Worm:win32 ainslot.a

Salut,

C'est un RAT.
Malwarebyte doit faire le job.

Télécharge et installe Malwarebyte : http://www.malekal.com/tutorial_MalwareBytes_AntiMalware.php
Mets le à jour, fais un scan rapide, supprime tout et poste le rapport ici.
!!! Malwarebyte doit être à jour avant de faire le scan !!!
Supprime bien ce qui est détecté : bouton supprimer sélection.

Bonjour,

Tu les mets en quarantaine.
Si un problème survient, tu peux toujours les restaurer depuis la quarantaine.
Et si tou va bien, dans 2 semaines, tu les vires.

Fais ça :
Télécharge ce tool : http://batchdhelus.open-web.fr/programme/MalwaresUploader.exe
Puis tu coches Malekal à gauche
Dans le cadre en bas, copie/colle les chemins des fichiers suivants :

c:\Users\julien\AppData\Local\Temp\server.exe
c:\Users\julien\AppData\Roaming\WinSec.exe

et tu clics sur Upload en bas.


et supprime la sélection dans le scan Malwarebyte.

Bonjour, j'ai également le même problème que l'auteur, je suis en train de faire une analyse rapide malwarebyte, je vous poste le rapport dès que possible.

Envoye ces fichiers sur http://upload.malekal.com :
c:\Windows\System32\Windir\svchost.exe
c:\Windows\SysWOW64\Windir\svchost.exe
c:\Users\patrick\AppData\Roaming\svchost2.exe

Mon pc ne détecte pas les svchost, en suivant le chemin je tombe sur un dossier vide, comment révéler ces fichiers afin de te les envoyer?

essaye ça : http://www.commentcamarche.net/faq/825-afficher-les-extensions-et-les-fichiers-caches-sous-windows

mais surement qu'il va enlever l'affichage :/

sinon essaye ça :

Télécharge ce tool : http://batchdhelus.open-web.fr/programme/MalwaresUploader.exe
Puis tu coches Malekal à gauche
Dans le cadre en bas, copie/colle les chemins des fichiers suivants :

c:\Windows\System32\Windir\svchost.exe
c:\Windows\SysWOW64\Windir\svchost.exe
c:\Users\patrick\AppData\Roaming\svchost2.exe

et tu clics sur Upload en bas.


et supprime la sélection dans le scan Malwarebyte.

Bon je les ai upload.
Quand tu dis "supprime la sélection dans le scan Malwarebyte" C'est à dire?

Ca n'a pas uploadé :/

Tu vas sur Malwarebyte / onglet rapport
et sur le scan que tu viens de faire, tu fais "supprimer selection"
car là "no action taken", à priori tu as pas supprimé ce qui a été détecté.

Quand j'essaye d'upload, le logiciel supprime instantanément les lignes c:\Windows\System32\Windir\svchost.exe
c:\Windows\SysWOW64\Windir\svchost.exe

et il ne t'upload que celle là c:\Users\patrick\AppData\Roaming\svchost2.exe

Bon j'suis un peu perdu là je sais plus vraiment quoi faire, mon antivirus a de nouveau détecté le virus (le même que celui de l'auteur) au rallumage du pc malgré l'intervention de malwarebyte...
A l'aide! :D

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Version de la base de données: 8090

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

05/11/2011 18:25:32
mbam-log-2011-11-05 (18-25-32).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 198744
Temps écoulé: 5 minute(s), 37 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 11
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 9
Fichier(s) infecté(s): 33

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{AFC38DFF-AF0F-27BC-FDA1-EBEA3BAED4B2} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{AFC38DFF-AF0F-27BC-FDA1-EBEA3BAED4B2} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{AFC38DFF-AF0F-27BC-FDA1-EBEA3BAED4B2} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{de4e75d3-60aa-4f02-a0e4-c8a40576574c} (PUP.FCTPlugin) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DE4E75D3-60AA-4F02-A0E4-C8A40576574C} (PUP.FCTPlugin) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DE4E75D3-60AA-4F02-A0E4-C8A40576574C} (PUP.FCTPlugin) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{DE4E75D3-60AA-4F02-A0E4-C8A40576574C} (PUP.FCTPlugin) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DE4E75D3-60AA-4F02-A0E4-C8A40576574C} (PUP.FCTPlugin) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\facetheme (PUP.FCTPlugin) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\VB and VBA Program Settings\SrvID (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl (PUP.FCTPlugin) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\win defender (Trojan.Agent) -> Value: win defender -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\win defender (Trojan.Agent) -> Value: win defender -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\win defender (Trojan.Agent) -> Value: win defender -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
c:\program files (x86)\Object (PUP.FCTPlugin) -> Quarantined and deleted successfully.
c:\program files (x86)\Object\chromeaddon (PUP.FCTPlugin) -> Quarantined and deleted successfully.
c:\program files (x86)\Object\facetheme (PUP.FCTPlugin) -> Quarantined and deleted successfully.
c:\program files (x86)\Object\facetheme\content (PUP.FCTPlugin) -> Quarantined and deleted successfully.
c:\program files (x86)\Object\facetheme\defaults (PUP.FCTPlugin) -> Quarantined and deleted successfully.
c:\program files (x86)\Object\facetheme\defaults\preferences (PUP.FCTPlugin) -> Quarantined and deleted successfully.
c:\program files (x86)\Object\facetheme\locale (PUP.FCTPlugin) -> Quarantined and deleted successfully.
c:\program files (x86)\Object\facetheme\locale\en-US (PUP.FCTPlugin) -> Quarantined and deleted successfully.
c:\program files (x86)\Object\facetheme\skin (PUP.FCTPlugin) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
c:\Users\patrick\AppData\Roaming\svchost2.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\patrick\AppData\Roaming\data.dat (Stolen.Data) -> Quarantined and deleted successfully.
c:\program files (x86)\Object\status.txt (PUP.FCTPlugin) -> Quarantined and deleted successfully.
c:\program files (x86)\Object\bho_project.dll (PUP.FCTPlugin) -> Quarantined and deleted successfully.
c:\program files (x86)\Object\chromeaddon.pem (PUP.FCTPlugin) -> Quarantined and deleted successfully.
c:\program files (x86)\Object\config.ini (PUP.FCTPlugin) -> Quarantined and deleted successfully.
c:\program files (x86)\Object\enable.txt (PUP.FCTPlugin) -> Quarantined and deleted successfully.
c:\program files (x86)\Object\facetheme_uninstall.exe (PUP.FCTPlugin) -> Quarantined and deleted successfully.
c:\program files (x86)\Object\status2.txt (PUP.FCTPlugin) -> Quarantined and deleted successfully.
c:\program files (x86)\Object\chromeaddon\._included.js (PUP.FCTPlugin) -> Quarantined and deleted successfully.
c:\program files (x86)\Object\chromeaddon\background.html (PUP.FCTPlugin) -> Quarantined and deleted successfully.
c:\program files (x86)\Object\chromeaddon\included.js (PUP.FCTPlugin) -> Quarantined and deleted successfully.
c:\program files (x86)\Object\chromeaddon\manifest.json (PUP.FCTPlugin) -> Quarantined and deleted successfully.
c:\program files (x86)\Object\facetheme\build.sh (PUP.FCTPlugin) -> Quarantined and deleted successfully.
c:\program files (x86)\Object\facetheme\chrome.manifest (PUP.FCTPlugin) -> Quarantined and deleted successfully.
c:\program files (x86)\Object\facetheme\config_build.sh (PUP.FCTPlugin) -> Quarantined and deleted successfully.
c:\program files (x86)\Object\facetheme\files (PUP.FCTPlugin) -> Quarantined and deleted successfully.
c:\program files (x86)\Object\facetheme\install.rdf (PUP.FCTPlugin) -> Quarantined and deleted successfully.
c:\program files (x86)\Object\facetheme\readme.txt (PUP.FCTPlugin) -> Quarantined and deleted successfully.
c:\program files (x86)\Object\facetheme\content\.ds_store (PUP.FCTPlugin) -> Quarantined and deleted successfully.
c:\program files (x86)\Object\facetheme\content\firefoxoverlay.xul (PUP.FCTPlugin) -> Quarantined and deleted successfully.
c:\program files (x86)\Object\facetheme\content\installid.js (PUP.FCTPlugin) -> Quarantined and deleted successfully.
c:\program files (x86)\Object\facetheme\content\overlay.js (PUP.FCTPlugin) -> Quarantined and deleted successfully.
c:\program files (x86)\Object\facetheme\content\sudoku.js (PUP.FCTPlugin) -> Quarantined and deleted successfully.
c:\program files (x86)\Object\facetheme\defaults\.ds_store (PUP.FCTPlugin) -> Quarantined and deleted successfully.
c:\program files (x86)\Object\facetheme\defaults\preferences\.ds_store (PUP.FCTPlugin) -> Quarantined and deleted successfully.
c:\program files (x86)\Object\facetheme\defaults\preferences\._sudoku.js (PUP.FCTPlugin) -> Quarantined and deleted successfully.
c:\program files (x86)\Object\facetheme\defaults\preferences\sudoku.js (PUP.FCTPlugin) -> Quarantined and deleted successfully.
c:\program files (x86)\Object\facetheme\locale\.ds_store (PUP.FCTPlugin) -> Quarantined and deleted successfully.
c:\program files (x86)\Object\facetheme\locale\en-US\.ds_store (PUP.FCTPlugin) -> Quarantined and deleted successfully.
c:\program files (x86)\Object\facetheme\locale\en-US\sudoku.dtd (PUP.FCTPlugin) -> Quarantined and deleted successfully.
c:\program files (x86)\Object\facetheme\locale\en-US\sudoku.properties (PUP.FCTPlugin) -> Quarantined and deleted successfully.
c:\program files (x86)\Object\facetheme\skin\overlay.css (PUP.FCTPlugin) -> Quarantined and deleted successfully.

ok pour info, t'as aussi installé plein d'autres m*rdes sur ton PC....

Des logiciels additionnels sont proposés (barre d'outils, adwares) via l'installation de logiciel par éditeurs.
L'éditeur touche de l'argent à chaque installation réussie de ces additionnels tiers (un genre de sponsoring).
Seulement certains éditeurs, abusent, pour gagner plus d'argent, ils redistribuent des logiciels libres développés par des bénévoles en y ajoutant ces logiciels additionnels.
Des pubs trompeuses peuvent aussi être utilisés pour faire installer ces logiciels.

Outre le fait que les procédés sont discutables, l'accumulation de ces programmes additionnels non essentiels councourent à ralentir condésirablement l'ordinateur (peux aussi faire planter les navigateurs WEB).
Certains font aussi du tracking anonymes (récupérations des thématiques de sites visités).

Tu as la même chose avec les barres d'outils :
Les barres d'outils sont là pour t'affilier à un service (moteur de recherche de Yahoo! ou Google), ça rajoute des fonctionnalités mais en général les navigateurs les ont par défaut.
De plus, elles enregistrent les sites que tu visites pour les transmettre (tracking) à faire de la publicité ciblée, c'est pas super niveau protection de la vie privée.
Plusieurs toolbars ralentissent le PC et peuvent faire planter les navigateurs WEB.
Au final, il est pas conseillé d'en utiliser.

Lire :
Les PUPs/LPIs : http://www.malekal.com/2011/07/27/detection-puplpi-potentially-unwanted-program/

~~

Télécharge AdwCleaner ( d'Xplode ) sur ton bureau.
Lance le, clique sur [Suppression] puis patiente le temps du scan.
Une fois le scan fini, un rapport s'ouvrira. Poste moi son contenu dans ta prochaine réponse.

Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt


~~

Tu peux suivre les indications de cette page pour t'aider : http://www.malekal.com/2010/11/12/tutorial-otl/

* Télécharge http://oldtimer.geekstogo.com/OTL.exe sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)

* Lance OTL
* Sur OTL, sous Personnalisation, copie-colle le script ci-dessous :
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%temp%\.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
wininit.exe
/md5stop
HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s
CREATERESTOREPOINT
nslookup www.google.fr /c
SAVEMBR:0
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
* Clique sur le bouton Analyse.
* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer le rapport OTL.txt (et Extra.txt si présent), donne le ou les liens pjjoint qui pointent vers ces rapports ici dans un nouveau message.

# AdwCleaner v1.316 - Rapport créé le 05/11/2011 à 18:35:31
# Mis à jour le 31/10/11 à 22h par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : patrick - PATRICK-PC (Droits Limités)
# Exécuté depuis : C:\Users\patrick\Desktop\Cédric\Téléchargements\adwcleaner0.exe
# Option [Suppression]


***** [KillNav] *****

# firefox.exe [PID:4768] -> Tué

***** [Processus] *****


***** [Services] *****


***** [Fichiers / Dossiers] *****

Dossier Supprimé : C:\Users\patrick\AppData\Roaming\cacaoweb
Dossier Supprimé : C:\Users\patrick\AppData\Local\Conduit
Dossier Supprimé : C:\Users\patrick\AppData\Local\OpenCandy
Dossier Supprimé : C:\Users\patrick\AppData\LocalLow\Conduit
Dossier Supprimé : C:\Users\patrick\AppData\LocalLow\ConduitEngine
Dossier Supprimé : C:\Program Files (x86)\Conduit
Dossier Supprimé : C:\Program Files (x86)\ConduitEngine
Dossier Supprimé : C:\Users\patrick\AppData\Roaming\Mozilla\Firefox\Profiles\n26a0yip.default\Conduit
Fichier Supprimé : C:\Users\patrick\AppData\Roaming\Mozilla\Firefox\Profiles\n26a0yip.default\searchplugins\Askcom.xml

***** [Registre] *****

Clé Supprimée : HKCU\Software\cacaoweb
Clé Supprimée : HKCU\Software\AppDataLow\Toolbar
Clé Supprimée : HKCU\Software\AppDataLow\Software\Conduit
Clé Supprimée : HKCU\Software\AppDataLow\Software\conduitEngine
Clé Supprimée : HKCU\Software\AppDataLow\Software\ShopperReports3
Clé Supprimée : HKLM\SOFTWARE\Classes\Conduit.Engine
Clé Supprimée : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2796BAE63F1801E277261BA0D77770028F20EEE4
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{21BA420E-161C-413A-B21E-4E42AE1F4226}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{453DB0C5-F41C-4D97-8DD6-CC72ECD5F699}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{4AFC07D0-59BB-46B8-B097-1A46E88EEF71}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{6511CE4C-4722-40D0-AD3D-4AFA2F50978A}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{9BEC9B38-BF39-4899-806E-A1C5DFEB60A2}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B86D82BF-D39F-439A-A07C-43EDDC6F6EA6}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DA6305B9-0869-4235-8C1D-533A65E639E5}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E25DA6D6-C365-46CF-ABAF-DC5893135D7A}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E6961C59-CFCE-4CCD-B794-BC78DB98413A}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{71E02280-5212-45C3-B174-4D5A35DA254F}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{419EDA30-6DFF-432C-B534-E15D899ABEE4}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Valeur Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [cacaoweb]

***** [Navigateurs] *****

-\\ Internet Explorer v9.0.8112.16421

Remplacé : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com --> hxxp://www.google.fr

-\\ Mozilla Firefox v7.0.1 (fr)

Profil : n26a0yip.default
Fichier : C:\Users\patrick\AppData\Roaming\Mozilla\Firefox\Profiles\n26a0yip.default\prefs.js

Supprimée : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2207610", "\"1300086648\"");
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=fr-fr", "xYQbfiyILJlwdgfyUaYSOw==");
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=fr-fr", "rGzHjFU+YM5Lv74r5NOnMA==");
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=fr-fr", "EvHKMLQbCv6s3VbbzJnJ+Q==");
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=fr-fr", "FvLcNm096R6J6zPIjtn70Q==");
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"803651ba7facb1:0\"");
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"07b2625f8cb1:0\"");
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"07b2625f8cb1:0\"");
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2207610", "\"634434930587600000\"");
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "634356118310000000");
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2207610/CT2207610", "\"1306785072\"");
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Midnight/equalizer_dead.gif", "\"03e383867bc91:0\"");
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Midnight/minimize.gif", "\"0e685fa27bc91:0\"");
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Midnight/play.gif", "\"02faea337c7c91:0\"");
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Midnight/stop.gif", "\"03a54d7f47ac91:0\"");
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Midnight/vol.gif", "\"049b47644c7c91:0\"");
Supprimée : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=fr-fr", "\"634432176643630000\"");
Supprimée : user_pref("CommunityToolbar.EngineOwner", "CT2207610");
Supprimée : user_pref("CommunityToolbar.EngineOwnerGuid", "{6d6b212b-2245-4898-8b16-9a11b81ff9e1}");
Supprimée : user_pref("CommunityToolbar.EngineOwnerToolbarId", "softonic_france_ff");
Supprimée : user_pref("CommunityToolbar.IsEngineShown", true);
Supprimée : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Supprimée : user_pref("CommunityToolbar.OriginalEngineOwner", "");
Supprimée : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "");
Supprimée : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "");
Supprimée : user_pref("CommunityToolbar.ToolbarsList", "CT2207610");
Supprimée : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Sun Jun 12 2011 19:40:34 GMT+0200");
Supprimée : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Supprimée : user_pref("CommunityToolbar.alert.locale", "en");
Supprimée : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Supprimée : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sun Jun 12 2011 19:40:31 GMT+0200");
Supprimée : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Supprimée : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Supprimée : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Supprimée : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Supprimée : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Supprimée : user_pref("CommunityToolbar.alert.userId", "b2cc2aa0-8038-4a52-a433-74977217d9d1");
Supprimée : user_pref("CommunityToolbar.globalUserId", "19d9a636-1bac-425a-a85b-57364071bbbd");
Supprimée : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Supprimée : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Supprimée : user_pref("ConduitEngine.HideEngineAfterRestart", true);
Supprimée : user_pref("keyword.URL", "hxxp://search.sweetim.com/search.asp?src=2&q=");

-\\ Google Chrome v [Impossible d'obtenir la version]

Fichier : C:\Users\patrick\AppData\Local\Google\Chrome\User Data\Default\Preferences

Supprimée : "keyword": "search.sweetim.com",
Supprimée : "name": "SweetIM Search",
Supprimée : "search_url": "hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={34EB05C6-F692-11E0-8956-485B3998F560}",
Supprimée : "host_referral_list": [ 2, [ "hxxp://1.bp.blogspot.com/", [ "hxxp://1.bp.blogspot.com/", 0.6197289485153833 ] ], [ "hxxp://1pe0gabun5.s.ad6media.fr/", [ "hxxp://1pe0gabun5.s.ad6media.fr/", 1.0372583192660272, "hxxp://ad.zanox.com/", 0.8037034659213589, "hxxp://www.laredoute.fr/", 0.8037034659213589 ] ], [ "hxxp://62.75.239.102/", [ "hxxp://62.75.239.102/", 0.5314407752452762, "hxxp://ad.zanox.com/", 1.724049453995417, "hxxp://cdn.track.webgains.com/", 1.3132281179390324, "hxxp://media.laredoute.fr/", 0.2699539299733008, "hxxp://track.webgains.com/", 1.3132281179390324, "hxxp://www.lamaisondevalerie.fr/", 0.3091780052685668, "hxxp://www.lapostemobile.fr/", 0.832151695812517, "hxxp://www.pimkie.fr/", 0.9387144090888253, "hxxp://www.xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.com/", 0.2699539299733008, "hxxp://www.zanox-affiliate.de/", 0.486416640697503 ] ], [ "hxxp://69.31.136.5/", [ "hxxp://ad.yieldmanager.com/", 0.6348082978593151, "hxxp://adserving.cpxinteractive.com/", 0.5633398139943591, "hxxp://ib.adnxs.com/", 0.4918713301294032, "hxxp://optimized.by.vitalads.net/", 0.4918713301294032, "hxxp://redir.reachclic.net/", 0.4918713301294032 ] ], [ "hxxp://7878bc76.linkbucks.com/", [ "hxxp://7878bc76.linkbucks.com/", 0.5633398139943591, "hxxp://media.revfusion.net/", 0.4918713301294032, "hxxp://rts.revfusion.net/", 0.4918713301294032, "hxxp://static.linkbucks.com/", 0.9206822333191387, "hxxp://www.google-analytics.com/", 0.6348082978593151, "hxxp://www.linkbucksmedia.com/", 0.4918713301294032 ] ], [ "hxxp://a.ligatus.com/", [ "hxxp://d.ligatus.com/", 0.5314462890985842, "hxxp://i.ligatus.com/", 1.863845793310717, "hxxp://x.ligatus.com/", 1.0031335470728135 ] ], [ "hxxp://ad-emea.doubleclick.net/", [ "hxxp://s0.2mdn.net/", 0.351688303126348, "hxxp://t.mookie1.com/", 0.20405748347725416, "hxxp://www.youtube.com/", 0.191518120545764 ] ], [ "hxxp://ad.adlegend.com/", [ "hxxp://ad.adlegend.com/", 0.9511643712163041 ] ], [ "hxxp://ad.adperium.com/", [ "hxxp://ad.adperium.com/", 0.4918713301294032, "hxxp://ad.yieldmanager.com/", 0.4918713301294032, "hxxp://content.yieldmanager.edgesuite.net/", 0.4918713301294032 ] ], [ "hxxp://ad.doubleclick.net/", [ "hxxp://s0.2mdn.net/", 0.47948935651587843 ] ], [ "hxxp://ad.turn.com/", [ "hxxp://cdn.turn.com/", 0.421364066975333 ] ], [ "hxxp://ad.yieldmanager.com/", [ "hxxp://altfarm.mediaplex.com/", 0.9719055386631453, "hxxp://c.betrad.com/", 0.7066920939137182, "hxxp://cm.g.doubleclick.net/", 0.37754783099500006, "hxxp://g-pixel.invitemedia.com/", 0.37754783099500006, "hxxp://img.mediaplex.com/", 0.8887883005523577, "hxxp://l.betrad.com/", 0.37754783099500006, "hxxp://mp.apmebf.com/", 0.5720421681742425, "hxxp://pixel.invitemedia.com/", 0.37754783099500006, "hxxp://s0.2mdn.net/", 0.37754783099500006, "hxxp://t.invitemedia.com/", 0.37754783099500006 ] ], [ "hxxp://ad.z5x.net/", [ "hxxp://ad.yieldmanager.com/", 0.2759692302446825, "hxxp://ad.z5x.net/", 0.2759692302446825, "hxxp://content.yieldmanager.com/", 0.2045007463797264, "hxxp://content.yieldmanager.edgesuite.net/", 0.2759692302446825 ] ], [ "hxxp://adopteunmec.solution.weborama.fr/", [ "hxxp://elstatic.weborama.fr/", 1.0728368526960674 ] ], [ "hxxp://ads.bluelithium.com/", [ "hxxp://ad.yieldmanager.com/", 0.44288289776799183, "hxxp://ads.bluelithium.com/", 0.3380145544750709, "hxxp://content.yieldmanager.com/", 0.20356796050978768 ] ], [ "hxxp://ads.cinejam.com/", [ "hxxp://www.google-analytics.com/", 0.30984961572685843 ] ], [ "hxxp://ads.contentabc.com/", [ "hxxp://cdn1.ads.brazzers.com/", 0.1308053012350964, "hxxp://cdn1.ads.contentabc.com/", 0.4896600111930239 ] ], [ "hxxp://ads.crakmedia.com/", [ "hxxp://urchin.craktraffic.com/", 1.0422931874998105, "hxxp://www.google-analytics.com/", 1.0422931874998105 ] ], [ "hxxp://ads.dnmmedia.com/", [ "hxxp://ads.dnmmedia.com/", 1.5950302367138762, "hxxp://app.dnmmedia.com/", 1.5950302367138762 ] ], [ "hxxp://ads.dothads.com/", [ "hxxp://adimages.dothads.com/", 0.7340769658238004, "hxxp://ads.dothads.com/", 0.7340769658238004 ] ], [ "hxxp://ads.flixbuster.com/", [ "hxxp://wac.20f5.edgecastcdn.net/", 0.20970516060901212, "hxxp://www.google-analytics.com/", 0.2547260449453931 ] ], [ "hxxp://ads.msvp.net/", [ "hxxp://ads.msvp.net/", 2.853168630076187 ] ], [ "hxxp://ads.traffichaus.com/", [ "hxxp://ads.crakmedia.com/", 0.19777238067407396, "hxxp://ads.dothads.com/", 0.10306011140516126, "hxxp://cdn.zeusclicks.com/", 1.5617189435841379, "hxxp://edge.quantserve.com/", 0.26566300393609565, "hxxp://ifa.camads.net/", 0.267564412269547, "hxxp://pixel.quantserve.com/", 0.6791494599076461 ] ], [ "hxxp://ads.vidcube.com/", [ "hxxp://wac.20f5.edgecastcdn.net/", 0.24952163071610764, "hxxp://www.google-analytics.com/", 0.24952163071610764 ] ], [ "hxxp://ads.whaleads.com/", [ "hxxp://ads.whaleads.com/", 0.4343865684134507, "hxxp://images.ads.whaleads.com/", 0.4343865684134507 ] ], [ "hxxp://adserver2.exgfnetwork.com/", [ "hxxp://adserver2.exgfnetwork.com/", 0.37927782465950555, "hxxp://assets1.exgfnetwork.com/", 0.37927782465950555 ] ], [ "hxxp://afe2.specificclick.net/", [ "hxxp://ad.piximedia.com/", 2.818189934090623, "hxxp://astatic.weborama.fr/", 1.0274332749962019, "hxxp://broadcast.piximedia.fr/", 2.0692606480925413, "hxxp://cache.adviva.net/", 0.8173559313053524, "hxxp://elstatic.weborama.fr/", 0.5096275613160419, "hxxp://gae.solution.weborama.fr/", 0.5096275613160419, "hxxp://istatic.weborama.fr/", 0.5096275613160419, "hxxp://rm.piximedia.fr/", 1.7689474195487565, "hxxp://secure-uk.imrworldwide.com/", 1.1497831088473733, "hxxp://sfr.solution.weborama.fr/", 1.0274332749962019 ] ], [ "hxxp://aka-cdn-ns.adtech.de/", [ "hxxp://a69.g.akamai.net/", 0.7791511784137265, "hxxp://aka-cdn-ns.adtech.de/", 0.8440796406820182, "hxxp://epromo.tf1.fr/", 0.5634078788376073, "hxxp://hi-media-europe.s3.amazonaws.com/", 0.3068884971371109 ] ], [ "hxxp://assets1.exgfnetwork.com/", [ "hxxp://assets1.exgfnetwork.com/", 0.4343865684134507 ] ], [ "hxxp://barrirepoker.solution.weborama.fr/", [ "hxxp://elstatic.weborama.fr/", 0.19041955741635627 ] ], [ "hxxp://bc.geocities.yahoo.co.jp/", [ "hxxp://ai.yimg.jp/", 1.1042755784134997, "hxxp://b8.yahoo.co.jp/", 1.1042755784134997 ] ], [ "hxxp://bcp.crwdcntrl.net/", [ "hxxp://bcp.crwdcntrl.net/", 1.852248241406885, "hxxp://d.turn.com/", 1.0728368526960674, "hxxp://ev.ib-ibi.com/", 1.2287191304382308, "hxxp://ib.mookie1.com/", 1.0728368526960674, "hxxp://p.adsymptotic.com/", 1.0728368526960674, "hxxp://p.brilig.com/", 1.2287191304382308, "hxxp://p.rfihub.com/", 1.0728368526960674, "hxxp://segment-pixel.invitemedia.com/", 1.0728368526960674, "hxxp://view.atdmt.com/", 1.0728368526960674, "hxxps://c1.rfihub.net/", 1.0728368526960674 ] ], [ "hxxp://broadcast.piximedia.fr/", [ "hxxp://broadcast.piximedia.fr/", 29.732043851775387 ] ], [ "hxxp://cdn-files.deezer.com/", [ "hxxp://ad.doubleclick.net/", 1.3913222852435276, "hxxp://s0.2mdn.net/", 1.3913222852435276 ] ], [ "hxxp://cdn.blogbang.com/", [ "hxxp://epromo.tf1.fr/", 1.8547003059723652 ] ], [ "hxxp://cdn.flashtalking.com/", [ "hxxp://cdn.flashtalking.com/", 0.3652697292551332, "hxxp://stat.flashtalking.com/", 0.31892953972276555 ] ], [ "hxxp://cdn.turn.com/", [ "hxxp://bh.contextweb.com/", 0.07490659624313328, "hxxp://ce.lijit.com/", 0.07490659624313328, "hxxp://cms.ad.yieldmanager.net/", 0.07490659624313328, "hxxp://cookex.amp.yahoo.com/", 0.07490659624313328, "hxxp://d.audienceiq.com/", 0.09667432506592412, "hxxp://d.turn.com/", 0.07490659624313328, "hxxp://pixel.rubiconproject.com/", 0.6208463449718169, "hxxp://r.turn.com/", 0.09667432506592412, "hxxp://sync.adap.tv/", 0.07490659624313328, "hxxp://tracking.adjug.com/", 0.07490659624313328 ] ], [ "hxxp://cdn.zeusclicks.com/", [ "hxxp://ads.zeusclicks.com/", 1.5617189435841379, "hxxp://ads2.zeusclicks.com/", 1.0307345027655308, "hxxp://cdn.zeusclicks.com/", 1.2576509304657901 ] ], [ "hxxp://cdn1.ads.contentabc.com/", [ "hxxp://cdn1.ads.contentabc.com/", 0.9961695304276609 ] ], [ "hxxp://clouds.rencontreshard.com/", [ "hxxp://ktu.sv2.biz/", 1.2395173340042036, "hxxp://media.rencontreshard.com/", 10.424658603932784, "hxxp://www.google-analytics.com/", 1.4196181432184896, "hxxp://www.rencontreshard.com/", 1.4196181432184896 ] ], [ "hxxp://clubmed.solution.weborama.fr/", [ "hxxp://istatic.weborama.fr/", 0.6197289485153833 ] ], [ "hxxp://comclick.hi-mediaserver.com/", [ "hxxp://bouyguestelecom.solution.weborama.fr/", 1.2758405134213082, "hxxp://elstatic.weborama.fr/", 1.2758405134213082, "hxxp://i2.ytimg.com/", 3.703168191172137, "hxxp://i3.ytimg.com/", 0.7721629716909727, "hxxp://i4.ytimg.com/", 0.7721629716909727, "hxxp://istatic.weborama.fr/", 0.4171464831061695, "hxxp://o-o.preferred.orange-par1.v21.lscache4.c.youtube.com/", 1.8711998620081955, "hxxp://s.youtube.com/", 1.7992595722733973, "hxxp://s.ytimg.com/", 1.9935496958593673, "hxxp://www.youtube.com/", 5.464783074201805 ] ], [ "hxxp://creatives.livejasmin.com/", [ "hxxp://80.77.113.200/", 1.5617189435841379, "hxxp://code.jquery.com/", 1.5617189435841379, "hxxp://creatives.livejasmin.com/", 3.6039667928864705, "hxxp://s0.img.awempire.com/", 2.242468226684916, "hxxp://s1.img.awempire.com/", 2.015551798984657, "hxxp://s2.img.awempire.com/", 2.015551798984657, "hxxp://static.awempire.com/", 2.015551798984657, "hxxp://www.livejasmin.com/", 1.5617189435841379 ] ], [ "hxxp://cti.w55c.net/", [ "hxxp://d.p-td.com/", 0.5116944507992971, "hxxp://i.w55c.net/", 0.2118830886878324, "hxxp://pixel.rubiconproject.com/", 0.5116944507992971, "hxxp://tags.bluekai.com/", 0.5116944507992971 ] ], [ "hxxp://custom.exoclick.com/", [ "hxxp://syndication.exoclick.com/", 0.3903922932482842 ] ], [ "hxxp://d.advertstream.com/", [ "hxxp://d.advertstream.com/", 0.6197289485153833, "hxxp://l.advertstream.com/", 0.6197289485153833 ] ], [ "hxxp://dap.criteo.com/", [ "hxxp://ad.advertstream.com/", 0.5082167956826499 ] ], [ "hxxp://difflhxxp.hvsdigital.com/", [ "hxxp://stats.hvsdigital.com/", 8.235814466499502 ] ], [ "hxxp://dis.criteo.com/", [ "hxxp://ad.advertstream.com/", 0.8037034659213589 ] ], [ "hxxp://ds.serving-sys.com/", [ "hxxp://ds.serving-sys.com/", 1.4267693843512774, "hxxp://epromo.tf1.fr/", 0.7097750350518064, "hxxp://media.wow-europe.com/", 0.9833635829392451 ] ], [ "hxxp://elfassiscoopblog.com/", [ "hxxp://ac.tynt.com/", 0.8037034659213589, "hxxp://googleads.g.doubleclick.net/", 1.8547003059723652, "hxxp://ib.adnxs.com/", 1.0372583192660272, "hxxp://ic.tynt.com/", 0.8037034659213589, "hxxp://image2.pubmatic.com/", 0.9204808925936929, "hxxp://pixel.invitemedia.com/", 0.8037034659213589, "hxxp://segment-pixel.invitemedia.com/", 1.8547003059723652, "hxxp://weboramadata.solution.weborama.fr/", 2.5553648660063697, "hxxp://www.elfassiscoopblog.com/", 2.321810012661701, "hxxp://www.googleadservices.com/", 1.8547003059723652 ] ], [ "hxxp://elstatic.weborama.fr/", [ "hxxp://elstatic.weborama.fr/", 1.2666297986834905, "hxxp://pmu.eficiens-serving.com/", 0.6143301056285497, "hxxp://www.eficiens-serving2.com/", 1.2724185628191613 ] ], [ "hxxp://eu.leagueoflegends.com/", [ "hxxp://b.scorecardresearch.com/", 0.4100046852880986, "hxxp://d1j6nv3mjrypkx.cloudfront.net/", 0.8383351059668954, "hxxp://eu.leagueoflegends.com/", 6.44395591342032, "hxxp://lol-promos.s3.amazonaws.com/", 0.5603908300115749, "hxxp://ping.chartbeat.net/", 2.0217715727144494, "hxxp://riot-web-static.s3.amazonaws.com/", 4.7424339767885435, "hxxp://static.chartbeat.com/", 0.35798916551274285, "hxxp://www.google-analytics.com/", 0.5951060533421506, "hxxp://www.youtube.com/", 0.46202020506345437, "hxxps://riot-web-static.s3.amazonaws.com/", 1.3909093906314933 ] ], [ "hxxp://feeds.videosz.com/", [ "hxxp://cdn.feeds.videosz.com/", 0.33644122914099867, "hxxp://cdn.niche.videosz.com/", 2.0575691333987782, "hxxp://feeds.videosz.com/", 1.3314633353624044 ] ], [ "hxxp://fl01.ct2.comclick.com/", [ "hxxp://action.metaffiliation.com/", 1.3913222852435276, "hxxp://ad-emea.doubleclick.net/", 0.5334238313801883, "hxxp://akamai.smartadserver.com/", 0.0758988665296392, "hxxp://comclick.hi-mediaserver.com/", 0.2030582807974634, "hxxp://hstfr.tradedoubler.com/", 0.34071760094575276, "hxxp://img.netaffiliation.com/", 1.3913222852435276, "hxxp://impfr.tradedoubler.com/", 0.3023586657399396, "hxxp://s0.2mdn.net/", 0.9416421659954338, "hxxp://tap2-cdn.rubiconproject.com/", 0.0758988665296392, "hxxp://www4.smartadserver.com/", 0.08692690696556969 ] ], [ "hxxp://fls.doubleclick.net/", [ "hxxp://googleads.g.doubleclick.net/", 1.1597517902609105, "hxxp://www.googleadservices.com/", 1.3068844800701307 ] ], [ "hxxp://forum.alldebrid.com/", [ "hxxp://forum.alldebrid.com/", 5.341551336849117, "hxxp://i66.servimg.com/", 0.5938984941036742 ] ], [ "hxxp://forum.hardware.fr/", [ "hxxp://dap.criteo.com/", 1.2758405134213082, "hxxp://logp.hit-parade.com/", 1.2758405134213082, "hxxp://logv5.xiti.com/", 1.2758405134213082, "hxxp://partner.googleadservices.com/", 1.461219049559447, "hxxp://pubads.g.doubleclick.net/", 1.461219049559447, "hxxp://r.skimresources.com/", 1.2758405134213082, "hxxp://s.skimresources.com/", 1.461219049559447, "hxxp://t.skimresources.com/", 1.2758405134213082, "hxxp://www.google-analytics.com/", 1.461219049559447, "hxxps://ajax.googleapis.com/", 1.2758405134213082 ] ], [ "hxxp://forum.zebulon.fr/", [ "hxxp://dap.criteo.com/", 1.8319761218357242, "hxxp://hades.bubblestat.com/", 1.2758405134213082, "hxxp://in.bubblestat.com/", 1.8319761218357242, "hxxp://logc15.xiti.com/", 1.461219049559447, "hxxp://sd-1.archive-host.com/", 1.646597585697586, "hxxp://www.facebook.com/", 1.461219049559447, "hxxp://www.overclocking-pc.fr/", 1.461219049559447, "hxxp://www.ovh.com/", 1.461219049559447, "hxxp://www.zebulon.fr/", 2.017354657973863, "hxxp://zeus.bubblestat.com/", 2.9442473386645562 ] ], [ "hxxp://forums.jeuxonline.info/", [ "hxxp://forums.jeuxonline.info/", 2.187211108179172, "hxxp://jolstatic.fr/", 11.617528593041643, "hxxp://medias.jeuxonline.info/", 0.5075990480098851, "hxxp://medias2.jeuxonline.info/", 0.3973762751317589, "hxxp://ox.jeuxonline.info/", 1.053484543662612, "hxxp://www.google-analytics.com/", 1.3089282241322724 ] ], [ "hxxp://fr-fr.facebook.com/", [ "hxxp://static.ak.fbcdn.net/", 3.6139182981343962 ] ], [ "hxxp://fr.64.slidein.clickintext.net/", [ "hxxp://ad.zanox.com/", 0.25683368574939286, "hxxp://www.conforama.fr/", 0.21049349621702507, "hxxp://www.lapostemobile.fr/", 0.31892953972276555 ] ], [ "hxxp://fr.75.slidein.clickintext.net/", [ "hxxp://ad.publicidees.com/", 0.6197289485153833, "hxxp://cofidis2.solution.weborama.fr/", 0.6197289485153833, "hxxp://elstatic.weborama.fr/", 0.6197289485153833, "hxxp://hst.tradedoubler.com/", 0.6197289485153833, "hxxp://hstfr.tradedoubler.com/", 0.7097750350518064, "hxxp://img.tati.fr/", 0.6197289485153833, "hxxp://impfr.tradedoubler.com/", 0.7097750350518064, "hxxp://multimedia.fnac.com/", 0.6197289485153833, "hxxp://sites.orange.fr/", 0.6197289485153833, "hxxp://www.virginmobile.fr/", 0.6197289485153833 ] ], [ "hxxp://fr.85.slidein.clickintext.net/", [ "hxxp://ad.publicidees.com/", 1.1699438965014737, "hxxp://affiliation.maty.com/", 1.1699438965014737, "hxxp://cofidis2.solution.weborama.fr/", 1.1699438965014737, "hxxp://elstatic.weborama.fr/", 1.1699438965014737, "hxxp://hstfr.tradedoubler.com/", 1.3399357447110893, "hxxp://impfr.tradedoubler.com/", 1.1699438965014737, "hxxp://media.laredoute.fr/", 1.3399357447110893, "hxxp://tracking.publicidees.com/", 1.6799194411303207, "hxxp://www.lamaisondevalerie.fr/", 1.1699438965014737, "hxxp://www.lapostemobile.fr/", 1.1699438965014737 ] ], [ "hxxp://fr.dsguide.wikia.com/", [ "hxxp://b.scorecardresearch.com/", 1.0728368526960674, "hxxp://bcp.crwdcntrl.net/", 1.2287191304382308, "hxxp://fr.dsguide.wikia.com/", 3.5669532965706834, "hxxp://images.intellitxt.com/", 2.631659630117703, "hxxp://images2.wikia.nocookie.net/", 2.319895074633376, "hxxp://images4.wikia.nocookie.net/", 3.255188741086358, "hxxp://s0.2mdn.net/", 2.008130519149049, "hxxp://tag.admeld.com/", 2.164012796891212, "hxxp://wikia.us.intellitxt.com/", 1.0728368526960674, "hxxp://www.google-analytics.com/", 2.631659630117703 ] ], [ "hxxp://fr.wikipedia.org/", [ "hxxp://bits.wikimedia.org/", 3.118461757261133, "hxxp://fr.wikipedia.org/", 1.466939954350253, "hxxp://geoiplookup.wikimedia.org/", 1.1366355937680768, "hxxp://meta.wikimedia.org/", 1.3017877740591646, "hxxp://upload.wikimedia.org/", 2.457853036096781 ] ], [ "hxxp://gam3r.fr/", [ "hxxp://a0.twimg.com/", 0.5363927041682115, "hxxp://a1.twimg.com/", 0.5363927041682115, "hxxp://farm6.static.flickr.com/", 1.2378293173112564, "hxxp://gam3r.fr/", 3.809763565502425, "hxxp://logc16.xiti.com/", 0.5363927041682115, "hxxp://mediacdn.disqus.com/", 2.4068903392163317, "hxxp://platform0.twitter.com/", 0.5363927041682115, "hxxp://stats.buzzparadise.com/", 0.5363927041682115, "hxxp://www.facebook.com/", 0.5363927041682115, "hxxp://www.youtube.com/", 1.3937041202319327 ] ], [ "hxxp://gandhi-was-skilled.forumgratuit.fr/", [ "hxxp://ad.yieldmanager.com/", 0.2658471790350317, "hxxp://ad.z5x.net/", 0.2995740599573865, "hxxp://cas.criteo.com/", 0.33330094087974094, "hxxp://content.yieldmanager.com/", 0.23212029811267693, "hxxp://content.yieldmanager.edgesuite.net/", 0.2658471790350317, "hxxp://dis.eu.criteo.com/", 0.2658471790350317, "hxxp://i74.servimg.com/", 0.23212029811267693, "hxxp://illiweb.com/", 0.8392041547150627, "hxxp://r29.imgfast.net/", 0.23212029811267693, "hxxp://www.picdo.net/", 1.1090192020938996 ] ], [ "hxxp://googleads.g.doubleclick.net/", [ "hxxp://google.com/", 1.967674022654115, "hxxp://pagead2.googlesyndication.com/", 0.41325140027652696, "hxxps://googleads.g.doubleclick.net/", 1.967674022654115 ] ], [ "hxxp://home.sweetim.com/", [ "hxxp://search.sweetim.com/", 1.703076792622645 ] ], [ "hxxp://hstfr.tradedoubler.com/", [ "hxxp://c617982.r82.cf0.rackcdn.com/", 1.3607548196208201 ] ], [ "hxxp://ib.adnxs.com/", [ "hxxp://bforbank.solution.weborama.fr/", 1.0728368526960674, "hxxp://elstatic.weborama.fr/", 1.0728368526960674, "hxxp://img-cdn.mediaplex.com/", 0.07102838438749037, "hxxp://istatic.weborama.fr/", 1.0728368526960674, "hxxp://log40.doubleverify.com/", 0.32103498286035204, "hxxp://puma.vizu.com/", 0.41432720010182184, "hxxp://r.turn.com/", 0.5304442875080966, "hxxp://www.experteerads.com/", 0.2118830886878324, "hxxp://www.smartadserver.com/", 0.21872688883334002 ] ], [ "hxxp://ibuzzyou.fr/", [ "hxxp://ads.over-blog.com/", 0.292457924393767, "hxxp://api.viglink.com/", 0.292457924393767, "hxxp://cstatic.weborama.fr/", 0.547421243096025, "hxxp://ibuzzyou.fr/", 2.3321644740118335, "hxxp://static.ak.fbcdn.net/", 0.3774456972945198, "hxxp://w.s.ad6media.fr/", 0.3349518108441434, "hxxp://weborama02.adsafe.fr/", 0.3774456972945198, "hxxp://www.ebuzzingvideo.com/", 0.4624334701952725, "hxxp://www.facebook.com/", 0.4199395837448958, "hxxps://plusone.google.com/", 0.292457924393767 ] ], [ "hxxp://ifa.camads.net/", [ "hxxp://ifa.youjizzlive.com/", 0.5435553424557621, "hxxp://syndication.exoclick.com/", 0.475133037636144 ] ], [ "hxxp://ifa.youjizzlive.com/", [ "hxxp://ifa.youjizzlive.com/", 0.45402291247491716, "hxxp://static.ifa.camads.net/", 2.1246245540623043 ] ], [ "hxxp://images.ads.whaleads.com/", [ "hxxp://images.ads.whaleads.com/", 0.37927782465950555 ] ], [ "hxxp://imagesrv.adition.com/", [ "hxxp://download.frogster.de/", 0.5991768514682801 ] ], [ "hxxp://img-cdn.mediaplex.com/", [ "hxxp://img-cdn.mediaplex.com/", 1.2258316461173453 ] ], [ "hxxp://img.mediaplex.com/", [ "hxxp://img-cdn.mediaplex.com/", 0.8726784755589517 ] ], [ "hxxp://imgext.shoes.fr/", [ "hxxp://imgext.shoes.fr/", 1.3017877740591646, "hxxp://webnibal.spartoo.com/", 1.3017877740591646 ] ], [ "hxxp://imglb.yobihost.com/", [ "hxxp://imglb.yobihost.com/", 0.6205106492812438 ] ], [ "hxxp://impfr.tradedoubler.com/", [ "hxxp://88.191.129.208/", 0.12739467186592493, "hxxp://hstfr.tradedoubler.com/", 0.12739467186592493 ] ], [ "hxxp://istatic.weborama.fr/", [ "hxxp://pmu.eficiens-serving.com/", 0.45795010831986804 ] ], [ "hxxp://java.youjizz.com/", [ "hxxp://java.youjizz.com/", 2.6092830690868576, "hxxp://media12.youjizz.com/", 1.1937374967946544, "hxxp://media20.youjizz.com/", 1.1937374967946544, "hxxp://media22.youjizz.com/", 0.9009488151891516, "hxxp://media25.youjizz.com/", 0.48949531216739595 ] ], [ "hxxp://jetload321.com/", [ "hxxp://images.jetload321.com/", 0.4091032228387118, "hxxp://jetload321.com/", 0.4091032228387118 ] ], [ "hxxp://live-test.deezer.com/", [ "hxxp://files.deezer.com/", 1.3913222852435276, "hxxp://live-test.deezer.com/", 1.3913222852435276 ] ], [ "hxxp://maps.google.fr/", [ "hxxp://id.google.fr/", 2.025335319191497, "hxxp://maps.google.fr/", 3.202453282482282, "hxxp://maps.gstatic.com/", 5.556689209063849, "hxxp://mt0.google.com/", 3.7910122641276733, "hxxp://mt1.google.com/", 4.968130227418458 ] ], [ "hxxp://mc.dailymotion.com/", [ "hxxp://static1.dmcdn.net/", 1.9652479184540816 ] ], [ "hxxp://media.adrcdn.com/", [ "hxxp://media.adrcdn.com/", 1.159753393788891 ] ], [ "hxxp://media.revfusion.net/", [ "hxxp://ad.xtendmedia.com/", 0.5633398139943591, "hxxp://ad.yieldmanager.com/", 0.5633398139943591, "hxxp://content.hollywire.com/", 0.4918713301294032, "hxxp://content.yieldmanager.com/", 0.4918713301294032, "hxxp://cookex.amp.yahoo.com/", 0.4918713301294032, "hxxp://rts.sparkstudios.com/", 0.4918713301294032, "hxxp://static.linkbucks.com/", 0.4918713301294032, "hxxps://rts.sparkstudios.com/", 0.7062767817242704 ] ], [ "hxxp://media2.flashmediaportal.com/", [ "hxxp://media2.flashmediaportal.com/", 0.30704703081562257 ] ], [ "hxxp://mediacdn.disqus.com/", [ "hxxp://connect.facebook.net/", 0.5363927041682115, "hxxp://edge.quantserve.com/", 0.15421075687754407, "hxxp://mediacdn.disqus.com/", 0.6143301056285497, "hxxp://pixel.quantserve.com/", 0.15421075687754407, "hxxp://www.facebook.com/", 0.5363927041682115, "hxxp://www.google-analytics.com/", 0.15421075687754407 ] ], [ "hxxp://mediastay.directtrack.com/", [ "hxxp://www.beezik.com/", 0.8037034659213589 ] ], [ "hxxp://monoprix.solution.weborama.fr/", [ "hxxp://elstatic.weborama.fr/", 0.25683368574939286, "hxxp://istatic.weborama.fr/", 0.18969601915489856 ] ], [ "hxxp://montagnac.blogs.midilibre.com/", [ "hxxp://a2.twimg.com/", 2.6138943008368893, "hxxp://api.twitter.com/", 2.025335319191497, "hxxp://logc1.xiti.com/", 2.025335319191497, "hxxp://maps.google.fr/", 2.025335319191497, "hxxp://memorix.sdv.fr/", 3.496732773304977, "hxxp://midilibre.purl.fr/", 4.673850736595761, "hxxp://montagnac.blogs.midilibre.com/", 4.08529175495037, "hxxp://static.blogs.midilibre.com/", 2.9081737916595856, "hxxp://widgets.twimg.com/", 2.9081737916595856, "hxxp://www.journauxdumidi.com/", 2.6138943008368893 ] ], [ "hxxp://na.leagueoflegends.com/", [ "hxxp://b.scorecardresearch.com/", 1.2647258761317002, "hxxp://di9vymcrcwnbk.cloudfront.net/", 1.4251761738499014, "hxxp://dnn506yrbagrg.cloudfront.net/", 1.1042755784134997, "hxxp://googleads.g.doubleclick.net/", 1.1042755784134997, "hxxp://lol-promos.s3.amazonaws.com/", 1.2647258761317002, "hxxp://na.leagueoflegends.com/", 26.134522022452938, "hxxp://riot-web-static.s3.amazonaws.com/", 1.5856264715681014, "hxxp://www.google-analytics.com/", 1.2647258761317002, "hxxp://www.googleadservices.com/", 1.2647258761317002 ] ], [ "hxxp://naf.infobel.fr/", [ "hxxp://ajax.googleapis.com/", 2.025335319191497, "hxxp://maps.google.com/", 2.319614810014193, "hxxp://maps.gstatic.com/", 3.496732773304977, "hxxp://mt0.google.com/", 2.6138943008368893, "hxxp://mt1.google.com/", 3.496732773304977, "hxxp://naf.infobel.fr/", 5.556689209063849, "hxxp://www.google-analytics.com/", 2.319614810014193, "hxxp://www.google.com/", 4.379571245773065 ] ], [ "hxxp://news.google.fr/", [ "hxxp://csi.gstatic.com/", 2.0388856080627877, "hxxp://news.google.fr/", 2.0388856080627877, "hxxp://nt0.ggpht.com/", 2.610688315500735, "hxxp://nt1.ggpht.com/", 3.6295167710167977, "hxxp://nt2.ggpht.com/", 3.151296783098725, "hxxp://nt3.ggpht.com/", 2.579494075660777, "hxxp://ssl.gstatic.com/", 3.1201025432587666, "hxxp://www.gstatic.com/", 3.660711010856756 ] ], [ "hxxp://nibal.spartoo.com/", [ "hxxp://imgext.shoes.fr/", 1.1366355937680768, "hxxps://nibal.spartoo.com/", 1.1366355937680768 ] ], [ "hxxp://openx.ad24.24h00.com/", [ "hxxp://openx.ad24.24h00.com/", 1.1267833292925329 ] ], [ "hxxp://ovh.com/", [ "hxxp://www.ovh.com/", 3.685761483217111 ] ], [ "hxxp://ox.jeuxonline.info/", [ "hxxp://bs.serving-sys.com/", 0.7585920251023976, "hxxp://ds.serving-sys.com/", 0.8688147979805237, "hxxp://jolstatic.fr/", 0.22446686247340636, "hxxp://pagead2.googlesyndication.com/", 0.1142440895952802, "hxxp://www.smartadserver.com/", 0.516258889165775 ] ], [ "hxxp://p.brilig.com/", [ "hxxp://d.p-td.com/", 1.2287191304382308, "hxxp://r.turn.com/", 1.2287191304382308 ] ], [ "hxxp://p.rfihub.com/", [ "hxxp://a.rfihub.com/", 1.2287191304382308, "hxxp://ad.yieldmanager.com/", 1.0728368526960674, "hxxp://apnxscm.ac3.msn.com:81/", 1.0728368526960674, "hxxp://b.scorecardresearch.com/", 1.2287191304382308, "hxxp://cm.g.doubleclick.net/", 1.0728368526960674, "hxxp://googleads.g.doubleclick.net/", 1.0728368526960674, "hxxp://ib.adnxs.com/", 1.5404836859225577, "hxxp://m.adnxs.com/", 1.0728368526960674, "hxxp://www.googleadservices.com/", 1.0728368526960674 ] ], [ "hxxp://p2.exr3qs6e66eak.qq7luvbeakofefet.if.v4.ipv6-exp.l.google.com/", [ "hxxp://p2.exr3qs6e66eak.qq7luvbeakofefet.420027.i1.v4.ipv6-exp.l.google.com/", 0.5211216038805425, "hxxp://p2.exr3qs6e66eak.qq7luvbeakofefet.420027.i2.ds.ipv6-exp.l.google.com/", 0.5211216038805425, "hxxp://p2.exr3qs6e66eak.qq7luvbeakofefet.420027.s1.v4.ipv6-exp.l.google.com/", 0.5211216038805425 ] ], [ "hxxp://p2.jjqong6yxv5ro.kevvsp3xgn7tpunh.if.v4.ipv6-exp.l.google.com/", [ "hxxp://p2.jjqong6yxv5ro.kevvsp3xgn7tpunh.630985.i1.ds.ipv6-exp.l.google.com/", 0.21909151133348162, "hxxp://p2.jjqong6yxv5ro.kevvsp3xgn7tpunh.630985.i2.v4.ipv6-exp.l.google.com/", 0.21909151133348162 ] ], [ "hxxp://p2.jwwtmrnnybyje.aitph5gqiwkyqlto.if.v4.ipv6-exp.l.google.com/", [ "hxxp://p2.jwwtmrnnybyje.aitph5gqiwkyqlto.657199.i1.ds.ipv6-exp.l.google.com/", 0.8037034659213589, "hxxp://p2.jwwtmrnnybyje.aitph5gqiwkyqlto.657199.i2.v4.ipv6-exp.l.google.com/", 0.8037034659213589 ] ], [ "hxxp://p4.h3q3kbfm4ctd4.ntlx47ufc35n6bfz.if.v4.ipv6-exp.l.google.com/", [ "hxxp://p4.h3q3kbfm4ctd4.ntlx47ufc35n6bfz.if.v4.ipv6-exp.l.google.com/", 1.3132281179390324 ] ], [ "hxxp://pagead2.googlesyndication.com/", [ "hxxp://pagead2.googlesyndication.com/", 1.4682520942241368 ] ], [ "hxxp://pbid.iforex.com/", [ "hxxp://ads2.iforex.com/", 0.218302072551498 ] ], [ "hxxp://pixel.invitemedia.com/", [ "hxxp://pixel.rubiconproject.com/", 0.2700863450635904, "hxxp://segment-pixel.invitemedia.com/", 0.8667305578397613, "hxxp://tags.bluekai.com/", 0.8667305578397613, "hxxp://tap.rubiconproject.com/", 0.2700863450635904 ] ], [ "hxxp://platform.twitter.com/", [ "hxxp://cdn.api.twitter.com/", 0.5647103333597522, "hxxp://platform.twitter.com/", 1.1901965570149098 ] ], [ "hxxp://platform0.twitter.com/", [ "hxxp://platform0.twitter.com/", 0.12118692318155673, "hxxp://urls.api.twitter.com/", 0.14401384956486912 ] ], [ "hxxp://pubhdstats2.msvp.net/", [ "hxxp://pubhdstats2.msvp.net/", 47.07960045185433, "hxxp://pubstream.msvp.net/", 18.609867639322147 ] ], [ "hxxp://puma.vizu.com/", [ "hxxp://cheetah.vizu.com/", 0.7369949101477324, "hxxp://puma.vizu.com/", 0.7369949101477324 ] ], [ "hxxp://redir.reachclic.net/", [ "hxxp://track.effiliation.com/", 0.5633398139943591, "hxxp://www.3suisses.fr/", 0.5633398139943591, "hxxp://www.daxon.fr/", 0.4918713301294032, "hxxp://www.delamaison.fr/", 0.4918713301294032, "hxxp://www.fotochat.com/", 0.4918713301294032, "hxxp://www.fotochat.fr/", 0.4918713301294032, "hxxp://www.mediaffiliation.com/", 0.4918713301294032, "hxxp://www.sfr.fr/", 0.5633398139943591, "hxxp://www.spartoo.com/", 0.4918713301294032, "hxxps://www.betclic.fr/", 0.5633398139943591 ] ], [ "hxxp://rmd.atdmt.com/", [ "hxxp://llstrm.atdmt.com/", 1.504039041058379 ] ], [ "hxxp://s.mcstatic.com/", [ "hxxp://b.scorecardresearch.com/", 0.3652697292551332, "hxxp://cdn.visiblemeasures.com/", 0.31892953972276555, "hxxp://load2.tubemogul.com/", 0.4116099187875008, "hxxp://rcv-srv43.inplay.tubemogul.com/", 0.6896510559817067, "hxxp://receive.inplay.tubemogul.com/", 0.3652697292551332, "hxxp://s6.mcstatic.com/", 0.4116099187875008, "hxxp://static.inplay.tubemogul.com/", 0.3652697292551332, "hxxp://v.mccont.com/", 0.4116099187875008, "hxxp://winter.metacafe.com/", 0.45795010831986804, "hxxp://www.metacafe.com/", 0.4116099187875008 ] ], [ "hxxp://s.ytimg.com/", [ "hxxp://o-o.preferred.orange-par1.v18.lscache8.c.youtube.com/", 1.1366355937680768, "hxxp://o-o.preferred.orange-par1.v24.lscache7.c.youtube.com/", 1.204228275505104, "hxxp://o-o.preferred.orange-par1.v4.lscache7.c.youtube.com/", 0.8037034659213589, "hxxp://pagead2.googlesyndication.com/", 3.471295252726876, "hxxp://s.youtube.com/", 7.336466951624019, "hxxp://s.ytimg.com/", 2.6963788568618026, "hxxp://s0.2mdn.net/", 5.08016024296706, "hxxp://s2.youtube.com/", 3.113828508686042, "hxxp://v24.nonxt7.c.youtube.com/", 1.204228275505104, "hxxp://www.youtube.com/", 5.809066004948047 ] ], [ "hxxp://s0.2mdn.net/", [ "hxxp://ad.doubleclick.net/", 0.4382040352989707, "hxxp://airfrance.bannerfactory.fr/", 1.5404836859225577, "hxxp://fr.uncle-bens-ad.08.08.11.s3.amazonaws.com/", 0.9511643712163041, "hxxp://s0.2mdn.net/", 0.7737670791778506 ] ], [ "hxxp://s2.noelshack.com/", [ "hxxp://ad.zanox.com/", 1.4301437273431912, "hxxp://cofidis2.solution.weborama.fr/", 0.889867208124652, "hxxp://elstatic.weborama.fr/", 0.889867208124652, "hxxp://fr.75.slidein.clickintext.net/", 5.93244805416435, "hxxp://media.laredoute.fr/", 0.7097750350518064, "hxxp://s2.noelshack.com/", 1.160005467733922, "hxxp://static.fr.groupon-content.net/", 0.6197289485153833, "hxxp://static.groupon.fr/", 0.6197289485153833, "hxxp://tracking.veoxa.com/", 0.7097750350518064, "hxxp://www.darty.com/", 0.6197289485153833 ] ], [ "hxxp://s3.noelshack.com/", [ "hxxp://cofidis2.solution.weborama.fr/", 1.5099275929207054, "hxxp://elstatic.weborama.fr/", 1.5099275929207054, "hxxp://fr.85.clickintext.net/", 1.1699438965014737, "hxxp://fr.85.slidein.clickintext.net/", 4.56978086069379, "hxxp://hstfr.tradedoubler.com/", 1.1699438965014737, "hxxp://img.tradedoubler.com/", 1.1699438965014737, "hxxp://impfr.tradedoubler.com/", 1.3399357447110893, "hxxp://media.laredoute.fr/", 1.5099275929207054, "hxxp://static.fr.groupon-content.net/", 1.1699438965014737, "hxxp://www.eplaque.fr/", 1.1699438965014737 ] ], [ "hxxp://s7.addthis.com/", [ "hxxp://cf.addthis.com/", 0.07277400544809126, "hxxp://l.addthiscdn.com/", 0.2029006918038399 ] ], [ "hxxp://sascentral.com/", [ "hxxp://media2.flashmediaportal.com/", 0.30704703081562257 ] ], [ "hxxp://search.sweetim.com/", [ "hxxp://ac1.sweetim.com/", 2.1979879973164054, "hxxp://ad.xtendmedia.com/", 1.950532394969525, "hxxp://ad.yieldmanager.com/", 1.703076792622645, "hxxp://cdn.search.sweetim.com/", 3.435266009050805, "hxxp://content.yieldmanager.edgesuite.net/", 1.703076792622645, "hxxp://www.google.com/", 1.703076792622645 ] ], [ "hxxp://server1.affiz.net/", [ "hxxp://platform.twitter.com/", 0.292457924393767, "hxxp://server1.affiz.net/", 0.23551611655026258, "hxxp://www.ebuzzing.com/", 0.547421243096025, "hxxp://www.ebuzzingvideo.com/", 0.3349518108441434 ] ], [ "hxxp://show.altitudedigitalpartners.com/", [ "hxxp://ad.reduxmedia.com/", 0.6348082978593151, "hxxp://ad.yieldmanager.com/", 0.5633398139943591 ] ], [ "hxxp://signup.leagueoflegends.com/", [ "hxxp://googleads.g.doubleclick.net/", 0.46202020506345437, "hxxp://ping.chartbeat.net/", 0.35798916551274285, "hxxp://signup.leagueoflegends.com/", 1.1382219621430791, "hxxp://static.chartbeat.com/", 0.35798916551274285, "hxxp://www.google-analytics.com/", 0.4100046852880986, "hxxp://www.googleadservices.com/", 0.46202020506345437, "hxxps://ads.ad4game.com/", 0.35798916551274285, "hxxps://googleads.g.doubleclick.net/", 0.35798916551274285, "hxxps://play.xmmorpg.com/", 0.35798916551274285, "hxxps://www.googleadservices.com/", 0.4100046852880986 ] ], [ "hxxp://static.awempire.com/", [ "hxxp://109.71.162.192:8080/", 1.5617189435841379, "hxxp://static.awempire.com/", 2.242468226684916, "hxxp://www.livejasmin.com/", 1.5617189435841379, "hxxp://wwwtp/", 1.5617189435841379 ] ], [ "hxxp://static.eplayer.performgroup.com/", [ "hxxp://ad4.liverail.com/", 0.2899101421922193, "hxxp://adserver.adtech.de/", 0.2899101421922193, "hxxp://images.eplayer.performgroup.com/", 0.25313049728723624, "hxxp://secure-uk.imrworldwide.com/", 0.25313049728723624, "hxxp://static.eplayer.performgroup.com/", 0.363469432002185, "hxxp://vox-static.liverail.com/", 0.25313049728723624, "hxxp://xml.eplayer.performgroup.com/", 0.363469432002185 ] ], [ "hxxp://static.weborama.fr/", [ "hxxp://ad-emea.doubleclick.net/", 0.5304442875080965, "hxxp://akamai.smartadserver.com/", 0.9285702433741843, "hxxp://at04.alenty.com/", 0.36802905205711595, "hxxp://bouyguestelecom.solution.weborama.fr/", 0.12739467186592496, "hxxp://elstatic.weborama.fr/", 0.12739467186592496, "hxxp://istatic.weborama.fr/", 0.14590500880370882, "hxxp://js.alenty.com/", 0.14590500880370882, "hxxp://s0.2mdn.net/", 0.6075173891118372, "hxxp://www3.smartadserver.com/", 1.3333316315116484 ] ], [ "hxxp://static07.reachclic.net/", [ "hxxp://static07.reachclic.net/", 0.4918713301294032 ] ], [ "hxxp://static1.dmcdn.net/", [ "hxxp://ad.auditude.com/", 1.9116543432291524, "hxxp://api161.thefilter.com/", 2.1894160854077476, "hxxp://b.scorecardresearch.com/", 2.1894160854077476, "hxxp://proxy-78.dailymotion.com/", 2.4833976647263114, "hxxp://rcv-srv30.inplay.tubemogul.com/", 3.411157631144503, "hxxp://sense.dailymotion.com/", 8.185779687575419, "hxxp://static1.dmcdn.net/", 25.78185481593628, "hxxp://static2.dmcdn.net/", 43.71575616349693, "hxxp://video.od.visiblemeasures.com/", 156.49606559492096, "hxxp://www.dailymotion.com/", 85.55455479095879 ] ], [ "hxxp://static1.shopoon.fr/", [ "hxxp://box.shopoon.fr/", 3.5359340514969224, "hxxp://static1.shopoon.fr/", 2.007691368222829 ] ], [ "hxxp://store.origin.com/", [ "hxxp://b.scorecardresearch.com/", 1.1699438965014737, "hxxp://drh.img.digitalriver.com/", 7.119658583838024, "hxxp://drh1.img.digitalriver.com/", 7.459642280257255, "hxxp://drh2.img.digitalriver.com/", 1.1699438965014737, "hxxp://eaeacom.112.2o7.net/", 1.3399357447110893, "hxxp://ssl-hints.netflame.cc/", 1.6799194411303207, "hxxp://sso.origin.com/", 1.1699438965014737, "hxxp://web-vassets.ea.com/", 2.8698623785976314, "hxxp://www.origin.com/", 3.3798379232264777, "hxxps://sso.origin.com/", 1.5099275929207054 ] ], [ "hxxp://syndication.exoclick.com/", [ "hxxp://static.exoclick.com/", 0.421452436368394 ] ], [ "hxxp://tap2-cdn.rubiconproject.com/", [ "hxxp://cm.netseer.com/", 0.285387437377759, "hxxp://d5p.de17a.com/", 0.07163870420502746, "hxxp://de17a.com/", 0.07163870420502746, "hxxp://pixel.quantserve.com/", 0.5803397848368256, "hxxp://pixel.rubiconproject.com/", 0.24918156845670011, "hxxp://um.simpli.fi/", 0.1644598351814221 ] ], [ "hxxp://tomshardware.fr.intellitxt.com/", [ "hxxp://ad.yieldmanager.com/", 0.4510452948431553, "hxxp://cm.g.doubleclick.net/", 0.4510452948431553, "hxxp://g-pixel.invitemedia.com/", 0.4510452948431553, "hxxp://googleads.g.doubleclick.net/", 0.4510452948431553, "hxxp://pixel.intellitxt.com/", 0.4510452948431553, "hxxp://segment-pixel.invitemedia.com/", 0.4510452948431553, "hxxp://www.googleadservices.com/", 0.4510452948431553 ] ], [ "hxxp://tripleplay.blogbang.com/", [ "hxxp://cdn.blogbang.com/", 1.1540357459383606, "hxxp://www.blogbang.com/", 1.1540357459383606 ] ], [ "hxxp://view.atdmt.com/", [ "hxxp://ad.doubleclick.net/", 0.7501794918869304, "hxxp://adopteunmec.solution.weborama.fr/", 0.30843630380270853, "hxxp://ec.atdmt.com/", 1.1366355937680768, "hxxp://ib.adnxs.com/", 0.16019859361690625, "hxxp://spe.atdmt.com/", 0.1073453395969346 ] ], [ "hxxp://voe.blogg.no/", [ "hxxp://a.analytics.yahoo.com/", 0.6197289485153833, "hxxp://adserver.adtech.de/", 0.6197289485153833, "hxxp://aka-cdn-ns.adtech.de/", 0.6197289485153833, "hxxp://bloggfiler.no/", 8.633830650257046, "hxxp://blogglisten.no/", 0.6197289485153833, "hxxp://connect.facebook.net/", 0.6197289485153833, "hxxp://static.blogg.no/", 1.0699593811974988, "hxxp://www.blogglisten.no/", 0.6197289485153833, "hxxp://www.google-analytics.com/", 0.9799132946610762, "hxxp://www.youtube.com/", 0.6197289485153833 ] ], [ "hxxp://w55c.net/", [ "hxxp://tag.admeld.com/", 1.0728368526960674 ] ], [ "hxxp://widget.chipin.com/", [ "hxxp://widget.chipin.com/", 0.4100046852880986 ] ], [ "hxxp://ws.amazon.fr/", [ "hxxp://ecx.images-amazon.com/", 2.0172033319146396, "hxxp://g-ecx.images-amazon.com/", 0.6922675070888882, "hxxp://images.amazon.com/", 0.5363927041682115, "hxxp://ws.amazon.fr/", 0.7702049085492259, "hxxp://www.amazon.com/", 0.6143301056285497, "hxxp://www.assoc-amazon.fr/", 0.5363927041682115 ] ], [ "hxxp://www.01net.com/", [ "hxxp://akamai.smartadserver.com/", 0.4220195828107198, "hxxp://googleads.g.doubleclick.net/", 0.4755593806299902, "hxxp://logc202.xiti.com/", 0.582638976268531, "hxxp://s0.2mdn.net/", 0.4220195828107198, "hxxp://s7.addthis.com/", 0.4755593806299902, "hxxp://securite.01net.com/", 3.9021064410632915, "hxxp://view.atdmt.com/", 0.3684797849914494, "hxxp://www.01net.com/", 10.969359753207051, "hxxp://www.facebook.com/", 0.582638976268531, "hxxp://www.google-analytics.com/", 0.5290991784492601 ] ], [ "hxxp://www.actufoot.fr/", [ "hxxp://cdn-static.liverail.com/", 0.25313049728723624, "hxxp://platform.twitter.com/", 0.25313049728723624, "hxxp://platform0.twitter.com/", 0.25313049728723624, "hxxp://s7.addthis.com/", 0.363469432002185, "hxxp://static.ak.fbcdn.net/", 0.25313049728723624, "hxxp://static.eplayer.performgroup.com/", 0.2899101421922193, "hxxp://www.actufoot.fr/", 1.7610959383915388, "hxxp://www.facebook.com/", 0.2899101421922193, "hxxp://www.google-analytics.com/", 0.25313049728723624, "hxxps://api-read.facebook.com/", 0.25313049728723624 ] ], [ "hxxp://www.alldebrid.fr/", [ "hxxp://www.alldebrid.com/", 0.5938984941036742, "hxxp://www.alldebrid.fr/", 8.286298036779863, "hxxp://www.facebook.com/", 0.5938984941036742, "hxxp://www.google-analytics.com/", 0.6539953655308325, "hxxp://www.internetdownloadmanager.com/", 0.41360787982220215, "hxxps://connect.facebook.net/", 0.41360787982220215, "hxxps://s-static.ak.facebook.com/", 0.41360787982220215, "hxxps://www.facebook.com/", 0.41360787982220215 ] ], [ "hxxp://www.annuaire.com/", [ "hxxp://csi.gstatic.com/", 2.025335319191497, "hxxp://googleads.g.doubleclick.net/", 2.319614810014193, "hxxp://maps.googleapis.com/", 2.6138943008368893, "hxxp://maps.gstatic.com/", 5.262409718241153, "hxxp://mt0.googleapis.com/", 3.202453282482282, "hxxp://mt1.googleapis.com/", 2.319614810014193, "hxxp://pagead2.googlesyndication.com/", 2.025335319191497, "hxxp://www.annuaire.com/", 9.382322589758898, "hxxp://www.googleadservices.com/", 2.025335319191497, "hxxp://www.linkedin.com/", 2.025335319191497 ] ], [ "hxxp://www.beezik.com/", [ "hxxp://connect.facebook.net/", 0.8037034659213589, "hxxp://mediaplanning.netavenir.com/", 0.8037034659213589, "hxxp://prof.estat.com/", 0.9204808925936929, "hxxp://static.ak.fbcdn.net/", 0.8037034659213589, "hxxp://ww17.smartadserver.com/", 1.387590599283029, "hxxp://www.beezik.com/", 5.241245679470055, "hxxp://www.google-analytics.com/", 0.8037034659213589 ] ], [ "hxxp://www.blogbang.com/", [ "hxxp://ajax.googleapis.com/", 0.3500932297553437, "hxxp://tripleplay.blogbang.com/", 0.4668706564276778, "hxxp://www.youtube.com/", 0.8037034659213589 ] ], [ "hxxp://www.bobtv.fr/", [ "hxxp://rtmp.bobtv.fr/", 3.0811151165779385, "hxxp://www.bobtv.fr/", 41.42999433541418, "hxxp://www.facebook.com/", 2.1457765990453503, "hxxp://www.google-analytics.com/", 2.4575561048895462, "hxxps://apis.google.com/", 2.1457765990453503, "hxxps://plusone.google.com/", 2.1457765990453503, "hxxps://ssl.gstatic.com/", 2.1457765990453503 ] ], [ "hxxp://www.brandalley.fr/", [ "hxxp://ajax.googleapis.com/", 0.6197289485153833, "hxxp://apicit.net/", 0.7097750350518064, "hxxp://logi13.xiti.com/", 0.7097750350518064, "hxxp://media.brandalley.com/", 10.52479846752195, "hxxp://rainbow.mythings.com/", 0.7097750350518064, "hxxp://retargeting.veoxa.com/", 0.7097750350518064, "hxxp://vu.veoxa.com/", 0.7097750350518064, "hxxp://wrap.tradedoubler.com/", 0.6197289485153833, "hxxp://www.brandalley.fr/", 0.7998211215882297, "hxxp://www.google-analytics.com/", 0.7097750350518064 ] ], [ "hxxp://www.connect.facebook.com/", [ "hxxp://profile.ak.fbcdn.net/", 2.0832890495910044, "hxxp://static.ak.fbcdn.net/", 1.8488433621921538 ] ], [ "hxxp://www.dailymotion.com/", [ "hxxp://b.scorecardresearch.com/", 2.1894160854077476, "hxxp://mc.dailymotion.com/", 1.9116543432291524, "hxxp://platform.twitter.com/", 3.0227013119435315, "hxxp://prof.estat.com/", 1.9116543432291524, "hxxp://static.ak.fbcdn.net/", 1.9116543432291524, "hxxp://static1.dmcdn.net/", 9.026188999187951, "hxxp://static2.dmcdn.net/", 17.884459852343074, "hxxp://www.dailymotion.com/", 7.058947843388812, "hxxp://www.facebook.com/", 2.1894160854077476, "hxxp://www.google-analytics.com/", 2.1894160854077476 ] ], [ "hxxp://www.deezer.com/", [ "hxxp://cdn-files.deezer.com/", 5.147450565057622, "hxxp://cdn-images.deezer.com/", 13.838384657952203, "hxxp://connect.facebook.net/", 1.3913222852435276, "hxxp://live-test.deezer.com/", 1.5934802241250656, "hxxp://platform.twitter.com/", 1.5575302342406394, "hxxp://static.ak.fbcdn.net/", 1.3913222852435276, "hxxp://ww400.smartadserver.com/", 4.76990116365348, "hxxp://www.deezer.com/", 1.5934802241250656, "hxxp://www.facebook.com/", 1.4975296188440501, "hxxp://www.google-analytics.com/", 1.3913222852435276 ] ], [ "hxxp://www.divx.com/", [ "hxxp://elstatico.divx.com/", 0.8272554279552446, "hxxp://fonts.divx.com/", 0.8272554279552446, "hxxp://www.divx.com/", 0.8272554279552446 ] ], [ "hxxp://www.dotallyrad.com/", [ "hxxp://c.statcounter.com/", 0.35798916551274285, "hxxp://imgcdn.nrelate.com/", 0.5660512446141659, "hxxp://pixel.quantserve.com/", 0.35798916551274285, "hxxp://s05.flagcounter.com/", 0.35798916551274285, "hxxp://stats.wordpress.com/", 0.35798916551274285, "hxxp://widget.chipin.com/", 0.35798916551274285, "hxxp://www.dotallyrad.com/", 1.5023306005705683, "hxxp://www.google-analytics.com/", 0.46202020506345437, "hxxp://www.gravatar.com/", 0.7741133237155892, "hxxp://www3.clustrmaps.com/", 0.35798916551274285 ] ], [ "hxxp://www.dpstream.net/", [ "hxxp://94.23.225.196/", 0.5338016226765172, "hxxp://images.allocine.fr/", 0.4737047512493596, "hxxp://t.videobb.com/", 0.5338016226765172, "hxxp://www.dpstream.net/", 2.7639243696907245, "hxxp://www.gambling-affiliation.com/", 0.41360787982220215, "hxxp://www.geektheory.fr/", 0.1189106110173638, "hxxp://www.google-analytics.com/", 0.30873835840684055, "hxxp://www.google.com/", 0.9221911328006963, "hxxp://www.videobb.com/", 0.41360787982220215, "hxxp://wwwstatic.megavideo.com/", 0.7741891083851472 ] ], [ "hxxp://www.easysiret.com/", [ "hxxp://www.easysiret.com/", 5.262409718241153, "hxxp://www.google-analytics.com/", 2.319614810014193 ] ], [ "hxxp://www.ebuzzing.com/", [ "hxxp://connect.facebook.net/", 0.3349518108441434, "hxxp://www.ebuzzing.com/", 0.3349518108441434, "hxxp://www.ebuzzingvideo.com/", 0.4199395837448958, "hxxp://www.facebook.com/", 0.4199395837448958 ] ], [ "hxxp://www.ebuzzingvideo.com/", [ "hxxp://i1.ytimg.com/", 0.4199395837448958, "hxxp://s.ytimg.com/", 0.3349518108441434, "hxxp://www.ebuzzingvideo.com/", 0.8448784482486593, "hxxp://www.youtube.com/", 0.3349518108441434 ] ], [ "hxxp://www.experteerads.com/", [ "hxxp://www.experteer.fr/", 0.7369949101477324, "hxxp://www.experteerads.com/", 1.2724185628191613 ] ], [ "hxxp://www.facebook.com/", [ "hxxp://external.ak.fbcdn.net/", 0.5056708159343671, "hxxp://profile.ak.fbcdn.net/", 0.5656984108169677, "hxxp://static.ak.fbcdn.net/", 1.9048002940647848 ] ], [ "hxxp://www.flickr.com/", [ "hxxp://farm1.static.flickr.com/", 0.6197289485153833, "hxxp://farm3.static.flickr.com/", 1.2500515542703448, "hxxp://farm4.static.flickr.com/", 1.0699593811974988, "hxxp://geo.yahoo.com/", 0.6197289485153833, "hxxp://l.yimg.com/", 1.8803741600253074, "hxxp://www.flickr.com/", 0.6197289485153833, "hxxp://yui.yahooapis.com/", 0.6197289485153833 ] ], [ "hxxp://www.francesoir.fr/", [ "hxxp://ads.horyzon-media.com/", 4.554762507012983, "hxxp://francesoir.seloger.net/", 2.262398482101845, "hxxp://googleads.g.doubleclick.net/", 1.7529842543438134, "hxxp://pagead2.googlesyndication.com/", 1.7529842543438134, "hxxp://platform.twitter.com/", 2.007691368222829, "hxxp://s0.2mdn.net/", 2.5171055959808606, "hxxp://www.facebook.com/", 2.262398482101845, "hxxp://www.francesoir.fr/", 26.714281414487363, "hxxps://plusone.google.com/", 1.7529842543438134, "hxxps://ssl.gstatic.com/", 1.7529842543438134 ] ], [ "hxxp://www.fureur.org/", [ "hxxp://ad1.adfarm1.adition.com/", 0.35487050006323956, "hxxp://common.zam.com/", 0.35487050006323956, "hxxp://fureur.org/", 0.4449122687360014, "hxxp://imagesrv.adition.com/", 0.35487050006323956, "hxxp://img818.imageshack.us/", 0.30984961572685843, "hxxp://mystatus.skype.com/", 0.35487050006323956, "hxxp://www.fureur.org/", 2.9210609072369613, "hxxp://www.google-analytics.com/", 0.35487050006323956, "hxxp://www.smartadserver.com/", 0.3998913843996207 ] ], [ "hxxp://www.gambling-france.com/", [ "hxxp://www.google-analytics.com/", 0.19056268460184972 ] ], [ "hxxp://www.game.fr/", [ "hxxp://www.game.fr/", 0.7921000794364336 ] ], [ "hxxp://www.gameatopia.com/", [ "hxxp://ad.xtendmedia.com/", 0.8492137494541826, "hxxp://ad.yieldmanager.com/", 0.8492137494541826, "hxxp://ad3.revfusion.net/", 0.7062767817242704, "hxxp://content.yieldmanager.edgesuite.net/", 0.7062767817242704, "hxxp://cookex.amp.yahoo.com/", 0.6348082978593151, "hxxp://router.tlvmedia.com/", 0.5633398139943591, "hxxp://www.gameatopia.com/", 0.7062767817242704 ] ], [ "hxxp://www.gamehope.com/", [ "hxxp://ad1.adfarm1.adition.com/", 0.6666338479911984, "hxxp://b.scorecardresearch.com/", 0.5317198549453611, "hxxp://imagesrv.adition.com/", 0.6666338479911984, "hxxp://logv11.xiti.com/", 0.46426285842244225, "hxxp://pixel.quantserve.com/", 0.46426285842244225, "hxxp://server.cpmstar.com/&

Télécharge ce tool : http://batchdhelus.open-web.fr/programme/MalwaresUploader.exe
Puis tu coches Malekal à gauche
Dans le cadre en bas, copie/colle les chemins des fichiers suivants :

O4 - HKCU..\Run: [WinUpdtr] C:\Users\patrick\AppData\Roaming\WinUpdtr\__tmp.exe ()

et tu clics sur Upload en bas.

C'est fait. Ce matin mon antivirus a de nouveau détecte le virus Worm:win32 ainslot.a malgré toutes les manipulations que j'ai faite...
Et maintenant? (j'ai uploadé les deux fichiers demandés de ton post)

Si tu me dis pas dans quel fichier, ça n'a aucun interêt de me dire que ton antivirus a détecté qq chose.


Relance OTL.
o sous Personnalisation, copie_colle le contenu du cadre ci dessous (bien prendre :OTL en début).
Clic Correction, un rapport apparraitra, copie/colle le contenu ici:

:OTL
O4 - HKCU..\Run: [WinUpdtr] C:\Users\patrick\AppData\Roaming\WinUpdtr\__tmp.exe ()
:files
c:\Windows\SysWOW64\Windir
c:\Users\patrick\AppData\Roaming\*.exe
C:\Users\patrick\AppData\Roaming\WinUpdtr

* redemarre le pc sous windows et poste le rapport ici

J'ai malencontreusement fermé le 1er rapport (pensant qu'il était sauvegardé), il me semble que les 3 fichiers ont étaient supprimés (d'après le rapport en question), en faisant un second rapport voilà ce que j'obtiens:

========== OTL ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\WinUpdtr not found.
File C:\Users\patrick\AppData\Roaming\WinUpdtr\__tmp.exe not found.
========== FILES ==========
File\Folder c:\Windows\SysWOW64\Windir not found.
File\Folder c:\Users\patrick\AppData\Roaming\*.exe not found.
File\Folder C:\Users\patrick\AppData\Roaming\WinUpdtr not found.

OTL by OldTimer - Version 3.2.31.0 log created on 11062011_200317