Auto-virus
Dernière réponse : dans Sécurité
Bonjour ,
Je suis infesté de virus suite a une installation d'un logiciel .
J'ai fait un scan antivir , il m'en a detecté 12 et j'ai fait une restauration systeme .
Ca a l'air d'aller mieux mais je pense que tous n'est pas clean .
Il y avait des processus comme Qdujoa ou comme ca qui etait actif .
Je voudrais donc savoir comment verifier tous ca ? ( Hijackthis ? anti-spyware? )
Cordialement
Je suis infesté de virus suite a une installation d'un logiciel .
J'ai fait un scan antivir , il m'en a detecté 12 et j'ai fait une restauration systeme .
Ca a l'air d'aller mieux mais je pense que tous n'est pas clean .
Il y avait des processus comme Qdujoa ou comme ca qui etait actif .
Je voudrais donc savoir comment verifier tous ca ? ( Hijackthis ? anti-spyware? )
Cordialement
Autres pages sur : auto virus
Lassé par la pub ? Créez un compte
Bonjour
Télécharge![]()
DDS et sauvegarde-le sur ton bureau.
Désactive tout script bloquant, tels qu'un antivirus, un logiciel comme ad-block, noscript etc.
Double-clique sur dds.scr pour lancer l'outil.
Une fois le scan fini, un document texte, DDS.txt, va s'ouvrir .
Clique Oui à la prochaine invite Optional Scan.
Sauvegarde les deux rapports sur ton bureau et poste-moi uniquement le DDS.txt.
<@_@>**<@_@>**<@_@>**<@_@>**<@_@>**@_@>**<@_@><@_@>**<@_@>**<@_@>**<@_@>**
Télécharge
DDS et sauvegarde-le sur ton bureau.<@_@>**<@_@>**<@_@>**<@_@>**<@_@>**@_@>**<@_@><@_@>**<@_@>**<@_@>**<@_@>**
.
DDS (Ver_11-05-19.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_20
Run by Nico at 12:58:49 on 2011-05-22
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.3071.2345 [GMT 2:00]
.
AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Dassault Systemes\B18\intel_a\code\bin\CATSysDemon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files\Fichiers communs\Apple\Apple Application Support\distnoted.exe
C:\Documents and Settings\Nico\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Nico\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Nico\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Nico\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Nico\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Nico\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Nico\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Nico\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Nico\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Nico\Mes documents\Downloads\dds.scr
C:\WINDOWS\system32\WSCRIPT.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://vshare.toolbarhome.com/?hp=df
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
uSearch Bar = hxxp://g.msn.fr/0SEFRFR/SAOS02
mStart Page = hxxp://www.foozir.com/
uInternet Settings,ProxyOverride = local;*.local
mSearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=8465785e00000000000020cf304f80c7&tlver=1.4.19.19&affID=17161
uURLSearchHooks: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - c:\program files\dvdvideosofttb\tbDVD0.dll
mWinlogon: Userinit=c:\windows\system32\userinit.exe,c:\windows\system32\msybqp32.exe,
BHO: Objet d'aide à la navigation SFR: {0f6e720a-1a6b-40e1-a294-1d4d19f156c8} - c:\program files\sfr\kit\SFRNavErrorHelper.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\fichiers communs\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: CescrtHlpr Object: {2eecd738-5844-4a99-b4b6-146bf802613b} - c:\program files\babylontoolbar\babylontoolbar\1.4.19.19\bh\BabylonToolbar.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - c:\program files\dvdvideosofttb\tbDVD0.dll
BHO: Programme d'aide de l'Assistant de connexion Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\fichiers communs\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: OfferBox: {fc0d62c2-9640-4aeb-a5d5-cf25df11fa8c} - c:\program files\offerbox\OfferBoxBHO.dll
TB: Barre d'outils MSN: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\msn toolbar\01.01.2607.0\fr\msntb.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - c:\program files\dvdvideosofttb\tbDVD0.dll
TB: Babylon Toolbar: {98889811-442d-49dd-99d7-dc866be87dbc} - c:\program files\babylontoolbar\babylontoolbar\1.4.19.19\BabylonToolbarTlbr.dll
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [ISUSPM] "c:\program files\fichiers communs\installshield\updateservice\isuspm.exe" -scheduler
uRun: [Google Update] "c:\documents and settings\nico\local settings\application data\google\update\GoogleUpdate.exe" /c
uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockwave 11\SwHelper_1150596.exe -Update -1150596 -"Mozilla/5.0_(Windows;_U;_Windows_NT_5.1;_en-US)_AppleWebKit/534.16_(KHTML,_like_Gecko)_Chrome/10.0.648.204_Safari/534.16" -"http://media.jaludo.com/street_skate/street_skate_2/ind..."
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [soft2PC]
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [ASUS Update Checker] c:\program files\asus\asusupdate\updatechecker\UpdateChecker.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [BabylonToolbar] "c:\program files\babylontoolbar\babylontoolbar\1.4.19.19\BabylonToolbarsrv.exe" /md I
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\menudm~1\progra~1\dmarra~1\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
IE: E&xporter vers Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Free YouTube to Mp3 Converter - c:\documents and settings\nico\application data\dvdvideosoftiehelpers\youtubetomp3.htm
IE: {90EAE591-7E7E-434a-8E28-ECFD00071806} - c:\program files\pokerstars.fr\PokerStarsUpdate.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Trusted Zone: localhost
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: LBTWlgn - c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\nico\application data\mozilla\firefox\profiles\6gwspdjs.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://vshare.toolbarhome.com/?hp=df
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=8465785e00000000000020cf304f80c7&tlver=1.4.19.19&instlRef=sst&affID=17161&q=
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll
FF - component: c:\documents and settings\nico\application data\mozilla\firefox\profiles\6gwspdjs.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\nico\application data\mozilla\firefox\profiles\6gwspdjs.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\RadioWMPCore.dll
FF - component: c:\documents and settings\nico\application data\mozilla\firefox\profiles\6gwspdjs.default\extensions\ffxtlbr@babylon.com\components\FFHst.dll
FF - component: c:\program files\offerbox\offerboxffx@offerbox.com\components\OfferBoxXpCom.dll
FF - plugin: c:\docume~1\nico\applic~1\powerc~1\nppowerloader.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\documents and settings\nico\application data\mozilla\firefox\profiles\6gwspdjs.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll
FF - plugin: c:\documents and settings\nico\local settings\application data\google\update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPAskSBr.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - plugin: c:\program files\veetle\player\npvlc.dll
FF - plugin: c:\program files\veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\veetle\vlcbroadcast\npvbp.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Babylon: ffxtlbr@babylon.com - %profile%\extensions\ffxtlbr@babylon.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: UltraSurf Firefox Tool: {5B52016C-D097-4aec-BE61-9F129D8FDDBA} - %profile%\extensions\{5B52016C-D097-4aec-BE61-9F129D8FDDBA}
FF - Ext: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - %profile%\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
FF - Ext: Ma-config.com: {bb628310-0ab7-11db-9cd8-0800200c9a66} - %profile%\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}
FF - Ext: vShare: vshare@toolbar - %profile%\extensions\vshare@toolbar
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: OfferBox: offerboxffx@offerbox.com - c:\program files\offerbox\offerboxffx@offerbox.com
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\Ext
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
FF - user.js: keyword.URL - hxxp://redirecterror.sfr.fr/?q=
.
============= SERVICES / DRIVERS ===============
.
R1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2010-12-28 11448]
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2009-10-21 11608]
R1 LUMDriver;LUMDriver;c:\windows\system32\drivers\LUMDriver.sys [2007-4-24 16688]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\avira\antivir desktop\sched.exe [2009-10-21 108289]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2009-10-21 185089]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-10-21 56816]
R2 BBDemon;Backbone Service;c:\program files\dassault systemes\b18\intel_a\code\bin\CATSysDemon.exe [2007-5-4 36864]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-11-6 54752]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [2010-12-28 56992]
S2 gupdate;Service Google Update (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-5-14 136176]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-12-17 1691480]
S3 Amps2prt;Compatible PS/2 Port Mouse Driver;c:\windows\system32\drivers\Amps2prt.sys [2007-4-19 14336]
S3 cpuz130;cpuz130;\??\c:\docume~1\nico\locals~1\temp\cpuz130\cpuz_x32.sys --> c:\docume~1\nico\locals~1\temp\cpuz130\cpuz_x32.sys [?]
S3 fsssvc;Service Windows Live Contrôle parental;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864]
S3 gupdatem;Service Google Update (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-5-14 136176]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2011-3-10 311744]
S3 sea3bus;Sony Ericsson Device 0A3 driver (WDM);c:\windows\system32\drivers\sea3bus.sys [2010-8-7 61600]
S3 sea3mdfl;Sony Ericsson Device 0A3 USB WMC Modem Filter;c:\windows\system32\drivers\sea3mdfl.sys [2010-8-7 9392]
S3 sea3mdm;Sony Ericsson Device 0A3 USB WMC Modem Driver;c:\windows\system32\drivers\sea3mdm.sys [2010-8-7 97152]
S3 sea3mgmt;Sony Ericsson Device 0A3 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\sea3mgmt.sys [2010-8-7 88656]
S3 sea3nd5;Sony Ericsson Device 0A3 USB Ethernet Emulation SEMCA3 (NDIS);c:\windows\system32\drivers\sea3nd5.sys [2010-8-7 18736]
S3 sea3obex;Sony Ericsson Device 0A3 USB WMC OBEX Interface;c:\windows\system32\drivers\sea3obex.sys [2010-8-7 86464]
S3 sea3unic;Sony Ericsson Device 0A3 USB Ethernet Emulation SEMCA3 (WDM);c:\windows\system32\drivers\sea3unic.sys [2010-8-7 90832]
S3 ZTEusbvoice;ZTE VoUSB Port;c:\windows\system32\drivers\ZTEusbvoice.sys [2011-4-7 105344]
.
=============== Created Last 30 ================
.
2011-05-22 08:53:47 -------- d-----w- c:\windows\system32\wbem\repository\FS
2011-05-22 08:53:47 -------- d-----w- c:\windows\system32\wbem\Repository
2011-05-21 10:54:33 -------- d-----w- c:\documents and settings\nico\application data\Unity
2011-05-21 10:48:19 -------- d-----w- c:\documents and settings\nico\local settings\application data\Unity
2011-05-21 08:31:02 -------- d-----w- c:\documents and settings\nico\application data\ptc
2011-05-21 08:22:09 -------- d-----w- c:\program files\PTC
2011-05-21 08:12:02 -------- d-----w- c:\program files\proeWildfire 5.0
2011-05-10 19:46:33 10915840 ----a-w- c:\windows\system32\libmfxhw32.dll
2011-05-10 19:46:33 10833920 ----a-w- c:\windows\system32\libmfxsw32.dll
2011-05-10 19:40:01 -------- d-----w- c:\program files\Total Video Converter
2011-05-10 19:37:00 -------- d-----w- c:\documents and settings\nico\application data\FreeVideoConverter
2011-05-10 19:28:44 11776 ----a-w- c:\program files\mozilla firefox\plugins\nprjplug.dll
2011-05-10 19:28:36 -------- d-----w- c:\program files\fichiers communs\xing shared
2011-05-10 19:28:28 150712 ----a-w- c:\program files\mozilla firefox\plugins\nppl3260.dll
2011-05-10 19:28:24 105472 ----a-w- c:\program files\mozilla firefox\plugins\nprpjplug.dll
2011-05-07 14:30:44 33104 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll
2011-05-07 14:30:44 32656 ----a-w- c:\windows\system32\msonpmon.dll
2011-05-07 14:23:14 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2011-05-07 14:22:36 -------- d-----w- c:\documents and settings\nico\local settings\application data\Microsoft Help
2011-04-26 11:47:06 -------- d-----w- c:\documents and settings\all users\application data\Codemasters
2011-04-26 11:40:25 17686528 ----a-w- c:\windows\system32\mkl_blueripple.dll
2011-04-26 11:40:25 1380352 ----a-w- c:\windows\system32\rapture3d_oal.dll
2011-04-26 11:40:24 -------- d-----w- c:\program files\BRS
2011-04-26 11:40:22 809560 ----a-r- c:\windows\system32\tmpF9.tmp
2011-04-26 11:40:22 809560 ----a-r- c:\windows\system32\tmpF8.tmp
2011-04-26 11:24:46 -------- d-----w- c:\program files\Codemasters
.
==================== Find3M ====================
.
2011-05-21 08:42:52 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
2011-05-10 19:28:19 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-04-26 11:40:23 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2011-04-26 11:40:23 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2011-04-10 18:58:24 137176 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-04-10 18:58:19 268952 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-04-10 18:58:19 268952 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-04-10 11:07:07 268952 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-03-22 14:10:02 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-03-07 05:33:47 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:36:19 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:53:37 1858048 ----a-w- c:\windows\system32\win32k.sys
2011-02-26 01:19:32 41872 ----a-w- c:\windows\system32\xfcodec.dll
2011-02-22 23:05:48 916480 ----a-w- c:\windows\system32\wininet.dll
2011-02-22 23:05:47 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-02-22 23:05:47 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-02-22 11:42:13 385024 ----a-w- c:\windows\system32\html.iec
.
============= FINISH: 13:00:03,82 ===============
DDS (Ver_11-05-19.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_20
Run by Nico at 12:58:49 on 2011-05-22
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.3071.2345 [GMT 2:00]
.
AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Dassault Systemes\B18\intel_a\code\bin\CATSysDemon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files\Fichiers communs\Apple\Apple Application Support\distnoted.exe
C:\Documents and Settings\Nico\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Nico\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Nico\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Nico\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Nico\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Nico\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Nico\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Nico\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Nico\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Nico\Mes documents\Downloads\dds.scr
C:\WINDOWS\system32\WSCRIPT.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://vshare.toolbarhome.com/?hp=df
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
uSearch Bar = hxxp://g.msn.fr/0SEFRFR/SAOS02
mStart Page = hxxp://www.foozir.com/
uInternet Settings,ProxyOverride = local;*.local
mSearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=8465785e00000000000020cf304f80c7&tlver=1.4.19.19&affID=17161
uURLSearchHooks: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - c:\program files\dvdvideosofttb\tbDVD0.dll
mWinlogon: Userinit=c:\windows\system32\userinit.exe,c:\windows\system32\msybqp32.exe,
BHO: Objet d'aide à la navigation SFR: {0f6e720a-1a6b-40e1-a294-1d4d19f156c8} - c:\program files\sfr\kit\SFRNavErrorHelper.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\fichiers communs\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: CescrtHlpr Object: {2eecd738-5844-4a99-b4b6-146bf802613b} - c:\program files\babylontoolbar\babylontoolbar\1.4.19.19\bh\BabylonToolbar.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - c:\program files\dvdvideosofttb\tbDVD0.dll
BHO: Programme d'aide de l'Assistant de connexion Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\fichiers communs\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: OfferBox: {fc0d62c2-9640-4aeb-a5d5-cf25df11fa8c} - c:\program files\offerbox\OfferBoxBHO.dll
TB: Barre d'outils MSN: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\msn toolbar\01.01.2607.0\fr\msntb.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - c:\program files\dvdvideosofttb\tbDVD0.dll
TB: Babylon Toolbar: {98889811-442d-49dd-99d7-dc866be87dbc} - c:\program files\babylontoolbar\babylontoolbar\1.4.19.19\BabylonToolbarTlbr.dll
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [ISUSPM] "c:\program files\fichiers communs\installshield\updateservice\isuspm.exe" -scheduler
uRun: [Google Update] "c:\documents and settings\nico\local settings\application data\google\update\GoogleUpdate.exe" /c
uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockwave 11\SwHelper_1150596.exe -Update -1150596 -"Mozilla/5.0_(Windows;_U;_Windows_NT_5.1;_en-US)_AppleWebKit/534.16_(KHTML,_like_Gecko)_Chrome/10.0.648.204_Safari/534.16" -"http://media.jaludo.com/street_skate/street_skate_2/ind..."
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [soft2PC]
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [ASUS Update Checker] c:\program files\asus\asusupdate\updatechecker\UpdateChecker.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [BabylonToolbar] "c:\program files\babylontoolbar\babylontoolbar\1.4.19.19\BabylonToolbarsrv.exe" /md I
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\menudm~1\progra~1\dmarra~1\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
IE: E&xporter vers Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Free YouTube to Mp3 Converter - c:\documents and settings\nico\application data\dvdvideosoftiehelpers\youtubetomp3.htm
IE: {90EAE591-7E7E-434a-8E28-ECFD00071806} - c:\program files\pokerstars.fr\PokerStarsUpdate.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Trusted Zone: localhost
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: LBTWlgn - c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\nico\application data\mozilla\firefox\profiles\6gwspdjs.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://vshare.toolbarhome.com/?hp=df
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=8465785e00000000000020cf304f80c7&tlver=1.4.19.19&instlRef=sst&affID=17161&q=
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll
FF - component: c:\documents and settings\nico\application data\mozilla\firefox\profiles\6gwspdjs.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\nico\application data\mozilla\firefox\profiles\6gwspdjs.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\RadioWMPCore.dll
FF - component: c:\documents and settings\nico\application data\mozilla\firefox\profiles\6gwspdjs.default\extensions\ffxtlbr@babylon.com\components\FFHst.dll
FF - component: c:\program files\offerbox\offerboxffx@offerbox.com\components\OfferBoxXpCom.dll
FF - plugin: c:\docume~1\nico\applic~1\powerc~1\nppowerloader.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\documents and settings\nico\application data\mozilla\firefox\profiles\6gwspdjs.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll
FF - plugin: c:\documents and settings\nico\local settings\application data\google\update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPAskSBr.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - plugin: c:\program files\veetle\player\npvlc.dll
FF - plugin: c:\program files\veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\veetle\vlcbroadcast\npvbp.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Babylon: ffxtlbr@babylon.com - %profile%\extensions\ffxtlbr@babylon.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: UltraSurf Firefox Tool: {5B52016C-D097-4aec-BE61-9F129D8FDDBA} - %profile%\extensions\{5B52016C-D097-4aec-BE61-9F129D8FDDBA}
FF - Ext: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - %profile%\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
FF - Ext: Ma-config.com: {bb628310-0ab7-11db-9cd8-0800200c9a66} - %profile%\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}
FF - Ext: vShare: vshare@toolbar - %profile%\extensions\vshare@toolbar
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: OfferBox: offerboxffx@offerbox.com - c:\program files\offerbox\offerboxffx@offerbox.com
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\Ext
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
FF - user.js: keyword.URL - hxxp://redirecterror.sfr.fr/?q=
.
============= SERVICES / DRIVERS ===============
.
R1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2010-12-28 11448]
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2009-10-21 11608]
R1 LUMDriver;LUMDriver;c:\windows\system32\drivers\LUMDriver.sys [2007-4-24 16688]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\avira\antivir desktop\sched.exe [2009-10-21 108289]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2009-10-21 185089]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-10-21 56816]
R2 BBDemon;Backbone Service;c:\program files\dassault systemes\b18\intel_a\code\bin\CATSysDemon.exe [2007-5-4 36864]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-11-6 54752]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [2010-12-28 56992]
S2 gupdate;Service Google Update (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-5-14 136176]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-12-17 1691480]
S3 Amps2prt;Compatible PS/2 Port Mouse Driver;c:\windows\system32\drivers\Amps2prt.sys [2007-4-19 14336]
S3 cpuz130;cpuz130;\??\c:\docume~1\nico\locals~1\temp\cpuz130\cpuz_x32.sys --> c:\docume~1\nico\locals~1\temp\cpuz130\cpuz_x32.sys [?]
S3 fsssvc;Service Windows Live Contrôle parental;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864]
S3 gupdatem;Service Google Update (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-5-14 136176]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2011-3-10 311744]
S3 sea3bus;Sony Ericsson Device 0A3 driver (WDM);c:\windows\system32\drivers\sea3bus.sys [2010-8-7 61600]
S3 sea3mdfl;Sony Ericsson Device 0A3 USB WMC Modem Filter;c:\windows\system32\drivers\sea3mdfl.sys [2010-8-7 9392]
S3 sea3mdm;Sony Ericsson Device 0A3 USB WMC Modem Driver;c:\windows\system32\drivers\sea3mdm.sys [2010-8-7 97152]
S3 sea3mgmt;Sony Ericsson Device 0A3 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\sea3mgmt.sys [2010-8-7 88656]
S3 sea3nd5;Sony Ericsson Device 0A3 USB Ethernet Emulation SEMCA3 (NDIS);c:\windows\system32\drivers\sea3nd5.sys [2010-8-7 18736]
S3 sea3obex;Sony Ericsson Device 0A3 USB WMC OBEX Interface;c:\windows\system32\drivers\sea3obex.sys [2010-8-7 86464]
S3 sea3unic;Sony Ericsson Device 0A3 USB Ethernet Emulation SEMCA3 (WDM);c:\windows\system32\drivers\sea3unic.sys [2010-8-7 90832]
S3 ZTEusbvoice;ZTE VoUSB Port;c:\windows\system32\drivers\ZTEusbvoice.sys [2011-4-7 105344]
.
=============== Created Last 30 ================
.
2011-05-22 08:53:47 -------- d-----w- c:\windows\system32\wbem\repository\FS
2011-05-22 08:53:47 -------- d-----w- c:\windows\system32\wbem\Repository
2011-05-21 10:54:33 -------- d-----w- c:\documents and settings\nico\application data\Unity
2011-05-21 10:48:19 -------- d-----w- c:\documents and settings\nico\local settings\application data\Unity
2011-05-21 08:31:02 -------- d-----w- c:\documents and settings\nico\application data\ptc
2011-05-21 08:22:09 -------- d-----w- c:\program files\PTC
2011-05-21 08:12:02 -------- d-----w- c:\program files\proeWildfire 5.0
2011-05-10 19:46:33 10915840 ----a-w- c:\windows\system32\libmfxhw32.dll
2011-05-10 19:46:33 10833920 ----a-w- c:\windows\system32\libmfxsw32.dll
2011-05-10 19:40:01 -------- d-----w- c:\program files\Total Video Converter
2011-05-10 19:37:00 -------- d-----w- c:\documents and settings\nico\application data\FreeVideoConverter
2011-05-10 19:28:44 11776 ----a-w- c:\program files\mozilla firefox\plugins\nprjplug.dll
2011-05-10 19:28:36 -------- d-----w- c:\program files\fichiers communs\xing shared
2011-05-10 19:28:28 150712 ----a-w- c:\program files\mozilla firefox\plugins\nppl3260.dll
2011-05-10 19:28:24 105472 ----a-w- c:\program files\mozilla firefox\plugins\nprpjplug.dll
2011-05-07 14:30:44 33104 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll
2011-05-07 14:30:44 32656 ----a-w- c:\windows\system32\msonpmon.dll
2011-05-07 14:23:14 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2011-05-07 14:22:36 -------- d-----w- c:\documents and settings\nico\local settings\application data\Microsoft Help
2011-04-26 11:47:06 -------- d-----w- c:\documents and settings\all users\application data\Codemasters
2011-04-26 11:40:25 17686528 ----a-w- c:\windows\system32\mkl_blueripple.dll
2011-04-26 11:40:25 1380352 ----a-w- c:\windows\system32\rapture3d_oal.dll
2011-04-26 11:40:24 -------- d-----w- c:\program files\BRS
2011-04-26 11:40:22 809560 ----a-r- c:\windows\system32\tmpF9.tmp
2011-04-26 11:40:22 809560 ----a-r- c:\windows\system32\tmpF8.tmp
2011-04-26 11:24:46 -------- d-----w- c:\program files\Codemasters
.
==================== Find3M ====================
.
2011-05-21 08:42:52 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
2011-05-10 19:28:19 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-04-26 11:40:23 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2011-04-26 11:40:23 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2011-04-10 18:58:24 137176 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-04-10 18:58:19 268952 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-04-10 18:58:19 268952 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-04-10 11:07:07 268952 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-03-22 14:10:02 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-03-07 05:33:47 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:36:19 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:53:37 1858048 ----a-w- c:\windows\system32\win32k.sys
2011-02-26 01:19:32 41872 ----a-w- c:\windows\system32\xfcodec.dll
2011-02-22 23:05:48 916480 ----a-w- c:\windows\system32\wininet.dll
2011-02-22 23:05:47 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-02-22 23:05:47 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-02-22 11:42:13 385024 ----a-w- c:\windows\system32\html.iec
.
============= FINISH: 13:00:03,82 ===============
re
désinstalle Spybot, c'est devenu complètement obsolète...
Tu ferais bien de lire: Les toolbars c'est pas obligatoire!
Télécharge ![]()
Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau.
/!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\
Double-clique sur AD-R situé sur ton Bureau pour le lancer.
(Sous Vista/Seven, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
Choisis la langue F pour français.
Au menu principal, choisis l'option Scanner.
/!\ Laisse travailler l'outil /!\
Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).
/!\ Pense à réactiver ton antivirus /!\
+++++++++++++++++++++++++++++++
désinstalle Spybot, c'est devenu complètement obsolète...
Tu ferais bien de lire: Les toolbars c'est pas obligatoire!
Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau./!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\
(Sous Vista/Seven, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
/!\ Laisse travailler l'outil /!\
/!\ Pense à réactiver ton antivirus /!\
+++++++++++++++++++++++++++++++
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 14:54:37 le 22/05/2011, Mode normal
Microsoft Windows XP Professionnel Service Pack 3 (X86)
Nico@DOKHELAR-A30165 ( )
============== RECHERCHE ==============
Fichier trouvé: C:\Program Files\Mozilla FireFox\plugins\NPAskSBr.dll
Fichier trouvé: C:\WINDOWS\system32\ConduitEngine.tmp
Dossier trouvé: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\conduit
Fichier trouvé: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\searchplugins\conduit.xml
Dossier trouvé: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\extensions\vshare@toolbar
Fichier trouvé: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\searchplugins\web-search.xml
Dossier trouvé: C:\Documents and Settings\Nico\Local Settings\Application Data\Conduit
Dossier trouvé: C:\Program Files\Conduit
Dossier trouvé: C:\Documents and Settings\Nico\Local Settings\Application Data\ConduitEngine
Dossier trouvé: C:\Program Files\ConduitEngine
Dossier trouvé: C:\Documents and Settings\Nico\Application Data\PriceGong
Dossier trouvé: C:\Documents and Settings\Nico\Application Data\Soft2PC
Dossier trouvé: C:\Documents and Settings\Nico\Application Data\OfferBox
Dossier trouvé: C:\Documents and Settings\Camille\Application Data\OfferBox
Dossier trouvé: C:\Program Files\OfferBox
Dossier trouvé: C:\Program Files\Red Kawa\Video Converter App\OpenCandy
-- Fichier ouvert: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\Prefs.js --
Ligne trouvée: user_pref("CT1460988.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT146...
Ligne trouvée: user_pref("CT2269050.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER...
Ligne trouvée: user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226...
Ligne trouvée: user_pref("CommunityToolbar.MyGadgetsIntervalMM", 1440);
Ligne trouvée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr...
Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList", "CT1460988,CT2269050");
Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList2", "CT1460988,CT2269050");
Ligne trouvée: user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2269050");
Ligne trouvée: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&Sea...
Ligne trouvée: user_pref("browser.startup.homepage", "hxxp://vshare.toolbarhome.com/?hp=df");
Ligne trouvée: user_pref("extensions.enabledItems", "ffxtlbr@babylon.com:1.1.3,{ACAA314B-EEBA-48e4-AD47-84E31C44796...
Ligne trouvée: user_pref("extensions.vshare@toolbar.update.enabled", false);
Ligne trouvée: user_pref("vshare.install.date", "1302912000000");
Ligne trouvée: user_pref("vshare.install.dumpFileCount", 0);
Ligne trouvée: user_pref("vshare.install.dumpFileDisabled", false);
Ligne trouvée: user_pref("vshare.install.finished", "1.0.0");
Ligne trouvée: user_pref("vshare.install.guid", "{de50f7b3-6b66-4a6d-ae99-c70e829426f0}");
Ligne trouvée: user_pref("vshare.install.istoolbarhp", true);
Ligne trouvée: user_pref("vshare.install.istoolbarsearch", true);
Ligne trouvée: user_pref("vshare.install.laststatreq", "1305763200000");
Ligne trouvée: user_pref("vshare.install.newtab", true);
Ligne trouvée: user_pref("vshare.install.overlayVersion", 1);
Ligne trouvée: user_pref("vshare.install.userHPSettings", "");
Ligne trouvée: user_pref("vshare.install.userSPSettings", "");
-- Fichier Fermé --
-- Fichier ouvert: C:\Documents and Settings\Benjamin\Application Data\Mozilla\FireFox\Profiles\gxcu4dax.default\Prefs.js --
Ligne trouvée: user_pref("CT1460988.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT146...
Ligne trouvée: user_pref("CommunityToolbar.MyGadgetsIntervalMM", 1440);
Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList", "CT1460988");
-- Fichier Fermé --
-- Fichier ouvert: C:\Documents and Settings\Camille\Application Data\Mozilla\FireFox\Profiles\rqvjaecq.default\Prefs.js --
Ligne trouvée: user_pref("CT1460988.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT146...
Ligne trouvée: user_pref("CommunityToolbar.MyGadgetsIntervalMM", 1440);
Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList", "CT1460988");
-- Fichier Fermé --
Clé trouvée: HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé trouvée: HKLM\Software\Classes\CLSID\{A4439ABD-2A99-43D3-A138-6F544489408B}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A4439ABD-2A99-43D3-A138-6F544489408B}
Clé trouvée: HKLM\Software\Classes\CLSID\{A7E8C343-7860-4A95-9AA8-AAF30D0F6D1E}
Clé trouvée: HKLM\Software\Classes\CLSID\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé trouvée: HKLM\Software\Classes\Interface\{6612AFDD-34AD-4B89-A236-7E6D07C3FDCD}
Clé trouvée: HKLM\Software\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Clé trouvée: HKLM\Software\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Clé trouvée: HKLM\Software\Classes\TypeLib\{ED85AEBE-F834-4088-B5D3-97EB2478A6CD}
Clé trouvée: HKLM\Software\Classes\Conduit.Engine
Clé trouvée: HKLM\Software\Classes\OfferBox.OfferBoxServer
Clé trouvée: HKLM\Software\Classes\OfferBox.OfferBoxServer.1
Clé trouvée: HKLM\Software\Classes\Toolbar.CT2269050
Clé trouvée: HKLM\Software\Conduit
Clé trouvée: HKLM\Software\conduitEngine
Clé trouvée: HKLM\Software\OfferBox
Clé trouvée: HKLM\Software\OpenCandy
Clé trouvée: HKLM\Software\soft2PC
Clé trouvée: HKCU\Software\Conduit
Clé trouvée: HKCU\Software\conduitEngine
Clé trouvée: HKCU\Software\OfferBox
Clé trouvée: HKCU\Software\pacificpoker
Clé trouvée: HKCU\Software\pokerinstaller
Clé trouvée: HKCU\Software\PriceGong
Clé trouvée: HKCU\Software\soft2PC
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Pacific Poker
Clé trouvée: HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\helper
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37F4A335-D085-423e-A425-0370799166FB}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D402D124-DE78-4040-8CFD-A2F00421B63C}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\OfferBox Browser
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Software_is1
Clé trouvée: HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom
Valeur trouvée: HKLM\Software\Mozilla\Firefox\Extensions|offerboxffx@offerbox.com
Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|soft2PC
============== SCAN ADDITIONNEL ==============
**** Mozilla Firefox Version [3.0.19 (fr)] ****
Plugins\NPAskSBr.dll (Ask.com)
HKLM_MozillaPlugins\@pandonetworks.com/PandoWebPlugin (x)
HKLM_MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 (x)
HKCU_MozillaPlugins\@powerchallenge.com/PowerLoader (x)
HKCU_MozillaPlugins\pandonetworks.com/PandoWebPlugin (x)
Searchplugins\babylon.xml (hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=8465785e00000000000020cf304f80c7&tlver=1.4.19.19&affID=17161/)
Searchplugins\fcmdSrch.xml ( hxxp://start.facemoods.com/?a=iron&f=4&q={searchTerms}/)
Components\aboutRights.js
Components\aboutRobots.js
Components\nsPostUpdateWin.js
HKLM_Extensions|offerboxffx@offerbox.com - C:\Program Files\OfferBox\offerboxffx@offerbox.com
-- C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default --
Extensions\ffxtlbr@babylon.com (Babylon)
Extensions\vshare@toolbar (vShare)
Extensions\{5B52016C-D097-4aec-BE61-9F129D8FDDBA} (UltraSurf Firefox Tool)
Extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} (DVDVideoSoftTB Toolbar)
Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} (DVDVideoSoft Menu)
Extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66} (Ma-config.com)
Searchplugins\conduit.xml (hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}/)
Searchplugins\web-search.xml (?)
User.js - keyword.URL, hxxp://redirecterror.sfr.fr/?q=
Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\Nico\\Bureau
Prefs.js - browser.search.defaultenginename, Web Search...
Prefs.js - browser.search.defaulturl, hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}
Prefs.js - browser.startup.homepage, hxxp://vshare.toolbarhome.com/?hp=df
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.0.19
Prefs.js - keyword.URL, hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=8465785e00000000000020cf304f80c7&tlver=1.4.19.19&instlRef=ss...
-- C:\Documents and Settings\Benjamin\Application Data\Mozilla\FireFox\Profiles\gxcu4dax.default --
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.0.19
-- C:\Documents and Settings\Camille\Application Data\Mozilla\FireFox\Profiles\rqvjaecq.default --
Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\Camille\\Mes documents\\Mes images\\28 ans gael
Prefs.js - browser.search.defaultenginename, Bing
Prefs.js - browser.search.defaulturl, hxxp://www.bing.com/search?FORM=IEFM1&q=
Prefs.js - browser.search.selectedEngine, Google
Prefs.js - browser.startup.homepage, hxxp://go.microsoft.com/fwlink/?LinkId=69157
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.0.19
Prefs.js - keyword.URL, hxxp://www.bing.com/search?FORM=IEFM1&q=
========================================
**** Google Chrome Version [11.0.696.68] ****
Extension\bjeikeheijdjdfjbmknpefojickbkmom (C:\Program Files\OfferBox\OfferBoxChromeExtension.crx) (?)
Extension\dhkplhfnhceodhffomolpfigojocbpcb (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbar.crx) (?)
Extension\jfmjfhklogoienhpfnppmbcbjfjnkonk (C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx) (?)
-- C:\Documents and Settings\Nico\Local Settings\Application Data\Google\Chrome\User Data\Default --
Preferences - default_search_provider: "Google" (Activé: true) (?)
Preferences - homepage: hxxp://www.google.com/webhp?hl=fr
Preferences - homepage_is_newtabpage: false
Plugin - Microsoft DRM (Activé: true) (C:\Program Files\Windows Media Player\npdrmv2.dll)
Plugin - Microsoft DRM (Activé: true) (C:\Program Files\Windows Media Player\npwmsdrm.dll)
Plugin - Pando Web Plugin (Activé: true) (C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll)
Plugin - Veetle TV Player (Activé: true) (C:\Program Files\Veetle\Player\npvlc.dll)
Plugin - Veetle Broadcaster Plugin (Activé: true) (C:\Program Files\Veetle\VLCBroadcast\npvbp.dll)
Plugin - Veetle TV Core (Activé: true) (C:\Program Files\Veetle\plugins\npVeetle.dll)
Plugin - Windows Live Photo Gallery (Activé: true) (C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll)
Plugin - "Ask Toolbar Plugin Stub" (Activé: true)
Plugin - "Windows Live Photo Gallery" (Activé: true)
Plugin - "DivX Player" (Activé: true)
Plugin - "Pando Web Plugin" (Activé: true)
Plugin - "Veetle TV Core" (Activé: true)
Plugin - "BitTorrent" (Activé: true)
Plugin - "DNA Plug-in" (Activé: true)
Plugin - "Microsoft DRM" (Activé: true)
Plugin - "Power Challenge Loader" (Activé: true)
Plugin - "Veetle Broadcaster Plugin" (Activé: true)
Plugin - "Veetle TV Player" (Activé: true)
========================================
**** Internet Explorer Version [8.0.6001.18702] ****
HKCU_Main|SearchMigratedDefaultURL - hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
HKCU_Main|Search bar - hxxp://g.msn.fr/0SEFRFR/SAOS02
HKCU_Main|Search Page - hxxp://home.microsoft.com/access/allinone.asp
HKCU_Main|Start Page - hxxp://vshare.toolbarhome.com/?hp=df
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Start Page - hxxp://www.foozir.com/
HKCU_URLSearchHooks|{872b5b88-9db5-4310-bdd0-ac189557e5f5} - "DVDVideoSoftTB Toolbar" (C:\Program Files\DVDVideoSoftTB\tbDVD0.dll)
HKCU_SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A} - "Facemoods Search" (hxxp://start.facemoods.com/?a=iron&s={searchTerms}&f=4)
HKCU_SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5} - "Search the web (Babylon)" (hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=8465785e000000000...)
HKCU_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "DVDVideoSoftTB Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...)
HKCU_Toolbar\WebBrowser|{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll)
HKCU_Toolbar\WebBrowser|{32099AAC-C132-4136-9E9A-4E364A424E17} (x)
HKCU_Toolbar\WebBrowser|{872B5B88-9DB5-4310-BDD0-AC189557E5F5} (C:\Program Files\DVDVideoSoftTB\tbDVD0.dll)
HKLM_Toolbar|{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll)
HKLM_Toolbar|{872b5b88-9db5-4310-bdd0-ac189557e5f5} (C:\Program Files\DVDVideoSoftTB\tbDVD0.dll)
HKLM_Toolbar|{98889811-442D-49dd-99D7-DC866BE87DBC} (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll)
HKCU_ElevationPolicy\{1A84286C-B9A7-4CB6-AB1A-A81E9E0B05E5} - C:\Program Files\Veetle\VLCBroadcast\lbclient.exe (?)
HKCU_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files\Veetle\Player\vtl_hfs.exe (?)
HKCU_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files\Veetle\Player\player.exe (?)
HKCU_ElevationPolicy\{AD6C7CB1-6324-401E-94F4-A09BDC10C866} - C:\Program Files\Veetle\VLCBroadcast\vlc_encoder.exe (?)
HKCU_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files\Veetle\Player\vtl_hfax.exe (?)
HKLM_ElevationPolicy\${ELV_GUID} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.)
HKLM_ElevationPolicy\e664cb25-f367-47a6-97c8-11ada701f75d - C:\Program Files\DVDVideoSoftTB\DVDVideoSoftTBToolbarHelper.exe (?)
HKLM_ElevationPolicy\{37F4A335-D085-423e-A425-0370799166FB} - C:\Program Files\OfferBox\OfferBox.exe (Secure Digital Services Limited)
HKLM_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files\Veetle\Player\vtl_hfs.exe (?)
HKLM_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files\Veetle\Player\player.exe (?)
HKLM_ElevationPolicy\{B2321D2F-1154-4d97-AD3E-2FE0BAE2897B} - C:\Program Files\SFR\Kit\9launch.exe (SFR)
HKLM_ElevationPolicy\{D402D124-DE78-4040-8CFD-A2F00421B63C} - C:\Program Files\ConduitEngine\ConduitEngineHelper.exe (Conduit Ltd.)
HKLM_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files\Veetle\Player\vtl_hfax.exe (?)
HKLM_ElevationPolicy\{F601DC8A-BF3B-4AB9-B0FA-03D0954AD5CC} - C:\Program Files\DVDVideoSoftTB\DVDVideoSoftTBToolbarHelper1.exe (Conduit Ltd.)
HKLM_Extensions\{90EAE591-7E7E-434a-8E28-ECFD00071806} - "PokerStars.fr" (C:\Program Files\PokerStars.FR\main.ico)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
BHO\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - "Objet d'aide à la navigation SFR" (C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll)
BHO\{2EECD738-5844-4a99-B4B6-146BF802613B} - "CescrtHlpr Object" (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll)
BHO\{30F9B915-B755-4826-820B-08FBA6BD249D} - "Conduit Engine" (C:\Program Files\ConduitEngine\ConduitEngine.dll)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)
BHO\{872b5b88-9db5-4310-bdd0-ac189557e5f5} - "DVDVideoSoftTB Toolbar" (C:\Program Files\DVDVideoSoftTB\tbDVD0.dll)
BHO\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} - "OfferBox" (C:\Program Files\OfferBox\OfferBoxBHO.dll)
========================================
C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 1 Fichier(s)
C:\Ad-Report-SCAN[1].txt - 22/05/2011 14:54:42 (12936 Octet(s))
Fin à: 14:55:19, 22/05/2011
============== E.O.F ==============
Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 14:54:37 le 22/05/2011, Mode normal
Microsoft Windows XP Professionnel Service Pack 3 (X86)
Nico@DOKHELAR-A30165 ( )
============== RECHERCHE ==============
Fichier trouvé: C:\Program Files\Mozilla FireFox\plugins\NPAskSBr.dll
Fichier trouvé: C:\WINDOWS\system32\ConduitEngine.tmp
Dossier trouvé: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\conduit
Fichier trouvé: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\searchplugins\conduit.xml
Dossier trouvé: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\extensions\vshare@toolbar
Fichier trouvé: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\searchplugins\web-search.xml
Dossier trouvé: C:\Documents and Settings\Nico\Local Settings\Application Data\Conduit
Dossier trouvé: C:\Program Files\Conduit
Dossier trouvé: C:\Documents and Settings\Nico\Local Settings\Application Data\ConduitEngine
Dossier trouvé: C:\Program Files\ConduitEngine
Dossier trouvé: C:\Documents and Settings\Nico\Application Data\PriceGong
Dossier trouvé: C:\Documents and Settings\Nico\Application Data\Soft2PC
Dossier trouvé: C:\Documents and Settings\Nico\Application Data\OfferBox
Dossier trouvé: C:\Documents and Settings\Camille\Application Data\OfferBox
Dossier trouvé: C:\Program Files\OfferBox
Dossier trouvé: C:\Program Files\Red Kawa\Video Converter App\OpenCandy
-- Fichier ouvert: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\Prefs.js --
Ligne trouvée: user_pref("CT1460988.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT146...
Ligne trouvée: user_pref("CT2269050.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER...
Ligne trouvée: user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226...
Ligne trouvée: user_pref("CommunityToolbar.MyGadgetsIntervalMM", 1440);
Ligne trouvée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr...
Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList", "CT1460988,CT2269050");
Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList2", "CT1460988,CT2269050");
Ligne trouvée: user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2269050");
Ligne trouvée: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&Sea...
Ligne trouvée: user_pref("browser.startup.homepage", "hxxp://vshare.toolbarhome.com/?hp=df");
Ligne trouvée: user_pref("extensions.enabledItems", "ffxtlbr@babylon.com:1.1.3,{ACAA314B-EEBA-48e4-AD47-84E31C44796...
Ligne trouvée: user_pref("extensions.vshare@toolbar.update.enabled", false);
Ligne trouvée: user_pref("vshare.install.date", "1302912000000");
Ligne trouvée: user_pref("vshare.install.dumpFileCount", 0);
Ligne trouvée: user_pref("vshare.install.dumpFileDisabled", false);
Ligne trouvée: user_pref("vshare.install.finished", "1.0.0");
Ligne trouvée: user_pref("vshare.install.guid", "{de50f7b3-6b66-4a6d-ae99-c70e829426f0}");
Ligne trouvée: user_pref("vshare.install.istoolbarhp", true);
Ligne trouvée: user_pref("vshare.install.istoolbarsearch", true);
Ligne trouvée: user_pref("vshare.install.laststatreq", "1305763200000");
Ligne trouvée: user_pref("vshare.install.newtab", true);
Ligne trouvée: user_pref("vshare.install.overlayVersion", 1);
Ligne trouvée: user_pref("vshare.install.userHPSettings", "");
Ligne trouvée: user_pref("vshare.install.userSPSettings", "");
-- Fichier Fermé --
-- Fichier ouvert: C:\Documents and Settings\Benjamin\Application Data\Mozilla\FireFox\Profiles\gxcu4dax.default\Prefs.js --
Ligne trouvée: user_pref("CT1460988.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT146...
Ligne trouvée: user_pref("CommunityToolbar.MyGadgetsIntervalMM", 1440);
Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList", "CT1460988");
-- Fichier Fermé --
-- Fichier ouvert: C:\Documents and Settings\Camille\Application Data\Mozilla\FireFox\Profiles\rqvjaecq.default\Prefs.js --
Ligne trouvée: user_pref("CT1460988.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT146...
Ligne trouvée: user_pref("CommunityToolbar.MyGadgetsIntervalMM", 1440);
Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList", "CT1460988");
-- Fichier Fermé --
Clé trouvée: HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé trouvée: HKLM\Software\Classes\CLSID\{A4439ABD-2A99-43D3-A138-6F544489408B}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A4439ABD-2A99-43D3-A138-6F544489408B}
Clé trouvée: HKLM\Software\Classes\CLSID\{A7E8C343-7860-4A95-9AA8-AAF30D0F6D1E}
Clé trouvée: HKLM\Software\Classes\CLSID\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé trouvée: HKLM\Software\Classes\Interface\{6612AFDD-34AD-4B89-A236-7E6D07C3FDCD}
Clé trouvée: HKLM\Software\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Clé trouvée: HKLM\Software\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Clé trouvée: HKLM\Software\Classes\TypeLib\{ED85AEBE-F834-4088-B5D3-97EB2478A6CD}
Clé trouvée: HKLM\Software\Classes\Conduit.Engine
Clé trouvée: HKLM\Software\Classes\OfferBox.OfferBoxServer
Clé trouvée: HKLM\Software\Classes\OfferBox.OfferBoxServer.1
Clé trouvée: HKLM\Software\Classes\Toolbar.CT2269050
Clé trouvée: HKLM\Software\Conduit
Clé trouvée: HKLM\Software\conduitEngine
Clé trouvée: HKLM\Software\OfferBox
Clé trouvée: HKLM\Software\OpenCandy
Clé trouvée: HKLM\Software\soft2PC
Clé trouvée: HKCU\Software\Conduit
Clé trouvée: HKCU\Software\conduitEngine
Clé trouvée: HKCU\Software\OfferBox
Clé trouvée: HKCU\Software\pacificpoker
Clé trouvée: HKCU\Software\pokerinstaller
Clé trouvée: HKCU\Software\PriceGong
Clé trouvée: HKCU\Software\soft2PC
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Pacific Poker
Clé trouvée: HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\helper
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37F4A335-D085-423e-A425-0370799166FB}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D402D124-DE78-4040-8CFD-A2F00421B63C}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\OfferBox Browser
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Software_is1
Clé trouvée: HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom
Valeur trouvée: HKLM\Software\Mozilla\Firefox\Extensions|offerboxffx@offerbox.com
Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|soft2PC
============== SCAN ADDITIONNEL ==============
**** Mozilla Firefox Version [3.0.19 (fr)] ****
Plugins\NPAskSBr.dll (Ask.com)
HKLM_MozillaPlugins\@pandonetworks.com/PandoWebPlugin (x)
HKLM_MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 (x)
HKCU_MozillaPlugins\@powerchallenge.com/PowerLoader (x)
HKCU_MozillaPlugins\pandonetworks.com/PandoWebPlugin (x)
Searchplugins\babylon.xml (hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=8465785e00000000000020cf304f80c7&tlver=1.4.19.19&affID=17161/)
Searchplugins\fcmdSrch.xml ( hxxp://start.facemoods.com/?a=iron&f=4&q={searchTerms}/)
Components\aboutRights.js
Components\aboutRobots.js
Components\nsPostUpdateWin.js
HKLM_Extensions|offerboxffx@offerbox.com - C:\Program Files\OfferBox\offerboxffx@offerbox.com
-- C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default --
Extensions\ffxtlbr@babylon.com (Babylon)
Extensions\vshare@toolbar (vShare)
Extensions\{5B52016C-D097-4aec-BE61-9F129D8FDDBA} (UltraSurf Firefox Tool)
Extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} (DVDVideoSoftTB Toolbar)
Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} (DVDVideoSoft Menu)
Extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66} (Ma-config.com)
Searchplugins\conduit.xml (hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}/)
Searchplugins\web-search.xml (?)
User.js - keyword.URL, hxxp://redirecterror.sfr.fr/?q=
Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\Nico\\Bureau
Prefs.js - browser.search.defaultenginename, Web Search...
Prefs.js - browser.search.defaulturl, hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}
Prefs.js - browser.startup.homepage, hxxp://vshare.toolbarhome.com/?hp=df
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.0.19
Prefs.js - keyword.URL, hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=8465785e00000000000020cf304f80c7&tlver=1.4.19.19&instlRef=ss...
-- C:\Documents and Settings\Benjamin\Application Data\Mozilla\FireFox\Profiles\gxcu4dax.default --
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.0.19
-- C:\Documents and Settings\Camille\Application Data\Mozilla\FireFox\Profiles\rqvjaecq.default --
Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\Camille\\Mes documents\\Mes images\\28 ans gael
Prefs.js - browser.search.defaultenginename, Bing
Prefs.js - browser.search.defaulturl, hxxp://www.bing.com/search?FORM=IEFM1&q=
Prefs.js - browser.search.selectedEngine, Google
Prefs.js - browser.startup.homepage, hxxp://go.microsoft.com/fwlink/?LinkId=69157
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.0.19
Prefs.js - keyword.URL, hxxp://www.bing.com/search?FORM=IEFM1&q=
========================================
**** Google Chrome Version [11.0.696.68] ****
Extension\bjeikeheijdjdfjbmknpefojickbkmom (C:\Program Files\OfferBox\OfferBoxChromeExtension.crx) (?)
Extension\dhkplhfnhceodhffomolpfigojocbpcb (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbar.crx) (?)
Extension\jfmjfhklogoienhpfnppmbcbjfjnkonk (C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx) (?)
-- C:\Documents and Settings\Nico\Local Settings\Application Data\Google\Chrome\User Data\Default --
Preferences - default_search_provider: "Google" (Activé: true) (?)
Preferences - homepage: hxxp://www.google.com/webhp?hl=fr
Preferences - homepage_is_newtabpage: false
Plugin - Microsoft DRM (Activé: true) (C:\Program Files\Windows Media Player\npdrmv2.dll)
Plugin - Microsoft DRM (Activé: true) (C:\Program Files\Windows Media Player\npwmsdrm.dll)
Plugin - Pando Web Plugin (Activé: true) (C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll)
Plugin - Veetle TV Player (Activé: true) (C:\Program Files\Veetle\Player\npvlc.dll)
Plugin - Veetle Broadcaster Plugin (Activé: true) (C:\Program Files\Veetle\VLCBroadcast\npvbp.dll)
Plugin - Veetle TV Core (Activé: true) (C:\Program Files\Veetle\plugins\npVeetle.dll)
Plugin - Windows Live Photo Gallery (Activé: true) (C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll)
Plugin - "Ask Toolbar Plugin Stub" (Activé: true)
Plugin - "Windows Live Photo Gallery" (Activé: true)
Plugin - "DivX Player" (Activé: true)
Plugin - "Pando Web Plugin" (Activé: true)
Plugin - "Veetle TV Core" (Activé: true)
Plugin - "BitTorrent" (Activé: true)
Plugin - "DNA Plug-in" (Activé: true)
Plugin - "Microsoft DRM" (Activé: true)
Plugin - "Power Challenge Loader" (Activé: true)
Plugin - "Veetle Broadcaster Plugin" (Activé: true)
Plugin - "Veetle TV Player" (Activé: true)
========================================
**** Internet Explorer Version [8.0.6001.18702] ****
HKCU_Main|SearchMigratedDefaultURL - hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
HKCU_Main|Search bar - hxxp://g.msn.fr/0SEFRFR/SAOS02
HKCU_Main|Search Page - hxxp://home.microsoft.com/access/allinone.asp
HKCU_Main|Start Page - hxxp://vshare.toolbarhome.com/?hp=df
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Start Page - hxxp://www.foozir.com/
HKCU_URLSearchHooks|{872b5b88-9db5-4310-bdd0-ac189557e5f5} - "DVDVideoSoftTB Toolbar" (C:\Program Files\DVDVideoSoftTB\tbDVD0.dll)
HKCU_SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A} - "Facemoods Search" (hxxp://start.facemoods.com/?a=iron&s={searchTerms}&f=4)
HKCU_SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5} - "Search the web (Babylon)" (hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=8465785e000000000...)
HKCU_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "DVDVideoSoftTB Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...)
HKCU_Toolbar\WebBrowser|{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll)
HKCU_Toolbar\WebBrowser|{32099AAC-C132-4136-9E9A-4E364A424E17} (x)
HKCU_Toolbar\WebBrowser|{872B5B88-9DB5-4310-BDD0-AC189557E5F5} (C:\Program Files\DVDVideoSoftTB\tbDVD0.dll)
HKLM_Toolbar|{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll)
HKLM_Toolbar|{872b5b88-9db5-4310-bdd0-ac189557e5f5} (C:\Program Files\DVDVideoSoftTB\tbDVD0.dll)
HKLM_Toolbar|{98889811-442D-49dd-99D7-DC866BE87DBC} (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll)
HKCU_ElevationPolicy\{1A84286C-B9A7-4CB6-AB1A-A81E9E0B05E5} - C:\Program Files\Veetle\VLCBroadcast\lbclient.exe (?)
HKCU_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files\Veetle\Player\vtl_hfs.exe (?)
HKCU_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files\Veetle\Player\player.exe (?)
HKCU_ElevationPolicy\{AD6C7CB1-6324-401E-94F4-A09BDC10C866} - C:\Program Files\Veetle\VLCBroadcast\vlc_encoder.exe (?)
HKCU_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files\Veetle\Player\vtl_hfax.exe (?)
HKLM_ElevationPolicy\${ELV_GUID} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.)
HKLM_ElevationPolicy\e664cb25-f367-47a6-97c8-11ada701f75d - C:\Program Files\DVDVideoSoftTB\DVDVideoSoftTBToolbarHelper.exe (?)
HKLM_ElevationPolicy\{37F4A335-D085-423e-A425-0370799166FB} - C:\Program Files\OfferBox\OfferBox.exe (Secure Digital Services Limited)
HKLM_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files\Veetle\Player\vtl_hfs.exe (?)
HKLM_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files\Veetle\Player\player.exe (?)
HKLM_ElevationPolicy\{B2321D2F-1154-4d97-AD3E-2FE0BAE2897B} - C:\Program Files\SFR\Kit\9launch.exe (SFR)
HKLM_ElevationPolicy\{D402D124-DE78-4040-8CFD-A2F00421B63C} - C:\Program Files\ConduitEngine\ConduitEngineHelper.exe (Conduit Ltd.)
HKLM_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files\Veetle\Player\vtl_hfax.exe (?)
HKLM_ElevationPolicy\{F601DC8A-BF3B-4AB9-B0FA-03D0954AD5CC} - C:\Program Files\DVDVideoSoftTB\DVDVideoSoftTBToolbarHelper1.exe (Conduit Ltd.)
HKLM_Extensions\{90EAE591-7E7E-434a-8E28-ECFD00071806} - "PokerStars.fr" (C:\Program Files\PokerStars.FR\main.ico)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
BHO\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - "Objet d'aide à la navigation SFR" (C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll)
BHO\{2EECD738-5844-4a99-B4B6-146BF802613B} - "CescrtHlpr Object" (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll)
BHO\{30F9B915-B755-4826-820B-08FBA6BD249D} - "Conduit Engine" (C:\Program Files\ConduitEngine\ConduitEngine.dll)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)
BHO\{872b5b88-9db5-4310-bdd0-ac189557e5f5} - "DVDVideoSoftTB Toolbar" (C:\Program Files\DVDVideoSoftTB\tbDVD0.dll)
BHO\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} - "OfferBox" (C:\Program Files\OfferBox\OfferBoxBHO.dll)
========================================
C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 1 Fichier(s)
C:\Ad-Report-SCAN[1].txt - 22/05/2011 14:54:42 (12936 Octet(s))
Fin à: 14:55:19, 22/05/2011
============== E.O.F ==============
re
faut vraiment lire le lien que je t'ai passé ci-dessus..
tu sais que tu n'es pas obligé d'installer tout et n'importe quoi sur ton pc... faut un peu lire avant de cliquer sur oui/suivant...![:lol:]( ":lol:")
/!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\
Double-clique sur AD-R situé sur ton Bureau pour le lancer.
(Sous Vista/Seven, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
Choisis la langue F pour français.
Au menu principal, choisis l'option Nettoyer.
/!\ Laisse travailler l'outil /!\
Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).
/!\ Pense à réactiver ton antivirus /!\
faut vraiment lire le lien que je t'ai passé ci-dessus..
tu sais que tu n'es pas obligé d'installer tout et n'importe quoi sur ton pc... faut un peu lire avant de cliquer sur oui/suivant...
/!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\
(Sous Vista/Seven, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
/!\ Laisse travailler l'outil /!\
/!\ Pense à réactiver ton antivirus /!\
Ouais désinstallé quoi par exemple ?
Merci pour l'instant![;)]( ";)")
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 14:54:37 le 22/05/2011, Mode normal
Microsoft Windows XP Professionnel Service Pack 3 (X86)
Nico@DOKHELAR-A30165 ( )
============== RECHERCHE ==============
Fichier trouvé: C:\Program Files\Mozilla FireFox\plugins\NPAskSBr.dll
Fichier trouvé: C:\WINDOWS\system32\ConduitEngine.tmp
Dossier trouvé: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\conduit
Fichier trouvé: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\searchplugins\conduit.xml
Dossier trouvé: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\extensions\vshare@toolbar
Fichier trouvé: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\searchplugins\web-search.xml
Dossier trouvé: C:\Documents and Settings\Nico\Local Settings\Application Data\Conduit
Dossier trouvé: C:\Program Files\Conduit
Dossier trouvé: C:\Documents and Settings\Nico\Local Settings\Application Data\ConduitEngine
Dossier trouvé: C:\Program Files\ConduitEngine
Dossier trouvé: C:\Documents and Settings\Nico\Application Data\PriceGong
Dossier trouvé: C:\Documents and Settings\Nico\Application Data\Soft2PC
Dossier trouvé: C:\Documents and Settings\Nico\Application Data\OfferBox
Dossier trouvé: C:\Documents and Settings\Camille\Application Data\OfferBox
Dossier trouvé: C:\Program Files\OfferBox
Dossier trouvé: C:\Program Files\Red Kawa\Video Converter App\OpenCandy
-- Fichier ouvert: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\Prefs.js --
Ligne trouvée: user_pref("CT1460988.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT146...
Ligne trouvée: user_pref("CT2269050.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER...
Ligne trouvée: user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226...
Ligne trouvée: user_pref("CommunityToolbar.MyGadgetsIntervalMM", 1440);
Ligne trouvée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr...
Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList", "CT1460988,CT2269050");
Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList2", "CT1460988,CT2269050");
Ligne trouvée: user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2269050");
Ligne trouvée: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&Sea...
Ligne trouvée: user_pref("browser.startup.homepage", "hxxp://vshare.toolbarhome.com/?hp=df");
Ligne trouvée: user_pref("extensions.enabledItems", "ffxtlbr@babylon.com:1.1.3,{ACAA314B-EEBA-48e4-AD47-84E31C44796...
Ligne trouvée: user_pref("extensions.vshare@toolbar.update.enabled", false);
Ligne trouvée: user_pref("vshare.install.date", "1302912000000");
Ligne trouvée: user_pref("vshare.install.dumpFileCount", 0);
Ligne trouvée: user_pref("vshare.install.dumpFileDisabled", false);
Ligne trouvée: user_pref("vshare.install.finished", "1.0.0");
Ligne trouvée: user_pref("vshare.install.guid", "{de50f7b3-6b66-4a6d-ae99-c70e829426f0}");
Ligne trouvée: user_pref("vshare.install.istoolbarhp", true);
Ligne trouvée: user_pref("vshare.install.istoolbarsearch", true);
Ligne trouvée: user_pref("vshare.install.laststatreq", "1305763200000");
Ligne trouvée: user_pref("vshare.install.newtab", true);
Ligne trouvée: user_pref("vshare.install.overlayVersion", 1);
Ligne trouvée: user_pref("vshare.install.userHPSettings", "");
Ligne trouvée: user_pref("vshare.install.userSPSettings", "");
-- Fichier Fermé --
-- Fichier ouvert: C:\Documents and Settings\Benjamin\Application Data\Mozilla\FireFox\Profiles\gxcu4dax.default\Prefs.js --
Ligne trouvée: user_pref("CT1460988.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT146...
Ligne trouvée: user_pref("CommunityToolbar.MyGadgetsIntervalMM", 1440);
Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList", "CT1460988");
-- Fichier Fermé --
-- Fichier ouvert: C:\Documents and Settings\Camille\Application Data\Mozilla\FireFox\Profiles\rqvjaecq.default\Prefs.js --
Ligne trouvée: user_pref("CT1460988.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT146...
Ligne trouvée: user_pref("CommunityToolbar.MyGadgetsIntervalMM", 1440);
Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList", "CT1460988");
-- Fichier Fermé --
Clé trouvée: HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé trouvée: HKLM\Software\Classes\CLSID\{A4439ABD-2A99-43D3-A138-6F544489408B}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A4439ABD-2A99-43D3-A138-6F544489408B}
Clé trouvée: HKLM\Software\Classes\CLSID\{A7E8C343-7860-4A95-9AA8-AAF30D0F6D1E}
Clé trouvée: HKLM\Software\Classes\CLSID\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé trouvée: HKLM\Software\Classes\Interface\{6612AFDD-34AD-4B89-A236-7E6D07C3FDCD}
Clé trouvée: HKLM\Software\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Clé trouvée: HKLM\Software\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Clé trouvée: HKLM\Software\Classes\TypeLib\{ED85AEBE-F834-4088-B5D3-97EB2478A6CD}
Clé trouvée: HKLM\Software\Classes\Conduit.Engine
Clé trouvée: HKLM\Software\Classes\OfferBox.OfferBoxServer
Clé trouvée: HKLM\Software\Classes\OfferBox.OfferBoxServer.1
Clé trouvée: HKLM\Software\Classes\Toolbar.CT2269050
Clé trouvée: HKLM\Software\Conduit
Clé trouvée: HKLM\Software\conduitEngine
Clé trouvée: HKLM\Software\OfferBox
Clé trouvée: HKLM\Software\OpenCandy
Clé trouvée: HKLM\Software\soft2PC
Clé trouvée: HKCU\Software\Conduit
Clé trouvée: HKCU\Software\conduitEngine
Clé trouvée: HKCU\Software\OfferBox
Clé trouvée: HKCU\Software\pacificpoker
Clé trouvée: HKCU\Software\pokerinstaller
Clé trouvée: HKCU\Software\PriceGong
Clé trouvée: HKCU\Software\soft2PC
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Pacific Poker
Clé trouvée: HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\helper
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37F4A335-D085-423e-A425-0370799166FB}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D402D124-DE78-4040-8CFD-A2F00421B63C}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\OfferBox Browser
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Software_is1
Clé trouvée: HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom
Valeur trouvée: HKLM\Software\Mozilla\Firefox\Extensions|offerboxffx@offerbox.com
Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|soft2PC
============== SCAN ADDITIONNEL ==============
**** Mozilla Firefox Version [3.0.19 (fr)] ****
Plugins\NPAskSBr.dll (Ask.com)
HKLM_MozillaPlugins\@pandonetworks.com/PandoWebPlugin (x)
HKLM_MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 (x)
HKCU_MozillaPlugins\@powerchallenge.com/PowerLoader (x)
HKCU_MozillaPlugins\pandonetworks.com/PandoWebPlugin (x)
Searchplugins\babylon.xml (hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=8465785e00000000000020cf304f80c7&tlver=1.4.19.19&affID=17161/)
Searchplugins\fcmdSrch.xml ( hxxp://start.facemoods.com/?a=iron&f=4&q={searchTerms}/)
Components\aboutRights.js
Components\aboutRobots.js
Components\nsPostUpdateWin.js
HKLM_Extensions|offerboxffx@offerbox.com - C:\Program Files\OfferBox\offerboxffx@offerbox.com
-- C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default --
Extensions\ffxtlbr@babylon.com (Babylon)
Extensions\vshare@toolbar (vShare)
Extensions\{5B52016C-D097-4aec-BE61-9F129D8FDDBA} (UltraSurf Firefox Tool)
Extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} (DVDVideoSoftTB Toolbar)
Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} (DVDVideoSoft Menu)
Extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66} (Ma-config.com)
Searchplugins\conduit.xml (hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}/)
Searchplugins\web-search.xml (?)
User.js - keyword.URL, hxxp://redirecterror.sfr.fr/?q=
Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\Nico\\Bureau
Prefs.js - browser.search.defaultenginename, Web Search...
Prefs.js - browser.search.defaulturl, hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}
Prefs.js - browser.startup.homepage, hxxp://vshare.toolbarhome.com/?hp=df
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.0.19
Prefs.js - keyword.URL, hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=8465785e00000000000020cf304f80c7&tlver=1.4.19.19&instlRef=ss...
-- C:\Documents and Settings\Benjamin\Application Data\Mozilla\FireFox\Profiles\gxcu4dax.default --
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.0.19
-- C:\Documents and Settings\Camille\Application Data\Mozilla\FireFox\Profiles\rqvjaecq.default --
Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\Camille\\Mes documents\\Mes images\\28 ans gael
Prefs.js - browser.search.defaultenginename, Bing
Prefs.js - browser.search.defaulturl, hxxp://www.bing.com/search?FORM=IEFM1&q=
Prefs.js - browser.search.selectedEngine, Google
Prefs.js - browser.startup.homepage, hxxp://go.microsoft.com/fwlink/?LinkId=69157
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.0.19
Prefs.js - keyword.URL, hxxp://www.bing.com/search?FORM=IEFM1&q=
========================================
**** Google Chrome Version [11.0.696.68] ****
Extension\bjeikeheijdjdfjbmknpefojickbkmom (C:\Program Files\OfferBox\OfferBoxChromeExtension.crx) (?)
Extension\dhkplhfnhceodhffomolpfigojocbpcb (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbar.crx) (?)
Extension\jfmjfhklogoienhpfnppmbcbjfjnkonk (C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx) (?)
-- C:\Documents and Settings\Nico\Local Settings\Application Data\Google\Chrome\User Data\Default --
Preferences - default_search_provider: "Google" (Activé: true) (?)
Preferences - homepage: hxxp://www.google.com/webhp?hl=fr
Preferences - homepage_is_newtabpage: false
Plugin - Microsoft DRM (Activé: true) (C:\Program Files\Windows Media Player\npdrmv2.dll)
Plugin - Microsoft DRM (Activé: true) (C:\Program Files\Windows Media Player\npwmsdrm.dll)
Plugin - Pando Web Plugin (Activé: true) (C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll)
Plugin - Veetle TV Player (Activé: true) (C:\Program Files\Veetle\Player\npvlc.dll)
Plugin - Veetle Broadcaster Plugin (Activé: true) (C:\Program Files\Veetle\VLCBroadcast\npvbp.dll)
Plugin - Veetle TV Core (Activé: true) (C:\Program Files\Veetle\plugins\npVeetle.dll)
Plugin - Windows Live Photo Gallery (Activé: true) (C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll)
Plugin - "Ask Toolbar Plugin Stub" (Activé: true)
Plugin - "Windows Live Photo Gallery" (Activé: true)
Plugin - "DivX Player" (Activé: true)
Plugin - "Pando Web Plugin" (Activé: true)
Plugin - "Veetle TV Core" (Activé: true)
Plugin - "BitTorrent" (Activé: true)
Plugin - "DNA Plug-in" (Activé: true)
Plugin - "Microsoft DRM" (Activé: true)
Plugin - "Power Challenge Loader" (Activé: true)
Plugin - "Veetle Broadcaster Plugin" (Activé: true)
Plugin - "Veetle TV Player" (Activé: true)
========================================
**** Internet Explorer Version [8.0.6001.18702] ****
HKCU_Main|SearchMigratedDefaultURL - hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
HKCU_Main|Search bar - hxxp://g.msn.fr/0SEFRFR/SAOS02
HKCU_Main|Search Page - hxxp://home.microsoft.com/access/allinone.asp
HKCU_Main|Start Page - hxxp://vshare.toolbarhome.com/?hp=df
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Start Page - hxxp://www.foozir.com/
HKCU_URLSearchHooks|{872b5b88-9db5-4310-bdd0-ac189557e5f5} - "DVDVideoSoftTB Toolbar" (C:\Program Files\DVDVideoSoftTB\tbDVD0.dll)
HKCU_SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A} - "Facemoods Search" (hxxp://start.facemoods.com/?a=iron&s={searchTerms}&f=4)
HKCU_SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5} - "Search the web (Babylon)" (hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=8465785e000000000...)
HKCU_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "DVDVideoSoftTB Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...)
HKCU_Toolbar\WebBrowser|{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll)
HKCU_Toolbar\WebBrowser|{32099AAC-C132-4136-9E9A-4E364A424E17} (x)
HKCU_Toolbar\WebBrowser|{872B5B88-9DB5-4310-BDD0-AC189557E5F5} (C:\Program Files\DVDVideoSoftTB\tbDVD0.dll)
HKLM_Toolbar|{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll)
HKLM_Toolbar|{872b5b88-9db5-4310-bdd0-ac189557e5f5} (C:\Program Files\DVDVideoSoftTB\tbDVD0.dll)
HKLM_Toolbar|{98889811-442D-49dd-99D7-DC866BE87DBC} (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll)
HKCU_ElevationPolicy\{1A84286C-B9A7-4CB6-AB1A-A81E9E0B05E5} - C:\Program Files\Veetle\VLCBroadcast\lbclient.exe (?)
HKCU_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files\Veetle\Player\vtl_hfs.exe (?)
HKCU_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files\Veetle\Player\player.exe (?)
HKCU_ElevationPolicy\{AD6C7CB1-6324-401E-94F4-A09BDC10C866} - C:\Program Files\Veetle\VLCBroadcast\vlc_encoder.exe (?)
HKCU_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files\Veetle\Player\vtl_hfax.exe (?)
HKLM_ElevationPolicy\${ELV_GUID} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.)
HKLM_ElevationPolicy\e664cb25-f367-47a6-97c8-11ada701f75d - C:\Program Files\DVDVideoSoftTB\DVDVideoSoftTBToolbarHelper.exe (?)
HKLM_ElevationPolicy\{37F4A335-D085-423e-A425-0370799166FB} - C:\Program Files\OfferBox\OfferBox.exe (Secure Digital Services Limited)
HKLM_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files\Veetle\Player\vtl_hfs.exe (?)
HKLM_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files\Veetle\Player\player.exe (?)
HKLM_ElevationPolicy\{B2321D2F-1154-4d97-AD3E-2FE0BAE2897B} - C:\Program Files\SFR\Kit\9launch.exe (SFR)
HKLM_ElevationPolicy\{D402D124-DE78-4040-8CFD-A2F00421B63C} - C:\Program Files\ConduitEngine\ConduitEngineHelper.exe (Conduit Ltd.)
HKLM_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files\Veetle\Player\vtl_hfax.exe (?)
HKLM_ElevationPolicy\{F601DC8A-BF3B-4AB9-B0FA-03D0954AD5CC} - C:\Program Files\DVDVideoSoftTB\DVDVideoSoftTBToolbarHelper1.exe (Conduit Ltd.)
HKLM_Extensions\{90EAE591-7E7E-434a-8E28-ECFD00071806} - "PokerStars.fr" (C:\Program Files\PokerStars.FR\main.ico)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
BHO\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - "Objet d'aide à la navigation SFR" (C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll)
BHO\{2EECD738-5844-4a99-B4B6-146BF802613B} - "CescrtHlpr Object" (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll)
BHO\{30F9B915-B755-4826-820B-08FBA6BD249D} - "Conduit Engine" (C:\Program Files\ConduitEngine\ConduitEngine.dll)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)
BHO\{872b5b88-9db5-4310-bdd0-ac189557e5f5} - "DVDVideoSoftTB Toolbar" (C:\Program Files\DVDVideoSoftTB\tbDVD0.dll)
BHO\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} - "OfferBox" (C:\Program Files\OfferBox\OfferBoxBHO.dll)
========================================
C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 1 Fichier(s)
C:\Ad-Report-SCAN[1].txt - 22/05/2011 14:54:42 (12936 Octet(s))
Fin à: 14:55:19, 22/05/2011
============== E.O.F ==============
Merci pour l'instant
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 14:54:37 le 22/05/2011, Mode normal
Microsoft Windows XP Professionnel Service Pack 3 (X86)
Nico@DOKHELAR-A30165 ( )
============== RECHERCHE ==============
Fichier trouvé: C:\Program Files\Mozilla FireFox\plugins\NPAskSBr.dll
Fichier trouvé: C:\WINDOWS\system32\ConduitEngine.tmp
Dossier trouvé: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\conduit
Fichier trouvé: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\searchplugins\conduit.xml
Dossier trouvé: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\extensions\vshare@toolbar
Fichier trouvé: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\searchplugins\web-search.xml
Dossier trouvé: C:\Documents and Settings\Nico\Local Settings\Application Data\Conduit
Dossier trouvé: C:\Program Files\Conduit
Dossier trouvé: C:\Documents and Settings\Nico\Local Settings\Application Data\ConduitEngine
Dossier trouvé: C:\Program Files\ConduitEngine
Dossier trouvé: C:\Documents and Settings\Nico\Application Data\PriceGong
Dossier trouvé: C:\Documents and Settings\Nico\Application Data\Soft2PC
Dossier trouvé: C:\Documents and Settings\Nico\Application Data\OfferBox
Dossier trouvé: C:\Documents and Settings\Camille\Application Data\OfferBox
Dossier trouvé: C:\Program Files\OfferBox
Dossier trouvé: C:\Program Files\Red Kawa\Video Converter App\OpenCandy
-- Fichier ouvert: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\Prefs.js --
Ligne trouvée: user_pref("CT1460988.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT146...
Ligne trouvée: user_pref("CT2269050.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER...
Ligne trouvée: user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226...
Ligne trouvée: user_pref("CommunityToolbar.MyGadgetsIntervalMM", 1440);
Ligne trouvée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr...
Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList", "CT1460988,CT2269050");
Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList2", "CT1460988,CT2269050");
Ligne trouvée: user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2269050");
Ligne trouvée: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&Sea...
Ligne trouvée: user_pref("browser.startup.homepage", "hxxp://vshare.toolbarhome.com/?hp=df");
Ligne trouvée: user_pref("extensions.enabledItems", "ffxtlbr@babylon.com:1.1.3,{ACAA314B-EEBA-48e4-AD47-84E31C44796...
Ligne trouvée: user_pref("extensions.vshare@toolbar.update.enabled", false);
Ligne trouvée: user_pref("vshare.install.date", "1302912000000");
Ligne trouvée: user_pref("vshare.install.dumpFileCount", 0);
Ligne trouvée: user_pref("vshare.install.dumpFileDisabled", false);
Ligne trouvée: user_pref("vshare.install.finished", "1.0.0");
Ligne trouvée: user_pref("vshare.install.guid", "{de50f7b3-6b66-4a6d-ae99-c70e829426f0}");
Ligne trouvée: user_pref("vshare.install.istoolbarhp", true);
Ligne trouvée: user_pref("vshare.install.istoolbarsearch", true);
Ligne trouvée: user_pref("vshare.install.laststatreq", "1305763200000");
Ligne trouvée: user_pref("vshare.install.newtab", true);
Ligne trouvée: user_pref("vshare.install.overlayVersion", 1);
Ligne trouvée: user_pref("vshare.install.userHPSettings", "");
Ligne trouvée: user_pref("vshare.install.userSPSettings", "");
-- Fichier Fermé --
-- Fichier ouvert: C:\Documents and Settings\Benjamin\Application Data\Mozilla\FireFox\Profiles\gxcu4dax.default\Prefs.js --
Ligne trouvée: user_pref("CT1460988.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT146...
Ligne trouvée: user_pref("CommunityToolbar.MyGadgetsIntervalMM", 1440);
Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList", "CT1460988");
-- Fichier Fermé --
-- Fichier ouvert: C:\Documents and Settings\Camille\Application Data\Mozilla\FireFox\Profiles\rqvjaecq.default\Prefs.js --
Ligne trouvée: user_pref("CT1460988.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT146...
Ligne trouvée: user_pref("CommunityToolbar.MyGadgetsIntervalMM", 1440);
Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList", "CT1460988");
-- Fichier Fermé --
Clé trouvée: HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé trouvée: HKLM\Software\Classes\CLSID\{A4439ABD-2A99-43D3-A138-6F544489408B}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A4439ABD-2A99-43D3-A138-6F544489408B}
Clé trouvée: HKLM\Software\Classes\CLSID\{A7E8C343-7860-4A95-9AA8-AAF30D0F6D1E}
Clé trouvée: HKLM\Software\Classes\CLSID\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé trouvée: HKLM\Software\Classes\Interface\{6612AFDD-34AD-4B89-A236-7E6D07C3FDCD}
Clé trouvée: HKLM\Software\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Clé trouvée: HKLM\Software\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Clé trouvée: HKLM\Software\Classes\TypeLib\{ED85AEBE-F834-4088-B5D3-97EB2478A6CD}
Clé trouvée: HKLM\Software\Classes\Conduit.Engine
Clé trouvée: HKLM\Software\Classes\OfferBox.OfferBoxServer
Clé trouvée: HKLM\Software\Classes\OfferBox.OfferBoxServer.1
Clé trouvée: HKLM\Software\Classes\Toolbar.CT2269050
Clé trouvée: HKLM\Software\Conduit
Clé trouvée: HKLM\Software\conduitEngine
Clé trouvée: HKLM\Software\OfferBox
Clé trouvée: HKLM\Software\OpenCandy
Clé trouvée: HKLM\Software\soft2PC
Clé trouvée: HKCU\Software\Conduit
Clé trouvée: HKCU\Software\conduitEngine
Clé trouvée: HKCU\Software\OfferBox
Clé trouvée: HKCU\Software\pacificpoker
Clé trouvée: HKCU\Software\pokerinstaller
Clé trouvée: HKCU\Software\PriceGong
Clé trouvée: HKCU\Software\soft2PC
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Pacific Poker
Clé trouvée: HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\helper
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37F4A335-D085-423e-A425-0370799166FB}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D402D124-DE78-4040-8CFD-A2F00421B63C}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\OfferBox Browser
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Software_is1
Clé trouvée: HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom
Valeur trouvée: HKLM\Software\Mozilla\Firefox\Extensions|offerboxffx@offerbox.com
Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|soft2PC
============== SCAN ADDITIONNEL ==============
**** Mozilla Firefox Version [3.0.19 (fr)] ****
Plugins\NPAskSBr.dll (Ask.com)
HKLM_MozillaPlugins\@pandonetworks.com/PandoWebPlugin (x)
HKLM_MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 (x)
HKCU_MozillaPlugins\@powerchallenge.com/PowerLoader (x)
HKCU_MozillaPlugins\pandonetworks.com/PandoWebPlugin (x)
Searchplugins\babylon.xml (hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=8465785e00000000000020cf304f80c7&tlver=1.4.19.19&affID=17161/)
Searchplugins\fcmdSrch.xml ( hxxp://start.facemoods.com/?a=iron&f=4&q={searchTerms}/)
Components\aboutRights.js
Components\aboutRobots.js
Components\nsPostUpdateWin.js
HKLM_Extensions|offerboxffx@offerbox.com - C:\Program Files\OfferBox\offerboxffx@offerbox.com
-- C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default --
Extensions\ffxtlbr@babylon.com (Babylon)
Extensions\vshare@toolbar (vShare)
Extensions\{5B52016C-D097-4aec-BE61-9F129D8FDDBA} (UltraSurf Firefox Tool)
Extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} (DVDVideoSoftTB Toolbar)
Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} (DVDVideoSoft Menu)
Extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66} (Ma-config.com)
Searchplugins\conduit.xml (hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}/)
Searchplugins\web-search.xml (?)
User.js - keyword.URL, hxxp://redirecterror.sfr.fr/?q=
Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\Nico\\Bureau
Prefs.js - browser.search.defaultenginename, Web Search...
Prefs.js - browser.search.defaulturl, hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}
Prefs.js - browser.startup.homepage, hxxp://vshare.toolbarhome.com/?hp=df
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.0.19
Prefs.js - keyword.URL, hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=8465785e00000000000020cf304f80c7&tlver=1.4.19.19&instlRef=ss...
-- C:\Documents and Settings\Benjamin\Application Data\Mozilla\FireFox\Profiles\gxcu4dax.default --
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.0.19
-- C:\Documents and Settings\Camille\Application Data\Mozilla\FireFox\Profiles\rqvjaecq.default --
Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\Camille\\Mes documents\\Mes images\\28 ans gael
Prefs.js - browser.search.defaultenginename, Bing
Prefs.js - browser.search.defaulturl, hxxp://www.bing.com/search?FORM=IEFM1&q=
Prefs.js - browser.search.selectedEngine, Google
Prefs.js - browser.startup.homepage, hxxp://go.microsoft.com/fwlink/?LinkId=69157
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.0.19
Prefs.js - keyword.URL, hxxp://www.bing.com/search?FORM=IEFM1&q=
========================================
**** Google Chrome Version [11.0.696.68] ****
Extension\bjeikeheijdjdfjbmknpefojickbkmom (C:\Program Files\OfferBox\OfferBoxChromeExtension.crx) (?)
Extension\dhkplhfnhceodhffomolpfigojocbpcb (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbar.crx) (?)
Extension\jfmjfhklogoienhpfnppmbcbjfjnkonk (C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx) (?)
-- C:\Documents and Settings\Nico\Local Settings\Application Data\Google\Chrome\User Data\Default --
Preferences - default_search_provider: "Google" (Activé: true) (?)
Preferences - homepage: hxxp://www.google.com/webhp?hl=fr
Preferences - homepage_is_newtabpage: false
Plugin - Microsoft DRM (Activé: true) (C:\Program Files\Windows Media Player\npdrmv2.dll)
Plugin - Microsoft DRM (Activé: true) (C:\Program Files\Windows Media Player\npwmsdrm.dll)
Plugin - Pando Web Plugin (Activé: true) (C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll)
Plugin - Veetle TV Player (Activé: true) (C:\Program Files\Veetle\Player\npvlc.dll)
Plugin - Veetle Broadcaster Plugin (Activé: true) (C:\Program Files\Veetle\VLCBroadcast\npvbp.dll)
Plugin - Veetle TV Core (Activé: true) (C:\Program Files\Veetle\plugins\npVeetle.dll)
Plugin - Windows Live Photo Gallery (Activé: true) (C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll)
Plugin - "Ask Toolbar Plugin Stub" (Activé: true)
Plugin - "Windows Live Photo Gallery" (Activé: true)
Plugin - "DivX Player" (Activé: true)
Plugin - "Pando Web Plugin" (Activé: true)
Plugin - "Veetle TV Core" (Activé: true)
Plugin - "BitTorrent" (Activé: true)
Plugin - "DNA Plug-in" (Activé: true)
Plugin - "Microsoft DRM" (Activé: true)
Plugin - "Power Challenge Loader" (Activé: true)
Plugin - "Veetle Broadcaster Plugin" (Activé: true)
Plugin - "Veetle TV Player" (Activé: true)
========================================
**** Internet Explorer Version [8.0.6001.18702] ****
HKCU_Main|SearchMigratedDefaultURL - hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
HKCU_Main|Search bar - hxxp://g.msn.fr/0SEFRFR/SAOS02
HKCU_Main|Search Page - hxxp://home.microsoft.com/access/allinone.asp
HKCU_Main|Start Page - hxxp://vshare.toolbarhome.com/?hp=df
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Start Page - hxxp://www.foozir.com/
HKCU_URLSearchHooks|{872b5b88-9db5-4310-bdd0-ac189557e5f5} - "DVDVideoSoftTB Toolbar" (C:\Program Files\DVDVideoSoftTB\tbDVD0.dll)
HKCU_SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A} - "Facemoods Search" (hxxp://start.facemoods.com/?a=iron&s={searchTerms}&f=4)
HKCU_SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5} - "Search the web (Babylon)" (hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=8465785e000000000...)
HKCU_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "DVDVideoSoftTB Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...)
HKCU_Toolbar\WebBrowser|{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll)
HKCU_Toolbar\WebBrowser|{32099AAC-C132-4136-9E9A-4E364A424E17} (x)
HKCU_Toolbar\WebBrowser|{872B5B88-9DB5-4310-BDD0-AC189557E5F5} (C:\Program Files\DVDVideoSoftTB\tbDVD0.dll)
HKLM_Toolbar|{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll)
HKLM_Toolbar|{872b5b88-9db5-4310-bdd0-ac189557e5f5} (C:\Program Files\DVDVideoSoftTB\tbDVD0.dll)
HKLM_Toolbar|{98889811-442D-49dd-99D7-DC866BE87DBC} (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll)
HKCU_ElevationPolicy\{1A84286C-B9A7-4CB6-AB1A-A81E9E0B05E5} - C:\Program Files\Veetle\VLCBroadcast\lbclient.exe (?)
HKCU_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files\Veetle\Player\vtl_hfs.exe (?)
HKCU_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files\Veetle\Player\player.exe (?)
HKCU_ElevationPolicy\{AD6C7CB1-6324-401E-94F4-A09BDC10C866} - C:\Program Files\Veetle\VLCBroadcast\vlc_encoder.exe (?)
HKCU_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files\Veetle\Player\vtl_hfax.exe (?)
HKLM_ElevationPolicy\${ELV_GUID} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.)
HKLM_ElevationPolicy\e664cb25-f367-47a6-97c8-11ada701f75d - C:\Program Files\DVDVideoSoftTB\DVDVideoSoftTBToolbarHelper.exe (?)
HKLM_ElevationPolicy\{37F4A335-D085-423e-A425-0370799166FB} - C:\Program Files\OfferBox\OfferBox.exe (Secure Digital Services Limited)
HKLM_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files\Veetle\Player\vtl_hfs.exe (?)
HKLM_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files\Veetle\Player\player.exe (?)
HKLM_ElevationPolicy\{B2321D2F-1154-4d97-AD3E-2FE0BAE2897B} - C:\Program Files\SFR\Kit\9launch.exe (SFR)
HKLM_ElevationPolicy\{D402D124-DE78-4040-8CFD-A2F00421B63C} - C:\Program Files\ConduitEngine\ConduitEngineHelper.exe (Conduit Ltd.)
HKLM_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files\Veetle\Player\vtl_hfax.exe (?)
HKLM_ElevationPolicy\{F601DC8A-BF3B-4AB9-B0FA-03D0954AD5CC} - C:\Program Files\DVDVideoSoftTB\DVDVideoSoftTBToolbarHelper1.exe (Conduit Ltd.)
HKLM_Extensions\{90EAE591-7E7E-434a-8E28-ECFD00071806} - "PokerStars.fr" (C:\Program Files\PokerStars.FR\main.ico)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
BHO\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - "Objet d'aide à la navigation SFR" (C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll)
BHO\{2EECD738-5844-4a99-B4B6-146BF802613B} - "CescrtHlpr Object" (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll)
BHO\{30F9B915-B755-4826-820B-08FBA6BD249D} - "Conduit Engine" (C:\Program Files\ConduitEngine\ConduitEngine.dll)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)
BHO\{872b5b88-9db5-4310-bdd0-ac189557e5f5} - "DVDVideoSoftTB Toolbar" (C:\Program Files\DVDVideoSoftTB\tbDVD0.dll)
BHO\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} - "OfferBox" (C:\Program Files\OfferBox\OfferBoxBHO.dll)
========================================
C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 1 Fichier(s)
C:\Ad-Report-SCAN[1].txt - 22/05/2011 14:54:42 (12936 Octet(s))
Fin à: 14:55:19, 22/05/2011
============== E.O.F ==============
re
arrête déjà de cliquer sur tout et n'importe quoi...![:D]( ":D")
+++++++
Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
Une fois l'installation et la mise à jour effectuées :
Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
Afin de lancer la recherche, clic sur"Rechercher".
Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
~ Si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
~~ Si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau.
Poste ce rapport.
REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]
Note : Si tu ne parviens à télécharger MBAM à partir de MajorGeeks, tu peux le télécharger ici!
[#FF0000]Aide : Comment utiliser MBAM.
Citation :
Ouais désinstallé quoi par exemple ?arrête déjà de cliquer sur tout et n'importe quoi...
+++++++
Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Une fois l'installation et la mise à jour effectuées :
~ Si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
~~ Si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau.
REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]
Note : Si tu ne parviens à télécharger MBAM à partir de MajorGeeks, tu peux le télécharger ici!
[#FF0000]Aide :
J'ai eu encore de nouvelles infections
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Version de la base de données: 6657
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
24/05/2011 07:51:35
mbam-log-2011-05-24 (07-51-35).txt
Type d'examen: Examen complet (C:\|)
Elément(s) analysé(s): 477391
Temps écoulé: 2 heure(s), 30 minute(s), 38 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 22
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
c:\system volume information\_restore{0318f4d6-87e7-43a2-992f-2f00abf8cff4}\RP957\A0428191.exe (Trojan.Downloader.VCP) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0318f4d6-87e7-43a2-992f-2f00abf8cff4}\RP957\A0430856.exe (Trojan.Downloader.VCP) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0318f4d6-87e7-43a2-992f-2f00abf8cff4}\RP957\A0430890.exe (Trojan.UltraSurf) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0318f4d6-87e7-43a2-992f-2f00abf8cff4}\RP957\A0430891.exe (Trojan.UltraSurf) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0318f4d6-87e7-43a2-992f-2f00abf8cff4}\RP918\A0419073.exe (Adware.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\Nico\application data\Soft2PC\Software\software.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
c:\documents and settings\Nico\local settings\temp\Qb0.exe (Trojan.Downloader.VCP) -> Quarantined and deleted successfully.
c:\documents and settings\Nico\local settings\temp\Qb1.exe (Trojan.Downloader.VCP) -> Quarantined and deleted successfully.
c:\documents and settings\Nico\local settings\temp\Qb2.exe (Trojan.Downloader.VCP) -> Quarantined and deleted successfully.
c:\documents and settings\Nico\local settings\temp\Qb3.exe (Trojan.Downloader.VCP) -> Quarantined and deleted successfully.
c:\documents and settings\Nico\local settings\temp\Qb4.exe (Trojan.Downloader.VCP) -> Quarantined and deleted successfully.
c:\documents and settings\Nico\local settings\temp\Qb5.exe (Trojan.Downloader.VCP) -> Quarantined and deleted successfully.
c:\documents and settings\Nico\local settings\temp\Qb6.exe (Trojan.Downloader.VCP) -> Quarantined and deleted successfully.
c:\documents and settings\Nico\local settings\temp\Qb7.exe (Trojan.Downloader.VCP) -> Quarantined and deleted successfully.
c:\documents and settings\Nico\local settings\temp\Qb8.exe (Trojan.Downloader.VCP) -> Quarantined and deleted successfully.
c:\documents and settings\Nico\local settings\temp\Qb9.exe (Trojan.Downloader.VCP) -> Quarantined and deleted successfully.
c:\documents and settings\Nico\local settings\temp\Qbz.exe (Trojan.Downloader.VCP) -> Quarantined and deleted successfully.
c:\documents and settings\Nico\local settings\temp\Qca.exe (Trojan.Downloader.VCP) -> Quarantined and deleted successfully.
c:\documents and settings\Nico\local settings\temp\icreinstall\pdfconvertersetup.exe (Adware.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\Tasks\{22116563-108c-42c0-a7ce-60161b75e508}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\WINDOWS\Tasks\{bbaeaeaf-1275-40e2-bd6c-bc8f88bd114a}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\WINDOWS\Tasks\{810401e2-dde0-454e-b0e2-aa89c9e5967c}.job (Trojan.FraudPack) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Version de la base de données: 6657
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
24/05/2011 07:51:35
mbam-log-2011-05-24 (07-51-35).txt
Type d'examen: Examen complet (C:\|)
Elément(s) analysé(s): 477391
Temps écoulé: 2 heure(s), 30 minute(s), 38 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 22
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
c:\system volume information\_restore{0318f4d6-87e7-43a2-992f-2f00abf8cff4}\RP957\A0428191.exe (Trojan.Downloader.VCP) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0318f4d6-87e7-43a2-992f-2f00abf8cff4}\RP957\A0430856.exe (Trojan.Downloader.VCP) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0318f4d6-87e7-43a2-992f-2f00abf8cff4}\RP957\A0430890.exe (Trojan.UltraSurf) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0318f4d6-87e7-43a2-992f-2f00abf8cff4}\RP957\A0430891.exe (Trojan.UltraSurf) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0318f4d6-87e7-43a2-992f-2f00abf8cff4}\RP918\A0419073.exe (Adware.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\Nico\application data\Soft2PC\Software\software.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
c:\documents and settings\Nico\local settings\temp\Qb0.exe (Trojan.Downloader.VCP) -> Quarantined and deleted successfully.
c:\documents and settings\Nico\local settings\temp\Qb1.exe (Trojan.Downloader.VCP) -> Quarantined and deleted successfully.
c:\documents and settings\Nico\local settings\temp\Qb2.exe (Trojan.Downloader.VCP) -> Quarantined and deleted successfully.
c:\documents and settings\Nico\local settings\temp\Qb3.exe (Trojan.Downloader.VCP) -> Quarantined and deleted successfully.
c:\documents and settings\Nico\local settings\temp\Qb4.exe (Trojan.Downloader.VCP) -> Quarantined and deleted successfully.
c:\documents and settings\Nico\local settings\temp\Qb5.exe (Trojan.Downloader.VCP) -> Quarantined and deleted successfully.
c:\documents and settings\Nico\local settings\temp\Qb6.exe (Trojan.Downloader.VCP) -> Quarantined and deleted successfully.
c:\documents and settings\Nico\local settings\temp\Qb7.exe (Trojan.Downloader.VCP) -> Quarantined and deleted successfully.
c:\documents and settings\Nico\local settings\temp\Qb8.exe (Trojan.Downloader.VCP) -> Quarantined and deleted successfully.
c:\documents and settings\Nico\local settings\temp\Qb9.exe (Trojan.Downloader.VCP) -> Quarantined and deleted successfully.
c:\documents and settings\Nico\local settings\temp\Qbz.exe (Trojan.Downloader.VCP) -> Quarantined and deleted successfully.
c:\documents and settings\Nico\local settings\temp\Qca.exe (Trojan.Downloader.VCP) -> Quarantined and deleted successfully.
c:\documents and settings\Nico\local settings\temp\icreinstall\pdfconvertersetup.exe (Adware.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\Tasks\{22116563-108c-42c0-a7ce-60161b75e508}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\WINDOWS\Tasks\{bbaeaeaf-1275-40e2-bd6c-bc8f88bd114a}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\WINDOWS\Tasks\{810401e2-dde0-454e-b0e2-aa89c9e5967c}.job (Trojan.FraudPack) -> Quarantined and deleted successfully.
Citation :
UPJ'ai aussi une vie
+++++++
Désactive ton antivirus et tout autre type de protection.
Télécharge ComboFix de sUBs :
Combofix Sauvegarde-le sur ton bureau et pas ailleurs!
Double-clic sur ComboFix, Il va te poser une question, suis les invites puis attends que combofix ait terminé, il est possible que ton PC reboot, c’est normal, un rapport sera créé.Poste le rapport:C:\Combofix.txt
clique dessus pour l'ouvrir, puis édition "sélectionner tout", édition "copier"
viens sur le forum et édition "coller"
AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
* le nom de la partition peut changer
<@_@>
+++++++++++++++++++++
ComboFix 11-05-24.06 - Nico 25/05/2011 20:57:36.2.2 - x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.3071.2354 [GMT 2:00]
Lancé depuis: c:\documents and settings\Nico\Bureau\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Camille\Application Data\OfferBox
c:\documents and settings\Camille\Application Data\OfferBox\config.dat
c:\documents and settings\Camille\Application Data\OfferBox\config.xml
c:\documents and settings\Nico\Application Data\facemoods.com
c:\documents and settings\Nico\Application Data\OfferBox
c:\documents and settings\Nico\Application Data\OfferBox\config.dat
c:\documents and settings\Nico\Application Data\OfferBox\config.xml
c:\documents and settings\Nico\Application Data\PriceGong
c:\documents and settings\Nico\Application Data\PriceGong\Data\1.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\a.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\b.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\c.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\d.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\e.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\f.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\g.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\h.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\i.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\J.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\k.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\l.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\m.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\mru.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\n.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\o.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\p.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\q.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\r.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\s.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\t.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\u.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\v.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\w.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\x.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\y.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\z.xml
c:\documents and settings\Nico\WINDOWS
C:\Install.exe
c:\program files\OfferBox
c:\program files\OfferBox\OfferBox.exe
c:\program files\OfferBox\OfferBoxBHO.dll
c:\program files\OfferBox\OfferBoxChromeExtension.crx
c:\program files\OfferBox\OfferBoxEngine.dll
c:\program files\OfferBox\offerboxffx@offerbox.com\chrome.manifest
c:\program files\OfferBox\offerboxffx@offerbox.com\chrome\content\events.js
c:\program files\OfferBox\offerboxffx@offerbox.com\chrome\content\overlay.xul
c:\program files\OfferBox\offerboxffx@offerbox.com\components\OfferBoxXpCom.dll
c:\program files\OfferBox\offerboxffx@offerbox.com\components\OfferBoxXpCom.xpt
c:\program files\OfferBox\offerboxffx@offerbox.com\install.rdf
c:\program files\OfferBox\OfferBoxLauncher.exe
c:\program files\OfferBox\res\language.xml
c:\program files\OfferBox\res\loader.gif
c:\program files\OfferBox\uninst.exe
c:\windows\system32\rnaph.dll
c:\windows\XSxS
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-04-25 au 2011-05-25 ))))))))))))))))))))))))))))))))))))
.
.
2011-05-22 12:54 . 2011-05-22 12:54 -------- d-----w- c:\program files\Ad-Remover
2011-05-22 08:53 . 2011-05-22 08:53 -------- d-----w- c:\windows\system32\wbem\Repository
2011-05-21 10:54 . 2011-05-21 10:54 -------- d-----w- c:\documents and settings\Nico\Application Data\Unity
2011-05-21 10:48 . 2011-05-21 10:48 -------- d-----w- c:\documents and settings\Nico\Local Settings\Application Data\Unity
2011-05-21 09:04 . 2011-05-21 09:04 -------- d-----r- c:\documents and settings\LocalService\Favoris
2011-05-21 08:31 . 2011-05-21 08:31 -------- d-----w- c:\documents and settings\Nico\Application Data\ptc
2011-05-21 08:22 . 2011-05-21 08:22 -------- d-----w- c:\program files\PTC
2011-05-21 08:12 . 2011-05-22 08:53 -------- d-----w- c:\program files\proeWildfire 5.0
2011-05-10 19:46 . 2010-12-02 08:11 10915840 ----a-w- c:\windows\system32\libmfxhw32.dll
2011-05-10 19:46 . 2010-12-02 08:11 10833920 ----a-w- c:\windows\system32\libmfxsw32.dll
2011-05-10 19:40 . 2011-05-10 19:41 -------- d-----w- c:\program files\Total Video Converter
2011-05-10 19:37 . 2011-05-10 19:37 -------- d-----w- c:\documents and settings\Nico\Application Data\FreeVideoConverter
2011-05-10 19:28 . 2011-05-10 19:28 11776 ----a-w- c:\program files\Mozilla Firefox\plugins\nprjplug.dll
2011-05-10 19:28 . 2011-05-10 19:28 -------- d-----w- c:\program files\Fichiers communs\xing shared
2011-05-10 19:28 . 2011-05-10 19:28 150712 ----a-w- c:\program files\Mozilla Firefox\plugins\nppl3260.dll
2011-05-10 19:28 . 2011-05-10 19:28 105472 ----a-w- c:\program files\Mozilla Firefox\plugins\nprpjplug.dll
2011-05-10 19:28 . 2011-05-10 19:28 -------- d-----w- c:\program files\Real
2011-05-08 00:08 . 2011-05-08 00:08 -------- d-----w- c:\documents and settings\Default User\Local Settings\Application Data\Microsoft Help
2011-05-07 14:30 . 2008-11-10 09:41 32656 ----a-w- c:\windows\system32\msonpmon.dll
2011-05-07 14:30 . 2006-10-26 17:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2011-05-07 14:28 . 2011-05-08 00:09 -------- d-----w- c:\program files\Microsoft Works
2011-05-07 14:26 . 2011-05-07 14:26 -------- d-----w- c:\program files\Microsoft.NET
2011-05-07 14:23 . 2011-05-07 14:23 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2011-05-07 14:22 . 2011-05-07 14:22 -------- d-----w- c:\documents and settings\Nico\Local Settings\Application Data\Microsoft Help
2011-05-07 14:22 . 2011-05-11 21:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2011-05-07 14:21 . 2011-05-07 14:21 -------- d-----r- C:\MSOCache
2011-04-26 11:47 . 2011-04-26 11:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Codemasters
2011-04-26 11:40 . 2010-07-28 17:10 1380352 ----a-w- c:\windows\system32\rapture3d_oal.dll
2011-04-26 11:40 . 2010-03-01 18:51 17686528 ----a-w- c:\windows\system32\mkl_blueripple.dll
2011-04-26 11:40 . 2011-04-26 11:40 -------- d-----w- c:\program files\BRS
2011-04-26 11:40 . 2010-08-18 15:10 809560 ----a-r- c:\windows\system32\tmpF9.tmp
2011-04-26 11:40 . 2010-08-18 15:10 809560 ----a-r- c:\windows\system32\tmpF8.tmp
2011-04-26 11:24 . 2011-04-26 11:24 -------- d-----w- c:\program files\Codemasters
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-21 08:42 . 2011-02-21 13:31 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
2011-05-10 19:28 . 2006-07-11 16:35 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-04-26 11:40 . 2009-05-31 15:24 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2011-04-26 11:40 . 2009-05-31 15:24 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2011-04-10 18:58 . 2008-06-24 19:22 137176 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-04-10 18:58 . 2009-06-29 23:55 268952 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-04-10 18:58 . 2008-06-24 19:22 268952 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-04-10 11:07 . 2008-06-24 19:22 268952 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-03-22 14:10 . 2008-06-24 19:21 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-03-07 05:33 . 2008-06-18 12:57 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:36 . 2004-08-05 12:00 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:53 . 2004-08-05 12:00 1858048 ----a-w- c:\windows\system32\win32k.sys
2011-02-26 01:19 . 2011-02-26 01:19 41872 ----a-w- c:\windows\system32\xfcodec.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files\DVDVideoSoftTB\tbDVD0.dll" [2010-10-18 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}]
2009-10-15 08:53 165184 ----a-w- c:\program files\SFR\Kit\SFRNavErrorHelper.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-10-18 10:26 3908192 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
2010-10-18 10:26 3908192 ----a-w- c:\program files\DVDVideoSoftTB\tbDVD0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files\DVDVideoSoftTB\tbDVD0.dll" [2010-10-18 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{872B5B88-9DB5-4310-BDD0-AC189557E5F5}"= "c:\program files\DVDVideoSoftTB\tbDVD0.dll" [2010-10-18 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\program files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" [2006-09-10 218032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-09-21 55824]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-09-21 55824]
"ASUS Update Checker"="c:\program files\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe" [2009-12-28 121472]
"RTHDCPL"="RTHDCPL.EXE" [2009-12-15 18789920]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2009-08-05 1657376]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-08-06 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-06 13877248]
"BabylonToolbar"="c:\program files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe" [2010-11-07 286720]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2011-05-10 273544]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-11-17 784912]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2007-11-15 09:10 72208 ----a-w- c:\program files\Fichiers communs\Logishrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
.
[HKLM\~\startupfolder\C:^Documents and Settings^Nico^Menu Démarrer^Programmes^Démarrage^Game Alarm.lnk]
path=c:\documents and settings\Nico\Menu Démarrer\Programmes\Démarrage\Game Alarm.lnk
backup=c:\windows\pss\Game Alarm.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Nico^Menu Démarrer^Programmes^Démarrage^GIGABYTE Gamer HUD Lite.lnk]
path=c:\documents and settings\Nico\Menu Démarrer\Programmes\Démarrage\GIGABYTE Gamer HUD Lite.lnk
backup=c:\windows\pss\GIGABYTE Gamer HUD Lite.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-21 18:37 932288 ----a-w- c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-12-22 00:57 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connexion SFR 9props.exe]
2009-10-15 08:53 959808 ----a-w- c:\program files\SFR\Kit\9props.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-04-23 13:51 691656 ----a-w- c:\program files\DAEMON Tools Lite\daemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-04-12 22:46 1135912 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2009-10-23 17:54 133104 ----atw- c:\documents and settings\Nico\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-12-13 16:16 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2010-12-20 16:08 963976 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCW Startup]
2002-12-20 15:06 321024 ----a-w- c:\program files\Monitor Calibration Wizard\MCW.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 15:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia.PCSync]
2008-03-26 16:41 1232896 ----a-w- c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2008-04-16 10:53 1079808 ----a-w- c:\program files\Nokia\Nokia PC Suite 6\PCSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Shockwave Updater]
2009-04-29 10:28 468408 ----a-w- c:\windows\system32\Adobe\Shockwave 11\SwHelper_1150596.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
2007-03-27 23:07 593920 ----a-r- c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-02-18 09:43 248040 ----a-w- c:\program files\Fichiers communs\Java\Java Update\jusched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\Wolfenstein - 2.6B\\ET.exe"=
"c:\\Program Files\\Xfire\\xfire.exe"=
"c:\\Program Files\\Wolfenstein - 2.55\\ET.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\TmNationsForever\\TmForever.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\WINDOWS\\system32\\rtcshare.exe"=
"c:\\Program Files\\Wolfenstein - 2.6AB\\ET.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Microsoft Games\\Age of Empires III\\age3.exe"=
"c:\\Documents and Settings\\Nico\\Local Settings\\Application Data\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\Mumble\\murmur.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"=
"c:\\Program Files\\Ubisoft\\Gearbox Software\\Brothers in Arms - Hell's Highway\\Binaries\\biahh.exe"=
"c:\\Program Files\\Ubisoft\\Techland\\Call of Juarez - Bound in Blood\\CoJBiBGame_x86.exe"=
"c:\\Program Files\\Eidos\\Batman Arkham Asylum\\Binaries\\ShippingPC-BmGame.exe"=
"c:\\Documents and Settings\\Nico\\Application Data\\PowerChallenge\\PowerSoccer\\PowerSoccer.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\Ubisoft\\Shaun White Snowboarding\\ShaunWhiteSnowboardingGame.exe"=
"c:\\Program Files\\Ubisoft\\Shaun White Snowboarding\\ShaunWhiteSnowboarding.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Dassault Systemes\\B17\\intel_a\\code\\bin\\orbixd.exe"=
"c:\\Program Files\\Dassault Systemes\\B17\\intel_a\\code\\bin\\CNEXT.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"=
"c:\\Program Files\\Dassault Systemes\\B18\\intel_a\\code\\bin\\orbixd.exe"=
"c:\\Program Files\\Dassault Systemes\\B18\\intel_a\\code\\bin\\CNEXT.exe"=
"c:\\Documents and Settings\\Nico\\Mes documents\\Downloads\\Call_of_Duty_Black_Ops_French1\\BlackOps.exe"=
"c:\\Documents and Settings\\Nico\\Local Settings\\Application Data\\Xenocode\\Sandbox\\Dassault Systemes Product\\5.20.0.9268\\2010.08.01T09.28\\Virtual\\STUBEXE\\8.0.1135\\@PROGRAMFILES@\\Dassault Systemes\\B20\\intel_a\\code\\bin\\CNEXT.exe"=
"c:\\Program Files\\Codemasters\\F1 2010\\F1_2010_game.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"56722:TCP"= 56722:TCP![:p]( ":p")
ando Media Booster
"56722:UDP"= 56722:UDP![:p]( ":p")
ando Media Booster
"8394:TCP"= 8394:TCP:League of Legends Launcher
"8394:UDP"= 8394:UDP:League of Legends Launcher
"6888:TCP"= 6888:TCP:League of Legends Launcher
"6888:UDP"= 6888:UDP:League of Legends Launcher
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
"AllowOutboundDestinationUnreachable"= 1 (0x1)
"AllowOutboundSourceQuench"= 1 (0x1)
"AllowOutboundTimeExceeded"= 1 (0x1)
"AllowRedirect"= 1 (0x1)
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [13/03/2009 18:33 721904]
R1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [28/12/2010 19:26 11448]
R1 LUMDriver;LUMDriver;c:\windows\system32\drivers\LUMDriver.sys [24/04/2007 19:52 16688]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [21/10/2009 18:37 108289]
R2 BBDemon;Backbone Service;c:\program files\Dassault Systemes\B18\intel_a\code\bin\CATSysDemon.exe [04/05/2007 15:24 36864]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [28/12/2010 19:48 56992]
S2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [14/05/2010 13:41 136176]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [17/12/2010 09:38 1691480]
S3 Amps2prt;Compatible PS/2 Port Mouse Driver;c:\windows\system32\drivers\Amps2prt.sys [19/04/2007 15:45 14336]
S3 cpuz130;cpuz130;\??\c:\docume~1\Nico\LOCALS~1\Temp\cpuz130\cpuz_x32.sys --> c:\docume~1\Nico\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [?]
S3 gupdatem;Service Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [14/05/2010 13:41 136176]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [10/03/2011 15:42 311744]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [16/10/2009 23:31 38224]
S3 sea3bus;Sony Ericsson Device 0A3 driver (WDM);c:\windows\system32\drivers\sea3bus.sys [07/08/2010 01:02 61600]
S3 sea3mdfl;Sony Ericsson Device 0A3 USB WMC Modem Filter;c:\windows\system32\drivers\sea3mdfl.sys [07/08/2010 01:02 9392]
S3 sea3mdm;Sony Ericsson Device 0A3 USB WMC Modem Driver;c:\windows\system32\drivers\sea3mdm.sys [07/08/2010 01:02 97152]
S3 sea3mgmt;Sony Ericsson Device 0A3 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\sea3mgmt.sys [07/08/2010 01:02 88656]
S3 sea3nd5;Sony Ericsson Device 0A3 USB Ethernet Emulation SEMCA3 (NDIS);c:\windows\system32\drivers\sea3nd5.sys [07/08/2010 01:02 18736]
S3 sea3obex;Sony Ericsson Device 0A3 USB WMC OBEX Interface;c:\windows\system32\drivers\sea3obex.sys [07/08/2010 01:02 86464]
S3 sea3unic;Sony Ericsson Device 0A3 USB Ethernet Emulation SEMCA3 (WDM);c:\windows\system32\drivers\sea3unic.sys [07/08/2010 01:02 90832]
S3 ZTEusbvoice;ZTE VoUSB Port;c:\windows\system32\drivers\ZTEusbvoice.sys [07/04/2011 18:42 105344]
.
Contenu du dossier 'Tâches planifiées'
.
2011-05-19 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
2011-05-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-14 13:13]
.
2011-05-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-14 13:13]
.
2011-05-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-2052111302-839522115-1003Core.job
- c:\documents and settings\Nico\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-10-23 17:54]
.
2011-05-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-2052111302-839522115-1003UA.job
- c:\documents and settings\Nico\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-10-23 17:54]
.
2011-05-25 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-2052111302-839522115-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47]
.
2011-05-21 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-2052111302-839522115-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://vshare.toolbarhome.com/?hp=df
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
mStart Page = hxxp://www.foozir.com/
uInternet Settings,ProxyOverride = local;*.local
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Free YouTube to Mp3 Converter - c:\documents and settings\Nico\Application Data\DVDVideoSoftIEHelpers\youtubetomp3.htm
IE: {{90EAE591-7E7E-434a-8E28-ECFD00071806} - c:\program files\PokerStars.FR\PokerStarsUpdate.exe
Trusted Zone: localhost
FF - ProfilePath - c:\documents and settings\Nico\Application Data\Mozilla\Firefox\Profiles\6gwspdjs.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://vshare.toolbarhome.com/?hp=df
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=8465785e00000000000020cf304f80c7&tlver=1.4.19.19&instlRef=sst&affID=17161&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Babylon: ffxtlbr@babylon.com - %profile%\extensions\ffxtlbr@babylon.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: UltraSurf Firefox Tool: {5B52016C-D097-4aec-BE61-9F129D8FDDBA} - %profile%\extensions\{5B52016C-D097-4aec-BE61-9F129D8FDDBA}
FF - Ext: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - %profile%\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
FF - Ext: Ma-config.com: {bb628310-0ab7-11db-9cd8-0800200c9a66} - %profile%\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}
FF - Ext: vShare: vshare@toolbar - %profile%\extensions\vshare@toolbar
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - user.js: yahoo.homepage.dontask - true
FF - user.js: keyword.URL - hxxp://redirecterror.sfr.fr/?q=
.
- - - - ORPHELINS SUPPRIMES - - - -
.
HKLM-Run-soft2PC - (no file)
MSConfigStartUp-Helper - c:\documents and settings\Nico\Application Data\Soft2PC\Software\SoftwareHP.exe
AddRemove-GameCenter_is1 - c:\program files\Cyanide\GameCenter\unins000.exe
AddRemove-MotoRacer2CurrentVer - c:\program files\MotoRacer2Demo\DeIsL1.isu
AddRemove-OfferBox Browser - c:\program files\OfferBox\uninst.exe
AddRemove-ROSTER MEGA PATCH 08-09 V1 - c:\documents and settings\Nico\Mes documents\EA SPORTS(TM) Rugby 08\ROSTER MEGA PATCH 08-09 V1
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-05-25 21:04
Windows 5.1.2600 Service Pack 3 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\S-1-5-21-1801674531-2052111302-839522115-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"??"=hex:e9,0d,13,ef,64,61,a5,f3,0d,3d,9d,77,4e,c2,ef,16,2a,92,02,0e,ff,f2,6c,
1d,4a,b1,f7,ac,ca,a0,f6,aa,03,63,da,09,42,6a,7d,c4,48,b2,a9,8d,83,5d,56,4a,\
"??"=hex:2f,de,89,13,c0,0d,9d,35,85,7a,60,0e,d9,27,9c,cd
.
[HKEY_USERS\S-1-5-21-1801674531-2052111302-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex![:D]( ":D")
f,ea,24,e9,9c,a5,f4,34,53,6b,e5,89,47,7a,0d,35,91,a8,c3,b3,68,
3e,e8,4e,d1,ec,98,87,36,95,b1,c0,1f,ae,e7,70,ee,cc,d9,6f,8c,27,60,79,98,7a,\
"rkeysecu"=hex:b6,24,49,bf,1c,73,16,6c,20,90,8b,ec,40,8b,c5,fa
.
--------------------- DLLs chargées dans les processus actifs ---------------------
.
- - - - - - - > 'winlogon.exe'(840)
c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll
c:\program files\fichiers communs\logishrd\bluetooth\LBTServ.dll
.
Heure de fin: 2011-05-25 21:07:14
ComboFix-quarantined-files.txt 2011-05-25 19:06
ComboFix2.txt 2009-10-19 20:39
.
Avant-CF: 29 967 618 048 octets libres
Après-CF: 31 127 506 944 octets libres
.
WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect /usepmtimer
.
- - End Of File - - 76D18BBD183BA29D15202853F126F61D
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.3071.2354 [GMT 2:00]
Lancé depuis: c:\documents and settings\Nico\Bureau\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Camille\Application Data\OfferBox
c:\documents and settings\Camille\Application Data\OfferBox\config.dat
c:\documents and settings\Camille\Application Data\OfferBox\config.xml
c:\documents and settings\Nico\Application Data\facemoods.com
c:\documents and settings\Nico\Application Data\OfferBox
c:\documents and settings\Nico\Application Data\OfferBox\config.dat
c:\documents and settings\Nico\Application Data\OfferBox\config.xml
c:\documents and settings\Nico\Application Data\PriceGong
c:\documents and settings\Nico\Application Data\PriceGong\Data\1.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\a.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\b.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\c.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\d.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\e.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\f.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\g.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\h.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\i.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\J.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\k.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\l.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\m.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\mru.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\n.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\o.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\p.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\q.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\r.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\s.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\t.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\u.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\v.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\w.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\x.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\y.xml
c:\documents and settings\Nico\Application Data\PriceGong\Data\z.xml
c:\documents and settings\Nico\WINDOWS
C:\Install.exe
c:\program files\OfferBox
c:\program files\OfferBox\OfferBox.exe
c:\program files\OfferBox\OfferBoxBHO.dll
c:\program files\OfferBox\OfferBoxChromeExtension.crx
c:\program files\OfferBox\OfferBoxEngine.dll
c:\program files\OfferBox\offerboxffx@offerbox.com\chrome.manifest
c:\program files\OfferBox\offerboxffx@offerbox.com\chrome\content\events.js
c:\program files\OfferBox\offerboxffx@offerbox.com\chrome\content\overlay.xul
c:\program files\OfferBox\offerboxffx@offerbox.com\components\OfferBoxXpCom.dll
c:\program files\OfferBox\offerboxffx@offerbox.com\components\OfferBoxXpCom.xpt
c:\program files\OfferBox\offerboxffx@offerbox.com\install.rdf
c:\program files\OfferBox\OfferBoxLauncher.exe
c:\program files\OfferBox\res\language.xml
c:\program files\OfferBox\res\loader.gif
c:\program files\OfferBox\uninst.exe
c:\windows\system32\rnaph.dll
c:\windows\XSxS
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-04-25 au 2011-05-25 ))))))))))))))))))))))))))))))))))))
.
.
2011-05-22 12:54 . 2011-05-22 12:54 -------- d-----w- c:\program files\Ad-Remover
2011-05-22 08:53 . 2011-05-22 08:53 -------- d-----w- c:\windows\system32\wbem\Repository
2011-05-21 10:54 . 2011-05-21 10:54 -------- d-----w- c:\documents and settings\Nico\Application Data\Unity
2011-05-21 10:48 . 2011-05-21 10:48 -------- d-----w- c:\documents and settings\Nico\Local Settings\Application Data\Unity
2011-05-21 09:04 . 2011-05-21 09:04 -------- d-----r- c:\documents and settings\LocalService\Favoris
2011-05-21 08:31 . 2011-05-21 08:31 -------- d-----w- c:\documents and settings\Nico\Application Data\ptc
2011-05-21 08:22 . 2011-05-21 08:22 -------- d-----w- c:\program files\PTC
2011-05-21 08:12 . 2011-05-22 08:53 -------- d-----w- c:\program files\proeWildfire 5.0
2011-05-10 19:46 . 2010-12-02 08:11 10915840 ----a-w- c:\windows\system32\libmfxhw32.dll
2011-05-10 19:46 . 2010-12-02 08:11 10833920 ----a-w- c:\windows\system32\libmfxsw32.dll
2011-05-10 19:40 . 2011-05-10 19:41 -------- d-----w- c:\program files\Total Video Converter
2011-05-10 19:37 . 2011-05-10 19:37 -------- d-----w- c:\documents and settings\Nico\Application Data\FreeVideoConverter
2011-05-10 19:28 . 2011-05-10 19:28 11776 ----a-w- c:\program files\Mozilla Firefox\plugins\nprjplug.dll
2011-05-10 19:28 . 2011-05-10 19:28 -------- d-----w- c:\program files\Fichiers communs\xing shared
2011-05-10 19:28 . 2011-05-10 19:28 150712 ----a-w- c:\program files\Mozilla Firefox\plugins\nppl3260.dll
2011-05-10 19:28 . 2011-05-10 19:28 105472 ----a-w- c:\program files\Mozilla Firefox\plugins\nprpjplug.dll
2011-05-10 19:28 . 2011-05-10 19:28 -------- d-----w- c:\program files\Real
2011-05-08 00:08 . 2011-05-08 00:08 -------- d-----w- c:\documents and settings\Default User\Local Settings\Application Data\Microsoft Help
2011-05-07 14:30 . 2008-11-10 09:41 32656 ----a-w- c:\windows\system32\msonpmon.dll
2011-05-07 14:30 . 2006-10-26 17:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2011-05-07 14:28 . 2011-05-08 00:09 -------- d-----w- c:\program files\Microsoft Works
2011-05-07 14:26 . 2011-05-07 14:26 -------- d-----w- c:\program files\Microsoft.NET
2011-05-07 14:23 . 2011-05-07 14:23 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2011-05-07 14:22 . 2011-05-07 14:22 -------- d-----w- c:\documents and settings\Nico\Local Settings\Application Data\Microsoft Help
2011-05-07 14:22 . 2011-05-11 21:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2011-05-07 14:21 . 2011-05-07 14:21 -------- d-----r- C:\MSOCache
2011-04-26 11:47 . 2011-04-26 11:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Codemasters
2011-04-26 11:40 . 2010-07-28 17:10 1380352 ----a-w- c:\windows\system32\rapture3d_oal.dll
2011-04-26 11:40 . 2010-03-01 18:51 17686528 ----a-w- c:\windows\system32\mkl_blueripple.dll
2011-04-26 11:40 . 2011-04-26 11:40 -------- d-----w- c:\program files\BRS
2011-04-26 11:40 . 2010-08-18 15:10 809560 ----a-r- c:\windows\system32\tmpF9.tmp
2011-04-26 11:40 . 2010-08-18 15:10 809560 ----a-r- c:\windows\system32\tmpF8.tmp
2011-04-26 11:24 . 2011-04-26 11:24 -------- d-----w- c:\program files\Codemasters
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-21 08:42 . 2011-02-21 13:31 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
2011-05-10 19:28 . 2006-07-11 16:35 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-04-26 11:40 . 2009-05-31 15:24 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2011-04-26 11:40 . 2009-05-31 15:24 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2011-04-10 18:58 . 2008-06-24 19:22 137176 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-04-10 18:58 . 2009-06-29 23:55 268952 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-04-10 18:58 . 2008-06-24 19:22 268952 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-04-10 11:07 . 2008-06-24 19:22 268952 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-03-22 14:10 . 2008-06-24 19:21 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-03-07 05:33 . 2008-06-18 12:57 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:36 . 2004-08-05 12:00 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:53 . 2004-08-05 12:00 1858048 ----a-w- c:\windows\system32\win32k.sys
2011-02-26 01:19 . 2011-02-26 01:19 41872 ----a-w- c:\windows\system32\xfcodec.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files\DVDVideoSoftTB\tbDVD0.dll" [2010-10-18 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}]
2009-10-15 08:53 165184 ----a-w- c:\program files\SFR\Kit\SFRNavErrorHelper.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-10-18 10:26 3908192 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
2010-10-18 10:26 3908192 ----a-w- c:\program files\DVDVideoSoftTB\tbDVD0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files\DVDVideoSoftTB\tbDVD0.dll" [2010-10-18 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{872B5B88-9DB5-4310-BDD0-AC189557E5F5}"= "c:\program files\DVDVideoSoftTB\tbDVD0.dll" [2010-10-18 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\program files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" [2006-09-10 218032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-09-21 55824]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-09-21 55824]
"ASUS Update Checker"="c:\program files\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe" [2009-12-28 121472]
"RTHDCPL"="RTHDCPL.EXE" [2009-12-15 18789920]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2009-08-05 1657376]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-08-06 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-06 13877248]
"BabylonToolbar"="c:\program files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe" [2010-11-07 286720]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2011-05-10 273544]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-11-17 784912]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2007-11-15 09:10 72208 ----a-w- c:\program files\Fichiers communs\Logishrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
.
[HKLM\~\startupfolder\C:^Documents and Settings^Nico^Menu Démarrer^Programmes^Démarrage^Game Alarm.lnk]
path=c:\documents and settings\Nico\Menu Démarrer\Programmes\Démarrage\Game Alarm.lnk
backup=c:\windows\pss\Game Alarm.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Nico^Menu Démarrer^Programmes^Démarrage^GIGABYTE Gamer HUD Lite.lnk]
path=c:\documents and settings\Nico\Menu Démarrer\Programmes\Démarrage\GIGABYTE Gamer HUD Lite.lnk
backup=c:\windows\pss\GIGABYTE Gamer HUD Lite.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-21 18:37 932288 ----a-w- c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-12-22 00:57 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connexion SFR 9props.exe]
2009-10-15 08:53 959808 ----a-w- c:\program files\SFR\Kit\9props.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-04-23 13:51 691656 ----a-w- c:\program files\DAEMON Tools Lite\daemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-04-12 22:46 1135912 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2009-10-23 17:54 133104 ----atw- c:\documents and settings\Nico\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-12-13 16:16 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2010-12-20 16:08 963976 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCW Startup]
2002-12-20 15:06 321024 ----a-w- c:\program files\Monitor Calibration Wizard\MCW.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 15:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia.PCSync]
2008-03-26 16:41 1232896 ----a-w- c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2008-04-16 10:53 1079808 ----a-w- c:\program files\Nokia\Nokia PC Suite 6\PCSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Shockwave Updater]
2009-04-29 10:28 468408 ----a-w- c:\windows\system32\Adobe\Shockwave 11\SwHelper_1150596.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
2007-03-27 23:07 593920 ----a-r- c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-02-18 09:43 248040 ----a-w- c:\program files\Fichiers communs\Java\Java Update\jusched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\Wolfenstein - 2.6B\\ET.exe"=
"c:\\Program Files\\Xfire\\xfire.exe"=
"c:\\Program Files\\Wolfenstein - 2.55\\ET.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\TmNationsForever\\TmForever.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\WINDOWS\\system32\\rtcshare.exe"=
"c:\\Program Files\\Wolfenstein - 2.6AB\\ET.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Microsoft Games\\Age of Empires III\\age3.exe"=
"c:\\Documents and Settings\\Nico\\Local Settings\\Application Data\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\Mumble\\murmur.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"=
"c:\\Program Files\\Ubisoft\\Gearbox Software\\Brothers in Arms - Hell's Highway\\Binaries\\biahh.exe"=
"c:\\Program Files\\Ubisoft\\Techland\\Call of Juarez - Bound in Blood\\CoJBiBGame_x86.exe"=
"c:\\Program Files\\Eidos\\Batman Arkham Asylum\\Binaries\\ShippingPC-BmGame.exe"=
"c:\\Documents and Settings\\Nico\\Application Data\\PowerChallenge\\PowerSoccer\\PowerSoccer.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\Ubisoft\\Shaun White Snowboarding\\ShaunWhiteSnowboardingGame.exe"=
"c:\\Program Files\\Ubisoft\\Shaun White Snowboarding\\ShaunWhiteSnowboarding.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Dassault Systemes\\B17\\intel_a\\code\\bin\\orbixd.exe"=
"c:\\Program Files\\Dassault Systemes\\B17\\intel_a\\code\\bin\\CNEXT.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"=
"c:\\Program Files\\Dassault Systemes\\B18\\intel_a\\code\\bin\\orbixd.exe"=
"c:\\Program Files\\Dassault Systemes\\B18\\intel_a\\code\\bin\\CNEXT.exe"=
"c:\\Documents and Settings\\Nico\\Mes documents\\Downloads\\Call_of_Duty_Black_Ops_French1\\BlackOps.exe"=
"c:\\Documents and Settings\\Nico\\Local Settings\\Application Data\\Xenocode\\Sandbox\\Dassault Systemes Product\\5.20.0.9268\\2010.08.01T09.28\\Virtual\\STUBEXE\\8.0.1135\\@PROGRAMFILES@\\Dassault Systemes\\B20\\intel_a\\code\\bin\\CNEXT.exe"=
"c:\\Program Files\\Codemasters\\F1 2010\\F1_2010_game.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"56722:TCP"= 56722:TCP
ando Media Booster"56722:UDP"= 56722:UDP
ando Media Booster"8394:TCP"= 8394:TCP:League of Legends Launcher
"8394:UDP"= 8394:UDP:League of Legends Launcher
"6888:TCP"= 6888:TCP:League of Legends Launcher
"6888:UDP"= 6888:UDP:League of Legends Launcher
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
"AllowOutboundDestinationUnreachable"= 1 (0x1)
"AllowOutboundSourceQuench"= 1 (0x1)
"AllowOutboundTimeExceeded"= 1 (0x1)
"AllowRedirect"= 1 (0x1)
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [13/03/2009 18:33 721904]
R1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [28/12/2010 19:26 11448]
R1 LUMDriver;LUMDriver;c:\windows\system32\drivers\LUMDriver.sys [24/04/2007 19:52 16688]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [21/10/2009 18:37 108289]
R2 BBDemon;Backbone Service;c:\program files\Dassault Systemes\B18\intel_a\code\bin\CATSysDemon.exe [04/05/2007 15:24 36864]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [28/12/2010 19:48 56992]
S2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [14/05/2010 13:41 136176]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [17/12/2010 09:38 1691480]
S3 Amps2prt;Compatible PS/2 Port Mouse Driver;c:\windows\system32\drivers\Amps2prt.sys [19/04/2007 15:45 14336]
S3 cpuz130;cpuz130;\??\c:\docume~1\Nico\LOCALS~1\Temp\cpuz130\cpuz_x32.sys --> c:\docume~1\Nico\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [?]
S3 gupdatem;Service Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [14/05/2010 13:41 136176]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [10/03/2011 15:42 311744]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [16/10/2009 23:31 38224]
S3 sea3bus;Sony Ericsson Device 0A3 driver (WDM);c:\windows\system32\drivers\sea3bus.sys [07/08/2010 01:02 61600]
S3 sea3mdfl;Sony Ericsson Device 0A3 USB WMC Modem Filter;c:\windows\system32\drivers\sea3mdfl.sys [07/08/2010 01:02 9392]
S3 sea3mdm;Sony Ericsson Device 0A3 USB WMC Modem Driver;c:\windows\system32\drivers\sea3mdm.sys [07/08/2010 01:02 97152]
S3 sea3mgmt;Sony Ericsson Device 0A3 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\sea3mgmt.sys [07/08/2010 01:02 88656]
S3 sea3nd5;Sony Ericsson Device 0A3 USB Ethernet Emulation SEMCA3 (NDIS);c:\windows\system32\drivers\sea3nd5.sys [07/08/2010 01:02 18736]
S3 sea3obex;Sony Ericsson Device 0A3 USB WMC OBEX Interface;c:\windows\system32\drivers\sea3obex.sys [07/08/2010 01:02 86464]
S3 sea3unic;Sony Ericsson Device 0A3 USB Ethernet Emulation SEMCA3 (WDM);c:\windows\system32\drivers\sea3unic.sys [07/08/2010 01:02 90832]
S3 ZTEusbvoice;ZTE VoUSB Port;c:\windows\system32\drivers\ZTEusbvoice.sys [07/04/2011 18:42 105344]
.
Contenu du dossier 'Tâches planifiées'
.
2011-05-19 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
2011-05-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-14 13:13]
.
2011-05-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-14 13:13]
.
2011-05-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-2052111302-839522115-1003Core.job
- c:\documents and settings\Nico\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-10-23 17:54]
.
2011-05-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-2052111302-839522115-1003UA.job
- c:\documents and settings\Nico\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-10-23 17:54]
.
2011-05-25 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-2052111302-839522115-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47]
.
2011-05-21 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-2052111302-839522115-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://vshare.toolbarhome.com/?hp=df
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
mStart Page = hxxp://www.foozir.com/
uInternet Settings,ProxyOverride = local;*.local
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Free YouTube to Mp3 Converter - c:\documents and settings\Nico\Application Data\DVDVideoSoftIEHelpers\youtubetomp3.htm
IE: {{90EAE591-7E7E-434a-8E28-ECFD00071806} - c:\program files\PokerStars.FR\PokerStarsUpdate.exe
Trusted Zone: localhost
FF - ProfilePath - c:\documents and settings\Nico\Application Data\Mozilla\Firefox\Profiles\6gwspdjs.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://vshare.toolbarhome.com/?hp=df
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=8465785e00000000000020cf304f80c7&tlver=1.4.19.19&instlRef=sst&affID=17161&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Babylon: ffxtlbr@babylon.com - %profile%\extensions\ffxtlbr@babylon.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: UltraSurf Firefox Tool: {5B52016C-D097-4aec-BE61-9F129D8FDDBA} - %profile%\extensions\{5B52016C-D097-4aec-BE61-9F129D8FDDBA}
FF - Ext: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - %profile%\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
FF - Ext: Ma-config.com: {bb628310-0ab7-11db-9cd8-0800200c9a66} - %profile%\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}
FF - Ext: vShare: vshare@toolbar - %profile%\extensions\vshare@toolbar
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - user.js: yahoo.homepage.dontask - true
FF - user.js: keyword.URL - hxxp://redirecterror.sfr.fr/?q=
.
- - - - ORPHELINS SUPPRIMES - - - -
.
HKLM-Run-soft2PC - (no file)
MSConfigStartUp-Helper - c:\documents and settings\Nico\Application Data\Soft2PC\Software\SoftwareHP.exe
AddRemove-GameCenter_is1 - c:\program files\Cyanide\GameCenter\unins000.exe
AddRemove-MotoRacer2CurrentVer - c:\program files\MotoRacer2Demo\DeIsL1.isu
AddRemove-OfferBox Browser - c:\program files\OfferBox\uninst.exe
AddRemove-ROSTER MEGA PATCH 08-09 V1 - c:\documents and settings\Nico\Mes documents\EA SPORTS(TM) Rugby 08\ROSTER MEGA PATCH 08-09 V1
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-05-25 21:04
Windows 5.1.2600 Service Pack 3 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\S-1-5-21-1801674531-2052111302-839522115-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"??"=hex:e9,0d,13,ef,64,61,a5,f3,0d,3d,9d,77,4e,c2,ef,16,2a,92,02,0e,ff,f2,6c,
1d,4a,b1,f7,ac,ca,a0,f6,aa,03,63,da,09,42,6a,7d,c4,48,b2,a9,8d,83,5d,56,4a,\
"??"=hex:2f,de,89,13,c0,0d,9d,35,85,7a,60,0e,d9,27,9c,cd
.
[HKEY_USERS\S-1-5-21-1801674531-2052111302-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex
f,ea,24,e9,9c,a5,f4,34,53,6b,e5,89,47,7a,0d,35,91,a8,c3,b3,68,3e,e8,4e,d1,ec,98,87,36,95,b1,c0,1f,ae,e7,70,ee,cc,d9,6f,8c,27,60,79,98,7a,\
"rkeysecu"=hex:b6,24,49,bf,1c,73,16,6c,20,90,8b,ec,40,8b,c5,fa
.
--------------------- DLLs chargées dans les processus actifs ---------------------
.
- - - - - - - > 'winlogon.exe'(840)
c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll
c:\program files\fichiers communs\logishrd\bluetooth\LBTServ.dll
.
Heure de fin: 2011-05-25 21:07:14
ComboFix-quarantined-files.txt 2011-05-25 19:06
ComboFix2.txt 2009-10-19 20:39
.
Avant-CF: 29 967 618 048 octets libres
Après-CF: 31 127 506 944 octets libres
.
WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect /usepmtimer
.
- - End Of File - - 76D18BBD183BA29D15202853F126F61D
Bonsoir ?
Rends toi sur ce lien : Virus Total
Clique sur Parcourir
Analyse le fichier en gras et poste le rapport.
c:\windows\system32\libmfxhw32.dll
Si une fenêtre indique que le fichier a déjà été analysé, clique sur réanalyser le fichier maintenant.
Aide:
http://forum.malekal.com/virustotal-comment-scanner-fic...
Rends toi sur ce lien : Virus Total
c:\windows\system32\libmfxhw32.dll
Aide:
http://forum.malekal.com/virustotal-comment-scanner-fic...
Bonsoir
Il a rien trouvé
AhnLab-V3 2011.05.27.00 2011.05.26 -
AntiVir 7.11.8.151 2011.05.26 -
Antiy-AVL 2.0.3.7 2011.05.26 -
Avast 4.8.1351.0 2011.05.26 -
Avast5 5.0.677.0 2011.05.26 -
AVG 10.0.0.1190 2011.05.26 -
BitDefender 7.2 2011.05.26 -
CAT-QuickHeal 11.00 2011.05.26 -
ClamAV 0.97.0.0 2011.05.26 -
Commtouch 5.3.2.6 2011.05.26 -
Comodo 8846 2011.05.26 -
DrWeb 5.0.2.03300 2011.05.26 -
Emsisoft 5.1.0.5 2011.05.26 -
eSafe 7.0.17.0 2011.05.26 -
eTrust-Vet 36.1.8349 2011.05.26 -
F-Prot 4.6.2.117 2011.05.26 -
F-Secure 9.0.16440.0 2011.05.26 -
Fortinet 4.2.257.0 2011.05.26 -
GData 22 2011.05.26 -
Ikarus T3.1.1.104.0 2011.05.26 -
Jiangmin 13.0.900 2011.05.26 -
K7AntiVirus 9.104.4726 2011.05.26 -
Kaspersky 9.0.0.837 2011.05.26 -
McAfee 5.400.0.1158 2011.05.26 -
McAfee-GW-Edition 2010.1D 2011.05.26 -
Microsoft 1.6903 2011.05.26 -
NOD32 6156 2011.05.26 -
nProtect 2011-05-26.01 2011.05.26 -
Panda 10.0.3.5 2011.05.26 -
PCTools 7.0.3.5 2011.05.19 -
Prevx 3.0 2011.05.26 -
Rising 23.59.02.05 2011.05.25 -
Sophos 4.65.0 2011.05.26 -
SUPERAntiSpyware 4.40.0.1006 2011.05.26 -
Symantec 20111.1.0.186 2011.05.26 -
TheHacker 6.7.0.1.209 2011.05.26 -
TrendMicro 9.200.0.1012 2011.05.26 -
TrendMicro-HouseCall 9.200.0.1012 2011.05.26 -
VBA32 3.12.16.0 2011.05.26 -
VIPRE 9398 2011.05.26 -
ViRobot 2011.5.26.4480 2011.05.26 -
VirusBuster 13.6.372.0 2011.05.26 -
Il a rien trouvé
AhnLab-V3 2011.05.27.00 2011.05.26 -
AntiVir 7.11.8.151 2011.05.26 -
Antiy-AVL 2.0.3.7 2011.05.26 -
Avast 4.8.1351.0 2011.05.26 -
Avast5 5.0.677.0 2011.05.26 -
AVG 10.0.0.1190 2011.05.26 -
BitDefender 7.2 2011.05.26 -
CAT-QuickHeal 11.00 2011.05.26 -
ClamAV 0.97.0.0 2011.05.26 -
Commtouch 5.3.2.6 2011.05.26 -
Comodo 8846 2011.05.26 -
DrWeb 5.0.2.03300 2011.05.26 -
Emsisoft 5.1.0.5 2011.05.26 -
eSafe 7.0.17.0 2011.05.26 -
eTrust-Vet 36.1.8349 2011.05.26 -
F-Prot 4.6.2.117 2011.05.26 -
F-Secure 9.0.16440.0 2011.05.26 -
Fortinet 4.2.257.0 2011.05.26 -
GData 22 2011.05.26 -
Ikarus T3.1.1.104.0 2011.05.26 -
Jiangmin 13.0.900 2011.05.26 -
K7AntiVirus 9.104.4726 2011.05.26 -
Kaspersky 9.0.0.837 2011.05.26 -
McAfee 5.400.0.1158 2011.05.26 -
McAfee-GW-Edition 2010.1D 2011.05.26 -
Microsoft 1.6903 2011.05.26 -
NOD32 6156 2011.05.26 -
nProtect 2011-05-26.01 2011.05.26 -
Panda 10.0.3.5 2011.05.26 -
PCTools 7.0.3.5 2011.05.19 -
Prevx 3.0 2011.05.26 -
Rising 23.59.02.05 2011.05.25 -
Sophos 4.65.0 2011.05.26 -
SUPERAntiSpyware 4.40.0.1006 2011.05.26 -
Symantec 20111.1.0.186 2011.05.26 -
TheHacker 6.7.0.1.209 2011.05.26 -
TrendMicro 9.200.0.1012 2011.05.26 -
TrendMicro-HouseCall 9.200.0.1012 2011.05.26 -
VBA32 3.12.16.0 2011.05.26 -
VIPRE 9398 2011.05.26 -
ViRobot 2011.5.26.4480 2011.05.26 -
VirusBuster 13.6.372.0 2011.05.26 -
bonjour et merci
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 13:42:16 le 28/05/2011, Mode normal
Microsoft Windows XP Professionnel Service Pack 3 (X86)
Nico@DOKHELAR-A30165 ( )
============== ACTION(S) ==============
Fichier supprimé: C:\Program Files\Mozilla FireFox\plugins\NPAskSBr.dll
Fichier supprimé: C:\WINDOWS\system32\ConduitEngine.tmp
Dossier supprimé: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\conduit
Fichier supprimé: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\searchplugins\conduit.xml
Dossier supprimé: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\extensions\vshare@toolbar
Fichier supprimé: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\searchplugins\web-search.xml
Dossier supprimé: C:\Documents and Settings\Nico\Local Settings\Application Data\Conduit
Dossier supprimé: C:\Program Files\Conduit
Dossier supprimé: C:\Documents and Settings\Nico\Local Settings\Application Data\ConduitEngine
Dossier supprimé: C:\Program Files\ConduitEngine
Dossier supprimé: C:\Documents and Settings\Nico\Application Data\PriceGong
Dossier supprimé: C:\Documents and Settings\Nico\Application Data\Soft2PC
Dossier supprimé: C:\Program Files\Red Kawa\Video Converter App\OpenCandy
(!) -- Fichiers temporaires supprimés.
-- Fichier ouvert: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\Prefs.js --
Ligne supprimée: user_pref("CT1460988.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT146...
Ligne supprimée: user_pref("CT2269050.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER...
Ligne supprimée: user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226...
Ligne supprimée: user_pref("CommunityToolbar.MyGadgetsIntervalMM", 1440);
Ligne supprimée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr...
Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList", "CT1460988,CT2269050");
Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList2", "CT1460988,CT2269050");
Ligne supprimée: user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2269050");
Ligne supprimée: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&Sea...
Ligne supprimée: user_pref("browser.startup.homepage", "hxxp://vshare.toolbarhome.com/?hp=df");
Ligne supprimée: user_pref("extensions.enabledItems", "ffxtlbr@babylon.com:1.1.3,{ACAA314B-EEBA-48e4-AD47-84E31C44796...
Ligne supprimée: user_pref("extensions.vshare@toolbar.update.enabled", false);
Ligne supprimée: user_pref("vshare.install.date", "1302912000000");
Ligne supprimée: user_pref("vshare.install.dumpFileCount", 0);
Ligne supprimée: user_pref("vshare.install.dumpFileDisabled", false);
Ligne supprimée: user_pref("vshare.install.finished", "1.0.0");
Ligne supprimée: user_pref("vshare.install.guid", "{de50f7b3-6b66-4a6d-ae99-c70e829426f0}");
Ligne supprimée: user_pref("vshare.install.istoolbarhp", true);
Ligne supprimée: user_pref("vshare.install.istoolbarsearch", true);
Ligne supprimée: user_pref("vshare.install.laststatreq", "1306368000000");
Ligne supprimée: user_pref("vshare.install.newtab", true);
Ligne supprimée: user_pref("vshare.install.overlayVersion", 1);
Ligne supprimée: user_pref("vshare.install.userHPSettings", "");
Ligne supprimée: user_pref("vshare.install.userSPSettings", "");
-- Fichier Fermé --
-- Fichier ouvert: C:\Documents and Settings\Benjamin\Application Data\Mozilla\FireFox\Profiles\gxcu4dax.default\Prefs.js --
Ligne supprimée: user_pref("CT1460988.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT146...
Ligne supprimée: user_pref("CommunityToolbar.MyGadgetsIntervalMM", 1440);
Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList", "CT1460988");
-- Fichier Fermé --
-- Fichier ouvert: C:\Documents and Settings\Camille\Application Data\Mozilla\FireFox\Profiles\rqvjaecq.default\Prefs.js --
Ligne supprimée: user_pref("CT1460988.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT146...
Ligne supprimée: user_pref("CommunityToolbar.MyGadgetsIntervalMM", 1440);
Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList", "CT1460988");
-- Fichier Fermé --
Clé supprimée: HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé supprimée: HKLM\Software\Classes\CLSID\{A4439ABD-2A99-43D3-A138-6F544489408B}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A4439ABD-2A99-43D3-A138-6F544489408B}
Clé supprimée: HKLM\Software\Classes\Interface\{6612AFDD-34AD-4B89-A236-7E6D07C3FDCD}
Clé supprimée: HKLM\Software\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Clé supprimée: HKLM\Software\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Clé supprimée: HKLM\Software\Classes\Conduit.Engine
Clé supprimée: HKLM\Software\Classes\Toolbar.CT2269050
Clé supprimée: HKLM\Software\Conduit
Clé supprimée: HKLM\Software\conduitEngine
Clé supprimée: HKLM\Software\OpenCandy
Clé supprimée: HKLM\Software\soft2PC
Clé supprimée: HKCU\Software\Conduit
Clé supprimée: HKCU\Software\conduitEngine
Clé supprimée: HKCU\Software\pacificpoker
Clé supprimée: HKCU\Software\pokerinstaller
Clé supprimée: HKCU\Software\PriceGong
Clé supprimée: HKCU\Software\soft2PC
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Pacific Poker
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37F4A335-D085-423e-A425-0370799166FB}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D402D124-DE78-4040-8CFD-A2F00421B63C}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Software_is1
Clé supprimée: HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom
Valeur supprimée: HKLM\Software\Mozilla\Firefox\Extensions|offerboxffx@offerbox.com
Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D}
============== SCAN ADDITIONNEL ==============
**** Mozilla Firefox Version [3.0.19 (fr)] ****
HKLM_MozillaPlugins\@pandonetworks.com/PandoWebPlugin (x)
HKLM_MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 (x)
HKCU_MozillaPlugins\@powerchallenge.com/PowerLoader (x)
HKCU_MozillaPlugins\pandonetworks.com/PandoWebPlugin (x)
Searchplugins\babylon.xml (hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=8465785e00000000000020cf304f80c7&tlver=1.4.19.19&affID=17161/)
Searchplugins\fcmdSrch.xml ( hxxp://start.facemoods.com/?a=iron&f=4&q={searchTerms}/)
Components\aboutRights.js
Components\aboutRobots.js
Components\nsPostUpdateWin.js
-- C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default --
Extensions\ffxtlbr@babylon.com (Babylon)
Extensions\{5B52016C-D097-4aec-BE61-9F129D8FDDBA} (UltraSurf Firefox Tool)
Extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} (DVDVideoSoftTB Toolbar)
Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} (DVDVideoSoft Menu)
Extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66} (Ma-config.com)
User.js - keyword.URL, hxxp://redirecterror.sfr.fr/?q=
Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\Nico\\Bureau
Prefs.js - browser.search.defaultenginename, Web Search...
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.0.19
Prefs.js - keyword.URL, hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=8465785e00000000000020cf304f80c7&tlver=1.4.19.19&instlRef=ss...
-- C:\Documents and Settings\Benjamin\Application Data\Mozilla\FireFox\Profiles\gxcu4dax.default --
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.0.19
-- C:\Documents and Settings\Camille\Application Data\Mozilla\FireFox\Profiles\rqvjaecq.default --
Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\Camille\\Mes documents\\Mes images\\28 ans gael
Prefs.js - browser.search.defaultenginename, Bing
Prefs.js - browser.search.defaulturl, hxxp://www.bing.com/search?FORM=IEFM1&q=
Prefs.js - browser.search.selectedEngine, Google
Prefs.js - browser.startup.homepage, hxxp://go.microsoft.com/fwlink/?LinkId=69157
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.0.19
Prefs.js - keyword.URL, hxxp://www.bing.com/search?FORM=IEFM1&q=
========================================
**** Google Chrome Version [11.0.696.71] ****
Extension\dhkplhfnhceodhffomolpfigojocbpcb (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbar.crx) (?)
Extension\jfmjfhklogoienhpfnppmbcbjfjnkonk (C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx) (?)
-- C:\Documents and Settings\Nico\Local Settings\Application Data\Google\Chrome\User Data\Default --
Preferences - default_search_provider: "Google" (Activé: true) (?)
Preferences - homepage: hxxp://www.google.com/webhp?hl=fr
Preferences - homepage_is_newtabpage: false
Plugin - Microsoft DRM (Activé: true) (C:\Program Files\Windows Media Player\npdrmv2.dll)
Plugin - Microsoft DRM (Activé: true) (C:\Program Files\Windows Media Player\npwmsdrm.dll)
Plugin - Pando Web Plugin (Activé: true) (C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll)
Plugin - Veetle TV Player (Activé: true) (C:\Program Files\Veetle\Player\npvlc.dll)
Plugin - Veetle Broadcaster Plugin (Activé: true) (C:\Program Files\Veetle\VLCBroadcast\npvbp.dll)
Plugin - Veetle TV Core (Activé: true) (C:\Program Files\Veetle\plugins\npVeetle.dll)
Plugin - Windows Live Photo Gallery (Activé: true) (C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll)
Plugin - "Ask Toolbar Plugin Stub" (Activé: true)
Plugin - "Windows Live Photo Gallery" (Activé: true)
Plugin - "DivX Player" (Activé: true)
Plugin - "Pando Web Plugin" (Activé: true)
Plugin - "Veetle TV Core" (Activé: true)
Plugin - "BitTorrent" (Activé: true)
Plugin - "DNA Plug-in" (Activé: true)
Plugin - "Microsoft DRM" (Activé: true)
Plugin - "Power Challenge Loader" (Activé: true)
Plugin - "Veetle Broadcaster Plugin" (Activé: true)
Plugin - "Veetle TV Player" (Activé: true)
========================================
**** Internet Explorer Version [8.0.6001.18702] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{872b5b88-9db5-4310-bdd0-ac189557e5f5} - "DVDVideoSoftTB Toolbar" (C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll)
HKCU_SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A} - "Facemoods Search" (hxxp://start.facemoods.com/?a=iron&s={searchTerms}&f=4)
HKCU_Toolbar\WebBrowser|{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll)
HKCU_Toolbar\WebBrowser|{32099AAC-C132-4136-9E9A-4E364A424E17} (x)
HKCU_Toolbar\WebBrowser|{872B5B88-9DB5-4310-BDD0-AC189557E5F5} (C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll)
HKLM_Toolbar|{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll)
HKLM_Toolbar|{872b5b88-9db5-4310-bdd0-ac189557e5f5} (C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll)
HKLM_Toolbar|{98889811-442D-49dd-99D7-DC866BE87DBC} (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll)
HKCU_ElevationPolicy\{1A84286C-B9A7-4CB6-AB1A-A81E9E0B05E5} - C:\Program Files\Veetle\VLCBroadcast\lbclient.exe (?)
HKCU_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files\Veetle\Player\vtl_hfs.exe (?)
HKCU_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files\Veetle\Player\player.exe (?)
HKCU_ElevationPolicy\{AD6C7CB1-6324-401E-94F4-A09BDC10C866} - C:\Program Files\Veetle\VLCBroadcast\vlc_encoder.exe (?)
HKCU_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files\Veetle\Player\vtl_hfax.exe (?)
HKLM_ElevationPolicy\${ELV_GUID} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.)
HKLM_ElevationPolicy\e664cb25-f367-47a6-97c8-11ada701f75d - C:\Program Files\DVDVideoSoftTB\DVDVideoSoftTBToolbarHelper.exe (?)
HKLM_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files\Veetle\Player\vtl_hfs.exe (?)
HKLM_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files\Veetle\Player\player.exe (?)
HKLM_ElevationPolicy\{B2321D2F-1154-4d97-AD3E-2FE0BAE2897B} - C:\Program Files\SFR\Kit\9launch.exe (SFR)
HKLM_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files\Veetle\Player\vtl_hfax.exe (?)
HKLM_ElevationPolicy\{E8C95601-64EA-41D1-9C3C-EBDF476476BF} - C:\Documents and Settings\Nico\Local Settings\Application Data\Conduit\CT2269050\DVDVideoSoftTBAutoUpdaterHelper.exe (x)
HKLM_ElevationPolicy\{F601DC8A-BF3B-4AB9-B0FA-03D0954AD5CC} - C:\Program Files\DVDVideoSoftTB\DVDVideoSoftTBToolbarHelper.exe (?)
HKLM_Extensions\{90EAE591-7E7E-434a-8E28-ECFD00071806} - "PokerStars.fr" (C:\Program Files\PokerStars.FR\main.ico)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
BHO\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - "Objet d'aide à la navigation SFR" (C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll)
BHO\{2EECD738-5844-4a99-B4B6-146BF802613B} - "CescrtHlpr Object" (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)
BHO\{872b5b88-9db5-4310-bdd0-ac189557e5f5} - "DVDVideoSoftTB Toolbar" (C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll)
========================================
C:\Program Files\Ad-Remover\Quarantine: 129 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 17 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 28/05/2011 13:42:22 (15203 Octet(s))
C:\Ad-Report-SCAN[1].txt - 22/05/2011 14:54:42 (17741 Octet(s))
Fin à: 13:43:15, 28/05/2011
============== E.O.F ==============
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 13:42:16 le 28/05/2011, Mode normal
Microsoft Windows XP Professionnel Service Pack 3 (X86)
Nico@DOKHELAR-A30165 ( )
============== ACTION(S) ==============
Fichier supprimé: C:\Program Files\Mozilla FireFox\plugins\NPAskSBr.dll
Fichier supprimé: C:\WINDOWS\system32\ConduitEngine.tmp
Dossier supprimé: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\conduit
Fichier supprimé: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\searchplugins\conduit.xml
Dossier supprimé: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\extensions\vshare@toolbar
Fichier supprimé: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\searchplugins\web-search.xml
Dossier supprimé: C:\Documents and Settings\Nico\Local Settings\Application Data\Conduit
Dossier supprimé: C:\Program Files\Conduit
Dossier supprimé: C:\Documents and Settings\Nico\Local Settings\Application Data\ConduitEngine
Dossier supprimé: C:\Program Files\ConduitEngine
Dossier supprimé: C:\Documents and Settings\Nico\Application Data\PriceGong
Dossier supprimé: C:\Documents and Settings\Nico\Application Data\Soft2PC
Dossier supprimé: C:\Program Files\Red Kawa\Video Converter App\OpenCandy
(!) -- Fichiers temporaires supprimés.
-- Fichier ouvert: C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default\Prefs.js --
Ligne supprimée: user_pref("CT1460988.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT146...
Ligne supprimée: user_pref("CT2269050.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER...
Ligne supprimée: user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226...
Ligne supprimée: user_pref("CommunityToolbar.MyGadgetsIntervalMM", 1440);
Ligne supprimée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr...
Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList", "CT1460988,CT2269050");
Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList2", "CT1460988,CT2269050");
Ligne supprimée: user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2269050");
Ligne supprimée: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&Sea...
Ligne supprimée: user_pref("browser.startup.homepage", "hxxp://vshare.toolbarhome.com/?hp=df");
Ligne supprimée: user_pref("extensions.enabledItems", "ffxtlbr@babylon.com:1.1.3,{ACAA314B-EEBA-48e4-AD47-84E31C44796...
Ligne supprimée: user_pref("extensions.vshare@toolbar.update.enabled", false);
Ligne supprimée: user_pref("vshare.install.date", "1302912000000");
Ligne supprimée: user_pref("vshare.install.dumpFileCount", 0);
Ligne supprimée: user_pref("vshare.install.dumpFileDisabled", false);
Ligne supprimée: user_pref("vshare.install.finished", "1.0.0");
Ligne supprimée: user_pref("vshare.install.guid", "{de50f7b3-6b66-4a6d-ae99-c70e829426f0}");
Ligne supprimée: user_pref("vshare.install.istoolbarhp", true);
Ligne supprimée: user_pref("vshare.install.istoolbarsearch", true);
Ligne supprimée: user_pref("vshare.install.laststatreq", "1306368000000");
Ligne supprimée: user_pref("vshare.install.newtab", true);
Ligne supprimée: user_pref("vshare.install.overlayVersion", 1);
Ligne supprimée: user_pref("vshare.install.userHPSettings", "");
Ligne supprimée: user_pref("vshare.install.userSPSettings", "");
-- Fichier Fermé --
-- Fichier ouvert: C:\Documents and Settings\Benjamin\Application Data\Mozilla\FireFox\Profiles\gxcu4dax.default\Prefs.js --
Ligne supprimée: user_pref("CT1460988.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT146...
Ligne supprimée: user_pref("CommunityToolbar.MyGadgetsIntervalMM", 1440);
Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList", "CT1460988");
-- Fichier Fermé --
-- Fichier ouvert: C:\Documents and Settings\Camille\Application Data\Mozilla\FireFox\Profiles\rqvjaecq.default\Prefs.js --
Ligne supprimée: user_pref("CT1460988.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT146...
Ligne supprimée: user_pref("CommunityToolbar.MyGadgetsIntervalMM", 1440);
Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList", "CT1460988");
-- Fichier Fermé --
Clé supprimée: HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé supprimée: HKLM\Software\Classes\CLSID\{A4439ABD-2A99-43D3-A138-6F544489408B}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A4439ABD-2A99-43D3-A138-6F544489408B}
Clé supprimée: HKLM\Software\Classes\Interface\{6612AFDD-34AD-4B89-A236-7E6D07C3FDCD}
Clé supprimée: HKLM\Software\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Clé supprimée: HKLM\Software\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Clé supprimée: HKLM\Software\Classes\Conduit.Engine
Clé supprimée: HKLM\Software\Classes\Toolbar.CT2269050
Clé supprimée: HKLM\Software\Conduit
Clé supprimée: HKLM\Software\conduitEngine
Clé supprimée: HKLM\Software\OpenCandy
Clé supprimée: HKLM\Software\soft2PC
Clé supprimée: HKCU\Software\Conduit
Clé supprimée: HKCU\Software\conduitEngine
Clé supprimée: HKCU\Software\pacificpoker
Clé supprimée: HKCU\Software\pokerinstaller
Clé supprimée: HKCU\Software\PriceGong
Clé supprimée: HKCU\Software\soft2PC
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Pacific Poker
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37F4A335-D085-423e-A425-0370799166FB}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D402D124-DE78-4040-8CFD-A2F00421B63C}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Software_is1
Clé supprimée: HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom
Valeur supprimée: HKLM\Software\Mozilla\Firefox\Extensions|offerboxffx@offerbox.com
Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D}
============== SCAN ADDITIONNEL ==============
**** Mozilla Firefox Version [3.0.19 (fr)] ****
HKLM_MozillaPlugins\@pandonetworks.com/PandoWebPlugin (x)
HKLM_MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 (x)
HKCU_MozillaPlugins\@powerchallenge.com/PowerLoader (x)
HKCU_MozillaPlugins\pandonetworks.com/PandoWebPlugin (x)
Searchplugins\babylon.xml (hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=8465785e00000000000020cf304f80c7&tlver=1.4.19.19&affID=17161/)
Searchplugins\fcmdSrch.xml ( hxxp://start.facemoods.com/?a=iron&f=4&q={searchTerms}/)
Components\aboutRights.js
Components\aboutRobots.js
Components\nsPostUpdateWin.js
-- C:\Documents and Settings\Nico\Application Data\Mozilla\FireFox\Profiles\6gwspdjs.default --
Extensions\ffxtlbr@babylon.com (Babylon)
Extensions\{5B52016C-D097-4aec-BE61-9F129D8FDDBA} (UltraSurf Firefox Tool)
Extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} (DVDVideoSoftTB Toolbar)
Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} (DVDVideoSoft Menu)
Extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66} (Ma-config.com)
User.js - keyword.URL, hxxp://redirecterror.sfr.fr/?q=
Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\Nico\\Bureau
Prefs.js - browser.search.defaultenginename, Web Search...
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.0.19
Prefs.js - keyword.URL, hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=8465785e00000000000020cf304f80c7&tlver=1.4.19.19&instlRef=ss...
-- C:\Documents and Settings\Benjamin\Application Data\Mozilla\FireFox\Profiles\gxcu4dax.default --
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.0.19
-- C:\Documents and Settings\Camille\Application Data\Mozilla\FireFox\Profiles\rqvjaecq.default --
Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\Camille\\Mes documents\\Mes images\\28 ans gael
Prefs.js - browser.search.defaultenginename, Bing
Prefs.js - browser.search.defaulturl, hxxp://www.bing.com/search?FORM=IEFM1&q=
Prefs.js - browser.search.selectedEngine, Google
Prefs.js - browser.startup.homepage, hxxp://go.microsoft.com/fwlink/?LinkId=69157
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.0.19
Prefs.js - keyword.URL, hxxp://www.bing.com/search?FORM=IEFM1&q=
========================================
**** Google Chrome Version [11.0.696.71] ****
Extension\dhkplhfnhceodhffomolpfigojocbpcb (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbar.crx) (?)
Extension\jfmjfhklogoienhpfnppmbcbjfjnkonk (C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx) (?)
-- C:\Documents and Settings\Nico\Local Settings\Application Data\Google\Chrome\User Data\Default --
Preferences - default_search_provider: "Google" (Activé: true) (?)
Preferences - homepage: hxxp://www.google.com/webhp?hl=fr
Preferences - homepage_is_newtabpage: false
Plugin - Microsoft DRM (Activé: true) (C:\Program Files\Windows Media Player\npdrmv2.dll)
Plugin - Microsoft DRM (Activé: true) (C:\Program Files\Windows Media Player\npwmsdrm.dll)
Plugin - Pando Web Plugin (Activé: true) (C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll)
Plugin - Veetle TV Player (Activé: true) (C:\Program Files\Veetle\Player\npvlc.dll)
Plugin - Veetle Broadcaster Plugin (Activé: true) (C:\Program Files\Veetle\VLCBroadcast\npvbp.dll)
Plugin - Veetle TV Core (Activé: true) (C:\Program Files\Veetle\plugins\npVeetle.dll)
Plugin - Windows Live Photo Gallery (Activé: true) (C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll)
Plugin - "Ask Toolbar Plugin Stub" (Activé: true)
Plugin - "Windows Live Photo Gallery" (Activé: true)
Plugin - "DivX Player" (Activé: true)
Plugin - "Pando Web Plugin" (Activé: true)
Plugin - "Veetle TV Core" (Activé: true)
Plugin - "BitTorrent" (Activé: true)
Plugin - "DNA Plug-in" (Activé: true)
Plugin - "Microsoft DRM" (Activé: true)
Plugin - "Power Challenge Loader" (Activé: true)
Plugin - "Veetle Broadcaster Plugin" (Activé: true)
Plugin - "Veetle TV Player" (Activé: true)
========================================
**** Internet Explorer Version [8.0.6001.18702] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{872b5b88-9db5-4310-bdd0-ac189557e5f5} - "DVDVideoSoftTB Toolbar" (C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll)
HKCU_SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A} - "Facemoods Search" (hxxp://start.facemoods.com/?a=iron&s={searchTerms}&f=4)
HKCU_Toolbar\WebBrowser|{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll)
HKCU_Toolbar\WebBrowser|{32099AAC-C132-4136-9E9A-4E364A424E17} (x)
HKCU_Toolbar\WebBrowser|{872B5B88-9DB5-4310-BDD0-AC189557E5F5} (C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll)
HKLM_Toolbar|{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll)
HKLM_Toolbar|{872b5b88-9db5-4310-bdd0-ac189557e5f5} (C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll)
HKLM_Toolbar|{98889811-442D-49dd-99D7-DC866BE87DBC} (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll)
HKCU_ElevationPolicy\{1A84286C-B9A7-4CB6-AB1A-A81E9E0B05E5} - C:\Program Files\Veetle\VLCBroadcast\lbclient.exe (?)
HKCU_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files\Veetle\Player\vtl_hfs.exe (?)
HKCU_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files\Veetle\Player\player.exe (?)
HKCU_ElevationPolicy\{AD6C7CB1-6324-401E-94F4-A09BDC10C866} - C:\Program Files\Veetle\VLCBroadcast\vlc_encoder.exe (?)
HKCU_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files\Veetle\Player\vtl_hfax.exe (?)
HKLM_ElevationPolicy\${ELV_GUID} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.)
HKLM_ElevationPolicy\e664cb25-f367-47a6-97c8-11ada701f75d - C:\Program Files\DVDVideoSoftTB\DVDVideoSoftTBToolbarHelper.exe (?)
HKLM_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files\Veetle\Player\vtl_hfs.exe (?)
HKLM_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files\Veetle\Player\player.exe (?)
HKLM_ElevationPolicy\{B2321D2F-1154-4d97-AD3E-2FE0BAE2897B} - C:\Program Files\SFR\Kit\9launch.exe (SFR)
HKLM_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files\Veetle\Player\vtl_hfax.exe (?)
HKLM_ElevationPolicy\{E8C95601-64EA-41D1-9C3C-EBDF476476BF} - C:\Documents and Settings\Nico\Local Settings\Application Data\Conduit\CT2269050\DVDVideoSoftTBAutoUpdaterHelper.exe (x)
HKLM_ElevationPolicy\{F601DC8A-BF3B-4AB9-B0FA-03D0954AD5CC} - C:\Program Files\DVDVideoSoftTB\DVDVideoSoftTBToolbarHelper.exe (?)
HKLM_Extensions\{90EAE591-7E7E-434a-8E28-ECFD00071806} - "PokerStars.fr" (C:\Program Files\PokerStars.FR\main.ico)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
BHO\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - "Objet d'aide à la navigation SFR" (C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll)
BHO\{2EECD738-5844-4a99-B4B6-146BF802613B} - "CescrtHlpr Object" (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)
BHO\{872b5b88-9db5-4310-bdd0-ac189557e5f5} - "DVDVideoSoftTB Toolbar" (C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll)
========================================
C:\Program Files\Ad-Remover\Quarantine: 129 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 17 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 28/05/2011 13:42:22 (15203 Octet(s))
C:\Ad-Report-SCAN[1].txt - 22/05/2011 14:54:42 (17741 Octet(s))
Fin à: 13:43:15, 28/05/2011
============== E.O.F ==============
Bonsoir
comment se comporte ton pc?
Clique ICI pour lancer une ligne de scannner ESET.
Impératif: pour ce scan utiliser Internet Explorer
Coche Yes ,I accept the Terms of Use
Clique sur Start
Autorisez le contrôle ActiveX
Clique sur Start
Coche les options suivantes: Remove found threats et Scan archives
Clique sur Start
Attend la fin du scan
Utilise le Bloc-notes pour ouvrir le rapport situé dans C:\Program Files\ESET\ESET online Scanner\log.txt
Copie et colle ce rapport dans ta prochaine réponse.
AIDE
++++++++++++++++
comment se comporte ton pc?
Clique ICI pour lancer une ligne de scannner ESET.
Impératif: pour ce scan utiliser Internet Explorer
Coche Yes ,I accept the Terms of Use
Clique sur Start
Autorisez le contrôle ActiveX
Clique sur Start
Coche les options suivantes: Remove found threats et Scan archives
Clique sur Start
Attend la fin du scan
Utilise le Bloc-notes pour ouvrir le rapport situé dans C:\Program Files\ESET\ESET online Scanner\log.txt
Copie et colle ce rapport dans ta prochaine réponse.
AIDE
++++++++++++++++
Lassé par la pub ? Créez un compte
- Contenus similaires :
- solutionsRésoluAtterrissage en Pilote Auto sur FSX
- solutionsRésoluAuto-ajusting de mon ecran ne repond plus
- solutionsRésoluCommen on fai pour metre des auto message sur msn
- solutionsRésoluDéconnection Auto !
- solutionsRésoluPLus de lecture auto musique ou film
- solutionsRésoluO/C auto ?
- solutionsRésoluConfigurer 2 adresses IP (1 auto et 1 manuelle) [ Résolu]
- ForumVoiture auto-école et voiture jeune conducteur
- ForumAuto-entrepreneur avec le chômage au début, question.
- ForumRésoluFichiers locked suite au virus de la gendarmerie
- Voir plus
