Rapport Ad-remover
Xrom
Messages postés
13
Statut
Membre
-
juju666 Messages postés 35446 Date d'inscription Statut Contributeur sécurité Dernière intervention -
juju666 Messages postés 35446 Date d'inscription Statut Contributeur sécurité Dernière intervention -
Bonjour,
Je pense que mon pc est infecté par divers adwares. J'ai donc recouru à un scan ad-r.
Quelqu'un peut m'aider à decrypter le log ci-joint ?
Merci d'avance.
======= RAPPORT D'AD-REMOVER 2.0.0.2,F | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 01/03/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 21:24:52 le 26/03/2011, Mode normal
Microsoft Windows 7 Édition Starter (X86)
****@****-PC (Hewlett-Packard HP Mini 210-1000)
============== RECHERCHE ==============
Dossier trouvé: C:\Users\Kamal\AppData\LocalLow\Conduit
Dossier trouvé: C:\Program Files\Conduit
-- Fichier ouvert: C:\Users\Kamal\AppData\Roaming\Mozilla\FireFox\Profiles\o29hn17u.default\Prefs.js --
Ligne trouvée: user_pref("CT2269050.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER...
Ligne trouvée: user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226...
Ligne trouvée: user_pref("CT2504091.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER...
Ligne trouvée: user_pref("CT2504091.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT250...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20...
Ligne trouvée: user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
Ligne trouvée: user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");
Ligne trouvée: user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
Ligne trouvée: user_pref("CommunityToolbar.IsEngineShown", true);
Ligne trouvée: user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Ligne trouvée: user_pref("CommunityToolbar.OriginalEngineOwner", "");
Ligne trouvée: user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "");
Ligne trouvée: user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "");
Ligne trouvée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr...
Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList", "CT2504091,CT2269050");
Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList2", "CT2504091,CT2269050");
Ligne trouvée: user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Sat Mar 26 2011 21:12:37 GMT+00...
Ligne trouvée: user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Ligne trouvée: user_pref("CommunityToolbar.alert.locale", "en");
Ligne trouvée: user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Ligne trouvée: user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sat Mar 26 2011 21:12:29 GMT+0000 (Mar)");
Ligne trouvée: user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1291048634");
Ligne trouvée: user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Ligne trouvée: user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Ligne trouvée: user_pref("CommunityToolbar.alert.showTrayIcon", false);
Ligne trouvée: user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Ligne trouvée: user_pref("CommunityToolbar.alert.userId", "d038ec09-1ee9-4d68-90c1-cf9202cc6456");
Ligne trouvée: user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat Jun 12 2010 12:34:38 GMT+0100");
Ligne trouvée: user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Ligne trouvée: user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
-- Fichier Fermé --
Clé trouvée: HKLM\Software\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Clé trouvée: HKLM\Software\Classes\CLSID\{F42C7B47-5234-4BF5-8882-DAAC0D64870E}
Clé trouvée: HKLM\Software\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870E}
Clé trouvée: HKLM\Software\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7D}
Clé trouvée: HKLM\Software\Classes\DiscoveryHelper.iMesh6Discovery
Clé trouvée: HKLM\Software\Classes\DiscoveryHelper.iMesh6Discovery.1
Clé trouvée: HKLM\Software\Classes\Toolbar.CT2504091
Clé trouvée: HKLM\Software\Conduit
Clé trouvée: HKLM\Software\DataMngr
Clé trouvée: HKCU\Software\Conduit
Clé trouvée: HKCU\Software\AppDataLow\Toolbar
Clé trouvée: HKCU\Software\AppDataLow\Software\Conduit
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E84D42CA-64EB-11DE-A65F-8C3656D89593}
============== SCAN ADDITIONNEL ==============
**** Mozilla Firefox Version [3.6.16 (fr)] ****
Searchplugins\BearShareWebSearch.xml ( hxxp://search.bearshare.com/web?src=ffb&systemid=2&q={searchTerms}/)
-- C:\Users\****\AppData\Roaming\Mozilla\FireFox\Profiles\o29hn17u.default --
Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} (DVDVideoSoft Menu)
Extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} (Vuze Remote Community Toolbar)
Extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca} (Torbutton)
Extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} (DVDVideoSoft Toolbar)
Searchplugins\BearShareWebSearch.xml ( hxxp://search.bearshare.com/web?src=ffb&systemid=2&q={searchTerms}/)
Searchplugins\google-language-fr.xml (?)
Searchplugins\recherche-de-vidos-youtube.xml (?)
Prefs.js - browser.search.defaultenginename, BearShare Web Search
Prefs.js - browser.startup.homepage, hxxp://www.google.fr/
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.16
Prefs.js - keyword.URL, hxxp://search.bearshare.com/web?src=ffb&systemid=2&q=
-- C:\Users\Invité\AppData\Roaming\Mozilla\FireFox\Profiles\k7ush5sy.default --
Extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593} (MediaBar)
Prefs.js - browser.startup.homepage, hxxp://www.google.fr/
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.13
Prefs.js - keyword.URL, hxxp://search.bearshare.com/web?src=ffb&systemid=2&q=
========================================
**** Internet Explorer Version [8.0.7600.16385] ****
HKCU_Main|Default_Page_URL - hxxp://g.uk.msn.com/HPALL/18
HKCU_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Page_URL - hxxp://g.uk.msn.com/HPALL/18
HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Start Page - hxxp://g.uk.msn.com/HPALL/18
HKCU_URLSearchHooks|{ba14329e-9550-4989-b3f2-9732e92d17cc} - "Vuze Remote Toolbar" (C:\Program Files\Vuze_Remote\tbVuze.dll)
HKLM_URLSearchHooks|{ba14329e-9550-4989-b3f2-9732e92d17cc} - "Vuze Remote Toolbar" (C:\Program Files\Vuze_Remote\tbVuze.dll)
HKCU_SearchScopes\{5EE3BC5D-4861-43A0-B3AC-98111B041F72} - "Wikipedia" (hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms})
HKCU_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} - "?" (?)
HKLM_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} - "Web Search" (hxxp://search.bearshare.com/web?src=ieb&systemid=2&q={searchTerms})
HKCU_Toolbar\WebBrowser|{BA14329E-9550-4989-B3F2-9732E92D17CC} (C:\Program Files\Vuze_Remote\tbVuze.dll)
HKLM_Toolbar|{ba14329e-9550-4989-b3f2-9732e92d17cc} (C:\Program Files\Vuze_Remote\tbVuze.dll)
HKLM_ElevationPolicy\aa153483-142a-4275-9a2a-8e7d7fcfbd92 - C:\Program Files\Vuze_Remote\Vuze_RemoteToolbarHelper.exe (?)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\System32\wpcer.exe (x)
HKLM_ElevationPolicy\{08FF730A-494F-4cba-AA0B-E4F1D44715F9} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\symerr.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\System32\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{438214DB-BB3C-4813-89F3-B3757D52B28E} - C:\Program Files\BearShare Applications\BearShare\BearShare.exe (MusicLab, LLC)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{E84D42CA-64EB-11DE-A65F-8C3656D89593} - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\uninstall.exe (x)
HKLM_Extensions\{4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - "PalTalk" (C:\Program Files\Paltalk Messenger\Paltalk.exe,476)
HKLM_Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F} - "@C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015" (C:\Program Files\WIDCOMM\Bluetooth Software\bt_cold_icon.ico)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll)
BHO\{ba14329e-9550-4989-b3f2-9732e92d17cc} - "Vuze Remote Toolbar" (C:\Program Files\Vuze_Remote\tbVuze.dll)
========================================
C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 1 Fichier(s)
C:\Ad-Report-SCAN[1].txt - 26/03/2011 21:25:24 (8923 Octet(s))
Fin à: 21:28:45, 26/03/2011
============== E.O.F ==============
Je pense que mon pc est infecté par divers adwares. J'ai donc recouru à un scan ad-r.
Quelqu'un peut m'aider à decrypter le log ci-joint ?
Merci d'avance.
======= RAPPORT D'AD-REMOVER 2.0.0.2,F | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 01/03/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 21:24:52 le 26/03/2011, Mode normal
Microsoft Windows 7 Édition Starter (X86)
****@****-PC (Hewlett-Packard HP Mini 210-1000)
============== RECHERCHE ==============
Dossier trouvé: C:\Users\Kamal\AppData\LocalLow\Conduit
Dossier trouvé: C:\Program Files\Conduit
-- Fichier ouvert: C:\Users\Kamal\AppData\Roaming\Mozilla\FireFox\Profiles\o29hn17u.default\Prefs.js --
Ligne trouvée: user_pref("CT2269050.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER...
Ligne trouvée: user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226...
Ligne trouvée: user_pref("CT2504091.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER...
Ligne trouvée: user_pref("CT2504091.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT250...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20...
Ligne trouvée: user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
Ligne trouvée: user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");
Ligne trouvée: user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
Ligne trouvée: user_pref("CommunityToolbar.IsEngineShown", true);
Ligne trouvée: user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Ligne trouvée: user_pref("CommunityToolbar.OriginalEngineOwner", "");
Ligne trouvée: user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "");
Ligne trouvée: user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "");
Ligne trouvée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr...
Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList", "CT2504091,CT2269050");
Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList2", "CT2504091,CT2269050");
Ligne trouvée: user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Sat Mar 26 2011 21:12:37 GMT+00...
Ligne trouvée: user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Ligne trouvée: user_pref("CommunityToolbar.alert.locale", "en");
Ligne trouvée: user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Ligne trouvée: user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sat Mar 26 2011 21:12:29 GMT+0000 (Mar)");
Ligne trouvée: user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1291048634");
Ligne trouvée: user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Ligne trouvée: user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Ligne trouvée: user_pref("CommunityToolbar.alert.showTrayIcon", false);
Ligne trouvée: user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Ligne trouvée: user_pref("CommunityToolbar.alert.userId", "d038ec09-1ee9-4d68-90c1-cf9202cc6456");
Ligne trouvée: user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat Jun 12 2010 12:34:38 GMT+0100");
Ligne trouvée: user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Ligne trouvée: user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
-- Fichier Fermé --
Clé trouvée: HKLM\Software\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Clé trouvée: HKLM\Software\Classes\CLSID\{F42C7B47-5234-4BF5-8882-DAAC0D64870E}
Clé trouvée: HKLM\Software\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870E}
Clé trouvée: HKLM\Software\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7D}
Clé trouvée: HKLM\Software\Classes\DiscoveryHelper.iMesh6Discovery
Clé trouvée: HKLM\Software\Classes\DiscoveryHelper.iMesh6Discovery.1
Clé trouvée: HKLM\Software\Classes\Toolbar.CT2504091
Clé trouvée: HKLM\Software\Conduit
Clé trouvée: HKLM\Software\DataMngr
Clé trouvée: HKCU\Software\Conduit
Clé trouvée: HKCU\Software\AppDataLow\Toolbar
Clé trouvée: HKCU\Software\AppDataLow\Software\Conduit
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E84D42CA-64EB-11DE-A65F-8C3656D89593}
============== SCAN ADDITIONNEL ==============
**** Mozilla Firefox Version [3.6.16 (fr)] ****
Searchplugins\BearShareWebSearch.xml ( hxxp://search.bearshare.com/web?src=ffb&systemid=2&q={searchTerms}/)
-- C:\Users\****\AppData\Roaming\Mozilla\FireFox\Profiles\o29hn17u.default --
Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} (DVDVideoSoft Menu)
Extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} (Vuze Remote Community Toolbar)
Extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca} (Torbutton)
Extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} (DVDVideoSoft Toolbar)
Searchplugins\BearShareWebSearch.xml ( hxxp://search.bearshare.com/web?src=ffb&systemid=2&q={searchTerms}/)
Searchplugins\google-language-fr.xml (?)
Searchplugins\recherche-de-vidos-youtube.xml (?)
Prefs.js - browser.search.defaultenginename, BearShare Web Search
Prefs.js - browser.startup.homepage, hxxp://www.google.fr/
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.16
Prefs.js - keyword.URL, hxxp://search.bearshare.com/web?src=ffb&systemid=2&q=
-- C:\Users\Invité\AppData\Roaming\Mozilla\FireFox\Profiles\k7ush5sy.default --
Extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593} (MediaBar)
Prefs.js - browser.startup.homepage, hxxp://www.google.fr/
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.13
Prefs.js - keyword.URL, hxxp://search.bearshare.com/web?src=ffb&systemid=2&q=
========================================
**** Internet Explorer Version [8.0.7600.16385] ****
HKCU_Main|Default_Page_URL - hxxp://g.uk.msn.com/HPALL/18
HKCU_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Page_URL - hxxp://g.uk.msn.com/HPALL/18
HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Start Page - hxxp://g.uk.msn.com/HPALL/18
HKCU_URLSearchHooks|{ba14329e-9550-4989-b3f2-9732e92d17cc} - "Vuze Remote Toolbar" (C:\Program Files\Vuze_Remote\tbVuze.dll)
HKLM_URLSearchHooks|{ba14329e-9550-4989-b3f2-9732e92d17cc} - "Vuze Remote Toolbar" (C:\Program Files\Vuze_Remote\tbVuze.dll)
HKCU_SearchScopes\{5EE3BC5D-4861-43A0-B3AC-98111B041F72} - "Wikipedia" (hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms})
HKCU_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} - "?" (?)
HKLM_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} - "Web Search" (hxxp://search.bearshare.com/web?src=ieb&systemid=2&q={searchTerms})
HKCU_Toolbar\WebBrowser|{BA14329E-9550-4989-B3F2-9732E92D17CC} (C:\Program Files\Vuze_Remote\tbVuze.dll)
HKLM_Toolbar|{ba14329e-9550-4989-b3f2-9732e92d17cc} (C:\Program Files\Vuze_Remote\tbVuze.dll)
HKLM_ElevationPolicy\aa153483-142a-4275-9a2a-8e7d7fcfbd92 - C:\Program Files\Vuze_Remote\Vuze_RemoteToolbarHelper.exe (?)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\System32\wpcer.exe (x)
HKLM_ElevationPolicy\{08FF730A-494F-4cba-AA0B-E4F1D44715F9} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\symerr.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\System32\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{438214DB-BB3C-4813-89F3-B3757D52B28E} - C:\Program Files\BearShare Applications\BearShare\BearShare.exe (MusicLab, LLC)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{E84D42CA-64EB-11DE-A65F-8C3656D89593} - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\uninstall.exe (x)
HKLM_Extensions\{4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - "PalTalk" (C:\Program Files\Paltalk Messenger\Paltalk.exe,476)
HKLM_Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F} - "@C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015" (C:\Program Files\WIDCOMM\Bluetooth Software\bt_cold_icon.ico)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll)
BHO\{ba14329e-9550-4989-b3f2-9732e92d17cc} - "Vuze Remote Toolbar" (C:\Program Files\Vuze_Remote\tbVuze.dll)
========================================
C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 1 Fichier(s)
C:\Ad-Report-SCAN[1].txt - 26/03/2011 21:25:24 (8923 Octet(s))
Fin à: 21:28:45, 26/03/2011
============== E.O.F ==============
A voir également:
- Rapport Ad-remover
- Pdf watermark remover - Télécharger - PDF
- Ad remover - Télécharger - Antivirus & Antimalwares
- Plan rapport de stage - Guide
- Ad-aware gratuit - Télécharger - Sécurité
- Trojan remover - Télécharger - Antivirus & Antimalwares
24 réponses
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
File/Folder c:\program files\microsoft games\age of empires ii\EBUEULAx.DLL not found.
File/Folder C:\Users\****\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BearShare.lnk not found.
C:\Program Files\BearShare Applications\BearShare\Skins\Images folder moved successfully.
C:\Program Files\BearShare Applications\BearShare\Skins\html\videosview\images folder moved successfully.
C:\Program Files\BearShare Applications\BearShare\Skins\html\videosview folder moved successfully.
C:\Program Files\BearShare Applications\BearShare\Skins\html\images folder moved successfully.
C:\Program Files\BearShare Applications\BearShare\Skins\html\colorschemebubble\images folder moved successfully.
C:\Program Files\BearShare Applications\BearShare\Skins\html\colorschemebubble folder moved successfully.
C:\Program Files\BearShare Applications\BearShare\Skins\html\cdripview folder moved successfully.
C:\Program Files\BearShare Applications\BearShare\Skins\html\artistsview\images folder moved successfully.
C:\Program Files\BearShare Applications\BearShare\Skins\html\artistsview folder moved successfully.
C:\Program Files\BearShare Applications\BearShare\Skins\html\albumsview\images folder moved successfully.
C:\Program Files\BearShare Applications\BearShare\Skins\html\albumsview folder moved successfully.
C:\Program Files\BearShare Applications\BearShare\Skins\html folder moved successfully.
C:\Program Files\BearShare Applications\BearShare\Skins folder moved successfully.
C:\Program Files\BearShare Applications\BearShare\HTML\Images folder moved successfully.
C:\Program Files\BearShare Applications\BearShare\HTML folder moved successfully.
C:\Program Files\BearShare Applications\BearShare folder moved successfully.
C:\Program Files\BearShare Applications folder moved successfully.
C:\ProgramData\BearShare\CreativesFiles folder moved successfully.
C:\ProgramData\BearShare folder moved successfully.
C:\Program Files\Mozilla FireFox\searchplugins\BearShareWebSearch.xml moved successfully.
File/Folder C:\Program Files\Vuze_Remote\tbVuze.dll not found.
Error: Unable to interpret <:Registry> in the current context!
Error: Unable to interpret <[-HKCU\Software\BearShare]> in the current context!
========== COMMANDS ==========
[EMPTYTEMP]
User: ADMINI~1
->Temp folder emptied: 0 bytes
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Invité
->Temp folder emptied: 13359319 bytes
->Temporary Internet Files folder emptied: 41387272 bytes
->Java cache emptied: 10680993 bytes
->FireFox cache emptied: 56893158 bytes
->Flash cache emptied: 4226 bytes
User: Kamal
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 93101647 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 110839477 bytes
->Flash cache emptied: 12278 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 588194 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 312,00 mb
OTM by OldTimer - Version 3.1.17.2 log created on 04012011_191304
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
File/Folder c:\program files\microsoft games\age of empires ii\EBUEULAx.DLL not found.
File/Folder C:\Users\****\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BearShare.lnk not found.
C:\Program Files\BearShare Applications\BearShare\Skins\Images folder moved successfully.
C:\Program Files\BearShare Applications\BearShare\Skins\html\videosview\images folder moved successfully.
C:\Program Files\BearShare Applications\BearShare\Skins\html\videosview folder moved successfully.
C:\Program Files\BearShare Applications\BearShare\Skins\html\images folder moved successfully.
C:\Program Files\BearShare Applications\BearShare\Skins\html\colorschemebubble\images folder moved successfully.
C:\Program Files\BearShare Applications\BearShare\Skins\html\colorschemebubble folder moved successfully.
C:\Program Files\BearShare Applications\BearShare\Skins\html\cdripview folder moved successfully.
C:\Program Files\BearShare Applications\BearShare\Skins\html\artistsview\images folder moved successfully.
C:\Program Files\BearShare Applications\BearShare\Skins\html\artistsview folder moved successfully.
C:\Program Files\BearShare Applications\BearShare\Skins\html\albumsview\images folder moved successfully.
C:\Program Files\BearShare Applications\BearShare\Skins\html\albumsview folder moved successfully.
C:\Program Files\BearShare Applications\BearShare\Skins\html folder moved successfully.
C:\Program Files\BearShare Applications\BearShare\Skins folder moved successfully.
C:\Program Files\BearShare Applications\BearShare\HTML\Images folder moved successfully.
C:\Program Files\BearShare Applications\BearShare\HTML folder moved successfully.
C:\Program Files\BearShare Applications\BearShare folder moved successfully.
C:\Program Files\BearShare Applications folder moved successfully.
C:\ProgramData\BearShare\CreativesFiles folder moved successfully.
C:\ProgramData\BearShare folder moved successfully.
C:\Program Files\Mozilla FireFox\searchplugins\BearShareWebSearch.xml moved successfully.
File/Folder C:\Program Files\Vuze_Remote\tbVuze.dll not found.
Error: Unable to interpret <:Registry> in the current context!
Error: Unable to interpret <[-HKCU\Software\BearShare]> in the current context!
========== COMMANDS ==========
[EMPTYTEMP]
User: ADMINI~1
->Temp folder emptied: 0 bytes
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Invité
->Temp folder emptied: 13359319 bytes
->Temporary Internet Files folder emptied: 41387272 bytes
->Java cache emptied: 10680993 bytes
->FireFox cache emptied: 56893158 bytes
->Flash cache emptied: 4226 bytes
User: Kamal
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 93101647 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 110839477 bytes
->Flash cache emptied: 12278 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 588194 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 312,00 mb
OTM by OldTimer - Version 3.1.17.2 log created on 04012011_191304
à part que j'ai confondu une commande avec un autre outil :P
on va mettre ça sur le dos de la fatigue hein :P
il a enfin dégagé ! refais zhpdiag pour voir maintenant ^^
on va mettre ça sur le dos de la fatigue hein :P
il a enfin dégagé ! refais zhpdiag pour voir maintenant ^^
voila le dernier ZHPdiag j'espère : http://www.cijoint.fr/cjlink.php?file=cj201104/cij9SM5LpT.txt
merci pr tout :D
merci pr tout :D
▶ Copie tout le texte présent dans la balise code ci-dessous ( tu le sélectionnes avec ta souris / Clique droit dessus et choisis "copier" ou fait Ctrl+C )
▶ Puis Lance ZHPFix depuis le raccourci du bureau .
▶ Une fois l'outil ZHPFix ouvert , clique sur le bouton [ H ] ( "coller les lignes Helper" ) .
▶ Dans l'encadré principal tu verras donc les lignes que tu as copié précédemment apparaitrent .
▶ Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.
▶ Clique sur le bouton « GO » pour lancer le nettoyage
▶ Copie/Colle le rapport à l'écran dans ton prochain message
▶ (le rapport se trouve aussi dans le dossier de zhpdiag dans program files sous le nom de ZHPFixReport.txt)
▶ Redémarre ton ordinateur, refais une analyse avec ZHPDiag et héberge son rapport
M3 - MFPP: Plugins - [****] -- C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\o29hn17u.default\searchplugins\BearShareWebSearch.xml
O4 - Global Startup: C:\Users\****\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BearShare.lnk . (...) -- C:\Program Files\BearShare Applications\BearShare\BearShare.exe (.not file.)
O42 - Logiciel: BearShare - (.Musiclab, LLC.) [HKLM] -- BearShare
O42 - Logiciel: BearShare - (.Musiclab, LLC.) [HKLM] -- {5F624839-947D-46EA-BD63-FD847C1AC6F1}
[HKCU\Software\BearShare]
[HKCR\imweb.imwebcontrol]
▶ Puis Lance ZHPFix depuis le raccourci du bureau .
▶ Une fois l'outil ZHPFix ouvert , clique sur le bouton [ H ] ( "coller les lignes Helper" ) .
▶ Dans l'encadré principal tu verras donc les lignes que tu as copié précédemment apparaitrent .
▶ Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.
▶ Clique sur le bouton « GO » pour lancer le nettoyage
▶ Copie/Colle le rapport à l'écran dans ton prochain message
▶ (le rapport se trouve aussi dans le dossier de zhpdiag dans program files sous le nom de ZHPFixReport.txt)
▶ Redémarre ton ordinateur, refais une analyse avec ZHPDiag et héberge son rapport
