Votre question

Problème internet explorer

Tags :
  • Internet Explorer
  • Sécurité
Dernière réponse : dans Sécurité et virus
21 Mars 2010 22:04:42

Bonjour,
j'ai un petit soucis avec internet explorer, a chaque fois que je démarre mon pc une succession de page internet s'ouvre. je suis obliger d'ouvrir le gestionnaire des taches pour arreter le processus. et la g constaté que meme quand j'utilise le pc des pages internet s'ouvre sans arret.
je suppose que j'ai chopé un virus.
Que dois-je faire?
Aidez-moi s'il vous plait

Autres pages sur : probleme internet explorer

21 Mars 2010 22:16:41

Bonsoir
1
Télécharge DDS et sauvegarde-le sur ton bureau.
  • Désactive tout script bloquant, tel q'un antivirus, un logiciel comme ad-block, noscript etc.
  • Double-clique sur dds.scr pour lancer l'outil.
  • Une fois le scan fini, un document texte, DDS.txt, va s'ouvrir .
  • Clique Oui à la prochaine invite Optional Scan.
  • Sauvegarde les deux rapports sur ton bureau et poste-moi uniquement le DDS.txt.
    2
  • Télécharge Catchme ([#ff0000]Gmer[/#f]) sur ton Bureau.
  • Double clique sur catchme.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Lorsque la recherche sera terminée, poste le rapport catchme.log dans ta prochaine réponse. (Ce rapport est sur ton bureau.)

    21 Mars 2010 22:55:40


    DDS (Ver_10-03-17.01) - NTFSx86
    Run by USER at 17:48:13,97 on 21/03/2010
    Internet Explorer: 8.0.6001.18882 BrowserJavaVersion: 1.6.0_17
    Microsoft® Windows Vista™ Édition Familiale Basique 6.0.6002.2.1252.33.1036.18.1917.845 [GMT -4:00]

    SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

    ============== Running Processes ===============

    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Users\USER\AppData\Roaming\Soft2PC\Software\SoftwareHP.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\System32\s3trayp.exe
    C:\Program Files\VIA\VIAudioi\VistaADeck\HDAudioCPL.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Windows\FixCamera.exe
    C:\Windows\tsnpstd3.exe
    C:\Windows\vsnpstd3.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\MyWebSearch\bar\2.bin\M3SRCHMN.EXE
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    C:\Program Files\Soft2PC\soft2pc.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\SuperCopier2\SuperCopier2.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Windows\system32\svchost.exe -k bthsvcs
    C:\Windows\system32\svchost.exe -k hpdevmgmt
    C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwssvc.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k regsvc
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Windows\system32\conime.exe
    C:\Users\USER\AppData\Roaming\Soft2PC\Software\Software.exe
    C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\explorer.exe
    C:\Program Files\VideoLAN\VLC\vlc.exe
    C:\Windows\system32\sdclt.exe
    C:\Users\USER\Documents\jeux\Visual_Boy_Advance_V1.7.2_win_Fr\VisualBoyAdvance.exe
    C:\Windows\System32\mobsync.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Users\USER\Desktop\dds.scr
    C:\Windows\system32\wbem\wmiprvse.exe

    ============== Pseudo HJT Report ===============

    uSearch Bar = Preserve
    mStart Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage
    uInternet Settings,ProxyOverride = *.local
    uURLSearchHooks: WeFiBar Toolbar: {0b876028-b388-4f6d-922f-f52faec8535f} - c:\program files\wefibar\tbWeF1.dll
    uURLSearchHooks: N/A: {00a6faf6-072e-44cf-8957-5838f569a31d} - c:\program files\mywebsearch\bar\2.bin\MWSSRCAS.DLL
    uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
    mURLSearchHooks: WeFiBar Toolbar: {0b876028-b388-4f6d-922f-f52faec8535f} - c:\program files\wefibar\tbWeF1.dll
    BHO: MyWebSearch Search Assistant BHO: {00a6faf1-072e-44cf-8957-5838f569a31d} - c:\program files\mywebsearch\bar\2.bin\MWSSRCAS.DLL
    BHO: Google Plus: {01677b4b-0610-4814-94a0-5f570dd7a88f} - c:\progra~1\google~1\17GOOG~1.DLL
    BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
    BHO: Super-Search -Find more of what you need: {0286a85d-cd62-43bb-b7a9-a87d1d027160} - c:\progra~1\easyse~1\bho\12SUPE~1.DLL
    BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
    BHO: mwsBar BHO: {07b18ea1-a523-4961-b6bb-170de4475cca} - c:\program files\mywebsearch\bar\2.bin\MWSBAR.DLL
    BHO: WeFiBar Toolbar: {0b876028-b388-4f6d-922f-f52faec8535f} - c:\program files\wefibar\tbWeF1.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: SOFT2PCBHO Class: {3475d2c4-bbd1-4255-a70d-4125a4d30956} - c:\program files\soft2pc\soft2pcBHO.dll
    BHO: {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - No File
    BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
    BHO: mysidesearch search enhancer: {c95214a3-cb1c-db22-8f9f-230a01d6796c} - c:\windows\system32\krxfbmupcjfiqp.dll
    BHO: CescrtHlpr Object: {d286e828-e6b9-484d-a058-d7323666de33} - c:\program files\recfree.com\recfreetoolbar\1.1.4.0\escort.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll
    BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
    TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
    TB: {66886C4D-B307-4ECA-A228-52CA9B9851A4} - No File
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
    TB: WeFiBar Toolbar: {0b876028-b388-4f6d-922f-f52faec8535f} - c:\program files\wefibar\tbWeF1.dll
    TB: My Web Search: {07b18ea9-a523-4961-b6bb-170de4475cca} - c:\program files\mywebsearch\bar\2.bin\MWSBAR.DLL
    TB: RecFree Toolbar: {0508f8f1-08e3-43ee-aaa8-09ad09803084} - c:\program files\recfree.com\recfreetoolbar\1.1.4.0\escorTlbr.dll
    TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
    EB: {180175C0-913E-451c-9419-2D5500368D43} - No File
    EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
    EB: Search panel: {8e2ff652-1f0b-3e6e-3ef4-9c18c94c0627} - c:\windows\system32\krxfbmupcjfiqp.dll
    uRun: [EleFunAnimatedWallpaper]
    uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\daemon.exe" -autorun
    uRun: [oeuky] "c:\users\user\appdata\local\oeuky.exe" oeuky
    uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
    uRun: [ccleaner] "c:\program files\ccleaner\CCleaner.exe" /AUTO
    uRun: [AlcoholAutomount] "c:\program files\alcohol soft\alcohol 120\axcmd.exe" /automount
    uRun: [MyWebSearch Email Plugin] c:\progra~1\mywebs~1\bar\2.bin\mwsoemon.exe
    uRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -startup
    uRun: [cdoosoft] c:\users\user\appdata\local\temp\herss.exe
    uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
    uRun: [SuperCopier2.exe] c:\program files\supercopier2\SuperCopier2.exe
    uRun: [hdefabf] "c:\users\user\appdata\local\hdefabf.exe" hdefabf
    uRun: [qadudar] "c:\users\user\appdata\local\qadudar.exe" qadudar
    uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockwave 11\SwHelper_1150595.exe -Update -1150595 -"Mozilla/5.0_(Windows;_U;_Windows_NT_6.0;_fr;_rv:1.9.1.7)_Gecko/20091221_Firefox/3.5.7_GTB6_(.NET_CLR_3.5.30729)" -"http://www8.agame.com/games/shockwave/r/r-style_supreme..."
    mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    mRun: [S3Trayp] S3trayp.exe -chkautorun
    mRun: [HDAudDeck] c:\program files\via\viaudioi\vistaadeck\HDAudioCPL.exe 1
    mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
    mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
    mRun: [Amazing3DAquariumWallpaper]
    mRun: [FixCamera] c:\windows\FixCamera.exe
    mRun: [tsnpstd3] c:\windows\tsnpstd3.exe
    mRun: [snpstd3] c:\windows\vsnpstd3.exe
    mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
    mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe
    mRun: [MyWebSearch Plugin] rundll32 c:\progra~1\mywebs~1\bar\2.bin\M3PLUGIN.DLL,UPF
    mRun: [MyWebSearch Email Plugin] c:\progra~1\mywebs~1\bar\2.bin\mwsoemon.exe
    mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
    mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
    mRun: [My Web Search Bar Search Scope Monitor] "c:\progra~1\mywebs~1\bar\2.bin\m3SrchMn.exe" /m=2 /w /h
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
    mRun: [soft2PC] "c:\program files\soft2pc\soft2pc.exe"
    mRunOnce: [Helper] c:\users\user\appdata\roaming\soft2pc\software\SoftwareHP.exe -runonce
    dRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
    dRunOnce: [<NO NAME>]
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
    uPolicies-explorer: HideClock = 0 (0x0)
    mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
    mPolicies-system: EnableLUA = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jh...
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office10\EXCEL.EXE/3000
    IE: E&xporter vers Microsoft Excel - c:\progra~1\mi1933~1\office12\EXCEL.EXE/3000
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office12\REFIEBAR.DLL
    IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
    DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
    DPF: Microsoft XML Parser for Java - file:///C:/Windows/Java/classes/xmldso.cab
    DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} - hxxps://static.impots.gouv.fr/abos/static/securite/certdgi1.cab
    DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - hxxp://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/CursorManiaInitialSetup1.0.1.1.cab
    DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
    DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} - hxxps://plugins.valueactive.eu/flashax/iefax.cab
    Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
    Notify: 30cf2dae509 - c:\windows\system32\dpnet32.dll
    AppInit_DLLs: c:\windows\system32\dpnet32.dll ,c:\windows\system32\dpnet32.dll,c:\windows\system32\dimsroam32.dll,,,,,,,,

    ================= FIREFOX ===================

    FF - ProfilePath - c:\users\user\appdata\roaming\mozilla\firefox\profiles\ga50zrw3.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://www5.yoog.com/search.php?q=
    FF - prefs.js: browser.search.selectedEngine - Bing
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
    FF - prefs.js: keyword.URL - hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=GRfox000&fl=0...
    FF - component: c:\users\user\appdata\roaming\mozilla\firefox\profiles\ga50zrw3.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
    FF - component: c:\users\user\appdata\roaming\mozilla\firefox\profiles\ga50zrw3.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
    FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
    FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\NPMyWebS.dll
    FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
    FF - plugin: c:\programdata\zylom\zylomgamesplayer\npzylomgamesplayer.dll
    FF - plugin: c:\users\user\appdata\roaming\mozilla\firefox\profiles\ga50zrw3.default\extensions\{e2883e8f-472f-4fb0-9522-ac9bf37916a7}\plugins\np_gp.dll
    FF - plugin: c:\users\user\appdata\roaming\mozilla\firefox\profiles\ga50zrw3.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll
    FF - plugin: c:\users\user\appdata\roaming\mozilla\plugins\npcoolirisplugin.dll
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
    FF - HiddenExtension: Firefox security: No Registry Reference - c:\program files\mozilla firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

    ---- FIREFOX POLICIES ----

    FF - user.js: google.toolbar.linkdoctor.enabled - false
    c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
    c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
    c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
    c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
    c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
    c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
    c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
    c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
    c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
    c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
    c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
    c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
    c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
    c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
    c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
    c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
    c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

    ============= SERVICES / DRIVERS ===============

    R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-3-31 114768]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-3-31 20560]
    R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2009-3-31 53328]
    R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2009-3-31 138680]
    R2 MyWebSearchService;My Web Search Service;c:\progra~1\mywebs~1\bar\2.bin\mwssvc.exe [2009-10-5 28762]
    R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2009-3-31 352920]
    R3 FETND6V;VIA Rhine Family Fast Ethernet Adapter Driver;c:\windows\system32\drivers\fetnd6v.sys [2008-9-21 43520]
    R3 S3GIGP;S3GIGP;c:\windows\system32\drivers\VTGKModeDX32.sys [2006-1-1 780288]
    R3 SIS163u;SiS163 USB Wireless LAN Adapter Driver;c:\windows\system32\drivers\sis163u.sys [2006-1-1 218624]
    R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2006-1-1 228352]
    S1 eusk2par;EUTRON SmartKey Parallel Driver;c:\windows\system32\drivers\eusk2par.sys [2009-10-21 24786]
    S2 gupdate1c9ff072b4e50fb;Service Google Update (gupdate1c9ff072b4e50fb);c:\program files\google\update\GoogleUpdate.exe [2009-7-7 133104]
    S3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2009-3-31 254040]
    S3 Boonty Games;Boonty Games;c:\program files\common files\boonty shared\service\Boonty.exe [2009-1-12 69120]
    S3 FontCache;Service de cache de police Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-11-15 21504]
    S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2009-9-29 54632]
    S3 fsssvc;Service Windows Live Contrôle parental;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864]
    S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [2009-10-27 89256]
    S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\drivers\s0016mdfl.sys [2009-10-27 15016]
    S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\drivers\s0016mdm.sys [2009-10-27 120744]
    S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0016mgmt.sys [2009-10-27 114216]
    S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\drivers\s0016nd5.sys [2009-10-27 25512]
    S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\drivers\s0016obex.sys [2009-10-27 110632]
    S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\drivers\s0016unic.sys [2009-10-27 115752]

    =============== Created Last 30 ================

    2010-03-17 18:24:09 0 d-----w- c:\programdata\Micro Application
    2010-03-17 18:24:09 0 d-----w- c:\program files\Micro Application
    2010-03-17 17:50:01 0 d-----w- c:\users\user\appdata\roaming\Soft2PC
    2010-03-17 17:49:52 0 d-----w- c:\program files\Soft2PC
    2010-03-17 05:49:32 0 d-----w- c:\programdata\Yahoo! Companion
    2010-03-17 03:28:00 0 d-----w- c:\program files\adslTV
    2010-03-11 14:55:21 524288 --sha-w- c:\users\user\ntuser.dat{64da0c68-2d1c-11df-876b-00a0d1c76a7e}.TMContainer00000000000000000002.regtrans-ms
    2010-03-11 14:55:19 524288 --sha-w- c:\users\user\ntuser.dat{64da0c68-2d1c-11df-876b-00a0d1c76a7e}.TMContainer00000000000000000001.regtrans-ms
    2010-03-11 14:55:17 65536 --sha-w- c:\users\user\ntuser.dat{64da0c68-2d1c-11df-876b-00a0d1c76a7e}.TM.blf
    2010-03-10 00:01:26 0 d-sh--w- c:\programdata\SysWoW32
    2010-03-10 00:00:58 0 d-----w- c:\programdata\50154185
    2010-03-10 00:00:40 0 d-----w- C:\System Volume Data
    2010-03-09 03:54:25 0 d-----w- c:\programdata\Games-Attack
    2010-03-09 03:54:21 0 d-----w- c:\program files\Games-Attack
    2010-03-09 03:25:09 0 d-----w- c:\programdata\Ironclad Games
    2010-03-07 21:58:13 0 d-----w- c:\programdata\ArcSoft
    2010-03-07 21:57:09 18688 ----a-w- c:\windows\system32\drivers\afc.sys
    2010-03-07 21:57:08 499712 ----a-r- c:\windows\system32\msvc7452.rra
    2010-03-07 21:57:08 245408 ----a-w- c:\windows\system32\unicows.dll
    2010-03-07 21:57:07 348160 ----a-w- c:\windows\system32\msvc7368.rra
    2010-03-07 21:55:51 212480 ----a-w- c:\windows\PCDLIB32.DLL
    2010-03-06 09:44:12 0 d-----w- c:\programdata\ESTsoft
    2010-03-06 09:44:09 0 d-----w- c:\users\user\appdata\roaming\ESTsoft
    2010-03-06 09:44:09 0 d-----w- c:\program files\ESTsoft
    2010-03-06 08:22:00 0 d-----w- c:\users\user\appdata\roaming\igraal
    2010-03-06 07:44:01 0 d-----w- c:\users\user\appdata\roaming\Passware
    2010-03-06 07:26:22 0 d-----w- c:\program files\RAR Password Unlocker
    2010-03-06 06:03:05 50 ----a-w- c:\windows\MegaManager.INI
    2010-03-06 03:28:03 0 d-----w- c:\program files\Pcsx2
    2010-03-05 17:52:48 0 d-----w- c:\program files\SuperCopier2
    2010-03-04 00:13:13 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
    2010-03-04 00:13:12 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
    2010-03-04 00:13:11 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
    2010-03-04 00:13:10 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
    2010-03-04 00:13:08 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
    2010-03-04 00:13:08 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
    2010-03-04 00:13:06 238936 ----a-w- c:\windows\system32\xactengine3_5.dll
    2010-03-04 00:13:04 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
    2010-03-04 00:11:55 3850760 ----a-w- c:\windows\system32\D3DX9_38.dll
    2010-03-04 00:11:53 479752 ----a-w- c:\windows\system32\XAudio2_0.dll
    2010-03-04 00:11:51 25608 ----a-w- c:\windows\system32\X3DAudio1_3.dll
    2010-03-04 00:11:51 238088 ----a-w- c:\windows\system32\xactengine3_0.dll
    2010-03-04 00:11:49 462864 ----a-w- c:\windows\system32\d3dx10_37.dll
    2010-03-04 00:11:49 1420824 ----a-w- c:\windows\system32\D3DCompiler_37.dll
    2010-03-04 00:11:45 3786760 ----a-w- c:\windows\system32\D3DX9_37.dll
    2010-03-04 00:07:04 0 d-----w- c:\windows\system32\directx
    2010-03-04 00:02:13 0 d-----w- c:\program files\RomStation
    2010-03-02 22:47:37 0 d-----w- c:\program files\Wakfu
    2010-03-01 23:55:50 23798 ----a-w- c:\windows\hpqins15.dat
    2010-03-01 23:52:31 0 d-----w- c:\programdata\HP Product Assistant
    2010-03-01 23:47:36 78310 ----a-w- c:\windows\hpqins05.dat
    2010-02-25 23:02:39 0 d-----w- c:\users\user\Page vierge de PERT
    2010-02-24 05:10:21 0 d-----w- c:\users\user\dwhelper
    2010-02-23 21:14:13 2048 ----a-w- c:\windows\system32\tzres.dll
    2010-02-23 21:11:57 471552 ----a-w- c:\windows\system32\secproc_isv.dll
    2010-02-23 21:11:56 471552 ----a-w- c:\windows\system32\secproc.dll
    2010-02-23 21:11:48 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe
    2010-02-23 21:11:46 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
    2010-02-23 21:11:46 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
    2010-02-23 21:11:45 518144 ----a-w- c:\windows\system32\RMActivate.exe
    2010-02-23 21:11:43 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
    2010-02-23 21:11:43 152064 ----a-w- c:\windows\system32\secproc_ssp.dll
    2010-02-23 21:11:42 332288 ----a-w- c:\windows\system32\msdrm.dll
    2010-02-23 21:08:28 1696256 ----a-w- c:\windows\system32\gameux.dll
    2010-02-23 21:08:23 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
    2010-02-23 21:08:21 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll

    ==================== Find3M ====================

    2010-03-07 21:56:06 963174 ----a-w- c:\windows\system32\perfc00C.dat
    2010-03-07 21:56:06 3108864 ----a-w- c:\windows\system32\perfh00C.dat
    2010-03-05 19:14:30 86016 ----a-w- c:\windows\inf\infpub.dat
    2010-03-05 19:14:30 143360 ----a-w- c:\windows\inf\infstrng.dat
    2010-03-05 19:14:30 143360 ----a-w- c:\windows\inf\infstor.dat
    2010-02-24 14:16:06 181632 ------w- c:\windows\system32\MpSigStub.exe
    2010-02-05 00:45:34 58351 ----a-w- c:\windows\system32\u_krxfbmupcjfiqp.dll.exe
    2010-02-02 01:32:20 0 ----a-w- c:\users\user\appdata\roaming\wklnhst.dat
    2010-01-12 16:22:26 121344 ----a-w- c:\windows\system32\csnpstd332.dll
    2010-01-12 16:21:49 121344 ----a-w- c:\windows\system32\dfrgifps32.dll
    2010-01-12 16:21:11 121344 ----a-w- c:\windows\system32\clbcatq32.dll
    2010-01-12 16:19:57 121344 ----a-w- c:\windows\system32\divx_xx0732.dll
    2010-01-12 16:19:18 121344 ----a-w- c:\windows\system32\cnvfat32.dll
    2010-01-12 16:18:40 121344 ----a-w- c:\windows\system32\d3dx9_2732.dll
    2010-01-12 16:18:07 121344 ----a-w- c:\windows\system32\CddbLangIT32.dll
    2010-01-12 16:14:48 121344 ----a-w- c:\windows\system32\d3dx10_3632.dll
    2010-01-12 16:12:13 121344 ----a-w- c:\windows\system32\brdgcfg32.dll
    2010-01-12 16:12:06 121344 ----a-w- c:\windows\system32\batmeter32.dll
    2010-01-09 13:22:08 1372 ----a-w- c:\users\user\appdata\roaming\N1PqRpBz8wDw3Sk.vbs
    2010-01-02 06:38:20 916480 ----a-w- c:\windows\system32\wininet.dll
    2010-01-02 06:32:33 71680 ----a-w- c:\windows\system32\iesetup.dll
    2010-01-02 06:32:33 109056 ----a-w- c:\windows\system32\iesysprep.dll
    2010-01-02 04:57:00 133632 ----a-w- c:\windows\system32\ieUnatt.exe
    2009-12-23 22:12:13 193024 ----a-w- c:\windows\system32\CddbLangNL32.dll
    2009-12-23 18:01:03 203776 --sh--w- c:\windows\system32\unrar.exe
    2009-12-23 18:00:51 741888 --sha-w- c:\windows\system32\311F.tmp
    2009-12-23 02:10:48 193024 ----a-w- c:\windows\system32\d3dx9_2832.dll
    2009-12-14 07:56:58 665600 ----a-w- c:\windows\inf\drvindex.dat
    2008-11-21 19:36:41 174 --sha-w- c:\program files\desktop.ini
    2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
    2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
    2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
    2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
    2006-01-01 09:12:04 37390 ----a-w- c:\windows\inf\perflib\040c\perfd.dat
    2006-01-01 09:12:04 37390 ----a-w- c:\windows\inf\perflib\040c\perfc.dat
    2006-01-01 09:12:04 340236 ----a-w- c:\windows\inf\perflib\040c\perfi.dat
    2006-01-01 09:12:04 340236 ----a-w- c:\windows\inf\perflib\040c\perfh.dat
    2009-10-16 22:13:47 245760 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\ietldcache\index.dat
    2009-10-13 16:05:50 1695 --sha-w- c:\windows\system32\GroupPolicy000.dat
    2009-10-17 03:04:00 245760 --sha-w- c:\windows\system32\config\systemprofile\appdata\roaming\microsoft\windows\ietldcache\index.dat
    2007-05-30 15:02:04 8192 --sha-w- c:\windows\users\default\NTUSER.DAT

    ============= FINISH: 17:52:33,22 ===============
    Contenus similaires
    21 Mars 2010 23:02:32

    re
    tu me posteras le rapport catchme dans ton prochain message...

  • Télécharge Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau.


    /!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\

  • Double-clique sur AD-R situé sur ton Bureau pour le lancer.
    (Sous Vista, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
  • Choisis la langue F pour français.
  • Au menu principal, choisis l'option Scanner.

    /!\ Laisse travailler l'outil /!\

  • Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).
    /!\ Pense à réactiver ton antivirus /!\
    22 Mars 2010 00:12:53

    .
    ======= RAPPORT D'AD-REMOVER 2.0.0.0,B | UNIQUEMENT XP/VISTA/7 =======
    .
    Mis à jour par C_XX le 19/03/10 à 18:30
    Contact: AdRemover.contact@gmail.com
    Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
    .
    Lancé à: 18:06:18 le 21/03/2010 | Mode normal | Option: SCAN
    Exécuté de: C:\Ad-Remover\ADR.exe
    SE: Microsoft® Windows Vista™ HomeBasic Service Pack 2 - X86
    Nom du PC: PC-DE-USER | Utilisateur actuel: USER (Administrateur)
    .
    ============== ÉLÉMENT(S) TROUVÉ(S) ==============
    .
    Service: *MyWebSearchService*
    .
    C:\Program Files\FunWebProducts
    C:\Program Files\Games-Attack
    C:\Program Files\GamesBar
    C:\Program Files\Mozilla FireFox\chrome\m3ffxtbr.jar
    C:\Program Files\Mozilla FireFox\chrome\m3ffxtbr.manifest
    C:\Program Files\Mozilla Firefox\components\krxfbmupcjfiqp.dll
    C:\Program Files\Mozilla FireFox\Plugins\NPMyWebS.dll
    C:\Program Files\MyWebSearch
    C:\Program Files\RecFree.com
    C:\Program Files\Soft2PC
    C:\Program Files\Trymedia
    C:\Program Files\VnrPack
    C:\Program Files\Windows Live\Messenger\Riched20.dll
    C:\ProgramData\Games-Attack
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games-Attack
    C:\Users\USER\AppData\Local\esqgdt.bat
    C:\Users\USER\AppData\Local\ewgimcs.bat
    C:\Users\USER\AppData\Local\hdefabf.dat
    C:\Users\USER\AppData\Local\hdefabf.exe
    C:\Users\USER\AppData\Local\hdefabf_nav.dat
    C:\Users\USER\AppData\Local\hdefabf_navps.dat
    C:\Users\USER\AppData\Local\nghhiy.bat
    C:\Users\USER\AppData\Local\oeuky.bat
    C:\Users\USER\AppData\Local\oeuky.dat
    C:\Users\USER\AppData\Local\oeuky.exe
    C:\Users\USER\AppData\Local\oeuky_nav.dat
    C:\Users\USER\AppData\Local\oeuky_navps.dat
    C:\Users\USER\AppData\Local\oeuky_navup.dat
    C:\Users\USER\AppData\Local\ogioe.bat
    C:\Users\USER\AppData\Local\qadudar.dat
    C:\Users\USER\AppData\Local\qadudar.exe
    C:\Users\USER\AppData\Local\qadudar_nav.dat
    C:\Users\USER\AppData\Local\qadudar_navps.dat
    C:\Users\USER\AppData\Local\qcuis.bat
    C:\Users\USER\AppData\Local\Soft2PC
    C:\Users\USER\AppData\Local\uwmas.bat
    C:\Users\USER\AppData\LocalLow\Fun Web Products
    C:\Users\USER\AppData\LocalLow\FunWebProducts
    C:\Users\USER\AppData\LocalLow\MyWebSearch
    C:\Users\USER\AppData\Roaming\AD ON Multimedia
    C:\Users\USER\AppData\Roaming\Mozilla\FireFox\Profiles\ga50zrw3.default\searchplugins\mywebsearch.xml
    C:\Users\USER\AppData\Roaming\Mozilla\FireFox\Profiles\ga50zrw3.default\searchplugins\Yoog Search.xml
    C:\Users\USER\AppData\Roaming\RecFree.com
    C:\Users\USER\AppData\Roaming\Soft2PC
    C:\Windows\Downloaded Program Files\F3initialsetup1.0.1.1.inf
    C:\Windows\system32\1b085822-b432-ce88-cdc7-42b01c9c6215.exe
    C:\Windows\system32\cont_milehighads-remove.exe
    C:\Windows\system32\f3PSSavr.scr
    C:\Windows\system32\krxfbmupcjfiqp.dll
    C:\Windows\system32\u_krxfbmupcjfiqp.dll.exe
    .
    HKCU\Software\AppDataLow\103e3fe1-9860-a54c-de08-b6ef50cfa746
    HKCU\Software\AppDataLow\Software\Fun Web Products
    HKCU\Software\AppDataLow\Software\MyWebSearch
    HKCU\Software\fcn
    HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{8E2FF652-1F0B-3E6E-3EF4-9C18C94C0627}
    HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search
    HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1FFFA701-8D14-49A3-B73E-4D023C49E092}
    HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{22B719D6-5C57-4AA4-98E7-5D33A9773067}
    HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{5462FFC3-1B6A-498B-B999-B4128F244B33}
    HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}
    HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
    HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DFE95FDB-1CBC-4F49-9D35-0F8ED03A4289}
    HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E8D29E53-8092-4225-BD8D-5F0A95376AE7}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44cf-8957-5838F569A31D}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0508F8F1-08E3-43EE-AAA8-09AD09803084}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3475D2C4-BBD1-4255-A70D-4125A4D30956}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4260e0cc-0f75-462e-88a3-1e05c248bf4c}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{46d5dd09-de85-9105-ae3e-2c46ce580859}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C95214A3-CB1C-DB22-8F9F-230A01D6796C}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D286E828-E6B9-484d-A058-D7323666DE33}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44cf-8957-5838F569A31D}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44cf-8957-5838F569A31D}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0508F8F1-08E3-43EE-AAA8-09AD09803084}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3475D2C4-BBD1-4255-A70D-4125A4D30956}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4260e0cc-0f75-462e-88a3-1e05c248bf4c}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{46d5dd09-de85-9105-ae3e-2c46ce580859}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C95214A3-CB1C-DB22-8F9F-230A01D6796C}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D286E828-E6B9-484d-A058-D7323666DE33}
    HKCU\Software\MyWebSearch
    HKCU\Software\PopCap
    HKCU\Software\RecFree.com
    HKCU\Software\soft2PC
    HKLM\Software\aedgency
    HKLM\Software\bandoo
    HKLM\Software\Carnival Casino
    HKLM\Software\Casino Tropez
    HKLM\Software\Classes\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D}
    HKLM\Software\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}
    HKLM\Software\Classes\CLSID\{0508F8F1-08E3-43EE-AAA8-09AD09803084}
    HKLM\Software\Classes\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
    HKLM\Software\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
    HKLM\Software\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
    HKLM\Software\Classes\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}
    HKLM\Software\Classes\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239}
    HKLM\Software\Classes\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}
    HKLM\Software\Classes\CLSID\{25560540-9571-4D7B-9389-0F166788785A}
    HKLM\Software\Classes\CLSID\{2B94FB82-1CD0-4e1b-B439-443782F4ED91}
    HKLM\Software\Classes\CLSID\{3475D2C4-BBD1-4255-A70D-4125A4D30956}
    HKLM\Software\Classes\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
    HKLM\Software\Classes\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}
    HKLM\Software\Classes\CLSID\{4260e0cc-0f75-462e-88a3-1e05c248bf4c}
    HKLM\Software\Classes\CLSID\{46d5dd09-de85-9105-ae3e-2c46ce580859}
    HKLM\Software\Classes\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}
    HKLM\Software\Classes\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
    HKLM\Software\Classes\CLSID\{65661509-980D-4cc6-A0C5-8CC589BA66AD}
    HKLM\Software\Classes\CLSID\{67FA02C4-AB30-4e77-A640-78EE8EC8673B}
    HKLM\Software\Classes\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9}
    HKLM\Software\Classes\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}
    HKLM\Software\Classes\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}
    HKLM\Software\Classes\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983}
    HKLM\Software\Classes\CLSID\{8E2FF652-1F0B-3E6E-3EF4-9C18C94C0627}
    HKLM\Software\Classes\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}
    HKLM\Software\Classes\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA}
    HKLM\Software\Classes\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
    HKLM\Software\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}
    HKLM\Software\Classes\CLSID\{A9571378-68A1-443d-B082-284F960C6D17}
    HKLM\Software\Classes\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC}
    HKLM\Software\Classes\CLSID\{B438B6EE-8E18-4999-862B-4BB8E3A7D35B}
    HKLM\Software\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}
    HKLM\Software\Classes\CLSID\{C95214A3-CB1C-DB22-8F9F-230A01D6796C}
    HKLM\Software\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}
    HKLM\Software\Classes\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}
    HKLM\Software\Classes\CLSID\{D286E828-E6B9-484d-A058-D7323666DE33}
    HKLM\Software\Classes\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}
    HKLM\Software\Classes\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}
    HKLM\Software\Classes\CLSID\{F4E17B88-E3E5-4053-B5B2-265958D371A1}
    HKLM\Software\Classes\FunWebProducts.DataControl
    HKLM\Software\Classes\FunWebProducts.DataControl.1
    HKLM\Software\Classes\FunWebProducts.HistoryKillerScheduler
    HKLM\Software\Classes\FunWebProducts.HistoryKillerScheduler.1
    HKLM\Software\Classes\FunWebProducts.HistorySwatterControlBar
    HKLM\Software\Classes\FunWebProducts.HistorySwatterControlBar.1
    HKLM\Software\Classes\FunWebProducts.HTMLMenu
    HKLM\Software\Classes\FunWebProducts.HTMLMenu.1
    HKLM\Software\Classes\FunWebProducts.HTMLMenu.2
    HKLM\Software\Classes\FunWebProducts.IECookiesManager
    HKLM\Software\Classes\FunWebProducts.IECookiesManager.1
    HKLM\Software\Classes\FunWebProducts.KillerObjManager
    HKLM\Software\Classes\FunWebProducts.KillerObjManager.1
    HKLM\Software\Classes\FunWebProducts.PopSwatterBarButton
    HKLM\Software\Classes\FunWebProducts.PopSwatterBarButton.1
    HKLM\Software\Classes\FunWebProducts.PopSwatterSettingsControl
    HKLM\Software\Classes\FunWebProducts.PopSwatterSettingsControl.1
    HKLM\Software\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}
    HKLM\Software\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
    HKLM\Software\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}
    HKLM\Software\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
    HKLM\Software\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}
    HKLM\Software\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
    HKLM\Software\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
    HKLM\Software\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}
    HKLM\Software\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
    HKLM\Software\Classes\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}
    HKLM\Software\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
    HKLM\Software\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}
    HKLM\Software\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
    HKLM\Software\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}
    HKLM\Software\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
    HKLM\Software\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}
    HKLM\Software\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}
    HKLM\Software\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
    HKLM\Software\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}
    HKLM\Software\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
    HKLM\Software\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
    HKLM\Software\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
    HKLM\Software\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}
    HKLM\Software\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}
    HKLM\Software\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}
    HKLM\Software\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
    HKLM\Software\Classes\Interface\{CC883F50-95BB-4A25-9DBF-B801506F1BC4}
    HKLM\Software\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
    HKLM\Software\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}
    HKLM\Software\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
    HKLM\Software\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}
    HKLM\Software\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
    HKLM\Software\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
    HKLM\Software\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
    HKLM\Software\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
    HKLM\Software\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
    HKLM\Software\Classes\MyWebSearch.ChatSessionPlugin
    HKLM\Software\Classes\MyWebSearch.ChatSessionPlugin.1
    HKLM\Software\Classes\MyWebSearch.HTMLPanel
    HKLM\Software\Classes\MyWebSearch.HTMLPanel.1
    HKLM\Software\Classes\MyWebSearch.OutlookAddin
    HKLM\Software\Classes\MyWebSearch.OutlookAddin.1
    HKLM\Software\Classes\MyWebSearch.PseudoTransparentPlugin
    HKLM\Software\Classes\MyWebSearch.PseudoTransparentPlugin.1
    HKLM\Software\Classes\MyWebSearchToolBar.SettingsPlugin
    HKLM\Software\Classes\MyWebSearchToolBar.SettingsPlugin.1
    HKLM\Software\Classes\MyWebSearchToolBar.ToolbarPlugin
    HKLM\Software\Classes\MyWebSearchToolBar.ToolbarPlugin.1
    HKLM\Software\Classes\RecFree.RecFreeHlpr
    HKLM\Software\Classes\RecFree.RecFreeHlpr.1
    HKLM\Software\Classes\screensavercontrol.screensaverinstaller
    HKLM\Software\Classes\screensavercontrol.screensaverinstaller.1
    HKLM\Software\Classes\SoftwareBHO.SOFT2PCBHO
    HKLM\Software\Classes\SoftwareBHO.SOFT2PCBHO.1
    HKLM\Software\Classes\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}
    HKLM\Software\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
    HKLM\Software\Classes\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}
    HKLM\Software\Classes\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}
    HKLM\Software\Classes\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}
    HKLM\Software\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
    HKLM\Software\Classes\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}
    HKLM\Software\Classes\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}
    HKLM\Software\Classes\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}
    HKLM\Software\Classes\TypeLib\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
    HKLM\Software\Classes\TypeLib\{B52F3553-49FA-4599-81A4-F98951E0B53B}
    HKLM\Software\Classes\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}
    HKLM\Software\Classes\TypeLib\{CB0A8AB1-7575-4F6A-9C63-0A0A847B5F8C}
    HKLM\Software\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
    HKLM\Software\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
    HKLM\Software\Classes\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}
    HKLM\Software\Classes\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}
    HKLM\Software\Classes\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}
    HKLM\Software\Europa Casino
    HKLM\Software\FocusInteractive
    HKLM\Software\Fun Web Products
    HKLM\Software\FunWebProducts
    HKLM\Software\GamesBarSetup
    HKLM\Software\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
    HKLM\Software\Microsoft\Code Store Database\Distribution Units\CabBuilder
    HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}
    HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}
    HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}
    HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127}
    HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7}
    HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}
    HKLM\Software\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
    HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}
    HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
    HKLM\Software\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
    HKLM\Software\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin
    HKLM\Software\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3475D2C4-BBD1-4255-A70D-4125A4D30956}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C95214A3-CB1C-DB22-8F9F-230A01D6796C}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D286E828-E6B9-484d-A058-D7323666DE33}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E91CC310-0D9C-226F-334C-7A3A4CAB27EF}
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1b085822-b432-ce88-cdc7-42b01c9c6215
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\cont_milehighads
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\qadudar
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RecFreeToolbar
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Soft2PC_is1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Software_is1
    HKLM\Software\MyWebSearch
    HKLM\Software\PopCap
    HKLM\Software\RecFree.com
    HKLM\Software\soft2PC
    HKLM\Software\Trymedia Systems
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{07B18EA9-A523-4961-B6BB-170DE4475CCA}
    HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{00A6FAF6-072E-44CF-8957-5838F569A31D}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run|hdefabf
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Email Plugin
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run|oeuky
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run|qadudar
    HKCU\Software\Mozilla\Firefox\Extensions|ffxtlbr@recfree.com
    HKLM\Software\Microsoft\Internet Explorer\Toolbar|{0508F8F1-08E3-43EE-AAA8-09AD09803084}
    HKLM\Software\Microsoft\Internet Explorer\Toolbar|{07B18EA9-A523-4961-B6BB-170DE4475CCA}
    HKLM\Software\Microsoft\Internet Explorer\Toolbar|{66886C4D-B307-4ECA-A228-52CA9B9851A4}
    HKLM\Software\Microsoft\Windows Media\Wmsdk\Sources|F3PopularScreenSavers
    HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\post platform|FunWebProducts
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run|My Web Search Bar Search Scope Monitor
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Email Plugin
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Plugin
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run|soft2PC
    .
    ============== SCAN ADDITIONNEL ==============
    .
    * Mozilla FireFox Version 3.6 (fr) *
    .
    C:\Users\USER\..\ga50zrw3.default\prefs.js - browser.download.dir: C:\\Users\\USER\\Downloads
    C:\Users\USER\..\ga50zrw3.default\prefs.js - browser.download.lastDir: C:\\Users\\USER\\Videos\\Pictures
    C:\Users\USER\..\ga50zrw3.default\prefs.js - browser.search.defaultenginename: Yoog Search
    C:\Users\USER\..\ga50zrw3.default\prefs.js - browser.search.defaulturl: hxxp://www5.yoog.com/search.php?q=
    C:\Users\USER\..\ga50zrw3.default\prefs.js - browser.search.selectedEngine: Bing
    C:\Users\USER\..\ga50zrw3.default\prefs.js - browser.startup.homepage: hxxp://www.google.fr/
    C:\Users\USER\..\ga50zrw3.default\prefs.js - browser.startup.homepage_override.mstone: rv:1.9.2
    C:\Users\USER\..\ga50zrw3.default\prefs.js - keyword.URL: hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=GRfox000&fl=0...
    .
    TROUVÉ: C:\Users\USER\..\ga50zrw3.default\prefs.js - user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://www5.yoog.com/search.php?q=");
    TROUVÉ: C:\Users\USER\..\ga50zrw3.default\prefs.js - user_pref("browser.search.defaultenginename", "Yoog Search");
    TROUVÉ: C:\Users\USER\..\ga50zrw3.default\prefs.js - user_pref("browser.search.defaulturl", "hxxp://www5.yoog.com/search.php?q=");
    TROUVÉ: C:\Users\USER\..\ga50zrw3.default\prefs.js - user_pref("extensions.mywebsearch.openSearchURL", "hxxp://search.mywebsearch.com/mywebsearch/opensearch.jhtml?id=GRfox000&ptb=M6mvNopDABMwPnyyCwjXxQ");
    TROUVÉ: C:\Users\USER\..\ga50zrw3.default\prefs.js - user_pref("extensions.mywebsearch.prevKwdEnabled", true);
    TROUVÉ: C:\Users\USER\..\ga50zrw3.default\prefs.js - user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q=");
    TROUVÉ: C:\Users\USER\..\ga50zrw3.default\prefs.js - user_pref("keyword.URL", "hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=GRfox000&fl=0...");
    .
    * Internet Explorer Version 8.0.6001.18882 *
    .
    [HKCU\Software\Microsoft\Internet Explorer\Main]
    .
    AutoHide: yes
    Do404Search: 0x01000000
    Enable Browser Extensions: yes
    First Home Page: hxxp://y.lo.st
    Local Page: C:\Windows\system32\blank.htm
    Search bar: Preserve
    Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Show_ToolBar: yes
    Start Page: hxxp://fr.msn.com/
    .
    [HKLM\Software\Microsoft\Internet Explorer\Main]
    .
    AutoHide: yes
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=ms...
    Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Delete_Temp_Files_On_Exit: yes
    Enable Browser Extensions: yes
    Local Page: C:\Windows\System32\blank.htm
    Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Start Page: hxxp://securityresponse.symantec.com/avcenter/fix_homepage
    Use Search Asst: no
    .
    [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
    .
    Tabs: res://ieframe.dll/tabswelcome.htm
    Blank: res://mshtml.dll/blank.htm
    .
    ============== SUSPECT(S) ==============
    .
    C:\Users\USER\Documents\dimitri\AGE OF EMPIRE\AoE III\Age of Empires III\autopatcher.exe
    C:\Users\USER\Documents\dimitri\AGE OF EMPIRE\Asian Dynasties\program files\Microsoft Games\Age of Empires III\autopatchery.exe
    C:\Users\USER\Documents\dimitri\AGE OF EMPIRE\Cracks\AoE III\aoe3-112-english.exe
    C:\Users\USER\Documents\dimitri\AGE OF EMPIRE\Cracks\AoE III\pwz-a112.rar
    C:\Users\USER\Documents\dimitri\AGE OF EMPIRE\Cracks\Asian Dynasties\age3y-dtn.rar
    C:\Users\USER\Documents\dimitri\AGE OF EMPIRE\Cracks\Warchiefs\aoe3x104english.exe
    C:\Users\USER\Documents\dimitri\AGE OF EMPIRE\Cracks\Warchiefs\DataPX.rar
    C:\Users\USER\Documents\dimitri\AGE OF EMPIRE\Cracks\Warchiefs\pwz-a3w4.rar
    C:\Users\USER\Documents\dimitri\AGE OF EMPIRE\The WarChiefs\patch\age3.exe
    C:\Users\USER\Documents\dimitri\AGE OF EMPIRE\The WarChiefs\program files\Microsoft Games\Age of Empires III\autopatcherx.exe
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Automation.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Channel presets.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Clipboard files.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Collected.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\DrumSynth.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Humanizing presets\Grooves\LateSnare.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Humanizing presets\Grooves\PushPull.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Humanizing presets\Grooves\PushPullHeavy.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Humanizing presets\Grooves\Swing.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Humanizing presets\Grooves\Triplets (new).nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Humanizing presets\Grooves\Triplets.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Humanizing presets\Level\D&B.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Humanizing presets\Level\dancebass.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Humanizing presets\Level\discobass.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Humanizing presets\Level\DiscoFv.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Humanizing presets\Level\EuroDance.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Humanizing presets\Level\Fade LR.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Humanizing presets\Level\Fade RL.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Humanizing presets\Level\FunkyDrummer.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Humanizing presets\Level\HardTrance.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Humanizing presets\Level\Hihats.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Humanizing presets\Level\HipHop1.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Humanizing presets\Level\HipHop2.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Humanizing presets\Level\industrial.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Humanizing presets\Level\initial.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Humanizing presets\Level\Jungle.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Humanizing presets\Level\RaveNtn.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Humanizing presets\Level\Techno1.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Humanizing presets\Level\Techno2.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Humanizing presets\Level\technobass.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Humanizing presets.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Instruments.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Misc\Force feedback effects.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Misc.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Mixer presets.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Packs\Pads.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Packs\RealDrumkits.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Packs\Shapes.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Packs\Sytrus.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Packs\Vintage.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Packs.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Effects\Amp\Distortion\Fruity Fast Dist.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Effects\Amp\Distortion\Fruity Soft Clipper.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Effects\Amp\Distortion\Fruity Squeeze.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Effects\Amp\Distortion\Fruity WaveShaper.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Effects\Amp\Gain\Fruity PanOMatic.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Effects\Amp\Gain\Fruity Stereo Enhancer.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Effects\Controller\Fruity Formula Controller.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Effects\Controller\Fruity Peak Controller.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Effects\Controller\Fruity X-Y Controller.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Effects\Delay\Chorus\Fruity Flangus.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Effects\Delay\Delay\Fruity Delay 2.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Effects\Delay\Delay\Fruity Delay Bank.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Effects\Delay\Flanger\Fruity Flangus.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Effects\Delay\Reverb\Fruity Reeverb 2.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Effects\Dynamics\Compressor\Fruity Limiter.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Effects\Dynamics\Compressor\Fruity Multiband Compressor.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Effects\Dynamics\Compressor\Maximus.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Effects\Dynamics\Limiter\Fruity Limiter.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Effects\Dynamics\Limiter\Fruity Soft Clipper.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Effects\Dynamics\Limiter\Maximus.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Effects\Dynamics\Mastering\Maximus.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Effects\Dynamics\Mastering\Soundgoodizer.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Effects\Filter\EQ\EQUO.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Effects\Filter\EQ\Fruity Parametric EQ 2.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Effects\Filter\EQ\Fruity Parametric EQ.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Effects\Filter\Filter\EQUO.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Effects\Filter\Filter\Fruity Love Philter.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Effects\Filter\Filter\Fruity Vocoder.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Effects\Misc\Buzz Effect Adapter.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Effects\Misc\Edison.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Effects\Misc\Fruity LSD.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Effects\Misc\Fruity Scratcher.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Effects\Misc\Fruity Send.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Effects\Visual\Fruity Big Clock.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Effects\Visual\Fruity dB Meter.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Effects\Visual\Fruity HTML NoteBook.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Effects\Visual\Fruity NoteBook.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Effects\Visual\Fruity Spectroman.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Effects\Visual\Wave Candy.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Generators\Controller\Fruity Envelope Controller.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Generators\Controller\Fruity Keyboard Controller.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Generators\Drum\Drum machine\FPC.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Generators\Drum\Drum machine\Fruit Kick.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Generators\Drum\Drum machine\Fruity DrumSynth Live.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Generators\Drum\Drum machine\Slicex.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Generators\Drum\Drumloop slicer\Fruity slicer.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Generators\Drum\Drumloop slicer\Slicex.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Generators\MIDI\Dashboard.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Generators\MIDI\MIDI Out.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Generators\Misc\Buzz Generator Adapter.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Generators\Misc\Fruity Vibrator.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Generators\Misc\ReWired.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Generators\Sampler\ROMpler\BooBass.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Generators\Sampler\ROMpler\FL Keys.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Generators\Sampler\Sampler\DirectWave.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Generators\Sampler\Sampler\Fruity soundfont player.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Generators\Sampler\Sampler\Wave Traveller.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Generators\Synthesizer\Additive\BeepMap.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Generators\Synthesizer\FM\Fruity DX10.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Generators\Synthesizer\FM\Sytrus.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Generators\Synthesizer\FM\Toxic Biohazard.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Generators\Synthesizer\Granular\Fruity Granulizer.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Generators\Synthesizer\Misc\Fruit Kick.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Generators\Synthesizer\Misc\Fruity DrumSynth Live.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Generators\Synthesizer\Physical modelling\FL Slayer.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Generators\Synthesizer\Physical modelling\Plucked!.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Generators\Synthesizer\Subtractive\3x Osc.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Generators\Synthesizer\Subtractive\PoiZone.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Generators\Synthesizer\Subtractive\SimSynth.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Generators\Synthesizer\Subtractive\Sytrus.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Generators\Synthesizer\Subtractive\Toxic Biohazard.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Generators\Synthesizer\Subtractive\Wasp XT.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Generators\Synthesizer\Subtractive\Wasp.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Generators\Visual\Chrome.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Generators\Visual\Fruity Dance.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database\Generators\Visual\Fruity Video Player.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin database.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin presets\Effects.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin presets\Generators.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin presets\VST.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Plugin presets.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Project bones.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Recorded.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Rendered.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Scores.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\SimSynth.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Sliced beats.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Soundfonts.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Speech synth.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\Speech.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\TS404 Presets.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Patches\User.nfo
    C:\Users\USER\Documents\dimitri\Image-Line\FL Studio 8\Data\Projects\Templates\Other\Patch bank\Patch bank.nfo
    C:\Users\USER\Documents\dimitri\jeux\war 3\War3Patches_ROC_123a_enUS.exe
    C:\Users\USER\Documents\jeux\AoE3 & Expansions\AoE3 & Expansions\AoE III\Age of Empires III\autopatcher.exe
    C:\Users\USER\Documents\jeux\AoE3 & Expansions\AoE3 & Expansions\Asian Dynasties\program files\Microsoft Games\Age of Empires III\autopatchery.exe
    C:\Users\USER\Documents\jeux\AoE3 & Expansions\AoE3 & Expansions\Cracks\AoE III\aoe3-112-english.exe
    C:\Users\USER\Documents\jeux\AoE3 & Expansions\AoE3 & Expansions\Cracks\AoE III\pwz-a112\age3.exe
    C:\Users\USER\Documents\jeux\AoE3 & Expansions\AoE3 & Expansions\Cracks\AoE III\pwz-a112\age_3_web.url
    C:\Users\USER\Documents\jeux\AoE3 & Expansions\AoE3 & Expansions\Cracks\AoE III\pwz-a112\chktrust.exe
    C:\Users\USER\Documents\jeux\AoE3 & Expansions\AoE3 & Expansions\Cracks\AoE III\pwz-a112\dw15.exe
    C:\Users\USER\Documents\jeux\AoE3 & Expansions\AoE3 & Expansions\Cracks\AoE III\pwz-a112\ensemble_web.url
    C:\Users\USER\Documents\jeux\AoE3 & Expansions\AoE3 & Expansions\Cracks\AoE III\pwz-a112\filecrc.exe
    C:\Users\USER\Documents\jeux\AoE3 & Expansions\AoE3 & Expansions\Cracks\AoE III\pwz-a112\instapup.exe
    C:\Users\USER\Documents\jeux\AoE3 & Expansions\AoE3 & Expansions\Cracks\AoE III\pwz-a112\microsoft_web.url
    C:\Users\USER\Documents\jeux\AoE3 & Expansions\AoE3 & Expansions\Cracks\AoE III\pwz-a112\pwz.nfo
    C:\Users\USER\Documents\jeux\AoE3 & Expansions\AoE3 & Expansions\Cracks\AoE III\pwz-a112\splash.exe
    C:\Users\USER\Documents\jeux\AoE3 & Expansions\AoE3 & Expansions\Cracks\AoE III\pwz-a112.rar
    C:\Users\USER\Documents\jeux\AoE3 & Expansions\AoE3 & Expansions\Cracks\Asian Dynasties\age3y-dtn.rar
    C:\Users\USER\Documents\jeux\AoE3 & Expansions\AoE3 & Expansions\Cracks\Warchiefs\aoe3x104english.exe
    C:\Users\USER\Documents\jeux\AoE3 & Expansions\AoE3 & Expansions\Cracks\Warchiefs\DataPX.rar
    C:\Users\USER\Documents\jeux\AoE3 & Expansions\AoE3 & Expansions\Cracks\Warchiefs\pwz-a3w4.rar
    C:\Users\USER\Documents\jeux\AoE3 & Expansions\AoE3 & Expansions\The WarChiefs\patch\age3.exe
    C:\Users\USER\Documents\jeux\AoE3 & Expansions\AoE3 & Expansions\The WarChiefs\program files\Microsoft Games\Age of Empires III\autopatcherx.exe
    .
    ========================================
    .
    C:\Users\USER\AppData\Local\Temp: 194 Fichier(s), 10 Dossier(s)
    C:\Windows\temp: 15 Fichier(s), 3 Dossier(s)
    C:\Users\USER\AppData\Roaming\Microsoft\Windows\Cookies: 18 Fichier(s), 2 Dossier(s)
    Temporary Internet Files: 103 Fichier(s), 8 Dossier(s)
    .
    C:\Ad-Remover\Quarantine: 0 Fichier(s)
    C:\Ad-Remover\Backup: 1 Fichier(s)
    .
    C:\Ad-Report-SCAN[1].txt - 41462 Octet(s)
    .
    Fin à: 18:41:22, 21/03/2010
    .
    ============== E.O.F - SCAN[1] ==============
    22 Mars 2010 00:14:36

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2010-03-21 17:57:22
    Windows 6.0.6002 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden services & system hive ...

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000a94021472]
    "0017e69fc4e5"=hex:9c,72,44,a5,8a,28,eb,98,0c,1b,ce,37,c4,d7,bb,cf
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
    "s1"=dword:2df9c43f
    "s2"=dword:110480d0
    "h0"=dword:00000002

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
    "p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"
    "h0"=dword:00000001
    "ujdew"=hex:f3,26,3a,68,e3,ca,5d,7b,92,ce,41,9c,1a,4d,0e,dd,71,fb,72,80,24,..

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
    "p0"="C:\Program Files\DAEMON Tools Lite\"
    "h0"=dword:00000000
    "khjeh"=hex:b0,fa,cc,14,a4,1d,84,c4,37,0d,0c,20,cb,5b,31,3e,8e,b2,2f,d0,68,..

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
    "a0"=hex:20,01,00,00,af,19,33,2b,34,04,9b,3e,8b,40,d9,2e,51,90,e6,64,31,..
    "khjeh"=hex:8b,33,3f,be,6c,2d,99,ec,a8,27,aa,05,70,71,95,6f,70,75,20,39,21,..

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
    "khjeh"=hex:1f,8a,9e,b0,54,8a,9c,d0,b5,a6,7a,cc,6c,56,1e,1b,6e,01,59,6e,84,..
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\000a94021472]
    "0017e69fc4e5"=hex:9c,72,44,a5,8a,28,eb,98,0c,1b,ce,37,c4,d7,bb,cf
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
    "p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"
    "h0"=dword:00000001
    "ujdew"=hex:f3,26,3a,68,e3,ca,5d,7b,92,ce,41,9c,1a,4d,0e,dd,71,fb,72,80,24,..
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
    "p0"="C:\Program Files\DAEMON Tools Lite\"
    "h0"=dword:00000000
    "khjeh"=hex:b0,fa,cc,14,a4,1d,84,c4,37,0d,0c,20,cb,5b,31,3e,8e,b2,2f,d0,68,..

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
    "a0"=hex:20,01,00,00,af,19,33,2b,34,04,9b,3e,8b,40,d9,2e,51,90,e6,64,31,..
    "khjeh"=hex:8b,33,3f,be,6c,2d,99,ec,a8,27,aa,05,70,71,95,6f,70,75,20,39,21,..

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
    "khjeh"=hex:1f,8a,9e,b0,54,8a,9c,d0,b5,a6,7a,cc,6c,56,1e,1b,6e,01,59,6e,84,..

    scanning hidden registry entries ...

    scanning hidden files ...

    C:\Users\USER\AppData\Local\Temp\~DF964F.tmp
    C:\Users\USER\AppData\Local\Temp\~DF9699.tmp

    scan completed successfully
    hidden processes: 0
    hidden services: 0
    hidden files: 2

    22 Mars 2010 01:23:02

    euh tu n'est plus la!!
    22 Mars 2010 20:17:11

    re

    1

    /!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\

  • Double-clique sur AD-R situé sur ton Bureau pour le lancer.
    (Sous Vista, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
  • Choisis la langue F pour français.
  • Au menu principal, choisis l'option Nettoyer.

    /!\ Laisse travailler l'outil /!\

  • Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).
    [fixed]/!\ Pense à réactiver ton antivirus /!\

    2

    Télécharge -AtfCleaner
    http://www.atribune.org/public-beta/ATF-Cleaner.exe

    Double-cliquer sur ATF-Cleaner.exe afin de lancer le programme.
    - Si vous utilisez IE
    Sous l'onglet Main, choisir : Select All
    Cliquer sur le bouton Empty Selected
    - Si vous utilisez le navigateur Firefox :
    Cliquer Firefox au haut et choisir : Select All
    Cliquer le bouton Empty Selected
    Note : Si vous voulez conserver les mots de passe sauvegardés, cliquer "No" à l'invite.
    - Si vous utilisez le navigateur Opera :
    Cliquer Opera au haut et choisir : Select All
    Cliquer le bouton Empty Selected
    Note : Si vous voulez conserver les mots de passe sauvegardés, cliquer "No" à l'invite.
    Cliquer Exit, du menu principal, afin de fermer le programme
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS