DNS Changer aide... ( marre de ce virus ! )
HarryPotter
-
HarryPotter -
HarryPotter -
Bonjour,
Alors voila,
Avec tout ce que je vois sur internet,
je suis arriver en conclusion que j'ai attraper DNSChanger.
Un virus que je hais hais hais...
Malheur a celui qui l'as inventer..
Svpt je ne sais plus quoi faire..
Je me suis debarrasser des redirectiosn sur google :
Aller sur internet Explorer et remetter les parametre par defaut pour ceux que ca peut aider...
Bon maintenant... Je n'arrive pas a l'enlever.
SVP Aidez moi...
Je me suis rapeller que CCM avait toujours donner aide a tout le monde.
Alors me voila.
Je suis sous windows Vista et j'utilise IE8.
SVP aider moi je repete.
Merci CCM.
Alors voila,
Avec tout ce que je vois sur internet,
je suis arriver en conclusion que j'ai attraper DNSChanger.
Un virus que je hais hais hais...
Malheur a celui qui l'as inventer..
Svpt je ne sais plus quoi faire..
Je me suis debarrasser des redirectiosn sur google :
Aller sur internet Explorer et remetter les parametre par defaut pour ceux que ca peut aider...
Bon maintenant... Je n'arrive pas a l'enlever.
SVP Aidez moi...
Je me suis rapeller que CCM avait toujours donner aide a tout le monde.
Alors me voila.
Je suis sous windows Vista et j'utilise IE8.
SVP aider moi je repete.
Merci CCM.
A voir également:
- DNS Changer aide... ( marre de ce virus ! )
- Changer dns - Guide
- Dns gratuit - Guide
- Changer de carte graphique - Guide
- Virus mcafee - Accueil - Piratage
- Flush dns - Guide
3 réponses
Salut,
-+-+-+-> ZHPDiag <-+-+-+-
[x] Télécharge ZHPDiag ( de Nicolas coolman ).
[x] Double clique sur le fichier d'installation, puis installe le avec les paramètres par défaut ( N'oublie pas de cocher " Créer une icône sur le bureau " )
[x] Lance ZHPDiag en double cliquant sur l'icône présente sur ton bureau
[x] Clique sur la loupe en haut à gauche, puis laisse l'outil scanner.
[x] Une fois le scan terminé, clique sur l'icône en forme de disquette et enregistre le fichier sur ton bureau.
[x] Rend toi sur Cjoint
[x] Clique sur " Parcourir " dans la partie " Joindre un fichier[...] "
[x] Séléctionne le rapport ZHPdiag.txt qui se trouve sur ton bureau
[x] Clique ensuite sur " Créer le lien cjoint " et copie/colle le dans ton prochain message
-+-+-+-> ZHPDiag <-+-+-+-
[x] Télécharge ZHPDiag ( de Nicolas coolman ).
[x] Double clique sur le fichier d'installation, puis installe le avec les paramètres par défaut ( N'oublie pas de cocher " Créer une icône sur le bureau " )
[x] Lance ZHPDiag en double cliquant sur l'icône présente sur ton bureau
[x] Clique sur la loupe en haut à gauche, puis laisse l'outil scanner.
[x] Une fois le scan terminé, clique sur l'icône en forme de disquette et enregistre le fichier sur ton bureau.
[x] Rend toi sur Cjoint
[x] Clique sur " Parcourir " dans la partie " Joindre un fichier[...] "
[x] Séléctionne le rapport ZHPdiag.txt qui se trouve sur ton bureau
[x] Clique ensuite sur " Créer le lien cjoint " et copie/colle le dans ton prochain message
-+-+-+-> AD-Remover <-+-+-+-
[x] Télécharge Ad-remover (de C_XX) sur ton bureau.
▶ Déconnecte toi et ferme toutes applications en cours !
[x] Double-clique sur le raccourci Ad-Remover sur ton Bureau. (Clic droit -> "Exécuter en tant qu'administrateur". ( Pour Vista))
[x] A la fenêtre qui s'affiche clique sur " oui "
[x] Séléctionne l'option L
[x] Laisse l'outil travailler.
[x] Une fois le scan fini, appuie sur une touche, le rapport s'ouvre
[x] Copie/colle le dans ton prochain post
====================================================================
-+-+-+-> List&kill'em <-+-+-+-
[x] Télécharge List&kill'em ( de Gen-Hackman ) sur ton bureau.
/!\ Désactive toutes tes protections résidentes ( Antivirus, Antispyware, Pare-feu ) /!\
[x] Lance le en double cliquant dessus ( Clic droit -> "Executer en tant qu'administrateur" sous vista )
[x] Choisis l'option F ( pour français ) puis l'option 1 ( Recherche )
[x] Laisse le scan s'opérer.
[x] Le rapport s'ouvrira une fois le scan fini, copie/colle son contenu dans ta prochaine réponse.
[x] Télécharge Ad-remover (de C_XX) sur ton bureau.
▶ Déconnecte toi et ferme toutes applications en cours !
[x] Double-clique sur le raccourci Ad-Remover sur ton Bureau. (Clic droit -> "Exécuter en tant qu'administrateur". ( Pour Vista))
[x] A la fenêtre qui s'affiche clique sur " oui "
[x] Séléctionne l'option L
[x] Laisse l'outil travailler.
[x] Une fois le scan fini, appuie sur une touche, le rapport s'ouvre
[x] Copie/colle le dans ton prochain post
====================================================================
-+-+-+-> List&kill'em <-+-+-+-
[x] Télécharge List&kill'em ( de Gen-Hackman ) sur ton bureau.
/!\ Désactive toutes tes protections résidentes ( Antivirus, Antispyware, Pare-feu ) /!\
[x] Lance le en double cliquant dessus ( Clic droit -> "Executer en tant qu'administrateur" sous vista )
[x] Choisis l'option F ( pour français ) puis l'option 1 ( Recherche )
[x] Laisse le scan s'opérer.
[x] Le rapport s'ouvrira une fois le scan fini, copie/colle son contenu dans ta prochaine réponse.
Salut ( t'es formidable ! ),
voici le rapport AD removal our remover je sais plus.
.
======= LOGFILE OF AD-REMOVER 1.1.4.6_B | ONLY XP/VISTA/7 =======
.
Updated by C_XX on 08.11.2009 at 14:49
Contact: AdRemover.contact@gmail.com
Website: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Launch at: 19:54:13, Tue 11/10/2009 | Normal Boot | Option: CLEAN
Executed from: "C:\Program Files\Ad-Remover\"
Operating system: Microsoft® Windows Vista™ Home Premium Service Pack 1 v6.0.6001
Computer Name: PC-DE-FIRAS | Current user: M.S
.
============== NEUTRALIZED ELEMENT(S) ==============
.
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
HKCU\Software\SweetIM
HKLM\Software\Classes\urlsearchhook.toolbarurlsearchhook
HKLM\Software\Classes\urlsearchhook.toolbarurlsearchhook.1
HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
HKLM\Software\SweetIM
HKCU\Software\AppDataLow\software\{0E2401A2-ADB8-A131-FD84-7645F83DBC1B}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKLM\software\microsoft\windows\currentversion\uninstall\d8e3e5c3-1407-4f2c-cafa-9cf7f4ce305b
HKLM\software\microsoft\windows\currentversion\uninstall\hrzozdekaaevj
HKLM\software\microsoft\windows\currentversion\uninstall\{EAADF57F-BC61-7880-E2DD-46E2F1203B3C}
HKLM\Software\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
HKLM\Software\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
.
(!) -- Temp files deleted.
.
============== Added scan ==============
.
.
* Internet Explorer Version 8.0.6001.18828 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Search Page:
Start Page Redirect Cache: hxxp://www.msn.com/
Start Page Redirect Cache AcceptLangs: en-us
Start Page: hxxp://fr.msn.com/
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Search Bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
SearchAssistant:
Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Start Page: hxxp://fr.msn.com/
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
===================================
.
2656 Byte(s) - C:\Ad-Report-CLEAN[1].log
.
18047 File(s) - C:\Users\M.S\AppData\Local\Temp
19 File(s) - C:\Windows\Temp
.
19 File(s) - "C:\Program Files\Ad-Remover\BACKUP"
0 File(s) - "C:\Program Files\Ad-Remover\QUARANTINE"
.
End at: 20:07:03 | Tue 11/10/2009 - CLEAN[1]
.
============== E.O.F ==============
.
voici le rapport AD removal our remover je sais plus.
.
======= LOGFILE OF AD-REMOVER 1.1.4.6_B | ONLY XP/VISTA/7 =======
.
Updated by C_XX on 08.11.2009 at 14:49
Contact: AdRemover.contact@gmail.com
Website: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Launch at: 19:54:13, Tue 11/10/2009 | Normal Boot | Option: CLEAN
Executed from: "C:\Program Files\Ad-Remover\"
Operating system: Microsoft® Windows Vista™ Home Premium Service Pack 1 v6.0.6001
Computer Name: PC-DE-FIRAS | Current user: M.S
.
============== NEUTRALIZED ELEMENT(S) ==============
.
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
HKCU\Software\SweetIM
HKLM\Software\Classes\urlsearchhook.toolbarurlsearchhook
HKLM\Software\Classes\urlsearchhook.toolbarurlsearchhook.1
HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
HKLM\Software\SweetIM
HKCU\Software\AppDataLow\software\{0E2401A2-ADB8-A131-FD84-7645F83DBC1B}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKLM\software\microsoft\windows\currentversion\uninstall\d8e3e5c3-1407-4f2c-cafa-9cf7f4ce305b
HKLM\software\microsoft\windows\currentversion\uninstall\hrzozdekaaevj
HKLM\software\microsoft\windows\currentversion\uninstall\{EAADF57F-BC61-7880-E2DD-46E2F1203B3C}
HKLM\Software\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
HKLM\Software\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
.
(!) -- Temp files deleted.
.
============== Added scan ==============
.
.
* Internet Explorer Version 8.0.6001.18828 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Search Page:
Start Page Redirect Cache: hxxp://www.msn.com/
Start Page Redirect Cache AcceptLangs: en-us
Start Page: hxxp://fr.msn.com/
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Search Bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
SearchAssistant:
Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Start Page: hxxp://fr.msn.com/
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
===================================
.
2656 Byte(s) - C:\Ad-Report-CLEAN[1].log
.
18047 File(s) - C:\Users\M.S\AppData\Local\Temp
19 File(s) - C:\Windows\Temp
.
19 File(s) - "C:\Program Files\Ad-Remover\BACKUP"
0 File(s) - "C:\Program Files\Ad-Remover\QUARANTINE"
.
End at: 20:07:03 | Tue 11/10/2009 - CLEAN[1]
.
============== E.O.F ==============
.
Le rapport se trouve sous C:\kill'em.txt
Voila le rapport general !
List'em by g3n-h@ckm@n 1.0.5.3
Thx to Chiquitine29.....
User : M.S (Administrators) # PC-DE-FIRAS
Update on 09/11/2009 by g3n-h@ckm@n ::::: 20.30
Start at: 8:21:45 PM | 11/10/2009
Contact : g3n-h@ckm@n sur CCM
Intel(R) Pentium(R) Dual CPU T2370 @ 1.73GHz
Microsoft® Windows Vista™ Home Premium (6.0.6001 32-bit) # Service Pack 1
Internet Explorer 8.0.6001.18828
Windows Firewall Status : Disabled
AV : AVG Anti-Virus 8.0 [ Enabled | Updated ]
C:\ -> Local Fixed Disk | 100 Go (24.85 Go free) [SQ004680V03] | NTFS
E:\ -> Local Fixed Disk | 131.42 Go (131.32 Go free) | NTFS
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processus en cours
C:\Windows\System32\smss.exe 564
C:\Windows\system32\csrss.exe 632
C:\Windows\system32\wininit.exe 676
C:\Windows\system32\csrss.exe 688
C:\Windows\system32\services.exe 732
C:\Windows\system32\lsass.exe 744
C:\Windows\system32\lsm.exe 752
C:\Windows\system32\winlogon.exe 836
C:\Windows\system32\svchost.exe 1000
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 1044
C:\Windows\system32\svchost.exe 1092
C:\Windows\System32\svchost.exe 1128
C:\Windows\System32\svchost.exe 1220
C:\Windows\System32\svchost.exe 1256
C:\Windows\system32\svchost.exe 1272
C:\Windows\system32\svchost.exe 1412
C:\Windows\system32\SLsvc.exe 1440
C:\Windows\system32\svchost.exe 1492
C:\Windows\system32\svchost.exe 1684
C:\Windows\System32\spoolsv.exe 1876
C:\Windows\system32\svchost.exe 1900
C:\Windows\system32\agrsmsvc.exe 328
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe 360
C:\Windows\system32\CISVC.EXE 484
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe 580
C:\PROGRA~1\AVG\AVG8\avgam.exe 1428
C:\Program Files\McAfee\Common Framework\FrameworkService.exe 1580
C:\PROGRA~1\AVG\AVG8\avgrsx.exe 1680
C:\PROGRA~1\AVG\AVG8\avgnsx.exe 608
C:\Toshiba\IVP\ISM\pinger.exe 2308
C:\Windows\system32\svchost.exe 2356
C:\Windows\system32\svchost.exe 2380
c:\Toshiba\IVP\swupdate\swupdtmr.exe 2404
C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe 2428
C:\Windows\system32\TODDSrv.exe 2464
C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe 2488
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe 2512
C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe 2576
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe 2624
C:\Windows\System32\svchost.exe 2640
C:\Windows\system32\SearchIndexer.exe 2680
C:\PROGRA~1\AVG\AVG8\avgemc.exe 2692
C:\Program Files\McAfee\Common Framework\naPrdMgr.exe 2716
C:\Program Files\AVG\AVG8\avgcsrvx.exe 2884
C:\Windows\system32\taskeng.exe 3228
C:\Windows\system32\taskeng.exe 3504
C:\Windows\system32\Dwm.exe 3564
C:\Windows\System32\igfxtray.exe 4024
C:\Windows\System32\hkcmd.exe 4052
C:\Windows\system32\igfxsrvc.exe 4068
C:\Windows\System32\igfxpers.exe 4076
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe 4092
C:\Program Files\Toshiba\SmoothView\SmoothView.exe 1596
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe 2220
C:\Program Files\Apoint2K\Apoint.exe 2204
C:\Program Files\Apoint2K\ApMsgFwd.exe 1088
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe 2876
C:\Program Files\Windows Defender\MSASCui.exe 2672
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe 3176
C:\Program Files\Toshiba\Utilities\KeNotify.exe 1788
C:\Windows\RtHDVCpl.exe 3280
C:\Program Files\McAfee\Common Framework\UdaterUI.exe 2200
C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe 3492
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe 3540
C:\Program Files\Java\jre6\bin\jusched.exe 3572
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe 3788
C:\Windows\ehome\ehtray.exe 3824
C:\Windows\System32\spool\drivers\w32x86\3\E_FATICDP.EXE 3284
C:\Program Files\Apoint2K\Apntex.exe 3880
C:\Windows\ehome\ehmsas.exe 2972
C:\Program Files\Windows Media Player\wmpnscfg.exe 1364
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE 1380
C:\Program Files\Windows Media Player\wmpnetwk.exe 3948
C:\Program Files\McAfee\Common Framework\McTray.exe 2180
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe 4104
C:\Program Files\Toshiba\ConfigFree\CFWAN.exe 4128
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe 4152
C:\Windows\system32\wuauclt.exe 5128
C:\Windows\explorer.exe 5960
C:\Program Files\Windows Live\Mail\wlmail.exe 3172
C:\Program Files\Windows Live\Contacts\wlcomm.exe 5052
C:\Program Files\Internet Explorer\iexplore.exe 4468
C:\Program Files\Internet Explorer\iexplore.exe 5700
C:\Users\M.S\Desktop\List_Killem.exe 5188
C:\Windows\system32\cmd.exe 4388
C:\Windows\system32\wbem\wmiprvse.exe 2844
C:\Windows\system32\SearchProtocolHost.exe 5768
C:\Windows\system32\SearchFilterHost.exe 4548
C:\Users\M.S\AppData\Local\Temp\32C3.tmp\pv.exe 252
======================
Cles de demarrage "Run"
======================
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"="TOSCDSPD.EXE"
"ehTray.exe"="C:\\Windows\\ehome\\ehTray.exe"
"EPSON Stylus CX7300 Series"="C:\\Windows\\system32\\spool\\DRIVERS\\W32X86\\3\\E_FATICDP.EXE /FU \"C:\\Windows\\TEMP\\E_SF0C7.tmp\" /EF \"HKCU\""
"msnmsgr"="\"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\" /background"
"Tivi5Widget"="\"C:\\Users\\M.S\\Desktop\\Widget TIVI5.exe\""
"WMPNSCFG"="C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe"
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\\Windows\\system32\\igfxtray.exe"
"HotKeysCmds"="C:\\Windows\\system32\\hkcmd.exe"
"Persistence"="C:\\Windows\\system32\\igfxpers.exe"
"TPwrMain"=hex(2):25,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,46,00,69,00,\
6c,00,65,00,73,00,25,00,5c,00,54,00,4f,00,53,00,48,00,49,00,42,00,41,00,5c,\
00,50,00,6f,00,77,00,65,00,72,00,20,00,53,00,61,00,76,00,65,00,72,00,5c,00,\
54,00,50,00,77,00,72,00,4d,00,61,00,69,00,6e,00,2e,00,45,00,58,00,45,00,00,\
00
"HSON"=hex(2):25,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,46,00,69,00,6c,\
00,65,00,73,00,25,00,5c,00,54,00,4f,00,53,00,48,00,49,00,42,00,41,00,5c,00,\
54,00,42,00,53,00,5c,00,48,00,53,00,4f,00,4e,00,2e,00,65,00,78,00,65,00,00,\
00
"SmoothView"=hex(2):25,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,46,00,69,\
00,6c,00,65,00,73,00,25,00,5c,00,54,00,6f,00,73,00,68,00,69,00,62,00,61,00,\
5c,00,53,00,6d,00,6f,00,6f,00,74,00,68,00,56,00,69,00,65,00,77,00,5c,00,53,\
00,6d,00,6f,00,6f,00,74,00,68,00,56,00,69,00,65,00,77,00,2e,00,65,00,78,00,\
65,00,00,00
"00TCrdMain"=hex(2):25,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,46,00,69,\
00,6c,00,65,00,73,00,25,00,5c,00,54,00,4f,00,53,00,48,00,49,00,42,00,41,00,\
5c,00,46,00,6c,00,61,00,73,00,68,00,43,00,61,00,72,00,64,00,73,00,5c,00,54,\
00,43,00,72,00,64,00,4d,00,61,00,69,00,6e,00,2e,00,65,00,78,00,65,00,00,00
"Apoint"="C:\\Program Files\\Apoint2K\\Apoint.exe"
"jswtrayutil"="\"C:\\Program Files\\Jumpstart\\jswtrayutil.exe\""
"AVG8_TRAY"="C:\\PROGRA~1\\AVG\\AVG8\\avgtray.exe"
"Camera Assistant Software"="\"C:\\Program Files\\Camera Assistant Software for Toshiba\\traybar.exe\""
"Windows Defender"=hex(2):25,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,46,\
00,69,00,6c,00,65,00,73,00,25,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,00,\
73,00,20,00,44,00,65,00,66,00,65,00,6e,00,64,00,65,00,72,00,5c,00,4d,00,53,\
00,41,00,53,00,43,00,75,00,69,00,2e,00,65,00,78,00,65,00,20,00,2d,00,68,00,\
69,00,64,00,65,00,00,00
"ITSecMng"=hex(2):25,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,46,00,69,00,\
6c,00,65,00,73,00,25,00,5c,00,54,00,4f,00,53,00,48,00,49,00,42,00,41,00,5c,\
00,42,00,6c,00,75,00,65,00,74,00,6f,00,6f,00,74,00,68,00,20,00,54,00,6f,00,\
73,00,68,00,69,00,62,00,61,00,20,00,53,00,74,00,61,00,63,00,6b,00,5c,00,49,\
00,74,00,53,00,65,00,63,00,4d,00,6e,00,67,00,2e,00,65,00,78,00,65,00,20,00,\
2f,00,53,00,54,00,41,00,52,00,54,00,00,00
"NDSTray.exe"="NDSTray.exe"
"HWSetup"="\\HWSetup.exe hwSetUP"
"SVPWUTIL"="C:\\Program Files\\TOSHIBA\\Utilities\\SVPWUTIL.exe SVPwUTIL"
"KeNotify"="C:\\Program Files\\TOSHIBA\\Utilities\\KeNotify.exe"
"RtHDVCpl"="RtHDVCpl.exe"
"McAfeeUpdaterUI"="\"C:\\Program Files\\McAfee\\Common Framework\\UdaterUI.exe\" /StartedFromRunKey"
"ContentTransferWMDetector.exe"="C:\\Program Files\\Sony\\Content Transfer\\ContentTransferWMDetector.exe"
"GrooveMonitor"="\"C:\\Program Files\\Microsoft Office\\Office12\\GrooveMonitor.exe\""
"FBSSA"="C:\\Program Files\\SGPSA\\ie3sh.exe"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre6\\bin\\jusched.exe\""
"WinampAgent"="\"C:\\Program Files\\Winamp\\winampa.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
@=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"
@=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"
@=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"
@=""
=====================
cles additionnelles
=====================
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=dword:00000002
"ConsentPromptBehaviorUser"=dword:00000001
"EnableInstallerDetection"=dword:00000001
"EnableLUA"=dword:00000000
"EnableSecureUIAPaths"=dword:00000001
"EnableVirtualization"=dword:00000001
"PromptOnSecureDesktop"=dword:00000001
"ValidateAdminCodeSignatures"=dword:00000000
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"scforceoption"=dword:00000000
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"FilterAdministratorToken"=dword:00000000
"EnableUIADesktopToggle"=dword:00000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UIPI]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UIPI\Clipboard]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UIPI\Clipboard\ExceptionFormats]
"CF_TEXT"=dword:00000001
"CF_BITMAP"=dword:00000002
"CF_OEMTEXT"=dword:00000007
"CF_DIB"=dword:00000008
"CF_PALETTE"=dword:00000009
"CF_UNICODETEXT"=dword:0000000d
"CF_DIBV5"=dword:00000011
===============
===============
===============
===============
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
======
BHO :
======
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{043344E2-8415-4B1A-8C50-AF333F6596Ba}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
@=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
@="Winamp Toolbar Loader"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
@="WormRadar.com IESiteBlocker.NavFilter"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
@=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
@=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
"NoExplorer"=dword:00000001
==========================
=========================
Environnement variables :
=========================
AdMin00=~NYou must be Administrator of this PC to continue !!~N~NIn this conditions, The program cannot continue ...~N~NPlease speak about this to the person who helps you
AdMin01=... WARNING !!!
Administrative Tools=C:\Users\M.S\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\ADMINI~1
ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\M.S\AppData\Roaming
AUTHOR=C_XX
BKCOUNT=19
BOOTMODE=Normal Boot
Cache=C:\Users\M.S\AppData\Local\MICROS~1\Windows\TEMPOR~1
CD Burning=C:\Users\M.S\AppData\Local\MICROS~1\Windows\Burn\Burn
CHOICE=L
choix=1
Common Administrative Tools=C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\ADMINI~1
Common AppData=C:\PROGRA~2
Common Desktop=C:\Users\Public\Desktop
Common Documents=C:\Users\Public\DOCUME~1
Common Favorites=C:\Users\M.S\FAVORI~1
Common Music=C:\Users\Public\Music
Common Pictures=C:\Users\Public\Pictures
Common Programs=C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs
Common Start Menu=C:\PROGRA~2\MICROS~1\Windows\STARTM~1
Common Startup=C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup
Common Templates=C:\PROGRA~2\MICROS~1\Windows\TEMPLA~1
Common Video=C:\Users\Public\Videos
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=PC-DE-FIRAS
ComSpec=C:\Windows\system32\cmd.exe
Cookies=C:\Users\M.S\AppData\Roaming\MICROS~1\Windows\Cookies
CurrReport=1
Desktop=C:\Users\M.S\Desktop
DFSTRACINGON=FALSE
DISPLAY00=CALL DISPLAY ³³³³³
DISPLAY01=CALL DISPLAY ³³³³³³³³
DISPLAY02=CALL DISPLAY ³³³³³³³³³³³³
DISPLAY03=CALL DISPLAY ³³³³³³³³³³³³³³³³
DISPLAY04=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³
DISPLAY05=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³
DISPLAY06=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
DISPLAY07=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
DISPLAY08=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
DISPLAY09=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
DISPLAY10=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
DISPLAY11=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
DISPLAY12=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
DISPLAY13=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
DISPLAY14=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
DISPLAY15=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
Do00=Move.bat
Do01=DelKeys.bat
Do02=DelValues.bat
DPF=C:\Windows\Downloaded Program Files
Favorites=C:\Users\M.S\FAVORI~1
Fonts=C:\Windows\Fonts
FP_NO_HOST_CHECK=NO
History=C:\Users\M.S\AppData\Local\MICROS~1\Windows\History
HOMEDRIVE=C:
HOMEPATH=\Users\M.S
IE=C:\Program Files\Internet Explorer
Incompatible OS 00=~NThis program can run only under Windows XP,Vista and 7 !~N~NClik ~qOK~q to quit.
Incompatible OS 01=... Incompatible OS !!!
INSTALLER=C:\Windows\Installer
L01=Wait please ...
L02=~NERROR ! -- One or some component(s) is/are missing !~N~N Press 'ok' to exit.
L05=Finished! The report has been saved here:
L06=Choice and press enter to continue
L07=Added scan finished
L07A=Added scan
L08=Cleaning of the temporary files ended
L09=Unable to get version
L10=Administrator
L10A=Not Administrator
L11=Scan ^(No deletion is made^)
L12=Launch cleaning
L13=Uninstall
L14=Exit
L15=LOGFILE OF AD-REMOVER 1.1.4.6_B ^| ONLY XP/VISTA/7
L16=Updated by C_XX on 08.11.2009 at 14:49
L17=Contact: AdRemover.contact@gmail.com
L18=Website: http://pagesperso-orange.fr/NosTools/ad_remover.html
L19=Launch at: 19:54:13, Tue 11/10/2009 ^| Normal Boot
L20=Executed from:
L21=Operating system:
L22=Computer Name: PC-DE-FIRAS ^| Current user: M.S
L23=Option:
L24=Scanning, please wait the time of the research.
L25=NEUTRALIZED ELEMENT^(S^)
L25A=FOUND ELEMENT^(S^)
L26=Temp files deleted.
L27=End at:
L28=ProfilePath:
Local AppData=C:\Users\M.S\AppData\Local
LOCALAPPDATA=C:\Users\M.S\AppData\Local
LOCALLOW=C:\Users\M.S\AppData\LocalLow
LOGONSERVER=\\PC-DE-FIRAS
misc=Byte
misc2=File
misc3=ERASED
misc4=FOUND
misc5=Scan progress ..
Mode=CLEAN
MSN=C:\Program Files\MSN Messenger
My Music=C:\Users\M.S\Music
My Pictures=C:\Users\M.S\Pictures
NAME=AD-REMOVER
NBC02=1
NBS02=1
NetHood=C:\Users\M.S\AppData\Roaming\MICROS~1\Windows\NETWOR~1
nondelete=... [b]NOT DELETED !!/b
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
OS_SP=Service Pack 1
OS_VERSION=Home Premium
Page_Values=Default_Page_URL|Default_Search_URL|SearchAssistant|Search bar|Search Page|Start Page|Start Page Restore|First Home Page
Path=C:\Program Files\PC Connectivity Solution\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
Personal=C:\Users\M.S\DOCUME~1
PrintHood=C:\Users\M.S\AppData\Roaming\MICROS~1\Windows\PRINTE~1
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 13, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f0d
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
Programs=C:\Users\M.S\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs
PROMPT=$P$G
PUBLIC=C:\Users\Public
QUCOUNT=0
QUICK LAUNCH=C:\Users\M.S\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch
Recent=C:\Users\M.S\AppData\Roaming\MICROS~1\Windows\Recent
REPORT=C:\Ad-Report-CLEAN[1].log
SE=Windows Vista
SendTo=C:\Users\M.S\AppData\Roaming\MICROS~1\Windows\SendTo
Services=ASK(Service|Upgrade)|MyWebSearchService|OneStepS(rch|earch) Service|OneStep Search Service|PremierOpinion|RelevantKnowledge|(SearchIn1Step|Seekapp|SeekappSrch|Seekeen) Service|SeekService Service
SESSIONNAME=Console
SE_=1
Start Menu=C:\Users\M.S\AppData\Roaming\MICROS~1\Windows\STARTM~1
Startup=C:\Users\M.S\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup
SYSTEM32=C:\Windows\System32
SystemDrive=C:
SystemRoot=C:\Windows
TbPath=Software\Microsoft\Internet Explorer\Toolbar
Teatimer00=~NThe resident ~qTeaTimer.exe~q of ~qSpybot - Search ^& Destroy~q is active !~N~NIn this conditions, The program cannot continue ...~N~NPlease speak about this to the person who helps you
Teatimer01=... WARNING !!!
TEMP=C:\Users\M.S\AppData\Local\Temp
TEMP2=C:\Windows\Temp
Templates=C:\Users\M.S\AppData\Roaming\MICROS~1\Windows\TEMPLA~1
TMP=C:\Users\M.S\AppData\Local\Temp
ToSrch01=Eorezo|FunWebProducts|ItsLabel|Kiwee Toolbar
ToSrch02=Bingo Day|Casino-On-Net|Casino Del Rio|Casino\.com Poker|EmpirePoker|Europa Casino|iMesh.lnk|My Speedy Alert|Pacific Poker|PartyPoker|Titan Poker|Vegas Red Casino|888poker\.net
TRACE_FORMAT_SEARCH_PATH=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
UAC00=~NThe ~qUser Account Control~q is enabled !~N~NIn this conditions, The program cannot continue ...~N~NPlease speak about this to the person who helps you
UAC01=... WARNING !!!
UPDATE_DATE=08.11.2009
UPDATE_TIME=14:49
USER=S-1-5-21-975476334-4192965003-4212137462-1000
USERDOMAIN=PC-DE-FIRAS
USERNAME=M.S
USERPROFILE=C:\Users\M.S
VER=1.1.4.6_B
VERFF=^[Unable to get version^]
VERIE=8.0.6001.18828
VERW=v6.0.6001
windir=C:\Windows
WLM=C:\Program Files\Windows Live\Messenger
¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :
C:\Windows\System32\drivers\etc\hosts.msn
¤¤¤¤¤¤¤¤¤¤ Clés de registre Presentes :
¤¤¤¤¤¤¤¤¤¤ C:\Windows\Prefetch :
AgAppLaunch.db
AgCx_S1_S-1-5-21-975476334-4192965003-4212137462-1000.snp.db
AgCx_SC1.db
AgCx_SC1.db.trx
AgCx_SC2.db
AgGlFaultHistory.db
AgGlFgAppHistory.db
AgGlGlobalHistory.db
AgGlUAD_P_S-1-5-21-975476334-4192965003-4212137462-1000.db
AgGlUAD_S-1-5-21-975476334-4192965003-4212137462-1000.db
AgRobust.db
ATBROKER.EXE-2E15A492.pf
AUDIODG.EXE-BDFD3029.pf
AU_.EXE-C319FE8B.pf
AVGAM.EXE-FAD3A97D.pf
AVGCMGR.EXE-27FF3A49.pf
AVGCSRVX.EXE-8B55A462.pf
AVGDIAGEX.EXE-CC515C16.pf
AVGEMC.EXE-42B06698.pf
AVGNSX.EXE-C26363CC.pf
AVGRSX.EXE-1D418725.pf
AVGSCANX.EXE-DB10FF75.pf
AVGUPD.EXE-ED364EA9.pf
AVGWDSVC.EXE-C6AB48FA.pf
CFWAN.EXE-CBF60D6F.pf
CGUARD.EXE-D54675FF.pf
CMD.EXE-4A81B364.pf
CONSENT.EXE-531BD9EA.pf
CONTROL.EXE-817F8F1D.pf
DEFRAG.EXE-588F90AD.pf
DFRGNTFS.EXE-7E4077FE.pf
DLLHOST.EXE-5E46FA0D.pf
DLLHOST.EXE-6A473D35.pf
DLLHOST.EXE-766398D2.pf
DLLHOST.EXE-7FAA2E4C.pf
DLLHOST.EXE-B2EB1806.pf
DWM.EXE-6FFD3DA8.pf
EHMSAS.EXE-2D3B2F21.pf
EXPLORER.EXE-A80E4F97.pf
E_FARNCDP.EXE-AAFCFD47.pf
FIXCFG.EXE-298258C9.pf
FLASHUTIL10C.EXE-1A30AEBE.pf
GAMECONSOLESERVICE.EXE-D1EBC6EE.pf
GEPLUGIN.EXE-92045D26.pf
GOOGLECRASHHANDLER.EXE-8A3B4C33.pf
GOOGLEEARTH-WIN-5.1.3509.4636-DC6D6003.pf
GOOGLEEARTH.EXE-4179DA94.pf
GOOGLEEARTH.EXE-A5020785.pf
GOOGLEEARTHSETUP[1].EXE-648417E1.pf
GOOGLEUPDATE.EXE-6C94DAE7.pf
GOOGLEUPDATE.EXE-D926F795.pf
GOOGLEUPDATE.EXE-FE771DDA.pf
HC2SETFR[1].EXE-45BF5AD2.pf
HC2SETFR[1].EXE-9395102C.pf
HELPER.EXE-8AEDE3E3.pf
HELPPANE.EXE-FEDC965B.pf
HYCAM2.EXE-4BE65D9D.pf
HYCAM2.EXE-C738269E.pf
IELOWUTIL.EXE-3885C25E.pf
IEXPLORE.EXE-908C99F8.pf
IGFXEXT.EXE-D5F523DB.pf
IGFXSRVC.EXE-96A493A4.pf
INFOCARD.EXE-ECED8D38.pf
IVPSVMGR.EXE-858F4F23.pf
JAVA.EXE-E27B75C2.pf
JP2LAUNCHER.EXE-7C1F11C1.pf
JP2LAUNCHER.EXE-961131B6.pf
KENOTIFY.EXE-2C13E0E5.pf
LAUNCHER.EXE-A271E3DA.pf
Layout.ini
LIMEWIRE.EXE-85607912.pf
LOGON.SCR-30601369.pf
LOGONUI.EXE-09140401.pf
MCUPDATE.EXE-62E74733.pf
MEDIAMANAGER.EXE-3437944F.pf
MFPMP.EXE-26F35380.pf
MOVIEMK.EXE-0E4D00C6.pf
MPAS-D.EXE-40FE95BA.pf
MPSIGSTUB.EXE-92A5CA3E.pf
MSCORSVW.EXE-90526FAC.pf
MSFEEDSSYNC.EXE-6E6FBDF4.pf
MSGPLUSUNINSTALL.EXE-57837A00.pf
MSIEXEC.EXE-A2D55CB6.pf
MSNMSGR.EXE-9974F251.pf
MSPAINT.EXE-76E10B24.pf
NGEN.EXE-3CFD6908.pf
NTOSBOOT-B00DFAAD.pf
PATCH-3.0.1-VERS-3.0.2.EXE-54CA3588.pf
PCALUA.EXE-43C7C886.pf
PfSvPerfStats.bin
ReadyBoot
REG.EXE-E7E8BD26.pf
RUNDLL32.EXE-3BDF31B9.pf
RUNDLL32.EXE-57C295A2.pf
RUNDLL32.EXE-A6251510.pf
RUNDLL32.EXE-F89FBB70.pf
RUNESCAPE.EXE-4E91D5B3.pf
RUNONCE.EXE-D0649312.pf
SEARCHFILTERHOST.EXE-77482212.pf
SEARCHINDEXER.EXE-4A6353B9.pf
SEARCHPROTOCOLHOST.EXE-0CB8CADE.pf
SETUP_WM.EXE-674F654A.pf
SVCHOST.EXE-7CFEDEA3.pf
TASKENG.EXE-48D4E289.pf
TASKMGR.EXE-5F5F473D.pf
TRUSTEDINSTALLER.EXE-3CC531E5.pf
UNINST.EXE-4CF4EAC5.pf
UNINSTALL.EXE-108D5A65.pf
UNINSTALL.EXE-182FB177.pf
UNINSTALL.EXE-40F0F4CA.pf
UNINSTALL.EXE-4BB5E521.pf
UNINSTALL.EXE-977905F2.pf
UNINSTALL.EXE-B283CAFD.pf
UNINSTALL.EXE-BA8216A7.pf
UNINSTALL.EXE-CAA1A7CF.pf
UNINSTALL.EXE-D26763BA.pf
UNINSTALL.EXE-E5D37133.pf
UNINSTALL.EXE-ED26D11E.pf
UNINSTALL.EXE-F1869094.pf
UNINSTALL.EXE-F2809E78.pf
UNINSTALL.EXE-F4C6114C.pf
UNINSTALLER.EXE-FB9CC9A0.pf
USERINIT.EXE-2257A3E7.pf
VERCLSID.EXE-7C52E31C.pf
VLC.EXE-A11F73EE.pf
VSSVC.EXE-B8AFC319.pf
WERCON.EXE-E36BD04E.pf
WERFAULT.EXE-E69F695A.pf
WERMGR.EXE-0F2AC88C.pf
WINDOWS-LIVE-MAIL-2009_WL_MAI-E9866E8F.pf
WINWORD.EXE-C91725A1.pf
WLARP.EXE-7C7BF51D.pf
WLCOMM.EXE-272FF9F7.pf
WLLOGINPROXY.EXE-9E0DCEF8.pf
WLMAIL.EXE-1507296E.pf
WLOOBE.EXE-701CAC6F.pf
WLSETUP-WEB[1].EXE-EDA95AC2.pf
WMIADAP.EXE-F8DFDFA2.pf
WMIPRVSE.EXE-1628051C.pf
WMPLAYER.EXE-BAD6BD53.pf
WMPNETWK.EXE-D9F2A96F.pf
WOW.EXE-59754F91.pf
WUAUCLT.EXE-70318591.pf
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
List'em by g3n-h@ckm@n 1.0.5.3
Thx to Chiquitine29.....
User : M.S (Administrators) # PC-DE-FIRAS
Update on 09/11/2009 by g3n-h@ckm@n ::::: 20.30
Start at: 8:21:45 PM | 11/10/2009
Contact : g3n-h@ckm@n sur CCM
Intel(R) Pentium(R) Dual CPU T2370 @ 1.73GHz
Microsoft® Windows Vista™ Home Premium (6.0.6001 32-bit) # Service Pack 1
Internet Explorer 8.0.6001.18828
Windows Firewall Status : Disabled
AV : AVG Anti-Virus 8.0 [ Enabled | Updated ]
C:\ -> Local Fixed Disk | 100 Go (24.85 Go free) [SQ004680V03] | NTFS
E:\ -> Local Fixed Disk | 131.42 Go (131.32 Go free) | NTFS
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processus en cours
C:\Windows\System32\smss.exe 564
C:\Windows\system32\csrss.exe 632
C:\Windows\system32\wininit.exe 676
C:\Windows\system32\csrss.exe 688
C:\Windows\system32\services.exe 732
C:\Windows\system32\lsass.exe 744
C:\Windows\system32\lsm.exe 752
C:\Windows\system32\winlogon.exe 836
C:\Windows\system32\svchost.exe 1000
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 1044
C:\Windows\system32\svchost.exe 1092
C:\Windows\System32\svchost.exe 1128
C:\Windows\System32\svchost.exe 1220
C:\Windows\System32\svchost.exe 1256
C:\Windows\system32\svchost.exe 1272
C:\Windows\system32\svchost.exe 1412
C:\Windows\system32\SLsvc.exe 1440
C:\Windows\system32\svchost.exe 1492
C:\Windows\system32\svchost.exe 1684
C:\Windows\System32\spoolsv.exe 1876
C:\Windows\system32\svchost.exe 1900
C:\Windows\system32\agrsmsvc.exe 328
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe 360
C:\Windows\system32\CISVC.EXE 484
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe 580
C:\PROGRA~1\AVG\AVG8\avgam.exe 1428
C:\Program Files\McAfee\Common Framework\FrameworkService.exe 1580
C:\PROGRA~1\AVG\AVG8\avgrsx.exe 1680
C:\PROGRA~1\AVG\AVG8\avgnsx.exe 608
C:\Toshiba\IVP\ISM\pinger.exe 2308
C:\Windows\system32\svchost.exe 2356
C:\Windows\system32\svchost.exe 2380
c:\Toshiba\IVP\swupdate\swupdtmr.exe 2404
C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe 2428
C:\Windows\system32\TODDSrv.exe 2464
C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe 2488
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe 2512
C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe 2576
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe 2624
C:\Windows\System32\svchost.exe 2640
C:\Windows\system32\SearchIndexer.exe 2680
C:\PROGRA~1\AVG\AVG8\avgemc.exe 2692
C:\Program Files\McAfee\Common Framework\naPrdMgr.exe 2716
C:\Program Files\AVG\AVG8\avgcsrvx.exe 2884
C:\Windows\system32\taskeng.exe 3228
C:\Windows\system32\taskeng.exe 3504
C:\Windows\system32\Dwm.exe 3564
C:\Windows\System32\igfxtray.exe 4024
C:\Windows\System32\hkcmd.exe 4052
C:\Windows\system32\igfxsrvc.exe 4068
C:\Windows\System32\igfxpers.exe 4076
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe 4092
C:\Program Files\Toshiba\SmoothView\SmoothView.exe 1596
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe 2220
C:\Program Files\Apoint2K\Apoint.exe 2204
C:\Program Files\Apoint2K\ApMsgFwd.exe 1088
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe 2876
C:\Program Files\Windows Defender\MSASCui.exe 2672
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe 3176
C:\Program Files\Toshiba\Utilities\KeNotify.exe 1788
C:\Windows\RtHDVCpl.exe 3280
C:\Program Files\McAfee\Common Framework\UdaterUI.exe 2200
C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe 3492
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe 3540
C:\Program Files\Java\jre6\bin\jusched.exe 3572
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe 3788
C:\Windows\ehome\ehtray.exe 3824
C:\Windows\System32\spool\drivers\w32x86\3\E_FATICDP.EXE 3284
C:\Program Files\Apoint2K\Apntex.exe 3880
C:\Windows\ehome\ehmsas.exe 2972
C:\Program Files\Windows Media Player\wmpnscfg.exe 1364
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE 1380
C:\Program Files\Windows Media Player\wmpnetwk.exe 3948
C:\Program Files\McAfee\Common Framework\McTray.exe 2180
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe 4104
C:\Program Files\Toshiba\ConfigFree\CFWAN.exe 4128
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe 4152
C:\Windows\system32\wuauclt.exe 5128
C:\Windows\explorer.exe 5960
C:\Program Files\Windows Live\Mail\wlmail.exe 3172
C:\Program Files\Windows Live\Contacts\wlcomm.exe 5052
C:\Program Files\Internet Explorer\iexplore.exe 4468
C:\Program Files\Internet Explorer\iexplore.exe 5700
C:\Users\M.S\Desktop\List_Killem.exe 5188
C:\Windows\system32\cmd.exe 4388
C:\Windows\system32\wbem\wmiprvse.exe 2844
C:\Windows\system32\SearchProtocolHost.exe 5768
C:\Windows\system32\SearchFilterHost.exe 4548
C:\Users\M.S\AppData\Local\Temp\32C3.tmp\pv.exe 252
======================
Cles de demarrage "Run"
======================
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"="TOSCDSPD.EXE"
"ehTray.exe"="C:\\Windows\\ehome\\ehTray.exe"
"EPSON Stylus CX7300 Series"="C:\\Windows\\system32\\spool\\DRIVERS\\W32X86\\3\\E_FATICDP.EXE /FU \"C:\\Windows\\TEMP\\E_SF0C7.tmp\" /EF \"HKCU\""
"msnmsgr"="\"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\" /background"
"Tivi5Widget"="\"C:\\Users\\M.S\\Desktop\\Widget TIVI5.exe\""
"WMPNSCFG"="C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe"
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\\Windows\\system32\\igfxtray.exe"
"HotKeysCmds"="C:\\Windows\\system32\\hkcmd.exe"
"Persistence"="C:\\Windows\\system32\\igfxpers.exe"
"TPwrMain"=hex(2):25,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,46,00,69,00,\
6c,00,65,00,73,00,25,00,5c,00,54,00,4f,00,53,00,48,00,49,00,42,00,41,00,5c,\
00,50,00,6f,00,77,00,65,00,72,00,20,00,53,00,61,00,76,00,65,00,72,00,5c,00,\
54,00,50,00,77,00,72,00,4d,00,61,00,69,00,6e,00,2e,00,45,00,58,00,45,00,00,\
00
"HSON"=hex(2):25,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,46,00,69,00,6c,\
00,65,00,73,00,25,00,5c,00,54,00,4f,00,53,00,48,00,49,00,42,00,41,00,5c,00,\
54,00,42,00,53,00,5c,00,48,00,53,00,4f,00,4e,00,2e,00,65,00,78,00,65,00,00,\
00
"SmoothView"=hex(2):25,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,46,00,69,\
00,6c,00,65,00,73,00,25,00,5c,00,54,00,6f,00,73,00,68,00,69,00,62,00,61,00,\
5c,00,53,00,6d,00,6f,00,6f,00,74,00,68,00,56,00,69,00,65,00,77,00,5c,00,53,\
00,6d,00,6f,00,6f,00,74,00,68,00,56,00,69,00,65,00,77,00,2e,00,65,00,78,00,\
65,00,00,00
"00TCrdMain"=hex(2):25,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,46,00,69,\
00,6c,00,65,00,73,00,25,00,5c,00,54,00,4f,00,53,00,48,00,49,00,42,00,41,00,\
5c,00,46,00,6c,00,61,00,73,00,68,00,43,00,61,00,72,00,64,00,73,00,5c,00,54,\
00,43,00,72,00,64,00,4d,00,61,00,69,00,6e,00,2e,00,65,00,78,00,65,00,00,00
"Apoint"="C:\\Program Files\\Apoint2K\\Apoint.exe"
"jswtrayutil"="\"C:\\Program Files\\Jumpstart\\jswtrayutil.exe\""
"AVG8_TRAY"="C:\\PROGRA~1\\AVG\\AVG8\\avgtray.exe"
"Camera Assistant Software"="\"C:\\Program Files\\Camera Assistant Software for Toshiba\\traybar.exe\""
"Windows Defender"=hex(2):25,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,46,\
00,69,00,6c,00,65,00,73,00,25,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,00,\
73,00,20,00,44,00,65,00,66,00,65,00,6e,00,64,00,65,00,72,00,5c,00,4d,00,53,\
00,41,00,53,00,43,00,75,00,69,00,2e,00,65,00,78,00,65,00,20,00,2d,00,68,00,\
69,00,64,00,65,00,00,00
"ITSecMng"=hex(2):25,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,46,00,69,00,\
6c,00,65,00,73,00,25,00,5c,00,54,00,4f,00,53,00,48,00,49,00,42,00,41,00,5c,\
00,42,00,6c,00,75,00,65,00,74,00,6f,00,6f,00,74,00,68,00,20,00,54,00,6f,00,\
73,00,68,00,69,00,62,00,61,00,20,00,53,00,74,00,61,00,63,00,6b,00,5c,00,49,\
00,74,00,53,00,65,00,63,00,4d,00,6e,00,67,00,2e,00,65,00,78,00,65,00,20,00,\
2f,00,53,00,54,00,41,00,52,00,54,00,00,00
"NDSTray.exe"="NDSTray.exe"
"HWSetup"="\\HWSetup.exe hwSetUP"
"SVPWUTIL"="C:\\Program Files\\TOSHIBA\\Utilities\\SVPWUTIL.exe SVPwUTIL"
"KeNotify"="C:\\Program Files\\TOSHIBA\\Utilities\\KeNotify.exe"
"RtHDVCpl"="RtHDVCpl.exe"
"McAfeeUpdaterUI"="\"C:\\Program Files\\McAfee\\Common Framework\\UdaterUI.exe\" /StartedFromRunKey"
"ContentTransferWMDetector.exe"="C:\\Program Files\\Sony\\Content Transfer\\ContentTransferWMDetector.exe"
"GrooveMonitor"="\"C:\\Program Files\\Microsoft Office\\Office12\\GrooveMonitor.exe\""
"FBSSA"="C:\\Program Files\\SGPSA\\ie3sh.exe"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre6\\bin\\jusched.exe\""
"WinampAgent"="\"C:\\Program Files\\Winamp\\winampa.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
@=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"
@=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"
@=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"
@=""
=====================
cles additionnelles
=====================
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=dword:00000002
"ConsentPromptBehaviorUser"=dword:00000001
"EnableInstallerDetection"=dword:00000001
"EnableLUA"=dword:00000000
"EnableSecureUIAPaths"=dword:00000001
"EnableVirtualization"=dword:00000001
"PromptOnSecureDesktop"=dword:00000001
"ValidateAdminCodeSignatures"=dword:00000000
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"scforceoption"=dword:00000000
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"FilterAdministratorToken"=dword:00000000
"EnableUIADesktopToggle"=dword:00000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UIPI]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UIPI\Clipboard]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UIPI\Clipboard\ExceptionFormats]
"CF_TEXT"=dword:00000001
"CF_BITMAP"=dword:00000002
"CF_OEMTEXT"=dword:00000007
"CF_DIB"=dword:00000008
"CF_PALETTE"=dword:00000009
"CF_UNICODETEXT"=dword:0000000d
"CF_DIBV5"=dword:00000011
===============
===============
===============
===============
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
======
BHO :
======
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{043344E2-8415-4B1A-8C50-AF333F6596Ba}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
@=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
@="Winamp Toolbar Loader"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
@="WormRadar.com IESiteBlocker.NavFilter"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
@=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
@=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
"NoExplorer"=dword:00000001
==========================
=========================
Environnement variables :
=========================
AdMin00=~NYou must be Administrator of this PC to continue !!~N~NIn this conditions, The program cannot continue ...~N~NPlease speak about this to the person who helps you
AdMin01=... WARNING !!!
Administrative Tools=C:\Users\M.S\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\ADMINI~1
ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\M.S\AppData\Roaming
AUTHOR=C_XX
BKCOUNT=19
BOOTMODE=Normal Boot
Cache=C:\Users\M.S\AppData\Local\MICROS~1\Windows\TEMPOR~1
CD Burning=C:\Users\M.S\AppData\Local\MICROS~1\Windows\Burn\Burn
CHOICE=L
choix=1
Common Administrative Tools=C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\ADMINI~1
Common AppData=C:\PROGRA~2
Common Desktop=C:\Users\Public\Desktop
Common Documents=C:\Users\Public\DOCUME~1
Common Favorites=C:\Users\M.S\FAVORI~1
Common Music=C:\Users\Public\Music
Common Pictures=C:\Users\Public\Pictures
Common Programs=C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs
Common Start Menu=C:\PROGRA~2\MICROS~1\Windows\STARTM~1
Common Startup=C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup
Common Templates=C:\PROGRA~2\MICROS~1\Windows\TEMPLA~1
Common Video=C:\Users\Public\Videos
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=PC-DE-FIRAS
ComSpec=C:\Windows\system32\cmd.exe
Cookies=C:\Users\M.S\AppData\Roaming\MICROS~1\Windows\Cookies
CurrReport=1
Desktop=C:\Users\M.S\Desktop
DFSTRACINGON=FALSE
DISPLAY00=CALL DISPLAY ³³³³³
DISPLAY01=CALL DISPLAY ³³³³³³³³
DISPLAY02=CALL DISPLAY ³³³³³³³³³³³³
DISPLAY03=CALL DISPLAY ³³³³³³³³³³³³³³³³
DISPLAY04=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³
DISPLAY05=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³
DISPLAY06=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
DISPLAY07=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
DISPLAY08=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
DISPLAY09=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
DISPLAY10=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
DISPLAY11=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
DISPLAY12=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
DISPLAY13=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
DISPLAY14=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
DISPLAY15=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
Do00=Move.bat
Do01=DelKeys.bat
Do02=DelValues.bat
DPF=C:\Windows\Downloaded Program Files
Favorites=C:\Users\M.S\FAVORI~1
Fonts=C:\Windows\Fonts
FP_NO_HOST_CHECK=NO
History=C:\Users\M.S\AppData\Local\MICROS~1\Windows\History
HOMEDRIVE=C:
HOMEPATH=\Users\M.S
IE=C:\Program Files\Internet Explorer
Incompatible OS 00=~NThis program can run only under Windows XP,Vista and 7 !~N~NClik ~qOK~q to quit.
Incompatible OS 01=... Incompatible OS !!!
INSTALLER=C:\Windows\Installer
L01=Wait please ...
L02=~NERROR ! -- One or some component(s) is/are missing !~N~N Press 'ok' to exit.
L05=Finished! The report has been saved here:
L06=Choice and press enter to continue
L07=Added scan finished
L07A=Added scan
L08=Cleaning of the temporary files ended
L09=Unable to get version
L10=Administrator
L10A=Not Administrator
L11=Scan ^(No deletion is made^)
L12=Launch cleaning
L13=Uninstall
L14=Exit
L15=LOGFILE OF AD-REMOVER 1.1.4.6_B ^| ONLY XP/VISTA/7
L16=Updated by C_XX on 08.11.2009 at 14:49
L17=Contact: AdRemover.contact@gmail.com
L18=Website: http://pagesperso-orange.fr/NosTools/ad_remover.html
L19=Launch at: 19:54:13, Tue 11/10/2009 ^| Normal Boot
L20=Executed from:
L21=Operating system:
L22=Computer Name: PC-DE-FIRAS ^| Current user: M.S
L23=Option:
L24=Scanning, please wait the time of the research.
L25=NEUTRALIZED ELEMENT^(S^)
L25A=FOUND ELEMENT^(S^)
L26=Temp files deleted.
L27=End at:
L28=ProfilePath:
Local AppData=C:\Users\M.S\AppData\Local
LOCALAPPDATA=C:\Users\M.S\AppData\Local
LOCALLOW=C:\Users\M.S\AppData\LocalLow
LOGONSERVER=\\PC-DE-FIRAS
misc=Byte
misc2=File
misc3=ERASED
misc4=FOUND
misc5=Scan progress ..
Mode=CLEAN
MSN=C:\Program Files\MSN Messenger
My Music=C:\Users\M.S\Music
My Pictures=C:\Users\M.S\Pictures
NAME=AD-REMOVER
NBC02=1
NBS02=1
NetHood=C:\Users\M.S\AppData\Roaming\MICROS~1\Windows\NETWOR~1
nondelete=... [b]NOT DELETED !!/b
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
OS_SP=Service Pack 1
OS_VERSION=Home Premium
Page_Values=Default_Page_URL|Default_Search_URL|SearchAssistant|Search bar|Search Page|Start Page|Start Page Restore|First Home Page
Path=C:\Program Files\PC Connectivity Solution\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
Personal=C:\Users\M.S\DOCUME~1
PrintHood=C:\Users\M.S\AppData\Roaming\MICROS~1\Windows\PRINTE~1
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 13, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f0d
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
Programs=C:\Users\M.S\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs
PROMPT=$P$G
PUBLIC=C:\Users\Public
QUCOUNT=0
QUICK LAUNCH=C:\Users\M.S\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch
Recent=C:\Users\M.S\AppData\Roaming\MICROS~1\Windows\Recent
REPORT=C:\Ad-Report-CLEAN[1].log
SE=Windows Vista
SendTo=C:\Users\M.S\AppData\Roaming\MICROS~1\Windows\SendTo
Services=ASK(Service|Upgrade)|MyWebSearchService|OneStepS(rch|earch) Service|OneStep Search Service|PremierOpinion|RelevantKnowledge|(SearchIn1Step|Seekapp|SeekappSrch|Seekeen) Service|SeekService Service
SESSIONNAME=Console
SE_=1
Start Menu=C:\Users\M.S\AppData\Roaming\MICROS~1\Windows\STARTM~1
Startup=C:\Users\M.S\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup
SYSTEM32=C:\Windows\System32
SystemDrive=C:
SystemRoot=C:\Windows
TbPath=Software\Microsoft\Internet Explorer\Toolbar
Teatimer00=~NThe resident ~qTeaTimer.exe~q of ~qSpybot - Search ^& Destroy~q is active !~N~NIn this conditions, The program cannot continue ...~N~NPlease speak about this to the person who helps you
Teatimer01=... WARNING !!!
TEMP=C:\Users\M.S\AppData\Local\Temp
TEMP2=C:\Windows\Temp
Templates=C:\Users\M.S\AppData\Roaming\MICROS~1\Windows\TEMPLA~1
TMP=C:\Users\M.S\AppData\Local\Temp
ToSrch01=Eorezo|FunWebProducts|ItsLabel|Kiwee Toolbar
ToSrch02=Bingo Day|Casino-On-Net|Casino Del Rio|Casino\.com Poker|EmpirePoker|Europa Casino|iMesh.lnk|My Speedy Alert|Pacific Poker|PartyPoker|Titan Poker|Vegas Red Casino|888poker\.net
TRACE_FORMAT_SEARCH_PATH=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
UAC00=~NThe ~qUser Account Control~q is enabled !~N~NIn this conditions, The program cannot continue ...~N~NPlease speak about this to the person who helps you
UAC01=... WARNING !!!
UPDATE_DATE=08.11.2009
UPDATE_TIME=14:49
USER=S-1-5-21-975476334-4192965003-4212137462-1000
USERDOMAIN=PC-DE-FIRAS
USERNAME=M.S
USERPROFILE=C:\Users\M.S
VER=1.1.4.6_B
VERFF=^[Unable to get version^]
VERIE=8.0.6001.18828
VERW=v6.0.6001
windir=C:\Windows
WLM=C:\Program Files\Windows Live\Messenger
¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :
C:\Windows\System32\drivers\etc\hosts.msn
¤¤¤¤¤¤¤¤¤¤ Clés de registre Presentes :
¤¤¤¤¤¤¤¤¤¤ C:\Windows\Prefetch :
AgAppLaunch.db
AgCx_S1_S-1-5-21-975476334-4192965003-4212137462-1000.snp.db
AgCx_SC1.db
AgCx_SC1.db.trx
AgCx_SC2.db
AgGlFaultHistory.db
AgGlFgAppHistory.db
AgGlGlobalHistory.db
AgGlUAD_P_S-1-5-21-975476334-4192965003-4212137462-1000.db
AgGlUAD_S-1-5-21-975476334-4192965003-4212137462-1000.db
AgRobust.db
ATBROKER.EXE-2E15A492.pf
AUDIODG.EXE-BDFD3029.pf
AU_.EXE-C319FE8B.pf
AVGAM.EXE-FAD3A97D.pf
AVGCMGR.EXE-27FF3A49.pf
AVGCSRVX.EXE-8B55A462.pf
AVGDIAGEX.EXE-CC515C16.pf
AVGEMC.EXE-42B06698.pf
AVGNSX.EXE-C26363CC.pf
AVGRSX.EXE-1D418725.pf
AVGSCANX.EXE-DB10FF75.pf
AVGUPD.EXE-ED364EA9.pf
AVGWDSVC.EXE-C6AB48FA.pf
CFWAN.EXE-CBF60D6F.pf
CGUARD.EXE-D54675FF.pf
CMD.EXE-4A81B364.pf
CONSENT.EXE-531BD9EA.pf
CONTROL.EXE-817F8F1D.pf
DEFRAG.EXE-588F90AD.pf
DFRGNTFS.EXE-7E4077FE.pf
DLLHOST.EXE-5E46FA0D.pf
DLLHOST.EXE-6A473D35.pf
DLLHOST.EXE-766398D2.pf
DLLHOST.EXE-7FAA2E4C.pf
DLLHOST.EXE-B2EB1806.pf
DWM.EXE-6FFD3DA8.pf
EHMSAS.EXE-2D3B2F21.pf
EXPLORER.EXE-A80E4F97.pf
E_FARNCDP.EXE-AAFCFD47.pf
FIXCFG.EXE-298258C9.pf
FLASHUTIL10C.EXE-1A30AEBE.pf
GAMECONSOLESERVICE.EXE-D1EBC6EE.pf
GEPLUGIN.EXE-92045D26.pf
GOOGLECRASHHANDLER.EXE-8A3B4C33.pf
GOOGLEEARTH-WIN-5.1.3509.4636-DC6D6003.pf
GOOGLEEARTH.EXE-4179DA94.pf
GOOGLEEARTH.EXE-A5020785.pf
GOOGLEEARTHSETUP[1].EXE-648417E1.pf
GOOGLEUPDATE.EXE-6C94DAE7.pf
GOOGLEUPDATE.EXE-D926F795.pf
GOOGLEUPDATE.EXE-FE771DDA.pf
HC2SETFR[1].EXE-45BF5AD2.pf
HC2SETFR[1].EXE-9395102C.pf
HELPER.EXE-8AEDE3E3.pf
HELPPANE.EXE-FEDC965B.pf
HYCAM2.EXE-4BE65D9D.pf
HYCAM2.EXE-C738269E.pf
IELOWUTIL.EXE-3885C25E.pf
IEXPLORE.EXE-908C99F8.pf
IGFXEXT.EXE-D5F523DB.pf
IGFXSRVC.EXE-96A493A4.pf
INFOCARD.EXE-ECED8D38.pf
IVPSVMGR.EXE-858F4F23.pf
JAVA.EXE-E27B75C2.pf
JP2LAUNCHER.EXE-7C1F11C1.pf
JP2LAUNCHER.EXE-961131B6.pf
KENOTIFY.EXE-2C13E0E5.pf
LAUNCHER.EXE-A271E3DA.pf
Layout.ini
LIMEWIRE.EXE-85607912.pf
LOGON.SCR-30601369.pf
LOGONUI.EXE-09140401.pf
MCUPDATE.EXE-62E74733.pf
MEDIAMANAGER.EXE-3437944F.pf
MFPMP.EXE-26F35380.pf
MOVIEMK.EXE-0E4D00C6.pf
MPAS-D.EXE-40FE95BA.pf
MPSIGSTUB.EXE-92A5CA3E.pf
MSCORSVW.EXE-90526FAC.pf
MSFEEDSSYNC.EXE-6E6FBDF4.pf
MSGPLUSUNINSTALL.EXE-57837A00.pf
MSIEXEC.EXE-A2D55CB6.pf
MSNMSGR.EXE-9974F251.pf
MSPAINT.EXE-76E10B24.pf
NGEN.EXE-3CFD6908.pf
NTOSBOOT-B00DFAAD.pf
PATCH-3.0.1-VERS-3.0.2.EXE-54CA3588.pf
PCALUA.EXE-43C7C886.pf
PfSvPerfStats.bin
ReadyBoot
REG.EXE-E7E8BD26.pf
RUNDLL32.EXE-3BDF31B9.pf
RUNDLL32.EXE-57C295A2.pf
RUNDLL32.EXE-A6251510.pf
RUNDLL32.EXE-F89FBB70.pf
RUNESCAPE.EXE-4E91D5B3.pf
RUNONCE.EXE-D0649312.pf
SEARCHFILTERHOST.EXE-77482212.pf
SEARCHINDEXER.EXE-4A6353B9.pf
SEARCHPROTOCOLHOST.EXE-0CB8CADE.pf
SETUP_WM.EXE-674F654A.pf
SVCHOST.EXE-7CFEDEA3.pf
TASKENG.EXE-48D4E289.pf
TASKMGR.EXE-5F5F473D.pf
TRUSTEDINSTALLER.EXE-3CC531E5.pf
UNINST.EXE-4CF4EAC5.pf
UNINSTALL.EXE-108D5A65.pf
UNINSTALL.EXE-182FB177.pf
UNINSTALL.EXE-40F0F4CA.pf
UNINSTALL.EXE-4BB5E521.pf
UNINSTALL.EXE-977905F2.pf
UNINSTALL.EXE-B283CAFD.pf
UNINSTALL.EXE-BA8216A7.pf
UNINSTALL.EXE-CAA1A7CF.pf
UNINSTALL.EXE-D26763BA.pf
UNINSTALL.EXE-E5D37133.pf
UNINSTALL.EXE-ED26D11E.pf
UNINSTALL.EXE-F1869094.pf
UNINSTALL.EXE-F2809E78.pf
UNINSTALL.EXE-F4C6114C.pf
UNINSTALLER.EXE-FB9CC9A0.pf
USERINIT.EXE-2257A3E7.pf
VERCLSID.EXE-7C52E31C.pf
VLC.EXE-A11F73EE.pf
VSSVC.EXE-B8AFC319.pf
WERCON.EXE-E36BD04E.pf
WERFAULT.EXE-E69F695A.pf
WERMGR.EXE-0F2AC88C.pf
WINDOWS-LIVE-MAIL-2009_WL_MAI-E9866E8F.pf
WINWORD.EXE-C91725A1.pf
WLARP.EXE-7C7BF51D.pf
WLCOMM.EXE-272FF9F7.pf
WLLOGINPROXY.EXE-9E0DCEF8.pf
WLMAIL.EXE-1507296E.pf
WLOOBE.EXE-701CAC6F.pf
WLSETUP-WEB[1].EXE-EDA95AC2.pf
WMIADAP.EXE-F8DFDFA2.pf
WMIPRVSE.EXE-1628051C.pf
WMPLAYER.EXE-BAD6BD53.pf
WMPNETWK.EXE-D9F2A96F.pf
WOW.EXE-59754F91.pf
WUAUCLT.EXE-70318591.pf
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
Dsl si je vous derange...
Merci encore :)
Le fichier est disons ne s'ouvre avec aucun des logiciels que j'ai mais voici le lien :
https://www.cjoint.com/?lkoz7RABn3