Fenêtre qui s'ouvre internet explorer

Résolu
lilly17 Messages postés 137 Date d'inscription   Statut Membre Dernière intervention   -  
 V-X -
Bonjour,
J'ai une fenêtre de pub qui apparait toutes les 30 min internet explorer.Même si je ne suis pas connecter a google.
Ca m'est déjà arriver et navilog avais réparer tout ça.
Mais la,aprés spybot,ccleaner et navilog,c'est toujours pareil.
Si vous avez une idée..Merci d'avance.
Configuration: Windows Vista
Firefox 3.0.5

27 réponses

  • 1
  • 2
  1. Komña Messages postés 222 Statut Membre 23
     
    Salut,

    Scan avec Malware Byte, Superantispyware, Adaware, et un antivirus.
    0
  2. V-X
     
    Salut-,

    Désactive le « contrôle des comptes utilisateurs = UAC »
    (tu le réactiveras après ta désinfection): Ne pas oublier !!
    Désactiver l'UAC est nécessaire pour pouvoir faire fonctionner certains programmes sous Vista.
    - Vas dans Démarrer puis panneau de configuration
    - Double Clique sur l'icône "Comptes d'utilisateurs"
    - Clique ensuite sur désactiver et valide.
    comment désactiver L'UAC

    ▶ Télécharge hijackthis

    ▶ Enregistre la cible sous .... "le bureau"

    ▶ Fais un double-clic sur "HJTInstall.exe" afin de lancer l'installation

    ▶ Clique sur Install ensuite sur "I Accept"

    ▶ Clique sur" Do a scan system and save log file"

    ▶ Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse

    ▶ Tuto hijackthis(Merci à Balltrap34)

    Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
    0
  3. lilly17 Messages postés 137 Date d'inscription   Statut Membre Dernière intervention   10
     
    Voila le rapport:
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 11:54:20, on 28/01/2009
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18000)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Users\mickey\AppData\Roaming\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\RtHDVCpl.exe
    C:\Acer\Empowering Technology\eAudio\eAudio.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
    C:\Program Files\Launch Manager\LManager.exe
    C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\Apoint2K\Apoint.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
    C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Windows Live\Family Safety\fsui.exe
    C:\Program Files\EoRezo\EoEngine.exe
    C:\Users\mickey\Program Files\DNA\btdna.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Windows\System32\rundll32.exe
    C:\Users\mickey\AppData\Local\Temp\RtkBtMnt.exe
    C:\Program Files\Apoint2K\ApMsgFwd.exe
    C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
    C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
    C:\Program Files\Apoint2K\Apntex.exe
    C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
    C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
    C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://y.lo.st
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - Default URLSearchHook is missing
    O1 - Hosts: ::1 localhost
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: Smart-Shopper - {4A7C84E2-E95C-43C6-8DD3-03ABCD0EB60E} - C:\Program Files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll
    O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
    O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: EoBHO - {C7B76B90-3455-4AE6-A752-EAC4D19689E5} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe
    O4 - HKLM\..\Run: [SetPanel] C:\Acer\APanel\APanel.cmd
    O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
    O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
    O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
    O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
    O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
    O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
    O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini
    O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
    O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe"
    O4 - HKLM\..\RunOnce: [SoftwareHelper] C:\Users\mickey\AppData\Roaming\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe -runonce
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\mickey\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [Spn2006] C:\Spn\edt.exe stw
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')
    O4 - Global Startup: Empowering Technology Launcher.lnk = ?
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: SmartShopper - Compare product prices - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} - C:\Program Files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll
    O9 - Extra button: SmartShopper - Compare travel rates - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - C:\Program Files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll
    O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.eu/Register/Branding/olr3313/OCX/v1018/flashax.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs: eNetHook.dll
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
    O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
    O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
    O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
    O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: Seekeen Service - Unknown owner - C:\Program Files\Seekeen\seekeen.exe (file missing)
    O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
    0
  4. V-X
     
    Re,

    Désactive l'UAC de vista comme indiquer ensuite pour exécuter les outils qui vont te désinfecter tu clic droit et "exécute en tant qu'administrateur".

    ▶ Télécharges AD-Remover ( de Cyrildu17 / C_XX ) sur ton bureau :

    /!\ Déconnectes toi et fermes toutes applications en cours/!\

    ● Double clique sur le programme d'installation , et installe le dans son emplacement par défaut. ( C:\Program files )
    ● Double clique sur l'icône Ad-removersituée sur ton bureau
    ● Au menu principal choisi l'option "A"
    ● Postes le rapport qui apparait à la fin .

    ( le rapport est sauvegardé aussi sous C:\Ad-report(date).log )

    (CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

    Note :

    "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
    Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. lilly17 Messages postés 137 Date d'inscription   Statut Membre Dernière intervention   10
     
    Voila le rapport ad-remover:

    ------- LOGFILE OF AD-REMOVER 1.0.9.3 | ONLY XP/VISTA -------

    Updated by C_XX on 17/01/2009 at 12:00

    Start at: 12:02:10 | Wed 28/01/2009 | Microsoft® Windows Vista™ Home Premium SP1 (V6.0.6001)
    Boot mode: Normal
    Option: SCAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
    Pc: PC-DE-MICKEY | User: mickey ( Current user is an administrator)
    Drive(s):
    - C:\ (File System: NTFS)
    - D:\ (File System: NTFS)
    - E:\ (File System: NTFS)
    System Drive: C:\
    Windows Directory: C:\Windows\
    System Directory: C:\Windows\System32\

    --- Running Processes: 83

    +--------------------| Boonty/Boonty Games Elements Found :

    .
    HKCU\SOFTWARE\Boonty
    HKLM\Software\Boonty
    HKLM\SYSTEM\ControlSet001\Services\Boonty Games
    HKLM\SYSTEM\ControlSet002\Services\Boonty Games
    HKLM\SYSTEM\CurrentControlSet\Services\Boonty Games
    .
    C:\Boonty
    C:\Boonty\Components
    C:\Boonty\Games
    C:\Boonty\Games\actionball2{330540}.exe
    C:\Boonty\Games\farmfrenzy2{372474}.exe
    C:\Program Files\BoontyGames
    C:\Program Files\BoontyGames\Components
    C:\Program Files\BoontyGames\Components\Joystick.ico
    C:\Program Files\BoontyGames\Components\start.url
    C:\Program Files\Common Files\BOONTY Shared
    C:\Program Files\Common Files\BOONTY Shared\Service
    C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
    C:\ProgramData\BOONTY
    C:\ProgramData\BOONTY\Licenses
    C:\ProgramData\BOONTY\Licenses\B5B11000.dat
    C:\ProgramData\BOONTY\Licenses\B8360000.dat
    C:\ProgramData\Microsoft\Windows\STartm~1\Programs\BoontyGames
    C:\ProgramData\Microsoft\Windows\STartm~1\Programs\BoontyGames\ Jeux … t‚l‚charger.url

    +--------------------| Eorezo Elements Found :

    Process: "EOENGINE.EXE" [PID:~3736]
    Process: "SOFTWAREUPDATEHP.EXE" [PID:~2304]
    .
    HKCR\CLSID\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
    HKCR\EoRezoBHO.EoBho
    HKCR\EoRezoBHO.EoBho.1
    HKCU\SOFTWARE\EoRezo
    HKLM\SOFTWARE\EoRezo
    HKLM\SOFTWARE\Classes\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}
    HKLM\SOFTWARE\Classes\AppID\EoRezoBHO.DLL
    HKLM\SOFTWARE\Classes\CLSID\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
    HKLM\SOFTWARE\Classes\TypeLib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eoEngine_is1
    HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\EOENGINE
    .
    C:\Program Files\EoRezo
    C:\Program Files\EoRezo\ConfMedia.cyp
    C:\Program Files\EoRezo\EoAdv
    C:\Program Files\EoRezo\EoEngine.exe
    C:\Program Files\EoRezo\eoEngine.url
    C:\Program Files\EoRezo\EoMultiLanguage.dll
    C:\Program Files\EoRezo\EoRezoComm.dll
    C:\Program Files\EoRezo\EoRezoImg_17.dll
    C:\Program Files\EoRezo\EoRezoImg_19.dll
    C:\Program Files\EoRezo\EoRezoImg_20.dll
    C:\Program Files\EoRezo\EoRezoImg_21.dll
    C:\Program Files\EoRezo\EoRezoImg_22.dll
    C:\Program Files\EoRezo\EoRezoImg_23.dll
    C:\Program Files\EoRezo\EoRezoTools_16.dll
    C:\Program Files\EoRezo\EoRezoTools_17.dll
    C:\Program Files\EoRezo\EoRezoTools_18.dll
    C:\Program Files\EoRezo\EoRezoTools_20.dll
    C:\Program Files\EoRezo\EoRezoTools_21.dll
    C:\Program Files\EoRezo\EoRezoTools_26.dll
    C:\Program Files\EoRezo\EoRezoTools_27.dll
    C:\Program Files\EoRezo\EoRezoTools_28.dll
    C:\Program Files\EoRezo\EoRezoTools_29.dll
    C:\Program Files\EoRezo\FreeImage.dll
    C:\Program Files\EoRezo\Host.cyp
    C:\Program Files\EoRezo\lang
    C:\Program Files\EoRezo\MngInstaller.dll
    C:\Program Files\EoRezo\unins000.dat
    C:\Program Files\EoRezo\unins000.exe
    C:\Program Files\EoRezo\user.cyp
    C:\Program Files\EoRezo\EoAdv\atl90.dll
    C:\Program Files\EoRezo\EoAdv\EoAdv.dll
    C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll
    C:\Program Files\EoRezo\EoAdv\mfc90.dll
    C:\Program Files\EoRezo\EoAdv\Microsoft.VC90.ATL.manifest
    C:\Program Files\EoRezo\EoAdv\Microsoft.VC90.CRT.manifest
    C:\Program Files\EoRezo\EoAdv\Microsoft.VC90.MFC.manifest
    C:\Program Files\EoRezo\EoAdv\msvcr90.dll
    C:\Program Files\EoRezo\lang\ihm_eoclock.xml
    C:\Program Files\EoRezo\lang\ihm_eoengine.xml
    C:\Program Files\EoRezo\lang\ihm_eonet.xml
    C:\Program Files\EoRezo\lang\ihm_eorezotools.xml
    C:\Program Files\EoRezo\lang\ihm_eosudoku.xml
    C:\Program Files\EoRezo\lang\ihm_eoweather.xml
    C:\Program Files\EoRezo\lang\lang_en.xml
    C:\Program Files\EoRezo\lang\lang_es.xml
    C:\Program Files\EoRezo\lang\lang_fr.xml
    C:\Program Files\EoRezo\lang\lang_it.xml
    C:\Users\mickey\AppData\Roaming\EoRezo
    C:\Users\mickey\AppData\Roaming\EoRezo\cmhost.cyp
    C:\Users\mickey\AppData\Roaming\EoRezo\ConfMedia.cyp
    C:\Users\mickey\AppData\Roaming\EoRezo\db
    C:\Users\mickey\AppData\Roaming\EoRezo\eoDesktop
    C:\Users\mickey\AppData\Roaming\EoRezo\eoStats
    C:\Users\mickey\AppData\Roaming\EoRezo\host.cyp
    C:\Users\mickey\AppData\Roaming\EoRezo\SoftwareUpdate
    C:\Users\mickey\AppData\Roaming\EoRezo\user.cyp
    C:\Users\mickey\AppData\Roaming\EoRezo\db\cat.cyp
    C:\Users\mickey\AppData\Roaming\EoRezo\eoDesktop\config.xml
    C:\Users\mickey\AppData\Roaming\EoRezo\eoDesktop\eoDesktop.html
    C:\Users\mickey\AppData\Roaming\EoRezo\eoDesktop\userConfig.xml
    C:\Users\mickey\AppData\Roaming\EoRezo\eoStats\eoStats.txt
    C:\Users\mickey\AppData\Roaming\EoRezo\SoftwareUpdate\SoftwareUpdate.exe
    C:\Users\mickey\AppData\Roaming\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
    C:\Users\mickey\AppData\Roaming\EoRezo\SoftwareUpdate\unins000.dat
    C:\Users\mickey\AppData\Roaming\EoRezo\SoftwareUpdate\unins000.exe
    C:\Users\mickey\AppData\Roaming\EoRezo\SoftwareUpdate\user_config.cyp
    C:\Users\mickey\AppData\Roaming\EoRezo\SoftwareUpdate\user_profil.cyp
    C:\Users\mickey\AppData\Roaming\Microsoft\Windows\Cookies\mickey@eorezo[1].txt

    +--------------------| Everest Casino/Everest Poker Elements Found :

    .
    .

    +--------------------| Funwebproducts/Myway/Mywebsearch/Myglobalsearch Elements Found :

    .
    .

    +--------------------| It's TV Elements Found :

    .

    +--------------------| Sweetim Elements Found :

    .
    HKCU\SOFTWARE\SweetIM
    HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
    HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
    HKLM\SOFTWARE\SweetIM
    HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\INTERNETREGISTRY\REGISTRY\USER\S-1-5-21-2853232444-1660623977-3844608242-1000\SOFTWARE\SWEETIM
    .
    C:\Users\mickey\AppData\Roaming\Mozilla\Firefox\Profiles\elcd4qjb.default\searchplugins\sweetim.xml
    C:\Users\mickey\AppData\Roaming\Mozilla\Firefox\Profiles\elcd4qjb.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
    C:\Users\mickey\AppData\Roaming\Mozilla\Firefox\Profiles\elcd4qjb.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome
    C:\Users\mickey\AppData\Roaming\Mozilla\Firefox\Profiles\elcd4qjb.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome.manifest
    C:\Users\mickey\AppData\Roaming\Mozilla\Firefox\Profiles\elcd4qjb.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\components
    C:\Users\mickey\AppData\Roaming\Mozilla\Firefox\Profiles\elcd4qjb.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\install.rdf
    C:\Users\mickey\AppData\Roaming\Mozilla\Firefox\Profiles\elcd4qjb.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\META-INF
    C:\Users\mickey\AppData\Roaming\Mozilla\Firefox\Profiles\elcd4qjb.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar.jar
    C:\Users\mickey\AppData\Roaming\Mozilla\Firefox\Profiles\elcd4qjb.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\components\SIMAutoCompleteSearch.js
    C:\Users\mickey\AppData\Roaming\Mozilla\Firefox\Profiles\elcd4qjb.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\META-INF\manifest.mf
    C:\Users\mickey\AppData\Roaming\Mozilla\Firefox\Profiles\elcd4qjb.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\META-INF\zigbert.rsa
    C:\Users\mickey\AppData\Roaming\Mozilla\Firefox\Profiles\elcd4qjb.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\META-INF\zigbert.sf
    C:\Users\mickey\AppData\Roaming\Mozilla\Firefox\Profiles\elcd4qjb.default\SweetIMToolbarData
    C:\Users\mickey\AppData\Roaming\Mozilla\Firefox\Profiles\elcd4qjb.default\SweetIMToolbarData\logs

    +--------------------| Added Scan :

    +---------- SCANNING PREFS.JS ... ( # Mozilla user preferences )

    ..\elcd4qjb.default\prefs.js :

    ~~~~ MOZILLA FIREFOX VERSION 3.0.5 ~~~~

    * BROWSER SEARCH DEFAULT ENGINE: "SweetIM Search"
    * BROWSER SEARCH DEFAULT ENGINE: "chrome://browser-region/locale/region.properties"
    * BROWSER SEARCH SELECTED ENGINE: "Live Search"
    * BROWSER SEARCH SELECTED ENGINE: "DAEMON Search"
    * BROWSER SEARCH DEFAULT URL: "https://search.sweetim.com/search.asp?src=2&q="
    * BROWSER STARTUP HOMEPAGE: "https://www.google.fr/?gws_rd=ssl"
    * BROWSER STARTUP HOMEPAGE: "https://www.google.fr/?gws_rd=ssl"

    .
    FOUND - user_pref("browser.search.defaultenginename", "SweetIM Search");
    FOUND - user_pref("browser.search.defaulturl", "https://search.sweetim.com/search.asp?src=2&q=");
    FOUND - user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
    FOUND - user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
    FOUND - user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
    FOUND - user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
    FOUND - user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
    FOUND - user_pref("sweetim.toolbar.mode.debug", "false");
    FOUND - user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "chrome://browser-region/locale/region.properties");
    FOUND - user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "DAEMON Search");
    FOUND - user_pref("sweetim.toolbar.previous.browser.startup.homepage", "https://www.google.fr/?gws_rd=ssl");
    FOUND - user_pref("sweetim.toolbar.previous.keyword.URL", "chrome://browser-region/locale/region.properties");
    FOUND - user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"http://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"https://search.yahoo.com/*\" param=\"p=\" /><EXTERNAL_SEARCH engine=\"http://search.sweetim.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"http://*.live.*/*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"http://*youtube.com/\" param=\"search_query=\" /><EXTERNAL_SEARCH engine=\"http://*.ebay.*/search/*\" param=\"satitle=\" /><EXTERNAL_SEARCH engine=\"http://*.amazon.com/s/*\" param=\"field-keywords=\" /></TOOLBAR>");
    FOUND - user_pref("sweetim.toolbar.search.history.capacity", "10");
    FOUND - user_pref("sweetim.toolbar.simapp_id", "{BFB57000-A2A7-11DD-B77A-B9F37E0BBA7D}");
    FOUND - user_pref("sweetim.toolbar.urls.homepage", "https://home.sweetim.com/");
    FOUND - user_pref("sweetim.toolbar.version", "1.0.0.6");

    +---------------------------------------------------------------------------+

    ~~~~ INTERNET EXPLORER VERSION 7.0.6001.18000 ~~~~

    +--[HKEY_CURRENT_USER\..\INTERNET EXPLORER\MAIN]

    Start page : hxxp://y.lo.st
    Start page : hxxp://www.google.fr/

    +--[HKEY_LOCAL_MACHINE\..\INTERNET EXPLORER\MAIN]

    Start page : hxxp://fr.yahoo.com

    +---------------------------------------------------------------------------+

    [~11381 BYTES] - "C:\AD-REPORT-SCAN-28.01.2009.LOG"

    End at: 12:02:49 | 28/01/2009 - Time elapsed: 39.3 seconds

    +---------------------------------------------------------------------------+
    +------------------------------- [ E.O.F - 194 Lines ]
    +---------------------------------------------------------------------------+
    0
  7. V-X
     
    Re,

    /!\ Déconnectes toi et fermes toutes applications en cours /!\

    ▶ Relances "Ad-remover" : au menu principal choisi l'option "B" .

    http://apu.mabul.org/up/apu/2008/11/19/img-221318q2g03.jpg

    Il faut taper un chiffre et valider systématiquement celui-ci par ENTREE.

    ▶ Ensuite:

    Boonty Puis tape 1 et "entrer".
    Eorezo Puis tape 2 et "entrer".
    Sweetim Puis tape 6 et "entrer".

    ▶ Puis "S"

    ▶ le programme va travailler ...

    ▶ Postes le rapport qui apparait à la fin + un nouvel Hijackthis pour analyse ...

    ( le rapport est sauvegardé aussi sous C:\Ad-report.log )

    /!\ Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides) /!\
    0
  8. lilly17 Messages postés 137 Date d'inscription   Statut Membre Dernière intervention   10
     
    J'ai fait comme tu ma dit mais rien ne se passe?...
    0
  9. V-X
     
    Re,

    Laisse travailler l'outil tu as bien taper les lettres et a chaque fois taper entrer ?
    0
  10. lilly17 Messages postés 137 Date d'inscription   Statut Membre Dernière intervention   10
     
    Oui ..Bon je recommence
    0
  11. lilly17 Messages postés 137 Date d'inscription   Statut Membre Dernière intervention   10
     
    Voila le nouveau rapport(j'avais remis le compte d'utilisateur actif c'est pour ça que rien ne ce passer).ops..

    ------- LOGFILE OF AD-REMOVER 1.0.9.3 | ONLY XP/VISTA -------

    Updated by C_XX on 17/01/2009 at 12:00

    *** LIMITED TO ***

    Boonty/Boontygames
    Eorezo
    Sweetim

    ******************

    Start at: 12:33:12 | Wed 28/01/2009 | Microsoft® Windows Vista™ Home Premium SP1 (V6.0.6001)
    Boot mode: Normal
    Option: CLEAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
    Pc: PC-DE-MICKEY | User: mickey ( Current user is an administrator)
    Drive(s):
    - C:\ (File System: NTFS)
    - D:\ (File System: NTFS)
    - E:\ (File System: NTFS)
    System Drive: C:\
    Windows Directory: C:\Windows\
    System Directory: C:\Windows\System32\

    --- Running Processes: 82

    (!) ---- IE start pages reset

    +--------------------| Boonty/Boonty Games Elements Deleted :

    .
    HKCU\SOFTWARE\Boonty
    HKLM\Software\Boonty
    HKLM\SYSTEM\ControlSet001\Services\Boonty Games
    HKLM\SYSTEM\ControlSet002\Services\Boonty Games
    .
    C:\Boonty
    C:\ProgramData\BOONTY
    C:\Users\All Users\BOONTY
    C:\Program Files\BoontyGames
    C:\Program Files\Common Files\BOONTY Shared
    C:\ProgramData\Microsoft\Windows\STartm~1\Programs\BoontyGames

    +--------------------| Eorezo Elements Deleted :

    Process: "EOENGINE.EXE" [PID:~2520]
    Process: "SOFTWAREUPDATEHP.EXE" [PID:~612]
    .
    HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\EOENGINE
    HKCR\CLSID\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
    HKCR\EoRezoBHO.EoBho
    HKCR\EoRezoBHO.EoBho.1
    HKCU\SOFTWARE\EoRezo
    HKLM\SOFTWARE\EoRezo
    HKLM\SOFTWARE\Classes\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}
    HKLM\SOFTWARE\Classes\AppID\EoRezoBHO.DLL
    HKLM\SOFTWARE\Classes\TypeLib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eoEngine_is1
    .
    C:\Program Files\EoRezo
    C:\Users\mickey\AppData\Roaming\EoRezo
    C:\Users\mickey\AppData\Roaming\Microsoft\Windows\Cookies\mickey@eorezo[1].txt

    +--------------------| Sweetim Elements Deleted :

    .
    HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\INTERNETREGISTRY\REGISTRY\USER\S-1-5-21-2853232444-1660623977-3844608242-1000\SOFTWARE\SWEETIM
    HKCU\SOFTWARE\SweetIM
    HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
    HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
    HKLM\SOFTWARE\SweetIM
    .
    C:\Users\mickey\AppData\Roaming\Mozilla\Firefox\Profiles\elcd4qjb.default\searchplugins\sweetim.xml
    C:\Users\mickey\AppData\Roaming\Mozilla\Firefox\Profiles\elcd4qjb.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
    C:\Users\mickey\AppData\Roaming\Mozilla\Firefox\Profiles\elcd4qjb.default\SweetIMToolbarData

    (!) ---- Temp files deleted.
    (!) ---- Recycle bin emptied in all drives.

    +--------------------| Added Scan :

    +---------- SCANNING PREFS.JS ... ( # MOZILLA USER PREFERENCES )

    ..\elcd4qjb.default\prefs.js :

    ~~~~ MOZILLA FIREFOX VERSION 3.0.5 ~~~~

    * BROWSER SEARCH DEFAULT ENGINE: "SweetIM Search"
    * BROWSER SEARCH DEFAULT ENGINE: "chrome://browser-region/locale/region.properties"
    * BROWSER SEARCH SELECTED ENGINE: "Live Search"
    * BROWSER SEARCH SELECTED ENGINE: "DAEMON Search"
    * BROWSER SEARCH DEFAULT URL: "https://search.sweetim.com/search.asp?src=2&q="
    * BROWSER STARTUP HOMEPAGE: "https://www.google.fr/?gws_rd=ssl"
    * BROWSER STARTUP HOMEPAGE: "https://www.google.fr/?gws_rd=ssl"

    .
    REMOVED - user_pref("browser.search.defaultenginename", "SweetIM Search");
    REMOVED - user_pref("browser.search.defaulturl", "https://search.sweetim.com/search.asp?src=2&q=");
    REMOVED - user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
    REMOVED - user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
    REMOVED - user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
    REMOVED - user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
    REMOVED - user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
    REMOVED - user_pref("sweetim.toolbar.mode.debug", "false");
    REMOVED - user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "chrome://browser-region/locale/region.properties");
    REMOVED - user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "DAEMON Search");
    REMOVED - user_pref("sweetim.toolbar.previous.browser.startup.homepage", "https://www.google.fr/?gws_rd=ssl");
    REMOVED - user_pref("sweetim.toolbar.previous.keyword.URL", "chrome://browser-region/locale/region.properties");
    REMOVED - user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"http://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"https://search.yahoo.com/*\" param=\"p=\" /><EXTERNAL_SEARCH engine=\"http://search.sweetim.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"http://*.live.*/*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"http://*youtube.com/\" param=\"search_query=\" /><EXTERNAL_SEARCH engine=\"http://*.ebay.*/search/*\" param=\"satitle=\" /><EXTERNAL_SEARCH engine=\"http://*.amazon.com/s/*\" param=\"field-keywords=\" /></TOOLBAR>");
    REMOVED - user_pref("sweetim.toolbar.search.history.capacity", "10");
    REMOVED - user_pref("sweetim.toolbar.simapp_id", "{BFB57000-A2A7-11DD-B77A-B9F37E0BBA7D}");
    REMOVED - user_pref("sweetim.toolbar.urls.homepage", "https://home.sweetim.com/");
    REMOVED - user_pref("sweetim.toolbar.version", "1.0.0.6");

    +---------------------------------------------------------------------------+

    ~~~~ INTERNET EXPLORER VERSION 7.0.6001.18000 ~~~~

    +--[HKEY_CURRENT_USER\..\INTERNET EXPLORER\MAIN]

    Start page : hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    Start page : hxxp://www.google.fr/

    +--[HKEY_LOCAL_MACHINE\..\INTERNET EXPLORER\MAIN]

    Start page : hxxp://fr.msn.com/

    +---------------------------------------------------------------------------+

    [~6113 BYTES] - "C:\AD-REPORT-CLEAN-28.01.2009.LOG"
    [~11715 BYTES] - "C:\AD-REPORT-SCAN-28.01.2009.LOG"

    End at: 12:36:20 | 28/01/2009 - Time elapsed: 3 minutes, 7 seconds

    +---------------------------------------------------------------------------+
    +------------------------------- [ E.O.F - 104 Lines ]
    +---------------------------------------------------------------------------+
    0
  12. V-X
     
    Re,

    ==>>Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.<<===

    !! Déconnectes toi et fermes toute tes applications en cours le temps de la manipe !!

    ▶ Double-cliques sur l'.exe pour lancer l'installe et laisses toi guider ...

    ▶ Une fois fait, cliques sur le raccourci créé sur ton bureau pour lancer l'outil .

    ▶ Choisis l'option 1 ( "recherche") et tapes "entrée" .

    ▶Une fois le scan finit , un rapport va apparaître, copie/colles l'intégralité
    de son contenu dans ta prochaine réponse ...

    ( le rapport est en outre sauvegardé ici -> C:\TB.txt )

    Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.

    Tutoriel Toolbard-S&D
    0
  13. lilly17 Messages postés 137 Date d'inscription   Statut Membre Dernière intervention   10
     
    Voila le rapport:

    ------- LOGFILE OF AD-REMOVER 1.0.9.3 | ONLY XP/VISTA -------

    Updated by C_XX on 17/01/2009 at 12:00

    *** LIMITED TO ***

    Boonty/Boontygames
    Eorezo
    Sweetim

    ******************

    Start at: 12:33:12 | Wed 28/01/2009 | Microsoft® Windows Vista™ Home Premium SP1 (V6.0.6001)
    Boot mode: Normal
    Option: CLEAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
    Pc: PC-DE-MICKEY | User: mickey ( Current user is an administrator)
    Drive(s):
    - C:\ (File System: NTFS)
    - D:\ (File System: NTFS)
    - E:\ (File System: NTFS)
    System Drive: C:\
    Windows Directory: C:\Windows\
    System Directory: C:\Windows\System32\

    --- Running Processes: 82

    (!) ---- IE start pages reset

    +--------------------| Boonty/Boonty Games Elements Deleted :

    .
    HKCU\SOFTWARE\Boonty
    HKLM\Software\Boonty
    HKLM\SYSTEM\ControlSet001\Services\Boonty Games
    HKLM\SYSTEM\ControlSet002\Services\Boonty Games
    .
    C:\Boonty
    C:\ProgramData\BOONTY
    C:\Users\All Users\BOONTY
    C:\Program Files\BoontyGames
    C:\Program Files\Common Files\BOONTY Shared
    C:\ProgramData\Microsoft\Windows\STartm~1\Programs\BoontyGames

    +--------------------| Eorezo Elements Deleted :

    Process: "EOENGINE.EXE" [PID:~2520]
    Process: "SOFTWAREUPDATEHP.EXE" [PID:~612]
    .
    HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\EOENGINE
    HKCR\CLSID\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
    HKCR\EoRezoBHO.EoBho
    HKCR\EoRezoBHO.EoBho.1
    HKCU\SOFTWARE\EoRezo
    HKLM\SOFTWARE\EoRezo
    HKLM\SOFTWARE\Classes\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}
    HKLM\SOFTWARE\Classes\AppID\EoRezoBHO.DLL
    HKLM\SOFTWARE\Classes\TypeLib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eoEngine_is1
    .
    C:\Program Files\EoRezo
    C:\Users\mickey\AppData\Roaming\EoRezo
    C:\Users\mickey\AppData\Roaming\Microsoft\Windows\Cookies\mickey@eorezo[1].txt

    +--------------------| Sweetim Elements Deleted :

    .
    HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\INTERNETREGISTRY\REGISTRY\USER\S-1-5-21-2853232444-1660623977-3844608242-1000\SOFTWARE\SWEETIM
    HKCU\SOFTWARE\SweetIM
    HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
    HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
    HKLM\SOFTWARE\SweetIM
    .
    C:\Users\mickey\AppData\Roaming\Mozilla\Firefox\Profiles\elcd4qjb.default\searchplugins\sweetim.xml
    C:\Users\mickey\AppData\Roaming\Mozilla\Firefox\Profiles\elcd4qjb.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
    C:\Users\mickey\AppData\Roaming\Mozilla\Firefox\Profiles\elcd4qjb.default\SweetIMToolbarData

    (!) ---- Temp files deleted.
    (!) ---- Recycle bin emptied in all drives.

    +--------------------| Added Scan :

    +---------- SCANNING PREFS.JS ... ( # MOZILLA USER PREFERENCES )

    ..\elcd4qjb.default\prefs.js :

    ~~~~ MOZILLA FIREFOX VERSION 3.0.5 ~~~~

    * BROWSER SEARCH DEFAULT ENGINE: "SweetIM Search"
    * BROWSER SEARCH DEFAULT ENGINE: "chrome://browser-region/locale/region.properties"
    * BROWSER SEARCH SELECTED ENGINE: "Live Search"
    * BROWSER SEARCH SELECTED ENGINE: "DAEMON Search"
    * BROWSER SEARCH DEFAULT URL: "https://search.sweetim.com/search.asp?src=2&q="
    * BROWSER STARTUP HOMEPAGE: "https://www.google.fr/?gws_rd=ssl"
    * BROWSER STARTUP HOMEPAGE: "https://www.google.fr/?gws_rd=ssl"

    .
    REMOVED - user_pref("browser.search.defaultenginename", "SweetIM Search");
    REMOVED - user_pref("browser.search.defaulturl", "https://search.sweetim.com/search.asp?src=2&q=");
    REMOVED - user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
    REMOVED - user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
    REMOVED - user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
    REMOVED - user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
    REMOVED - user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
    REMOVED - user_pref("sweetim.toolbar.mode.debug", "false");
    REMOVED - user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "chrome://browser-region/locale/region.properties");
    REMOVED - user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "DAEMON Search");
    REMOVED - user_pref("sweetim.toolbar.previous.browser.startup.homepage", "https://www.google.fr/?gws_rd=ssl");
    REMOVED - user_pref("sweetim.toolbar.previous.keyword.URL", "chrome://browser-region/locale/region.properties");
    REMOVED - user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"http://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"https://search.yahoo.com/*\" param=\"p=\" /><EXTERNAL_SEARCH engine=\"http://search.sweetim.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"http://*.live.*/*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"http://*youtube.com/\" param=\"search_query=\" /><EXTERNAL_SEARCH engine=\"http://*.ebay.*/search/*\" param=\"satitle=\" /><EXTERNAL_SEARCH engine=\"http://*.amazon.com/s/*\" param=\"field-keywords=\" /></TOOLBAR>");
    REMOVED - user_pref("sweetim.toolbar.search.history.capacity", "10");
    REMOVED - user_pref("sweetim.toolbar.simapp_id", "{BFB57000-A2A7-11DD-B77A-B9F37E0BBA7D}");
    REMOVED - user_pref("sweetim.toolbar.urls.homepage", "https://home.sweetim.com/");
    REMOVED - user_pref("sweetim.toolbar.version", "1.0.0.6");

    +---------------------------------------------------------------------------+

    ~~~~ INTERNET EXPLORER VERSION 7.0.6001.18000 ~~~~

    +--[HKEY_CURRENT_USER\..\INTERNET EXPLORER\MAIN]

    Start page : hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    Start page : hxxp://www.google.fr/

    +--[HKEY_LOCAL_MACHINE\..\INTERNET EXPLORER\MAIN]

    Start page : hxxp://fr.msn.com/

    +---------------------------------------------------------------------------+

    [~6113 BYTES] - "C:\AD-REPORT-CLEAN-28.01.2009.LOG"
    [~11715 BYTES] - "C:\AD-REPORT-SCAN-28.01.2009.LOG"

    End at: 12:36:20 | 28/01/2009 - Time elapsed: 3 minutes, 7 seconds

    +---------------------------------------------------------------------------+
    +------------------------------- [ E.O.F - 104 Lines ]
    +---------------------------------------------------------------------------+

    -----------\\ ToolBar S&D 1.2.8 XP/Vista

    Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
    X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T5450 @ 1.66GHz )
    BIOS : Default System BIOS
    USER : mickey ( Administrator )
    BOOT : Normal boot
    Antivirus : avast! antivirus 4.8.1290 [VPS 081124-0] 4.8.1290 (Activated)
    C:\ (Local Disk) - NTFS - Total:111 Go (Free:27 Go)
    D:\ (Local Disk) - NTFS - Total:232 Go (Free:102 Go)
    E:\ (Local Disk) - NTFS - Total:111 Go (Free:69 Go)
    F:\ (CD or DVD)
    G:\ (CD or DVD)

    "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
    Option : [1] ( 28/01/2009|12:47 )

    [ UAC => 1 ]

    -----------\\ Recherche de Fichiers / Dossiers ...

    C:\Program Files\DAEMON Tools Toolbar
    C:\Program Files\DAEMON Tools Toolbar\_DTLite.xml
    C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\SmartShopper
    C:\Program Files\Smart-Shopper
    C:\Program Files\Smart-Shopper\Bin
    C:\Program Files\Smart-Shopper\Uninst.exe
    C:\Program Files\Smart-Shopper\Bin\2.5.1
    C:\Program Files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll
    C:\Windows\iun6002.exe

    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
    "Local Page"="C:\\Windows\\system32\\blank.htm"
    "SearchMigratedDefaultURL"="https://search.yahoo.com/web{searchTerms}&ei=utf-8&fr=b1ie7"
    "Search Bar"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
    "Default_search_url"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
    "Default_page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
    "Url"="https://www.msn.com/fr-fr/actualite/"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="https://www.msn.com/fr-fr"
    "Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
    "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
    "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
    "Search bar"="http://www.bing.com/spresults.aspx"

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\Users\mickey\AppData\Roaming\BitTorrent\Fast_Times_At_Deep_Crack_High_1_XXX_Teen_Porn_Sex.torrent
    C:\Users\mickey\AppData\Roaming\BitTorrent\Need.for.Speed.Undercover.Keygen.and Crack-RELOADED.torrent
    C:\Users\mickey\Desktop\b\nfs\Crack
    C:\Users\mickey\Desktop\b\nfs\Crack\nfs.exe
    C:\Users\mickey\Desktop\b\nfs\Crack\NOTICE.TXT
    C:\Users\mickey\Desktop\b\nfs\Crack\rld-nfsk.exe
    C:\Users\mickey\Desktop\b\Nouveau dossier (2)\Crack
    C:\Users\mickey\Desktop\b\Nouveau dossier (2)\Crack\PopCap Zuma Deluxe! v1.0 (crack).zip

    [ UAC => 1 ]

    1 - "C:\ToolBar SD\TB_1.txt" - 28/01/2009|12:44 - Option : [1]
    2 - "C:\ToolBar SD\TB_2.txt" - 28/01/2009|12:47 - Option : [1]

    -----------\\ Fin du rapport a 12:47:20,18
    0
  14. V-X
     
    Re,

    Vire tes cracks et autres keygens qui sont source d'infection:

    C:\Users\mickey\AppData\Roaming\BitTorrent\Fast_Times_At_Deep_Crack_High_1_XXX_Teen_Porn_Sex.torrent
    C:\Users\mickey\AppData\Roaming\BitTorrent\Need.for.Speed.Undercover.Keygen.and Crack-RELOADED.torrent
    C:\Users\mickey\Desktop\b\nfs\Crack
    C:\Users\mickey\Desktop\b\nfs\Crack\nfs.exe
    C:\Users\mickey\Desktop\b\nfs\Crack\NOTICE.TXT
    C:\Users\mickey\Desktop\b\nfs\Crack\rld-nfsk.exe
    C:\Users\mickey\Desktop\b\Nouveau dossier (2)\Crack
    C:\Users\mickey\Desktop\b\Nouveau dossier (2)\Crack\PopCap Zuma Deluxe! v1.0 (crack).zip 
    


    Maintenant fait ce qui suit:

    ▶ Nettoyage avec ToolBar S&D :

    !! Déconnectes toi et fermes toute tes applications en cours le temps de la manipe !!

    ▶Relances Toolbar-S&D en double-cliquant sur le raccourci.

    ▶ Tapes sur l'option 2 ( "nettoyage" ) puis tapes sur "Entrée".

    Note : Ne touches à rien lors de la suppression !!

    ▶ Un rapport sera généré à la fin du processus : postes son contenu dans ta prochaine réponse

    ▶ Accompagné d'un nouveau rapport hijackthis pour analyse ...

    Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
    0
  15. lilly17 Messages postés 137 Date d'inscription   Statut Membre Dernière intervention   10
     
    Quand je vais dans (C) je n'ai pas users?..
    0
  16. lilly17 Messages postés 137 Date d'inscription   Statut Membre Dernière intervention   10
     
    C'est fait voici le rapport:

    -----------\\ ToolBar S&D 1.2.8 XP/Vista

    Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
    X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T5450 @ 1.66GHz )
    BIOS : Default System BIOS
    USER : mickey ( Administrator )
    BOOT : Normal boot
    Antivirus : avast! antivirus 4.8.1290 [VPS 081124-0] 4.8.1290 (Activated)
    C:\ (Local Disk) - NTFS - Total:111 Go (Free:27 Go)
    D:\ (Local Disk) - NTFS - Total:232 Go (Free:102 Go)
    E:\ (Local Disk) - NTFS - Total:111 Go (Free:69 Go)
    F:\ (CD or DVD)
    G:\ (CD or DVD)

    "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
    Option : [2] ( 28/01/2009|13:01 )

    [ UAC => 1 ]

    -----------\\ SUPPRESSION

    Supprime! - C:\Program Files\DAEMON Tools Toolbar\_DTLite.xml
    Supprime! - C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\SmartShopper
    Supprime! - C:\Program Files\Smart-Shopper\Bin
    Supprime! - C:\Program Files\Smart-Shopper\Uninst.exe
    Supprime! - C:\Windows\iun6002.exe
    Supprime! - C:\Program Files\DAEMON Tools Toolbar
    Supprime! - C:\Program Files\Smart-Shopper

    -----------\\ Recherche de Fichiers / Dossiers ...

    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
    "Local Page"="C:\\Windows\\system32\\blank.htm"
    "SearchMigratedDefaultURL"="https://search.yahoo.com/web{searchTerms}&ei=utf-8&fr=b1ie7"
    "Search Bar"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
    "Default_search_url"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
    "Default_page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
    "Url"="https://www.msn.com/fr-fr/actualite/"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="https://www.msn.com/fr-fr/"
    "Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
    "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
    "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
    "Search bar"="http://www.bing.com/spresults.aspx"

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\Users\mickey\AppData\Roaming\BitTorrent\Fast_Times_At_Deep_Crack_High_1_XXX_Teen_Porn_Sex.torrent
    C:\Users\mickey\AppData\Roaming\BitTorrent\Need.for.Speed.Undercover.Keygen.and Crack-RELOADED.torrent
    C:\Users\mickey\Desktop\b\nfs\Crack
    C:\Users\mickey\Desktop\b\nfs\Crack\nfs.exe
    C:\Users\mickey\Desktop\b\nfs\Crack\NOTICE.TXT
    C:\Users\mickey\Desktop\b\nfs\Crack\rld-nfsk.exe
    C:\Users\mickey\Desktop\b\Nouveau dossier (2)\Crack
    C:\Users\mickey\Desktop\b\Nouveau dossier (2)\Crack\PopCap Zuma Deluxe! v1.0 (crack).zip

    [ UAC => 1 ]

    1 - "C:\ToolBar SD\TB_1.txt" - 28/01/2009|12:44 - Option : [1]
    2 - "C:\ToolBar SD\TB_2.txt" - 28/01/2009|12:47 - Option : [1]
    3 - "C:\ToolBar SD\TB_3.txt" - 28/01/2009|13:02 - Option : [2]

    -----------\\ Fin du rapport a 13:02:23,53
    0
  17. V-X
     
    Re,

    ---> Télécharge OTMoveIt3 (OldTimer) sur ton Bureau :
    http://oldtimer.geekstogo.com/OTMoveIt3.exe

    ---> Double-clique sur OTMoveIt3.exe afin de le lancer.

    ---> Copie (Ctrl+C) le texte suivant en gras ci-dessous :

    :files
    C:\Users\mickey\AppData\Roaming\BitTorrent\Fast_Times_At_Deep_Crack_High_1_XXX_Teen_Porn_Sex.torrent
    C:\Users\mickey\AppData\Roaming\BitTorrent\Need.for.Speed.Undercover.Keygen.and Crack-RELOADED.torrent
    C:\Users\mickey\Desktop\b\nfs\Crack
    C:\Users\mickey\Desktop\b\nfs\Crack\nfs.exe
    C:\Users\mickey\Desktop\b\nfs\Crack\NOTICE.TXT
    C:\Users\mickey\Desktop\b\nfs\Crack\rld-nfsk.exe
    C:\Users\mickey\Desktop\b\Nouveau dossier (2)\Crack
    C:\Users\mickey\Desktop\b\Nouveau dossier (2)\Crack\PopCap Zuma Deluxe! v1.0 (crack).zip

    :commands
    [purity]
    [emptytemp]
    [start explorer]


    ---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

    ---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

    Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.

    ---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    Le nom du rapport correspond au moment de sa création : date_heure.log
    0
  18. lilly17 Messages postés 137 Date d'inscription   Statut Membre Dernière intervention   10
     
    Voila:
    ========== FILES ==========
    C:\Users\mickey\AppData\Roaming\BitTorrent\Fast_Times_At_Deep_Crack_High_1_XXX_Teen_Porn_Sex.torrent moved successfully.
    C:\Users\mickey\AppData\Roaming\BitTorrent\Need.for.Speed.Undercover.Keygen.and Crack-RELOADED.torrent moved successfully.
    C:\Users\mickey\Desktop\b\nfs\Crack moved successfully.
    File/Folder C:\Users\mickey\Desktop\b\nfs\Crack\nfs.exe not found.
    File/Folder C:\Users\mickey\Desktop\b\nfs\Crack\NOTICE.TXT not found.
    File/Folder C:\Users\mickey\Desktop\b\nfs\Crack\rld-nfsk.exe not found.
    C:\Users\mickey\Desktop\b\Nouveau dossier (2)\Crack moved successfully.
    File/Folder C:\Users\mickey\Desktop\b\Nouveau dossier (2)\Crack\PopCap Zuma Deluxe! v1.0 (crack).zip not found.
    ========== COMMANDS ==========
    File delete failed. C:\Users\mickey\AppData\Local\Temp\etilqs_4jzDFEYgrr5rrQ7x75kf scheduled to be deleted on reboot.
    File delete failed. C:\Users\mickey\AppData\Local\Temp\RtkBtMnt.exe scheduled to be deleted on reboot.
    File delete failed. C:\Users\mickey\AppData\Local\Temp\WER400C.tmp.version.txt scheduled to be deleted on reboot.
    User's Temp folder emptied.
    User's Temporary Internet Files folder emptied.
    User's Internet Explorer cache folder emptied.
    Local Service Temp folder emptied.
    Local Service Temporary Internet Files folder emptied.
    File delete failed. C:\Windows\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\TMP00000061FD181EF09B2B604E scheduled to be deleted on reboot.
    Windows Temp folder emptied.
    File delete failed. C:\Users\mickey\AppData\Local\Mozilla\Firefox\Profiles\elcd4qjb.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
    File delete failed. C:\Users\mickey\AppData\Local\Mozilla\Firefox\Profiles\elcd4qjb.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
    File delete failed. C:\Users\mickey\AppData\Local\Mozilla\Firefox\Profiles\elcd4qjb.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
    File delete failed. C:\Users\mickey\AppData\Local\Mozilla\Firefox\Profiles\elcd4qjb.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
    File delete failed. C:\Users\mickey\AppData\Local\Mozilla\Firefox\Profiles\elcd4qjb.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
    File delete failed. C:\Users\mickey\AppData\Local\Mozilla\Firefox\Profiles\elcd4qjb.default\XUL.mfl scheduled to be deleted on reboot.
    FireFox cache emptied.
    Opera cache emptied.
    Temp folders emptied.
    Error: Unable to interpret <[start explorer> in the current context!

    OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 01282009_130837

    Files moved on Reboot...
    File C:\Users\mickey\AppData\Local\Temp\etilqs_4jzDFEYgrr5rrQ7x75kf not found!
    C:\Users\mickey\AppData\Local\Temp\RtkBtMnt.exe moved successfully.
    File C:\Users\mickey\AppData\Local\Temp\WER400C.tmp.version.txt not found!
    File move failed. C:\Windows\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
    File C:\Windows\temp\TMP00000061FD181EF09B2B604E not found!
    C:\Users\mickey\AppData\Local\Mozilla\Firefox\Profiles\elcd4qjb.default\Cache\_CACHE_001_ moved successfully.
    C:\Users\mickey\AppData\Local\Mozilla\Firefox\Profiles\elcd4qjb.default\Cache\_CACHE_002_ moved successfully.
    C:\Users\mickey\AppData\Local\Mozilla\Firefox\Profiles\elcd4qjb.default\Cache\_CACHE_003_ moved successfully.
    C:\Users\mickey\AppData\Local\Mozilla\Firefox\Profiles\elcd4qjb.default\Cache\_CACHE_MAP_ moved successfully.
    C:\Users\mickey\AppData\Local\Mozilla\Firefox\Profiles\elcd4qjb.default\urlclassifier3.sqlite moved successfully.
    C:\Users\mickey\AppData\Local\Mozilla\Firefox\Profiles\elcd4qjb.default\XUL.mfl moved successfully.
    0
  19. V-X
     
    Re,

    Redémarre ton pc normalement et fait ce qui suit.

    ▶ Télécharge random's system information tool (RSIT) et enregistre le sur ton bureau.

    ▶ Double clique sur RSIT.exe pour lancer l'outil.

    ▶ Clique sur ' continue ' à l'écran Disclaimer.

    Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.

    ▶ Une fois le scan fini , 2 rapports vont apparaitre. Poste le contenu des 2 rapports séparément.
    ( log.txt & info.txt )

    (CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

    Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
    0
  • 1
  • 2