Problemes spam,pub et autres
Résolu/Fermé
fladz
Messages postés
48
Date d'inscription
jeudi 12 novembre 2009
Statut
Membre
Dernière intervention
2 janvier 2010
-
15 nov. 2009 à 23:19
Utilisateur anonyme - 18 nov. 2009 à 00:59
Utilisateur anonyme - 18 nov. 2009 à 00:59
A voir également:
- Problemes spam,pub et autres
- Bloqueur de pub youtube - Guide
- Netflix standard avec pub - Guide
- Youtube sans pub - Guide
- YT Siphon : une extension pour contourner la pub sur YouTube - Guide
- Stop pub gratuit - Télécharger - Divers Utilitaires
44 réponses
Utilisateur anonyme
15 nov. 2009 à 23:36
15 nov. 2009 à 23:36
Salut.
Pour voir si tu es infecté :
HijackThis :
▶ Télécharge /// ---> HijackThis <--- \\
▶ Tout est expliqué sur ce site web pour l'installer et l'utiliser correctement.
▶ Poste le rapport obtenu dans le bloc note dans ta prochaine réponse.
Comment copier/coller le rapport :
▶ Quand tu as le rapport à l écran, tu fais ctrl A pour "sélectionner tout" puis ctrl C pour "copier".
▶ Ensuite tu viens sur le forum pour me répondre et tu fais ctrl V pour "coller" le rapport.
+
Pour voir si tu es infecté :
HijackThis :
▶ Télécharge /// ---> HijackThis <--- \\
▶ Tout est expliqué sur ce site web pour l'installer et l'utiliser correctement.
▶ Poste le rapport obtenu dans le bloc note dans ta prochaine réponse.
Comment copier/coller le rapport :
▶ Quand tu as le rapport à l écran, tu fais ctrl A pour "sélectionner tout" puis ctrl C pour "copier".
▶ Ensuite tu viens sur le forum pour me répondre et tu fais ctrl V pour "coller" le rapport.
+
fladz
Messages postés
48
Date d'inscription
jeudi 12 novembre 2009
Statut
Membre
Dernière intervention
2 janvier 2010
16 nov. 2009 à 00:09
16 nov. 2009 à 00:09
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:08:39, on 16/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Hercules\DualPix Exchange\Camservice.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\EoRezo\EoEngine.exe
C:\Documents and Settings\fladzy\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\NETGEAR GA511 Adapter\GA511.exe
C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\trend micro\hjt.exe.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://y.lo.st
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EoBHO - {C7B76B90-3455-4AE6-A752-EAC4D19689E5} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [CamserviceDP] C:\Program Files\Hercules\DualPix Exchange\Camservice.exe /startup
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe"
O4 - HKLM\..\Run: [SoftwareHelper] C:\Documents and Settings\fladzy\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [DeleteDir[CD8] Search Guard Plus Updater] cmd.exe /C RD /S /Q C:\PROGRA~1\SEARCH~2
O4 - HKLM\..\RunOnce: [DeleteDir[CD8] Search Guard Plus Updater1] cmd.exe /C RD /S /Q C:\ARCHIV~1\SEARCH~2
O4 - HKLM\..\RunOnce: [DeleteDir[CD8] Search Guard Plus Updater2] cmd.exe /C RD /S /Q C:\ARQUIV~1\SEARCH~2
O4 - HKLM\..\RunOnce: [DeleteDir[CD8] Search Guard Plus] cmd.exe /C RD /S /Q C:\PROGRA~1\SEARCH~1
O4 - HKLM\..\RunOnce: [DeleteDir[CD8] Search Guard Plus1] cmd.exe /C RD /S /Q C:\ARCHIV~1\SEARCH~1
O4 - HKLM\..\RunOnce: [DeleteDir[CD8] Search Guard Plus2] cmd.exe /C RD /S /Q C:\ARQUIV~1\SEARCH~1
O4 - HKLM\..\RunOnce: [DeleteDir[CD8] Fast Browser Search] cmd.exe /C RD /S /Q C:\PROGRA~1\FASTBR~1
O4 - HKLM\..\RunOnce: [DeleteDir[CD8] SGPSA] cmd.exe /C RD /S /Q C:\PROGRA~1\SGPSA
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: GA511 Smart Wizard Utility.lnk = ?
O4 - Global Startup: Wireless Configuration Utility HW.14.lnk = C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\fladzy\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
Scan saved at 00:08:39, on 16/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Hercules\DualPix Exchange\Camservice.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\EoRezo\EoEngine.exe
C:\Documents and Settings\fladzy\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\NETGEAR GA511 Adapter\GA511.exe
C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\trend micro\hjt.exe.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://y.lo.st
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EoBHO - {C7B76B90-3455-4AE6-A752-EAC4D19689E5} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [CamserviceDP] C:\Program Files\Hercules\DualPix Exchange\Camservice.exe /startup
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe"
O4 - HKLM\..\Run: [SoftwareHelper] C:\Documents and Settings\fladzy\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [DeleteDir[CD8] Search Guard Plus Updater] cmd.exe /C RD /S /Q C:\PROGRA~1\SEARCH~2
O4 - HKLM\..\RunOnce: [DeleteDir[CD8] Search Guard Plus Updater1] cmd.exe /C RD /S /Q C:\ARCHIV~1\SEARCH~2
O4 - HKLM\..\RunOnce: [DeleteDir[CD8] Search Guard Plus Updater2] cmd.exe /C RD /S /Q C:\ARQUIV~1\SEARCH~2
O4 - HKLM\..\RunOnce: [DeleteDir[CD8] Search Guard Plus] cmd.exe /C RD /S /Q C:\PROGRA~1\SEARCH~1
O4 - HKLM\..\RunOnce: [DeleteDir[CD8] Search Guard Plus1] cmd.exe /C RD /S /Q C:\ARCHIV~1\SEARCH~1
O4 - HKLM\..\RunOnce: [DeleteDir[CD8] Search Guard Plus2] cmd.exe /C RD /S /Q C:\ARQUIV~1\SEARCH~1
O4 - HKLM\..\RunOnce: [DeleteDir[CD8] Fast Browser Search] cmd.exe /C RD /S /Q C:\PROGRA~1\FASTBR~1
O4 - HKLM\..\RunOnce: [DeleteDir[CD8] SGPSA] cmd.exe /C RD /S /Q C:\PROGRA~1\SGPSA
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: GA511 Smart Wizard Utility.lnk = ?
O4 - Global Startup: Wireless Configuration Utility HW.14.lnk = C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\fladzy\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
fladz
Messages postés
48
Date d'inscription
jeudi 12 novembre 2009
Statut
Membre
Dernière intervention
2 janvier 2010
16 nov. 2009 à 00:11
16 nov. 2009 à 00:11
voila j'ai fait comme tu ma dit
Utilisateur anonyme
16 nov. 2009 à 00:14
16 nov. 2009 à 00:14
Re.
Tu as téléchargé sur EoRezo. Leurs programmes sont tous néfastes, ne va plus chez eux ! Plus d'infos ici : https://forum.malekal.com/viewtopic.php?f=33&t=18245&p=145923#p145923
Pareil pour SweetIm. :)
AD-Remover :
* Sous Vista : ▶ Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection):
* Clique sur Démarrer puis sur panneau de configuration
* Double Clique sur l'icône "Comptes d'utilisateurs"
* Clique ensuite sur désactiver et valide.
* Redémarre le PC
▶ Télécharge et enregistre le fichier d installation sur ton bureau : /// ---> AD-REMOVER DE C_XX<--- \
▶ Ici, le ---<Tutoriel d'installation>--- si besoin.
▶ Double clique sur le programme d'installation , et installe le dans son emplacement par défaut. ( le bureau )
▶ Ouvre le dossier Ad-remover présent sur ton bureau
▶ Double clique sur Ad-R.exe.
* Si Vista : clic droit sur AD-Remover et sélectionner "Exécuter en tant qu'administrateur"
▶ Au menu principal choisi l'option "L" et tape sur [entrée] .
▶ Laisse travailler l'outil et ne touche à rien ...
▶ Poste le rapport qui apparait à la fin.
( le rapport est sauvegardé aussi sous C:\Ad-report.log )
(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Note :
Process.exe est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
++
Tu as téléchargé sur EoRezo. Leurs programmes sont tous néfastes, ne va plus chez eux ! Plus d'infos ici : https://forum.malekal.com/viewtopic.php?f=33&t=18245&p=145923#p145923
Pareil pour SweetIm. :)
AD-Remover :
* Sous Vista : ▶ Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection):
* Clique sur Démarrer puis sur panneau de configuration
* Double Clique sur l'icône "Comptes d'utilisateurs"
* Clique ensuite sur désactiver et valide.
* Redémarre le PC
▶ Télécharge et enregistre le fichier d installation sur ton bureau : /// ---> AD-REMOVER DE C_XX<--- \
▶ Ici, le ---<Tutoriel d'installation>--- si besoin.
▶ Double clique sur le programme d'installation , et installe le dans son emplacement par défaut. ( le bureau )
▶ Ouvre le dossier Ad-remover présent sur ton bureau
▶ Double clique sur Ad-R.exe.
* Si Vista : clic droit sur AD-Remover et sélectionner "Exécuter en tant qu'administrateur"
▶ Au menu principal choisi l'option "L" et tape sur [entrée] .
▶ Laisse travailler l'outil et ne touche à rien ...
▶ Poste le rapport qui apparait à la fin.
( le rapport est sauvegardé aussi sous C:\Ad-report.log )
(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Note :
Process.exe est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
++
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
fladz
Messages postés
48
Date d'inscription
jeudi 12 novembre 2009
Statut
Membre
Dernière intervention
2 janvier 2010
16 nov. 2009 à 00:19
16 nov. 2009 à 00:19
Mit à jour par C_XX le 15.11.2009 à 16:37
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 22:18:48, 15/11/2009 | Mode Normal | Option: SCAN
Exécuté de: C:\Program Files\Ad-Remover\
Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
Nom du PC: FLADZY-D16A8AE3 | Utilisateur actuel: fladzy
.
============== ÉLÉMENT(S) TROUVÉ(S) ==============
.
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
HKLM\software\EoRezo
HKLM\software\Live-Player
HKLM\software\SweetIM
HKCU\software\EoRezo
HKCU\software\Live-Player
HKCU\software\SweetIM
HKCU\software\appdatalow\AskBarDis
HKCU\software\appdatalow\AskHomepage
HKU\s-1-5-21-602162358-1284227242-839522115-1003\software\EoRezo
HKU\s-1-5-21-602162358-1284227242-839522115-1003\software\Live-Player
HKU\s-1-5-21-602162358-1284227242-839522115-1003\software\SweetIM
HKU\s-1-5-21-602162358-1284227242-839522115-1003\software\appdatalow\AskBarDis
HKU\s-1-5-21-602162358-1284227242-839522115-1003\software\appdatalow\AskHomepage
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SweetIM
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\EoEngine
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SoftwareHelper
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EEE6C35D-6118-11DC-9C72-001320C79847}
HKCU\software\microsoft\internet explorer\searchscopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
HKCU\software\microsoft\internet explorer\searchscopes\{19F2B849-4ADE-4d4b-85F9-C31C643DBDE9}
HKCU\software\microsoft\internet explorer\searchscopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
HKCU\software\microsoft\internet explorer\searchscopes\{EEE6C360-6118-11DC-9C72-001320C79847}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
HKLM\software\microsoft\windows\currentversion\uninstall\eoEngine_is1
HKLM\software\microsoft\windows\currentversion\uninstall\SoftwareUpdate_is1
HKLM\software\microsoft\windows\currentversion\uninstall\{8C13BEE4-E7CE-4E46-BD13-8F41DAD00FEF}
HKLM\software\classes\EoRezoBHO.EoBHO
HKLM\software\classes\EoRezoBHO.EoBHO.1
HKLM\software\classes\MediaPlayer.GraphicsUtils
HKLM\software\classes\MediaPlayer.GraphicsUtils.1
HKLM\software\classes\MgMediaPlayer.GifAnimator
HKLM\software\classes\MgMediaPlayer.GifAnimator.1
HKLM\software\classes\SWEETIE.IEToolbar
HKLM\software\classes\SWEETIE.IEToolbar.1
HKLM\software\classes\SweetIM_URLSearchHook.ToolbarURLSearchHook
HKLM\software\classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1
HKLM\software\classes\Toolbar3.SWEETIE
HKLM\software\classes\Toolbar3.SWEETIE.1
HKLM\software\classes\appid\EoRezoBHO.DLL
HKLM\software\classes\appid\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}
HKLM\Software\Classes\CLSID\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
HKLM\Software\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
HKLM\Software\Classes\CLSID\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
HKLM\Software\Classes\CLSID\{F0626A63-410B-45E2-99A1-3F2475B2D695}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0626A63-410B-45E2-99A1-3F2475B2D695}
HKLM\Software\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
HKLM\Software\Classes\TypeLib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}
HKLM\Software\Classes\Interface\{819DB72D-1C28-4387-9778-E2FF3DC86F74}
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\351716A953E21214898904032EAE2E81
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5D19F074C042AD34BAB463D4175A062E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A189D17A469616C4688D23E192996267
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E337925F629CF4C4FB08F3D9674DD839
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Products\4EEB31C8EC7E64E4DB31F814AD0DF0FE
HKLM\software\classes\installer\Products\4EEB31C8EC7E64E4DB31F814AD0DF0FE
.
C:\DOCUME~1\fladzy\APPLIC~1\EoRezo
C:\DOCUME~1\fladzy\APPLIC~1\Mozilla\Firefox\Profiles\cb7fmhwb.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
C:\DOCUME~1\fladzy\APPLIC~1\Mozilla\Firefox\Profiles\cb7fmhwb.default\searchplugins\askcom.xml
C:\DOCUME~1\fladzy\APPLIC~1\Mozilla\Firefox\Profiles\cb7fmhwb.default\searchplugins\sweetim.xml
C:\DOCUME~1\fladzy\APPLIC~1\Mozilla\Firefox\Profiles\cb7fmhwb.default\SweetIMToolbarData
C:\DOCUME~1\ALLUSE~1\APPLIC~1\SweetIM
C:\Program Files\EoRezo
C:\Program Files\Fast Browser Search
C:\Program Files\Mozilla FireFox\Components\AskSearch.js
C:\Program Files\Search Guard Plus
C:\Program Files\Search Guard PlusU
C:\Program Files\SGPSA
C:\Program Files\SweetIM
C:\Windows\Installer\659811.msi
C:\Windows\Installer\659817.msi
C:\WINDOWS\Prefetch\ITSTV.EXE-2471068A.pf
C:\WINDOWS\Prefetch\ITSTV.EXE-2AE5F061.pf
C:\WINDOWS\Prefetch\ITSTV.EXE-331A3673.pf
C:\WINDOWS\Prefetch\SOFTWAREUPDATEHP.EXE-0BFBDA8A.pf
C:\WINDOWS\Prefetch\SWEETIM.EXE-114201E6.pf
C:\DOCUME~1\fladzy\Cookies\fladzy@ads.eorezo[2].txt
C:\DOCUME~1\fladzy\Cookies\fladzy@eorezo[1].txt
.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.5.5 [fr] *
.
Nom du profil: cb7fmhwb.default (fladzy)
.
(fladzy, Invalidprefs.js) Browser.download.lastDir, C:\Documents and Settings\fladzy\Bureau
(fladzy, Invalidprefs.js) Browser.search.defaultenginename, Fast Browser Search
(fladzy, Invalidprefs.js) Browser.search.defaulturl, hxxp://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=19&q=
(fladzy, Invalidprefs.js) Browser.search.selectedEngine, Fast Browser Search
(fladzy, Invalidprefs.js) Browser.startup.homepage, hxxp://y.lo.st
(fladzy, Invalidprefs.js) Sweetim.toolbar.previous.browser.search.defaultenginename, Live Search
(fladzy, Invalidprefs.js) Sweetim.toolbar.previous.browser.search.defaulturl, hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
(fladzy, Invalidprefs.js) Sweetim.toolbar.previous.browser.search.selectedEngine, Ask
(fladzy, Invalidprefs.js) Sweetim.toolbar.previous.browser.startup.homepage, hxxp://www.plusnetwork.com
.
(fladzy, Invalidprefs.js) TROUVE - Browser.search.defaultenginename, Fast Browser Search
(fladzy, Invalidprefs.js) TROUVE - Browser.search.defaulturl, hxxp://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=19&q=
(fladzy, Invalidprefs.js) TROUVE - Browser.search.order.1, Fast Browser Search
(fladzy, Invalidprefs.js) TROUVE - Browser.search.selectedEngine, Fast Browser Search
(fladzy, Invalidprefs.js) TROUVE - Browser.startup.homepage, hxxp://y.lo.st
(fladzy, Invalidprefs.js) TROUVE - Keyword.URL, hxxp://www.fastbrowsersearch.com/results/results.aspx?s=NAUS&v=19&tid={8FF58356-F749-FF87-40A5-7EAF7CA55512}&q=
(fladzy, Invalidprefs.js) TROUVE - Sweetim.toolbar.highlight.colors, #FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0
(fladzy, Invalidprefs.js) TROUVE - Sweetim.toolbar.logger.ConsoleHandler.MinReportLevel, 7
(fladzy, Invalidprefs.js) TROUVE - Sweetim.toolbar.logger.FileHandler.FileName, ff-toolbar.log
(fladzy, Invalidprefs.js) TROUVE - Sweetim.toolbar.logger.FileHandler.MaxFileSize, 200000
(fladzy, Invalidprefs.js) TROUVE - Sweetim.toolbar.logger.FileHandler.MinReportLevel, 7
(fladzy, Invalidprefs.js) TROUVE - Sweetim.toolbar.mode.debug, false
(fladzy, Invalidprefs.js) TROUVE - Sweetim.toolbar.previous.browser.search.defaultenginename, Live Search
(fladzy, Invalidprefs.js) TROUVE - Sweetim.toolbar.previous.browser.search.defaulturl, hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
(fladzy, Invalidprefs.js) TROUVE - Sweetim.toolbar.previous.browser.search.selectedEngine, Ask
(fladzy, Invalidprefs.js) TROUVE - Sweetim.toolbar.previous.browser.startup.homepage, hxxp://www.plusnetwork.com
(fladzy, Invalidprefs.js) TROUVE - Sweetim.toolbar.previous.keyword.URL, hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
(fladzy, Invalidprefs.js) TROUVE - Sweetim.toolbar.search.external, <?xml version=\1.0\?><TOOLBAR><EXTERNAL_SEARCH engine=\hxxp://*google.*\ param=\q=\ /><EXTERNAL_SEARCH engine=\hxxp://search.yahoo.com/*\ param=\p=\ /><EXTERNAL_SEARCH engine=\hxxp://search.sweetim.*\ param=\q=\ /><EXTERNAL_SEARCH engine=\hxxp://*.live.*/*\ param=\q=\ /><EXTERNAL_SEARCH engine=\hxxp://*youtube.com/\ param=\search_query=\ /><EXTERNAL_SEARCH engine=\hxxp://*.ebay.*/search/*\ param=\satitle=\ /><EXTERNAL_SEARCH engine=\hxxp://*.amazon.com/s/*\ param=\field-keywords=\ /></TOOLBAR>
(fladzy, Invalidprefs.js) TROUVE - Sweetim.toolbar.search.history.capacity, 10
(fladzy, Invalidprefs.js) TROUVE - Sweetim.toolbar.simapp_id, {EE890A99-7648-11DE-ACDD-0014D147EF57}
(fladzy, Invalidprefs.js) TROUVE - Sweetim.toolbar.urls.homepage, hxxp://home.sweetim.com
(fladzy, Invalidprefs.js) TROUVE - Sweetim.toolbar.version, 1.0.0.8
.
(fladzy, prefs.js) Browser.download.lastDir, G:\Pictures\DOSSIER SAB\Photos\La famille
(fladzy, prefs.js) Browser.search.defaultenginename, Fast Browser Search
(fladzy, prefs.js) Browser.search.defaulturl, hxxp://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=19&q=
(fladzy, prefs.js) Browser.search.selectedEngine, Fast Browser Search
(fladzy, prefs.js) Browser.startup.homepage, hxxp://www.google.fr/
(fladzy, prefs.js) Sweetim.toolbar.previous.browser.search.defaultenginename, Live Search
(fladzy, prefs.js) Sweetim.toolbar.previous.browser.search.defaulturl, hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
(fladzy, prefs.js) Sweetim.toolbar.previous.browser.search.selectedEngine, Ask
(fladzy, prefs.js) Sweetim.toolbar.previous.browser.startup.homepage, hxxp://www.plusnetwork.com
.
(fladzy, prefs.js) TROUVE - Browser.search.defaultengine, Ask.com
(fladzy, prefs.js) TROUVE - Browser.search.defaultenginename, Fast Browser Search
(fladzy, prefs.js) TROUVE - Browser.search.defaulturl, hxxp://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=19&q=
(fladzy, prefs.js) TROUVE - Browser.search.order.1, Fast Browser Search
(fladzy, prefs.js) TROUVE - Browser.search.selectedEngine, Fast Browser Search
(fladzy, prefs.js) TROUVE - Keyword.URL, hxxp://www.fastbrowsersearch.com/results/results.aspx?s=NAUS&v=19&tid={8FF58356-F749-FF87-40A5-7EAF7CA55512}&q=
(fladzy, prefs.js) TROUVE - Sweetim.toolbar.highlight.colors, #FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0
(fladzy, prefs.js) TROUVE - Sweetim.toolbar.logger.ConsoleHandler.MinReportLevel, 7
(fladzy, prefs.js) TROUVE - Sweetim.toolbar.logger.FileHandler.FileName, ff-toolbar.log
(fladzy, prefs.js) TROUVE - Sweetim.toolbar.logger.FileHandler.MaxFileSize, 200000
(fladzy, prefs.js) TROUVE - Sweetim.toolbar.logger.FileHandler.MinReportLevel, 7
(fladzy, prefs.js) TROUVE - Sweetim.toolbar.mode.debug, false
(fladzy, prefs.js) TROUVE - Sweetim.toolbar.previous.browser.search.defaultenginename, Live Search
(fladzy, prefs.js) TROUVE - Sweetim.toolbar.previous.browser.search.defaulturl, hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
(fladzy, prefs.js) TROUVE - Sweetim.toolbar.previous.browser.search.selectedEngine, Ask
(fladzy, prefs.js) TROUVE - Sweetim.toolbar.previous.browser.startup.homepage, hxxp://www.plusnetwork.com
(fladzy, prefs.js) TROUVE - Sweetim.toolbar.previous.keyword.URL, hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
(fladzy, prefs.js) TROUVE - Sweetim.toolbar.search.external, <?xml version=\1.0\?><TOOLBAR><EXTERNAL_SEARCH engine=\hxxp://*google.*\ param=\q=\ /><EXTERNAL_SEARCH engine=\hxxp://search.yahoo.com/*\ param=\p=\ /><EXTERNAL_SEARCH engine=\hxxp://search.sweetim.*\ param=\q=\ /><EXTERNAL_SEARCH engine=\hxxp://*.live.*/*\ param=\q=\ /><EXTERNAL_SEARCH engine=\hxxp://*youtube.com/\ param=\search_query=\ /><EXTERNAL_SEARCH engine=\hxxp://*.ebay.*/search/*\ param=\satitle=\ /><EXTERNAL_SEARCH engine=\hxxp://*.amazon.com/s/*\ param=\field-keywords=\ /></TOOLBAR>
(fladzy, prefs.js) TROUVE - Sweetim.toolbar.search.history.capacity, 10
(fladzy, prefs.js) TROUVE - Sweetim.toolbar.simapp_id, {EE890A99-7648-11DE-ACDD-0014D147EF57}
(fladzy, prefs.js) TROUVE - Sweetim.toolbar.urls.homepage, hxxp://home.sweetim.com
(fladzy, prefs.js) TROUVE - Sweetim.toolbar.version, 1.0.0.8
.
.
.
* Internet Explorer Version 8.0.6001.18702 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
First Home Page: hxxp://y.lo.st
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start Page: hxxp://www.msn.com/
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: hxxp://www.fastbrowsersearch.com/new-tab/?v=19&tid={D96BA9EB-CE02-4a3b-87EB-DDA7DF6D97F5}
.
============== Suspect (Cracks, Serials, ...) ==============
.
C:\Documents and Settings\fladzy\Mes documents\keygen.exe
.
===================================
.
19961 Octet(s) - C:\Ad-Report-SCAN[1].log
.
26 Fichier(s) - C:\DOCUME~1\fladzy\LOCALS~1\Temp
5 Fichier(s) - C:\WINDOWS\Temp
.
4 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
0 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
.
Fin à: 22:21:29 | 15/11/2009 - SCAN[1]
.
============== E.O.F ==============
.
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 22:18:48, 15/11/2009 | Mode Normal | Option: SCAN
Exécuté de: C:\Program Files\Ad-Remover\
Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
Nom du PC: FLADZY-D16A8AE3 | Utilisateur actuel: fladzy
.
============== ÉLÉMENT(S) TROUVÉ(S) ==============
.
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
HKLM\software\EoRezo
HKLM\software\Live-Player
HKLM\software\SweetIM
HKCU\software\EoRezo
HKCU\software\Live-Player
HKCU\software\SweetIM
HKCU\software\appdatalow\AskBarDis
HKCU\software\appdatalow\AskHomepage
HKU\s-1-5-21-602162358-1284227242-839522115-1003\software\EoRezo
HKU\s-1-5-21-602162358-1284227242-839522115-1003\software\Live-Player
HKU\s-1-5-21-602162358-1284227242-839522115-1003\software\SweetIM
HKU\s-1-5-21-602162358-1284227242-839522115-1003\software\appdatalow\AskBarDis
HKU\s-1-5-21-602162358-1284227242-839522115-1003\software\appdatalow\AskHomepage
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SweetIM
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\EoEngine
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SoftwareHelper
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EEE6C35D-6118-11DC-9C72-001320C79847}
HKCU\software\microsoft\internet explorer\searchscopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
HKCU\software\microsoft\internet explorer\searchscopes\{19F2B849-4ADE-4d4b-85F9-C31C643DBDE9}
HKCU\software\microsoft\internet explorer\searchscopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
HKCU\software\microsoft\internet explorer\searchscopes\{EEE6C360-6118-11DC-9C72-001320C79847}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
HKLM\software\microsoft\windows\currentversion\uninstall\eoEngine_is1
HKLM\software\microsoft\windows\currentversion\uninstall\SoftwareUpdate_is1
HKLM\software\microsoft\windows\currentversion\uninstall\{8C13BEE4-E7CE-4E46-BD13-8F41DAD00FEF}
HKLM\software\classes\EoRezoBHO.EoBHO
HKLM\software\classes\EoRezoBHO.EoBHO.1
HKLM\software\classes\MediaPlayer.GraphicsUtils
HKLM\software\classes\MediaPlayer.GraphicsUtils.1
HKLM\software\classes\MgMediaPlayer.GifAnimator
HKLM\software\classes\MgMediaPlayer.GifAnimator.1
HKLM\software\classes\SWEETIE.IEToolbar
HKLM\software\classes\SWEETIE.IEToolbar.1
HKLM\software\classes\SweetIM_URLSearchHook.ToolbarURLSearchHook
HKLM\software\classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1
HKLM\software\classes\Toolbar3.SWEETIE
HKLM\software\classes\Toolbar3.SWEETIE.1
HKLM\software\classes\appid\EoRezoBHO.DLL
HKLM\software\classes\appid\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}
HKLM\Software\Classes\CLSID\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
HKLM\Software\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
HKLM\Software\Classes\CLSID\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
HKLM\Software\Classes\CLSID\{F0626A63-410B-45E2-99A1-3F2475B2D695}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0626A63-410B-45E2-99A1-3F2475B2D695}
HKLM\Software\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
HKLM\Software\Classes\TypeLib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}
HKLM\Software\Classes\Interface\{819DB72D-1C28-4387-9778-E2FF3DC86F74}
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\351716A953E21214898904032EAE2E81
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5D19F074C042AD34BAB463D4175A062E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A189D17A469616C4688D23E192996267
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E337925F629CF4C4FB08F3D9674DD839
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Products\4EEB31C8EC7E64E4DB31F814AD0DF0FE
HKLM\software\classes\installer\Products\4EEB31C8EC7E64E4DB31F814AD0DF0FE
.
C:\DOCUME~1\fladzy\APPLIC~1\EoRezo
C:\DOCUME~1\fladzy\APPLIC~1\Mozilla\Firefox\Profiles\cb7fmhwb.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
C:\DOCUME~1\fladzy\APPLIC~1\Mozilla\Firefox\Profiles\cb7fmhwb.default\searchplugins\askcom.xml
C:\DOCUME~1\fladzy\APPLIC~1\Mozilla\Firefox\Profiles\cb7fmhwb.default\searchplugins\sweetim.xml
C:\DOCUME~1\fladzy\APPLIC~1\Mozilla\Firefox\Profiles\cb7fmhwb.default\SweetIMToolbarData
C:\DOCUME~1\ALLUSE~1\APPLIC~1\SweetIM
C:\Program Files\EoRezo
C:\Program Files\Fast Browser Search
C:\Program Files\Mozilla FireFox\Components\AskSearch.js
C:\Program Files\Search Guard Plus
C:\Program Files\Search Guard PlusU
C:\Program Files\SGPSA
C:\Program Files\SweetIM
C:\Windows\Installer\659811.msi
C:\Windows\Installer\659817.msi
C:\WINDOWS\Prefetch\ITSTV.EXE-2471068A.pf
C:\WINDOWS\Prefetch\ITSTV.EXE-2AE5F061.pf
C:\WINDOWS\Prefetch\ITSTV.EXE-331A3673.pf
C:\WINDOWS\Prefetch\SOFTWAREUPDATEHP.EXE-0BFBDA8A.pf
C:\WINDOWS\Prefetch\SWEETIM.EXE-114201E6.pf
C:\DOCUME~1\fladzy\Cookies\fladzy@ads.eorezo[2].txt
C:\DOCUME~1\fladzy\Cookies\fladzy@eorezo[1].txt
.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.5.5 [fr] *
.
Nom du profil: cb7fmhwb.default (fladzy)
.
(fladzy, Invalidprefs.js) Browser.download.lastDir, C:\Documents and Settings\fladzy\Bureau
(fladzy, Invalidprefs.js) Browser.search.defaultenginename, Fast Browser Search
(fladzy, Invalidprefs.js) Browser.search.defaulturl, hxxp://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=19&q=
(fladzy, Invalidprefs.js) Browser.search.selectedEngine, Fast Browser Search
(fladzy, Invalidprefs.js) Browser.startup.homepage, hxxp://y.lo.st
(fladzy, Invalidprefs.js) Sweetim.toolbar.previous.browser.search.defaultenginename, Live Search
(fladzy, Invalidprefs.js) Sweetim.toolbar.previous.browser.search.defaulturl, hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
(fladzy, Invalidprefs.js) Sweetim.toolbar.previous.browser.search.selectedEngine, Ask
(fladzy, Invalidprefs.js) Sweetim.toolbar.previous.browser.startup.homepage, hxxp://www.plusnetwork.com
.
(fladzy, Invalidprefs.js) TROUVE - Browser.search.defaultenginename, Fast Browser Search
(fladzy, Invalidprefs.js) TROUVE - Browser.search.defaulturl, hxxp://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=19&q=
(fladzy, Invalidprefs.js) TROUVE - Browser.search.order.1, Fast Browser Search
(fladzy, Invalidprefs.js) TROUVE - Browser.search.selectedEngine, Fast Browser Search
(fladzy, Invalidprefs.js) TROUVE - Browser.startup.homepage, hxxp://y.lo.st
(fladzy, Invalidprefs.js) TROUVE - Keyword.URL, hxxp://www.fastbrowsersearch.com/results/results.aspx?s=NAUS&v=19&tid={8FF58356-F749-FF87-40A5-7EAF7CA55512}&q=
(fladzy, Invalidprefs.js) TROUVE - Sweetim.toolbar.highlight.colors, #FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0
(fladzy, Invalidprefs.js) TROUVE - Sweetim.toolbar.logger.ConsoleHandler.MinReportLevel, 7
(fladzy, Invalidprefs.js) TROUVE - Sweetim.toolbar.logger.FileHandler.FileName, ff-toolbar.log
(fladzy, Invalidprefs.js) TROUVE - Sweetim.toolbar.logger.FileHandler.MaxFileSize, 200000
(fladzy, Invalidprefs.js) TROUVE - Sweetim.toolbar.logger.FileHandler.MinReportLevel, 7
(fladzy, Invalidprefs.js) TROUVE - Sweetim.toolbar.mode.debug, false
(fladzy, Invalidprefs.js) TROUVE - Sweetim.toolbar.previous.browser.search.defaultenginename, Live Search
(fladzy, Invalidprefs.js) TROUVE - Sweetim.toolbar.previous.browser.search.defaulturl, hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
(fladzy, Invalidprefs.js) TROUVE - Sweetim.toolbar.previous.browser.search.selectedEngine, Ask
(fladzy, Invalidprefs.js) TROUVE - Sweetim.toolbar.previous.browser.startup.homepage, hxxp://www.plusnetwork.com
(fladzy, Invalidprefs.js) TROUVE - Sweetim.toolbar.previous.keyword.URL, hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
(fladzy, Invalidprefs.js) TROUVE - Sweetim.toolbar.search.external, <?xml version=\1.0\?><TOOLBAR><EXTERNAL_SEARCH engine=\hxxp://*google.*\ param=\q=\ /><EXTERNAL_SEARCH engine=\hxxp://search.yahoo.com/*\ param=\p=\ /><EXTERNAL_SEARCH engine=\hxxp://search.sweetim.*\ param=\q=\ /><EXTERNAL_SEARCH engine=\hxxp://*.live.*/*\ param=\q=\ /><EXTERNAL_SEARCH engine=\hxxp://*youtube.com/\ param=\search_query=\ /><EXTERNAL_SEARCH engine=\hxxp://*.ebay.*/search/*\ param=\satitle=\ /><EXTERNAL_SEARCH engine=\hxxp://*.amazon.com/s/*\ param=\field-keywords=\ /></TOOLBAR>
(fladzy, Invalidprefs.js) TROUVE - Sweetim.toolbar.search.history.capacity, 10
(fladzy, Invalidprefs.js) TROUVE - Sweetim.toolbar.simapp_id, {EE890A99-7648-11DE-ACDD-0014D147EF57}
(fladzy, Invalidprefs.js) TROUVE - Sweetim.toolbar.urls.homepage, hxxp://home.sweetim.com
(fladzy, Invalidprefs.js) TROUVE - Sweetim.toolbar.version, 1.0.0.8
.
(fladzy, prefs.js) Browser.download.lastDir, G:\Pictures\DOSSIER SAB\Photos\La famille
(fladzy, prefs.js) Browser.search.defaultenginename, Fast Browser Search
(fladzy, prefs.js) Browser.search.defaulturl, hxxp://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=19&q=
(fladzy, prefs.js) Browser.search.selectedEngine, Fast Browser Search
(fladzy, prefs.js) Browser.startup.homepage, hxxp://www.google.fr/
(fladzy, prefs.js) Sweetim.toolbar.previous.browser.search.defaultenginename, Live Search
(fladzy, prefs.js) Sweetim.toolbar.previous.browser.search.defaulturl, hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
(fladzy, prefs.js) Sweetim.toolbar.previous.browser.search.selectedEngine, Ask
(fladzy, prefs.js) Sweetim.toolbar.previous.browser.startup.homepage, hxxp://www.plusnetwork.com
.
(fladzy, prefs.js) TROUVE - Browser.search.defaultengine, Ask.com
(fladzy, prefs.js) TROUVE - Browser.search.defaultenginename, Fast Browser Search
(fladzy, prefs.js) TROUVE - Browser.search.defaulturl, hxxp://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=19&q=
(fladzy, prefs.js) TROUVE - Browser.search.order.1, Fast Browser Search
(fladzy, prefs.js) TROUVE - Browser.search.selectedEngine, Fast Browser Search
(fladzy, prefs.js) TROUVE - Keyword.URL, hxxp://www.fastbrowsersearch.com/results/results.aspx?s=NAUS&v=19&tid={8FF58356-F749-FF87-40A5-7EAF7CA55512}&q=
(fladzy, prefs.js) TROUVE - Sweetim.toolbar.highlight.colors, #FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0
(fladzy, prefs.js) TROUVE - Sweetim.toolbar.logger.ConsoleHandler.MinReportLevel, 7
(fladzy, prefs.js) TROUVE - Sweetim.toolbar.logger.FileHandler.FileName, ff-toolbar.log
(fladzy, prefs.js) TROUVE - Sweetim.toolbar.logger.FileHandler.MaxFileSize, 200000
(fladzy, prefs.js) TROUVE - Sweetim.toolbar.logger.FileHandler.MinReportLevel, 7
(fladzy, prefs.js) TROUVE - Sweetim.toolbar.mode.debug, false
(fladzy, prefs.js) TROUVE - Sweetim.toolbar.previous.browser.search.defaultenginename, Live Search
(fladzy, prefs.js) TROUVE - Sweetim.toolbar.previous.browser.search.defaulturl, hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
(fladzy, prefs.js) TROUVE - Sweetim.toolbar.previous.browser.search.selectedEngine, Ask
(fladzy, prefs.js) TROUVE - Sweetim.toolbar.previous.browser.startup.homepage, hxxp://www.plusnetwork.com
(fladzy, prefs.js) TROUVE - Sweetim.toolbar.previous.keyword.URL, hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
(fladzy, prefs.js) TROUVE - Sweetim.toolbar.search.external, <?xml version=\1.0\?><TOOLBAR><EXTERNAL_SEARCH engine=\hxxp://*google.*\ param=\q=\ /><EXTERNAL_SEARCH engine=\hxxp://search.yahoo.com/*\ param=\p=\ /><EXTERNAL_SEARCH engine=\hxxp://search.sweetim.*\ param=\q=\ /><EXTERNAL_SEARCH engine=\hxxp://*.live.*/*\ param=\q=\ /><EXTERNAL_SEARCH engine=\hxxp://*youtube.com/\ param=\search_query=\ /><EXTERNAL_SEARCH engine=\hxxp://*.ebay.*/search/*\ param=\satitle=\ /><EXTERNAL_SEARCH engine=\hxxp://*.amazon.com/s/*\ param=\field-keywords=\ /></TOOLBAR>
(fladzy, prefs.js) TROUVE - Sweetim.toolbar.search.history.capacity, 10
(fladzy, prefs.js) TROUVE - Sweetim.toolbar.simapp_id, {EE890A99-7648-11DE-ACDD-0014D147EF57}
(fladzy, prefs.js) TROUVE - Sweetim.toolbar.urls.homepage, hxxp://home.sweetim.com
(fladzy, prefs.js) TROUVE - Sweetim.toolbar.version, 1.0.0.8
.
.
.
* Internet Explorer Version 8.0.6001.18702 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
First Home Page: hxxp://y.lo.st
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start Page: hxxp://www.msn.com/
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: hxxp://www.fastbrowsersearch.com/new-tab/?v=19&tid={D96BA9EB-CE02-4a3b-87EB-DDA7DF6D97F5}
.
============== Suspect (Cracks, Serials, ...) ==============
.
C:\Documents and Settings\fladzy\Mes documents\keygen.exe
.
===================================
.
19961 Octet(s) - C:\Ad-Report-SCAN[1].log
.
26 Fichier(s) - C:\DOCUME~1\fladzy\LOCALS~1\Temp
5 Fichier(s) - C:\WINDOWS\Temp
.
4 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
0 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
.
Fin à: 22:21:29 | 15/11/2009 - SCAN[1]
.
============== E.O.F ==============
.
Utilisateur anonyme
16 nov. 2009 à 00:22
16 nov. 2009 à 00:22
Tu as tapé "S" à l'écran.
Relance Ad-R et tape "L" à l'écran de choix des options stp ! :)
+
Relance Ad-R et tape "L" à l'écran de choix des options stp ! :)
+
fladz
Messages postés
48
Date d'inscription
jeudi 12 novembre 2009
Statut
Membre
Dernière intervention
2 janvier 2010
16 nov. 2009 à 00:23
16 nov. 2009 à 00:23
voila c fait
Utilisateur anonyme
16 nov. 2009 à 00:25
16 nov. 2009 à 00:25
Tu me posteras le rapport de suppression dès qu'il apparaîtra ! :)
fladz
Messages postés
48
Date d'inscription
jeudi 12 novembre 2009
Statut
Membre
Dernière intervention
2 janvier 2010
16 nov. 2009 à 00:31
16 nov. 2009 à 00:31
======= RAPPORT D'AD-REMOVER 1.1.4.6_C | UNIQUEMENT XP/VISTA/7 =======
.
Mit à jour par C_XX le 15.11.2009 à 16:37
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 0:26:27, 16/11/2009 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-Remover\
Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
Nom du PC: FLADZY-D16A8AE3 | Utilisateur actuel: fladzy
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
HKLM\software\EoRezo
HKLM\software\Live-Player
HKLM\software\SweetIM
HKCU\software\EoRezo
HKCU\software\Live-Player
HKCU\software\SweetIM
HKCU\software\appdatalow\AskBarDis
HKCU\software\appdatalow\AskHomepage
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SweetIM
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\EoEngine
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SoftwareHelper
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EEE6C35D-6118-11DC-9C72-001320C79847}
HKCU\software\microsoft\internet explorer\searchscopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
HKCU\software\microsoft\internet explorer\searchscopes\{19F2B849-4ADE-4d4b-85F9-C31C643DBDE9}
HKCU\software\microsoft\internet explorer\searchscopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
HKCU\software\microsoft\internet explorer\searchscopes\{EEE6C360-6118-11DC-9C72-001320C79847}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKLM\software\microsoft\windows\currentversion\uninstall\eoEngine_is1
HKLM\software\microsoft\windows\currentversion\uninstall\SoftwareUpdate_is1
HKLM\software\microsoft\windows\currentversion\uninstall\{8C13BEE4-E7CE-4E46-BD13-8F41DAD00FEF}
HKLM\software\classes\EoRezoBHO.EoBHO
HKLM\software\classes\EoRezoBHO.EoBHO.1
HKLM\software\classes\MediaPlayer.GraphicsUtils
HKLM\software\classes\MediaPlayer.GraphicsUtils.1
HKLM\software\classes\MgMediaPlayer.GifAnimator
HKLM\software\classes\MgMediaPlayer.GifAnimator.1
HKLM\software\classes\SWEETIE.IEToolbar
HKLM\software\classes\SWEETIE.IEToolbar.1
HKLM\software\classes\SweetIM_URLSearchHook.ToolbarURLSearchHook
HKLM\software\classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1
HKLM\software\classes\Toolbar3.SWEETIE
HKLM\software\classes\Toolbar3.SWEETIE.1
HKLM\software\classes\appid\EoRezoBHO.DLL
HKLM\software\classes\appid\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}
HKLM\Software\Classes\CLSID\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
HKLM\Software\Classes\TypeLib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}
HKLM\Software\Classes\Interface\{819DB72D-1C28-4387-9778-E2FF3DC86F74}
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\351716A953E21214898904032EAE2E81
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5D19F074C042AD34BAB463D4175A062E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A189D17A469616C4688D23E192996267
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E337925F629CF4C4FB08F3D9674DD839
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Products\4EEB31C8EC7E64E4DB31F814AD0DF0FE
HKLM\software\classes\installer\Products\4EEB31C8EC7E64E4DB31F814AD0DF0FE
.
C:\DOCUME~1\fladzy\APPLIC~1\EoRezo
C:\DOCUME~1\fladzy\APPLIC~1\Mozilla\Firefox\Profiles\cb7fmhwb.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
C:\DOCUME~1\fladzy\APPLIC~1\Mozilla\Firefox\Profiles\cb7fmhwb.default\searchplugins\askcom.xml
C:\DOCUME~1\fladzy\APPLIC~1\Mozilla\Firefox\Profiles\cb7fmhwb.default\searchplugins\sweetim.xml
C:\DOCUME~1\fladzy\APPLIC~1\Mozilla\Firefox\Profiles\cb7fmhwb.default\SweetIMToolbarData
C:\DOCUME~1\ALLUSE~1\APPLIC~1\SweetIM
C:\Program Files\EoRezo
C:\Program Files\Fast Browser Search
C:\Program Files\Mozilla FireFox\Components\AskSearch.js
C:\Program Files\Search Guard Plus
C:\Program Files\Search Guard PlusU
C:\Program Files\SGPSA
C:\Program Files\SweetIM ... [b]ERREUR SUPPRESSION !!/b
C:\Windows\Installer\659811.msi
C:\Windows\Installer\659817.msi
C:\WINDOWS\Prefetch\ITSTV.EXE-2471068A.pf
C:\WINDOWS\Prefetch\ITSTV.EXE-2AE5F061.pf
C:\WINDOWS\Prefetch\ITSTV.EXE-331A3673.pf
C:\WINDOWS\Prefetch\SOFTWAREUPDATEHP.EXE-0BFBDA8A.pf
C:\WINDOWS\Prefetch\SWEETIM.EXE-114201E6.pf
C:\DOCUME~1\fladzy\Cookies\fladzy@ads.eorezo[2].txt
C:\DOCUME~1\fladzy\Cookies\fladzy@eorezo[1].txt
(!) -- Fichiers temporaires supprimés.
.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.5.5 [fr] *
.
Nom du profil: cb7fmhwb.default (fladzy)
.
(fladzy, Invalidprefs.js) Browser.download.lastDir, C:\Documents and Settings\fladzy\Bureau
(fladzy, Invalidprefs.js) Browser.search.defaultenginename, Fast Browser Search
(fladzy, Invalidprefs.js) Browser.search.defaulturl, hxxp://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=19&q=
(fladzy, Invalidprefs.js) Browser.search.selectedEngine, Fast Browser Search
(fladzy, Invalidprefs.js) Browser.startup.homepage, hxxp://y.lo.st
(fladzy, Invalidprefs.js) Sweetim.toolbar.previous.browser.search.defaultenginename, Live Search
(fladzy, Invalidprefs.js) Sweetim.toolbar.previous.browser.search.defaulturl, hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
(fladzy, Invalidprefs.js) Sweetim.toolbar.previous.browser.search.selectedEngine, Ask
(fladzy, Invalidprefs.js) Sweetim.toolbar.previous.browser.startup.homepage, hxxp://www.plusnetwork.com
.
(fladzy, Invalidprefs.js) EFFACE - Browser.search.defaultenginename, Fast Browser Search
(fladzy, Invalidprefs.js) EFFACE - Browser.search.defaulturl, hxxp://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=19&q=
(fladzy, Invalidprefs.js) EFFACE - Browser.search.order.1, Fast Browser Search
(fladzy, Invalidprefs.js) EFFACE - Browser.search.selectedEngine, Fast Browser Search
(fladzy, Invalidprefs.js) EFFACE - Browser.startup.homepage, hxxp://y.lo.st
(fladzy, Invalidprefs.js) EFFACE - Keyword.URL, hxxp://www.fastbrowsersearch.com/results/results.aspx?s=NAUS&v=19&tid={8FF58356-F749-FF87-40A5-7EAF7CA55512}&q=
(fladzy, Invalidprefs.js) EFFACE - Sweetim.toolbar.highlight.colors, #FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0
(fladzy, Invalidprefs.js) EFFACE - Sweetim.toolbar.logger.ConsoleHandler.MinReportLevel, 7
(fladzy, Invalidprefs.js) EFFACE - Sweetim.toolbar.logger.FileHandler.FileName, ff-toolbar.log
(fladzy, Invalidprefs.js) EFFACE - Sweetim.toolbar.logger.FileHandler.MaxFileSize, 200000
(fladzy, Invalidprefs.js) EFFACE - Sweetim.toolbar.logger.FileHandler.MinReportLevel, 7
(fladzy, Invalidprefs.js) EFFACE - Sweetim.toolbar.mode.debug, false
(fladzy, Invalidprefs.js) EFFACE - Sweetim.toolbar.previous.browser.search.defaultenginename, Live Search
(fladzy, Invalidprefs.js) EFFACE - Sweetim.toolbar.previous.browser.search.defaulturl, hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
(fladzy, Invalidprefs.js) EFFACE - Sweetim.toolbar.previous.browser.search.selectedEngine, Ask
(fladzy, Invalidprefs.js) EFFACE - Sweetim.toolbar.previous.browser.startup.homepage, hxxp://www.plusnetwork.com
(fladzy, Invalidprefs.js) EFFACE - Sweetim.toolbar.previous.keyword.URL, hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
(fladzy, Invalidprefs.js) EFFACE - Sweetim.toolbar.search.external, <?xml version=\1.0\?><TOOLBAR><EXTERNAL_SEARCH engine=\hxxp://*google.*\ param=\q=\ /><EXTERNAL_SEARCH engine=\hxxp://search.yahoo.com/*\ param=\p=\ /><EXTERNAL_SEARCH engine=\hxxp://search.sweetim.*\ param=\q=\ /><EXTERNAL_SEARCH engine=\hxxp://*.live.*/*\ param=\q=\ /><EXTERNAL_SEARCH engine=\hxxp://*youtube.com/\ param=\search_query=\ /><EXTERNAL_SEARCH engine=\hxxp://*.ebay.*/search/*\ param=\satitle=\ /><EXTERNAL_SEARCH engine=\hxxp://*.amazon.com/s/*\ param=\field-keywords=\ /></TOOLBAR>
(fladzy, Invalidprefs.js) EFFACE - Sweetim.toolbar.search.history.capacity, 10
(fladzy, Invalidprefs.js) EFFACE - Sweetim.toolbar.simapp_id, {EE890A99-7648-11DE-ACDD-0014D147EF57}
(fladzy, Invalidprefs.js) EFFACE - Sweetim.toolbar.urls.homepage, hxxp://home.sweetim.com
(fladzy, Invalidprefs.js) EFFACE - Sweetim.toolbar.version, 1.0.0.8
.
(fladzy, prefs.js) Browser.download.lastDir, G:\Pictures\DOSSIER SAB\Photos\La famille
(fladzy, prefs.js) Browser.search.defaultenginename, Fast Browser Search
(fladzy, prefs.js) Browser.search.selectedEngine, Fast Browser Search
(fladzy, prefs.js) Browser.startup.homepage, hxxp://www.google.fr/
(fladzy, prefs.js) Sweetim.toolbar.previous.browser.search.defaultenginename, Live Search
(fladzy, prefs.js) Sweetim.toolbar.previous.browser.search.defaulturl, hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
(fladzy, prefs.js) Sweetim.toolbar.previous.browser.search.selectedEngine, Ask
(fladzy, prefs.js) Sweetim.toolbar.previous.browser.startup.homepage, hxxp://www.plusnetwork.com
.
(fladzy, prefs.js) EFFACE - Browser.search.defaultengine, Ask.com
(fladzy, prefs.js) EFFACE - Browser.search.defaultenginename, Fast Browser Search
(fladzy, prefs.js) EFFACE - Browser.search.order.1, Fast Browser Search
(fladzy, prefs.js) EFFACE - Browser.search.selectedEngine, Fast Browser Search
(fladzy, prefs.js) EFFACE - Sweetim.toolbar.highlight.colors, #FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0
(fladzy, prefs.js) EFFACE - Sweetim.toolbar.logger.ConsoleHandler.MinReportLevel, 7
(fladzy, prefs.js) EFFACE - Sweetim.toolbar.logger.FileHandler.FileName, ff-toolbar.log
(fladzy, prefs.js) EFFACE - Sweetim.toolbar.logger.FileHandler.MaxFileSize, 200000
(fladzy, prefs.js) EFFACE - Sweetim.toolbar.logger.FileHandler.MinReportLevel, 7
(fladzy, prefs.js) EFFACE - Sweetim.toolbar.mode.debug, false
(fladzy, prefs.js) EFFACE - Sweetim.toolbar.previous.browser.search.defaultenginename, Live Search
(fladzy, prefs.js) EFFACE - Sweetim.toolbar.previous.browser.search.defaulturl, hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
(fladzy, prefs.js) EFFACE - Sweetim.toolbar.previous.browser.search.selectedEngine, Ask
(fladzy, prefs.js) EFFACE - Sweetim.toolbar.previous.browser.startup.homepage, hxxp://www.plusnetwork.com
(fladzy, prefs.js) EFFACE - Sweetim.toolbar.previous.keyword.URL, hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
(fladzy, prefs.js) EFFACE - Sweetim.toolbar.search.external, <?xml version=\1.0\?><TOOLBAR><EXTERNAL_SEARCH engine=\hxxp://*google.*\ param=\q=\ /><EXTERNAL_SEARCH engine=\hxxp://search.yahoo.com/*\ param=\p=\ /><EXTERNAL_SEARCH engine=\hxxp://search.sweetim.*\ param=\q=\ /><EXTERNAL_SEARCH engine=\hxxp://*.live.*/*\ param=\q=\ /><EXTERNAL_SEARCH engine=\hxxp://*youtube.com/\ param=\search_query=\ /><EXTERNAL_SEARCH engine=\hxxp://*.ebay.*/search/*\ param=\satitle=\ /><EXTERNAL_SEARCH engine=\hxxp://*.amazon.com/s/*\ param=\field-keywords=\ /></TOOLBAR>
(fladzy, prefs.js) EFFACE - Sweetim.toolbar.search.history.capacity, 10
(fladzy, prefs.js) EFFACE - Sweetim.toolbar.simapp_id, {EE890A99-7648-11DE-ACDD-0014D147EF57}
(fladzy, prefs.js) EFFACE - Sweetim.toolbar.urls.homepage, hxxp://home.sweetim.com
(fladzy, prefs.js) EFFACE - Sweetim.toolbar.version, 1.0.0.8
.
.
.
* Internet Explorer Version 8.0.6001.18702 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Search Page:
Search Bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
SearchAssistant:
Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Default_page_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Start page: hxxp://fr.msn.com/
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
============== Suspect (Cracks, Serials, ...) ==============
.
C:\Documents and Settings\fladzy\Mes documents\keygen.exe
.
===================================
.
18378 Octet(s) - C:\Ad-Report-CLEAN[1].log
20288 Octet(s) - C:\Ad-Report-SCAN[1].log
.
0 Fichier(s) - C:\DOCUME~1\fladzy\LOCALS~1\Temp
3 Fichier(s) - C:\WINDOWS\Temp
.
21 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
280 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
.
Fin à: 0:30:03 | 16/11/2009 - CLEAN[1]
.
============== E.O.F ==============
.
Mit à jour par C_XX le 15.11.2009 à 16:37
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 0:26:27, 16/11/2009 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-Remover\
Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
Nom du PC: FLADZY-D16A8AE3 | Utilisateur actuel: fladzy
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
HKLM\software\EoRezo
HKLM\software\Live-Player
HKLM\software\SweetIM
HKCU\software\EoRezo
HKCU\software\Live-Player
HKCU\software\SweetIM
HKCU\software\appdatalow\AskBarDis
HKCU\software\appdatalow\AskHomepage
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SweetIM
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\EoEngine
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SoftwareHelper
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EEE6C35D-6118-11DC-9C72-001320C79847}
HKCU\software\microsoft\internet explorer\searchscopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
HKCU\software\microsoft\internet explorer\searchscopes\{19F2B849-4ADE-4d4b-85F9-C31C643DBDE9}
HKCU\software\microsoft\internet explorer\searchscopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
HKCU\software\microsoft\internet explorer\searchscopes\{EEE6C360-6118-11DC-9C72-001320C79847}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKLM\software\microsoft\windows\currentversion\uninstall\eoEngine_is1
HKLM\software\microsoft\windows\currentversion\uninstall\SoftwareUpdate_is1
HKLM\software\microsoft\windows\currentversion\uninstall\{8C13BEE4-E7CE-4E46-BD13-8F41DAD00FEF}
HKLM\software\classes\EoRezoBHO.EoBHO
HKLM\software\classes\EoRezoBHO.EoBHO.1
HKLM\software\classes\MediaPlayer.GraphicsUtils
HKLM\software\classes\MediaPlayer.GraphicsUtils.1
HKLM\software\classes\MgMediaPlayer.GifAnimator
HKLM\software\classes\MgMediaPlayer.GifAnimator.1
HKLM\software\classes\SWEETIE.IEToolbar
HKLM\software\classes\SWEETIE.IEToolbar.1
HKLM\software\classes\SweetIM_URLSearchHook.ToolbarURLSearchHook
HKLM\software\classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1
HKLM\software\classes\Toolbar3.SWEETIE
HKLM\software\classes\Toolbar3.SWEETIE.1
HKLM\software\classes\appid\EoRezoBHO.DLL
HKLM\software\classes\appid\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}
HKLM\Software\Classes\CLSID\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
HKLM\Software\Classes\TypeLib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}
HKLM\Software\Classes\Interface\{819DB72D-1C28-4387-9778-E2FF3DC86F74}
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\351716A953E21214898904032EAE2E81
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5D19F074C042AD34BAB463D4175A062E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A189D17A469616C4688D23E192996267
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E337925F629CF4C4FB08F3D9674DD839
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Products\4EEB31C8EC7E64E4DB31F814AD0DF0FE
HKLM\software\classes\installer\Products\4EEB31C8EC7E64E4DB31F814AD0DF0FE
.
C:\DOCUME~1\fladzy\APPLIC~1\EoRezo
C:\DOCUME~1\fladzy\APPLIC~1\Mozilla\Firefox\Profiles\cb7fmhwb.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
C:\DOCUME~1\fladzy\APPLIC~1\Mozilla\Firefox\Profiles\cb7fmhwb.default\searchplugins\askcom.xml
C:\DOCUME~1\fladzy\APPLIC~1\Mozilla\Firefox\Profiles\cb7fmhwb.default\searchplugins\sweetim.xml
C:\DOCUME~1\fladzy\APPLIC~1\Mozilla\Firefox\Profiles\cb7fmhwb.default\SweetIMToolbarData
C:\DOCUME~1\ALLUSE~1\APPLIC~1\SweetIM
C:\Program Files\EoRezo
C:\Program Files\Fast Browser Search
C:\Program Files\Mozilla FireFox\Components\AskSearch.js
C:\Program Files\Search Guard Plus
C:\Program Files\Search Guard PlusU
C:\Program Files\SGPSA
C:\Program Files\SweetIM ... [b]ERREUR SUPPRESSION !!/b
C:\Windows\Installer\659811.msi
C:\Windows\Installer\659817.msi
C:\WINDOWS\Prefetch\ITSTV.EXE-2471068A.pf
C:\WINDOWS\Prefetch\ITSTV.EXE-2AE5F061.pf
C:\WINDOWS\Prefetch\ITSTV.EXE-331A3673.pf
C:\WINDOWS\Prefetch\SOFTWAREUPDATEHP.EXE-0BFBDA8A.pf
C:\WINDOWS\Prefetch\SWEETIM.EXE-114201E6.pf
C:\DOCUME~1\fladzy\Cookies\fladzy@ads.eorezo[2].txt
C:\DOCUME~1\fladzy\Cookies\fladzy@eorezo[1].txt
(!) -- Fichiers temporaires supprimés.
.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.5.5 [fr] *
.
Nom du profil: cb7fmhwb.default (fladzy)
.
(fladzy, Invalidprefs.js) Browser.download.lastDir, C:\Documents and Settings\fladzy\Bureau
(fladzy, Invalidprefs.js) Browser.search.defaultenginename, Fast Browser Search
(fladzy, Invalidprefs.js) Browser.search.defaulturl, hxxp://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=19&q=
(fladzy, Invalidprefs.js) Browser.search.selectedEngine, Fast Browser Search
(fladzy, Invalidprefs.js) Browser.startup.homepage, hxxp://y.lo.st
(fladzy, Invalidprefs.js) Sweetim.toolbar.previous.browser.search.defaultenginename, Live Search
(fladzy, Invalidprefs.js) Sweetim.toolbar.previous.browser.search.defaulturl, hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
(fladzy, Invalidprefs.js) Sweetim.toolbar.previous.browser.search.selectedEngine, Ask
(fladzy, Invalidprefs.js) Sweetim.toolbar.previous.browser.startup.homepage, hxxp://www.plusnetwork.com
.
(fladzy, Invalidprefs.js) EFFACE - Browser.search.defaultenginename, Fast Browser Search
(fladzy, Invalidprefs.js) EFFACE - Browser.search.defaulturl, hxxp://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=19&q=
(fladzy, Invalidprefs.js) EFFACE - Browser.search.order.1, Fast Browser Search
(fladzy, Invalidprefs.js) EFFACE - Browser.search.selectedEngine, Fast Browser Search
(fladzy, Invalidprefs.js) EFFACE - Browser.startup.homepage, hxxp://y.lo.st
(fladzy, Invalidprefs.js) EFFACE - Keyword.URL, hxxp://www.fastbrowsersearch.com/results/results.aspx?s=NAUS&v=19&tid={8FF58356-F749-FF87-40A5-7EAF7CA55512}&q=
(fladzy, Invalidprefs.js) EFFACE - Sweetim.toolbar.highlight.colors, #FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0
(fladzy, Invalidprefs.js) EFFACE - Sweetim.toolbar.logger.ConsoleHandler.MinReportLevel, 7
(fladzy, Invalidprefs.js) EFFACE - Sweetim.toolbar.logger.FileHandler.FileName, ff-toolbar.log
(fladzy, Invalidprefs.js) EFFACE - Sweetim.toolbar.logger.FileHandler.MaxFileSize, 200000
(fladzy, Invalidprefs.js) EFFACE - Sweetim.toolbar.logger.FileHandler.MinReportLevel, 7
(fladzy, Invalidprefs.js) EFFACE - Sweetim.toolbar.mode.debug, false
(fladzy, Invalidprefs.js) EFFACE - Sweetim.toolbar.previous.browser.search.defaultenginename, Live Search
(fladzy, Invalidprefs.js) EFFACE - Sweetim.toolbar.previous.browser.search.defaulturl, hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
(fladzy, Invalidprefs.js) EFFACE - Sweetim.toolbar.previous.browser.search.selectedEngine, Ask
(fladzy, Invalidprefs.js) EFFACE - Sweetim.toolbar.previous.browser.startup.homepage, hxxp://www.plusnetwork.com
(fladzy, Invalidprefs.js) EFFACE - Sweetim.toolbar.previous.keyword.URL, hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
(fladzy, Invalidprefs.js) EFFACE - Sweetim.toolbar.search.external, <?xml version=\1.0\?><TOOLBAR><EXTERNAL_SEARCH engine=\hxxp://*google.*\ param=\q=\ /><EXTERNAL_SEARCH engine=\hxxp://search.yahoo.com/*\ param=\p=\ /><EXTERNAL_SEARCH engine=\hxxp://search.sweetim.*\ param=\q=\ /><EXTERNAL_SEARCH engine=\hxxp://*.live.*/*\ param=\q=\ /><EXTERNAL_SEARCH engine=\hxxp://*youtube.com/\ param=\search_query=\ /><EXTERNAL_SEARCH engine=\hxxp://*.ebay.*/search/*\ param=\satitle=\ /><EXTERNAL_SEARCH engine=\hxxp://*.amazon.com/s/*\ param=\field-keywords=\ /></TOOLBAR>
(fladzy, Invalidprefs.js) EFFACE - Sweetim.toolbar.search.history.capacity, 10
(fladzy, Invalidprefs.js) EFFACE - Sweetim.toolbar.simapp_id, {EE890A99-7648-11DE-ACDD-0014D147EF57}
(fladzy, Invalidprefs.js) EFFACE - Sweetim.toolbar.urls.homepage, hxxp://home.sweetim.com
(fladzy, Invalidprefs.js) EFFACE - Sweetim.toolbar.version, 1.0.0.8
.
(fladzy, prefs.js) Browser.download.lastDir, G:\Pictures\DOSSIER SAB\Photos\La famille
(fladzy, prefs.js) Browser.search.defaultenginename, Fast Browser Search
(fladzy, prefs.js) Browser.search.selectedEngine, Fast Browser Search
(fladzy, prefs.js) Browser.startup.homepage, hxxp://www.google.fr/
(fladzy, prefs.js) Sweetim.toolbar.previous.browser.search.defaultenginename, Live Search
(fladzy, prefs.js) Sweetim.toolbar.previous.browser.search.defaulturl, hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
(fladzy, prefs.js) Sweetim.toolbar.previous.browser.search.selectedEngine, Ask
(fladzy, prefs.js) Sweetim.toolbar.previous.browser.startup.homepage, hxxp://www.plusnetwork.com
.
(fladzy, prefs.js) EFFACE - Browser.search.defaultengine, Ask.com
(fladzy, prefs.js) EFFACE - Browser.search.defaultenginename, Fast Browser Search
(fladzy, prefs.js) EFFACE - Browser.search.order.1, Fast Browser Search
(fladzy, prefs.js) EFFACE - Browser.search.selectedEngine, Fast Browser Search
(fladzy, prefs.js) EFFACE - Sweetim.toolbar.highlight.colors, #FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0
(fladzy, prefs.js) EFFACE - Sweetim.toolbar.logger.ConsoleHandler.MinReportLevel, 7
(fladzy, prefs.js) EFFACE - Sweetim.toolbar.logger.FileHandler.FileName, ff-toolbar.log
(fladzy, prefs.js) EFFACE - Sweetim.toolbar.logger.FileHandler.MaxFileSize, 200000
(fladzy, prefs.js) EFFACE - Sweetim.toolbar.logger.FileHandler.MinReportLevel, 7
(fladzy, prefs.js) EFFACE - Sweetim.toolbar.mode.debug, false
(fladzy, prefs.js) EFFACE - Sweetim.toolbar.previous.browser.search.defaultenginename, Live Search
(fladzy, prefs.js) EFFACE - Sweetim.toolbar.previous.browser.search.defaulturl, hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
(fladzy, prefs.js) EFFACE - Sweetim.toolbar.previous.browser.search.selectedEngine, Ask
(fladzy, prefs.js) EFFACE - Sweetim.toolbar.previous.browser.startup.homepage, hxxp://www.plusnetwork.com
(fladzy, prefs.js) EFFACE - Sweetim.toolbar.previous.keyword.URL, hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
(fladzy, prefs.js) EFFACE - Sweetim.toolbar.search.external, <?xml version=\1.0\?><TOOLBAR><EXTERNAL_SEARCH engine=\hxxp://*google.*\ param=\q=\ /><EXTERNAL_SEARCH engine=\hxxp://search.yahoo.com/*\ param=\p=\ /><EXTERNAL_SEARCH engine=\hxxp://search.sweetim.*\ param=\q=\ /><EXTERNAL_SEARCH engine=\hxxp://*.live.*/*\ param=\q=\ /><EXTERNAL_SEARCH engine=\hxxp://*youtube.com/\ param=\search_query=\ /><EXTERNAL_SEARCH engine=\hxxp://*.ebay.*/search/*\ param=\satitle=\ /><EXTERNAL_SEARCH engine=\hxxp://*.amazon.com/s/*\ param=\field-keywords=\ /></TOOLBAR>
(fladzy, prefs.js) EFFACE - Sweetim.toolbar.search.history.capacity, 10
(fladzy, prefs.js) EFFACE - Sweetim.toolbar.simapp_id, {EE890A99-7648-11DE-ACDD-0014D147EF57}
(fladzy, prefs.js) EFFACE - Sweetim.toolbar.urls.homepage, hxxp://home.sweetim.com
(fladzy, prefs.js) EFFACE - Sweetim.toolbar.version, 1.0.0.8
.
.
.
* Internet Explorer Version 8.0.6001.18702 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Search Page:
Search Bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
SearchAssistant:
Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Default_page_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Start page: hxxp://fr.msn.com/
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
============== Suspect (Cracks, Serials, ...) ==============
.
C:\Documents and Settings\fladzy\Mes documents\keygen.exe
.
===================================
.
18378 Octet(s) - C:\Ad-Report-CLEAN[1].log
20288 Octet(s) - C:\Ad-Report-SCAN[1].log
.
0 Fichier(s) - C:\DOCUME~1\fladzy\LOCALS~1\Temp
3 Fichier(s) - C:\WINDOWS\Temp
.
21 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
280 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
.
Fin à: 0:30:03 | 16/11/2009 - CLEAN[1]
.
============== E.O.F ==============
fladz
Messages postés
48
Date d'inscription
jeudi 12 novembre 2009
Statut
Membre
Dernière intervention
2 janvier 2010
16 nov. 2009 à 00:32
16 nov. 2009 à 00:32
eoreezo et sweetim je les enleve alors
fladz
Messages postés
48
Date d'inscription
jeudi 12 novembre 2009
Statut
Membre
Dernière intervention
2 janvier 2010
16 nov. 2009 à 00:34
16 nov. 2009 à 00:34
sa ma enlever ma bare d'outil en haut de mon ecran la ou je met tout mes racourci c normal
Utilisateur anonyme
16 nov. 2009 à 00:35
16 nov. 2009 à 00:35
Plusieurs choses à vérifier ..
ToolbarSD :
▶ Télécharge Toolbar-S&D (de Team IDN) sur ton Bureau
▶ Lance l'installation du programme en exécutant le fichier téléchargé.
▶ Sous XP : Double-clique sur le raccourci de Toolbar-S&D.
▶ Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
▶ Choisis maintenant l'option 2 (Nettoyage). Patiente jusqu'à la fin de la recherche.
▶ Poste le rapport généré. (C:\TB.txt)
================================
▶ Télécharge Malwarebytes Anti-Malware (MBAM): /// ---> Malwarebytes Anti-Malware <--- \\
▶ Installe-le en vérifiant que la case de mise à jour soit bien cochée en fin d'installation.
▶ Après la mise à jour, lance-le et coche "Examen Rapide". Puis "Rechercher".
▶ Si MBAM trouve quelque chose: fais "Voir les résultats" puis "Supprimer la sélection".
▶ Poste le rapport généré.
+
ToolbarSD :
▶ Télécharge Toolbar-S&D (de Team IDN) sur ton Bureau
▶ Lance l'installation du programme en exécutant le fichier téléchargé.
▶ Sous XP : Double-clique sur le raccourci de Toolbar-S&D.
▶ Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
▶ Choisis maintenant l'option 2 (Nettoyage). Patiente jusqu'à la fin de la recherche.
▶ Poste le rapport généré. (C:\TB.txt)
================================
▶ Télécharge Malwarebytes Anti-Malware (MBAM): /// ---> Malwarebytes Anti-Malware <--- \\
▶ Installe-le en vérifiant que la case de mise à jour soit bien cochée en fin d'installation.
▶ Après la mise à jour, lance-le et coche "Examen Rapide". Puis "Rechercher".
▶ Si MBAM trouve quelque chose: fais "Voir les résultats" puis "Supprimer la sélection".
▶ Poste le rapport généré.
+
fladz
Messages postés
48
Date d'inscription
jeudi 12 novembre 2009
Statut
Membre
Dernière intervention
2 janvier 2010
16 nov. 2009 à 00:37
16 nov. 2009 à 00:37
je doit decoller je fait sa demain je te tiens o news ok je te remerci mec
Utilisateur anonyme
16 nov. 2009 à 00:38
16 nov. 2009 à 00:38
Pas de soucis.
A demain.
(Sinon, pour la barre d'outil, c'était quoi ?)
++
A demain.
(Sinon, pour la barre d'outil, c'était quoi ?)
++
fladz
Messages postés
48
Date d'inscription
jeudi 12 novembre 2009
Statut
Membre
Dernière intervention
2 janvier 2010
16 nov. 2009 à 08:13
16 nov. 2009 à 08:13
la bare d'outil c bon j'ai redemaré le pc elle et revenu chelou un bug je croi
fladz
Messages postés
48
Date d'inscription
jeudi 12 novembre 2009
Statut
Membre
Dernière intervention
2 janvier 2010
16 nov. 2009 à 08:17
16 nov. 2009 à 08:17
-----------\\ ToolBar S&D 1.2.9 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) D CPU 3.00GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : fladzy ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 091115-1] 4.8.1229 (Activated)
C:\ (Local Disk) - NTFS - Total:232 Go (Free:206 Go)
D:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [2] ( 16/11/2009| 8:16 )
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ Extensions
(fladzy) - {27915FC8-E347-45a9-8502-4ADA5EF2E0E8} => babylon
(fladzy) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Bar"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Default_search_url"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Default_page_url"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Start page"="https://www.msn.com/fr-fr"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/"
"Search bar"="http://www.bing.com/spresults.aspx"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\fladzy\Mes documents\keygen.exe
1 - "C:\ToolBar SD\TB_1.txt" - 16/11/2009| 8:17 - Option : [2]
-----------\\ Fin du rapport a 8:17:22,17
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) D CPU 3.00GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : fladzy ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 091115-1] 4.8.1229 (Activated)
C:\ (Local Disk) - NTFS - Total:232 Go (Free:206 Go)
D:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [2] ( 16/11/2009| 8:16 )
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ Extensions
(fladzy) - {27915FC8-E347-45a9-8502-4ADA5EF2E0E8} => babylon
(fladzy) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Bar"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Default_search_url"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Default_page_url"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Start page"="https://www.msn.com/fr-fr"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/"
"Search bar"="http://www.bing.com/spresults.aspx"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\fladzy\Mes documents\keygen.exe
1 - "C:\ToolBar SD\TB_1.txt" - 16/11/2009| 8:17 - Option : [2]
-----------\\ Fin du rapport a 8:17:22,17
fladz
Messages postés
48
Date d'inscription
jeudi 12 novembre 2009
Statut
Membre
Dernière intervention
2 janvier 2010
16 nov. 2009 à 08:25
16 nov. 2009 à 08:25
Malwarebytes' Anti-Malware 1.41
Version de la base de données: 3178
Windows 5.1.2600 Service Pack 3
16/11/2009 08:24:27
mbam-log-2009-11-16 (08-24-27).txt
Type de recherche: Examen rapide
Eléments examinés: 96992
Temps écoulé: 3 minute(s), 13 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Version de la base de données: 3178
Windows 5.1.2600 Service Pack 3
16/11/2009 08:24:27
mbam-log-2009-11-16 (08-24-27).txt
Type de recherche: Examen rapide
Eléments examinés: 96992
Temps écoulé: 3 minute(s), 13 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
fladz
Messages postés
48
Date d'inscription
jeudi 12 novembre 2009
Statut
Membre
Dernière intervention
2 janvier 2010
16 nov. 2009 à 08:26
16 nov. 2009 à 08:26
voila j'ai fait ce que tu ma dit j'attend ta reponse encore merci pour ton aide
Utilisateur anonyme
16 nov. 2009 à 13:37
16 nov. 2009 à 13:37
Salut.
Vérifie si tu as ce dossier, en gras : C:\Program Files\SweetIM
Si oui, supprime-le.
Puis fais ceci :
▶ Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
http://images.malwareremoval.com/random/RSIT.exe
▶ Double-clique sur RSIT.exe.
▶ Clique sur Continue à l'écran Disclaimer.
▶ Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
▶ Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).
▶ A noter: Les rapports se trouvent également ici: C:\rsit.
++
Vérifie si tu as ce dossier, en gras : C:\Program Files\SweetIM
Si oui, supprime-le.
Puis fais ceci :
▶ Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
http://images.malwareremoval.com/random/RSIT.exe
▶ Double-clique sur RSIT.exe.
▶ Clique sur Continue à l'écran Disclaimer.
▶ Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
▶ Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).
▶ A noter: Les rapports se trouvent également ici: C:\rsit.
++
fladz
Messages postés
48
Date d'inscription
jeudi 12 novembre 2009
Statut
Membre
Dernière intervention
2 janvier 2010
16 nov. 2009 à 18:17
16 nov. 2009 à 18:17
Logfile of random's system information tool 1.06 (written by random/random)
Run by fladzy at 2009-11-16 18:16:16
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 212 GB (89%) free of 238 GB
Total RAM: 2046 MB (71% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:16:21, on 16/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Hercules\DualPix Exchange\Camservice.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\NETGEAR GA511 Adapter\GA511.exe
C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\System32\TuneUpDefragService.exe
C:\Documents and Settings\fladzy\Bureau\RSIT.exe
C:\Program Files\trend micro\fladzy.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [CamserviceDP] C:\Program Files\Hercules\DualPix Exchange\Camservice.exe /startup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: GA511 Smart Wizard Utility.lnk = ?
O4 - Global Startup: Wireless Configuration Utility HW.14.lnk = C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\fladzy\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
Run by fladzy at 2009-11-16 18:16:16
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 212 GB (89%) free of 238 GB
Total RAM: 2046 MB (71% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:16:21, on 16/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Hercules\DualPix Exchange\Camservice.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\NETGEAR GA511 Adapter\GA511.exe
C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\System32\TuneUpDefragService.exe
C:\Documents and Settings\fladzy\Bureau\RSIT.exe
C:\Program Files\trend micro\fladzy.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [CamserviceDP] C:\Program Files\Hercules\DualPix Exchange\Camservice.exe /startup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: GA511 Smart Wizard Utility.lnk = ?
O4 - Global Startup: Wireless Configuration Utility HW.14.lnk = C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\fladzy\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe