus aucune pub,je voulais juste savoir si je peux garder malwarebytes et le lancer de temps en temps?
    25 Mars 2010 21:42:00

    Bonsoir
    vi, garde-le, n'oublie pas de faire les mises à jour avant de l'utiliser.
    :hello: 
    25 Mars 2010 22:23:28

    bonsoir ,
    merci encore
    encore une question il vaut mieux avoir un antivirus et un anti spyware genre spybot ou un antivirus internet security?
    25 Mars 2010 22:37:20

    re
    un antivirus + Malwarebytes' Anti-Malware + un pare feu
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS