Fenêtre qui s'ouvre internet explorer

Résolu
lilly17 Messages postés 137 Date d'inscription   Statut Membre Dernière intervention   -  
 Utilisateur anonyme -
Bonjour,
J'ai une fenêtre de pub qui apparait toutes les 30 min internet explorer.Même si je ne suis pas connecter a google.
Ca m'est déjà arriver et navilog avais réparer tout ça.
Mais la,aprés spybot,ccleaner et navilog,c'est toujours pareil.
Si vous avez une idée..Merci d'avance.
A voir également:

27 réponses

  • 1
  • 2
Réponse 1 / 27
Komña Messages postés 200 Date d'inscription   Statut Membre Dernière intervention   23
 
Salut,

Scan avec Malware Byte, Superantispyware, Adaware, et un antivirus.
0
Réponse 2 / 27
Utilisateur anonyme
 
Salut-,

Désactive le « contrôle des comptes utilisateurs = UAC »
(tu le réactiveras après ta désinfection): Ne pas oublier !!
Désactiver l'UAC est nécessaire pour pouvoir faire fonctionner certains programmes sous Vista.
- Vas dans Démarrer puis panneau de configuration
- Double Clique sur l'icône "Comptes d'utilisateurs"
- Clique ensuite sur désactiver et valide.
comment désactiver L'UAC

▶ Télécharge hijackthis

▶ Enregistre la cible sous .... "le bureau"

▶ Fais un double-clic sur "HJTInstall.exe" afin de lancer l'installation

▶ Clique sur Install ensuite sur "I Accept"

▶ Clique sur" Do a scan system and save log file"

▶ Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse

▶ Tuto hijackthis(Merci à Balltrap34)

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
0
Réponse 3 / 27
lilly17 Messages postés 137 Date d'inscription   Statut Membre Dernière intervention   10
 
Voila le rapport:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:54:20, on 28/01/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Users\mickey\AppData\Roaming\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Live\Family Safety\fsui.exe
C:\Program Files\EoRezo\EoEngine.exe
C:\Users\mickey\Program Files\DNA\btdna.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\System32\rundll32.exe
C:\Users\mickey\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Program Files\Apoint2K\Apntex.exe
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://y.lo.st
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Smart-Shopper - {4A7C84E2-E95C-43C6-8DD3-03ABCD0EB60E} - C:\Program Files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EoBHO - {C7B76B90-3455-4AE6-A752-EAC4D19689E5} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe
O4 - HKLM\..\Run: [SetPanel] C:\Acer\APanel\APanel.cmd
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe"
O4 - HKLM\..\RunOnce: [SoftwareHelper] C:\Users\mickey\AppData\Roaming\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe -runonce
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\mickey\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [Spn2006] C:\Spn\edt.exe stw
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: SmartShopper - Compare product prices - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} - C:\Program Files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll
O9 - Extra button: SmartShopper - Compare travel rates - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - C:\Program Files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.eu/Register/Branding/olr3313/OCX/v1018/flashax.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: eNetHook.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Seekeen Service - Unknown owner - C:\Program Files\Seekeen\seekeen.exe (file missing)
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
0
Réponse 4 / 27
Utilisateur anonyme
 
Re,

Désactive l'UAC de vista comme indiquer ensuite pour exécuter les outils qui vont te désinfecter tu clic droit et "exécute en tant qu'administrateur".

▶ Télécharges AD-Remover ( de Cyrildu17 / C_XX ) sur ton bureau :


/!\ Déconnectes toi et fermes toutes applications en cours/!\

● Double clique sur le programme d'installation , et installe le dans son emplacement par défaut. ( C:\Program files )
● Double clique sur l'icône Ad-removersituée sur ton bureau
● Au menu principal choisi l'option "A"
● Postes le rapport qui apparait à la fin .

( le rapport est sauvegardé aussi sous C:\Ad-report(date).log )

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

Note :

"Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 27
lilly17 Messages postés 137 Date d'inscription   Statut Membre Dernière intervention   10
 
Voila le rapport ad-remover:

------- LOGFILE OF AD-REMOVER 1.0.9.3 | ONLY XP/VISTA -------

Updated by C_XX on 17/01/2009 at 12:00

Start at: 12:02:10 | Wed 28/01/2009 | Microsoft® Windows Vista™ Home Premium SP1 (V6.0.6001)
Boot mode: Normal
Option: SCAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Pc: PC-DE-MICKEY | User: mickey ( Current user is an administrator)
Drive(s):
- C:\ (File System: NTFS)
- D:\ (File System: NTFS)
- E:\ (File System: NTFS)
System Drive: C:\
Windows Directory: C:\Windows\
System Directory: C:\Windows\System32\

--- Running Processes: 83

+--------------------| Boonty/Boonty Games Elements Found :

.
HKCU\SOFTWARE\Boonty
HKLM\Software\Boonty
HKLM\SYSTEM\ControlSet001\Services\Boonty Games
HKLM\SYSTEM\ControlSet002\Services\Boonty Games
HKLM\SYSTEM\CurrentControlSet\Services\Boonty Games
.
C:\Boonty
C:\Boonty\Components
C:\Boonty\Games
C:\Boonty\Games\actionball2{330540}.exe
C:\Boonty\Games\farmfrenzy2{372474}.exe
C:\Program Files\BoontyGames
C:\Program Files\BoontyGames\Components
C:\Program Files\BoontyGames\Components\Joystick.ico
C:\Program Files\BoontyGames\Components\start.url
C:\Program Files\Common Files\BOONTY Shared
C:\Program Files\Common Files\BOONTY Shared\Service
C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
C:\ProgramData\BOONTY
C:\ProgramData\BOONTY\Licenses
C:\ProgramData\BOONTY\Licenses\B5B11000.dat
C:\ProgramData\BOONTY\Licenses\B8360000.dat
C:\ProgramData\Microsoft\Windows\STartm~1\Programs\BoontyGames
C:\ProgramData\Microsoft\Windows\STartm~1\Programs\BoontyGames\ Jeux … t‚l‚charger.url

+--------------------| Eorezo Elements Found :

Process: "EOENGINE.EXE" [PID:~3736]
Process: "SOFTWAREUPDATEHP.EXE" [PID:~2304]
.
HKCR\CLSID\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
HKCR\EoRezoBHO.EoBho
HKCR\EoRezoBHO.EoBho.1
HKCU\SOFTWARE\EoRezo
HKLM\SOFTWARE\EoRezo
HKLM\SOFTWARE\Classes\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}
HKLM\SOFTWARE\Classes\AppID\EoRezoBHO.DLL
HKLM\SOFTWARE\Classes\CLSID\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
HKLM\SOFTWARE\Classes\TypeLib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eoEngine_is1
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\EOENGINE
.
C:\Program Files\EoRezo
C:\Program Files\EoRezo\ConfMedia.cyp
C:\Program Files\EoRezo\EoAdv
C:\Program Files\EoRezo\EoEngine.exe
C:\Program Files\EoRezo\eoEngine.url
C:\Program Files\EoRezo\EoMultiLanguage.dll
C:\Program Files\EoRezo\EoRezoComm.dll
C:\Program Files\EoRezo\EoRezoImg_17.dll
C:\Program Files\EoRezo\EoRezoImg_19.dll
C:\Program Files\EoRezo\EoRezoImg_20.dll
C:\Program Files\EoRezo\EoRezoImg_21.dll
C:\Program Files\EoRezo\EoRezoImg_22.dll
C:\Program Files\EoRezo\EoRezoImg_23.dll
C:\Program Files\EoRezo\EoRezoTools_16.dll
C:\Program Files\EoRezo\EoRezoTools_17.dll
C:\Program Files\EoRezo\EoRezoTools_18.dll
C:\Program Files\EoRezo\EoRezoTools_20.dll
C:\Program Files\EoRezo\EoRezoTools_21.dll
C:\Program Files\EoRezo\EoRezoTools_26.dll
C:\Program Files\EoRezo\EoRezoTools_27.dll
C:\Program Files\EoRezo\EoRezoTools_28.dll
C:\Program Files\EoRezo\EoRezoTools_29.dll
C:\Program Files\EoRezo\FreeImage.dll
C:\Program Files\EoRezo\Host.cyp
C:\Program Files\EoRezo\lang
C:\Program Files\EoRezo\MngInstaller.dll
C:\Program Files\EoRezo\unins000.dat
C:\Program Files\EoRezo\unins000.exe
C:\Program Files\EoRezo\user.cyp
C:\Program Files\EoRezo\EoAdv\atl90.dll
C:\Program Files\EoRezo\EoAdv\EoAdv.dll
C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll
C:\Program Files\EoRezo\EoAdv\mfc90.dll
C:\Program Files\EoRezo\EoAdv\Microsoft.VC90.ATL.manifest
C:\Program Files\EoRezo\EoAdv\Microsoft.VC90.CRT.manifest
C:\Program Files\EoRezo\EoAdv\Microsoft.VC90.MFC.manifest
C:\Program Files\EoRezo\EoAdv\msvcr90.dll
C:\Program Files\EoRezo\lang\ihm_eoclock.xml
C:\Program Files\EoRezo\lang\ihm_eoengine.xml
C:\Program Files\EoRezo\lang\ihm_eonet.xml
C:\Program Files\EoRezo\lang\ihm_eorezotools.xml
C:\Program Files\EoRezo\lang\ihm_eosudoku.xml
C:\Program Files\EoRezo\lang\ihm_eoweather.xml
C:\Program Files\EoRezo\lang\lang_en.xml
C:\Program Files\EoRezo\lang\lang_es.xml
C:\Program Files\EoRezo\lang\lang_fr.xml
C:\Program Files\EoRezo\lang\lang_it.xml
C:\Users\mickey\AppData\Roaming\EoRezo
C:\Users\mickey\AppData\Roaming\EoRezo\cmhost.cyp
C:\Users\mickey\AppData\Roaming\EoRezo\ConfMedia.cyp
C:\Users\mickey\AppData\Roaming\EoRezo\db
C:\Users\mickey\AppData\Roaming\EoRezo\eoDesktop
C:\Users\mickey\AppData\Roaming\EoRezo\eoStats
C:\Users\mickey\AppData\Roaming\EoRezo\host.cyp
C:\Users\mickey\AppData\Roaming\EoRezo\SoftwareUpdate
C:\Users\mickey\AppData\Roaming\EoRezo\user.cyp
C:\Users\mickey\AppData\Roaming\EoRezo\db\cat.cyp
C:\Users\mickey\AppData\Roaming\EoRezo\eoDesktop\config.xml
C:\Users\mickey\AppData\Roaming\EoRezo\eoDesktop\eoDesktop.html
C:\Users\mickey\AppData\Roaming\EoRezo\eoDesktop\userConfig.xml
C:\Users\mickey\AppData\Roaming\EoRezo\eoStats\eoStats.txt
C:\Users\mickey\AppData\Roaming\EoRezo\SoftwareUpdate\SoftwareUpdate.exe
C:\Users\mickey\AppData\Roaming\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
C:\Users\mickey\AppData\Roaming\EoRezo\SoftwareUpdate\unins000.dat
C:\Users\mickey\AppData\Roaming\EoRezo\SoftwareUpdate\unins000.exe
C:\Users\mickey\AppData\Roaming\EoRezo\SoftwareUpdate\user_config.cyp
C:\Users\mickey\AppData\Roaming\EoRezo\SoftwareUpdate\user_profil.cyp
C:\Users\mickey\AppData\Roaming\Microsoft\Windows\Cookies\mickey@eorezo[1].txt

+--------------------| Everest Casino/Everest Poker Elements Found :

.
.

+--------------------| Funwebproducts/Myway/Mywebsearch/Myglobalsearch Elements Found :

.
.

+--------------------| It's TV Elements Found :

.

+--------------------| Sweetim Elements Found :

.
HKCU\SOFTWARE\SweetIM
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
HKLM\SOFTWARE\SweetIM
HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\INTERNETREGISTRY\REGISTRY\USER\S-1-5-21-2853232444-1660623977-3844608242-1000\SOFTWARE\SWEETIM
.
C:\Users\mickey\AppData\Roaming\Mozilla\Firefox\Profiles\elcd4qjb.default\searchplugins\sweetim.xml
C:\Users\mickey\AppData\Roaming\Mozilla\Firefox\Profiles\elcd4qjb.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
C:\Users\mickey\AppData\Roaming\Mozilla\Firefox\Profiles\elcd4qjb.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome
C:\Users\mickey\AppData\Roaming\Mozilla\Firefox\Profiles\elcd4qjb.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome.manifest
C:\Users\mickey\AppData\Roaming\Mozilla\Firefox\Profiles\elcd4qjb.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\components
C:\Users\mickey\AppData\Roaming\Mozilla\Firefox\Profiles\elcd4qjb.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\install.rdf
C:\Users\mickey\AppData\Roaming\Mozilla\Firefox\Profiles\elcd4qjb.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\META-INF
C:\Users\mickey\AppData\Roaming\Mozilla\Firefox\Profiles\elcd4qjb.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar.jar
C:\Users\mickey\AppData\Roaming\Mozilla\Firefox\Profiles\elcd4qjb.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\components\SIMAutoCompleteSearch.js
C:\Users\mickey\AppData\Roaming\Mozilla\Firefox\Profiles\elcd4qjb.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\META-INF\manifest.mf
C:\Users\mickey\AppData\Roaming\Mozilla\Firefox\Profiles\elcd4qjb.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\META-INF\zigbert.rsa
C:\Users\mickey\AppData\Roaming\Mozilla\Firefox\Profiles\elcd4qjb.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\META-INF\zigbert.sf
C:\Users\mickey\AppData\Roaming\Mozilla\Firefox\Profiles\elcd4qjb.default\SweetIMToolbarData
C:\Users\mickey\AppData\Roaming\Mozilla\Firefox\Profiles\elcd4qjb.default\SweetIMToolbarData\logs

+--------------------| Added Scan :


+---------- SCANNING PREFS.JS ... ( # Mozilla user preferences )

..\elcd4qjb.default\prefs.js :

~~~~ MOZILLA FIREFOX VERSION 3.0.5 ~~~~

* BROWSER SEARCH DEFAULT ENGINE: "SweetIM Search"
* BROWSER SEARCH DEFAULT ENGINE: "chrome://browser-region/locale/region.properties"
* BROWSER SEARCH SELECTED ENGINE: "Live Search"
* BROWSER SEARCH SELECTED ENGINE: "DAEMON Search"
* BROWSER SEARCH DEFAULT URL: "https://search.sweetim.com/search.asp?src=2&q="
* BROWSER STARTUP HOMEPAGE: "https://www.google.fr/?gws_rd=ssl"
* BROWSER STARTUP HOMEPAGE: "https://www.google.fr/?gws_rd=ssl"

.
FOUND - user_pref("browser.search.defaultenginename", "SweetIM Search");
FOUND - user_pref("browser.search.defaulturl", "https://search.sweetim.com/search.asp?src=2&q=");
FOUND - user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
FOUND - user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
FOUND - user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
FOUND - user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
FOUND - user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
FOUND - user_pref("sweetim.toolbar.mode.debug", "false");
FOUND - user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "chrome://browser-region/locale/region.properties");
FOUND - user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "DAEMON Search");
FOUND - user_pref("sweetim.toolbar.previous.browser.startup.homepage", "https://www.google.fr/?gws_rd=ssl");
FOUND - user_pref("sweetim.toolbar.previous.keyword.URL", "chrome://browser-region/locale/region.properties");
FOUND - user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"http://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"https://search.yahoo.com/*\" param=\"p=\" /><EXTERNAL_SEARCH engine=\"http://search.sweetim.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"http://*.live.*/*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"http://*youtube.com/\" param=\"search_query=\" /><EXTERNAL_SEARCH engine=\"http://*.ebay.*/search/*\" param=\"satitle=\" /><EXTERNAL_SEARCH engine=\"http://*.amazon.com/s/*\" param=\"field-keywords=\" /></TOOLBAR>");
FOUND - user_pref("sweetim.toolbar.search.history.capacity", "10");
FOUND - user_pref("sweetim.toolbar.simapp_id", "{BFB57000-A2A7-11DD-B77A-B9F37E0BBA7D}");
FOUND - user_pref("sweetim.toolbar.urls.homepage", "https://home.sweetim.com/");
FOUND - user_pref("sweetim.toolbar.version", "1.0.0.6");

+---------------------------------------------------------------------------+


~~~~ INTERNET EXPLORER VERSION 7.0.6001.18000 ~~~~

+--[HKEY_CURRENT_USER\..\INTERNET EXPLORER\MAIN]

Start page : hxxp://y.lo.st
Start page : hxxp://www.google.fr/

+--[HKEY_LOCAL_MACHINE\..\INTERNET EXPLORER\MAIN]

Start page : hxxp://fr.yahoo.com

+---------------------------------------------------------------------------+

[~11381 BYTES] - "C:\AD-REPORT-SCAN-28.01.2009.LOG"

End at: 12:02:49 | 28/01/2009 - Time elapsed: 39.3 seconds

+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 194 Lines ]
+---------------------------------------------------------------------------+
0
Réponse 6 / 27
Utilisateur anonyme
 
Re,

/!\ Déconnectes toi et fermes toutes applications en cours /!\

▶ Relances "Ad-remover" : au menu principal choisi l'option "B" .

http://apu.mabul.org/up/apu/2008/11/19/img-221318q2g03.jpg

Il faut taper un chiffre et valider systématiquement celui-ci par ENTREE.

▶ Ensuite:

Boonty Puis tape 1 et "entrer".
Eorezo Puis tape 2 et "entrer".
Sweetim Puis tape 6 et "entrer".


▶ Puis "S"

▶ le programme va travailler ...

▶ Postes le rapport qui apparait à la fin + un nouvel Hijackthis pour analyse ...

( le rapport est sauvegardé aussi sous C:\Ad-report.log )

/!\ Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides) /!\
0
Réponse 7 / 27
lilly17 Messages postés 137 Date d'inscription   Statut Membre Dernière intervention   10
 
J'ai fait comme tu ma dit mais rien ne se passe?...
0
Réponse 8 / 27
Utilisateur anonyme
 
Re,

Laisse travailler l'outil tu as bien taper les lettres et a chaque fois taper entrer ?
0
Réponse 9 / 27
lilly17 Messages postés 137 Date d'inscription   Statut Membre Dernière intervention   10
 
Oui ..Bon je recommence
0
Réponse 10 / 27
Utilisateur anonyme
 
Re,

OKI!!
0
Réponse 11 / 27
lilly17 Messages postés 137 Date d'inscription   Statut Membre Dernière intervention   10
 
Voila le nouveau rapport(j'avais remis le compte d'utilisateur actif c'est pour ça que rien ne ce passer).ops..

------- LOGFILE OF AD-REMOVER 1.0.9.3 | ONLY XP/VISTA -------

Updated by C_XX on 17/01/2009 at 12:00

*** LIMITED TO ***

Boonty/Boontygames
Eorezo
Sweetim

******************

Start at: 12:33:12 | Wed 28/01/2009 | Microsoft® Windows Vista™ Home Premium SP1 (V6.0.6001)
Boot mode: Normal
Option: CLEAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Pc: PC-DE-MICKEY | User: mickey ( Current user is an administrator)
Drive(s):
- C:\ (File System: NTFS)
- D:\ (File System: NTFS)
- E:\ (File System: NTFS)
System Drive: C:\
Windows Directory: C:\Windows\
System Directory: C:\Windows\System32\

--- Running Processes: 82

(!) ---- IE start pages reset

+--------------------| Boonty/Boonty Games Elements Deleted :

.
HKCU\SOFTWARE\Boonty
HKLM\Software\Boonty
HKLM\SYSTEM\ControlSet001\Services\Boonty Games
HKLM\SYSTEM\ControlSet002\Services\Boonty Games
.
C:\Boonty
C:\ProgramData\BOONTY
C:\Users\All Users\BOONTY
C:\Program Files\BoontyGames
C:\Program Files\Common Files\BOONTY Shared
C:\ProgramData\Microsoft\Windows\STartm~1\Programs\BoontyGames

+--------------------| Eorezo Elements Deleted :

Process: "EOENGINE.EXE" [PID:~2520]
Process: "SOFTWAREUPDATEHP.EXE" [PID:~612]
.
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\EOENGINE
HKCR\CLSID\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
HKCR\EoRezoBHO.EoBho
HKCR\EoRezoBHO.EoBho.1
HKCU\SOFTWARE\EoRezo
HKLM\SOFTWARE\EoRezo
HKLM\SOFTWARE\Classes\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}
HKLM\SOFTWARE\Classes\AppID\EoRezoBHO.DLL
HKLM\SOFTWARE\Classes\TypeLib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eoEngine_is1
.
C:\Program Files\EoRezo
C:\Users\mickey\AppData\Roaming\EoRezo
C:\Users\mickey\AppData\Roaming\Microsoft\Windows\Cookies\mickey@eorezo[1].txt

+--------------------| Sweetim Elements Deleted :

.
HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\INTERNETREGISTRY\REGISTRY\USER\S-1-5-21-2853232444-1660623977-3844608242-1000\SOFTWARE\SWEETIM
HKCU\SOFTWARE\SweetIM
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
HKLM\SOFTWARE\SweetIM
.
C:\Users\mickey\AppData\Roaming\Mozilla\Firefox\Profiles\elcd4qjb.default\searchplugins\sweetim.xml
C:\Users\mickey\AppData\Roaming\Mozilla\Firefox\Profiles\elcd4qjb.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
C:\Users\mickey\AppData\Roaming\Mozilla\Firefox\Profiles\elcd4qjb.default\SweetIMToolbarData

(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives.


+--------------------| Added Scan :


+---------- SCANNING PREFS.JS ... ( # MOZILLA USER PREFERENCES )

..\elcd4qjb.default\prefs.js :

~~~~ MOZILLA FIREFOX VERSION 3.0.5 ~~~~

* BROWSER SEARCH DEFAULT ENGINE: "SweetIM Search"
* BROWSER SEARCH DEFAULT ENGINE: "chrome://browser-region/locale/region.properties"
* BROWSER SEARCH SELECTED ENGINE: "Live Search"
* BROWSER SEARCH SELECTED ENGINE: "DAEMON Search"
* BROWSER SEARCH DEFAULT URL: "https://search.sweetim.com/search.asp?src=2&q="
* BROWSER STARTUP HOMEPAGE: "https://www.google.fr/?gws_rd=ssl"
* BROWSER STARTUP HOMEPAGE: "https://www.google.fr/?gws_rd=ssl"

.
REMOVED - user_pref("browser.search.defaultenginename", "SweetIM Search");
REMOVED - user_pref("browser.search.defaulturl", "https://search.sweetim.com/search.asp?src=2&q=");
REMOVED - user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
REMOVED - user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
REMOVED - user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
REMOVED - user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
REMOVED - user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
REMOVED - user_pref("sweetim.toolbar.mode.debug", "false");
REMOVED - user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "chrome://browser-region/locale/region.properties");
REMOVED - user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "DAEMON Search");
REMOVED - user_pref("sweetim.toolbar.previous.browser.startup.homepage", "https://www.google.fr/?gws_rd=ssl");
REMOVED - user_pref("sweetim.toolbar.previous.keyword.URL", "chrome://browser-region/locale/region.properties");
REMOVED - user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"http://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"https://search.yahoo.com/*\" param=\"p=\" /><EXTERNAL_SEARCH engine=\"http://search.sweetim.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"http://*.live.*/*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"http://*youtube.com/\" param=\"search_query=\" /><EXTERNAL_SEARCH engine=\"http://*.ebay.*/search/*\" param=\"satitle=\" /><EXTERNAL_SEARCH engine=\"http://*.amazon.com/s/*\" param=\"field-keywords=\" /></TOOLBAR>");
REMOVED - user_pref("sweetim.toolbar.search.history.capacity", "10");
REMOVED - user_pref("sweetim.toolbar.simapp_id", "{BFB57000-A2A7-11DD-B77A-B9F37E0BBA7D}");
REMOVED - user_pref("sweetim.toolbar.urls.homepage", "https://home.sweetim.com/");
REMOVED - user_pref("sweetim.toolbar.version", "1.0.0.6");

+---------------------------------------------------------------------------+


~~~~ INTERNET EXPLORER VERSION 7.0.6001.18000 ~~~~

+--[HKEY_CURRENT_USER\..\INTERNET EXPLORER\MAIN]

Start page : hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Start page : hxxp://www.google.fr/

+--[HKEY_LOCAL_MACHINE\..\INTERNET EXPLORER\MAIN]

Start page : hxxp://fr.msn.com/

+---------------------------------------------------------------------------+

[~6113 BYTES] - "C:\AD-REPORT-CLEAN-28.01.2009.LOG"
[~11715 BYTES] - "C:\AD-REPORT-SCAN-28.01.2009.LOG"

End at: 12:36:20 | 28/01/2009 - Time elapsed: 3 minutes, 7 seconds

+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 104 Lines ]
+---------------------------------------------------------------------------+
0
Réponse 12 / 27
Utilisateur anonyme
 
Re,


==>>Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.<<===


!! Déconnectes toi et fermes toute tes applications en cours le temps de la manipe !!

▶ Double-cliques sur l'.exe pour lancer l'installe et laisses toi guider ...

▶ Une fois fait, cliques sur le raccourci créé sur ton bureau pour lancer l'outil .

▶ Choisis l'option 1 ( "recherche") et tapes "entrée" .

▶Une fois le scan finit , un rapport va apparaître, copie/colles l'intégralité
de son contenu dans ta prochaine réponse ...

( le rapport est en outre sauvegardé ici -> C:\TB.txt )

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.


Tutoriel Toolbard-S&D
0
Réponse 13 / 27
lilly17 Messages postés 137 Date d'inscription   Statut Membre Dernière intervention   10
 
Voila le rapport:

------- LOGFILE OF AD-REMOVER 1.0.9.3 | ONLY XP/VISTA -------

Updated by C_XX on 17/01/2009 at 12:00

*** LIMITED TO ***

Boonty/Boontygames
Eorezo
Sweetim

******************

Start at: 12:33:12 | Wed 28/01/2009 | Microsoft® Windows Vista™ Home Premium SP1 (V6.0.6001)
Boot mode: Normal
Option: CLEAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Pc: PC-DE-MICKEY | User: mickey ( Current user is an administrator)
Drive(s):
- C:\ (File System: NTFS)
- D:\ (File System: NTFS)
- E:\ (File System: NTFS)
System Drive: C:\
Windows Directory: C:\Windows\
System Directory: C:\Windows\System32\

--- Running Processes: 82

(!) ---- IE start pages reset

+--------------------| Boonty/Boonty Games Elements Deleted :

.
HKCU\SOFTWARE\Boonty
HKLM\Software\Boonty
HKLM\SYSTEM\ControlSet001\Services\Boonty Games
HKLM\SYSTEM\ControlSet002\Services\Boonty Games
.
C:\Boonty
C:\ProgramData\BOONTY
C:\Users\All Users\BOONTY
C:\Program Files\BoontyGames
C:\Program Files\Common Files\BOONTY Shared
C:\ProgramData\Microsoft\Windows\STartm~1\Programs\BoontyGames

+--------------------| Eorezo Elements Deleted :

Process: "EOENGINE.EXE" [PID:~2520]
Process: "SOFTWAREUPDATEHP.EXE" [PID:~612]
.
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\EOENGINE
HKCR\CLSID\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
HKCR\EoRezoBHO.EoBho
HKCR\EoRezoBHO.EoBho.1
HKCU\SOFTWARE\EoRezo
HKLM\SOFTWARE\EoRezo
HKLM\SOFTWARE\Classes\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}
HKLM\SOFTWARE\Classes\AppID\EoRezoBHO.DLL
HKLM\SOFTWARE\Classes\TypeLib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eoEngine_is1
.
C:\Program Files\EoRezo
C:\Users\mickey\AppData\Roaming\EoRezo
C:\Users\mickey\AppData\Roaming\Microsoft\Windows\Cookies\mickey@eorezo[1].txt

+--------------------| Sweetim Elements Deleted :

.
HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\INTERNETREGISTRY\REGISTRY\USER\S-1-5-21-2853232444-1660623977-3844608242-1000\SOFTWARE\SWEETIM
HKCU\SOFTWARE\SweetIM
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
HKLM\SOFTWARE\SweetIM
.
C:\Users\mickey\AppData\Roaming\Mozilla\Firefox\Profiles\elcd4qjb.default\searchplugins\sweetim.xml
C:\Users\mickey\AppData\Roaming\Mozilla\Firefox\Profiles\elcd4qjb.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
C:\Users\mickey\AppData\Roaming\Mozilla\Firefox\Profiles\elcd4qjb.default\SweetIMToolbarData

(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives.


+--------------------| Added Scan :


+---------- SCANNING PREFS.JS ... ( # MOZILLA USER PREFERENCES )

..\elcd4qjb.default\prefs.js :

~~~~ MOZILLA FIREFOX VERSION 3.0.5 ~~~~

* BROWSER SEARCH DEFAULT ENGINE: "SweetIM Search"
* BROWSER SEARCH DEFAULT ENGINE: "chrome://browser-region/locale/region.properties"
* BROWSER SEARCH SELECTED ENGINE: "Live Search"
* BROWSER SEARCH SELECTED ENGINE: "DAEMON Search"
* BROWSER SEARCH DEFAULT URL: "https://search.sweetim.com/search.asp?src=2&q="
* BROWSER STARTUP HOMEPAGE: "https://www.google.fr/?gws_rd=ssl"
* BROWSER STARTUP HOMEPAGE: "https://www.google.fr/?gws_rd=ssl"

.
REMOVED - user_pref("browser.search.defaultenginename", "SweetIM Search");
REMOVED - user_pref("browser.search.defaulturl", "https://search.sweetim.com/search.asp?src=2&q=");
REMOVED - user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
REMOVED - user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
REMOVED - user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
REMOVED - user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
REMOVED - user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
REMOVED - user_pref("sweetim.toolbar.mode.debug", "false");
REMOVED - user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "chrome://browser-region/locale/region.properties");
REMOVED - user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "DAEMON Search");
REMOVED - user_pref("sweetim.toolbar.previous.browser.startup.homepage", "https://www.google.fr/?gws_rd=ssl");
REMOVED - user_pref("sweetim.toolbar.previous.keyword.URL", "chrome://browser-region/locale/region.properties");
REMOVED - user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"http://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"https://search.yahoo.com/*\" param=\"p=\" /><EXTERNAL_SEARCH engine=\"http://search.sweetim.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"http://*.live.*/*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"http://*youtube.com/\" param=\"search_query=\" /><EXTERNAL_SEARCH engine=\"http://*.ebay.*/search/*\" param=\"satitle=\" /><EXTERNAL_SEARCH engine=\"http://*.amazon.com/s/*\" param=\"field-keywords=\" /></TOOLBAR>");
REMOVED - user_pref("sweetim.toolbar.search.history.capacity", "10");
REMOVED - user_pref("sweetim.toolbar.simapp_id", "{BFB57000-A2A7-11DD-B77A-B9F37E0BBA7D}");
REMOVED - user_pref("sweetim.toolbar.urls.homepage", "https://home.sweetim.com/");
REMOVED - user_pref("sweetim.toolbar.version", "1.0.0.6");

+---------------------------------------------------------------------------+


~~~~ INTERNET EXPLORER VERSION 7.0.6001.18000 ~~~~

+--[HKEY_CURRENT_USER\..\INTERNET EXPLORER\MAIN]

Start page : hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Start page : hxxp://www.google.fr/

+--[HKEY_LOCAL_MACHINE\..\INTERNET EXPLORER\MAIN]

Start page : hxxp://fr.msn.com/

+---------------------------------------------------------------------------+

[~6113 BYTES] - "C:\AD-REPORT-CLEAN-28.01.2009.LOG"
[~11715 BYTES] - "C:\AD-REPORT-SCAN-28.01.2009.LOG"

End at: 12:36:20 | 28/01/2009 - Time elapsed: 3 minutes, 7 seconds

+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 104 Lines ]
+---------------------------------------------------------------------------+


-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T5450 @ 1.66GHz )
BIOS : Default System BIOS
USER : mickey ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1290 [VPS 081124-0] 4.8.1290 (Activated)
C:\ (Local Disk) - NTFS - Total:111 Go (Free:27 Go)
D:\ (Local Disk) - NTFS - Total:232 Go (Free:102 Go)
E:\ (Local Disk) - NTFS - Total:111 Go (Free:69 Go)
F:\ (CD or DVD)
G:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 28/01/2009|12:47 )

[ UAC => 1 ]

-----------\\ Recherche de Fichiers / Dossiers ...

C:\Program Files\DAEMON Tools Toolbar
C:\Program Files\DAEMON Tools Toolbar\_DTLite.xml
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\SmartShopper
C:\Program Files\Smart-Shopper
C:\Program Files\Smart-Shopper\Bin
C:\Program Files\Smart-Shopper\Uninst.exe
C:\Program Files\Smart-Shopper\Bin\2.5.1
C:\Program Files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll
C:\Windows\iun6002.exe

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Local Page"="C:\\Windows\\system32\\blank.htm"
"SearchMigratedDefaultURL"="https://search.yahoo.com/web{searchTerms}&ei=utf-8&fr=b1ie7"
"Search Bar"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Default_search_url"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Default_page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Url"="https://www.msn.com/fr-fr/actualite/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr"
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search bar"="http://www.bing.com/spresults.aspx"


--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\mickey\AppData\Roaming\BitTorrent\Fast_Times_At_Deep_Crack_High_1_XXX_Teen_Porn_Sex.torrent
C:\Users\mickey\AppData\Roaming\BitTorrent\Need.for.Speed.Undercover.Keygen.and Crack-RELOADED.torrent
C:\Users\mickey\Desktop\b\nfs\Crack
C:\Users\mickey\Desktop\b\nfs\Crack\nfs.exe
C:\Users\mickey\Desktop\b\nfs\Crack\NOTICE.TXT
C:\Users\mickey\Desktop\b\nfs\Crack\rld-nfsk.exe
C:\Users\mickey\Desktop\b\Nouveau dossier (2)\Crack
C:\Users\mickey\Desktop\b\Nouveau dossier (2)\Crack\PopCap Zuma Deluxe! v1.0 (crack).zip


[ UAC => 1 ]


1 - "C:\ToolBar SD\TB_1.txt" - 28/01/2009|12:44 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 28/01/2009|12:47 - Option : [1]

-----------\\ Fin du rapport a 12:47:20,18
0
Réponse 14 / 27
Utilisateur anonyme
 
Re,

Vire tes cracks et autres keygens qui sont source d'infection: 

C:\Users\mickey\AppData\Roaming\BitTorrent\Fast_Times_At_Deep_Crack_High_1_XXX_Teen_Porn_Sex.torrent
C:\Users\mickey\AppData\Roaming\BitTorrent\Need.for.Speed.Undercover.Keygen.and Crack-RELOADED.torrent
C:\Users\mickey\Desktop\b\nfs\Crack
C:\Users\mickey\Desktop\b\nfs\Crack\nfs.exe
C:\Users\mickey\Desktop\b\nfs\Crack\NOTICE.TXT
C:\Users\mickey\Desktop\b\nfs\Crack\rld-nfsk.exe
C:\Users\mickey\Desktop\b\Nouveau dossier (2)\Crack
C:\Users\mickey\Desktop\b\Nouveau dossier (2)\Crack\PopCap Zuma Deluxe! v1.0 (crack).zip


Maintenant fait ce qui suit:

▶ Nettoyage avec ToolBar S&D :

!! Déconnectes toi et fermes toute tes applications en cours le temps de la manipe !!

▶Relances Toolbar-S&D en double-cliquant sur le raccourci.

▶ Tapes sur l'option 2 ( "nettoyage" ) puis tapes sur "Entrée".

Note : Ne touches à rien lors de la suppression !!

▶ Un rapport sera généré à la fin du processus : postes son contenu dans ta prochaine réponse

▶ Accompagné d'un nouveau rapport hijackthis pour analyse ...

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
0
Réponse 15 / 27
lilly17 Messages postés 137 Date d'inscription   Statut Membre Dernière intervention   10
 
Quand je vais dans (C) je n'ai pas users?..
0
Réponse 16 / 27
Utilisateur anonyme
 
Re,

Fait toolbard S&D.option 2
0
Réponse 17 / 27
lilly17 Messages postés 137 Date d'inscription   Statut Membre Dernière intervention   10
 
C'est fait voici le rapport:

-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T5450 @ 1.66GHz )
BIOS : Default System BIOS
USER : mickey ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1290 [VPS 081124-0] 4.8.1290 (Activated)
C:\ (Local Disk) - NTFS - Total:111 Go (Free:27 Go)
D:\ (Local Disk) - NTFS - Total:232 Go (Free:102 Go)
E:\ (Local Disk) - NTFS - Total:111 Go (Free:69 Go)
F:\ (CD or DVD)
G:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 28/01/2009|13:01 )

[ UAC => 1 ]

-----------\\ SUPPRESSION

Supprime! - C:\Program Files\DAEMON Tools Toolbar\_DTLite.xml
Supprime! - C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\SmartShopper
Supprime! - C:\Program Files\Smart-Shopper\Bin
Supprime! - C:\Program Files\Smart-Shopper\Uninst.exe
Supprime! - C:\Windows\iun6002.exe
Supprime! - C:\Program Files\DAEMON Tools Toolbar
Supprime! - C:\Program Files\Smart-Shopper

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Local Page"="C:\\Windows\\system32\\blank.htm"
"SearchMigratedDefaultURL"="https://search.yahoo.com/web{searchTerms}&ei=utf-8&fr=b1ie7"
"Search Bar"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Default_search_url"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Default_page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Url"="https://www.msn.com/fr-fr/actualite/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/"
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search bar"="http://www.bing.com/spresults.aspx"


--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\mickey\AppData\Roaming\BitTorrent\Fast_Times_At_Deep_Crack_High_1_XXX_Teen_Porn_Sex.torrent
C:\Users\mickey\AppData\Roaming\BitTorrent\Need.for.Speed.Undercover.Keygen.and Crack-RELOADED.torrent
C:\Users\mickey\Desktop\b\nfs\Crack
C:\Users\mickey\Desktop\b\nfs\Crack\nfs.exe
C:\Users\mickey\Desktop\b\nfs\Crack\NOTICE.TXT
C:\Users\mickey\Desktop\b\nfs\Crack\rld-nfsk.exe
C:\Users\mickey\Desktop\b\Nouveau dossier (2)\Crack
C:\Users\mickey\Desktop\b\Nouveau dossier (2)\Crack\PopCap Zuma Deluxe! v1.0 (crack).zip


[ UAC => 1 ]


1 - "C:\ToolBar SD\TB_1.txt" - 28/01/2009|12:44 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 28/01/2009|12:47 - Option : [1]
3 - "C:\ToolBar SD\TB_3.txt" - 28/01/2009|13:02 - Option : [2]

-----------\\ Fin du rapport a 13:02:23,53
0
Réponse 18 / 27
Utilisateur anonyme
 
Re,

---> Télécharge OTMoveIt3 (OldTimer) sur ton Bureau :
http://oldtimer.geekstogo.com/OTMoveIt3.exe

---> Double-clique sur OTMoveIt3.exe afin de le lancer.

---> Copie (Ctrl+C) le texte suivant en gras ci-dessous :

:files
C:\Users\mickey\AppData\Roaming\BitTorrent\Fast_Times_At_Deep_Crack_High_1_XXX_Teen_Porn_Sex.torrent
C:\Users\mickey\AppData\Roaming\BitTorrent\Need.for.Speed.Undercover.Keygen.and Crack-RELOADED.torrent
C:\Users\mickey\Desktop\b\nfs\Crack
C:\Users\mickey\Desktop\b\nfs\Crack\nfs.exe
C:\Users\mickey\Desktop\b\nfs\Crack\NOTICE.TXT
C:\Users\mickey\Desktop\b\nfs\Crack\rld-nfsk.exe
C:\Users\mickey\Desktop\b\Nouveau dossier (2)\Crack
C:\Users\mickey\Desktop\b\Nouveau dossier (2)\Crack\PopCap Zuma Deluxe! v1.0 (crack).zip

:commands
[purity]
[emptytemp]
[start explorer]



---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
0
Réponse 19 / 27
lilly17 Messages postés 137 Date d'inscription   Statut Membre Dernière intervention   10
 
Voila:
========== FILES ==========
C:\Users\mickey\AppData\Roaming\BitTorrent\Fast_Times_At_Deep_Crack_High_1_XXX_Teen_Porn_Sex.torrent moved successfully.
C:\Users\mickey\AppData\Roaming\BitTorrent\Need.for.Speed.Undercover.Keygen.and Crack-RELOADED.torrent moved successfully.
C:\Users\mickey\Desktop\b\nfs\Crack moved successfully.
File/Folder C:\Users\mickey\Desktop\b\nfs\Crack\nfs.exe not found.
File/Folder C:\Users\mickey\Desktop\b\nfs\Crack\NOTICE.TXT not found.
File/Folder C:\Users\mickey\Desktop\b\nfs\Crack\rld-nfsk.exe not found.
C:\Users\mickey\Desktop\b\Nouveau dossier (2)\Crack moved successfully.
File/Folder C:\Users\mickey\Desktop\b\Nouveau dossier (2)\Crack\PopCap Zuma Deluxe! v1.0 (crack).zip not found.
========== COMMANDS ==========
File delete failed. C:\Users\mickey\AppData\Local\Temp\etilqs_4jzDFEYgrr5rrQ7x75kf scheduled to be deleted on reboot.
File delete failed. C:\Users\mickey\AppData\Local\Temp\RtkBtMnt.exe scheduled to be deleted on reboot.
File delete failed. C:\Users\mickey\AppData\Local\Temp\WER400C.tmp.version.txt scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\Windows\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\TMP00000061FD181EF09B2B604E scheduled to be deleted on reboot.
Windows Temp folder emptied.
File delete failed. C:\Users\mickey\AppData\Local\Mozilla\Firefox\Profiles\elcd4qjb.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Users\mickey\AppData\Local\Mozilla\Firefox\Profiles\elcd4qjb.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Users\mickey\AppData\Local\Mozilla\Firefox\Profiles\elcd4qjb.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Users\mickey\AppData\Local\Mozilla\Firefox\Profiles\elcd4qjb.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Users\mickey\AppData\Local\Mozilla\Firefox\Profiles\elcd4qjb.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Users\mickey\AppData\Local\Mozilla\Firefox\Profiles\elcd4qjb.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Opera cache emptied.
Temp folders emptied.
Error: Unable to interpret <[start explorer> in the current context!

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 01282009_130837

Files moved on Reboot...
File C:\Users\mickey\AppData\Local\Temp\etilqs_4jzDFEYgrr5rrQ7x75kf not found!
C:\Users\mickey\AppData\Local\Temp\RtkBtMnt.exe moved successfully.
File C:\Users\mickey\AppData\Local\Temp\WER400C.tmp.version.txt not found!
File move failed. C:\Windows\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
File C:\Windows\temp\TMP00000061FD181EF09B2B604E not found!
C:\Users\mickey\AppData\Local\Mozilla\Firefox\Profiles\elcd4qjb.default\Cache\_CACHE_001_ moved successfully.
C:\Users\mickey\AppData\Local\Mozilla\Firefox\Profiles\elcd4qjb.default\Cache\_CACHE_002_ moved successfully.
C:\Users\mickey\AppData\Local\Mozilla\Firefox\Profiles\elcd4qjb.default\Cache\_CACHE_003_ moved successfully.
C:\Users\mickey\AppData\Local\Mozilla\Firefox\Profiles\elcd4qjb.default\Cache\_CACHE_MAP_ moved successfully.
C:\Users\mickey\AppData\Local\Mozilla\Firefox\Profiles\elcd4qjb.default\urlclassifier3.sqlite moved successfully.
C:\Users\mickey\AppData\Local\Mozilla\Firefox\Profiles\elcd4qjb.default\XUL.mfl moved successfully.
0
Réponse 20 / 27
Utilisateur anonyme
 
Re,

Redémarre ton pc normalement et fait ce qui suit.

▶ Télécharge random's system information tool (RSIT) et enregistre le sur ton bureau.

▶ Double clique sur RSIT.exe pour lancer l'outil.

▶ Clique sur ' continue ' à l'écran Disclaimer.

Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.

▶ Une fois le scan fini , 2 rapports vont apparaitre. Poste le contenu des 2 rapports séparément.
( log.txt & info.txt )

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
0

Discussions similaires

App explorer Sa sert a quoi ?
Mada_alpha -
SATS_fr -

1 réponse