mon pace rame bcp trop Fermé

Question

Bonjour,
 voila j'ai essayé de suivre les étapes que j'ai trouvé sur le site et j'ai eu ce rapport suivant:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:08:15, on 10/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\EoRezo\EoEngine.exe
C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Au travail !Arrêtez de surfer!
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\wscript.exe,userinit.exe
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Device Detector 3.lnk = C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.106 85.255.112.123
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.106 85.255.112.123
O23 - Service: Service de configuration Atheros (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe (file missing)
O23 - Service: Symantec Password Validation (ccPwdSvc) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe (file missing)
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Norton Protection Center Service (NSCService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE (file missing)
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe (file missing)
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Destrio5 · Answer

Salut,

---> Désinstalle EoEngine.

&#9679; Télécharge AD-Remover (de Cyrildu17 / C_XX) sur ton Bureau.

/!\ Déconnecte-toi et ferme toutes applications en cours /!\

&#9679; Double-clique sur le programme d'installation, installe-le dans son emplacement par défaut (C:\Program files).
&#9679; Double-clique sur l'icône Ad-remover située sur ton Bureau.
&#9679; Au menu principal, choisis l'option "A".
&#9679; Poste le rapport qui apparaît à la fin.

(Le rapport est sauvegardé aussi sous C:\Ad-report(date).log)

(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

Note :

"Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

crapoulou · Answer

Edit : Je laisse Destrio :D

flower_2009 · Answer

d'abord je vous remercie de m'avoir répondu et merci infiniment destrio5,
voila j'ai suivi toutes les étapes que vous m'avez demandé et le rapport:



------- Logfile of AD-Remover 1.0.8.8 by C_XX | ONLY XP/VISTA -------

# START AT: 10:29:59 | Dim 11/01/2009 | Microsoft® Windows XP™  SP2 (v5.1.2600)
# BOOT MODE: Normal
# OPTION: Scan | EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat
# PC: YOUR-A734457C79 | USER: samira eddamani ( Current user is an administrator)
# DRIVE(S): 
- C:\  (File System: NTFS)
- E:\  (File System: FAT)
# System Drive: C:\
# Windows Directory: C:\WINDOWS\
# System Directory: C:\WINDOWS\system32\

--- RUNNING PROCESSES: 36

+--------------------| Boonty/Boonty Games Elements found :

.
Service: "Boonty Games"
.
HKLM\Software\Boonty
HKLM\SYSTEM\ControlSet001\Services\Boonty Games
HKLM\SYSTEM\CurrentControlSet\Services\Boonty Games
HKLM\SYSTEM\ControlSet003\Services\Boonty Games
.
C:\Program Files\BoontyGames
C:\Program Files\BoontyGames\adiboudchouetlejardindessurprises.exe
C:\Program Files\BoontyGames\Alexandra Ledermann 5
C:\Program Files\BoontyGames\alexandraledermann5.exe
C:\Program Files\BoontyGames\Components
C:\Program Files\BoontyGames\zumadeluxe.exe
C:\Program Files\BoontyGames\Alexandra Ledermann 5\SHELL_DEFAULT_HTML
C:\Program Files\BoontyGames\Alexandra Ledermann 5\SHELL_DEFAULT_HTML\Images
C:\Program Files\BoontyGames\Alexandra Ledermann 5\SHELL_DEFAULT_HTML\Images\wait.gif
C:\Program Files\BoontyGames\Components\bureau.url
C:\Program Files\BoontyGames\Components\Joystick.ico
C:\Program Files\BoontyGames\Components\start.url
C:\Program Files\Fichiers communs\BOONTY Shared
C:\Program Files\Fichiers communs\BOONTY Shared\Service
C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
C:\Documents and Settings\All Users\Application Data\BOONTY
C:\Documents and Settings\All Users\Application Data\BOONTY\Licenses
C:\Documents and Settings\All Users\Application Data\BOONTY\Licenses\B3186000.dat
C:\Documents and Settings\All Users\Application Data\BOONTY\Licenses\B37E5000.dat

+--------------------| Eorezo Elements found :

.
HKCR\EoRezoBHO.EoBho
HKCR\EoRezoBHO.EoBho.1
HKCU\SOFTWARE\EoRezo
HKLM\SOFTWARE\EoRezo
HKLM\SOFTWARE\Classes\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}
HKLM\SOFTWARE\Classes\AppID\EoRezoBHO.DLL
HKLM\SOFTWARE\Classes\TypeLib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersionun\EoEngine
.
C:\Documents and Settings\samira eddamani\Application Data\EoRezo
C:\Documents and Settings\samira eddamani\Application Data\EoRezo\cache
C:\Documents and Settings\samira eddamani\Application Data\EoRezo\cmhost.cyp
C:\Documents and Settings\samira eddamani\Application Data\EoRezo\ConfMedia.cyp
C:\Documents and Settings\samira eddamani\Application Data\EoRezo\db
C:\Documents and Settings\samira eddamani\Application Data\EoRezo\eoDesktop
C:\Documents and Settings\samira eddamani\Application Data\EoRezo\host.cyp
C:\Documents and Settings\samira eddamani\Application Data\EoRezo\SoftwareUpdate
C:\Documents and Settings\samira eddamani\Application Data\EoRezo\user.cyp
C:\Documents and Settings\samira eddamani\Application Data\EoRezo\db\cat.cyp
C:\Documents and Settings\samira eddamani\Application Data\EoRezo\eoDesktop\config.xml
C:\Documents and Settings\samira eddamani\Application Data\EoRezo\eoDesktop\eoDesktop.html
C:\Documents and Settings\samira eddamani\Application Data\EoRezo\eoDesktop\userConfig.xml
C:\Documents and Settings\samira eddamani\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdate.exe
C:\Documents and Settings\samira eddamani\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
C:\Documents and Settings\samira eddamani\Application Data\EoRezo\SoftwareUpdate\unins000.dat
C:\Documents and Settings\samira eddamani\Application Data\EoRezo\SoftwareUpdate\unins000.exe
C:\Documents and Settings\samira eddamani\Application Data\EoRezo\SoftwareUpdate\user_config.cyp
C:\Documents and Settings\samira eddamani\Application Data\EoRezo\SoftwareUpdate\user_profil.cyp
C:\DOCUME~1\SAMIRA~1\LOCALS~1\Temp\Cookies\samira_eddamani@eorezo[1].txt
C:\DOCUME~1\SAMIRA~1\LOCALS~1\Temp\Cookies\samira_eddamani@eorezo[2].txt
C:\WINDOWS\Prefetch\EOENGINE.EXE-020B3EA2.pf
C:\WINDOWS\Prefetch\SETUP_EOENGINE.EXE-30DE3A4E.pf

+--------------------| Everest Poker Elements found :

.
.

+--------------------| FunWebProducts/MyWay/MyWebSearch/MyGlobalSearch Elements found :

.
.

+--------------------| It's TV Elements found :

.

+--------------------| Sweetim Elements found :

.
HKCR\SWEETIE.IEToolbar
HKCR\SWEETIE.IEToolbar.1
HKCR\SWEETIE.SWEETIE
HKCR\SWEETIE.SWEETIE.1
HKCR\Typelib\{58906392-79C4-497C-ACC6-6942B59F1A08}
HKCU\SOFTWARE\SWEETIE
HKCU\SOFTWARE\Microsoft\Installer\Upgradecodes\A97CEC23332751B47BA4B95BAA50C9D0
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A0AADCD-3A72-4B5F-900F-E3BB5A838E2A}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
HKLM\SOFTWARE\Macrogaming
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
HKLM\~\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
HKLM\~\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
HKLM\~\UserData\S-1-5-21-3117846246-626433616-840302518-1006\Components\96D82BE152767B245B7D948EF9126F46
HKLM\~\UserData\S-1-5-21-3117846246-626433616-840302518-1006\Components\C34CFCB49C8F0814C88A64469E1A2B9E
HKLM\~\UserData\S-1-5-21-3117846246-626433616-840302518-1006\Components\DF75D238060B32E42A452FB5F328222E
.
C:\WINDOWS\INSTALLER\1e121c5.msi
C:\Program Files\Macrogaming
C:\Program Files\Macrogaming\SweetIM
C:\Program Files\Macrogaming\SweetIMBarForIE
C:\Program Files\Macrogaming\SweetIM\conf
C:\Program Files\Macrogaming\SweetIM\data
C:\Program Files\Macrogaming\SweetIM\conf\users
C:\Program Files\Macrogaming\SweetIM\conf\users\abdousamira@hotmail.fr
C:\Program Files\Macrogaming\SweetIM\conf\users\main_user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\abdousamira@hotmail.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\abdousamira@hotmail.fr\lastuse_Audibles.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\abdousamira@hotmail.fr\lastuse_DisplayPictures.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\abdousamira@hotmail.fr\lastuse_SoundFX.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\abdousamira@hotmail.fr\lastuse_SpecialFX.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\abdousamira@hotmail.fr\lastuse_Winks.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\abdousamira@hotmail.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\data\contentdb
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100AD.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100B3.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100B6.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100B7.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100CC.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100CD.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100CF.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100D1.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100D2.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100D3.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100D5.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100E8.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100FD.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100FF.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010104.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010106.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010123.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010124.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001081A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001081B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010846.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010847.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010848.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010853.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010856.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010859.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001085B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001085D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010860.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010867.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010871.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010889.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001088C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001088D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010891.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010892.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010893.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010894.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010896.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001089A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001089B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001089C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001089D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001089E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108A0.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108A2.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108A4.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108AA.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108AB.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108AD.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108AF.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108B2.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108C0.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108C1.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108C2.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108C4.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108C5.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108C9.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108CD.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108D1.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108D4.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020075.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002007D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020144.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000201E8.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020239.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003002B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003002E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003002F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030031.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030036.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030037.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030038.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030039.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003003D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003003F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030040.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030049.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003004A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003004B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030053.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030058.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003005B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003005D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003005F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030062.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030063.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030066.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003006B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003006C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030075.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030079.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003007A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003007C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040022.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040024.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040027.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040028.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040029.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004002B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004002F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040036.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040039.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004003C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040049.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004005A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040065.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040067.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004006A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040077.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004007E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000400B0.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000400B1.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000400CA.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000400E8.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000400F3.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00050004.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00050005.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00060081.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000600A7.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000600B6.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000600C2.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000600C4.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000600DD.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00060179.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\010108A7.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\01050001.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\01050002.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\01050007.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\cache_indx.dat
C:\Program Files\Macrogaming\SweetIMBarForIE\affid.dat
C:\Program Files\Macrogaming\SweetIMBarForIE\basis.xml
C:\Program Files\Macrogaming\SweetIMBarForIE\Bookmarks_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Cache
C:\Program Files\Macrogaming\SweetIMBarForIE\Email_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Games_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Greetingcards_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Mobile_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Music_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\News_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Shoping_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\SmileySmile.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\SmileyWink.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\sweetimicons.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE	oolbar.crc
C:\Program Files\Macrogaming\SweetIMBarForIE	oolbar.xml
C:\Program Files\Macrogaming\SweetIMBarForIE\version.txt
C:\Program Files\Macrogaming\SweetIMBarForIE\_toolbar.dll
C:\Program Files\Macrogaming\SweetIMBarForIE\Cache\cd2005c66fba47ff715ecc444d3bc1fb.xml
C:\Documents and Settings\samira eddamani\Bureau\SweetImSetup.exe

+--------------------| ADDED SCAN :


+---------- Scanning prefs.js ... ( # Mozilla User Preferences )

..\yapwfw31.default\prefs.js :

~~~~ Mozilla FireFox version  [Unable to get version] ~~~~

* Browser Search Default Engine:  "Google"
* Browser Search Selected Engine:  "Google"
* Browser Search Selected Engine:  "Live Search"
* Browser Search Default Url:  "https://www.google.com/webhp?lr=&ie=UTF-8&oe=UTF-8&gws_rd=ssl"
* Browser Startup HomePage:  "http://eo.st"
* Browser Startup HomePage:  "UTF-8

.
FOUND - user_pref("browser.startup.homepage", "http://eo.st");

+---------------------------------------------------------------------------+


~~~~ Internet Explorer version 7.0.5730.13 ~~~~

+--[HKEY_CURRENT_USER\..\Internet Explorer\MAIN]

Start Page : hxxp://go.microsoft.com/fwlink/?linkid=677
Start Page : hxxp://www.google.fr/\0\0

+--[HKEY_LOCAL_MACHINE\..\Internet Explorer\MAIN]

Start Page : hxxp://go.microsoft.com/fwlink/?LinkId=69157

+---------------------------------------------------------------------------+

[~17746 bytes] - "C:\AD-report-Scan-11.01.2009.log"

# END at: 10:30:50 | 11/01/2009 - Time elapsed: 51.0 seconds 

+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 290 lines ]
+---------------------------------------------------------------------------+

et merci d'avance

flower_2009 · Answer

d'abord je vous remercie de m'avoir répondu et merci infiniment destrio5,
voila j'ai suivi toutes les étapes que vous m'avez demandé et le rapport:



------- Logfile of AD-Remover 1.0.8.8 by C_XX | ONLY XP/VISTA -------

# START AT: 10:29:59 | Dim 11/01/2009 | Microsoft® Windows XP™  SP2 (v5.1.2600)
# BOOT MODE: Normal
# OPTION: Scan | EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat
# PC: YOUR-A734457C79 | USER: samira eddamani ( Current user is an administrator)
# DRIVE(S): 
- C:\  (File System: NTFS)
- E:\  (File System: FAT)
# System Drive: C:\
# Windows Directory: C:\WINDOWS\
# System Directory: C:\WINDOWS\system32\

--- RUNNING PROCESSES: 36

+--------------------| Boonty/Boonty Games Elements found :

.
Service: "Boonty Games"
.
HKLM\Software\Boonty
HKLM\SYSTEM\ControlSet001\Services\Boonty Games
HKLM\SYSTEM\CurrentControlSet\Services\Boonty Games
HKLM\SYSTEM\ControlSet003\Services\Boonty Games
.
C:\Program Files\BoontyGames
C:\Program Files\BoontyGames\adiboudchouetlejardindessurprises.exe
C:\Program Files\BoontyGames\Alexandra Ledermann 5
C:\Program Files\BoontyGames\alexandraledermann5.exe
C:\Program Files\BoontyGames\Components
C:\Program Files\BoontyGames\zumadeluxe.exe
C:\Program Files\BoontyGames\Alexandra Ledermann 5\SHELL_DEFAULT_HTML
C:\Program Files\BoontyGames\Alexandra Ledermann 5\SHELL_DEFAULT_HTML\Images
C:\Program Files\BoontyGames\Alexandra Ledermann 5\SHELL_DEFAULT_HTML\Images\wait.gif
C:\Program Files\BoontyGames\Components\bureau.url
C:\Program Files\BoontyGames\Components\Joystick.ico
C:\Program Files\BoontyGames\Components\start.url
C:\Program Files\Fichiers communs\BOONTY Shared
C:\Program Files\Fichiers communs\BOONTY Shared\Service
C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
C:\Documents and Settings\All Users\Application Data\BOONTY
C:\Documents and Settings\All Users\Application Data\BOONTY\Licenses
C:\Documents and Settings\All Users\Application Data\BOONTY\Licenses\B3186000.dat
C:\Documents and Settings\All Users\Application Data\BOONTY\Licenses\B37E5000.dat

+--------------------| Eorezo Elements found :

.
HKCR\EoRezoBHO.EoBho
HKCR\EoRezoBHO.EoBho.1
HKCU\SOFTWARE\EoRezo
HKLM\SOFTWARE\EoRezo
HKLM\SOFTWARE\Classes\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}
HKLM\SOFTWARE\Classes\AppID\EoRezoBHO.DLL
HKLM\SOFTWARE\Classes\TypeLib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersionun\EoEngine
.
C:\Documents and Settings\samira eddamani\Application Data\EoRezo
C:\Documents and Settings\samira eddamani\Application Data\EoRezo\cache
C:\Documents and Settings\samira eddamani\Application Data\EoRezo\cmhost.cyp
C:\Documents and Settings\samira eddamani\Application Data\EoRezo\ConfMedia.cyp
C:\Documents and Settings\samira eddamani\Application Data\EoRezo\db
C:\Documents and Settings\samira eddamani\Application Data\EoRezo\eoDesktop
C:\Documents and Settings\samira eddamani\Application Data\EoRezo\host.cyp
C:\Documents and Settings\samira eddamani\Application Data\EoRezo\SoftwareUpdate
C:\Documents and Settings\samira eddamani\Application Data\EoRezo\user.cyp
C:\Documents and Settings\samira eddamani\Application Data\EoRezo\db\cat.cyp
C:\Documents and Settings\samira eddamani\Application Data\EoRezo\eoDesktop\config.xml
C:\Documents and Settings\samira eddamani\Application Data\EoRezo\eoDesktop\eoDesktop.html
C:\Documents and Settings\samira eddamani\Application Data\EoRezo\eoDesktop\userConfig.xml
C:\Documents and Settings\samira eddamani\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdate.exe
C:\Documents and Settings\samira eddamani\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
C:\Documents and Settings\samira eddamani\Application Data\EoRezo\SoftwareUpdate\unins000.dat
C:\Documents and Settings\samira eddamani\Application Data\EoRezo\SoftwareUpdate\unins000.exe
C:\Documents and Settings\samira eddamani\Application Data\EoRezo\SoftwareUpdate\user_config.cyp
C:\Documents and Settings\samira eddamani\Application Data\EoRezo\SoftwareUpdate\user_profil.cyp
C:\DOCUME~1\SAMIRA~1\LOCALS~1\Temp\Cookies\samira_eddamani@eorezo[1].txt
C:\DOCUME~1\SAMIRA~1\LOCALS~1\Temp\Cookies\samira_eddamani@eorezo[2].txt
C:\WINDOWS\Prefetch\EOENGINE.EXE-020B3EA2.pf
C:\WINDOWS\Prefetch\SETUP_EOENGINE.EXE-30DE3A4E.pf

+--------------------| Everest Poker Elements found :

.
.

+--------------------| FunWebProducts/MyWay/MyWebSearch/MyGlobalSearch Elements found :

.
.

+--------------------| It's TV Elements found :

.

+--------------------| Sweetim Elements found :

.
HKCR\SWEETIE.IEToolbar
HKCR\SWEETIE.IEToolbar.1
HKCR\SWEETIE.SWEETIE
HKCR\SWEETIE.SWEETIE.1
HKCR\Typelib\{58906392-79C4-497C-ACC6-6942B59F1A08}
HKCU\SOFTWARE\SWEETIE
HKCU\SOFTWARE\Microsoft\Installer\Upgradecodes\A97CEC23332751B47BA4B95BAA50C9D0
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A0AADCD-3A72-4B5F-900F-E3BB5A838E2A}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
HKLM\SOFTWARE\Macrogaming
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
HKLM\~\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
HKLM\~\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
HKLM\~\UserData\S-1-5-21-3117846246-626433616-840302518-1006\Components\96D82BE152767B245B7D948EF9126F46
HKLM\~\UserData\S-1-5-21-3117846246-626433616-840302518-1006\Components\C34CFCB49C8F0814C88A64469E1A2B9E
HKLM\~\UserData\S-1-5-21-3117846246-626433616-840302518-1006\Components\DF75D238060B32E42A452FB5F328222E
.
C:\WINDOWS\INSTALLER\1e121c5.msi
C:\Program Files\Macrogaming
C:\Program Files\Macrogaming\SweetIM
C:\Program Files\Macrogaming\SweetIMBarForIE
C:\Program Files\Macrogaming\SweetIM\conf
C:\Program Files\Macrogaming\SweetIM\data
C:\Program Files\Macrogaming\SweetIM\conf\users
C:\Program Files\Macrogaming\SweetIM\conf\users\abdousamira@hotmail.fr
C:\Program Files\Macrogaming\SweetIM\conf\users\main_user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\abdousamira@hotmail.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\abdousamira@hotmail.fr\lastuse_Audibles.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\abdousamira@hotmail.fr\lastuse_DisplayPictures.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\abdousamira@hotmail.fr\lastuse_SoundFX.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\abdousamira@hotmail.fr\lastuse_SpecialFX.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\abdousamira@hotmail.fr\lastuse_Winks.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\abdousamira@hotmail.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\data\contentdb
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100AD.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100B3.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100B6.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100B7.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100CC.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100CD.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100CF.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100D1.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100D2.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100D3.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100D5.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100E8.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100FD.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000100FF.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010104.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010106.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010123.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010124.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001081A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001081B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010846.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010847.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010848.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010853.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010856.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010859.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001085B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001085D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010860.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010867.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010871.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010889.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001088C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001088D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010891.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010892.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010893.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010894.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010896.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001089A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001089B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001089C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001089D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0001089E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108A0.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108A2.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108A4.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108AA.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108AB.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108AD.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108AF.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108B2.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108C0.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108C1.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108C2.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108C4.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108C5.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108C9.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108CD.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108D1.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000108D4.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020075.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0002007D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020144.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000201E8.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020239.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003002B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003002E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003002F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030031.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030036.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030037.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030038.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030039.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003003D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003003F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030040.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030049.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003004A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003004B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030053.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030058.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003005B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003005D.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003005F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030062.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030063.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030066.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003006B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003006C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030075.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00030079.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003007A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0003007C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040022.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040024.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040027.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040028.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040029.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004002B.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004002F.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040036.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040039.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004003C.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040049.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004005A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040065.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040067.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004006A.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00040077.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\0004007E.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000400B0.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000400B1.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000400CA.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000400E8.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000400F3.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00050004.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00050005.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00060081.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000600A7.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000600B6.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000600C2.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000600C4.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\000600DD.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00060179.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\010108A7.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\01050001.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\01050002.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\01050007.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\cache_indx.dat
C:\Program Files\Macrogaming\SweetIMBarForIE\affid.dat
C:\Program Files\Macrogaming\SweetIMBarForIE\basis.xml
C:\Program Files\Macrogaming\SweetIMBarForIE\Bookmarks_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Cache
C:\Program Files\Macrogaming\SweetIMBarForIE\Email_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Games_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Greetingcards_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Mobile_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Music_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\News_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Shoping_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\SmileySmile.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\SmileyWink.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\sweetimicons.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE	oolbar.crc
C:\Program Files\Macrogaming\SweetIMBarForIE	oolbar.xml
C:\Program Files\Macrogaming\SweetIMBarForIE\version.txt
C:\Program Files\Macrogaming\SweetIMBarForIE\_toolbar.dll
C:\Program Files\Macrogaming\SweetIMBarForIE\Cache\cd2005c66fba47ff715ecc444d3bc1fb.xml
C:\Documents and Settings\samira eddamani\Bureau\SweetImSetup.exe

+--------------------| ADDED SCAN :


+---------- Scanning prefs.js ... ( # Mozilla User Preferences )

..\yapwfw31.default\prefs.js :

~~~~ Mozilla FireFox version  [Unable to get version] ~~~~

* Browser Search Default Engine:  "Google"
* Browser Search Selected Engine:  "Google"
* Browser Search Selected Engine:  "Live Search"
* Browser Search Default Url:  "https://www.google.com/webhp?lr=&ie=UTF-8&oe=UTF-8&gws_rd=ssl"
* Browser Startup HomePage:  "http://eo.st"
* Browser Startup HomePage:  "UTF-8

.
FOUND - user_pref("browser.startup.homepage", "http://eo.st");

+---------------------------------------------------------------------------+


~~~~ Internet Explorer version 7.0.5730.13 ~~~~

+--[HKEY_CURRENT_USER\..\Internet Explorer\MAIN]

Start Page : hxxp://go.microsoft.com/fwlink/?linkid=677
Start Page : hxxp://www.google.fr/\0\0

+--[HKEY_LOCAL_MACHINE\..\Internet Explorer\MAIN]

Start Page : hxxp://go.microsoft.com/fwlink/?LinkId=69157

+---------------------------------------------------------------------------+

[~17746 bytes] - "C:\AD-report-Scan-11.01.2009.log"

# END at: 10:30:50 | 11/01/2009 - Time elapsed: 51.0 seconds 

+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 290 lines ]
+---------------------------------------------------------------------------+

et merci d'avance

Destrio5 · Answer

Aucun problème si je te supprime SweetIM ?

flower_2009 · Answer

salut destrio5 
non  y'a pa de souci on peut le supprimer si ça peut arranger les choses 
merci bcp

Destrio5 · Answer

/!\ Déconnecte-toi et ferme toutes applications en cours /!\

&#9679; Double-clique sur AD-Remover pour le lancer : au menu principal, choisis l'option B.

&#9679; Coche "A" à l'écran de sélection :
http://sd-1.archive-host.com/membres/up/16506160323759868/Capturer-ADR.JPG

&#9679; Puis choisis S, le programme va travailler.

&#9679; Poste le rapport qui apparaît à la fin.

(Le rapport est sauvegardé aussi sous C:\Ad-report.log)

/!\ Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr, Onglet "Fichier", "Nouvelle tâche", tape explorer.exe et valide) /!\

flower_2009 · Answer

voila destrio5 le dérnier rapport que j'ai eu en suivant les étpaes que vous m'avez montré


------- Logfile of AD-Remover 1.0.8.8 by C_XX | ONLY XP/VISTA -------

*** Limited to ***

Boonty/BoontyGames
Eorezo
Everest Poker
Funwebproduct/MyWay/MyWebsearch
It's TV
Sweetim

******************

# START AT: 16:23:05 | Dim 11/01/2009 | Microsoft® Windows XP™  SP2 (v5.1.2600)
# BOOT MODE: Normal
# OPTION: Clean | EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat
# PC: YOUR-A734457C79 | USER: samira eddamani ( Current user is an administrator)
# DRIVE(S): 
# System Drive: C:\
# Windows Directory: C:\WINDOWS\
# System Directory: C:\WINDOWS\system32\

--- RUNNING PROCESSES: 36

(!) ---- IE start pages reset

+--------------------| Boonty/Boonty Games Elements Deleted :

.
.

+--------------------| Eorezo Elements Deleted :

.
HKCU\SOFTWARE\EoRezo
.
/!\ NOT DELETED - C:\Documents and Settings\samira eddamani\Application Data\EoRezo
/!\ NOT DELETED - C:\Documents and Settings\samira eddamani\Application Data\EoRezo\SoftwareUpdate 
/!\ NOT DELETED - C:\Documents and Settings\samira eddamani\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe 

+--------------------| Everest Poker Elements Deleted :

.
.

+--------------------| FunWebProducts/MyWay/MyWebSearch/MyGlobalSearch Elements Deleted :

.
.

+--------------------| It's TV Elements Deleted :

.

+--------------------| Sweetim Elements Deleted :

.
.

(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives.


************* /!\ File(s)/Folder(s) Not Deleted /!\ *************

"C:\Documents and Settings\samira eddamani\Application Data\EoRezo\SoftwareUpdate"
"C:\Documents and Settings\samira eddamani\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe"

Second run ...

/!\ RESIST ! - "C:\Documents and Settings\samira eddamani\Application Data\EoRezo\SoftwareUpdate"
/!\ RESIST ! - "C:\Documents and Settings\samira eddamani\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe"


+--------------------| ADDED SCAN :


+---------- Scanning prefs.js ... ( # Mozilla User Preferences )

..\yapwfw31.default\prefs.js :

~~~~ Mozilla FireFox version  [Unable to get version] ~~~~

* Browser Search Default Engine:  "Google"
* Browser Search Selected Engine:  "Google"
* Browser Search Selected Engine:  "Live Search"
* Browser Search Default Url:  "https://www.google.com/webhp?lr=&ie=UTF-8&oe=UTF-8&gws_rd=ssl"
* Browser Startup HomePage:  "http://eo.st"
* Browser Startup HomePage:  "UTF-8

.

(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives.


+--------------------| ADDED SCAN :


+---------- Scanning prefs.js ... ( # Mozilla User Preferences )

..\yapwfw31.default\prefs.js :

~~~~ Mozilla FireFox version  [Unable to get version] ~~~~

* Browser Search Default Engine:  "Google"
* Browser Search Selected Engine:  "Google"
* Browser Search Selected Engine:  "Live Search"
* Browser Search Default Url:  "https://www.google.com/webhp?lr=&ie=UTF-8&oe=UTF-8&gws_rd=ssl"
* Browser Startup HomePage:  "UTF-8

.
REMOVED - user_pref("browser.startup.homepage", "http://eo.st");

+---------------------------------------------------------------------------+


~~~~ Internet Explorer version 7.0.5730.13 ~~~~

+--[HKEY_CURRENT_USER\..\Internet Explorer\MAIN]

Start Page : hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Start Page : hxxp://www.google.fr/\0\0

+--[HKEY_LOCAL_MACHINE\..\Internet Explorer\MAIN]

Start Page : hxxp://fr.msn.com/

+---------------------------------------------------------------------------+

[~3601 bytes] - "C:\AD-report-Clean-11.01.2009.log"
[~18082 bytes] - "C:\AD-report-Scan-11.01.2009.log"

# END at: 16:40:10 | 11/01/2009 - Time elapsed: 17 minutes, 4 seconds 

+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 80 lines ]
+---------------------------------------------------------------------------+

Destrio5 · Answer

---> Désinstalle AD-Remover et SoftwareUpdate.

---> Puis fais ceci :

- Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

- Double-clique sur RSIT.exe afin de lancer le programme.

- Clique sur Continue à l'écran Disclaimer.

- Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

- Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

Note : Les rapports sont sauvegardés dans le dossier C:\rsit.

flower_2009 · Answer

bsr destrio5 tt d'abord merci bcp 
pour votre dérnière réponse j'arrive pa a télécharger le Random's system je clic sur le lien mé j'ai toujours ce  message :
  
    lin-1 :
    error= error prasing function call

                                                                          et jé sé pa ce ke c'est

Destrio5 · Answer

--> Télécharge DDS.scr de sUBs sur ton Bureau.

--> Lance-le en cliquant sur l'icône dds.scr. Cette fenêtre DOS va apparaître :
https://i75.servimg.com/u/f75/11/05/93/83/ddsdos10.jpg

--> Le scan ne doit pas dépasser trois minutes.

--> Un premier rapport va s'ouvrir que tu enregistreras sous DDS.txt par défaut sur le Bureau.

--> Il te sera demandé si tu veux faire le scan optionnel : accepte.

--> Un nouveau rapport s'ouvre que tu enregistreras sous Attach.txt sur le Bureau.

--> Tu ne le fourniras que si nécessaire.

--> Poste le rapport DDS.txt.

Mon pace rame bcp trop

11 réponses

Discussions similaires