Tu es tres infecté
voici pour t'en convaincre toutes les lignes infectees
R3 - URLSearchHook: ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} . (.Pas de propriétaire - IE Toolbar Helper Module.) (4.2.0.73) -- C:\Program Files\RechercherWeb Toolbar\tbhelper.dll => Infection BT (Adware.SocialSkinz)
O2 - BHO: TBSB01555 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} . (.Pas de propriétaire - IE Toolbar Engine.) -- C:\Program Files\RechercherWeb Toolbar\tbcore3.dll => Infection BT (Adware.SocialSkinz)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\OfferBoxUpdate.job => Infection PUP (PUP.OfferBox)
[HKCU\Software\OfferBox] => Infection PUP (PUP.OfferBox)
[HKLM\Software\OfferBox] => Infection PUP (PUP.OfferBox)
O43 - CFD: 17/11/2011 - 18:18:18 - [0,063] ----D- C:\Program Files\Widestream6 => Infection BT (Adware.SPointer)
O43 - CFD: 17/11/2011 - 18:33:36 - [0,000] ----D- C:\Documents and Settings\Famille BOUCY\Application Data\OfferBox => Infection PUP (PUP.OfferBox)
O43 - CFD: 29/11/2011 - 08:19:10 - [0,027] ----D- C:\Documents and Settings\Famille BOUCY\Application Data\Toolbar4 => Infection BT (Adware.SocialSkinz)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("CT3148726..clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent"); => Infection BT (Possible)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("CT3148726..uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation"); => Infection BT (Possible)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("CT3148726.AboutPrivacyUrl", "http://www.conduit.com/privacy/Default.aspx"); => Infection BT (Possible)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("CT3148726.GroupingServiceUrl", "http://grouping.services.conduit.com/"); => Infection BT (Possible)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("CT3148726.InstallationId", "ConduitStubGeneric"); => Infection BT (Possible)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("CT3148726.InstallationType", "ConduitStubIntegration"); => Infection BT (Possible)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("CT3148726.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx"); => Infection BT (Possible)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("CT3148726.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID"); => Infection BT (Possible)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("CT3148726.SearchInNewTabUsageUrl", "http://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID"); => Infection BT (Possible)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("CT3148726.TrusteLinkUrl", "http://trust.conduit.com/CT3148726"); => Infection BT (Possible)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("CT3148726.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit- => Infection BT (Possible)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("CT3148726.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29 => Infection BT (Possible)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("CT3148726.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx? => Infection BT (Possible)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Documents and Settings\\Famille BOUCY\\Application Data\\Mozilla\\Firefo[...] => Infection BT (Possible)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("CommunityToolbar.ToolbarsList2", "CT3148726"); => Infection BT (Possible)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("CommunityToolbar.ToolbarsList4", "CT3148726"); => Infection BT (Possible)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("CommunityToolbar.globalUserId", "eea945e4-0bf5-4089-bc9b-c2c0af8e4566"); => Infection BT (Possible)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true); => Infection BT (Possible)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true); => Infection BT (Possible)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Wed Nov 23 2011 09:28:55 GMT+0100"); => Infection BT (Possible)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440); => Infection BT (Possible)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Wed Nov 23 2011 10:29:05 GMT+0100"); => Infection BT (Possible)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("CommunityToolbar.notifications.locale", "en"); => Infection BT (Possible)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440); => Infection BT (Possible)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Wed Nov 23 2011 09:28:47 GMT+0100"); => Infection BT (Possible)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611"); => Infection BT (Possible)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20); => Infection BT (Possible)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("CommunityToolbar.notifications.showTrayIcon", false); => Infection BT (Possible)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300); => Infection BT (Possible)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("CommunityToolbar.notifications.userId", "54b56a48-fb1a-4663-8919-3dffab2bfbd6"); => Infection BT (Possible)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("extensions.asktb.InstallDir", "C:\\Program Files\\Ask.com\\"); => Infection BT (Adware.AskSBAR)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("extensions.asktb.apn_dbr", "ff_8.0"); => Infection BT (Adware.AskSBAR)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("extensions.asktb.cbid", "JM"); => Infection BT (Adware.AskSBAR)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("extensions.asktb.config-updated", true); => Infection BT (Adware.AskSBAR)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("extensions.asktb.crumb", "2011.12.02+00.59.11-toolbar009iad-FR-UGFyaXMsRnJhbmNl"); => Infection BT (Adware.AskSBAR)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("extensions.asktb.dtid", "YYYYYYYYFR"); => Infection BT (Adware.AskSBAR)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("extensions.asktb.fresh-install", false); => Infection BT (Adware.AskSBAR)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("extensions.asktb.guid", "6bebdaeb-d74b-4c58-bd83-d9952d59108a"); => Infection BT (Adware.AskSBAR)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("extensions.asktb.if", "first"); => Infection BT (Adware.AskSBAR)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("extensions.asktb.l", "dis"); => Infection BT (Adware.AskSBAR)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("extensions.asktb.last-config-req", "1324475152144"); => Infection BT (Adware.AskSBAR)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("extensions.asktb.locale", "fr_FR"); => Infection BT (Adware.AskSBAR)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("extensions.asktb.location", "Paris,France"); => Infection BT (Adware.AskSBAR)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("extensions.asktb.notification-shown", true); => Infection BT (Adware.AskSBAR)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("extensions.asktb.o", "100000080"); => Infection BT (Adware.AskSBAR)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("extensions.asktb.overlay-reloaded-using-restart", true); => Infection BT (Adware.AskSBAR)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("extensions.asktb.qsrc", "2871"); => Infection BT (Adware.AskSBAR)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("extensions.asktb.r", "3"); => Infection BT (Adware.AskSBAR)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("extensions.asktb.sa", "NO"); => Infection BT (Adware.AskSBAR)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("extensions.asktb.sa-enabled", "true"); => Infection BT (Adware.AskSBAR)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("extensions.asktb.search-suggestions-enabled", true); => Infection BT (Adware.AskSBAR)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false); => Infection BT (Adware.AskSBAR)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("extensions.asktb.themeid", ""); => Infection BT (Adware.AskSBAR)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("extensions.asktb.timeinstalled", "02/12/2011 10:05:16"); => Infection BT (Adware.AskSBAR)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("extensions.asktb.to", ""); => Infection BT (Adware.AskSBAR)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("extensions.asktb.v", "3.13.2.100009"); => Infection BT (Adware.AskSBAR)
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("extensions.asktb.version", "5.13.2.19401"); => Infection BT (Adware.AskSBAR)
[HKLM\Software\Classes\pbfrv2.pbfrv2] => Infection BT (Adware.2020search)
[HKLM\Software\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}] => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}] => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}] => Infection BT (Adware.Agent)
[HKLM\Software\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}] => Infection BT (Adware.Agent)
[HKLM\Software\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}] => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}] => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}] => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}] => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}] => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Classes\Interface\{4897bba6-48d9-468c-8efa-846275d7701b}] => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}] => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}] => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}] => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}] => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}] => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}] => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}] => Infection BT (Toolbar.Babylon)
[HKLM\Software\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}] => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}] => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}] => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}] => Infection BT (Hijacker.Seeearch)
[HKLM\Software\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}] => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}] => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}] => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}] => Infection BT (Hijacker.Seeearch)
[HKLM\Software\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}] => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}] => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}] => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}] => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}] => Infection BT (Adware. BullseyeToolbar)
[HKLM\Software\Classes\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}] => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}] => Infection BT (Toolbar.Babylon)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}] => Infection BT (Adware.SocialSkinz)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}] => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}] => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}] => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}] => Infection BT (Adware.SocialSkinz)
[HKCU\Software\OfferBox] => Infection PUP (PUP.OfferBox)
[HKLM\Software\OfferBox] => Infection PUP (PUP.OfferBox)
[HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks]:{CA3EB689-8F09-4026-AA10-B9534C691CE0} => Infection BT (Adware.SocialSkinz)
C:\Program Files\Widestream6 => Infection BT (Adware.SPointer)
C:\Documents and Settings\Famille BOUCY\Application Data\OfferBox => Infection PUP (PUP.OfferBox)
C:\Documents and Settings\Famille BOUCY\Application Data\Toolbar4 => Infection BT (Adware.SocialSkinz)
M3 - MFPP: Plugins - [Famille BOUCY] -- C:\Documents and Settings\Famille BOUCY\Application Data\Mozilla\Firefox\Profiles\ysjkoiyo.default\searchplugins\sweetim.xml => SweetIM Toolbar
M2 - MFEP: prefs.js [Famille BOUCY - ysjkoiyo.default\toolbar@ask.com] [] Avira SearchFree Toolbar plus Web Protection v1.20.00 (.Ask.com.) => Toolbar.Ask
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetIM Toolbar Helper Module.) (4, 2, 0, 4) -- C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} . (.Ask - Avira SearchFree Toolbar.) -- C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetIM Toolbar for Internet Explorer.) -- C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetIM Toolbar for Internet Explorer.) -- C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: RechercherWeb Toolbar - {8FFA7469-654F-423E-84FE-6A583CB1C284} . (.Pas de propriétaire - IE Toolbar Engine.) -- C:\Program Files\RechercherWeb Toolbar\tbcore3.dll => RechercherWeb Toolbar
O3 - Toolbar: Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} . (.Ask - Avira SearchFree Toolbar.) -- C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [SweetIM] . (.SweetIM Technologies Ltd. - SweetIM Instant Messenger Enhancer.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe => Macrogaming®SweetIM
O8 - Extra context menu item: Rechercher sur le Web . (...) -- C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\MenuExt.html
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job => Toolbar.Ask
O42 - Logiciel: Ask Toolbar - (.Ask.com.) [HKLM] -- {86D4B82A-ABED-442A-BE86-96357B70F4FE} => Toolbar.Ask
O42 - Logiciel: RechercherWeb Toolbar - (.RechercherWeb Toolbar.) [HKLM] -- RechercherWeb Toolbar => RechercherWeb Toolbar
O42 - Logiciel: SweetIM Toolbar for Internet Explorer 4.2 - (.SweetIM Technologies Ltd..) [HKLM] -- {A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3} => SweetIM Toolbar
[HKCU\Software\APN] => Toolbar.eBay
[HKCU\Software\Ask.com] => Toolbar.Ask
[HKCU\Software\AskToolbar] => Toolbar.Ask
[HKCU\Software\SweetIM] => Toolbar.SweetIM
[HKCU\Software\TBSB01555] => Toolbar.Conduit
[HKLM\Software\APN] => Toolbar.eBay
[HKLM\Software\AskToolbar] => Toolbar.Ask
[HKLM\Software\SweetIM] => Toolbar.SweetIM
O43 - CFD: 02/12/2011 - 10:05:42 - [3,504] ----D- C:\Program Files\Ask.com => Toolbar.Ask
O43 - CFD: 23/11/2011 - 09:13:58 - [0,609] ----D- C:\Program Files\Conduit => Toolbar.Conduit
O43 - CFD: 29/11/2011 - 09:02:34 - [6,872] ----D- C:\Program Files\RechercherWeb Toolbar => RechercherWeb Toolbar
O43 - CFD: 17/11/2011 - 18:13:14 - [8,360] ----D- C:\Program Files\SweetIM => Toolbar.SweetIM
O43 - CFD: 05/12/2011 - 16:04:40 - [0,000] ----D- C:\Documents and Settings\Famille BOUCY\Application Data\AskToolbar => Toolbar.Ask
O43 - CFD: 20/12/2011 - 17:55:48 - [2,770] ----D- C:\Documents and Settings\Famille BOUCY\Local Settings\Application Data\AskToolbar => Toolbar.Ask
O43 - CFD: 23/11/2011 - 19:43:06 - [0,126] ----D- C:\Documents and Settings\Famille BOUCY\Local Settings\Application Data\Conduit => Toolbar.Conduit
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("CT3148726.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT3148726&SearchSource=2&q="); => Toolbar.Conduit
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("CT3148726.TBHomePageUrl", "http://search.conduit.com/?ctid=CT3148726&SearchSource=13"); => Toolbar.Conduit
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("CommunityToolbar.ETag.http://alerts.conduit-services.com/root/1547114/1542153/FR", "\"0\""); => Toolbar.Conduit
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("CommunityToolbar.ETag.http://appsmetadata.toolbar.conduit-services.com/?ctid=CT3148726", "\"0\""); => Toolbar.Conduit
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=fr", "kLE3EoupXhh+ => Toolbar.Conduit
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.1.0", "\"6a637346d78ccc1:0\"")[...] => Toolbar.Conduit
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("CommunityToolbar.ETag.http://servicemap.conduit-services.com/Toolbar/?ownerId=CT3148726", => Toolbar.Conduit
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("CommunityToolbar.ETag.http://translation.toolbar.conduit-services.com/?locale=fr", "\"864b96cefc08a4496f11285e75305e25\[...] => Toolbar.Conduit
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("CommunityToolbar.notifications.clientsServerUrl", "http://alert.client.conduit.com"); => Toolbar.Conduit
O69 - SBI: prefs.js [Famille BOUCY - ysjkoiyo.default] user_pref("CommunityToolbar.notifications.servicesServerUrl", "http://alert.services.conduit.com"); => Toolbar.Conduit
O69 - SBI: SearchScopes [HKCU] {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} - (Customized Search) - http://search.fr-recherche.com => Toolbar.Agent
O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (WinZipBar_FR Customized Web Search) - http://search.conduit.com => Toolbar.Conduit
[HKLM\Software\Classes\AppID\GenericAskToolbar.DLL] => Toolbar.Ask
[HKLM\Software\Classes\AppID\TbCommonUtils.DLL] => Toolbar.Agent
[HKLM\Software\Classes\AppID\TbHelper.EXE] => Toolbar.Agent
[HKLM\Software\Classes\AppID\YontooIEClient.DLL] => Toolbar.Agent
[HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd] => Toolbar.Ask
[HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1] => Toolbar.Ask
[HKLM\Software\Classes\sim-packages] => Toolbar.Agent
[HKLM\Software\Classes\sweetie.ietoolbar] => Toolbar.SweetIM
[HKLM\Software\Classes\sweetie.ietoolbar.1] => Toolbar.SweetIM
[HKLM\Software\Classes\sweetim_urlsearchhook.toolbarurlsearchhook] => Toolbar.SweetIM
[HKLM\Software\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1] => Toolbar.SweetIM
[HKLM\Software\Classes\TbCommonUtils.CommonUtils] => Toolbar.Agent
[HKLM\Software\Classes\TbCommonUtils.CommonUtils.1] => Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbDownloadManager] => Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbDownloadManager.1] => Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbPropertyManager] => Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbPropertyManager.1] => Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbRequest] => Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbRequest.1] => Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbTask] => Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbTask.1] => Toolbar.Agent
[HKLM\Software\Classes\TbHelper.ToolbarHelper] => Toolbar.Agent
[HKLM\Software\Classes\TbHelper.ToolbarHelper.1] => Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.ContextMenuNotifier] => Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.ContextMenuNotifier.1] => Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.CustomInternetSecurityImpl] => Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.CustomInternetSecurityImpl.1] => Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.SearchProviderManager] => Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.SearchProviderManager.1] => Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.sweetie] => Toolbar.SweetIM
[HKLM\Software\Classes\Toolbar3.sweetie.1] => Toolbar.SweetIM
[HKLM\Software\Classes\URLSearchHook.ToolbarURLSearchHook] => Adware.Agent
[HKLM\Software\Classes\urlsearchhook.toolbarurlsearchhook] => Adware.Agent
[HKLM\Software\Classes\urlsearchhook.toolbarurlsearchhook.1] => Adware.Agent
[HKLM\Software\Classes\YontooIEClient.Api] => Toolbar.Agent
[HKLM\Software\Classes\YontooIEClient.Api.1] => Toolbar.Agent
[HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}] => Toolbar.Ask
[HKLM\Software\Classes\CLSID\{1a03f196-9617-4ca0-842b-a83ceecb022b}] => Toolbar.SweetIM
[HKLM\Software\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}] => Toolbar.Agent
[HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] => Toolbar.Ask
[HKLM\Software\Classes\Interface\{2a42d13c-d427-4787-821b-cf6973855778}] => Toolbar.Agent
[HKLM\Software\Classes\Interface\{3d8478aa-7b88-48a9-8bcb-b85d594411ec}] => Toolbar.Agent
[HKLM\Software\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}] => Toolbar.Conduit
[HKLM\Software\Classes\TypeLib\{4d3b167e-5fd8-4276-8fd7-9df19c1e4d19}] => Toolbar.SweetIM
[HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}] => Toolbar.Ask
[HKLM\Software\Classes\CLSID\{80922ee0-8a76-46ae-95d5-bd3c3fe0708d}] => Toolbar.Agent
[HKLM\Software\Classes\CLSID\{82ac53b4-164c-4b07-a016-437a8388b81a}] => Toolbar.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}] => Toolbar.Ask
[HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}] => Toolbar.Ask
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}] => Toolbar.Agent
[HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}] => Toolbar.Ask
[HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] => Toolbar.Ask
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] => Toolbar.Ask
[HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}] => Toolbar.Ask
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] => Toolbar.Conduit
[HKLM\Software\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}] => Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}] => Toolbar.Ask
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}] => Toolbar.Ask
[HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}] => Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] => Toolbar.Ask
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] => Toolbar.Agent
[HKLM\Software\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] => Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] => Toolbar.Agent
[HKLM\Software\Classes\Interface\{eee6c358-6118-11dc-9c72-001320c79847}] => Toolbar.SweetIM
[HKLM\Software\Classes\Interface\{eee6c35a-6118-11dc-9c72-001320c79847}] => Toolbar.SweetIM
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{eee6c35b-6118-11dc-9c72-001320c79847}] => Toolbar.SweetIM
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{eee6c35b-6118-11dc-9c72-001320c79847}] => Toolbar.SweetIM
[HKLM\Software\Classes\CLSID\{eee6c35b-6118-11dc-9c72-001320c79847}] => Toolbar.SweetIM
[HKLM\Software\Classes\TypeLib\{eee6c35e-6118-11dc-9c72-001320c79847}] => Toolbar.SweetIM
[HKLM\Software\Classes\TypeLib\{eee6c35f-6118-11dc-9c72-001320c79847}] => Toolbar.SweetIM
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}] => Toolbar.SweetIM
[HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF] => Toolbar.Ask
[HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF] => Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF] => Toolbar.Ask
[HKCU\Software\APN] => Toolbar.eBay
[HKLM\Software\APN] => Toolbar.eBay
[HKCU\Software\Ask.com] => Toolbar.Ask
[HKCU\Software\Ask.com] => Toolbar.Ask
[HKCU\Software\AskToolbar] => Toolbar.Ask
[HKLM\Software\AskToolbar] => Toolbar.Ask
[HKCU\Software\SweetIM] => Toolbar.SweetIM
[HKLM\Software\SweetIM] => Toolbar.SweetIM
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440} => Toolbar.Ask
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{D4027C7F-154A-4066-A1AD-4243D8127440} => Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Run]:ApnUpdater => Toolbar.Ask
C:\Program Files\Ask.com => Toolbar.Ask
C:\Program Files\Conduit => Toolbar.Conduit
C:\Program Files\SweetIM => Toolbar.SweetIM
C:\Documents and Settings\Famille BOUCY\Application Data\AskToolbar => Toolbar.Ask
C:\Documents and Settings\Famille BOUCY\Local Settings\Application Data\AskToolbar => Toolbar.Ask
C:\Documents and Settings\Famille BOUCY\Local Settings\Application Data\Conduit => Toolbar.Conduit
C:\Documents and Settings\Famille BOUCY\Application Data\Mozilla\Firefox\Profiles\ysjkoiyo.default\Extensions\toolbar@ask.com => Toolbar.Ask
C:\Documents and Settings\Famille BOUCY\Application Data\Mozilla\Firefox\Profiles\ysjkoiyo.default\SearchPlugins\sweetim.xml => SweetIM Toolbar
========================= QUELQUES RECOMMANDATIONS AVANT DE COMMENCER =========================
-
Suis à la lettre les instructions que je te donnerai et ne prends aucune initiative avec les outils de désinfection
-
Ne télécharge plus et n'installe plus aucun programme durant la désinfection, sauf ceux que je te dirai de télécharger. Je te donnerai le feu vert le moment venu quand tu pourras retrouver un usage normal de ton PC
-
Poste les rapports comme cela te sera demandé (certains rapports - longs - devront être hébergés ; d'autres, plus courts, pourront être postés directement sur le forum
-
Je te le préciserai à chaque fois mais si tu es sous Vista ou sous W7 : les outils devront donc être exécutés en tant qu'administrateur
-
Selon le degré d'infection, le PC peut réagir de façon non désirée (plantage) même si cela est rare
-
Une procédure de désinfection nécessite du temps et de l'investissement : si tu as l'intention de formater, merci de le dire maintenant pour nous éviter de perdre du temps pour rien
================================ WINCHK ==================================
Pour commencer, j'ai besoin de quelques informations sur ton système:
-
Télécharger WinChk de Xplode
-
Lancer l'installation
-
Choisir Executer
-
Patienter quelques secondes.
-
Un rapport est généré (C:\WinChk.txt)
-
Copie le et colle son contenu dans ta réponse.