Beaucoup d'infections dans l'ordi, A L'AIDE!!
missvampire12012
Messages postés
44
Statut
Membre
-
missvampire12012 Messages postés 44 Statut Membre -
missvampire12012 Messages postés 44 Statut Membre -
Bonjour,
comme vous avez pu le voir dans le titre de mon post, mon ordinateur est infecté par de nombreux virus et autres.
J'ai suivi les conseils de cette page https://www.commentcamarche.net/faq/32-virus-que-faire-quand-on-est-infecte et j'ai fait un scan en ligne par Panda Software. Il m'a détecté que j'avais 24 menaces et 16 fichiers suspects. je me suis reporté à la page suivante : http://www.secuser.com pour avoir des utilitaires specifiques mais apparement il n'y en pas pas pour mes virus.
j'ai suivi le guide de cette page: https://www.commentcamarche.net/faq/2490-supprimer-les-adwares-publicites-intempestives-pop-up-etc et j'ai donc télécharger RSIT et il m'a fait un petit rapport que je posterais si vous pouvez me venir en aide. En effet, la deuxième étape de cette astuce consiste à poster mon rapport Hijackthis sur ce forum.
Pour le rapport, je le posterai quand vous m'aurez confirmer que vous pouvez m'aider.
J'attends votre réponse. de plus, cette désinfestion doit être faite urgemment.
merci d'avance
comme vous avez pu le voir dans le titre de mon post, mon ordinateur est infecté par de nombreux virus et autres.
J'ai suivi les conseils de cette page https://www.commentcamarche.net/faq/32-virus-que-faire-quand-on-est-infecte et j'ai fait un scan en ligne par Panda Software. Il m'a détecté que j'avais 24 menaces et 16 fichiers suspects. je me suis reporté à la page suivante : http://www.secuser.com pour avoir des utilitaires specifiques mais apparement il n'y en pas pas pour mes virus.
j'ai suivi le guide de cette page: https://www.commentcamarche.net/faq/2490-supprimer-les-adwares-publicites-intempestives-pop-up-etc et j'ai donc télécharger RSIT et il m'a fait un petit rapport que je posterais si vous pouvez me venir en aide. En effet, la deuxième étape de cette astuce consiste à poster mon rapport Hijackthis sur ce forum.
Pour le rapport, je le posterai quand vous m'aurez confirmer que vous pouvez m'aider.
J'attends votre réponse. de plus, cette désinfestion doit être faite urgemment.
merci d'avance
A voir également:
- Beaucoup d'infections dans l'ordi, A L'AIDE!!
- Ordi qui rame - Guide
- Comment reinitialiser un ordi - Guide
- Ecran ordi a l'envers - Guide
- Ordi scrabble - Télécharger - Jeux vidéo
- Mon ordi ne reconnait pas ma clé usb - Guide
15 réponses
Salut,
Peux-tu poster ton rapport RSIT stp, pour que l'on voit ensemble ou se logent tes infections :)
Peux-tu poster ton rapport RSIT stp, pour que l'on voit ensemble ou se logent tes infections :)
Bonjour
"de plus, cette désinfestion doit être faite urgemment"
Alors, n'attends pas :-), poste les rapports log.txt et info.txt dans deux messages successifs sinon cela risque d'être trop long.
"de plus, cette désinfestion doit être faite urgemment"
Alors, n'attends pas :-), poste les rapports log.txt et info.txt dans deux messages successifs sinon cela risque d'être trop long.
merci pour votre aide.
voici le log.txt
Logfile of random's system information tool 1.06 (written by random/random)
Run by 4t535sa at 2009-12-13 11:47:23
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 392 GB (66%) free of 597 GB
Total RAM: 3071 MB (53% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:47:47, on 13/12/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Internet Today\1.1.0.1230\InternetToday.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Winsudate\gibusr.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Windows\System32\mobsync.exe
C:\Program Files\Internet Today\1.1.0.1230\InternetToday.exe
C:\Program Files\Sun\StarOffice 9\program\soffice.exe
C:\Program Files\Sun\StarOffice 9\program\soffice.bin
C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\OrangeHSS\systray\systrayapp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\4t535sa\Desktop\RSIT.exe
C:\Program Files\trend micro\4t535sa.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.gdark.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.gdark.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.gdark.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.gdark.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://fr.gdark.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://fr.gdark.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.gdark.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - (no file)
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: (no name) - {de44fda9-805d-413c-8322-65a08f7c99b9} - (no file)
F2 - REG:system.ini: UserInit=C:\Windows\system32\ezShellStart.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Automated Content Enhancer - {1D74E9DD-8987-448b-B2CB-67FFF2B8A932} - C:\Program Files\Automated Content Enhancer\4.1.0.5240\ACEIEAddOn.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Customized Platform Advancer - {42C7C39F-3128-4a17-BDB7-91C46032B5B9} - C:\Program Files\Customized Platform Advancer\4.1.0.1800\CPAIEAddOn.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\IPSBHO.DLL
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Content Management Wizard - {B72681C0-A222-4b21-A0E2-53A5A5CA3D41} - C:\Program Files\Content Management Wizard\1.1.0.1880\CMWIE.dll
O2 - BHO: Textual Content Provider - {CAC89FF9-34A9-4431-8CFE-292A47F843BC} - C:\Program Files\Textual Content Provider\1.1.0.1710\TCPIE.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Web Search Operator - {EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431} - C:\Program Files\Web Search Operator\4.1.0.1880\wso.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O3 - Toolbar: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetupMyPC\SmpSys.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Internet Today Task] "C:\Program Files\Internet Today\1.1.0.1230\InternetToday.exe"
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WinUsr] C:\Program Files\Winsudate\gibusr.exe
O4 - HKCU\..\RunOnce: [Iminent.Notifier Install] "C:\Users\4t535sa\AppData\Local\Temp\NotifierSetup.exe" /s
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Notification de cadeaux MSN.lnk = C:\Users\4t535sa\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O4 - Startup: StarOffice 9.lnk = C:\Program Files\Sun\StarOffice 9\program\quickstart.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O13 - Gopher Prefix:
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/VistaMSNPUpldfr-fr.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/fr/scan8/oscan8.cab
O16 - DPF: {6CCE3920-3183-4B3D-808A-B12EB769DE12} (CSS Web Installer Class) - http://ww11.commandondemand.com/eval/cod/cabs/cssweb.cab
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{58B2F4BD-3252-4159-9652-D8A0048DB89D}: NameServer = 81.253.149.9 80.10.246.132
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\PACKARDBELL\Packard Bell Recovery Management\Service\ETService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: QuestService Service - Unknown owner - C:\ProgramData\QuestService\questservice129.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
O23 - Service: Gestionnaire de mise à jour Winsudate (WinSvc) - Winsudate - C:\Program Files\Winsudate\gibsvc.exe
voici le log.txt
Logfile of random's system information tool 1.06 (written by random/random)
Run by 4t535sa at 2009-12-13 11:47:23
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 392 GB (66%) free of 597 GB
Total RAM: 3071 MB (53% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:47:47, on 13/12/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Internet Today\1.1.0.1230\InternetToday.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Winsudate\gibusr.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Windows\System32\mobsync.exe
C:\Program Files\Internet Today\1.1.0.1230\InternetToday.exe
C:\Program Files\Sun\StarOffice 9\program\soffice.exe
C:\Program Files\Sun\StarOffice 9\program\soffice.bin
C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\OrangeHSS\systray\systrayapp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\4t535sa\Desktop\RSIT.exe
C:\Program Files\trend micro\4t535sa.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.gdark.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.gdark.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.gdark.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.gdark.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://fr.gdark.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://fr.gdark.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.gdark.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - (no file)
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: (no name) - {de44fda9-805d-413c-8322-65a08f7c99b9} - (no file)
F2 - REG:system.ini: UserInit=C:\Windows\system32\ezShellStart.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Automated Content Enhancer - {1D74E9DD-8987-448b-B2CB-67FFF2B8A932} - C:\Program Files\Automated Content Enhancer\4.1.0.5240\ACEIEAddOn.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Customized Platform Advancer - {42C7C39F-3128-4a17-BDB7-91C46032B5B9} - C:\Program Files\Customized Platform Advancer\4.1.0.1800\CPAIEAddOn.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\IPSBHO.DLL
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Content Management Wizard - {B72681C0-A222-4b21-A0E2-53A5A5CA3D41} - C:\Program Files\Content Management Wizard\1.1.0.1880\CMWIE.dll
O2 - BHO: Textual Content Provider - {CAC89FF9-34A9-4431-8CFE-292A47F843BC} - C:\Program Files\Textual Content Provider\1.1.0.1710\TCPIE.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Web Search Operator - {EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431} - C:\Program Files\Web Search Operator\4.1.0.1880\wso.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O3 - Toolbar: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetupMyPC\SmpSys.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Internet Today Task] "C:\Program Files\Internet Today\1.1.0.1230\InternetToday.exe"
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WinUsr] C:\Program Files\Winsudate\gibusr.exe
O4 - HKCU\..\RunOnce: [Iminent.Notifier Install] "C:\Users\4t535sa\AppData\Local\Temp\NotifierSetup.exe" /s
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Notification de cadeaux MSN.lnk = C:\Users\4t535sa\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O4 - Startup: StarOffice 9.lnk = C:\Program Files\Sun\StarOffice 9\program\quickstart.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O13 - Gopher Prefix:
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/VistaMSNPUpldfr-fr.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/fr/scan8/oscan8.cab
O16 - DPF: {6CCE3920-3183-4B3D-808A-B12EB769DE12} (CSS Web Installer Class) - http://ww11.commandondemand.com/eval/cod/cabs/cssweb.cab
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{58B2F4BD-3252-4159-9652-D8A0048DB89D}: NameServer = 81.253.149.9 80.10.246.132
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\PACKARDBELL\Packard Bell Recovery Management\Service\ETService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: QuestService Service - Unknown owner - C:\ProgramData\QuestService\questservice129.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
O23 - Service: Gestionnaire de mise à jour Winsudate (WinSvc) - Winsudate - C:\Program Files\Winsudate\gibsvc.exe
Salut Toptitbal,
Serait-il possible que tu m'accompagne/suives dans cette desinfection, si cela ne te gene pas ?
Merci.
Serait-il possible que tu m'accompagne/suives dans cette desinfection, si cela ne te gene pas ?
Merci.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Le plus urgent a traiter :
O4 - HKCU\..\Run: [WinUsr] C:\Program Files\Winsudate\gibusr.exe
O4 - HKCU\..\RunOnce: [Iminent.Notifier Install] "C:\Users\4t535sa\AppData\Local\Temp\NotifierSetup.exe" /s
Tu as aussi des infections par supports amovibles.
Mais toptitbal je vais te laisser le desinfecter, je vais regarder comment tu t'y prends pour les deux O4.
O4 - HKCU\..\Run: [WinUsr] C:\Program Files\Winsudate\gibusr.exe
O4 - HKCU\..\RunOnce: [Iminent.Notifier Install] "C:\Users\4t535sa\AppData\Local\Temp\NotifierSetup.exe" /s
Tu as aussi des infections par supports amovibles.
Mais toptitbal je vais te laisser le desinfecter, je vais regarder comment tu t'y prends pour les deux O4.
et vola le info.txt
info.txt logfile of random's system information tool 1.06 2009-12-13 12:04:21
======Uninstall list======
-->"C:\Program Files\InstallShield Installation Information\{8F1B6239-FEA0-450A-A950-B05276CE177C}\setup.exe" -runfromtemp -l0x040c -removeonly
-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
-->MsiExec /X{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}
32 Bit HP CIO Components Installer-->MsiExec.exe /I{47ECCB1F-2811-49C0-B6A7-26778639ABA0}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->MsiExec.exe /X{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}
Adobe Photoshop Elements 6.0-->msiexec /I {F54AC413-D2C6-4A24-B324-370C223C6250}
Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
AGEIA PhysX v7.11.13-->MsiExec.exe /X{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}
AoA Audio Extractor 1.0-->"C:\Program Files\AoA Audio Extractor\unins000.exe"
Apple Application Support-->MsiExec.exe /I{0C34B801-6AEC-4667-B053-03A67E2D0415}
Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
CA VMN Anti-Spyware (remove only)-->"C:\Program Files\CA VMN Anti-Spyware\uninstall.exe"
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
EasyBits Magic Desktop-->C:\Windows\system32\ezMDUninstall.exe
Favorit-->c:\users\4t535sa\appdata\local\mesyiok.bat
FormatFactory 1.90-->C:\Program Files\FormatFactory\uninst.exe
FTP Expert 3-->"C:\Program Files\Visicom Media\FTP Expert 3\uninst-ftp.exe"
Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0E996B068B56FCA2.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
HDReg France-->MsiExec.exe /I{0ED40D2A-7131-4FE7-941E-5C329336F712}
Hercules Classic Link Webcam-->C:\Program Files\InstallShield Installation Information\{FD4FE0F7-91FC-43A2-9C3A-187553991FFF}\setup.exe -runfromtemp -l0x040c -removeonly
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
iTunes-->MsiExec.exe /I{DA34FE93-5DC5-48E0-ACC8-A5389E05BB51}
Java(TM) 6 Update 14-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Office Suite Activation Assistant-->MsiExec.exe /X{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Works 9.0 SE-->C:\Program files\Microsoft Office\RunCmd.exe Works_Uninstall.cmd
Microsoft Works-->MsiExec.exe /I{0214A441-A4AB-43A8-8DEF-2F73C5364673}
Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Firefox (3.0.15)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Navigateur Orange-->C:\Program Files\OrangeHSS\Uninstall\Browser\Shell.exe MainUninstall.shl
Nero 8 Essentials-->MsiExec.exe /X{3559CDE0-11FC-4D7B-A65C-D646035B1036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Norton Internet Security-->C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\A5E82D02\16.7.2.11\InstStub.exe /X
Norton Internet Security-->MsiExec.exe /I{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}
Norton Security Scan-->C:\Program Files\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\2.3.0.44\InstStub.exe /X
NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
Orange - Logiciels Internet-->C:\Program Files\OrangeHSS\installation\core\Installgui.exe -u
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Packard Bell ImageWriter-->"C:\Program Files\InstallShield Installation Information\{F4EA67C9-6748-4C1E-9AFF-04149AC75D95}\setup.exe" -runfromtemp -l0x040c -removeonly
Packard Bell Recovery Management-->"C:\Program Files\InstallShield Installation Information\{7F811A54-5A09-4579-90E1-C93498E230D9}\setup.exe" -runfromtemp -l0x040c -removeonly
Packard Bell Updator-->"C:\Program Files\InstallShield Installation Information\{CA786CFF-1D31-4804-B436-F3405B14357F}\setup.exe" -runfromtemp -l0x040c -removeonly
Panda ActiveScan 2.0-->C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
PBP Unpacker v0.94-->"C:\Program Files\PBP Unpacker\unins000.exe"
PokerStars-->"C:\Program Files\PokerStars\PokerStarsUninstall.exe" /u:PokerStars
Power IEv3-->MsiExec.exe /I{AF7C627C-F354-4FF1-8450-398C806B436E}
QuestService 1.0 build 129-->C:\Program Files\QuestService\uninstall.exe
QuickTime-->MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
Revo Uninstaller 1.83-->C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe
Safari-->MsiExec.exe /I{9C48DCA4-00C2-449C-88D8-B1EE1692B44F}
SAGEM F@st 800-840-->C:\Program Files\InstallShield Installation Information\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}\setup.exe -runfromtemp -l0x040c -removeonly
SAMSUNG Mobile Modem Driver Set-->C:\Windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
Samsung Mobile phone USB driver Software-->C:\Windows\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\Windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\Windows\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung PC Studio 3-->"C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x040c -removeonly
Setup My PC-->"C:\Program Files\InstallShield Installation Information\{28518520-F25C-48C3-A224-861F331602F4}\setup.exe" -runfromtemp -l0x040c -removeonly
StarOffice 9-->MsiExec.exe /I{C5E4D0D0-EACC-4013-B48D-C3F104F21DCD}
TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}
TuxGuitar-->C:\Program Files\tuxguitar-1.1\uninstall.exe
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
VideoLAN VLC media player 0.8.5-->C:\Program Files\VideoLAN\VLC\uninstall.exe
VLC 0.9.8-->"C:\Program Files\VLC\unins000.exe"
VMN Toolbar-->C:\Program Files\vmntoolbar\uninstall.exe
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live Movie Maker-->MsiExec.exe /X{53B20C18-D8D4-4588-8737-9BBFE303C354}
Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
WinPcap 4.0.2-->C:\Program Files\WinPcap\uninstall.exe
WinZip-->"C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
Yu-Gi-Oh! ONLINE 2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{00B93E18-7F40-4DA9-8156-8340936DCD2F}\Setup.exe" -l0x40c
======Security center information======
AS: Windows Defender
======System event log======
Computer Name: Marie
Event Code: 7000
Message: Le service General Purpose USB Driver (adildr.sys) n'a pas pu démarrer en raison de l'erreur :
Le service ne peut pas être démarré parce qu'il est désactivé ou qu'aucun périphérique activé ne lui est associé.
Record Number: 151139
Source Name: Service Control Manager
Time Written: 20091213084303.000000-000
Event Type: Erreur
User:
Computer Name: Marie
Event Code: 3004
Message: L’agent de protection en temps réel Windows Defender a détecté des modifications. Microsoft vous recommande d’analyser les logiciels responsables de ces modifications, à la recherche de risques potentiels. Vous pouvez vous servir des informations relatives au fonctionnement de ces programmes pour autoriser ou non leur exécution, ou pour les supprimer de l’ordinateur. N’autorisez les modifications que si vous faites confiance au programme ou à l’éditeur de logiciel. Windows Defender ne peut pas annuler les modifications que vous autorisez.
Pour plus d’informations, consultez les données suivantes :
Non applicable
ID d’analyse : {BE6ADA17-826F-4B9A-BBD9-977609B60D15}
Utilisateur : MARIE\4t535sa
Nom : Unknown
ID :
ID de gravité :
ID de catégorie :
Chemin d’accès trouvé : driver:RkPavproc1
Type d’alerte : Logiciel non classifié
Type de détection :
Record Number: 151225
Source Name: Microsoft-Windows-Windows Defender
Time Written: 20091213084412.000000-000
Event Type: Avertissement
User:
Computer Name: Marie
Event Code: 3004
Message: L’agent de protection en temps réel Windows Defender a détecté des modifications. Microsoft vous recommande d’analyser les logiciels responsables de ces modifications, à la recherche de risques potentiels. Vous pouvez vous servir des informations relatives au fonctionnement de ces programmes pour autoriser ou non leur exécution, ou pour les supprimer de l’ordinateur. N’autorisez les modifications que si vous faites confiance au programme ou à l’éditeur de logiciel. Windows Defender ne peut pas annuler les modifications que vous autorisez.
Pour plus d’informations, consultez les données suivantes :
Non applicable
ID d’analyse : {69478B72-1D49-4743-8759-BAE141B24BD8}
Utilisateur : MARIE\4t535sa
Nom : Unknown
ID :
ID de gravité :
ID de catégorie :
Chemin d’accès trouvé : service:RkPavproc1
Type d’alerte : Logiciel non classifié
Type de détection :
Record Number: 151226
Source Name: Microsoft-Windows-Windows Defender
Time Written: 20091213084412.000000-000
Event Type: Avertissement
User:
Computer Name: Marie
Event Code: 3004
Message: L’agent de protection en temps réel Windows Defender a détecté des modifications. Microsoft vous recommande d’analyser les logiciels responsables de ces modifications, à la recherche de risques potentiels. Vous pouvez vous servir des informations relatives au fonctionnement de ces programmes pour autoriser ou non leur exécution, ou pour les supprimer de l’ordinateur. N’autorisez les modifications que si vous faites confiance au programme ou à l’éditeur de logiciel. Windows Defender ne peut pas annuler les modifications que vous autorisez.
Pour plus d’informations, consultez les données suivantes :
Non applicable
ID d’analyse : {A1847602-AB15-4160-883B-1079FCED7EE8}
Utilisateur : MARIE\4t535sa
Nom : Unknown
ID :
ID de gravité :
ID de catégorie :
Chemin d’accès trouvé : driver:RkPavproc1
Type d’alerte : Logiciel non classifié
Type de détection :
Record Number: 151236
Source Name: Microsoft-Windows-Windows Defender
Time Written: 20091213084725.000000-000
Event Type: Avertissement
User:
Computer Name: Marie
Event Code: 3004
Message: L’agent de protection en temps réel Windows Defender a détecté des modifications. Microsoft vous recommande d’analyser les logiciels responsables de ces modifications, à la recherche de risques potentiels. Vous pouvez vous servir des informations relatives au fonctionnement de ces programmes pour autoriser ou non leur exécution, ou pour les supprimer de l’ordinateur. N’autorisez les modifications que si vous faites confiance au programme ou à l’éditeur de logiciel. Windows Defender ne peut pas annuler les modifications que vous autorisez.
Pour plus d’informations, consultez les données suivantes :
Non applicable
ID d’analyse : {DB0F5F6C-F1AA-4F47-8C5D-5E5B48B6ABA5}
Utilisateur : MARIE\4t535sa
Nom : Unknown
ID :
ID de gravité :
ID de catégorie :
Chemin d’accès trouvé : service:RkPavproc1
Type d’alerte : Logiciel non classifié
Type de détection :
Record Number: 151237
Source Name: Microsoft-Windows-Windows Defender
Time Written: 20091213084725.000000-000
Event Type: Avertissement
User:
=====Application event log=====
Computer Name: Marie
Event Code: 1000
Message: Application défaillante iexplore.exe, version 8.0.6001.18865, horodatage 0x4b077416, module défaillant CMWIE.dll, version 1.1.0.1880, horodatage 0x4b1ca8dd, code d’exception 0xc0000005, décalage d’erreur 0x00078c9f, ID du processus 0x1120, heure de début de l’application 0x01ca7bcc3802a24d.
Record Number: 35288
Source Name: Application Error
Time Written: 20091213083206.000000-000
Event Type: Erreur
User:
Computer Name: Marie
Event Code: 1000
Message: Application défaillante iexplore.exe, version 8.0.6001.18865, horodatage 0x4b077416, module défaillant ACEIEAddOn.dll, version 4.1.0.5240, horodatage 0x4b1c822f, code d’exception 0xc0000005, décalage d’erreur 0x0001dc3b, ID du processus 0xdf8, heure de début de l’application 0x01ca7bcec5b5216d.
info.txt logfile of random's system information tool 1.06 2009-12-13 12:04:21
======Uninstall list======
-->"C:\Program Files\InstallShield Installation Information\{8F1B6239-FEA0-450A-A950-B05276CE177C}\setup.exe" -runfromtemp -l0x040c -removeonly
-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
-->MsiExec /X{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}
32 Bit HP CIO Components Installer-->MsiExec.exe /I{47ECCB1F-2811-49C0-B6A7-26778639ABA0}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->MsiExec.exe /X{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}
Adobe Photoshop Elements 6.0-->msiexec /I {F54AC413-D2C6-4A24-B324-370C223C6250}
Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
AGEIA PhysX v7.11.13-->MsiExec.exe /X{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}
AoA Audio Extractor 1.0-->"C:\Program Files\AoA Audio Extractor\unins000.exe"
Apple Application Support-->MsiExec.exe /I{0C34B801-6AEC-4667-B053-03A67E2D0415}
Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
CA VMN Anti-Spyware (remove only)-->"C:\Program Files\CA VMN Anti-Spyware\uninstall.exe"
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
EasyBits Magic Desktop-->C:\Windows\system32\ezMDUninstall.exe
Favorit-->c:\users\4t535sa\appdata\local\mesyiok.bat
FormatFactory 1.90-->C:\Program Files\FormatFactory\uninst.exe
FTP Expert 3-->"C:\Program Files\Visicom Media\FTP Expert 3\uninst-ftp.exe"
Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0E996B068B56FCA2.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
HDReg France-->MsiExec.exe /I{0ED40D2A-7131-4FE7-941E-5C329336F712}
Hercules Classic Link Webcam-->C:\Program Files\InstallShield Installation Information\{FD4FE0F7-91FC-43A2-9C3A-187553991FFF}\setup.exe -runfromtemp -l0x040c -removeonly
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
iTunes-->MsiExec.exe /I{DA34FE93-5DC5-48E0-ACC8-A5389E05BB51}
Java(TM) 6 Update 14-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Office Suite Activation Assistant-->MsiExec.exe /X{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Works 9.0 SE-->C:\Program files\Microsoft Office\RunCmd.exe Works_Uninstall.cmd
Microsoft Works-->MsiExec.exe /I{0214A441-A4AB-43A8-8DEF-2F73C5364673}
Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Firefox (3.0.15)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Navigateur Orange-->C:\Program Files\OrangeHSS\Uninstall\Browser\Shell.exe MainUninstall.shl
Nero 8 Essentials-->MsiExec.exe /X{3559CDE0-11FC-4D7B-A65C-D646035B1036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Norton Internet Security-->C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\A5E82D02\16.7.2.11\InstStub.exe /X
Norton Internet Security-->MsiExec.exe /I{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}
Norton Security Scan-->C:\Program Files\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\2.3.0.44\InstStub.exe /X
NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
Orange - Logiciels Internet-->C:\Program Files\OrangeHSS\installation\core\Installgui.exe -u
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Packard Bell ImageWriter-->"C:\Program Files\InstallShield Installation Information\{F4EA67C9-6748-4C1E-9AFF-04149AC75D95}\setup.exe" -runfromtemp -l0x040c -removeonly
Packard Bell Recovery Management-->"C:\Program Files\InstallShield Installation Information\{7F811A54-5A09-4579-90E1-C93498E230D9}\setup.exe" -runfromtemp -l0x040c -removeonly
Packard Bell Updator-->"C:\Program Files\InstallShield Installation Information\{CA786CFF-1D31-4804-B436-F3405B14357F}\setup.exe" -runfromtemp -l0x040c -removeonly
Panda ActiveScan 2.0-->C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
PBP Unpacker v0.94-->"C:\Program Files\PBP Unpacker\unins000.exe"
PokerStars-->"C:\Program Files\PokerStars\PokerStarsUninstall.exe" /u:PokerStars
Power IEv3-->MsiExec.exe /I{AF7C627C-F354-4FF1-8450-398C806B436E}
QuestService 1.0 build 129-->C:\Program Files\QuestService\uninstall.exe
QuickTime-->MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
Revo Uninstaller 1.83-->C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe
Safari-->MsiExec.exe /I{9C48DCA4-00C2-449C-88D8-B1EE1692B44F}
SAGEM F@st 800-840-->C:\Program Files\InstallShield Installation Information\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}\setup.exe -runfromtemp -l0x040c -removeonly
SAMSUNG Mobile Modem Driver Set-->C:\Windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
Samsung Mobile phone USB driver Software-->C:\Windows\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\Windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\Windows\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung PC Studio 3-->"C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x040c -removeonly
Setup My PC-->"C:\Program Files\InstallShield Installation Information\{28518520-F25C-48C3-A224-861F331602F4}\setup.exe" -runfromtemp -l0x040c -removeonly
StarOffice 9-->MsiExec.exe /I{C5E4D0D0-EACC-4013-B48D-C3F104F21DCD}
TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}
TuxGuitar-->C:\Program Files\tuxguitar-1.1\uninstall.exe
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
VideoLAN VLC media player 0.8.5-->C:\Program Files\VideoLAN\VLC\uninstall.exe
VLC 0.9.8-->"C:\Program Files\VLC\unins000.exe"
VMN Toolbar-->C:\Program Files\vmntoolbar\uninstall.exe
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live Movie Maker-->MsiExec.exe /X{53B20C18-D8D4-4588-8737-9BBFE303C354}
Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
WinPcap 4.0.2-->C:\Program Files\WinPcap\uninstall.exe
WinZip-->"C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
Yu-Gi-Oh! ONLINE 2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{00B93E18-7F40-4DA9-8156-8340936DCD2F}\Setup.exe" -l0x40c
======Security center information======
AS: Windows Defender
======System event log======
Computer Name: Marie
Event Code: 7000
Message: Le service General Purpose USB Driver (adildr.sys) n'a pas pu démarrer en raison de l'erreur :
Le service ne peut pas être démarré parce qu'il est désactivé ou qu'aucun périphérique activé ne lui est associé.
Record Number: 151139
Source Name: Service Control Manager
Time Written: 20091213084303.000000-000
Event Type: Erreur
User:
Computer Name: Marie
Event Code: 3004
Message: L’agent de protection en temps réel Windows Defender a détecté des modifications. Microsoft vous recommande d’analyser les logiciels responsables de ces modifications, à la recherche de risques potentiels. Vous pouvez vous servir des informations relatives au fonctionnement de ces programmes pour autoriser ou non leur exécution, ou pour les supprimer de l’ordinateur. N’autorisez les modifications que si vous faites confiance au programme ou à l’éditeur de logiciel. Windows Defender ne peut pas annuler les modifications que vous autorisez.
Pour plus d’informations, consultez les données suivantes :
Non applicable
ID d’analyse : {BE6ADA17-826F-4B9A-BBD9-977609B60D15}
Utilisateur : MARIE\4t535sa
Nom : Unknown
ID :
ID de gravité :
ID de catégorie :
Chemin d’accès trouvé : driver:RkPavproc1
Type d’alerte : Logiciel non classifié
Type de détection :
Record Number: 151225
Source Name: Microsoft-Windows-Windows Defender
Time Written: 20091213084412.000000-000
Event Type: Avertissement
User:
Computer Name: Marie
Event Code: 3004
Message: L’agent de protection en temps réel Windows Defender a détecté des modifications. Microsoft vous recommande d’analyser les logiciels responsables de ces modifications, à la recherche de risques potentiels. Vous pouvez vous servir des informations relatives au fonctionnement de ces programmes pour autoriser ou non leur exécution, ou pour les supprimer de l’ordinateur. N’autorisez les modifications que si vous faites confiance au programme ou à l’éditeur de logiciel. Windows Defender ne peut pas annuler les modifications que vous autorisez.
Pour plus d’informations, consultez les données suivantes :
Non applicable
ID d’analyse : {69478B72-1D49-4743-8759-BAE141B24BD8}
Utilisateur : MARIE\4t535sa
Nom : Unknown
ID :
ID de gravité :
ID de catégorie :
Chemin d’accès trouvé : service:RkPavproc1
Type d’alerte : Logiciel non classifié
Type de détection :
Record Number: 151226
Source Name: Microsoft-Windows-Windows Defender
Time Written: 20091213084412.000000-000
Event Type: Avertissement
User:
Computer Name: Marie
Event Code: 3004
Message: L’agent de protection en temps réel Windows Defender a détecté des modifications. Microsoft vous recommande d’analyser les logiciels responsables de ces modifications, à la recherche de risques potentiels. Vous pouvez vous servir des informations relatives au fonctionnement de ces programmes pour autoriser ou non leur exécution, ou pour les supprimer de l’ordinateur. N’autorisez les modifications que si vous faites confiance au programme ou à l’éditeur de logiciel. Windows Defender ne peut pas annuler les modifications que vous autorisez.
Pour plus d’informations, consultez les données suivantes :
Non applicable
ID d’analyse : {A1847602-AB15-4160-883B-1079FCED7EE8}
Utilisateur : MARIE\4t535sa
Nom : Unknown
ID :
ID de gravité :
ID de catégorie :
Chemin d’accès trouvé : driver:RkPavproc1
Type d’alerte : Logiciel non classifié
Type de détection :
Record Number: 151236
Source Name: Microsoft-Windows-Windows Defender
Time Written: 20091213084725.000000-000
Event Type: Avertissement
User:
Computer Name: Marie
Event Code: 3004
Message: L’agent de protection en temps réel Windows Defender a détecté des modifications. Microsoft vous recommande d’analyser les logiciels responsables de ces modifications, à la recherche de risques potentiels. Vous pouvez vous servir des informations relatives au fonctionnement de ces programmes pour autoriser ou non leur exécution, ou pour les supprimer de l’ordinateur. N’autorisez les modifications que si vous faites confiance au programme ou à l’éditeur de logiciel. Windows Defender ne peut pas annuler les modifications que vous autorisez.
Pour plus d’informations, consultez les données suivantes :
Non applicable
ID d’analyse : {DB0F5F6C-F1AA-4F47-8C5D-5E5B48B6ABA5}
Utilisateur : MARIE\4t535sa
Nom : Unknown
ID :
ID de gravité :
ID de catégorie :
Chemin d’accès trouvé : service:RkPavproc1
Type d’alerte : Logiciel non classifié
Type de détection :
Record Number: 151237
Source Name: Microsoft-Windows-Windows Defender
Time Written: 20091213084725.000000-000
Event Type: Avertissement
User:
=====Application event log=====
Computer Name: Marie
Event Code: 1000
Message: Application défaillante iexplore.exe, version 8.0.6001.18865, horodatage 0x4b077416, module défaillant CMWIE.dll, version 1.1.0.1880, horodatage 0x4b1ca8dd, code d’exception 0xc0000005, décalage d’erreur 0x00078c9f, ID du processus 0x1120, heure de début de l’application 0x01ca7bcc3802a24d.
Record Number: 35288
Source Name: Application Error
Time Written: 20091213083206.000000-000
Event Type: Erreur
User:
Computer Name: Marie
Event Code: 1000
Message: Application défaillante iexplore.exe, version 8.0.6001.18865, horodatage 0x4b077416, module défaillant ACEIEAddOn.dll, version 4.1.0.5240, horodatage 0x4b1c822f, code d’exception 0xc0000005, décalage d’erreur 0x0001dc3b, ID du processus 0xdf8, heure de début de l’application 0x01ca7bcec5b5216d.
Bonjour ,
Je prend la suite :
• Télécharge SystemLook de jpshortstuff sur ton Bureau à partir d'un des liens ci-dessous.
Miroir de téléchargement #1
Miroir de téléchargement #2
• Double-clique sur SystemLook.exe pour le lancer.
• Clic droit|Copier le contenu du cadre ci-dessous et clic droit|Coller dans la zone texte de SystemLook :
:dir
C:\Windows\system32\m /s
• Clique sur le bouton Look pour démarrer l'examen.
• A la fin, le Bloc-notes s'ouvre avec le résultat de l'analyse. Copie-colle le rapport dans ta prochaine réponse.
• Nota Bene : Le rapport peut aussi être trouvé sur ton Bureau sous le nom SystemLook.txt
############
▶ Télécharge OTM de OldTimer sur ton Bureau.
• Double-clique sur OTM.exe afin de le lancer.
• Copie (Ctrl+C) le texte suivant ci-dessous :
:processes
explorer.exe
:services
WinSvc
:files
C:\Program Files\Winsudate\gibusr.exe
C:\Program Files\Winsudate
C:\Users\4t535sa\AppData\Local\Temp\NotifierSetup.exe
C:\Windows\BDOSCAN8
:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WinUsr"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Iminent.Notifier Install"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
:commands
[emptytemp]
[reboot]
• Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
• Clique maintenant sur le bouton MoveIt! puis ferme OTM.
▶ Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
▶ Accepte en cliquant sur YES.
• Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
##################
• Télécharge UsbFix sur ton bureau .
(!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d avoir été infectés sans les ouvrir
• Double clic sur "UsbFix.exe" présent sur ton bureau .
• Choisis l' option F pour français et et tape sur [entrée] .
• choisis l'option 2 ( Suppression ) et tape sur [entrée].
• Ton bureau disparaitra et le pc redémarrera .
• Au redémarrage , UsbFix scannera ton pc , laisse travailler l'outil.
• Ensuite post le rapport UsbFix.txt qui apparaitra avec le bureau .
• Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
• Tuto : http://pagesperso-orange.fr/NosTools/usbfix.html
Je prend la suite :
• Télécharge SystemLook de jpshortstuff sur ton Bureau à partir d'un des liens ci-dessous.
Miroir de téléchargement #1
Miroir de téléchargement #2
• Double-clique sur SystemLook.exe pour le lancer.
• Clic droit|Copier le contenu du cadre ci-dessous et clic droit|Coller dans la zone texte de SystemLook :
:dir
C:\Windows\system32\m /s
• Clique sur le bouton Look pour démarrer l'examen.
• A la fin, le Bloc-notes s'ouvre avec le résultat de l'analyse. Copie-colle le rapport dans ta prochaine réponse.
• Nota Bene : Le rapport peut aussi être trouvé sur ton Bureau sous le nom SystemLook.txt
############
▶ Télécharge OTM de OldTimer sur ton Bureau.
• Double-clique sur OTM.exe afin de le lancer.
• Copie (Ctrl+C) le texte suivant ci-dessous :
:processes
explorer.exe
:services
WinSvc
:files
C:\Program Files\Winsudate\gibusr.exe
C:\Program Files\Winsudate
C:\Users\4t535sa\AppData\Local\Temp\NotifierSetup.exe
C:\Windows\BDOSCAN8
:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WinUsr"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Iminent.Notifier Install"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
:commands
[emptytemp]
[reboot]
• Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
• Clique maintenant sur le bouton MoveIt! puis ferme OTM.
▶ Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
▶ Accepte en cliquant sur YES.
• Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
##################
• Télécharge UsbFix sur ton bureau .
(!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d avoir été infectés sans les ouvrir
• Double clic sur "UsbFix.exe" présent sur ton bureau .
• Choisis l' option F pour français et et tape sur [entrée] .
• choisis l'option 2 ( Suppression ) et tape sur [entrée].
• Ton bureau disparaitra et le pc redémarrera .
• Au redémarrage , UsbFix scannera ton pc , laisse travailler l'outil.
• Ensuite post le rapport UsbFix.txt qui apparaitra avec le bureau .
• Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
• Tuto : http://pagesperso-orange.fr/NosTools/usbfix.html
voici le rapport de SystemLookSystemLook v1.0 by jpshortstuff (29.08.09)
Log created at 12:15 on 13/12/2009 by 4t535sa (Administrator - Elevation successful)
========== dir ==========
C:\Windows\system32\m - Parameters: "/s "
---Files---
None found.
No folders found.
-=End Of File=-
Log created at 12:15 on 13/12/2009 by 4t535sa (Administrator - Elevation successful)
========== dir ==========
C:\Windows\system32\m - Parameters: "/s "
---Files---
None found.
No folders found.
-=End Of File=-
voila le rapport de OTM
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== SERVICES/DRIVERS ==========
Service WinSvc stopped successfully!
Service WinSvc deleted successfully!
========== FILES ==========
C:\Program Files\Winsudate\gibusr.exe moved successfully.
C:\Program Files\Winsudate folder moved successfully.
C:\Users\4t535sa\AppData\Local\Temp\NotifierSetup.exe moved successfully.
C:\Windows\BDOSCAN8\Plugins folder moved successfully.
C:\Windows\BDOSCAN8 folder moved successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\WinUsr deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Iminent.Notifier Install deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: 4t535sa
->Temp folder emptied: 205561708 bytes
->Temporary Internet Files folder emptied: 13006833 bytes
->Java cache emptied: 20879246 bytes
->FireFox cache emptied: 81230340 bytes
->Apple Safari cache emptied: 25571951 bytes
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 760821 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 11668506 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 13426546 bytes
RecycleBin emptied: 106670 bytes
Total Files Cleaned = 355,00 mb
OTM by OldTimer - Version 3.1.2.2 log created on 12132009_121736
Files moved on Reboot...
File C:\Windows\temp\JET7973.tmp not found!
Registry entries deleted on Reboot...
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== SERVICES/DRIVERS ==========
Service WinSvc stopped successfully!
Service WinSvc deleted successfully!
========== FILES ==========
C:\Program Files\Winsudate\gibusr.exe moved successfully.
C:\Program Files\Winsudate folder moved successfully.
C:\Users\4t535sa\AppData\Local\Temp\NotifierSetup.exe moved successfully.
C:\Windows\BDOSCAN8\Plugins folder moved successfully.
C:\Windows\BDOSCAN8 folder moved successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\WinUsr deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Iminent.Notifier Install deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: 4t535sa
->Temp folder emptied: 205561708 bytes
->Temporary Internet Files folder emptied: 13006833 bytes
->Java cache emptied: 20879246 bytes
->FireFox cache emptied: 81230340 bytes
->Apple Safari cache emptied: 25571951 bytes
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 760821 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 11668506 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 13426546 bytes
RecycleBin emptied: 106670 bytes
Total Files Cleaned = 355,00 mb
OTM by OldTimer - Version 3.1.2.2 log created on 12132009_121736
Files moved on Reboot...
File C:\Windows\temp\JET7973.tmp not found!
Registry entries deleted on Reboot...
voici le rapport de UsbFix:
C:\Windows\system32\taskeng.exe 352
C:\Windows\Explorer.EXE 432
C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe 572
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 1544
C:\Program Files\Bonjour\mDNSResponder.exe 1576
C:\Program Files\PACKARDBELL\Packard Bell Recovery Management\Service\ETService.exe 1464
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe 2204
C:\Windows\system32\taskeng.exe 2252
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe 2276
C:\Windows\System32\svchost.exe 2332
C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe 2352
C:\Windows\system32\IoctlSvc.exe 2424
C:\Windows\System32\svchost.exe 2444
C:\Windows\system32\svchost.exe 2472
C:\ProgramData\QuestService\questservice129.exe 2568
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe 2680
C:\Program Files\QuestService\questservice.exe 2700
C:\Windows\system32\svchost.exe 2716
C:\Windows\System32\TUProgSt.exe 2740
C:\Windows\System32\svchost.exe 2812
C:\Windows\system32\SearchIndexer.exe 2832
C:\Windows\system32\wbem\wmiprvse.exe 3148
C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe 3252
C:\Windows\system32\WUDFHost.exe 3488
C:\Windows\system32\DllHost.exe 3696
C:\Windows\system32\DllHost.exe 3712
C:\Windows\system32\runonce.exe 3760
C:\Windows\system32\conime.exe 3864
################## | Fichiers # Dossiers infectieux |
Supprimé ! C:\$Recycle.Bin\S-1-5-18
Supprimé ! C:\$Recycle.Bin\S-1-5-21-1519845611-2888426927-2721905098-500
Supprimé ! C:\$Recycle.Bin\S-1-5-21-3342945683-524478780-2405861698-1000
Supprimé ! C:\$Recycle.Bin\S-1-5-21-3342945683-524478780-2405861698-500
################## | Registre # Clés infectieuses |
Supprimé ! [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe]
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableTaskMgr"
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoClose"
################## | Registre # Mountpoints2 |
Supprimé ! HKCU\...\Explorer\MountPoints2\{c707b146-29ca-11de-9272-002197a34061}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{cc9770ed-299b-11de-bd1a-002197a34061}\Shell\AutoRun\Command
################## | Listing des fichiers présent |
[18/09/2006 22:43|--a------|24] C:\autoexec.bat
[21/01/2008 03:24|-rahs----|333203] C:\bootmgr
[13/11/2008 14:33|-ra-s----|8192] C:\BOOTSECT.BAK
[18/09/2006 22:43|--a------|10] C:\config.sys
[?|?|?] C:\hiberfil.sys
[11/10/2009 07:43|-rahs----|0] C:\IO.SYS
[11/10/2009 07:43|-rahs----|0] C:\MSDOS.SYS
[04/09/2008 01:11|--a------|54600] C:\npbittorrent.dll
[29/02/2004 16:44|--a------|52576] C:\orange.bmp
[?|?|?] C:\pagefile.sys
[13/11/2008 06:30|--a------|426] C:\RHDSetup.log
[13/12/2009 12:36|--a------|4665] C:\UsbFix.txt
################## | Vaccination |
# C:\autorun.inf -> Dossier créé par UsbFix.
# F:\autorun.inf -> Dossier créé par UsbFix.
################## | Cracks / Keygens / Serials |
################## | Upload |
Veuillez envoyer le fichier : C:\Users\4t535sa\Desktop\UsbFix_Upload_Me_MARIE.zip : https://www.ionos.fr/?affiliate_id=77097
Merci pour votre contribution .
PS: j'ai envoyé le fichier à l'adresse demandé.
C:\Windows\system32\taskeng.exe 352
C:\Windows\Explorer.EXE 432
C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe 572
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 1544
C:\Program Files\Bonjour\mDNSResponder.exe 1576
C:\Program Files\PACKARDBELL\Packard Bell Recovery Management\Service\ETService.exe 1464
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe 2204
C:\Windows\system32\taskeng.exe 2252
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe 2276
C:\Windows\System32\svchost.exe 2332
C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe 2352
C:\Windows\system32\IoctlSvc.exe 2424
C:\Windows\System32\svchost.exe 2444
C:\Windows\system32\svchost.exe 2472
C:\ProgramData\QuestService\questservice129.exe 2568
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe 2680
C:\Program Files\QuestService\questservice.exe 2700
C:\Windows\system32\svchost.exe 2716
C:\Windows\System32\TUProgSt.exe 2740
C:\Windows\System32\svchost.exe 2812
C:\Windows\system32\SearchIndexer.exe 2832
C:\Windows\system32\wbem\wmiprvse.exe 3148
C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe 3252
C:\Windows\system32\WUDFHost.exe 3488
C:\Windows\system32\DllHost.exe 3696
C:\Windows\system32\DllHost.exe 3712
C:\Windows\system32\runonce.exe 3760
C:\Windows\system32\conime.exe 3864
################## | Fichiers # Dossiers infectieux |
Supprimé ! C:\$Recycle.Bin\S-1-5-18
Supprimé ! C:\$Recycle.Bin\S-1-5-21-1519845611-2888426927-2721905098-500
Supprimé ! C:\$Recycle.Bin\S-1-5-21-3342945683-524478780-2405861698-1000
Supprimé ! C:\$Recycle.Bin\S-1-5-21-3342945683-524478780-2405861698-500
################## | Registre # Clés infectieuses |
Supprimé ! [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe]
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableTaskMgr"
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoClose"
################## | Registre # Mountpoints2 |
Supprimé ! HKCU\...\Explorer\MountPoints2\{c707b146-29ca-11de-9272-002197a34061}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{cc9770ed-299b-11de-bd1a-002197a34061}\Shell\AutoRun\Command
################## | Listing des fichiers présent |
[18/09/2006 22:43|--a------|24] C:\autoexec.bat
[21/01/2008 03:24|-rahs----|333203] C:\bootmgr
[13/11/2008 14:33|-ra-s----|8192] C:\BOOTSECT.BAK
[18/09/2006 22:43|--a------|10] C:\config.sys
[?|?|?] C:\hiberfil.sys
[11/10/2009 07:43|-rahs----|0] C:\IO.SYS
[11/10/2009 07:43|-rahs----|0] C:\MSDOS.SYS
[04/09/2008 01:11|--a------|54600] C:\npbittorrent.dll
[29/02/2004 16:44|--a------|52576] C:\orange.bmp
[?|?|?] C:\pagefile.sys
[13/11/2008 06:30|--a------|426] C:\RHDSetup.log
[13/12/2009 12:36|--a------|4665] C:\UsbFix.txt
################## | Vaccination |
# C:\autorun.inf -> Dossier créé par UsbFix.
# F:\autorun.inf -> Dossier créé par UsbFix.
################## | Cracks / Keygens / Serials |
################## | Upload |
Veuillez envoyer le fichier : C:\Users\4t535sa\Desktop\UsbFix_Upload_Me_MARIE.zip : https://www.ionos.fr/?affiliate_id=77097
Merci pour votre contribution .
PS: j'ai envoyé le fichier à l'adresse demandé.
Désactivez le contrôle des comptes utilisateurs avant l'utilisation de cet outil:
• Allez dans "Démarrer" puis Panneau de configuration.
• Double Cliquez sur l'icône Comptes d'utilisateurs et sur "Activer ou désactiver le contrôle des comptes d'utilisateurs".
• Décochez la case Utiliser le contrôle des comptes d'utilisateurs pour vous aider à protéger votre ordinateur.
• Validez par OK et redémarrez .
• Aide en image: http://pagesperso-orange.fr/NosTools/uac_vista.html
• Télécharge Ad-remover ( de C_XX ) sur ton bureau :
! Déconnecte toi et ferme toutes applications en cours !
• Double clique sur "Ad-R.exe" pour lancer l'installation .
• L'installation est automatique , l outil souvre .
• Au menu principal choisis l'option "L" et tape sur [entrée] .
• Laisse travailler l'outil et ne touche à rien ...
--> Poste le rapport qui apparait à la fin , sur le forum ...
( Le rapport est sauvegardé aussi sous C:\Ad-report.log )
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )
Tuto : http://pagesperso-orange.fr/NosTools/tuto_adr_3.html
• Allez dans "Démarrer" puis Panneau de configuration.
• Double Cliquez sur l'icône Comptes d'utilisateurs et sur "Activer ou désactiver le contrôle des comptes d'utilisateurs".
• Décochez la case Utiliser le contrôle des comptes d'utilisateurs pour vous aider à protéger votre ordinateur.
• Validez par OK et redémarrez .
• Aide en image: http://pagesperso-orange.fr/NosTools/uac_vista.html
• Télécharge Ad-remover ( de C_XX ) sur ton bureau :
! Déconnecte toi et ferme toutes applications en cours !
• Double clique sur "Ad-R.exe" pour lancer l'installation .
• L'installation est automatique , l outil souvre .
• Au menu principal choisis l'option "L" et tape sur [entrée] .
• Laisse travailler l'outil et ne touche à rien ...
--> Poste le rapport qui apparait à la fin , sur le forum ...
( Le rapport est sauvegardé aussi sous C:\Ad-report.log )
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )
Tuto : http://pagesperso-orange.fr/NosTools/tuto_adr_3.html
voila le rapport de AD-R:
.
======= RAPPORT D'AD-REMOVER 1.1.4.6_E | UNIQUEMENT XP/VISTA/7 =======
.
Mit à jour par C_XX le 12.12.2009 à 22:46
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 13:06:24, 13/12/2009 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-Remover\
Système d'exploitation: Microsoft® Windows Vista™ Home Premium Service Pack 1 v6.0.6001
Nom du PC: MARIE | Utilisateur actuel: 4t535sa
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
C:\Users\4t535sa\AppData\Roaming\DesktopIcon
C:\Windows\Installer\{E1B94435-241E-4519-B1C3-C4DD9EB352A2}
C:\Users\4t535sa\AppData\LocalLow\FunWebProducts
C:\Program Files\Automated Content Enhancer
C:\Program Files\Content Management Wizard
C:\Program Files\Customized Platform Advancer
C:\Program Files\Fast Browser Search
C:\Program Files\HottieStar Toolbar
C:\Program Files\Iminent
C:\Program Files\Internet Today
C:\Program Files\Textual Content Provider
C:\Program Files\Web Search Operator
C:\Users\Public\MyWebTattoo.exe
C:\Users\4t535sa\AppData\Local\Temp\cmw
C:\Users\4t535sa\AppData\Roaming\MICROS~1\Windows\STARTM~1\Ebay.lnk
C:\Program Files\Windows Live\Messenger\Riched20.dll
C:\Users\4t535sa\AppData\Local\mesyiok.bat
C:\Users\4t535sa\AppData\Local\qaoiw_nav.dat
C:\Users\4t535sa\AppData\Local\qaoiw_navps.dat
(!) -- Fichiers temporaires supprimés.
.
HKCU\software\appdatalow\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
HKCU\software\appdatalow\software\CMW
HKCU\software\appdatalow\software\Fun Web Products
HKCU\software\appdatalow\software\FunWebProducts
HKCU\software\appdatalow\software\Media Access Startup
HKCU\software\appdatalow\software\MyWebSearch
HKCU\software\appdatalow\software\Web Search Operator
HKCU\software\fcn
HKCU\software\HottieStar Toolbar
HKCU\software\Iminent
HKCU\Software\Microsoft\Explorer\Bars\{B72681C0-A222-4b21-A0E2-53A5A5CA3D411}
HKCU\software\microsoft\internet explorer\searchscopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{100eb1fd-d03e-47fd-81f3-ee91287f9465}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B2}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B3}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2}
HKCU\software\MyWebSearch
HKLM\software\appdatalow\software\Internet Today
HKLM\software\appdatalow\software\Web Search Operator
HKLM\Software\Classes\CLSID\{1D74E9DD-8987-448b-B2CB-67FFF2B8A932}
HKLM\Software\Classes\CLSID\{42C7C39F-3128-4a17-BDB7-91C46032B5B9}
HKLM\Software\Classes\CLSID\{B72681C0-A222-4b21-A0E2-53A5A5CA3D41}
HKLM\Software\Classes\CLSID\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
HKLM\Software\Classes\CLSID\{EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431}
HKLM\software\classes\ExplorerBar.CMW
HKLM\software\classes\ExplorerBar.CMW.1
HKLM\software\classes\ExplorerBar.FunExplorer
HKLM\software\classes\ExplorerBar.FunExplorer.1
HKLM\software\classes\ExplorerBar.FunRedirector
HKLM\software\classes\ExplorerBar.FunRedirector.1
HKLM\Software\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
HKLM\Software\Classes\Interface\{629CD6C2-E4C5-4554-AEB8-12E4E2CD40FF}
HKLM\Software\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
HKLM\Software\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
HKLM\Software\Classes\TypeLib\{2A743834-05F4-4ED4-8A1C-41332B10AC0C}
HKLM\Software\Classes\TypeLib\{565DD573-549E-4DA9-8CD7-6AE3DF25339A}
HKLM\Software\Classes\TypeLib\{883DFC00-8A21-411D-956C-73A4E4B7D16F}
HKLM\Software\Classes\TypeLib\{AC5AB953-ED25-4F9C-87F0-B086B0178FFA}
HKLM\Software\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
HKLM\Software\Classes\TypeLib\{F5B8C69C-9B45-4A6A-9380-DF225C546AE7}
HKLM\software\Fun Web Products
HKLM\software\FunWebProducts
HKLM\software\Iminent
HKLM\software\Media Access Startup
HKLM\Software\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48DD-9B6D-7A13A3E42127}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40FD-8DAE-FF14757F60C7}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}
HKLM\Software\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1D74E9DD-8987-448b-B2CB-67FFF2B8A932}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42C7C39F-3128-4a17-BDB7-91C46032B5B9}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B72681C0-A222-4b21-A0E2-53A5A5CA3D41}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431}
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Internet Today Task
HKLM\software\microsoft\windows\currentversion\uninstall\mesyiok
HKLM\software\MyWebSearch
HKLM\software\Web Search Operator
HKU\s-1-5-21-3342945683-524478780-2405861698-1000\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
HKU\S-1-5-21-3342945683-524478780-2405861698-1000\Software\Microsoft\Internet Explorer\Searchscopes\{56256A51-B582-467E-B8D4-7786EDA79AE0}
.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.0.15 [fr] *
.
Nom du profil: toud1btm.default (4t535sa)
.
(4t535sa, prefs.js) Browser.download.dir, C:\Users\4t535sa\Downloads
(4t535sa, prefs.js) Browser.download.lastDir, C:\Users\4t535sa\Pictures\sujet AP\Espcae Perso
(4t535sa, prefs.js) Browser.search.defaultenginename, Winamp Search
(4t535sa, prefs.js) Browser.search.defaulturl, hxxp://slirsredirect.search.aol.com/slirs_hxxp/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=
(4t535sa, prefs.js) Browser.search.selectedEngine, YouGoo
(4t535sa, prefs.js) Browser.startup.homepage, hxxp://www.theprizeday.com/today.php|hxxp://fr.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official\n
.
(4t535sa, prefs.js) EFFACE - Extensions.veohsearchrecs.SupportedSites, <?xml version=\1.0\ ?>\r\n<results revision=\1.5.2\>\r\n <sites>\r\n <searchsite MatchesDomain=\google.\ MatchesPath=\/search\ HasInUrl=\&q=\ SearchQuery=\&q=\></searchsite>\r\n <searchsite MatchesDomain=\google.\ MatchesPath=\/search\ HasInUrl=\?q=\ SearchQuery=\?q=\></searchsite>\r\n <searchsite MatchesDomain=\bing.com\ HasInUrl=\?q=\ SearchQuery=\?q=\></searchsite>\r\n <searchsite MatchesDomain=\news.google.com\ HasInUrl=\?q=\ SearchQuery=\?q=\></searchsite>\r\n <searchsite MatchesDomain=\news.google.com\ HasInUrl=\&q=\ SearchQuery=\&q=\></searchsite>\r\n <searchsite MatchesDomain=\youtube.com\ HasInUrl=\search_query=\ SearchQuery=\search_query=\></searchsite>\r\n <searchsite MatchesDomain=\search.yahoo.com\ HasInUrl=\?p=\ SearchQuery=\?p=\></searchsite>\r\n <searchsite MatchesDomain=\search.yahoo.com\ HasInUrl=\&p=\ SearchQuery=\&p=\></searchsite>\r\n <searchsite MatchesDomain=\ask.com\ MatchesPath=\/web\ HasInUrl=\?q=\ SearchQuery=\?q=\></searchsite>\r\n <searchsite MatchesDomain=\ask.com\ MatchesPath=\/web\ HasInUrl=\&q=\ SearchQuery=\&q=\></searchsite>\r\n <searchsite MatchesDomain=\ask.com\ MatchesPath=\/video\ HasInUrl=\&q=\ SearchQuery=\&q=\></searchsite>\r\n <searchsite MatchesDomain=\search.live.com\ HasInUrl=\?q=\ SearchQuery=\?q=\></searchsite>\r\n <searchsite MatchesDomain=\search.msn.com\ HasInUrl=\&q=\ SearchQuery=\&q=\></searchsite>\r\n <searchsite MatchesDomain=\wikipedia.org\ SearchQuery=\?search=\></searchsite>\r\n <searchsite MatchesDomain=\amazon.com\ HasInUrl=\field-keywords=\ SearchQuery=\field-keywords=\></searchsite>\r\n <searchsite MatchesDomain=\amazon.com\ HasInUrl=\&keywords=\ SearchQuery=\&keywords=\></searchsite>\r\n <searchsite MatchesDomain=\bestbuy.com\ HasInUrl=\&st=\ SearchQuery=\&st=\ CannotHaveInUrl=\skuId=\></searchsite>\r\n <searchsite MatchesDomain=\bestbuy.com\ HasInUrl=\&searchterm=\ SearchQuery=\&searchterm=\ CannotHaveInUrl=\skuId=\></searchsite>\r\n <searchsite MatchesDomain=\.aol.\ HasInUrl=\&query=\ SearchQuery=\&query=\></searchsite>\r\n <searchsite MatchesDomain=\.aol.\ MatchesPath=\/search\ HasInUrl=\&q=\ SearchQuery=\&q=\></searchsite>\r\n <searchsite MatchesDomain=\music.yahoo.com\ MatchesPath=\/search\ HasInUrl=\&p=\ SearchQuery=\&p=\></searchsite>\r\n <searchsite MatchesDomain=\walmart.com\ MatchesPath=\/search\ SearchQuery=\search_query=\></searchsite>\r\n <searchsite MatchesDomain=\imdb.com\ MatchesPath=\/find\ HasInUrl=\&q=\ SearchQuery=\&q=\></searchsite>\r\n <searchsite MatchesDomain=\searchservice.myspace.com\ HasInUrl=\&qry=\ SearchQuery=\&qry=\></searchsite>\r\n <searchsite MatchesDomain=\last.fm\ MatchesPath=\/search\ HasInUrl=\&q=\ SearchQuery=\&q=\></searchsite>\r\n <searchsite MatchesDomain=\last.fm\ MatchesPath=\/search\ HasInUrl=\?q=\ SearchQuery=\?q=\></searchsite>\r\n <searchsite MatchesDomain=\ebay.com\ SearchQuery=\_nkw=\></searchsite>\r\n <searchsite MatchesDomain=\craigslist.org\ HasInUrl=\search/\ SearchQuery=\query=\ CannotHaveInUrl=\/ers/\></searchsite>\r\n <searchsite MatchesDomain=\craigslist.org\ HasInUrl=\search/\ SearchQuery=\query=\ CannotHaveInUrl=\/cas/\></searchsite>\r\n <searchsite MatchesDomain=\craigslist.org\ HasInUrl=\search/\ SearchQuery=\query=\ CannotHaveInUrl=\/apa/\></searchsite>\r\n <searchsite MatchesDomain=\craigslist.org\ HasInUrl=\search/\ SearchQuery=\query=\ CannotHaveInUrl=\/stp/\></searchsite>\r\n <searchsite MatchesDomain=\dailymotion.com\ HasInUrl=\/search/\ SearchQuery=\/search/\></searchsite>\r\n <searchsite MatchesDomain=\fancast.com\ HasInUrl=\/search/?s=\ SearchQuery=\?s=\></searchsite>\r\n <searchsite MatchesDomain=\metacafe.com\ HasInUrl=\/tags/\ SearchQuery=\/tags/\></searchsite>\r\n <searchsite MatchesDomain=\search.twitter.com\ HasInUrl=\/search?q=\ SearchQuery=\?q=\></searchsite>\r\n <searchsite MatchesDomain=\hulu.com\ HasInUrl=\?query=\ SearchQuery=\?query=\></searchsite>\r\n <searchsite MatchesDomain=\cnn.com\ HasInUrl=\/search.jsp\ SearchQuery=\query=\></searchsite>\r\n <searchsite MatchesDomain=\flickr.com\ MatchesPath=\/search\ HasInUrl=\?q=\ SearchQuery=\?q=\></searchsite>\r\n <searchsite MatchesDomain=\flickr.com\ MatchesPath=\/search\ HasInUrl=\&q=\ SearchQuery=\&q=\></searchsite>\r\n <searchsite MatchesDomain=\photobucket.com\ HasInUrl=\/images/\ SearchQuery=\/images/\></searchsite>\r\n <searchsite MatchesDomain=\digg.com\ HasInUrl=\search?s=\ SearchQuery=\search?s=\></searchsite>\r\n <searchsite MatchesDomain=\megavideo.com\ HasInUrl=\?c=search\ SearchQuery=\&s=\></searchsite>\r\n </sites>\r\n\r\n\r\n <browsesites>\r\n <excludedsite Url=\hxxp://www.wikipedia.org/\/>\r\n <excludedsite Url=\hxxp://www.amazon.com/\/>\r\n <excludedsite Url=\hxxp://wikipedia.org/\/>\r\n <excludedsite Url=\hxxp://amazon.com/\/>\r\n <excludedsite Url=\hxxp://www.imeem.com/\/>\r\n <excludedsite Url=\hxxp://www.walmart.com/\/>\r\n <excludedsite Url=\hxxp://www.bestbuy.com/\/>\r\n <excludedsite Url=\hxxp://www.ebay.com/\/>\r\n <excludedsite Url=\hxxp://www.imdb.com/\/>\r\n <excludedsite Url=\hxxp://vids.myspace.com/\/>\r\n <excludedsite Url=\hxxp://new.music.yahoo.com/\/>\r\n <excludedsite Url=\hxxp://www.aol.com/\/>\r\n <excludedsite Url=\hxxp://www.imdb.com/\/>\r\n <excludedsite Url=\hxxp://www.aol.com/main.adp?adp=1\/>\r\n <excludedsite Url=\hxxp://www.bestbuy.com/site/olspage.jsp?type=category&id=cat00000\/>\r\n <excludedsite Url=\hxxp://it.wikipedia.org/wiki/Pagina_principale\/>\r\n <excludedsite Url=\hxxp://fr.wikipedia.org/wiki/Accueil\/>\r\n <excludedsite Url=\hxxp://ja.wikipedia.org/wiki/\/>\r\n <excludedsite Url=\hxxp://es.wikipedia.org/wiki/Wikipedia:Portada\/>\r\n <excludedsite Url=\hxxp://en.wikipedia.org/wiki/Portal:Contents\/>\r\n <excludedsite Url=\hxxp://en.wikipedia.org/wiki/Main_Page\/>\r\n <excludedsite Url=\hxxp://de.wikipedia.org/wiki/Hauptseite\/>\r\n <excludedsite Url=\hxxp://de.wikipedia.org/wiki/Wikipedia:Hauptseite\/>\r\n <excludedsite Url=\hxxp://i.media-imdb.com/3pads/kanoodle-title-sky.html\/>\r\n <excludedsite Url=\hxxp://i.media-imdb.com/3pads/kanoodle-name-sky.html\/>\r\n\r\n <browsesite MatchesDomain=\wikipedia.org\ CannotHaveInUrl=\Main_Page\ DivId=\3BDDE512-9FDF-43f4-91E1-048F5F2BF236\>\r\n <PageQuery><![CDATA[ try {var strQueryvar metaTags = document.getElementsByTagName'META'for var i=0 i<metaTags.length ++i { if metaTags[i].name.toLowerCase == 'keywords' {var delimIndex = metaTags[i].content.indexOf',' if delimIndex > 0 { strQuery = metaTags[i].content.substring0, delimIndexstrQuery = metaTags[i].content.substring0, delimIndexifstrQuery.indexOf':' > 0 strQuery = strQuery.substring0,strQuery.indexOf':' ifstrQuery.indexOf'' > 0 strQuery = strQuery.substring0,strQuery.indexOf'' var divResult = document.createElement'div'divResult.id = '3BDDE512-9FDF-43f4-91E1-048F5F2BF236'divResult.innerHTML = strQuerydocument.body.appendChilddivResult}}}}catche{}]]></PageQuery>\r\n </browsesite>\r\n <browsesite MatchesDomain=\amazon.com\ CannotHaveInUrl=\homepage.html\ HasInUrl=\?\ DivId=\3BDDE512-9FDF-43f4-91E1-048F5F2BF236\>\r\n <PageQuery><![CDATA[try{var strQueryvar metaTags = document.getElementsByTagName'META'for var i=0 i<metaTags.length ++i {if metaTags[i].name.toLowerCase == 'keywords' {var delimIndex = metaTags[i].content.indexOf','if delimIndex > 0 {strQuery = strQuery = metaTags[i].content.substring0, delimIndexifstrQuery.indexOf':' > 0 strQuery = strQuery.substring0,strQuery.indexOf':'ifstrQuery.indexOf'' > 0 strQuery = strQuery.substring0,strQuery.indexOf''var divResult = document.createElement'div'divResult.id = '3BDDE512-9FDF-43f4-91E1-048F5F2BF236'divResult.innerHTML = strQuerydocument.body.appendChilddivResult }}} }catche{}]]></PageQuery>\r\n </browsesite>\r\n <browsesite MatchesDomain=\imeem.com\ CannotHaveInUrl=\/video/\ HasInUrl=\/tag/\ DivId=\3BDDE512-9FDF-43f4-91E1-048F5F2BF236\>\r\n <PageQuery><![CDATA[try{var strQuery split = document.URL.split'/tag/'split = split[1].split'/'strQuery=split[0] var divResult = document.createElement'div'divResult.id = '3BDDE512-9FDF-43f4-91E1-048F5F2BF236'divResult.innerHTML = strQuerydocument.body.appendChilddivResult }catche{}]]></PageQuery>\r\n </browsesite>\r\n <browsesite MatchesDomain=\imeem.com\ CannotHaveInUrl=\/video/\ HasInUrl=\/artists/\ DivId=\3BDDE512-9FDF-43f4-91E1-048F5F2BF236\>\r\n <PageQuery><![CDATA[ try {var strQueryvar metaTags = document.getElementsByTagName'META'for var i=0 i<metaTags.length ++i {if metaTags[i].name.toLowerCase == 'keywords' {var delimIndex = metaTags[i].content.indexOf','if delimIndex > 0 {strQuery = metaTags[i].content.substring0, delimIndexifstrQuery.indexOf':' > 0 strQuery = strQuery.substring0,strQuery.indexOf':'ifstrQuery.indexOf'' > 0 strQuery = strQuery.substring0,strQuery.indexOf'' }}}ifstrQuery.toLowerCase=='browse'strQuery=''var divResult = document.createElement'div'divResult.id = '3BDDE512-9FDF-43f4-91E1-048F5F2BF236'divResult.innerHTML = strQuerydocument.body.appendChilddivResult }catche{}]]></PageQuery>\r\n </browsesite>\r\n <browsesite MatchesDomain=\imeem.com\ CannotHaveInUrl=\/video/\ HasInUrl=\/music/\ DivId=\3BDDE512-9FDF-43f4-91E1-048F5F2BF236\>\r\n <PageQuery><![CDATA[ try {var strQueryvar metaTags = document.getElementsByTagName'META'for var i=0 i<metaTags.length ++i {if metaTags[i].name.toLowerCase == 'keywords' {var delimIndex = metaTags[i].content.indexOf','if delimIndex > 0 {strQuery = metaTags[i].content.substring0, delimIndexifstrQuery.indexOf':' > 0 strQuery = strQuery.substring0,strQuery.indexOf':'ifstrQuery.indexOf'' > 0 strQuery = strQuery.substring0,strQuery.indexOf'' }}}ifstrQuery.toLowerCase=='browse'strQuery=''var divResult = document.createElement'div'divResult.id = '3BDDE512-9FDF-43f4-91E1-048F5F2BF236'divResult.innerHTML = strQuerydocument.body.appendChilddivResult}catche{}]]></PageQuery>\r\n </browsesite>\r\n <browsesite MatchesDomain=\music.yahoo.com\ CannotHaveInUrl=\/videos/\ DivId=\3BDDE512-9FDF-43f4-91E1-048F5F2BF236\>\r\n <PageQuery><![CDATA[ try {var strQueryvar metaTags = document.getElementsByTagName'META'for var i=0 i<metaTags.length ++i {if metaTags[i].name.toLowerCase == 'keywords' {var delimIndex = metaTags[i].content.indexOf','if delimIndex > 0 { strQuery = metaTags[i].content.substring0, delimIndexifstrQuery.indexOf':' > 0 strQuery = strQuery.substring0,strQuery.indexOf':'ifstrQuery.indexOf'' > 0 strQuery = strQuery.substring0,strQuery.indexOf'' var divResult = document.createElement'div'divResult.id = '3BDDE512-9FDF-43f4-91E1-048F5F2BF236'divResult.innerHTML = strQuerydocument.body.appendChilddivResult}}}}catche{}]]></PageQuery>\r\n </browsesite>\r\n <browsesite MatchesDomain=\walmart.com\ HasInUrl=\?product_id=\ MainPageUrl=\hxxp://www.walmart.com/\ DivId=\3BDDE512-9FDF-43f4-91E1-048F5F2BF236\>\r\n <PageQuery><![CDATA[ try {var strQueryvar metaTags = document.getElementsByTagName'META'for var i=0 i<metaTags.length ++i {if metaTags[i].name.toLowerCase == 'keywords' {var delimIndex = metaTags[i].content.indexOf','if delimIndex > 0 {strQuery = metaTags[i].content.substring0, delimIndexifstrQuery.indexOf':' > 0 strQuery = strQuery.substring0,strQuery.indexOf':'ifstrQuery.indexOf'' > 0 strQuery = strQuery.substring0,strQuery.indexOf'' var divResult = document.createElement'div'divResult.id = '3BDDE512-9FDF-43f4-91E1-048F5F2BF236'divResult.innerHTML = strQuerydocument.body.appendChilddivResult}}} }catche{}]]></PageQuery>\r\n </browsesite>\r\n <browsesite MatchesDomain=\bestbuy.com\ DivId=\3BDDE512-9FDF-43f4-91E1-048F5F2BF236\ CannotHaveInUrl=\skuId=\>\r\n <PageQuery><![CDATA[try{var strQueryvar titleTags=document.getElementsByTagName'title'iftitleTags.length>0{strQuery=titleTags[0].textvar split=strQuery.split'- BestBuy'ifsplit.length>1{strQuery=split[0]split=strQuery.split':'ifsplit.length>1{strQuery=split[1]}}}strQuery=strQuery.replace/^\s+|\s+$/g,''var divResult = document.createElement'div'divResult.id = '3BDDE512-9FDF-43f4-91E1-048F5F2BF236'divResult.innerHTML = strQuerydocument.body.appendChilddivResult}catche{}]]></PageQuery>\r\n </browsesite>\r\n <browsesite MatchesDomain=\music.aol.com\ DivId=\3BDDE512-9FDF-43f4-91E1-048F5F2BF236\>\r\n <PageQuery><![CDATA[ try {var strQueryvar metaTags = document.getElementsByTagName'META'for var i=0 i<metaTags.length ++i { if metaTags[i].name.toLowerCase == 'keywords' {var delimIndex = metaTags[i].content.indexOf',' if delimIndex > 0 { strQuery = metaTags[i].content.substring0, delimIndexstrQuery = metaTags[i].content.substring0, delimIndexifstrQuery.indexOf':' > 0 strQuery = strQuery.substring0,strQuery.indexOf':' ifstrQuery.indexOf'' > 0 strQuery = strQuery.substring0,strQuery.indexOf'' var divResult = document.createElement'div'divResult.id = '3BDDE512-9FDF-43f4-91E1-048F5F2BF236'divResult.innerHTML = strQuerydocument.body.appendChilddivResult}}}}catche{}]]></PageQuery>\r\n </browsesite>\r\n <browsesite MatchesDomain=\imdb.com\ HasInUrl=\title\ CannotHaveInUrl=\/doubleclick/\ DivId=\3BDDE512-9FDF-43f4-91E1-048F5F2BF236\>\r\n <PageQuery><![CDATA[ try {var strQueryvar metaTags = document.getElementsByTagName'META'forvar i=0 i<metaTags.length ++i{ifmetaTags[i].name.toLowerCase == 'title'{var content = metaTags[i].content.replace/^\s+|\s+$/g, ''var delimIndex = content.indexOf','ifdelimIndex > 0{strQuery = content.substring0,delimIndex}else ifcontent.length > 0{strQuery = content}strQuery = strQuery.replace/\.*\/g, ''break} } var divResult = document.createElement'div'divResult.id = '3BDDE512-9FDF-43f4-91E1-048F5F2BF236'divResult.innerHTML = strQuerydocument.body.appendChilddivResult }catche{}]]></PageQuery>\r\n </browsesite>\r\n <browsesite MatchesDomain=\imdb.com\ HasInUrl=\name\ CannotHaveInUrl=\/doubleclick/\ DivId=\3BDDE512-9FDF-43f4-91E1-048F5F2BF236\>\r\n <PageQuery><![CDATA[ try {var strQueryvar metaTags = document.getElementsByTagName'META'forvar i=0 i<metaTags.length ++i{ifmetaTags[i].name.toLowerCase == 'title'{var content = metaTags[i].content.replace/^\s+|\s+$/g, ''var delimIndex = content.indexOf','ifdelimIndex > 0{strQuery = content.substring0,delimIndex}else ifcontent.length > 0{strQuery = content}strQuery = strQuery.replace/\.*\/g, ''break}} var divResult = document.createElement'div'divResult.id = '3BDDE512-9FDF-43f4-91E1-048F5F2BF236'divResult.innerHTML = strQuerydocument.body.appendChilddivResult}catche{}]]></PageQuery>\r\n </browsesite>\r\n <browsesite MatchesDomain=\imdb.com\ HasInUrl=\/Sections/Genres/\ DivId=\3BDDE512-9FDF-43f4-91E1-048F5F2BF236\>\r\n <PageQuery><![CDATA[ try {var strQueryvar split = document.URL.split'/'strQuery = split[5] var divResult = document.createElement'div'divResult.id = '3BDDE512-9FDF-43f4-91E1-048F5F2BF236'divResult.innerHTML = strQuerydocument.body.appendChilddivResult}catche{}]]></PageQuery>\r\n </browsesite>\r\n <browsesite MatchesDomain=\last.fm\ HasInUrl=\/music/\ DivId=\3BDDE512-9FDF-43f4-91E1-048F5F2BF236\>\r\n <PageQuery><![CDATA[ try{var strQueryvar split = document.URL.split'/'ifsplit.length>1strQuery = split[4] split = strQuery.split'?'ifsplit.length>0 strQuery = split[0] var divResult = document.createElement'div'divResult.id = '3BDDE512-9FDF-43f4-91E1-048F5F2BF236'divResult.innerHTML = strQuerydocument.body.appendChilddivResult}catche{}]]></PageQuery>\r\n </browsesite>\r\n </browsesites>\r\n\r\n <fallback>\r\n <replace url=\hxxp://gdata.youtube.com/feeds/api/videos?start-index=1&max-results=50&v=2&format=5&q=\>\r\n <replaceid>BF4C0C4D-1219-409d-886F-436D68306B7B</replaceid>\r\n <replaceframe>veohrecs_fr</replaceframe>\r\n </replace>\r\n </fallback>\r\n\r\n <bookmark>\r\n <elements><![CDATA[\nfunction{var window=this,document=window.document,utils=function{return{bind:functionthisArg,name{var func=thisArg[name]if'object'!==typeof thisArg.bound{thisArg.bound={}}\nif'undefined'===typeof thisArg.bound[name]&&'function'===typeof func{thisArg.bound[name]=functione{func.callthisArg,utils.getEvente}}\nreturn thisArg.bound[name]},encode:functiontext{return window.escapetext.replace/&/g,'&'.replace/</g,'<'.replace/>/g,'>'.replace/\\/g,'"'},getEvent:functione{var event=e||window.event,target=event.target||event.srcElementwhiletarget&&target.nodeType===3{target=target.parentNode}\nreturn{document:target.ownerDocument,event:event,target:target,type:event.type,page:{x:event.pageX||event.clientX+document.body.scrollLeft,y:event.pageY||event.clientY+document.body.scrollTop},preventDefault:function{this.event.returnValue=falseifthis.event.preventDefault{this.event.preventDefault}\nreturn this},stopPropagation:function{this.event.cancelBubble=trueifthis.event.stopPropagation{this.event.stopPropagation}\nreturn this},stop:function{return this.stopPropagation.preventDefault}}},log:functionmessage{var logDiv=document.getElementById'com_veoh_logDiv',newDiv=document.createElement'div'iflogDiv===null{logDiv=document.createElement'div'logDiv.setAttribute'id','com_veoh_logDiv'logDiv.style.position='absolute'logDiv.style.top='0px'logDiv.style.right='0px'logDiv.style.backgroundColor='white'logDiv.style.border='1px solid black'logDiv.style.padding='5px'logDiv.style.textAlign='left'logDiv.style.width='300px'logDiv.style.zIndex='9999999'document.getElementsByTagName'body'[0].appendChildlogDiv}\nnewDiv.innerHTML=messagelogDiv.appendChildnewDiv},logError:functione{var message=''iftypeof e==='object'{message=e+' with message: '+e.message||'none'}else{message=e}\nutils.log'Caught error: '+message}}},elements=function{var Element=functionselector{iftypeof selector==='string'{this.id=selectorthis.el=document.getElementByIdselector}else ifselector&&selector.getAttribute{this.id=selector.getAttribute'id'this.el=selector}else ifselector{this.id=''this.el=selector}else{this.id=''this.el=null}},Draggable=functionelement,options{options=options||{}this.element=elementthis.handle=options.handle||elementthis.events={start:options.start,stop:options.stop}}Element.prototype={addEvents:functionhash{forvar name in hash{iftypeof name==='string'&&this.el{ifthis.el.attachEvent{this.el.attachEvent'on'+name,hash[name]}else ifthis.el.addEventListener{this.el.addEventListenername,hash[name],false}}}\nreturn this},removeEvents:functionhash{forvar name in hash{iftypeof name==='string'&&this.el{ifthis.el.detachEvent{this.el.detachEvent'on'+name,hash[name]}else ifthis.el.removeEventListener{this.el.removeEventListenername,hash[name],false}}}\nreturn this},getParent:function{returnthis.el&&this.el.parentNode?elements.getElementthis.el.parentNode:null},getTag:function{returnthis.el&&this.el.nodeName?this.el.nodeName.toLowerCase:undefined},getPosition:function{returnthis.el&&this.el.style?{x:parseIntthis.el.style.left,10,y:parseIntthis.el.style.top,10}:{}},setPosition:functionpos{ifthis.el&&this.el.style{this.el.style.left=pos.x+'px'this.el.style.top=pos.y+'px'}\nreturn this},getOffset:functionadjust{var container=this.el,offset={x:0,y:0}whilecontainer!==undefined&&container!==null{offset.x+=container.offsetLeftoffset.y+=container.offsetTopcontainer=container.offsetParent}\niftypeof adjust==='object'{iftypeof adjust.x==='number'{offset.x+=adjust.x}\niftypeof adjust.y==='number'{offset.y+=adjust.y}}\nreturn offset},getStyle:functionname{var style=nullifthis.el&&this.el.style&&typeof name==='string'{style=this.el.style[name]}\nreturn style},setStyles:functionhash{forvar name in hash{iftypeof name==='string'&&this.el&&this.el.style{this.el.style[name]=hash[name]}}\nreturn this},getOuterHtml:function{var tmp,html=nullifthis.el{ifthis.el.outerHTML{html=this.el.outerHTML}else{tmp=elements.getElement.create'div'.appendToelements.getBody.setStyles{display:'none'}elements.getElementthis.el.cloneNodetrue.appendTotmphtml=tmp.getInnerHtmltmp.remove}}\nreturn html},getInnerHtml:function{var html=''ifthis.el&&this.el.innerHTML{html=this.el.innerHTML}\nreturn html},setHtml:functionhtml{ifthis.el{this.el.innerHTML=html}\nreturn this},replaceHtml:functiontoken,html{ifthis.el&&this.el.innerHTML{this.el.innerHTML=this.el.innerHTML.replacetoken,html}\nreturn this},get:functionname{returnthis.el&&this.el.getAttribute?this.el.getAttributename:null},set:functionhash{forvar name in hash{iftypeof name==='string'&&this.el&&this.el.setAttribute{this.el.setAttributename,hash[name]}}\nreturn this},rem:functionname{ifthis.el&&this.el.removeAttribute{this.el.removeAttributename}\nreturn this},appendTo:functionother{ifother.el&&other.el.appendChild{other.el.appendChildthis.el}\nreturn this},insertInto:functionother{ifother.el.firstChild&&other.el.insertBefore{other.el.insertBeforethis.el,other.el.firstChild}else{this.appendToother}\nreturn this},remove:function{this.cleanifthis.el&&this.el.parentNode{this.el.parentNode.removeChildthis.el}\nthis.el=nullreturn this},create:functiontype{ifthis.el===null{this.el=document.createElementtypethis.set{id:this.id}}\nreturn this},makeDraggable:functionoptions{ifthis.draggable{this.draggable.clean}\nthis.draggable=new Draggablethis,optionsthis.draggable.initreturn this},resetDraggable:function{ifthis.draggable{this.draggable.reset}\nreturn this},clean:function{ifthis.draggable{this.draggable.clean}}}Draggable.prototype={events:{},position:{},start:functionevent{ifthis.events.start&&typeof this.events.start==='function'{this.events.start.callthis.element}\nthis.position.relative=this.element.getPositionthis.position.relative={x:event.page.x-this.position.relative.x,y:event.page.y-this.position.relative.y}elements.getElementevent.document.addEvents{mousemove:utils.bindthis,'drag',mouseup:utils.bindthis,'stop',mousedown:utils.bindthis,'eventStop',selectstart:utils.bindthis,'eventStop'}},drag:functionevent{this.element.setPosition{x:event.page.x-this.position.relative.x,y:event.page.y-this.position.relative.y}},stop:functionevent{ifthis.events.stop&&typeof this.events.stop==='function'{this.events.stop.callthis.element}\nelements.getElementevent.document.removeEvents{mousemove:utils.bindthis,'drag',mouseup:utils.bindthis,'stop',mousedown:utils.bindthis,'eventStop',selectstart:utils.bindthis,'eventStop'}},eventStop:functionevent{event.stop},reset:functionevent{this.element.setPositionthis.position.initial},init:function{this.handle.addEvents{mousedown:utils.bindthis,'start'}this.position.initial=this.element.getPosition},clean:function{this.handle.removeEvents{mousedown:utils.bindthis,'start'}}}return{getElement:functionselector{return new Elementselector},getPrototype:function{return Element.prototype},getElementList:functionname{return document.getElementsByTagNamename},getBody:function{return this.getElementthis.getElementList'body'[0]},getHead:function{return this.getElementthis.getElementList'head'[0]},getMetadata:functionname{var i=0,content=null,metadata=this.getElementList'meta'fori=0i<metadata.lengthi+=1{ifname===metadata[i].name{content=metadata[i].contentbreak}}\nreturn content},getProperty:functionname{return document[name]}}}window.veoh=function{return this}window.veoh.elements=elementswindow.veoh.utils=utils}]]></elements>\r\n <injest><![CDATA[\nfunction{var window=this,elements=window.veoh.elements,utils=window.veoh.utils,baseUrl=window.veoh.baseUrl||'hxxp://www.veoh.com/',ingest=function{var Button=functionindex,embed{this.alt=''this.anchor=nullthis.button=nullthis.form=nullthis.frame=nullthis.embed=embedthis.index=indexthis.loaded=falsethis.hideHandle=nullthis.moveHandle=nullthis.moveIncrement=5this.offset={x:0,y:0}this.src='images/ingest.png'this.title='Add to Veoh playlist'this.height=30this.width=55},Frame=function{this.dragBox=nullthis.dragClose=nullthis.dragTitle=nullthis.dragFrame=nullthis.loaded=false},Form=function{this.form=nullthis.loaded=false}Button.prototype={init:functionframe,form{if!this.loaded{this.button=elements.getElement'com_veoh_ingestButton'.create'div'.appendToelements.getBody.setStyles{position:'absolute',height:'0px',width:this.width+'px',overflow:'hidden',zIndex:'10000'}this.anchor=elements.getElement'com_veoh_open'.create'a'.appendTothis.button.set{href:'#',title:this.title}.setHtml'<img border=\0\ alt=\'+this.alt+'\ height=\'+this.height+'\ width=\'+this.width+'\ src=\'+baseUrl+this.src+'\ />'this.anchor.addEvents{click:utils.bindthis,'click'}this.button.addEvents{mouseover:utils.bindthis,'show',mouseout:utils.bindthis,'hide'}this.embed.addEvents{mouseover:utils.bindthis,'show',mouseout:utils.bindthis,'hide'}this.loaded=true}\nthis.frame=framethis.form=formthis.anchor.set{'com_veoh_index':this.index,'id':'com_veoh_open'+this.index}this.button.set{'com_veoh_index':this.index,'id':'com_veoh_ingestButton'+this.index}this.embed.set{'com_veoh_index':this.index}ifthis.button.getStyle'height'==='0px'{this.offset=this.embed.getOffsetthis.button.setPositionthis.offset}\nreturn this},clean:function{ifthis.loaded{this.anchor.removeEvents{click:utils.bindthis,'click'}this.button.removeEvents{mouseover:utils.bindthis,'show',mouseout:utils.bindthis,'hide'}this.embed.removeEvents{mouseover:utils.bindthis,'show',mouseout:utils.bindthis,'hide'}this.button.removethis.embed.rem'com_veoh_index'this.anchor=nullthis.button=nullthis.embed=nullthis.frame=nullthis.form=nullthis.offset={x:0,y:0}this.loaded=false}\nreturn this},setIndex:functionindex{this.index=indexreturn this},isOrphan:function{var node=this.embedwhilenode&&node.el&&node.el!==elements.getBody.el{node=node.getParent}\nreturn!node&&node.el&&node.el===elements.getBody.el},click:functionevent{iftypeof this.form==='object'&&typeof this.frame==='object'{this.form.submitthis.embed.getOuterHtml,this.embed.el.offsetWidth,this.embed.el.offsetHeightthis.frame.openthis.embed.getOffset{x:this.embed.el.offsetWidth+10}}\nevent.preventDefault},show:functionevent{var initialY=this.offset.y,targetY=this.offset.y-this.heightiftypeof this.button==='object'&&typeof this.button.growShrinkY==='function'{window.clearTimeoutthis.hideHandlethis.button.growShrinkYinitialY,targetY,this.moveIncrement,this}},hide:functionevent{var thisArg=this,initialY=this.offset.y,targetY=initialY,hide=function{iftypeof thisArg.button==='object'&&typeof thisArg.button.growShrinkY==='function'{thisArg.button.growShrinkYinitialY,targetY,thisArg.moveIncrement,thisArg}}window.clearTimeoutthis.hideHandlethis.hideHandle=window.setTimeouthide,500}}Frame.prototype={init:function{if!this.loaded{this.dragBox=elements.getElement'com_veoh_dragBox'.create'div'.appendToelements.getBody.setStyles{backgroundColor:'#ffffff',border:'4px groove',cursor:'move',display:'none',fontSize:'12px',position:'absolute',height:'auto',width:'300px',top:'0px',left:'0px',zIndex:20000}.setHtml'<a id=\com_veoh_dragClose\ href=\></a>'+'<h2 id=\com_veoh_dragTitle\></h2>'+'<iframe id=\com_veoh_dragFrame\ name=\com_veoh_dragFrame\ src=\about:blank\></iframe>'this.dragClose=elements.getElement'com_veoh_dragClose'.set{href:'#',title:'Close'}.setStyles{background:'transparent url'+baseUrl+'images/veoh_sprite.gif no-repeat scroll -73px 0px',cursor:'pointer',position:'absolute',height:'14px',width:'14px',top:'10px',right:'10px',zIndex:30000}this.dragTitle=elements.getElement'com_veoh_dragTitle'.setStyles{borderBottom:'1px dotted #d7d7d7',color:'#444444',font:'bold 1.25em \Lucida Grande\,Tahoma,Arial,Helvetica,sans-serif',margin:'10px 10px 0px 10px',paddingBottom:'5px',textAlign:'left'}.setHtml'Add to Veoh playlist'this.dragFrame=elements.getElement'com_veoh_dragFrame'.set{frameborder:'0',height:'250',width:'300',scrolling:'yes'}.setStyles{marginTop:'1px'}this.dragBox.makeDraggable{start:function{elements.getElement'com_veoh_iframeFix'.create'div'.setStyles{opacity:'0.001',position:'absolute',height:'250px',width:'300px',left:'0px',top:'0px',zIndex:1000}.appendTothis},stop:function{elements.getElement'com_veoh_iframeFix'.remove}}this.dragClose.addEvents{click:utils.bindthis,'close',mouseover:utils.bindthis,'closeFocus',mouseout:utils.bindthis,'closeBlur'}}\nreturn this},clean:function{ifthis.loaded{this.dragClose.removeEvents{click:utils.bindthis,'close',mouseover:utils.bindthis,'closeFocus',mouseout:utils.bindthis,'closeBlur'}this.dragBox.cleanthis.dragBox.removethis.dragBox=nullthis.dragClose=nullthis.dragFrame=nullthis.dragTitle=nullthis.loaded=false}\nreturn this},open:functionoffset{iftypeof this.dragBox==='object'{this.dragBox.setPositionoffsetthis.dragBox.setStyles{display:'block'}}},close:functionevent{iftypeof this.dragBox==='object'&&typeof this.dragFrame==='object'{this.dragBox.setStyles{display:'none'}this.dragFrame.set{src:'about:blank'}}\nevent.preventDefault},closeFocus:functionevent{iftypeof this.dragClose==='object'{this.dragClose.setStyles{backgroundPosition:'-73px -14px'}}},closeBlur:functionevent{iftypeof this.dragClose==='object'{this.dragClose.setStyles{backgroundPosition:'-73px 0px'}}}}Form.prototype={init:function{if!this.loaded{this.form=elements.getElement'com_veoh_ingestForm'.create'form'.appendToelements.getBody.set{action:baseUrl+'ingest',method:'post',target:'com_veoh_dragFrame'}.setHtml'<input id=\com_veoh_ingestForm_title\ name=\title\ type=\hidden\ value=\ />'+'<input id=\com_veoh_ingestForm_url\ name=\url\ type=\hidden\ value=\ />'+'<input id=\com_veoh_ingestForm_width\ name=\width\ type=\hidden\ value=\ />'+'<input id=\com_veoh_ingestForm_height\ name=\height\ type=\hidden\ value=\ />'+'<textarea id=\com_veoh_ingestForm_embedCode\ name=\embed_code\ style=\display:none\></textarea>'+'<textarea id=\com_veoh_ingestForm_pageText\ name=\page_text\ style=\display:none\></textarea>'}\nreturn this},clean:function{ifthis.loaded{this.form.removethis.form=nullthis.loaded=false}},submit:functionembedHtml,width,height{var name='',item='',fields={}iftypeof this.form==='object'{fields.embedCode=embedHtmlfields.width=''+widthfields.height=''+heightfields.title=elements.getMetadata'title'||elements.getProperty'title'fields.url=elements.getProperty'URL'fields.pageText=''forname in fields{iftypeof fields[name]==='string'{item=elements.getElement'com_veoh_ingestForm_'+nameif'input'===item.getTag{item.set{value:utils.encodefields[name]}}else{item.setHtmlutils.encodefields[name]}}}\nthis.form.el.submit}}}return{buttonList:[],form:null,frame:null,attempt:functioninterval,limit{var blacklist={'hulu':'www.hulu.com','veoh':'www.veoh.com'}try{if!this.isBlacklistedHostdocument.URL,blacklist{this.initinterval,limit}}catche{}},init:functioninterval,limit{var timer=null,init=function{var i=0iflimit===0{window.clearIntervaltimerreturn}else iflimit>0{limit-=1}\nfori=0i<this.buttonList.lengthi+=1{ifthis.buttonList[i]&&this.buttonList[i].isOrphan{this.buttonList[i].cleanthis.buttonList[i]=null}}\nthis.buttonList=this.getButtonsthis.buttonListifthis.buttonList.length>0{this.form=this.form||this.getFormthis.frame=this.frame||this.getFramefori=0i<this.buttonList.lengthi+=1{ifthis.buttonList[i]{this.buttonList[i].initthis.frame,this.form}}}},callInit=function{init.callingest},unload=function{ingest.clean.callingest}interval=interval||0limit=limit||1init.callthisifinterval>0{window.setIntervalcallInit,interval*1000}\nelements.getElementwindow.addEvents{'unload':unload}},clean:function{ifthis.form{this.form.cleanthis.form=null}\nifthis.frame{this.frame.cleanthis.frame=null}\nforvar i=0i<this.buttonList.lengthi+=1{ifthis.buttonList[i]{this.buttonList[i].cleanthis.buttonList[i]=null}}\nthis.buttonList=[]},getButtons:functionexistingButtons{var buttonList=[],processTagList=functiontag,baseIndex{var i=0,j=0,item=null,parent=null,list=elements.getElementListtagbaseIndex=baseIndex||0fori=0i<list.lengthi+=1{iflist[i]{item=elements.getElementlist[i]parent=item.getParentif!item.get'processed'{ifingest.isVideoEmbeditem{buttonList[i]=new Buttoni,item}\nitem.set{'processed':'true'}if'object'===parent.getTag{parent.set{'processed':'true'}}}else{j=window.parseIntitem.get'com_veoh_index'if!window.isNaNj&&existingButtons[j]{buttonList[i]=existingButtons[j].setIndexi}}}}}existingButtons=existingButtons||[]processTagList'embed'processTagList'object',buttonList.lengthreturn buttonList},getForm:function{var form=new Formreturn form.init},getFrame:function{var frame=new Framereturn frame.init},getSourceUrl:functionembed{var embedList=null,paramList=null,i=0,url=embed.src||embed.dataif!url{paramList=embed.getElementsByTagName'param'ifparamList&¶mList.length>0{fori=0i<paramList.lengthi+=1{ifparamList[i].name==='movie'{url=paramList[i].value}}}}\nif!url{embedList=embed.getElementsByTagName'embed'ifembedList&&embedList.length>0{url=embedList[0].src}}\nreturn url},isBlacklistedHost:functionurl,blacklist{forvar name in blacklist{ifurl.indexOf'hxxp://'+blacklist[name]===0{return true}}\nreturn false},isVideoEmbed:functionitem{var embed=item.el,name='',sourceURL='',adSizes={'mediumRectangle':{w:300,h:250},'squarePopup':{w:250,h:250},'verticalRectangle':{w:240,h:400},'largeRectangle':{w:336,h:280},'rectangle':{w:180,h:150},'3x1Rectangle':{w:300,h:100},'popUnder':{w:720,h:300},'fullBanner':{w:468,h:60},'halfBanner':{w:234,h:60},'microBar':{w:88,h:31},'button1':{w:120,h:90},'button2':{w:120,h:60},'verticalBanner':{w:120,h:240},'squareButton':{w:125,h:125},'leaderboard':{w:768,h:90},'wideSkyscraper':{w:160,h:600},'skyscraper':{w:120,h:600},'halfPageAd':{w:300,h:600},'1x1Pixel':{w:1,h:1},'120x20Button':{w:120,h:20},'300x60Rectangle':{w:300,h:60},'970x100Banner':{w:970,h:100},'970x250Banner':{w:970,h:250}},hostBlacklist={'m1.2mdn.net':'m1.2mdn.net'}if!embed{return false}\nsourceURL=this.getSourceUrlembedif!sourceURL||sourceURL.indexOf'hxxp://'!==0{return false}\nifthis.isBlacklistedHostsourceURL,hostBlacklist{return false}\nif900<embed.offsetWidth{return false}\nif0<embed.offsetHeight&&embed.offsetHeight<200{return false}\nifembed.height===\0\||embed.width===\0\{return false}\nforname in adSizes{ifadSizes[name].w===embed.offsetWidth&&adSizes[name].h===embed.offsetHeight{return false}else ifadSizes[name].w==embed.width&&adSizes[name].h==embed.height{return false}}\nreturn true}}}window.veoh.elements.getPrototype.growShrinkY=functioninitialY,targetY,increment,hContainer{var thisArg=this,currentY=thisArg.getPosition.y,move=function{iftargetY<currentY{currentY=Math.maxtargetY,currentY-incrementthisArg.setStyles{top:currentY+'px',height:initialY-currentY+'px'}}else iftargetY>currentY{currentY=Math.mintargetY,currentY+incrementthisArg.setStyles{top:currentY+'px',height:initialY-currentY+'px'}}else{window.clearIntervalhContainer.moveHandle}}iftargetY!==currentY{window.clearIntervalhContainer.moveHandlehContainer.moveHandle=window.setIntervalmove,1}}window.veoh.ingest=ingest}]]></injest>\r\n <injestInit><![CDATA[veoh.ingest.attempt5,-1]]></injestInit>\r\n </bookmark>\r\n </results>\r\n \r\n\r\n\r\n
.
.
* Internet Explorer Version 8.0.6001.18865 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Start Page: hxxp://fr.msn.com/
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Do404Search: 01000000
Local Page: C:\Windows\system32\blank.htm
Show_ToolBar: yes
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page Redirect Cache: hxxp://fr.msn.com/?ocid=iehp
Start Page Redirect Cache_TIMESTAMP: f2202369407bca01
Start Page Redirect Cache AcceptLangs: fr
Enable Browser Extensions: yes
Use Search Asst: no
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Start Page: hxxp://fr.msn.com/
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\Windows\System32\blank.htm
Enable Browser Extensions: yes
Use Search Asst: no
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
===================================
.
43804 Octet(s) - C:\Ad-Report-CLEAN[1].log
.
0 Fichier(s) - C:\Users\4t535sa\AppData\Local\Temp
1 Fichier(s) - C:\Windows\Temp
0 Fichier(s) - C:\Windows\Prefetch
.
20 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
17629 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
.
Fin à: 14:00:44 | 13/12/2009 - CLEAN[1]
.
============== E.O.F ==============
.
.
======= RAPPORT D'AD-REMOVER 1.1.4.6_E | UNIQUEMENT XP/VISTA/7 =======
.
Mit à jour par C_XX le 12.12.2009 à 22:46
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 13:06:24, 13/12/2009 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-Remover\
Système d'exploitation: Microsoft® Windows Vista™ Home Premium Service Pack 1 v6.0.6001
Nom du PC: MARIE | Utilisateur actuel: 4t535sa
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
C:\Users\4t535sa\AppData\Roaming\DesktopIcon
C:\Windows\Installer\{E1B94435-241E-4519-B1C3-C4DD9EB352A2}
C:\Users\4t535sa\AppData\LocalLow\FunWebProducts
C:\Program Files\Automated Content Enhancer
C:\Program Files\Content Management Wizard
C:\Program Files\Customized Platform Advancer
C:\Program Files\Fast Browser Search
C:\Program Files\HottieStar Toolbar
C:\Program Files\Iminent
C:\Program Files\Internet Today
C:\Program Files\Textual Content Provider
C:\Program Files\Web Search Operator
C:\Users\Public\MyWebTattoo.exe
C:\Users\4t535sa\AppData\Local\Temp\cmw
C:\Users\4t535sa\AppData\Roaming\MICROS~1\Windows\STARTM~1\Ebay.lnk
C:\Program Files\Windows Live\Messenger\Riched20.dll
C:\Users\4t535sa\AppData\Local\mesyiok.bat
C:\Users\4t535sa\AppData\Local\qaoiw_nav.dat
C:\Users\4t535sa\AppData\Local\qaoiw_navps.dat
(!) -- Fichiers temporaires supprimés.
.
HKCU\software\appdatalow\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
HKCU\software\appdatalow\software\CMW
HKCU\software\appdatalow\software\Fun Web Products
HKCU\software\appdatalow\software\FunWebProducts
HKCU\software\appdatalow\software\Media Access Startup
HKCU\software\appdatalow\software\MyWebSearch
HKCU\software\appdatalow\software\Web Search Operator
HKCU\software\fcn
HKCU\software\HottieStar Toolbar
HKCU\software\Iminent
HKCU\Software\Microsoft\Explorer\Bars\{B72681C0-A222-4b21-A0E2-53A5A5CA3D411}
HKCU\software\microsoft\internet explorer\searchscopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{100eb1fd-d03e-47fd-81f3-ee91287f9465}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B2}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B3}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D45817B8-3EAD-4D1D-8FCA-EC63A8E35DE2}
HKCU\software\MyWebSearch
HKLM\software\appdatalow\software\Internet Today
HKLM\software\appdatalow\software\Web Search Operator
HKLM\Software\Classes\CLSID\{1D74E9DD-8987-448b-B2CB-67FFF2B8A932}
HKLM\Software\Classes\CLSID\{42C7C39F-3128-4a17-BDB7-91C46032B5B9}
HKLM\Software\Classes\CLSID\{B72681C0-A222-4b21-A0E2-53A5A5CA3D41}
HKLM\Software\Classes\CLSID\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
HKLM\Software\Classes\CLSID\{EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431}
HKLM\software\classes\ExplorerBar.CMW
HKLM\software\classes\ExplorerBar.CMW.1
HKLM\software\classes\ExplorerBar.FunExplorer
HKLM\software\classes\ExplorerBar.FunExplorer.1
HKLM\software\classes\ExplorerBar.FunRedirector
HKLM\software\classes\ExplorerBar.FunRedirector.1
HKLM\Software\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
HKLM\Software\Classes\Interface\{629CD6C2-E4C5-4554-AEB8-12E4E2CD40FF}
HKLM\Software\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
HKLM\Software\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
HKLM\Software\Classes\TypeLib\{2A743834-05F4-4ED4-8A1C-41332B10AC0C}
HKLM\Software\Classes\TypeLib\{565DD573-549E-4DA9-8CD7-6AE3DF25339A}
HKLM\Software\Classes\TypeLib\{883DFC00-8A21-411D-956C-73A4E4B7D16F}
HKLM\Software\Classes\TypeLib\{AC5AB953-ED25-4F9C-87F0-B086B0178FFA}
HKLM\Software\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
HKLM\Software\Classes\TypeLib\{F5B8C69C-9B45-4A6A-9380-DF225C546AE7}
HKLM\software\Fun Web Products
HKLM\software\FunWebProducts
HKLM\software\Iminent
HKLM\software\Media Access Startup
HKLM\Software\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48DD-9B6D-7A13A3E42127}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40FD-8DAE-FF14757F60C7}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}
HKLM\Software\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1D74E9DD-8987-448b-B2CB-67FFF2B8A932}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42C7C39F-3128-4a17-BDB7-91C46032B5B9}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B72681C0-A222-4b21-A0E2-53A5A5CA3D41}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431}
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Internet Today Task
HKLM\software\microsoft\windows\currentversion\uninstall\mesyiok
HKLM\software\MyWebSearch
HKLM\software\Web Search Operator
HKU\s-1-5-21-3342945683-524478780-2405861698-1000\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
HKU\S-1-5-21-3342945683-524478780-2405861698-1000\Software\Microsoft\Internet Explorer\Searchscopes\{56256A51-B582-467E-B8D4-7786EDA79AE0}
.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.0.15 [fr] *
.
Nom du profil: toud1btm.default (4t535sa)
.
(4t535sa, prefs.js) Browser.download.dir, C:\Users\4t535sa\Downloads
(4t535sa, prefs.js) Browser.download.lastDir, C:\Users\4t535sa\Pictures\sujet AP\Espcae Perso
(4t535sa, prefs.js) Browser.search.defaultenginename, Winamp Search
(4t535sa, prefs.js) Browser.search.defaulturl, hxxp://slirsredirect.search.aol.com/slirs_hxxp/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=
(4t535sa, prefs.js) Browser.search.selectedEngine, YouGoo
(4t535sa, prefs.js) Browser.startup.homepage, hxxp://www.theprizeday.com/today.php|hxxp://fr.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official\n
.
(4t535sa, prefs.js) EFFACE - Extensions.veohsearchrecs.SupportedSites, <?xml version=\1.0\ ?>\r\n<results revision=\1.5.2\>\r\n <sites>\r\n <searchsite MatchesDomain=\google.\ MatchesPath=\/search\ HasInUrl=\&q=\ SearchQuery=\&q=\></searchsite>\r\n <searchsite MatchesDomain=\google.\ MatchesPath=\/search\ HasInUrl=\?q=\ SearchQuery=\?q=\></searchsite>\r\n <searchsite MatchesDomain=\bing.com\ HasInUrl=\?q=\ SearchQuery=\?q=\></searchsite>\r\n <searchsite MatchesDomain=\news.google.com\ HasInUrl=\?q=\ SearchQuery=\?q=\></searchsite>\r\n <searchsite MatchesDomain=\news.google.com\ HasInUrl=\&q=\ SearchQuery=\&q=\></searchsite>\r\n <searchsite MatchesDomain=\youtube.com\ HasInUrl=\search_query=\ SearchQuery=\search_query=\></searchsite>\r\n <searchsite MatchesDomain=\search.yahoo.com\ HasInUrl=\?p=\ SearchQuery=\?p=\></searchsite>\r\n <searchsite MatchesDomain=\search.yahoo.com\ HasInUrl=\&p=\ SearchQuery=\&p=\></searchsite>\r\n <searchsite MatchesDomain=\ask.com\ MatchesPath=\/web\ HasInUrl=\?q=\ SearchQuery=\?q=\></searchsite>\r\n <searchsite MatchesDomain=\ask.com\ MatchesPath=\/web\ HasInUrl=\&q=\ SearchQuery=\&q=\></searchsite>\r\n <searchsite MatchesDomain=\ask.com\ MatchesPath=\/video\ HasInUrl=\&q=\ SearchQuery=\&q=\></searchsite>\r\n <searchsite MatchesDomain=\search.live.com\ HasInUrl=\?q=\ SearchQuery=\?q=\></searchsite>\r\n <searchsite MatchesDomain=\search.msn.com\ HasInUrl=\&q=\ SearchQuery=\&q=\></searchsite>\r\n <searchsite MatchesDomain=\wikipedia.org\ SearchQuery=\?search=\></searchsite>\r\n <searchsite MatchesDomain=\amazon.com\ HasInUrl=\field-keywords=\ SearchQuery=\field-keywords=\></searchsite>\r\n <searchsite MatchesDomain=\amazon.com\ HasInUrl=\&keywords=\ SearchQuery=\&keywords=\></searchsite>\r\n <searchsite MatchesDomain=\bestbuy.com\ HasInUrl=\&st=\ SearchQuery=\&st=\ CannotHaveInUrl=\skuId=\></searchsite>\r\n <searchsite MatchesDomain=\bestbuy.com\ HasInUrl=\&searchterm=\ SearchQuery=\&searchterm=\ CannotHaveInUrl=\skuId=\></searchsite>\r\n <searchsite MatchesDomain=\.aol.\ HasInUrl=\&query=\ SearchQuery=\&query=\></searchsite>\r\n <searchsite MatchesDomain=\.aol.\ MatchesPath=\/search\ HasInUrl=\&q=\ SearchQuery=\&q=\></searchsite>\r\n <searchsite MatchesDomain=\music.yahoo.com\ MatchesPath=\/search\ HasInUrl=\&p=\ SearchQuery=\&p=\></searchsite>\r\n <searchsite MatchesDomain=\walmart.com\ MatchesPath=\/search\ SearchQuery=\search_query=\></searchsite>\r\n <searchsite MatchesDomain=\imdb.com\ MatchesPath=\/find\ HasInUrl=\&q=\ SearchQuery=\&q=\></searchsite>\r\n <searchsite MatchesDomain=\searchservice.myspace.com\ HasInUrl=\&qry=\ SearchQuery=\&qry=\></searchsite>\r\n <searchsite MatchesDomain=\last.fm\ MatchesPath=\/search\ HasInUrl=\&q=\ SearchQuery=\&q=\></searchsite>\r\n <searchsite MatchesDomain=\last.fm\ MatchesPath=\/search\ HasInUrl=\?q=\ SearchQuery=\?q=\></searchsite>\r\n <searchsite MatchesDomain=\ebay.com\ SearchQuery=\_nkw=\></searchsite>\r\n <searchsite MatchesDomain=\craigslist.org\ HasInUrl=\search/\ SearchQuery=\query=\ CannotHaveInUrl=\/ers/\></searchsite>\r\n <searchsite MatchesDomain=\craigslist.org\ HasInUrl=\search/\ SearchQuery=\query=\ CannotHaveInUrl=\/cas/\></searchsite>\r\n <searchsite MatchesDomain=\craigslist.org\ HasInUrl=\search/\ SearchQuery=\query=\ CannotHaveInUrl=\/apa/\></searchsite>\r\n <searchsite MatchesDomain=\craigslist.org\ HasInUrl=\search/\ SearchQuery=\query=\ CannotHaveInUrl=\/stp/\></searchsite>\r\n <searchsite MatchesDomain=\dailymotion.com\ HasInUrl=\/search/\ SearchQuery=\/search/\></searchsite>\r\n <searchsite MatchesDomain=\fancast.com\ HasInUrl=\/search/?s=\ SearchQuery=\?s=\></searchsite>\r\n <searchsite MatchesDomain=\metacafe.com\ HasInUrl=\/tags/\ SearchQuery=\/tags/\></searchsite>\r\n <searchsite MatchesDomain=\search.twitter.com\ HasInUrl=\/search?q=\ SearchQuery=\?q=\></searchsite>\r\n <searchsite MatchesDomain=\hulu.com\ HasInUrl=\?query=\ SearchQuery=\?query=\></searchsite>\r\n <searchsite MatchesDomain=\cnn.com\ HasInUrl=\/search.jsp\ SearchQuery=\query=\></searchsite>\r\n <searchsite MatchesDomain=\flickr.com\ MatchesPath=\/search\ HasInUrl=\?q=\ SearchQuery=\?q=\></searchsite>\r\n <searchsite MatchesDomain=\flickr.com\ MatchesPath=\/search\ HasInUrl=\&q=\ SearchQuery=\&q=\></searchsite>\r\n <searchsite MatchesDomain=\photobucket.com\ HasInUrl=\/images/\ SearchQuery=\/images/\></searchsite>\r\n <searchsite MatchesDomain=\digg.com\ HasInUrl=\search?s=\ SearchQuery=\search?s=\></searchsite>\r\n <searchsite MatchesDomain=\megavideo.com\ HasInUrl=\?c=search\ SearchQuery=\&s=\></searchsite>\r\n </sites>\r\n\r\n\r\n <browsesites>\r\n <excludedsite Url=\hxxp://www.wikipedia.org/\/>\r\n <excludedsite Url=\hxxp://www.amazon.com/\/>\r\n <excludedsite Url=\hxxp://wikipedia.org/\/>\r\n <excludedsite Url=\hxxp://amazon.com/\/>\r\n <excludedsite Url=\hxxp://www.imeem.com/\/>\r\n <excludedsite Url=\hxxp://www.walmart.com/\/>\r\n <excludedsite Url=\hxxp://www.bestbuy.com/\/>\r\n <excludedsite Url=\hxxp://www.ebay.com/\/>\r\n <excludedsite Url=\hxxp://www.imdb.com/\/>\r\n <excludedsite Url=\hxxp://vids.myspace.com/\/>\r\n <excludedsite Url=\hxxp://new.music.yahoo.com/\/>\r\n <excludedsite Url=\hxxp://www.aol.com/\/>\r\n <excludedsite Url=\hxxp://www.imdb.com/\/>\r\n <excludedsite Url=\hxxp://www.aol.com/main.adp?adp=1\/>\r\n <excludedsite Url=\hxxp://www.bestbuy.com/site/olspage.jsp?type=category&id=cat00000\/>\r\n <excludedsite Url=\hxxp://it.wikipedia.org/wiki/Pagina_principale\/>\r\n <excludedsite Url=\hxxp://fr.wikipedia.org/wiki/Accueil\/>\r\n <excludedsite Url=\hxxp://ja.wikipedia.org/wiki/\/>\r\n <excludedsite Url=\hxxp://es.wikipedia.org/wiki/Wikipedia:Portada\/>\r\n <excludedsite Url=\hxxp://en.wikipedia.org/wiki/Portal:Contents\/>\r\n <excludedsite Url=\hxxp://en.wikipedia.org/wiki/Main_Page\/>\r\n <excludedsite Url=\hxxp://de.wikipedia.org/wiki/Hauptseite\/>\r\n <excludedsite Url=\hxxp://de.wikipedia.org/wiki/Wikipedia:Hauptseite\/>\r\n <excludedsite Url=\hxxp://i.media-imdb.com/3pads/kanoodle-title-sky.html\/>\r\n <excludedsite Url=\hxxp://i.media-imdb.com/3pads/kanoodle-name-sky.html\/>\r\n\r\n <browsesite MatchesDomain=\wikipedia.org\ CannotHaveInUrl=\Main_Page\ DivId=\3BDDE512-9FDF-43f4-91E1-048F5F2BF236\>\r\n <PageQuery><![CDATA[ try {var strQueryvar metaTags = document.getElementsByTagName'META'for var i=0 i<metaTags.length ++i { if metaTags[i].name.toLowerCase == 'keywords' {var delimIndex = metaTags[i].content.indexOf',' if delimIndex > 0 { strQuery = metaTags[i].content.substring0, delimIndexstrQuery = metaTags[i].content.substring0, delimIndexifstrQuery.indexOf':' > 0 strQuery = strQuery.substring0,strQuery.indexOf':' ifstrQuery.indexOf'' > 0 strQuery = strQuery.substring0,strQuery.indexOf'' var divResult = document.createElement'div'divResult.id = '3BDDE512-9FDF-43f4-91E1-048F5F2BF236'divResult.innerHTML = strQuerydocument.body.appendChilddivResult}}}}catche{}]]></PageQuery>\r\n </browsesite>\r\n <browsesite MatchesDomain=\amazon.com\ CannotHaveInUrl=\homepage.html\ HasInUrl=\?\ DivId=\3BDDE512-9FDF-43f4-91E1-048F5F2BF236\>\r\n <PageQuery><![CDATA[try{var strQueryvar metaTags = document.getElementsByTagName'META'for var i=0 i<metaTags.length ++i {if metaTags[i].name.toLowerCase == 'keywords' {var delimIndex = metaTags[i].content.indexOf','if delimIndex > 0 {strQuery = strQuery = metaTags[i].content.substring0, delimIndexifstrQuery.indexOf':' > 0 strQuery = strQuery.substring0,strQuery.indexOf':'ifstrQuery.indexOf'' > 0 strQuery = strQuery.substring0,strQuery.indexOf''var divResult = document.createElement'div'divResult.id = '3BDDE512-9FDF-43f4-91E1-048F5F2BF236'divResult.innerHTML = strQuerydocument.body.appendChilddivResult }}} }catche{}]]></PageQuery>\r\n </browsesite>\r\n <browsesite MatchesDomain=\imeem.com\ CannotHaveInUrl=\/video/\ HasInUrl=\/tag/\ DivId=\3BDDE512-9FDF-43f4-91E1-048F5F2BF236\>\r\n <PageQuery><![CDATA[try{var strQuery split = document.URL.split'/tag/'split = split[1].split'/'strQuery=split[0] var divResult = document.createElement'div'divResult.id = '3BDDE512-9FDF-43f4-91E1-048F5F2BF236'divResult.innerHTML = strQuerydocument.body.appendChilddivResult }catche{}]]></PageQuery>\r\n </browsesite>\r\n <browsesite MatchesDomain=\imeem.com\ CannotHaveInUrl=\/video/\ HasInUrl=\/artists/\ DivId=\3BDDE512-9FDF-43f4-91E1-048F5F2BF236\>\r\n <PageQuery><![CDATA[ try {var strQueryvar metaTags = document.getElementsByTagName'META'for var i=0 i<metaTags.length ++i {if metaTags[i].name.toLowerCase == 'keywords' {var delimIndex = metaTags[i].content.indexOf','if delimIndex > 0 {strQuery = metaTags[i].content.substring0, delimIndexifstrQuery.indexOf':' > 0 strQuery = strQuery.substring0,strQuery.indexOf':'ifstrQuery.indexOf'' > 0 strQuery = strQuery.substring0,strQuery.indexOf'' }}}ifstrQuery.toLowerCase=='browse'strQuery=''var divResult = document.createElement'div'divResult.id = '3BDDE512-9FDF-43f4-91E1-048F5F2BF236'divResult.innerHTML = strQuerydocument.body.appendChilddivResult }catche{}]]></PageQuery>\r\n </browsesite>\r\n <browsesite MatchesDomain=\imeem.com\ CannotHaveInUrl=\/video/\ HasInUrl=\/music/\ DivId=\3BDDE512-9FDF-43f4-91E1-048F5F2BF236\>\r\n <PageQuery><![CDATA[ try {var strQueryvar metaTags = document.getElementsByTagName'META'for var i=0 i<metaTags.length ++i {if metaTags[i].name.toLowerCase == 'keywords' {var delimIndex = metaTags[i].content.indexOf','if delimIndex > 0 {strQuery = metaTags[i].content.substring0, delimIndexifstrQuery.indexOf':' > 0 strQuery = strQuery.substring0,strQuery.indexOf':'ifstrQuery.indexOf'' > 0 strQuery = strQuery.substring0,strQuery.indexOf'' }}}ifstrQuery.toLowerCase=='browse'strQuery=''var divResult = document.createElement'div'divResult.id = '3BDDE512-9FDF-43f4-91E1-048F5F2BF236'divResult.innerHTML = strQuerydocument.body.appendChilddivResult}catche{}]]></PageQuery>\r\n </browsesite>\r\n <browsesite MatchesDomain=\music.yahoo.com\ CannotHaveInUrl=\/videos/\ DivId=\3BDDE512-9FDF-43f4-91E1-048F5F2BF236\>\r\n <PageQuery><![CDATA[ try {var strQueryvar metaTags = document.getElementsByTagName'META'for var i=0 i<metaTags.length ++i {if metaTags[i].name.toLowerCase == 'keywords' {var delimIndex = metaTags[i].content.indexOf','if delimIndex > 0 { strQuery = metaTags[i].content.substring0, delimIndexifstrQuery.indexOf':' > 0 strQuery = strQuery.substring0,strQuery.indexOf':'ifstrQuery.indexOf'' > 0 strQuery = strQuery.substring0,strQuery.indexOf'' var divResult = document.createElement'div'divResult.id = '3BDDE512-9FDF-43f4-91E1-048F5F2BF236'divResult.innerHTML = strQuerydocument.body.appendChilddivResult}}}}catche{}]]></PageQuery>\r\n </browsesite>\r\n <browsesite MatchesDomain=\walmart.com\ HasInUrl=\?product_id=\ MainPageUrl=\hxxp://www.walmart.com/\ DivId=\3BDDE512-9FDF-43f4-91E1-048F5F2BF236\>\r\n <PageQuery><![CDATA[ try {var strQueryvar metaTags = document.getElementsByTagName'META'for var i=0 i<metaTags.length ++i {if metaTags[i].name.toLowerCase == 'keywords' {var delimIndex = metaTags[i].content.indexOf','if delimIndex > 0 {strQuery = metaTags[i].content.substring0, delimIndexifstrQuery.indexOf':' > 0 strQuery = strQuery.substring0,strQuery.indexOf':'ifstrQuery.indexOf'' > 0 strQuery = strQuery.substring0,strQuery.indexOf'' var divResult = document.createElement'div'divResult.id = '3BDDE512-9FDF-43f4-91E1-048F5F2BF236'divResult.innerHTML = strQuerydocument.body.appendChilddivResult}}} }catche{}]]></PageQuery>\r\n </browsesite>\r\n <browsesite MatchesDomain=\bestbuy.com\ DivId=\3BDDE512-9FDF-43f4-91E1-048F5F2BF236\ CannotHaveInUrl=\skuId=\>\r\n <PageQuery><![CDATA[try{var strQueryvar titleTags=document.getElementsByTagName'title'iftitleTags.length>0{strQuery=titleTags[0].textvar split=strQuery.split'- BestBuy'ifsplit.length>1{strQuery=split[0]split=strQuery.split':'ifsplit.length>1{strQuery=split[1]}}}strQuery=strQuery.replace/^\s+|\s+$/g,''var divResult = document.createElement'div'divResult.id = '3BDDE512-9FDF-43f4-91E1-048F5F2BF236'divResult.innerHTML = strQuerydocument.body.appendChilddivResult}catche{}]]></PageQuery>\r\n </browsesite>\r\n <browsesite MatchesDomain=\music.aol.com\ DivId=\3BDDE512-9FDF-43f4-91E1-048F5F2BF236\>\r\n <PageQuery><![CDATA[ try {var strQueryvar metaTags = document.getElementsByTagName'META'for var i=0 i<metaTags.length ++i { if metaTags[i].name.toLowerCase == 'keywords' {var delimIndex = metaTags[i].content.indexOf',' if delimIndex > 0 { strQuery = metaTags[i].content.substring0, delimIndexstrQuery = metaTags[i].content.substring0, delimIndexifstrQuery.indexOf':' > 0 strQuery = strQuery.substring0,strQuery.indexOf':' ifstrQuery.indexOf'' > 0 strQuery = strQuery.substring0,strQuery.indexOf'' var divResult = document.createElement'div'divResult.id = '3BDDE512-9FDF-43f4-91E1-048F5F2BF236'divResult.innerHTML = strQuerydocument.body.appendChilddivResult}}}}catche{}]]></PageQuery>\r\n </browsesite>\r\n <browsesite MatchesDomain=\imdb.com\ HasInUrl=\title\ CannotHaveInUrl=\/doubleclick/\ DivId=\3BDDE512-9FDF-43f4-91E1-048F5F2BF236\>\r\n <PageQuery><![CDATA[ try {var strQueryvar metaTags = document.getElementsByTagName'META'forvar i=0 i<metaTags.length ++i{ifmetaTags[i].name.toLowerCase == 'title'{var content = metaTags[i].content.replace/^\s+|\s+$/g, ''var delimIndex = content.indexOf','ifdelimIndex > 0{strQuery = content.substring0,delimIndex}else ifcontent.length > 0{strQuery = content}strQuery = strQuery.replace/\.*\/g, ''break} } var divResult = document.createElement'div'divResult.id = '3BDDE512-9FDF-43f4-91E1-048F5F2BF236'divResult.innerHTML = strQuerydocument.body.appendChilddivResult }catche{}]]></PageQuery>\r\n </browsesite>\r\n <browsesite MatchesDomain=\imdb.com\ HasInUrl=\name\ CannotHaveInUrl=\/doubleclick/\ DivId=\3BDDE512-9FDF-43f4-91E1-048F5F2BF236\>\r\n <PageQuery><![CDATA[ try {var strQueryvar metaTags = document.getElementsByTagName'META'forvar i=0 i<metaTags.length ++i{ifmetaTags[i].name.toLowerCase == 'title'{var content = metaTags[i].content.replace/^\s+|\s+$/g, ''var delimIndex = content.indexOf','ifdelimIndex > 0{strQuery = content.substring0,delimIndex}else ifcontent.length > 0{strQuery = content}strQuery = strQuery.replace/\.*\/g, ''break}} var divResult = document.createElement'div'divResult.id = '3BDDE512-9FDF-43f4-91E1-048F5F2BF236'divResult.innerHTML = strQuerydocument.body.appendChilddivResult}catche{}]]></PageQuery>\r\n </browsesite>\r\n <browsesite MatchesDomain=\imdb.com\ HasInUrl=\/Sections/Genres/\ DivId=\3BDDE512-9FDF-43f4-91E1-048F5F2BF236\>\r\n <PageQuery><![CDATA[ try {var strQueryvar split = document.URL.split'/'strQuery = split[5] var divResult = document.createElement'div'divResult.id = '3BDDE512-9FDF-43f4-91E1-048F5F2BF236'divResult.innerHTML = strQuerydocument.body.appendChilddivResult}catche{}]]></PageQuery>\r\n </browsesite>\r\n <browsesite MatchesDomain=\last.fm\ HasInUrl=\/music/\ DivId=\3BDDE512-9FDF-43f4-91E1-048F5F2BF236\>\r\n <PageQuery><![CDATA[ try{var strQueryvar split = document.URL.split'/'ifsplit.length>1strQuery = split[4] split = strQuery.split'?'ifsplit.length>0 strQuery = split[0] var divResult = document.createElement'div'divResult.id = '3BDDE512-9FDF-43f4-91E1-048F5F2BF236'divResult.innerHTML = strQuerydocument.body.appendChilddivResult}catche{}]]></PageQuery>\r\n </browsesite>\r\n </browsesites>\r\n\r\n <fallback>\r\n <replace url=\hxxp://gdata.youtube.com/feeds/api/videos?start-index=1&max-results=50&v=2&format=5&q=\>\r\n <replaceid>BF4C0C4D-1219-409d-886F-436D68306B7B</replaceid>\r\n <replaceframe>veohrecs_fr</replaceframe>\r\n </replace>\r\n </fallback>\r\n\r\n <bookmark>\r\n <elements><![CDATA[\nfunction{var window=this,document=window.document,utils=function{return{bind:functionthisArg,name{var func=thisArg[name]if'object'!==typeof thisArg.bound{thisArg.bound={}}\nif'undefined'===typeof thisArg.bound[name]&&'function'===typeof func{thisArg.bound[name]=functione{func.callthisArg,utils.getEvente}}\nreturn thisArg.bound[name]},encode:functiontext{return window.escapetext.replace/&/g,'&'.replace/</g,'<'.replace/>/g,'>'.replace/\\/g,'"'},getEvent:functione{var event=e||window.event,target=event.target||event.srcElementwhiletarget&&target.nodeType===3{target=target.parentNode}\nreturn{document:target.ownerDocument,event:event,target:target,type:event.type,page:{x:event.pageX||event.clientX+document.body.scrollLeft,y:event.pageY||event.clientY+document.body.scrollTop},preventDefault:function{this.event.returnValue=falseifthis.event.preventDefault{this.event.preventDefault}\nreturn this},stopPropagation:function{this.event.cancelBubble=trueifthis.event.stopPropagation{this.event.stopPropagation}\nreturn this},stop:function{return this.stopPropagation.preventDefault}}},log:functionmessage{var logDiv=document.getElementById'com_veoh_logDiv',newDiv=document.createElement'div'iflogDiv===null{logDiv=document.createElement'div'logDiv.setAttribute'id','com_veoh_logDiv'logDiv.style.position='absolute'logDiv.style.top='0px'logDiv.style.right='0px'logDiv.style.backgroundColor='white'logDiv.style.border='1px solid black'logDiv.style.padding='5px'logDiv.style.textAlign='left'logDiv.style.width='300px'logDiv.style.zIndex='9999999'document.getElementsByTagName'body'[0].appendChildlogDiv}\nnewDiv.innerHTML=messagelogDiv.appendChildnewDiv},logError:functione{var message=''iftypeof e==='object'{message=e+' with message: '+e.message||'none'}else{message=e}\nutils.log'Caught error: '+message}}},elements=function{var Element=functionselector{iftypeof selector==='string'{this.id=selectorthis.el=document.getElementByIdselector}else ifselector&&selector.getAttribute{this.id=selector.getAttribute'id'this.el=selector}else ifselector{this.id=''this.el=selector}else{this.id=''this.el=null}},Draggable=functionelement,options{options=options||{}this.element=elementthis.handle=options.handle||elementthis.events={start:options.start,stop:options.stop}}Element.prototype={addEvents:functionhash{forvar name in hash{iftypeof name==='string'&&this.el{ifthis.el.attachEvent{this.el.attachEvent'on'+name,hash[name]}else ifthis.el.addEventListener{this.el.addEventListenername,hash[name],false}}}\nreturn this},removeEvents:functionhash{forvar name in hash{iftypeof name==='string'&&this.el{ifthis.el.detachEvent{this.el.detachEvent'on'+name,hash[name]}else ifthis.el.removeEventListener{this.el.removeEventListenername,hash[name],false}}}\nreturn this},getParent:function{returnthis.el&&this.el.parentNode?elements.getElementthis.el.parentNode:null},getTag:function{returnthis.el&&this.el.nodeName?this.el.nodeName.toLowerCase:undefined},getPosition:function{returnthis.el&&this.el.style?{x:parseIntthis.el.style.left,10,y:parseIntthis.el.style.top,10}:{}},setPosition:functionpos{ifthis.el&&this.el.style{this.el.style.left=pos.x+'px'this.el.style.top=pos.y+'px'}\nreturn this},getOffset:functionadjust{var container=this.el,offset={x:0,y:0}whilecontainer!==undefined&&container!==null{offset.x+=container.offsetLeftoffset.y+=container.offsetTopcontainer=container.offsetParent}\niftypeof adjust==='object'{iftypeof adjust.x==='number'{offset.x+=adjust.x}\niftypeof adjust.y==='number'{offset.y+=adjust.y}}\nreturn offset},getStyle:functionname{var style=nullifthis.el&&this.el.style&&typeof name==='string'{style=this.el.style[name]}\nreturn style},setStyles:functionhash{forvar name in hash{iftypeof name==='string'&&this.el&&this.el.style{this.el.style[name]=hash[name]}}\nreturn this},getOuterHtml:function{var tmp,html=nullifthis.el{ifthis.el.outerHTML{html=this.el.outerHTML}else{tmp=elements.getElement.create'div'.appendToelements.getBody.setStyles{display:'none'}elements.getElementthis.el.cloneNodetrue.appendTotmphtml=tmp.getInnerHtmltmp.remove}}\nreturn html},getInnerHtml:function{var html=''ifthis.el&&this.el.innerHTML{html=this.el.innerHTML}\nreturn html},setHtml:functionhtml{ifthis.el{this.el.innerHTML=html}\nreturn this},replaceHtml:functiontoken,html{ifthis.el&&this.el.innerHTML{this.el.innerHTML=this.el.innerHTML.replacetoken,html}\nreturn this},get:functionname{returnthis.el&&this.el.getAttribute?this.el.getAttributename:null},set:functionhash{forvar name in hash{iftypeof name==='string'&&this.el&&this.el.setAttribute{this.el.setAttributename,hash[name]}}\nreturn this},rem:functionname{ifthis.el&&this.el.removeAttribute{this.el.removeAttributename}\nreturn this},appendTo:functionother{ifother.el&&other.el.appendChild{other.el.appendChildthis.el}\nreturn this},insertInto:functionother{ifother.el.firstChild&&other.el.insertBefore{other.el.insertBeforethis.el,other.el.firstChild}else{this.appendToother}\nreturn this},remove:function{this.cleanifthis.el&&this.el.parentNode{this.el.parentNode.removeChildthis.el}\nthis.el=nullreturn this},create:functiontype{ifthis.el===null{this.el=document.createElementtypethis.set{id:this.id}}\nreturn this},makeDraggable:functionoptions{ifthis.draggable{this.draggable.clean}\nthis.draggable=new Draggablethis,optionsthis.draggable.initreturn this},resetDraggable:function{ifthis.draggable{this.draggable.reset}\nreturn this},clean:function{ifthis.draggable{this.draggable.clean}}}Draggable.prototype={events:{},position:{},start:functionevent{ifthis.events.start&&typeof this.events.start==='function'{this.events.start.callthis.element}\nthis.position.relative=this.element.getPositionthis.position.relative={x:event.page.x-this.position.relative.x,y:event.page.y-this.position.relative.y}elements.getElementevent.document.addEvents{mousemove:utils.bindthis,'drag',mouseup:utils.bindthis,'stop',mousedown:utils.bindthis,'eventStop',selectstart:utils.bindthis,'eventStop'}},drag:functionevent{this.element.setPosition{x:event.page.x-this.position.relative.x,y:event.page.y-this.position.relative.y}},stop:functionevent{ifthis.events.stop&&typeof this.events.stop==='function'{this.events.stop.callthis.element}\nelements.getElementevent.document.removeEvents{mousemove:utils.bindthis,'drag',mouseup:utils.bindthis,'stop',mousedown:utils.bindthis,'eventStop',selectstart:utils.bindthis,'eventStop'}},eventStop:functionevent{event.stop},reset:functionevent{this.element.setPositionthis.position.initial},init:function{this.handle.addEvents{mousedown:utils.bindthis,'start'}this.position.initial=this.element.getPosition},clean:function{this.handle.removeEvents{mousedown:utils.bindthis,'start'}}}return{getElement:functionselector{return new Elementselector},getPrototype:function{return Element.prototype},getElementList:functionname{return document.getElementsByTagNamename},getBody:function{return this.getElementthis.getElementList'body'[0]},getHead:function{return this.getElementthis.getElementList'head'[0]},getMetadata:functionname{var i=0,content=null,metadata=this.getElementList'meta'fori=0i<metadata.lengthi+=1{ifname===metadata[i].name{content=metadata[i].contentbreak}}\nreturn content},getProperty:functionname{return document[name]}}}window.veoh=function{return this}window.veoh.elements=elementswindow.veoh.utils=utils}]]></elements>\r\n <injest><![CDATA[\nfunction{var window=this,elements=window.veoh.elements,utils=window.veoh.utils,baseUrl=window.veoh.baseUrl||'hxxp://www.veoh.com/',ingest=function{var Button=functionindex,embed{this.alt=''this.anchor=nullthis.button=nullthis.form=nullthis.frame=nullthis.embed=embedthis.index=indexthis.loaded=falsethis.hideHandle=nullthis.moveHandle=nullthis.moveIncrement=5this.offset={x:0,y:0}this.src='images/ingest.png'this.title='Add to Veoh playlist'this.height=30this.width=55},Frame=function{this.dragBox=nullthis.dragClose=nullthis.dragTitle=nullthis.dragFrame=nullthis.loaded=false},Form=function{this.form=nullthis.loaded=false}Button.prototype={init:functionframe,form{if!this.loaded{this.button=elements.getElement'com_veoh_ingestButton'.create'div'.appendToelements.getBody.setStyles{position:'absolute',height:'0px',width:this.width+'px',overflow:'hidden',zIndex:'10000'}this.anchor=elements.getElement'com_veoh_open'.create'a'.appendTothis.button.set{href:'#',title:this.title}.setHtml'<img border=\0\ alt=\'+this.alt+'\ height=\'+this.height+'\ width=\'+this.width+'\ src=\'+baseUrl+this.src+'\ />'this.anchor.addEvents{click:utils.bindthis,'click'}this.button.addEvents{mouseover:utils.bindthis,'show',mouseout:utils.bindthis,'hide'}this.embed.addEvents{mouseover:utils.bindthis,'show',mouseout:utils.bindthis,'hide'}this.loaded=true}\nthis.frame=framethis.form=formthis.anchor.set{'com_veoh_index':this.index,'id':'com_veoh_open'+this.index}this.button.set{'com_veoh_index':this.index,'id':'com_veoh_ingestButton'+this.index}this.embed.set{'com_veoh_index':this.index}ifthis.button.getStyle'height'==='0px'{this.offset=this.embed.getOffsetthis.button.setPositionthis.offset}\nreturn this},clean:function{ifthis.loaded{this.anchor.removeEvents{click:utils.bindthis,'click'}this.button.removeEvents{mouseover:utils.bindthis,'show',mouseout:utils.bindthis,'hide'}this.embed.removeEvents{mouseover:utils.bindthis,'show',mouseout:utils.bindthis,'hide'}this.button.removethis.embed.rem'com_veoh_index'this.anchor=nullthis.button=nullthis.embed=nullthis.frame=nullthis.form=nullthis.offset={x:0,y:0}this.loaded=false}\nreturn this},setIndex:functionindex{this.index=indexreturn this},isOrphan:function{var node=this.embedwhilenode&&node.el&&node.el!==elements.getBody.el{node=node.getParent}\nreturn!node&&node.el&&node.el===elements.getBody.el},click:functionevent{iftypeof this.form==='object'&&typeof this.frame==='object'{this.form.submitthis.embed.getOuterHtml,this.embed.el.offsetWidth,this.embed.el.offsetHeightthis.frame.openthis.embed.getOffset{x:this.embed.el.offsetWidth+10}}\nevent.preventDefault},show:functionevent{var initialY=this.offset.y,targetY=this.offset.y-this.heightiftypeof this.button==='object'&&typeof this.button.growShrinkY==='function'{window.clearTimeoutthis.hideHandlethis.button.growShrinkYinitialY,targetY,this.moveIncrement,this}},hide:functionevent{var thisArg=this,initialY=this.offset.y,targetY=initialY,hide=function{iftypeof thisArg.button==='object'&&typeof thisArg.button.growShrinkY==='function'{thisArg.button.growShrinkYinitialY,targetY,thisArg.moveIncrement,thisArg}}window.clearTimeoutthis.hideHandlethis.hideHandle=window.setTimeouthide,500}}Frame.prototype={init:function{if!this.loaded{this.dragBox=elements.getElement'com_veoh_dragBox'.create'div'.appendToelements.getBody.setStyles{backgroundColor:'#ffffff',border:'4px groove',cursor:'move',display:'none',fontSize:'12px',position:'absolute',height:'auto',width:'300px',top:'0px',left:'0px',zIndex:20000}.setHtml'<a id=\com_veoh_dragClose\ href=\></a>'+'<h2 id=\com_veoh_dragTitle\></h2>'+'<iframe id=\com_veoh_dragFrame\ name=\com_veoh_dragFrame\ src=\about:blank\></iframe>'this.dragClose=elements.getElement'com_veoh_dragClose'.set{href:'#',title:'Close'}.setStyles{background:'transparent url'+baseUrl+'images/veoh_sprite.gif no-repeat scroll -73px 0px',cursor:'pointer',position:'absolute',height:'14px',width:'14px',top:'10px',right:'10px',zIndex:30000}this.dragTitle=elements.getElement'com_veoh_dragTitle'.setStyles{borderBottom:'1px dotted #d7d7d7',color:'#444444',font:'bold 1.25em \Lucida Grande\,Tahoma,Arial,Helvetica,sans-serif',margin:'10px 10px 0px 10px',paddingBottom:'5px',textAlign:'left'}.setHtml'Add to Veoh playlist'this.dragFrame=elements.getElement'com_veoh_dragFrame'.set{frameborder:'0',height:'250',width:'300',scrolling:'yes'}.setStyles{marginTop:'1px'}this.dragBox.makeDraggable{start:function{elements.getElement'com_veoh_iframeFix'.create'div'.setStyles{opacity:'0.001',position:'absolute',height:'250px',width:'300px',left:'0px',top:'0px',zIndex:1000}.appendTothis},stop:function{elements.getElement'com_veoh_iframeFix'.remove}}this.dragClose.addEvents{click:utils.bindthis,'close',mouseover:utils.bindthis,'closeFocus',mouseout:utils.bindthis,'closeBlur'}}\nreturn this},clean:function{ifthis.loaded{this.dragClose.removeEvents{click:utils.bindthis,'close',mouseover:utils.bindthis,'closeFocus',mouseout:utils.bindthis,'closeBlur'}this.dragBox.cleanthis.dragBox.removethis.dragBox=nullthis.dragClose=nullthis.dragFrame=nullthis.dragTitle=nullthis.loaded=false}\nreturn this},open:functionoffset{iftypeof this.dragBox==='object'{this.dragBox.setPositionoffsetthis.dragBox.setStyles{display:'block'}}},close:functionevent{iftypeof this.dragBox==='object'&&typeof this.dragFrame==='object'{this.dragBox.setStyles{display:'none'}this.dragFrame.set{src:'about:blank'}}\nevent.preventDefault},closeFocus:functionevent{iftypeof this.dragClose==='object'{this.dragClose.setStyles{backgroundPosition:'-73px -14px'}}},closeBlur:functionevent{iftypeof this.dragClose==='object'{this.dragClose.setStyles{backgroundPosition:'-73px 0px'}}}}Form.prototype={init:function{if!this.loaded{this.form=elements.getElement'com_veoh_ingestForm'.create'form'.appendToelements.getBody.set{action:baseUrl+'ingest',method:'post',target:'com_veoh_dragFrame'}.setHtml'<input id=\com_veoh_ingestForm_title\ name=\title\ type=\hidden\ value=\ />'+'<input id=\com_veoh_ingestForm_url\ name=\url\ type=\hidden\ value=\ />'+'<input id=\com_veoh_ingestForm_width\ name=\width\ type=\hidden\ value=\ />'+'<input id=\com_veoh_ingestForm_height\ name=\height\ type=\hidden\ value=\ />'+'<textarea id=\com_veoh_ingestForm_embedCode\ name=\embed_code\ style=\display:none\></textarea>'+'<textarea id=\com_veoh_ingestForm_pageText\ name=\page_text\ style=\display:none\></textarea>'}\nreturn this},clean:function{ifthis.loaded{this.form.removethis.form=nullthis.loaded=false}},submit:functionembedHtml,width,height{var name='',item='',fields={}iftypeof this.form==='object'{fields.embedCode=embedHtmlfields.width=''+widthfields.height=''+heightfields.title=elements.getMetadata'title'||elements.getProperty'title'fields.url=elements.getProperty'URL'fields.pageText=''forname in fields{iftypeof fields[name]==='string'{item=elements.getElement'com_veoh_ingestForm_'+nameif'input'===item.getTag{item.set{value:utils.encodefields[name]}}else{item.setHtmlutils.encodefields[name]}}}\nthis.form.el.submit}}}return{buttonList:[],form:null,frame:null,attempt:functioninterval,limit{var blacklist={'hulu':'www.hulu.com','veoh':'www.veoh.com'}try{if!this.isBlacklistedHostdocument.URL,blacklist{this.initinterval,limit}}catche{}},init:functioninterval,limit{var timer=null,init=function{var i=0iflimit===0{window.clearIntervaltimerreturn}else iflimit>0{limit-=1}\nfori=0i<this.buttonList.lengthi+=1{ifthis.buttonList[i]&&this.buttonList[i].isOrphan{this.buttonList[i].cleanthis.buttonList[i]=null}}\nthis.buttonList=this.getButtonsthis.buttonListifthis.buttonList.length>0{this.form=this.form||this.getFormthis.frame=this.frame||this.getFramefori=0i<this.buttonList.lengthi+=1{ifthis.buttonList[i]{this.buttonList[i].initthis.frame,this.form}}}},callInit=function{init.callingest},unload=function{ingest.clean.callingest}interval=interval||0limit=limit||1init.callthisifinterval>0{window.setIntervalcallInit,interval*1000}\nelements.getElementwindow.addEvents{'unload':unload}},clean:function{ifthis.form{this.form.cleanthis.form=null}\nifthis.frame{this.frame.cleanthis.frame=null}\nforvar i=0i<this.buttonList.lengthi+=1{ifthis.buttonList[i]{this.buttonList[i].cleanthis.buttonList[i]=null}}\nthis.buttonList=[]},getButtons:functionexistingButtons{var buttonList=[],processTagList=functiontag,baseIndex{var i=0,j=0,item=null,parent=null,list=elements.getElementListtagbaseIndex=baseIndex||0fori=0i<list.lengthi+=1{iflist[i]{item=elements.getElementlist[i]parent=item.getParentif!item.get'processed'{ifingest.isVideoEmbeditem{buttonList[i]=new Buttoni,item}\nitem.set{'processed':'true'}if'object'===parent.getTag{parent.set{'processed':'true'}}}else{j=window.parseIntitem.get'com_veoh_index'if!window.isNaNj&&existingButtons[j]{buttonList[i]=existingButtons[j].setIndexi}}}}}existingButtons=existingButtons||[]processTagList'embed'processTagList'object',buttonList.lengthreturn buttonList},getForm:function{var form=new Formreturn form.init},getFrame:function{var frame=new Framereturn frame.init},getSourceUrl:functionembed{var embedList=null,paramList=null,i=0,url=embed.src||embed.dataif!url{paramList=embed.getElementsByTagName'param'ifparamList&¶mList.length>0{fori=0i<paramList.lengthi+=1{ifparamList[i].name==='movie'{url=paramList[i].value}}}}\nif!url{embedList=embed.getElementsByTagName'embed'ifembedList&&embedList.length>0{url=embedList[0].src}}\nreturn url},isBlacklistedHost:functionurl,blacklist{forvar name in blacklist{ifurl.indexOf'hxxp://'+blacklist[name]===0{return true}}\nreturn false},isVideoEmbed:functionitem{var embed=item.el,name='',sourceURL='',adSizes={'mediumRectangle':{w:300,h:250},'squarePopup':{w:250,h:250},'verticalRectangle':{w:240,h:400},'largeRectangle':{w:336,h:280},'rectangle':{w:180,h:150},'3x1Rectangle':{w:300,h:100},'popUnder':{w:720,h:300},'fullBanner':{w:468,h:60},'halfBanner':{w:234,h:60},'microBar':{w:88,h:31},'button1':{w:120,h:90},'button2':{w:120,h:60},'verticalBanner':{w:120,h:240},'squareButton':{w:125,h:125},'leaderboard':{w:768,h:90},'wideSkyscraper':{w:160,h:600},'skyscraper':{w:120,h:600},'halfPageAd':{w:300,h:600},'1x1Pixel':{w:1,h:1},'120x20Button':{w:120,h:20},'300x60Rectangle':{w:300,h:60},'970x100Banner':{w:970,h:100},'970x250Banner':{w:970,h:250}},hostBlacklist={'m1.2mdn.net':'m1.2mdn.net'}if!embed{return false}\nsourceURL=this.getSourceUrlembedif!sourceURL||sourceURL.indexOf'hxxp://'!==0{return false}\nifthis.isBlacklistedHostsourceURL,hostBlacklist{return false}\nif900<embed.offsetWidth{return false}\nif0<embed.offsetHeight&&embed.offsetHeight<200{return false}\nifembed.height===\0\||embed.width===\0\{return false}\nforname in adSizes{ifadSizes[name].w===embed.offsetWidth&&adSizes[name].h===embed.offsetHeight{return false}else ifadSizes[name].w==embed.width&&adSizes[name].h==embed.height{return false}}\nreturn true}}}window.veoh.elements.getPrototype.growShrinkY=functioninitialY,targetY,increment,hContainer{var thisArg=this,currentY=thisArg.getPosition.y,move=function{iftargetY<currentY{currentY=Math.maxtargetY,currentY-incrementthisArg.setStyles{top:currentY+'px',height:initialY-currentY+'px'}}else iftargetY>currentY{currentY=Math.mintargetY,currentY+incrementthisArg.setStyles{top:currentY+'px',height:initialY-currentY+'px'}}else{window.clearIntervalhContainer.moveHandle}}iftargetY!==currentY{window.clearIntervalhContainer.moveHandlehContainer.moveHandle=window.setIntervalmove,1}}window.veoh.ingest=ingest}]]></injest>\r\n <injestInit><![CDATA[veoh.ingest.attempt5,-1]]></injestInit>\r\n </bookmark>\r\n </results>\r\n \r\n\r\n\r\n
.
.
* Internet Explorer Version 8.0.6001.18865 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Start Page: hxxp://fr.msn.com/
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Do404Search: 01000000
Local Page: C:\Windows\system32\blank.htm
Show_ToolBar: yes
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page Redirect Cache: hxxp://fr.msn.com/?ocid=iehp
Start Page Redirect Cache_TIMESTAMP: f2202369407bca01
Start Page Redirect Cache AcceptLangs: fr
Enable Browser Extensions: yes
Use Search Asst: no
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Start Page: hxxp://fr.msn.com/
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\Windows\System32\blank.htm
Enable Browser Extensions: yes
Use Search Asst: no
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
===================================
.
43804 Octet(s) - C:\Ad-Report-CLEAN[1].log
.
0 Fichier(s) - C:\Users\4t535sa\AppData\Local\Temp
1 Fichier(s) - C:\Windows\Temp
0 Fichier(s) - C:\Windows\Prefetch
.
20 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
17629 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
.
Fin à: 14:00:44 | 13/12/2009 - CLEAN[1]
.
============== E.O.F ==============
.
mais comment puis-je me débarasser des fichiers suspects? si je les supprime directement, cela ne risque-t-il pas de faire buguer mon ordi?
de plus, je reçois des mails d'invitation de la part d'un réseau du nom de Keesia qui me dit que des amis à moi sont inscrits dessus. et quelques fois quand je l'ouvre, ça freeze. y aurait-il un lien?
de plus, je reçois des mails d'invitation de la part d'un réseau du nom de Keesia qui me dit que des amis à moi sont inscrits dessus. et quelques fois quand je l'ouvre, ça freeze. y aurait-il un lien?
bon apparement, les pop-up et les bugs de IE se sont calmer, mais j'ai bien dis APPAREMENT! je ne sais pas s'il reste des virus ou autres, c'est pourquoi je réclame une fois de plus votre aide, au cas où.
au secours les problème ont recommencé!!!
je suis sur un forum (http://manga-paradise.xoo.it) et lorsque je tape l'adresse, je vois dans le barre d'adresse questservice et j'ai ça qui s'affiche, alors que le forum n'en parle absolument pas. Panda Software aviat trouvé un fichiers suspects c:\users\progam files\questservice\uninstall.exe est-ce que par hasard tout cela aurait un lien?
répondez vite s'il vous plaît, merci d'avance
Edit:
bon j'ai désinstaller questservice mais je n'arrive toujours pas à accéder au forum. Bon déja il n'affiche plus les choses de la capture d'image mais en échange il me dit que IE ne peut pas afficher cette page et quand je passe par Mozilla, il me dit qu'il ne peut accéder au serveur. mon frère pense que quelqu'un a corrompu le lien. pourriez-vous me dire si vous arrivez à accéder au forum s'il vous plaît? merci d'avance
je suis sur un forum (http://manga-paradise.xoo.it) et lorsque je tape l'adresse, je vois dans le barre d'adresse questservice et j'ai ça qui s'affiche, alors que le forum n'en parle absolument pas. Panda Software aviat trouvé un fichiers suspects c:\users\progam files\questservice\uninstall.exe est-ce que par hasard tout cela aurait un lien?
répondez vite s'il vous plaît, merci d'avance
Edit:
bon j'ai désinstaller questservice mais je n'arrive toujours pas à accéder au forum. Bon déja il n'affiche plus les choses de la capture d'image mais en échange il me dit que IE ne peut pas afficher cette page et quand je passe par Mozilla, il me dit qu'il ne peut accéder au serveur. mon frère pense que quelqu'un a corrompu le lien. pourriez-vous me dire si vous arrivez à accéder au forum s'il vous plaît? merci d'avance
