SWEETIM
Fermé
klod
-
13 sept. 2008 à 01:06
sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012 - 14 sept. 2008 à 14:22
sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012 - 14 sept. 2008 à 14:22
6 réponses
re,
J'ai fais ce que tu m'a dis et il semblerait que les deux programmes de sweetim aient été "moved with succesfull.
Quand au rapport sur le log....je n'arrive pas a l'avoir (" C:\OTMoveIt\MovedFiles.) Je vais encore essayer.
J'ai fais ce que tu m'a dis et il semblerait que les deux programmes de sweetim aient été "moved with succesfull.
Quand au rapport sur le log....je n'arrive pas a l'avoir (" C:\OTMoveIt\MovedFiles.) Je vais encore essayer.
sKe69
Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
463
13 sept. 2008 à 01:10
13 sept. 2008 à 01:10
Salut,
protocole à suivre pour Windows Vista :
*Désactiver le contrôle des comptes utilisateurs ou UAC (le réactiver seulement à la fin de la désinfection) :
Aller dans "démarrer" puis "panneau de configuration" :
--->Sur la droite de la fenêtre , cliques sur " affichage classique "
--->Double-Cliquer sur l'icône "Comptes d'utilisateurs"
--->Cliquer ensuite sur "Activer ou désactiver le contrôle ..." .
--->Décocher la case "utlisiser le contrôle ..." et cliquer sur OK .
Puis redémarrer le PC quand il le vous saura demandé ...
Tuto : https://forum.malekal.com/viewtopic.php?f=59&t=6517
* Important :
Pour installer ou pour lancer les outils, que tu utiliseras au court de la désinfection, fait toujours ainsi :
cliques DROIT ( sur le setup d'installe ou l'outil )-> choisis " Exécuter entant qu'administrateur " .
Fais ce-ci systématiquement ! ...
===========================
Ensuite fais ceci :
Télécharges et installes le logiciel HijackThis :
ici ftp://ftp.commentcamarche.com/download/HJTInstall.exe
ou ici http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
ou ici https://www.clubic.com/telecharger-fiche17891-hijackthis.html
1- Cliques sur le setup pour lancer l'installe : laisses toi guider et ne modifies pas les paramètres d'installation .
A la fin de l'installe , le prg ce lance automatiquement : fermes le en cliquant sur la croix rouge .
Au final, tu dois avoir un raccourci sur ton bureau et aussi un cheminement comme :
"C:\ program files\Trend Micro\HijackThis\HijackThis.exe " .
tuto pour utilisation :
Regardes ici, c'est parfaitement expliqué en images (merci balltrap34),
http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm
( Ne fixes encore AUCUNE ligne, cela pourrait empêcher ton PC de fonctionner correctement )
2- !! Déconnectes toi et fermes toute tes applications en cours !!
Cliques sur le raccourci du bureau pour lancer le prg :
fais un scan HijackThis en cliquant sur : "Do a system scan and save a logfile"
---> Postes le rapport généré pour analyse ...
protocole à suivre pour Windows Vista :
*Désactiver le contrôle des comptes utilisateurs ou UAC (le réactiver seulement à la fin de la désinfection) :
Aller dans "démarrer" puis "panneau de configuration" :
--->Sur la droite de la fenêtre , cliques sur " affichage classique "
--->Double-Cliquer sur l'icône "Comptes d'utilisateurs"
--->Cliquer ensuite sur "Activer ou désactiver le contrôle ..." .
--->Décocher la case "utlisiser le contrôle ..." et cliquer sur OK .
Puis redémarrer le PC quand il le vous saura demandé ...
Tuto : https://forum.malekal.com/viewtopic.php?f=59&t=6517
* Important :
Pour installer ou pour lancer les outils, que tu utiliseras au court de la désinfection, fait toujours ainsi :
cliques DROIT ( sur le setup d'installe ou l'outil )-> choisis " Exécuter entant qu'administrateur " .
Fais ce-ci systématiquement ! ...
===========================
Ensuite fais ceci :
Télécharges et installes le logiciel HijackThis :
ici ftp://ftp.commentcamarche.com/download/HJTInstall.exe
ou ici http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
ou ici https://www.clubic.com/telecharger-fiche17891-hijackthis.html
1- Cliques sur le setup pour lancer l'installe : laisses toi guider et ne modifies pas les paramètres d'installation .
A la fin de l'installe , le prg ce lance automatiquement : fermes le en cliquant sur la croix rouge .
Au final, tu dois avoir un raccourci sur ton bureau et aussi un cheminement comme :
"C:\ program files\Trend Micro\HijackThis\HijackThis.exe " .
tuto pour utilisation :
Regardes ici, c'est parfaitement expliqué en images (merci balltrap34),
http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm
( Ne fixes encore AUCUNE ligne, cela pourrait empêcher ton PC de fonctionner correctement )
2- !! Déconnectes toi et fermes toute tes applications en cours !!
Cliques sur le raccourci du bureau pour lancer le prg :
fais un scan HijackThis en cliquant sur : "Do a system scan and save a logfile"
---> Postes le rapport généré pour analyse ...
bonsoir ske69 merci de ton aide ,voici le rapport.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:30:02, on 13/09/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Surcouf\Lanceur\SurcoufLanceur.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AppSurcouf] C:\Surcouf\Lanceur\SurcoufLanceur.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:30:02, on 13/09/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Surcouf\Lanceur\SurcoufLanceur.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AppSurcouf] C:\Surcouf\Lanceur\SurcoufLanceur.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
sKe69
Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
463
13 sept. 2008 à 02:11
13 sept. 2008 à 02:11
Bien ...
Télécharges Ad-remover ( de Cyrildu17 / C_XX ) sur ton bureau ( et pas ailleurs!) :
http://sd-1.archive-host.com/membres/up/197122637410686155/AD-R.zip
! Déconnectes toi et fermes toutes applications en cours !
* Dézippe-le (= cliques droit -> ' extraire tout ' sur ton bureau ... )
* ouvres le dossier "AD-R" , puis le dossier "AD-Remover" : double clique sur Ad-remover.bat pour lancer l'outil .
* Au menu principal choisi l'option "A" et laisses faire ...
--> Postes le rapport qui apparait à la fin .
( le rapport est sauvegardé aussi sous C:\Ad-report.log )
(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Note :
"Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
Télécharges Ad-remover ( de Cyrildu17 / C_XX ) sur ton bureau ( et pas ailleurs!) :
http://sd-1.archive-host.com/membres/up/197122637410686155/AD-R.zip
! Déconnectes toi et fermes toutes applications en cours !
* Dézippe-le (= cliques droit -> ' extraire tout ' sur ton bureau ... )
* ouvres le dossier "AD-R" , puis le dossier "AD-Remover" : double clique sur Ad-remover.bat pour lancer l'outil .
* Au menu principal choisi l'option "A" et laisses faire ...
--> Postes le rapport qui apparait à la fin .
( le rapport est sauvegardé aussi sous C:\Ad-report.log )
(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Note :
"Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
sKe69
Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
463
13 sept. 2008 à 02:28
13 sept. 2008 à 02:28
re,
Si tu n'as pas de prg pour dézipper , fais ce qui suit :
Télécharges et installes 7-Zip ( gratuit ) :
http://www.commentcamarche.net/telecharger/telecharger 91 7zip
ensuite tu cliques droit sur AD-R.zip qui est sur ton bureau .
-> tu choisis "7-zip" -> " extraire ici "
Ensuite reprends la manipe à :
* ouvres le dossier "AD-R" ......
Si tu n'as pas de prg pour dézipper , fais ce qui suit :
Télécharges et installes 7-Zip ( gratuit ) :
http://www.commentcamarche.net/telecharger/telecharger 91 7zip
ensuite tu cliques droit sur AD-R.zip qui est sur ton bureau .
-> tu choisis "7-zip" -> " extraire ici "
Ensuite reprends la manipe à :
* ouvres le dossier "AD-R" ......
klod
>
sKe69
Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
13 sept. 2008 à 02:39
13 sept. 2008 à 02:39
j'ai placer ad-remouver bat puis j'essaye de l'ouvrir mais il me donne : ERROR TOOLS avec une fenetre rouge et un curser qui clignote.
klod
>
sKe69
Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
13 sept. 2008 à 02:59
13 sept. 2008 à 02:59
voici le scond scan...
--------- AD-Remover 1.0.1.3 by C_XX ---------
START at: 2:56:56 | 13/09/2008
ON: Windows_NT (Windows Vista)
OPTION: Scan
INSTALL LOCATION: C:\Users\KLOD\Desktop\Ad-remover\AD-Remover.bat
USER: KLOD | PC: PC-DE-KLOD
BOOT MODE: Normal
UAC is disable
DRIVE(S): C:\ F:\
--------- [ PROCESSES ] ---------
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\winlogon.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\ATK Hotkey\ASLDRSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\StkCSrv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Surcouf\Lanceur\SurcoufLanceur.exe
C:\Program Files\ATK Hotkey\Hcontrol.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\ATK Hotkey\ATKOSD.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\WScript.exe
C:\Windows\system32\wbem\wmiprvse.exe
------------------------ [ 63 ]
>>>>>>>>>>>>>>>> CHECKING SERVICES
>>>>>>>>>>>>>>>> REGISTRY
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\SweetIM"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CFA9C824-A778-47EB-90CD-BB4DB82CF348}"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83FA27D5-25B5-4D24-B796-DF742F08A5CF}"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D19F074C042AD34BAB463D4175A062E"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E337925F629CF4C4FB08F3D9674DD839"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5D72AF385B5242D47B69FD47F2805AFC"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\428C9AFC877ABE7409DCBBD48BC23F84"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run" /v "SweetIM"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{EEE6C35B-6118-11DC-9C72-001320C79847}"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\5D72AF385B5242D47B69FD47F2805AFC"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\428C9AFC877ABE7409DCBBD48BC23F84"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}"
Found ! - "HKEY_CURRENT_USER\Software\SweetIM"
Found ! - "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}"
Found ! - "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}"
Found ! - "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}"
Found ! - "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks" /v "{EEE6C35D-6118-11DC-9C72-001320C79847}"
Found ! - "HKEY_CLASSES_ROOT\SWEETIE.IEToolbar"
Found ! - "HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1"
Found ! - "HKEY_CLASSES_ROOT\SWEETIE.SWEETIE"
Found ! - "HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3"
Found ! - "HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook"
Found ! - "HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1"
Found ! - "HKEY_CLASSES_ROOT\Toolbar3.SWEETIE"
Found ! - "HKEY_CLASSES_ROOT\Toolbar3.SWEETIE.1"
Found ! - "HKEY_CLASSES_ROOT\MgMediaPlayer.GifAnimator"
Found ! - "HKEY_CLASSES_ROOT\MgMediaPlayer.GifAnimator.1"
Found ! - "HKEY_CLASSES_ROOT\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}"
Found ! - "HKEY_CLASSES_ROOT\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}"
Found ! - "HKEY_CLASSES_ROOT\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}"
Found ! - "HKEY_CLASSES_ROOT\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}"
Found ! - "HKEY_CLASSES_ROOT\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}"
Found ! - "HKEY_CLASSES_ROOT\Typelib\{EEE6C35E-6118-11DC-9C72-001320C79847}"
Found ! - "HKEY_CLASSES_ROOT\Typelib\{EEE6C35F-6118-11DC-9C72-001320C79847}"
Found ! - "HKEY_CLASSES_ROOT\Installer\Features\5D72AF385B5242D47B69FD47F2805AFC"
Found ! - "HKEY_CLASSES_ROOT\Installer\Features\428C9AFC877ABE7409DCBBD48BC23F84"
Found ! - "HKEY_CLASSES_ROOT\Installer\Features\5D72AF385B5242D47B69FD47F2805AFC"
Found ! - "HKEY_CLASSES_ROOT\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0"
Found ! - "HKEY_CLASSES_ROOT\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632"
>>>>>>>>>>>>>>>> FILES\FOLDERS
Found ! - "C:\Windows\PFRO.log"
Found ! - "C:\Program Files\SweetIM"
Found ! - "C:\ProgramData\SweetIM"
Found ! - "C:\Users\KLOD\AppData\LocalLow\SweetIM"
Found ! - "C:\Users\KLOD\AppData\Roaming\Mozilla\Firefox\Profiles\fnw6x95c.default\searchplugins\sweetim.xml"
Found ! - "C:\Users\KLOD\AppData\Roaming\Mozilla\Firefox\Profiles\fnw6x95c.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}"
Found ! - "C:\Users\KLOD\AppData\Roaming\Mozilla\Firefox\Profiles\fnw6x95c.default\SweetIMToolbarData"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\{CFA9C824-A778-47EB-90CD-BB4DB82CF348}"
Found ! - "C:\Windows\Prefetch\SWEETIESETUP.EXE-D69BE5BA.pf"
Found ! - "C:\Windows\Prefetch\SWEETIM.EXE-0DF1063E.pf"
Found ! - "C:\Windows\Prefetch\SWEETIMSETUP[1].EXE-384844BB.pf"
Found ! - "C:\Windows\Prefetch\VISTACOOKIESCOLLECTOR.EXE-705F77DE.pf"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\7zS280.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\bye258C.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\bye8F55.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\byeE477.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\byeF289.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\byeF6DD.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\DMI8FA1.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\DMIBDD2.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\IEC4A39.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\isp236.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\isp98EB.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\plugtmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\RASCF02.tmp.htm"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\SET78F6.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\sim1103.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\sim7AB.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\simCC9C.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\simD00.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR232.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR271.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR2B4.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR2D7.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR2FA.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR31D.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR361.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR393.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR712E.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR716D.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR7181.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR71B3.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR71E6.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR725B.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR7280.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR820.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR84F.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR874.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR896.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR8B8.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR8EC.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR90F.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR932.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\~DF1F25.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\~DF1F4E.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\~DF5AC1.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\~DFEAD2.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\drmtemp00F2A8FF.htm"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\drmtemp00F2D128.htm"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\Temp1_livingstone.zip"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\Temp1_wooden_nickel_black.zip"
Found ! - "C:\Windows\temp\DMI68C0.tmp"
Found ! - "C:\Windows\temp\DMI69F8.tmp"
Found ! - "C:\Windows\temp\DMIDAC4.tmp"
Found ! - "C:\Windows\temp\DMIE6E4.tmp"
Found ! - "C:\Windows\temp\DMIE80D.tmp"
Found ! - "C:\Windows\temp\DMIEADA.tmp"
+---- Scanning prefs.js ... ( # Mozilla User Preferences ) ----+
\...\fnw6x95c.default\prefs.js :
Found ! -> user_pref("browser.search.defaultenginename", "SweetIM Search");
Found ! -> user_pref("browser.search.defaulturl", "https://search.sweetim.com/search.asp?src=2&q=");
Found ! -> user_pref("browser.search.selectedEngine", "SweetIM Search");
Found ! -> user_pref("browser.startup.homepage", "https://home.sweetim.com/");
Found ! -> user_pref("keyword.URL", "https://search.sweetim.com/search.asp?src=2&q=");
Found ! -> user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Found ! -> user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Found ! -> user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Found ! -> user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Found ! -> user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Found ! -> user_pref("sweetim.toolbar.mode.debug", "false");
Found ! -> user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"http://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"https://search.yahoo.com/*\" param=\"p=\" /><EXTERNAL_SEARCH engine=\"http://search.sweetim.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"http://*.live.*/*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"http://*youtube.com/\" param=\"search_query=\" /><EXTERNAL_SEARCH engine=\"http://*.ebay.*/search/*\" param=\"satitle=\" /><EXTERNAL_SEARCH engine=\"http://*.amazon.com/s/*\" param=\"field-keywords=\" /></TOOLBAR>");
Found ! -> user_pref("sweetim.toolbar.search.history.capacity", "10");
Found ! -> user_pref("sweetim.toolbar.simapp_id", "{31361222-5B75-4045-8161-D4443657A32C}");
Found ! -> user_pref("sweetim.toolbar.version", "1.0.0.3");
+--------------------------------------------------------------+
>>>>>>>>>>>>>>>> [ EOF - 266 lines ]
[ END at: 2:57:13 | 13/09/2008 ] - [ Time elapsed: 16.3 seconds ]
--------- AD-Remover 1.0.1.3 by C_XX ---------
START at: 2:56:56 | 13/09/2008
ON: Windows_NT (Windows Vista)
OPTION: Scan
INSTALL LOCATION: C:\Users\KLOD\Desktop\Ad-remover\AD-Remover.bat
USER: KLOD | PC: PC-DE-KLOD
BOOT MODE: Normal
UAC is disable
DRIVE(S): C:\ F:\
--------- [ PROCESSES ] ---------
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\winlogon.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\ATK Hotkey\ASLDRSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\StkCSrv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Surcouf\Lanceur\SurcoufLanceur.exe
C:\Program Files\ATK Hotkey\Hcontrol.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\ATK Hotkey\ATKOSD.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\WScript.exe
C:\Windows\system32\wbem\wmiprvse.exe
------------------------ [ 63 ]
>>>>>>>>>>>>>>>> CHECKING SERVICES
>>>>>>>>>>>>>>>> REGISTRY
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\SweetIM"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CFA9C824-A778-47EB-90CD-BB4DB82CF348}"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83FA27D5-25B5-4D24-B796-DF742F08A5CF}"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D19F074C042AD34BAB463D4175A062E"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E337925F629CF4C4FB08F3D9674DD839"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5D72AF385B5242D47B69FD47F2805AFC"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\428C9AFC877ABE7409DCBBD48BC23F84"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run" /v "SweetIM"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{EEE6C35B-6118-11DC-9C72-001320C79847}"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\5D72AF385B5242D47B69FD47F2805AFC"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\428C9AFC877ABE7409DCBBD48BC23F84"
Found ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}"
Found ! - "HKEY_CURRENT_USER\Software\SweetIM"
Found ! - "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}"
Found ! - "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}"
Found ! - "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}"
Found ! - "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks" /v "{EEE6C35D-6118-11DC-9C72-001320C79847}"
Found ! - "HKEY_CLASSES_ROOT\SWEETIE.IEToolbar"
Found ! - "HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1"
Found ! - "HKEY_CLASSES_ROOT\SWEETIE.SWEETIE"
Found ! - "HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3"
Found ! - "HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook"
Found ! - "HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1"
Found ! - "HKEY_CLASSES_ROOT\Toolbar3.SWEETIE"
Found ! - "HKEY_CLASSES_ROOT\Toolbar3.SWEETIE.1"
Found ! - "HKEY_CLASSES_ROOT\MgMediaPlayer.GifAnimator"
Found ! - "HKEY_CLASSES_ROOT\MgMediaPlayer.GifAnimator.1"
Found ! - "HKEY_CLASSES_ROOT\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}"
Found ! - "HKEY_CLASSES_ROOT\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}"
Found ! - "HKEY_CLASSES_ROOT\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}"
Found ! - "HKEY_CLASSES_ROOT\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}"
Found ! - "HKEY_CLASSES_ROOT\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}"
Found ! - "HKEY_CLASSES_ROOT\Typelib\{EEE6C35E-6118-11DC-9C72-001320C79847}"
Found ! - "HKEY_CLASSES_ROOT\Typelib\{EEE6C35F-6118-11DC-9C72-001320C79847}"
Found ! - "HKEY_CLASSES_ROOT\Installer\Features\5D72AF385B5242D47B69FD47F2805AFC"
Found ! - "HKEY_CLASSES_ROOT\Installer\Features\428C9AFC877ABE7409DCBBD48BC23F84"
Found ! - "HKEY_CLASSES_ROOT\Installer\Features\5D72AF385B5242D47B69FD47F2805AFC"
Found ! - "HKEY_CLASSES_ROOT\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0"
Found ! - "HKEY_CLASSES_ROOT\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632"
>>>>>>>>>>>>>>>> FILES\FOLDERS
Found ! - "C:\Windows\PFRO.log"
Found ! - "C:\Program Files\SweetIM"
Found ! - "C:\ProgramData\SweetIM"
Found ! - "C:\Users\KLOD\AppData\LocalLow\SweetIM"
Found ! - "C:\Users\KLOD\AppData\Roaming\Mozilla\Firefox\Profiles\fnw6x95c.default\searchplugins\sweetim.xml"
Found ! - "C:\Users\KLOD\AppData\Roaming\Mozilla\Firefox\Profiles\fnw6x95c.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}"
Found ! - "C:\Users\KLOD\AppData\Roaming\Mozilla\Firefox\Profiles\fnw6x95c.default\SweetIMToolbarData"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\{CFA9C824-A778-47EB-90CD-BB4DB82CF348}"
Found ! - "C:\Windows\Prefetch\SWEETIESETUP.EXE-D69BE5BA.pf"
Found ! - "C:\Windows\Prefetch\SWEETIM.EXE-0DF1063E.pf"
Found ! - "C:\Windows\Prefetch\SWEETIMSETUP[1].EXE-384844BB.pf"
Found ! - "C:\Windows\Prefetch\VISTACOOKIESCOLLECTOR.EXE-705F77DE.pf"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\7zS280.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\bye258C.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\bye8F55.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\byeE477.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\byeF289.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\byeF6DD.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\DMI8FA1.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\DMIBDD2.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\IEC4A39.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\isp236.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\isp98EB.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\plugtmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\RASCF02.tmp.htm"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\SET78F6.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\sim1103.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\sim7AB.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\simCC9C.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\simD00.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR232.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR271.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR2B4.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR2D7.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR2FA.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR31D.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR361.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR393.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR712E.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR716D.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR7181.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR71B3.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR71E6.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR725B.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR7280.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR820.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR84F.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR874.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR896.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR8B8.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR8EC.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR90F.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\TFR932.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\~DF1F25.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\~DF1F4E.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\~DF5AC1.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\~DFEAD2.tmp"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\drmtemp00F2A8FF.htm"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\drmtemp00F2D128.htm"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\Temp1_livingstone.zip"
Found ! - "C:\Users\KLOD\AppData\Local\Temp\Temp1_wooden_nickel_black.zip"
Found ! - "C:\Windows\temp\DMI68C0.tmp"
Found ! - "C:\Windows\temp\DMI69F8.tmp"
Found ! - "C:\Windows\temp\DMIDAC4.tmp"
Found ! - "C:\Windows\temp\DMIE6E4.tmp"
Found ! - "C:\Windows\temp\DMIE80D.tmp"
Found ! - "C:\Windows\temp\DMIEADA.tmp"
+---- Scanning prefs.js ... ( # Mozilla User Preferences ) ----+
\...\fnw6x95c.default\prefs.js :
Found ! -> user_pref("browser.search.defaultenginename", "SweetIM Search");
Found ! -> user_pref("browser.search.defaulturl", "https://search.sweetim.com/search.asp?src=2&q=");
Found ! -> user_pref("browser.search.selectedEngine", "SweetIM Search");
Found ! -> user_pref("browser.startup.homepage", "https://home.sweetim.com/");
Found ! -> user_pref("keyword.URL", "https://search.sweetim.com/search.asp?src=2&q=");
Found ! -> user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Found ! -> user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Found ! -> user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Found ! -> user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Found ! -> user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Found ! -> user_pref("sweetim.toolbar.mode.debug", "false");
Found ! -> user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"http://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"https://search.yahoo.com/*\" param=\"p=\" /><EXTERNAL_SEARCH engine=\"http://search.sweetim.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"http://*.live.*/*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"http://*youtube.com/\" param=\"search_query=\" /><EXTERNAL_SEARCH engine=\"http://*.ebay.*/search/*\" param=\"satitle=\" /><EXTERNAL_SEARCH engine=\"http://*.amazon.com/s/*\" param=\"field-keywords=\" /></TOOLBAR>");
Found ! -> user_pref("sweetim.toolbar.search.history.capacity", "10");
Found ! -> user_pref("sweetim.toolbar.simapp_id", "{31361222-5B75-4045-8161-D4443657A32C}");
Found ! -> user_pref("sweetim.toolbar.version", "1.0.0.3");
+--------------------------------------------------------------+
>>>>>>>>>>>>>>>> [ EOF - 266 lines ]
[ END at: 2:57:13 | 13/09/2008 ] - [ Time elapsed: 16.3 seconds ]
klod
>
sKe69
Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
13 sept. 2008 à 03:32
13 sept. 2008 à 03:32
salut ske69 , je te remercie beaucoup pour tes renseignements et je sais que les manipes ne sont pas terminées mais la il faut vraiment que je dorme un peut.Je reprendrai demain si tu me laisse des indications . Bonne nuit :)
ps : c'est genial d'aider les autres ainsi, merci a tous
@+
ps : c'est genial d'aider les autres ainsi, merci a tous
@+
sKe69
Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
463
13 sept. 2008 à 09:49
13 sept. 2008 à 09:49
Salut,
La suite ,
Nettoyage AD-Remover :
! Déconnectes toi et fermes toutes applications en cours !
* Relances "Ad-remover" : au menu principal choisi l'option "B" .
--> le programme va travailler ...
* Postes le rapport qui apparait à la fin + un nouvel Hijackthis pour analyse ...
( le rapport est sauvegardé aussi sous C:\Ad-report.log )
/!\ Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides) /!\
La suite ,
Nettoyage AD-Remover :
! Déconnectes toi et fermes toutes applications en cours !
* Relances "Ad-remover" : au menu principal choisi l'option "B" .
--> le programme va travailler ...
* Postes le rapport qui apparait à la fin + un nouvel Hijackthis pour analyse ...
( le rapport est sauvegardé aussi sous C:\Ad-report.log )
/!\ Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides) /!\
bonjour Ske 69
voici donc les deux rapports . La page d'acceuil de firefox est revenue ( yes !!! )
--------- AD-Remover 1.0.1.3 by C_XX ---------
START at: 11:28:26 | 13/09/2008
ON: Windows_NT (Windows Vista)
OPTION: Clean
INSTALL LOCATION: C:\Users\KLOD\Desktop\Ad-remover\AD-Remover.bat
USER: KLOD | PC: PC-DE-KLOD
BOOT MODE: Normal
UAC is disable
DRIVE(S): C:\ F:\
--------- [ PROCESSES ] ---------
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\ATK Hotkey\ASLDRSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\StkCSrv.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATK Hotkey\Hcontrol.exe
C:\Surcouf\Lanceur\SurcoufLanceur.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\ATK Hotkey\ATKOSD.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wuauclt.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\cmd.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\WScript.exe
C:\Windows\system32\wbem\wmiprvse.exe
------------------------ [ 63 ]
>>>>>>>>>>>>>>>> CHECKING SERVICES
>>>>>>>>>>>>>>>> REGISTRY
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\SweetIM"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CFA9C824-A778-47EB-90CD-BB4DB82CF348}"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83FA27D5-25B5-4D24-B796-DF742F08A5CF}"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D19F074C042AD34BAB463D4175A062E"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E337925F629CF4C4FB08F3D9674DD839"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5D72AF385B5242D47B69FD47F2805AFC"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\428C9AFC877ABE7409DCBBD48BC23F84"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run" /v "SweetIM"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{EEE6C35B-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\5D72AF385B5242D47B69FD47F2805AFC"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\428C9AFC877ABE7409DCBBD48BC23F84"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}"
Deleted ! - "HKEY_CURRENT_USER\Software\SweetIM"
Deleted ! - "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks" /v "{EEE6C35D-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_CLASSES_ROOT\SWEETIE.IEToolbar"
Deleted ! - "HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1"
Deleted ! - "HKEY_CLASSES_ROOT\SWEETIE.SWEETIE"
Deleted ! - "HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3"
Deleted ! - "HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook"
Deleted ! - "HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1"
Deleted ! - "HKEY_CLASSES_ROOT\Toolbar3.SWEETIE"
Deleted ! - "HKEY_CLASSES_ROOT\Toolbar3.SWEETIE.1"
Deleted ! - "HKEY_CLASSES_ROOT\MgMediaPlayer.GifAnimator"
Deleted ! - "HKEY_CLASSES_ROOT\MgMediaPlayer.GifAnimator.1"
Deleted ! - "HKEY_CLASSES_ROOT\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_CLASSES_ROOT\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_CLASSES_ROOT\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_CLASSES_ROOT\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}"
Deleted ! - "HKEY_CLASSES_ROOT\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}"
Deleted ! - "HKEY_CLASSES_ROOT\Typelib\{EEE6C35E-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_CLASSES_ROOT\Typelib\{EEE6C35F-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_CLASSES_ROOT\Installer\Features\5D72AF385B5242D47B69FD47F2805AFC"
Deleted ! - "HKEY_CLASSES_ROOT\Installer\Features\428C9AFC877ABE7409DCBBD48BC23F84"
Deleted ! - "HKEY_CLASSES_ROOT\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0"
Deleted ! - "HKEY_CLASSES_ROOT\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632"
>>>>>>>>>>>>>>>> FILES\FOLDERS
Deleted ! - "C:\Windows\PFRO.log"
NOT deleted ! - "C:\Program Files\SweetIM"
Deleted ! - "C:\ProgramData\SweetIM"
Deleted ! - "C:\Users\KLOD\AppData\LocalLow\SweetIM"
Deleted ! - "C:\Users\KLOD\AppData\Roaming\Mozilla\Firefox\Profiles\fnw6x95c.default\searchplugins\sweetim.xml"
Deleted ! - "C:\Users\KLOD\AppData\Roaming\Mozilla\Firefox\Profiles\fnw6x95c.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}"
Deleted ! - "C:\Users\KLOD\AppData\Roaming\Mozilla\Firefox\Profiles\fnw6x95c.default\SweetIMToolbarData"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\{CFA9C824-A778-47EB-90CD-BB4DB82CF348}"
Deleted ! - "C:\Windows\Prefetch\SWEETIESETUP.EXE-D69BE5BA.pf"
Deleted ! - "C:\Windows\Prefetch\SWEETIM.EXE-0DF1063E.pf"
Deleted ! - "C:\Windows\Prefetch\SWEETIMSETUP[1].EXE-384844BB.pf"
Deleted ! - "C:\Windows\Prefetch\VISTACOOKIESCOLLECTOR.EXE-705F77DE.pf"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\7zS280.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\bye258C.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\bye8F55.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\byeE477.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\byeF289.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\byeF6DD.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\DMI8FA1.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\DMIBDD2.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\IEC4A39.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\isp236.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\isp98EB.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\plugtmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\RASCF02.tmp.htm"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\SET78F6.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\sim1103.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\sim7AB.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\simCC9C.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\simD00.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR232.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR271.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR2B4.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR2D7.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR2FA.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR31D.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR361.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR393.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR712E.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR716D.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR7181.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR71B3.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR71E6.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR725B.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR7280.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR820.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR84F.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR874.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR896.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR8B8.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR8EC.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR90F.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR932.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\drmtemp00F2A8FF.htm"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\drmtemp00F2D128.htm"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\Temp1_livingstone.zip"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\Temp1_wooden_nickel_black.zip"
Deleted ! - "C:\Windows\temp\DMI68C0.tmp"
Deleted ! - "C:\Windows\temp\DMI69F8.tmp"
Deleted ! - "C:\Windows\temp\DMIDAC4.tmp"
Deleted ! - "C:\Windows\temp\DMIE6E4.tmp"
Deleted ! - "C:\Windows\temp\DMIE80D.tmp"
Deleted ! - "C:\Windows\temp\DMIEADA.tmp"
+---- Scanning prefs.js ... ( # Mozilla User Preferences ) ----+
\...\fnw6x95c.default\prefs.js :
Deleted ! - user_pref("browser.search.defaultenginename", "SweetIM Search");
Deleted ! - user_pref("browser.search.defaulturl", "https://search.sweetim.com/search.asp?src=2&q=");
Deleted ! - user_pref("browser.search.selectedEngine", "SweetIM Search");
Deleted ! - user_pref("browser.startup.homepage", "https://home.sweetim.com/");
Deleted ! - user_pref("keyword.URL", "https://search.sweetim.com/search.asp?src=2&q=");
Deleted ! - user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Deleted ! - user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Deleted ! - user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Deleted ! - user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Deleted ! - user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Deleted ! - user_pref("sweetim.toolbar.mode.debug", "false");
Deleted ! - user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"http://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"https://search.yahoo.com/*\" param=\"p=\" /><EXTERNAL_SEARCH engine=\"http://search.sweetim.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"http://*.live.*/*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"http://*youtube.com/\" param=\"search_query=\" /><EXTERNAL_SEARCH engine=\"http://*.ebay.*/search/*\" param=\"satitle=\" /><EXTERNAL_SEARCH engine=\"http://*.amazon.com/s/*\" param=\"field-keywords=\" /></TOOLBAR>");
Deleted ! - user_pref("sweetim.toolbar.search.history.capacity", "10");
Deleted ! - user_pref("sweetim.toolbar.simapp_id", "{31361222-5B75-4045-8161-D4443657A32C}");
Deleted ! - user_pref("sweetim.toolbar.version", "1.0.0.3");
+--------------------------------------------------------------+
>>>>>>>>>>>>>>>> [ EOF - 263 lines ]
et hightjackthis........
--------- AD-Remover 1.0.1.3 by C_XX ---------
START at: 11:28:26 | 13/09/2008
ON: Windows_NT (Windows Vista)
OPTION: Clean
INSTALL LOCATION: C:\Users\KLOD\Desktop\Ad-remover\AD-Remover.bat
USER: KLOD | PC: PC-DE-KLOD
BOOT MODE: Normal
UAC is disable
DRIVE(S): C:\ F:\
--------- [ PROCESSES ] ---------
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\ATK Hotkey\ASLDRSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\StkCSrv.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATK Hotkey\Hcontrol.exe
C:\Surcouf\Lanceur\SurcoufLanceur.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\ATK Hotkey\ATKOSD.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wuauclt.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\cmd.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\WScript.exe
C:\Windows\system32\wbem\wmiprvse.exe
------------------------ [ 63 ]
>>>>>>>>>>>>>>>> CHECKING SERVICES
>>>>>>>>>>>>>>>> REGISTRY
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\SweetIM"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CFA9C824-A778-47EB-90CD-BB4DB82CF348}"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83FA27D5-25B5-4D24-B796-DF742F08A5CF}"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D19F074C042AD34BAB463D4175A062E"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E337925F629CF4C4FB08F3D9674DD839"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5D72AF385B5242D47B69FD47F2805AFC"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\428C9AFC877ABE7409DCBBD48BC23F84"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run" /v "SweetIM"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{EEE6C35B-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\5D72AF385B5242D47B69FD47F2805AFC"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\428C9AFC877ABE7409DCBBD48BC23F84"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}"
Deleted ! - "HKEY_CURRENT_USER\Software\SweetIM"
Deleted ! - "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks" /v "{EEE6C35D-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_CLASSES_ROOT\SWEETIE.IEToolbar"
Deleted ! - "HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1"
Deleted ! - "HKEY_CLASSES_ROOT\SWEETIE.SWEETIE"
Deleted ! - "HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3"
Deleted ! - "HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook"
Deleted ! - "HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1"
Deleted ! - "HKEY_CLASSES_ROOT\Toolbar3.SWEETIE"
Deleted ! - "HKEY_CLASSES_ROOT\Toolbar3.SWEETIE.1"
Deleted ! - "HKEY_CLASSES_ROOT\MgMediaPlayer.GifAnimator"
Deleted ! - "HKEY_CLASSES_ROOT\MgMediaPlayer.GifAnimator.1"
Deleted ! - "HKEY_CLASSES_ROOT\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_CLASSES_ROOT\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_CLASSES_ROOT\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_CLASSES_ROOT\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}"
Deleted ! - "HKEY_CLASSES_ROOT\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}"
Deleted ! - "HKEY_CLASSES_ROOT\Typelib\{EEE6C35E-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_CLASSES_ROOT\Typelib\{EEE6C35F-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_CLASSES_ROOT\Installer\Features\5D72AF385B5242D47B69FD47F2805AFC"
Deleted ! - "HKEY_CLASSES_ROOT\Installer\Features\428C9AFC877ABE7409DCBBD48BC23F84"
Deleted ! - "HKEY_CLASSES_ROOT\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0"
Deleted ! - "HKEY_CLASSES_ROOT\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632"
>>>>>>>>>>>>>>>> FILES\FOLDERS
Deleted ! - "C:\Windows\PFRO.log"
NOT deleted ! - "C:\Program Files\SweetIM"
Deleted ! - "C:\ProgramData\SweetIM"
Deleted ! - "C:\Users\KLOD\AppData\LocalLow\SweetIM"
Deleted ! - "C:\Users\KLOD\AppData\Roaming\Mozilla\Firefox\Profiles\fnw6x95c.default\searchplugins\sweetim.xml"
Deleted ! - "C:\Users\KLOD\AppData\Roaming\Mozilla\Firefox\Profiles\fnw6x95c.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}"
Deleted ! - "C:\Users\KLOD\AppData\Roaming\Mozilla\Firefox\Profiles\fnw6x95c.default\SweetIMToolbarData"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\{CFA9C824-A778-47EB-90CD-BB4DB82CF348}"
Deleted ! - "C:\Windows\Prefetch\SWEETIESETUP.EXE-D69BE5BA.pf"
Deleted ! - "C:\Windows\Prefetch\SWEETIM.EXE-0DF1063E.pf"
Deleted ! - "C:\Windows\Prefetch\SWEETIMSETUP[1].EXE-384844BB.pf"
Deleted ! - "C:\Windows\Prefetch\VISTACOOKIESCOLLECTOR.EXE-705F77DE.pf"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\7zS280.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\bye258C.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\bye8F55.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\byeE477.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\byeF289.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\byeF6DD.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\DMI8FA1.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\DMIBDD2.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\IEC4A39.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\isp236.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\isp98EB.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\plugtmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\RASCF02.tmp.htm"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\SET78F6.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\sim1103.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\sim7AB.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\simCC9C.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\simD00.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR232.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR271.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR2B4.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR2D7.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR2FA.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR31D.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR361.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR393.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR712E.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR716D.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR7181.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR71B3.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR71E6.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR725B.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR7280.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR820.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR84F.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR874.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR896.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR8B8.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR8EC.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR90F.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR932.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\drmtemp00F2A8FF.htm"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\drmtemp00F2D128.htm"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\Temp1_livingstone.zip"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\Temp1_wooden_nickel_black.zip"
Deleted ! - "C:\Windows\temp\DMI68C0.tmp"
Deleted ! - "C:\Windows\temp\DMI69F8.tmp"
Deleted ! - "C:\Windows\temp\DMIDAC4.tmp"
Deleted ! - "C:\Windows\temp\DMIE6E4.tmp"
Deleted ! - "C:\Windows\temp\DMIE80D.tmp"
Deleted ! - "C:\Windows\temp\DMIEADA.tmp"
+---- Scanning prefs.js ... ( # Mozilla User Preferences ) ----+
\...\fnw6x95c.default\prefs.js :
Deleted ! - user_pref("browser.search.defaultenginename", "SweetIM Search");
Deleted ! - user_pref("browser.search.defaulturl", "https://search.sweetim.com/search.asp?src=2&q=");
Deleted ! - user_pref("browser.search.selectedEngine", "SweetIM Search");
Deleted ! - user_pref("browser.startup.homepage", "https://home.sweetim.com/");
Deleted ! - user_pref("keyword.URL", "https://search.sweetim.com/search.asp?src=2&q=");
Deleted ! - user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Deleted ! - user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Deleted ! - user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Deleted ! - user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Deleted ! - user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Deleted ! - user_pref("sweetim.toolbar.mode.debug", "false");
Deleted ! - user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"http://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"https://search.yahoo.com/*\" param=\"p=\" /><EXTERNAL_SEARCH engine=\"http://search.sweetim.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"http://*.live.*/*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"http://*youtube.com/\" param=\"search_query=\" /><EXTERNAL_SEARCH engine=\"http://*.ebay.*/search/*\" param=\"satitle=\" /><EXTERNAL_SEARCH engine=\"http://*.amazon.com/s/*\" param=\"field-keywords=\" /></TOOLBAR>");
Deleted ! - user_pref("sweetim.toolbar.search.history.capacity", "10");
Deleted ! - user_pref("sweetim.toolbar.simapp_id", "{31361222-5B75-4045-8161-D4443657A32C}");
Deleted ! - user_pref("sweetim.toolbar.version", "1.0.0.3");
+--------------------------------------------------------------+
>>>>>>>>>>>>>>>> [ EOF - 263 lines ]
voici donc les deux rapports . La page d'acceuil de firefox est revenue ( yes !!! )
--------- AD-Remover 1.0.1.3 by C_XX ---------
START at: 11:28:26 | 13/09/2008
ON: Windows_NT (Windows Vista)
OPTION: Clean
INSTALL LOCATION: C:\Users\KLOD\Desktop\Ad-remover\AD-Remover.bat
USER: KLOD | PC: PC-DE-KLOD
BOOT MODE: Normal
UAC is disable
DRIVE(S): C:\ F:\
--------- [ PROCESSES ] ---------
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\ATK Hotkey\ASLDRSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\StkCSrv.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATK Hotkey\Hcontrol.exe
C:\Surcouf\Lanceur\SurcoufLanceur.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\ATK Hotkey\ATKOSD.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wuauclt.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\cmd.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\WScript.exe
C:\Windows\system32\wbem\wmiprvse.exe
------------------------ [ 63 ]
>>>>>>>>>>>>>>>> CHECKING SERVICES
>>>>>>>>>>>>>>>> REGISTRY
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\SweetIM"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CFA9C824-A778-47EB-90CD-BB4DB82CF348}"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83FA27D5-25B5-4D24-B796-DF742F08A5CF}"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D19F074C042AD34BAB463D4175A062E"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E337925F629CF4C4FB08F3D9674DD839"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5D72AF385B5242D47B69FD47F2805AFC"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\428C9AFC877ABE7409DCBBD48BC23F84"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run" /v "SweetIM"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{EEE6C35B-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\5D72AF385B5242D47B69FD47F2805AFC"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\428C9AFC877ABE7409DCBBD48BC23F84"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}"
Deleted ! - "HKEY_CURRENT_USER\Software\SweetIM"
Deleted ! - "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks" /v "{EEE6C35D-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_CLASSES_ROOT\SWEETIE.IEToolbar"
Deleted ! - "HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1"
Deleted ! - "HKEY_CLASSES_ROOT\SWEETIE.SWEETIE"
Deleted ! - "HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3"
Deleted ! - "HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook"
Deleted ! - "HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1"
Deleted ! - "HKEY_CLASSES_ROOT\Toolbar3.SWEETIE"
Deleted ! - "HKEY_CLASSES_ROOT\Toolbar3.SWEETIE.1"
Deleted ! - "HKEY_CLASSES_ROOT\MgMediaPlayer.GifAnimator"
Deleted ! - "HKEY_CLASSES_ROOT\MgMediaPlayer.GifAnimator.1"
Deleted ! - "HKEY_CLASSES_ROOT\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_CLASSES_ROOT\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_CLASSES_ROOT\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_CLASSES_ROOT\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}"
Deleted ! - "HKEY_CLASSES_ROOT\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}"
Deleted ! - "HKEY_CLASSES_ROOT\Typelib\{EEE6C35E-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_CLASSES_ROOT\Typelib\{EEE6C35F-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_CLASSES_ROOT\Installer\Features\5D72AF385B5242D47B69FD47F2805AFC"
Deleted ! - "HKEY_CLASSES_ROOT\Installer\Features\428C9AFC877ABE7409DCBBD48BC23F84"
Deleted ! - "HKEY_CLASSES_ROOT\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0"
Deleted ! - "HKEY_CLASSES_ROOT\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632"
>>>>>>>>>>>>>>>> FILES\FOLDERS
Deleted ! - "C:\Windows\PFRO.log"
NOT deleted ! - "C:\Program Files\SweetIM"
Deleted ! - "C:\ProgramData\SweetIM"
Deleted ! - "C:\Users\KLOD\AppData\LocalLow\SweetIM"
Deleted ! - "C:\Users\KLOD\AppData\Roaming\Mozilla\Firefox\Profiles\fnw6x95c.default\searchplugins\sweetim.xml"
Deleted ! - "C:\Users\KLOD\AppData\Roaming\Mozilla\Firefox\Profiles\fnw6x95c.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}"
Deleted ! - "C:\Users\KLOD\AppData\Roaming\Mozilla\Firefox\Profiles\fnw6x95c.default\SweetIMToolbarData"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\{CFA9C824-A778-47EB-90CD-BB4DB82CF348}"
Deleted ! - "C:\Windows\Prefetch\SWEETIESETUP.EXE-D69BE5BA.pf"
Deleted ! - "C:\Windows\Prefetch\SWEETIM.EXE-0DF1063E.pf"
Deleted ! - "C:\Windows\Prefetch\SWEETIMSETUP[1].EXE-384844BB.pf"
Deleted ! - "C:\Windows\Prefetch\VISTACOOKIESCOLLECTOR.EXE-705F77DE.pf"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\7zS280.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\bye258C.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\bye8F55.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\byeE477.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\byeF289.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\byeF6DD.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\DMI8FA1.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\DMIBDD2.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\IEC4A39.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\isp236.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\isp98EB.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\plugtmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\RASCF02.tmp.htm"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\SET78F6.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\sim1103.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\sim7AB.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\simCC9C.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\simD00.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR232.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR271.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR2B4.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR2D7.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR2FA.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR31D.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR361.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR393.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR712E.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR716D.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR7181.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR71B3.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR71E6.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR725B.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR7280.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR820.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR84F.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR874.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR896.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR8B8.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR8EC.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR90F.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR932.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\drmtemp00F2A8FF.htm"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\drmtemp00F2D128.htm"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\Temp1_livingstone.zip"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\Temp1_wooden_nickel_black.zip"
Deleted ! - "C:\Windows\temp\DMI68C0.tmp"
Deleted ! - "C:\Windows\temp\DMI69F8.tmp"
Deleted ! - "C:\Windows\temp\DMIDAC4.tmp"
Deleted ! - "C:\Windows\temp\DMIE6E4.tmp"
Deleted ! - "C:\Windows\temp\DMIE80D.tmp"
Deleted ! - "C:\Windows\temp\DMIEADA.tmp"
+---- Scanning prefs.js ... ( # Mozilla User Preferences ) ----+
\...\fnw6x95c.default\prefs.js :
Deleted ! - user_pref("browser.search.defaultenginename", "SweetIM Search");
Deleted ! - user_pref("browser.search.defaulturl", "https://search.sweetim.com/search.asp?src=2&q=");
Deleted ! - user_pref("browser.search.selectedEngine", "SweetIM Search");
Deleted ! - user_pref("browser.startup.homepage", "https://home.sweetim.com/");
Deleted ! - user_pref("keyword.URL", "https://search.sweetim.com/search.asp?src=2&q=");
Deleted ! - user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Deleted ! - user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Deleted ! - user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Deleted ! - user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Deleted ! - user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Deleted ! - user_pref("sweetim.toolbar.mode.debug", "false");
Deleted ! - user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"http://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"https://search.yahoo.com/*\" param=\"p=\" /><EXTERNAL_SEARCH engine=\"http://search.sweetim.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"http://*.live.*/*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"http://*youtube.com/\" param=\"search_query=\" /><EXTERNAL_SEARCH engine=\"http://*.ebay.*/search/*\" param=\"satitle=\" /><EXTERNAL_SEARCH engine=\"http://*.amazon.com/s/*\" param=\"field-keywords=\" /></TOOLBAR>");
Deleted ! - user_pref("sweetim.toolbar.search.history.capacity", "10");
Deleted ! - user_pref("sweetim.toolbar.simapp_id", "{31361222-5B75-4045-8161-D4443657A32C}");
Deleted ! - user_pref("sweetim.toolbar.version", "1.0.0.3");
+--------------------------------------------------------------+
>>>>>>>>>>>>>>>> [ EOF - 263 lines ]
et hightjackthis........
--------- AD-Remover 1.0.1.3 by C_XX ---------
START at: 11:28:26 | 13/09/2008
ON: Windows_NT (Windows Vista)
OPTION: Clean
INSTALL LOCATION: C:\Users\KLOD\Desktop\Ad-remover\AD-Remover.bat
USER: KLOD | PC: PC-DE-KLOD
BOOT MODE: Normal
UAC is disable
DRIVE(S): C:\ F:\
--------- [ PROCESSES ] ---------
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\ATK Hotkey\ASLDRSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\StkCSrv.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATK Hotkey\Hcontrol.exe
C:\Surcouf\Lanceur\SurcoufLanceur.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\ATK Hotkey\ATKOSD.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wuauclt.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\cmd.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\WScript.exe
C:\Windows\system32\wbem\wmiprvse.exe
------------------------ [ 63 ]
>>>>>>>>>>>>>>>> CHECKING SERVICES
>>>>>>>>>>>>>>>> REGISTRY
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\SweetIM"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CFA9C824-A778-47EB-90CD-BB4DB82CF348}"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83FA27D5-25B5-4D24-B796-DF742F08A5CF}"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D19F074C042AD34BAB463D4175A062E"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E337925F629CF4C4FB08F3D9674DD839"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5D72AF385B5242D47B69FD47F2805AFC"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\428C9AFC877ABE7409DCBBD48BC23F84"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run" /v "SweetIM"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{EEE6C35B-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\5D72AF385B5242D47B69FD47F2805AFC"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\428C9AFC877ABE7409DCBBD48BC23F84"
Deleted ! - "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}"
Deleted ! - "HKEY_CURRENT_USER\Software\SweetIM"
Deleted ! - "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks" /v "{EEE6C35D-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_CLASSES_ROOT\SWEETIE.IEToolbar"
Deleted ! - "HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1"
Deleted ! - "HKEY_CLASSES_ROOT\SWEETIE.SWEETIE"
Deleted ! - "HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3"
Deleted ! - "HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook"
Deleted ! - "HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1"
Deleted ! - "HKEY_CLASSES_ROOT\Toolbar3.SWEETIE"
Deleted ! - "HKEY_CLASSES_ROOT\Toolbar3.SWEETIE.1"
Deleted ! - "HKEY_CLASSES_ROOT\MgMediaPlayer.GifAnimator"
Deleted ! - "HKEY_CLASSES_ROOT\MgMediaPlayer.GifAnimator.1"
Deleted ! - "HKEY_CLASSES_ROOT\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_CLASSES_ROOT\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_CLASSES_ROOT\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_CLASSES_ROOT\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}"
Deleted ! - "HKEY_CLASSES_ROOT\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}"
Deleted ! - "HKEY_CLASSES_ROOT\Typelib\{EEE6C35E-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_CLASSES_ROOT\Typelib\{EEE6C35F-6118-11DC-9C72-001320C79847}"
Deleted ! - "HKEY_CLASSES_ROOT\Installer\Features\5D72AF385B5242D47B69FD47F2805AFC"
Deleted ! - "HKEY_CLASSES_ROOT\Installer\Features\428C9AFC877ABE7409DCBBD48BC23F84"
Deleted ! - "HKEY_CLASSES_ROOT\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0"
Deleted ! - "HKEY_CLASSES_ROOT\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632"
>>>>>>>>>>>>>>>> FILES\FOLDERS
Deleted ! - "C:\Windows\PFRO.log"
NOT deleted ! - "C:\Program Files\SweetIM"
Deleted ! - "C:\ProgramData\SweetIM"
Deleted ! - "C:\Users\KLOD\AppData\LocalLow\SweetIM"
Deleted ! - "C:\Users\KLOD\AppData\Roaming\Mozilla\Firefox\Profiles\fnw6x95c.default\searchplugins\sweetim.xml"
Deleted ! - "C:\Users\KLOD\AppData\Roaming\Mozilla\Firefox\Profiles\fnw6x95c.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}"
Deleted ! - "C:\Users\KLOD\AppData\Roaming\Mozilla\Firefox\Profiles\fnw6x95c.default\SweetIMToolbarData"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\{CFA9C824-A778-47EB-90CD-BB4DB82CF348}"
Deleted ! - "C:\Windows\Prefetch\SWEETIESETUP.EXE-D69BE5BA.pf"
Deleted ! - "C:\Windows\Prefetch\SWEETIM.EXE-0DF1063E.pf"
Deleted ! - "C:\Windows\Prefetch\SWEETIMSETUP[1].EXE-384844BB.pf"
Deleted ! - "C:\Windows\Prefetch\VISTACOOKIESCOLLECTOR.EXE-705F77DE.pf"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\7zS280.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\bye258C.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\bye8F55.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\byeE477.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\byeF289.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\byeF6DD.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\DMI8FA1.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\DMIBDD2.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\IEC4A39.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\isp236.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\isp98EB.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\plugtmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\RASCF02.tmp.htm"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\SET78F6.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\sim1103.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\sim7AB.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\simCC9C.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\simD00.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR232.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR271.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR2B4.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR2D7.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR2FA.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR31D.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR361.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR393.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR712E.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR716D.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR7181.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR71B3.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR71E6.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR725B.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR7280.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR820.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR84F.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR874.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR896.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR8B8.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR8EC.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR90F.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\TFR932.tmp"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\drmtemp00F2A8FF.htm"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\drmtemp00F2D128.htm"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\Temp1_livingstone.zip"
Deleted ! - "C:\Users\KLOD\AppData\Local\Temp\Temp1_wooden_nickel_black.zip"
Deleted ! - "C:\Windows\temp\DMI68C0.tmp"
Deleted ! - "C:\Windows\temp\DMI69F8.tmp"
Deleted ! - "C:\Windows\temp\DMIDAC4.tmp"
Deleted ! - "C:\Windows\temp\DMIE6E4.tmp"
Deleted ! - "C:\Windows\temp\DMIE80D.tmp"
Deleted ! - "C:\Windows\temp\DMIEADA.tmp"
+---- Scanning prefs.js ... ( # Mozilla User Preferences ) ----+
\...\fnw6x95c.default\prefs.js :
Deleted ! - user_pref("browser.search.defaultenginename", "SweetIM Search");
Deleted ! - user_pref("browser.search.defaulturl", "https://search.sweetim.com/search.asp?src=2&q=");
Deleted ! - user_pref("browser.search.selectedEngine", "SweetIM Search");
Deleted ! - user_pref("browser.startup.homepage", "https://home.sweetim.com/");
Deleted ! - user_pref("keyword.URL", "https://search.sweetim.com/search.asp?src=2&q=");
Deleted ! - user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Deleted ! - user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Deleted ! - user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Deleted ! - user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Deleted ! - user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Deleted ! - user_pref("sweetim.toolbar.mode.debug", "false");
Deleted ! - user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"http://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"https://search.yahoo.com/*\" param=\"p=\" /><EXTERNAL_SEARCH engine=\"http://search.sweetim.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"http://*.live.*/*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"http://*youtube.com/\" param=\"search_query=\" /><EXTERNAL_SEARCH engine=\"http://*.ebay.*/search/*\" param=\"satitle=\" /><EXTERNAL_SEARCH engine=\"http://*.amazon.com/s/*\" param=\"field-keywords=\" /></TOOLBAR>");
Deleted ! - user_pref("sweetim.toolbar.search.history.capacity", "10");
Deleted ! - user_pref("sweetim.toolbar.simapp_id", "{31361222-5B75-4045-8161-D4443657A32C}");
Deleted ! - user_pref("sweetim.toolbar.version", "1.0.0.3");
+--------------------------------------------------------------+
>>>>>>>>>>>>>>>> [ EOF - 263 lines ]
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
sKe69
Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
463
13 sept. 2008 à 12:01
13 sept. 2008 à 12:01
Re ,
Tu m'as posté 2 fois le rapport de Ad-Remover ... ;)
postes moi l'hijackthis stp puis enchaine avec ceci :
Télécharges OTMoveIt (de Old_Timer) sur ton Bureau.
http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe
ou http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe
Déconnectes toi et fermes toute tes applications en cours .
cliques double sur OTMoveIt.exe pour le lancer.
copies ce qui se trouve en citation ci-dessous,
C:\Program Files\SweetIM
et colles le dans le cadre de gauche de OTMoveIt2 :
Paste standard List of Files/Folders to be moved.
cliques sur MoveIt! pour lancer la suppression.
le résultat apparaîtra dans le cadre Results.
cliques sur Exit pour fermer.
--->postes le rapport situé dans le dossier " C:\OTMoveIt\MovedFiles." ( c'est un .log )
Note : il te sera peut-être demandé de redémarrer le pc pour achever la suppression.
si c'est le cas acceptes par "Yes".
Tu m'as posté 2 fois le rapport de Ad-Remover ... ;)
postes moi l'hijackthis stp puis enchaine avec ceci :
Télécharges OTMoveIt (de Old_Timer) sur ton Bureau.
http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe
ou http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe
Déconnectes toi et fermes toute tes applications en cours .
cliques double sur OTMoveIt.exe pour le lancer.
copies ce qui se trouve en citation ci-dessous,
C:\Program Files\SweetIM
et colles le dans le cadre de gauche de OTMoveIt2 :
Paste standard List of Files/Folders to be moved.
cliques sur MoveIt! pour lancer la suppression.
le résultat apparaîtra dans le cadre Results.
cliques sur Exit pour fermer.
--->postes le rapport situé dans le dossier " C:\OTMoveIt\MovedFiles." ( c'est un .log )
Note : il te sera peut-être demandé de redémarrer le pc pour achever la suppression.
si c'est le cas acceptes par "Yes".
salut,desolé pour les meme rapports, voici celui de hightjackthis.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:26:59, on 13/09/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Surcouf\Lanceur\SurcoufLanceur.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AppSurcouf] C:\Surcouf\Lanceur\SurcoufLanceur.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:26:59, on 13/09/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Surcouf\Lanceur\SurcoufLanceur.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AppSurcouf] C:\Surcouf\Lanceur\SurcoufLanceur.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
sKe69
Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
463
14 sept. 2008 à 14:22
14 sept. 2008 à 14:22
Salut,
laisses courir pour OTMoveIt .... fais ce qui suit :
1-Télécharges : - CCleaner
https://www.pcastuces.com/logitheque/ccleaner.htm
Ce logiciel va permettre de supprimer tous les fichiers temporaires et de corrigé ton registre .Lors de l'installation, avant de cliquer sur le bouton "installer", décoche toutes les "options supplémentaires" sauf les 2 première.
Une fois le prg instalé et lancé, Clique sur "Options", "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures"( Par la suite, laisse-le avec ses réglages par défaut. C'est tout ).
Un tuto ( aide ):
http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm
---> Utilisation:
! déconnectes toi et fermes toutes applications en cours !
* vas dans "nettoyeur" : fait analyse puis nettoyage
* vas dans "registre" : fait chercher les erreurs et réparer ( plusieurs fois jusqu'à ce qu'il n'y est plus d'erreur ) .
( CCleaner : soft à garder sur son PC , super utile pour de bons nettoyages ... )
2-Télécharges GenProc (de Jean-Chretien1 et Narco4) sur ton bureau (et pas ailleur !) :
http://www.alt-shift-return.org/Info/Fichiers/GenProc.zip
!!Déconnectes toi et fermes tes application en cours !!
Dézippes (=extraire tout) le contenu de ce que tu viens de télécharger sur ton bureau .
Ouvres le dossier Genproc :
-> cliques droit / " executer entant qu'admin..." sur GenProc.bat et laisses faire...
Une fois terminé, postes le contenu du rapport qui s'ouvre ...
Aide en images ici : http://www.alt-shift-return.org/Info/GenProc-HowTo.html
IMPORTANT : postes le rapport et ne fait rien d'autre pour l'instant ( souvant il faut ajouter des consignes à la manipe indiquée pour que cela fonctionne parfaitement ) .
laisses courir pour OTMoveIt .... fais ce qui suit :
1-Télécharges : - CCleaner
https://www.pcastuces.com/logitheque/ccleaner.htm
Ce logiciel va permettre de supprimer tous les fichiers temporaires et de corrigé ton registre .Lors de l'installation, avant de cliquer sur le bouton "installer", décoche toutes les "options supplémentaires" sauf les 2 première.
Une fois le prg instalé et lancé, Clique sur "Options", "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures"( Par la suite, laisse-le avec ses réglages par défaut. C'est tout ).
Un tuto ( aide ):
http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm
---> Utilisation:
! déconnectes toi et fermes toutes applications en cours !
* vas dans "nettoyeur" : fait analyse puis nettoyage
* vas dans "registre" : fait chercher les erreurs et réparer ( plusieurs fois jusqu'à ce qu'il n'y est plus d'erreur ) .
( CCleaner : soft à garder sur son PC , super utile pour de bons nettoyages ... )
2-Télécharges GenProc (de Jean-Chretien1 et Narco4) sur ton bureau (et pas ailleur !) :
http://www.alt-shift-return.org/Info/Fichiers/GenProc.zip
!!Déconnectes toi et fermes tes application en cours !!
Dézippes (=extraire tout) le contenu de ce que tu viens de télécharger sur ton bureau .
Ouvres le dossier Genproc :
-> cliques droit / " executer entant qu'admin..." sur GenProc.bat et laisses faire...
Une fois terminé, postes le contenu du rapport qui s'ouvre ...
Aide en images ici : http://www.alt-shift-return.org/Info/GenProc-HowTo.html
IMPORTANT : postes le rapport et ne fait rien d'autre pour l'instant ( souvant il faut ajouter des consignes à la manipe indiquée pour que cela fonctionne parfaitement ) .