PC trés lent
Résolu
Momo81
Messages postés
107
Date d'inscription
Statut
Membre
Dernière intervention
-
benurrr Messages postés 9643 Date d'inscription Statut Contributeur sécurité Dernière intervention -
benurrr Messages postés 9643 Date d'inscription Statut Contributeur sécurité Dernière intervention -
Bonjour,
Est-ce que quelqu'un peut jeter un œil à mon rapport hijackthis .Merci d'avance.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:41:40, on 04/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Tall Emu\Online Armor\oasrv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\brsvc01a.exe
C:\WINDOWS\System32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Tall Emu\Online Armor\oaui.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\EoRezo\EoEngine.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\Program Files\Scansoft\PaperPort\SmartUI\SmartUI.exe
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
G:\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lo.st
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\EoRezo\EoAdv\EOREZO~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\Scansoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ItsTV] "C:\Program Files\ItsLabel\ItsTV.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\oaui.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe"
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\BRMFLPRO\BrDefPrt.exe
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = G:\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Startup: wkcalrem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
O4 - Global Startup: SmartUI.lnk = ?
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - Trusted Zone: https://www.orange.fr/portail
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O20 - AppInit_DLLs:
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Unknown owner - C:\WINDOWS\system32\Brmfrmps.exe (file missing)
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\System32\brsvc01a.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: Online Armor (SvcOnlineArmor) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oasrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Est-ce que quelqu'un peut jeter un œil à mon rapport hijackthis .Merci d'avance.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:41:40, on 04/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Tall Emu\Online Armor\oasrv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\brsvc01a.exe
C:\WINDOWS\System32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Tall Emu\Online Armor\oaui.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\EoRezo\EoEngine.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\Program Files\Scansoft\PaperPort\SmartUI\SmartUI.exe
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
G:\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lo.st
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\EoRezo\EoAdv\EOREZO~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\Scansoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ItsTV] "C:\Program Files\ItsLabel\ItsTV.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\oaui.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe"
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\BRMFLPRO\BrDefPrt.exe
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = G:\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Startup: wkcalrem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
O4 - Global Startup: SmartUI.lnk = ?
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - Trusted Zone: https://www.orange.fr/portail
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O20 - AppInit_DLLs:
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Unknown owner - C:\WINDOWS\system32\Brmfrmps.exe (file missing)
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\System32\brsvc01a.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: Online Armor (SvcOnlineArmor) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oasrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
A voir également:
- PC trés lent
- Pc tres lent - Guide
- Reinitialiser pc - Guide
- Test performance pc - Guide
- Downloader for pc - Télécharger - Téléchargement & Transfert
- Mon mac est lent comment le nettoyer - Guide
69 réponses
--------- Logfile of AD-Remover 1.0.5.9 by C_XX ---------
*** Limited to ***
Boonty/BoontyGames
Eorezo
Everest Poker
Funwebproduct/MyWay/MyWebsearch
Messenger Skinner
Sweetim
******************
# START at: 17:01:20 | 04/12/2008 ON Microsoft® Windows XP ™ v5.1.2600
# BOOT MODE: Normal
# OPTION: Scan
# EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat
# PC: MONIQUE-0CF3FX3 | USER: Momo ( Current user is an administrator )
# DRIVE(S): A:\
# Systemdrive: C:\ (NTFS)
# Internet Explorer v6.0.2900.2180
--------- [ RUNNING PROCESSES: 41 ] ---------
\SystemRoot\System32\smss.exe
\??\C:\WINDOWS\system32\csrss.exe
\??\C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Tall Emu\Online Armor\oasrv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\brsvc01a.exe
C:\WINDOWS\System32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Tall Emu\Online Armor\oaui.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\EoRezo\EoEngine.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\Program Files\Scansoft\PaperPort\SmartUI\SmartUI.exe
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
G:\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
-----------------------------------
(!) ---- IE start pages reset
+---------------------------------------------------------------------------+
+------------------------------- SERVICES DELETED ..
+---------------------------------------------------------------------------+
Deleted successfully ! - "Boonty Games"
+---------------------------------------------------------------------------+
+------------------------------- REGISTRY ELEMENTS DELETED ..
+---------------------------------------------------------------------------+
"HKEY_CLASSES_ROOT\boontybox"
"HKEY_CLASSES_ROOT\CLSID\{aa760512-9bd8-4b1b-9e7a-dd9bbe3cf119}"
"HKEY_CLASSES_ROOT\PandoraBoxCtrl.PandoraBoxCtrl"
"HKEY_CLASSES_ROOT\PandoraBoxCtrl.PandoraBoxCtrl.1"
"HKEY_CLASSES_ROOT\Typelib\{BB8AC401-701B-4ED1-96BB-B84A0FCF5874}"
"HKEY_CURRENT_USER\SOFTWARE\Boonty"
"HKEY_LOCAL_MACHINE\Software\Boonty"
"HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Boonty Games"
"HKEY_CLASSES_ROOT\EoRezoBHO.EoBho"
"HKEY_CLASSES_ROOT\EoRezoBHO.EoBho.1"
"HKEY_CLASSES_ROOT\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}"
"HKEY_CLASSES_ROOT\Typelib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}"
"HKEY_CURRENT_USER\SOFTWARE\EoRezo"
"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}"
"HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eoEngine_is1"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run" /v "EoEngine"
"HKEY_CURRENT_USER\SOFTWARE\MessengerSkinner"
+---------------------------------------------------------------------------+
+------------------------------- FILES\FOLDERS DELETED ..
+---------------------------------------------------------------------------+
[11/03/2005 17:06|--a------] C:\WINDOWS\system32\PandoraCtrl.dll
[01/11/2008 11:36|d--------] C:\Program Files\EoRezo
[04/12/2008 15:51|d--------] C:\Documents and Settings\Momo\Application Data\EoRezo
/!\ NOT DELETED - [04/12/2008 13:36|--a------] C:\WINDOWS\Prefetch\EOENGINE.EXE-020B3EA2.pf
(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives.
************* /!\ File(s)/Folder(s) Not Deleted /!\ *************
"C:\WINDOWS\Prefetch\EOENGINE.EXE-020B3EA2.pf"
Second run ...
"C:\WINDOWS\Prefetch\EOENGINE.EXE-020B3EA2.pf" - RESIST !
+---------------------------------------------------------------------------+
+------------------------------- ADDED SCAN ..
+---------------------------------------------------------------------------+
+---------- Scanning prefs.js ... ( # Mozilla User Preferences )
...\gftzl64b.default\prefs.js :
~~~~ Mozilla FireFox version 3.0.4 ~~~~
Start Page : "http://www.lo.st"
+----------+
+--[HKEY_CURRENT_USER\...\Run]
+--[HKEY_LOCAL_MACHINE\...\Run]
LVCOMSX REG_SZ C:\WINDOWS\system32\LVCOMSX.EXE
PaperPort PTD REG_SZ C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
IndexSearch REG_SZ C:\Program Files\Scansoft\PaperPort\IndexSearch.exe
SoundMan REG_SZ SOUNDMAN.EXE
ItsTV REG_SZ "C:\Program Files\ItsLabel\ItsTV.exe"
UnlockerAssistant REG_SZ "C:\Program Files\Unlocker\UnlockerAssistant.exe"
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
ZoneAlarm Client REG_SZ "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
OnlineArmor GUI REG_SZ "C:\Program Files\Tall Emu\Online Armor\oaui.exe"
avast! REG_SZ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
SetDefPrt REG_SZ C:\Program Files\Brother\BRMFLPRO\BrDefPrt.exe
+--[HKEY_USERS\.DEFAULT\...\Run]
+--[HKEY_CURRENT_USER\...\Internet Explorer\MAIN]
Start Page : hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
+--[HKEY_LOCAL_MACHINE\...\Internet Explorer\MAIN]
Start Page : hxxp://fr.msn.com/
+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 154 lines ]
+---------------------------------------------------------------------------+
- "C:\AD-report-04.12.2008.log" (6602 octets)
[ END at: 17:04:22 | 04/12/2008 ] - [ Time elapsed: 3 minutes, 1 seconds ]
*** Limited to ***
Boonty/BoontyGames
Eorezo
Everest Poker
Funwebproduct/MyWay/MyWebsearch
Messenger Skinner
Sweetim
******************
# START at: 17:01:20 | 04/12/2008 ON Microsoft® Windows XP ™ v5.1.2600
# BOOT MODE: Normal
# OPTION: Scan
# EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat
# PC: MONIQUE-0CF3FX3 | USER: Momo ( Current user is an administrator )
# DRIVE(S): A:\
# Systemdrive: C:\ (NTFS)
# Internet Explorer v6.0.2900.2180
--------- [ RUNNING PROCESSES: 41 ] ---------
\SystemRoot\System32\smss.exe
\??\C:\WINDOWS\system32\csrss.exe
\??\C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Tall Emu\Online Armor\oasrv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\brsvc01a.exe
C:\WINDOWS\System32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Tall Emu\Online Armor\oaui.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\EoRezo\EoEngine.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\Program Files\Scansoft\PaperPort\SmartUI\SmartUI.exe
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
G:\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
-----------------------------------
(!) ---- IE start pages reset
+---------------------------------------------------------------------------+
+------------------------------- SERVICES DELETED ..
+---------------------------------------------------------------------------+
Deleted successfully ! - "Boonty Games"
+---------------------------------------------------------------------------+
+------------------------------- REGISTRY ELEMENTS DELETED ..
+---------------------------------------------------------------------------+
"HKEY_CLASSES_ROOT\boontybox"
"HKEY_CLASSES_ROOT\CLSID\{aa760512-9bd8-4b1b-9e7a-dd9bbe3cf119}"
"HKEY_CLASSES_ROOT\PandoraBoxCtrl.PandoraBoxCtrl"
"HKEY_CLASSES_ROOT\PandoraBoxCtrl.PandoraBoxCtrl.1"
"HKEY_CLASSES_ROOT\Typelib\{BB8AC401-701B-4ED1-96BB-B84A0FCF5874}"
"HKEY_CURRENT_USER\SOFTWARE\Boonty"
"HKEY_LOCAL_MACHINE\Software\Boonty"
"HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Boonty Games"
"HKEY_CLASSES_ROOT\EoRezoBHO.EoBho"
"HKEY_CLASSES_ROOT\EoRezoBHO.EoBho.1"
"HKEY_CLASSES_ROOT\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}"
"HKEY_CLASSES_ROOT\Typelib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}"
"HKEY_CURRENT_USER\SOFTWARE\EoRezo"
"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}"
"HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eoEngine_is1"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run" /v "EoEngine"
"HKEY_CURRENT_USER\SOFTWARE\MessengerSkinner"
+---------------------------------------------------------------------------+
+------------------------------- FILES\FOLDERS DELETED ..
+---------------------------------------------------------------------------+
[11/03/2005 17:06|--a------] C:\WINDOWS\system32\PandoraCtrl.dll
[01/11/2008 11:36|d--------] C:\Program Files\EoRezo
[04/12/2008 15:51|d--------] C:\Documents and Settings\Momo\Application Data\EoRezo
/!\ NOT DELETED - [04/12/2008 13:36|--a------] C:\WINDOWS\Prefetch\EOENGINE.EXE-020B3EA2.pf
(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives.
************* /!\ File(s)/Folder(s) Not Deleted /!\ *************
"C:\WINDOWS\Prefetch\EOENGINE.EXE-020B3EA2.pf"
Second run ...
"C:\WINDOWS\Prefetch\EOENGINE.EXE-020B3EA2.pf" - RESIST !
+---------------------------------------------------------------------------+
+------------------------------- ADDED SCAN ..
+---------------------------------------------------------------------------+
+---------- Scanning prefs.js ... ( # Mozilla User Preferences )
...\gftzl64b.default\prefs.js :
~~~~ Mozilla FireFox version 3.0.4 ~~~~
Start Page : "http://www.lo.st"
+----------+
+--[HKEY_CURRENT_USER\...\Run]
+--[HKEY_LOCAL_MACHINE\...\Run]
LVCOMSX REG_SZ C:\WINDOWS\system32\LVCOMSX.EXE
PaperPort PTD REG_SZ C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
IndexSearch REG_SZ C:\Program Files\Scansoft\PaperPort\IndexSearch.exe
SoundMan REG_SZ SOUNDMAN.EXE
ItsTV REG_SZ "C:\Program Files\ItsLabel\ItsTV.exe"
UnlockerAssistant REG_SZ "C:\Program Files\Unlocker\UnlockerAssistant.exe"
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
ZoneAlarm Client REG_SZ "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
OnlineArmor GUI REG_SZ "C:\Program Files\Tall Emu\Online Armor\oaui.exe"
avast! REG_SZ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
SetDefPrt REG_SZ C:\Program Files\Brother\BRMFLPRO\BrDefPrt.exe
+--[HKEY_USERS\.DEFAULT\...\Run]
+--[HKEY_CURRENT_USER\...\Internet Explorer\MAIN]
Start Page : hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
+--[HKEY_LOCAL_MACHINE\...\Internet Explorer\MAIN]
Start Page : hxxp://fr.msn.com/
+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 154 lines ]
+---------------------------------------------------------------------------+
- "C:\AD-report-04.12.2008.log" (6602 octets)
[ END at: 17:04:22 | 04/12/2008 ] - [ Time elapsed: 3 minutes, 1 seconds ]
la date ne correspond pas
c'est le premier qu'on a fait celui la
suprime le et regarde si tu on a un autre qui traine
en haut du rapport tu a la date
Par Manque De Curiosité On Risque De Mourir Ignorant;Tu es libre de penser que tu es C..,
Mais C.. de penser que tu es libre...Merci a australe13
c'est le premier qu'on a fait celui la
suprime le et regarde si tu on a un autre qui traine
en haut du rapport tu a la date
Par Manque De Curiosité On Risque De Mourir Ignorant;Tu es libre de penser que tu es C..,
Mais C.. de penser que tu es libre...Merci a australe13
excuse-moi j'ai pas fait attention à la date
--------- Logfile of AD-Remover 1.0.7.7 by C_XX ---------
# START at: 17:16:56 | Mar 16/12/2008 | Microsoft® Windows XP™ (v5.1.2600)
# BOOT MODE: Normal
# OPTION: Scan | EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat
# PC: MONIQUE-0CF3FX3 | USER: Momo ( Current user is an administrator)
# DRIVE(S):
- C:\ (File System: NTFS)
- G:\ (File System: NTFS)
- H:\ (File System: NTFS)
# Internet Explorer v6.0.2900.2180
--------- [ RUNNING PROCESSES: 42 ] ---------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Tall Emu\Online Armor\oasrv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\brss01a.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Tall Emu\Online Armor\oaui.exe
C:\Program Files\EoRezo\EoEngine.exe
C:\Documents and Settings\Momo\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\BRMFRSMG.EXE
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\Program Files\Scansoft\PaperPort\SmartUI\SmartUI.exe
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
G:\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\ntvdm.exe
-----------------------------------
+-----------------------| Boonty/Boonty Games Elements found :
.
[10/11/2006 10:55|--a------] C:\WINDOWS\system32\PANDOR~2.DLL
+-----------------------| Eorezo Elements found :
"HKEY_CLASSES_ROOT\EoRezoBHO.EoBho"
"HKEY_CLASSES_ROOT\EoRezoBHO.EoBho.1"
"HKEY_CURRENT_USER\SOFTWARE\EoRezo"
"HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\EoRezoBHO.DLL"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eoEngine_is1"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run" /v "EoEngine"
.
[15/12/2008 11:02|d--------] C:\PROGRA~1\EoRezo
[27/06/2007 13:56|--a------] C:\PROGRA~1\EoRezo\CONFME~1.CYP
[15/12/2008 11:02|d--------] C:\PROGRA~1\EoRezo\EoAdv
[25/11/2008 15:56|--a------] C:\PROGRA~1\EoRezo\EoEngine.exe
[15/12/2008 11:02|--a------] C:\PROGRA~1\EoRezo\eoEngine.url
[24/10/2008 15:42|--a------] C:\PROGRA~1\EoRezo\EOMULT~1.DLL
[25/11/2008 15:57|--a------] C:\PROGRA~1\EoRezo\EOREZO~1.DLL
[24/10/2008 16:08|--a------] C:\PROGRA~1\EoRezo\EOREZO~4.DLL
[24/10/2008 16:08|--a------] C:\PROGRA~1\EoRezo\EO6115~1.DLL
[24/10/2008 16:09|--a------] C:\PROGRA~1\EoRezo\EO4511~1.DLL
[24/10/2008 16:09|--a------] C:\PROGRA~1\EoRezo\EO4515~1.DLL
[24/10/2008 16:10|--a------] C:\PROGRA~1\EoRezo\EO5519~1.DLL
[24/10/2008 15:43|--a------] C:\PROGRA~1\EoRezo\EO551D~1.DLL
[24/10/2008 16:10|--a------] C:\PROGRA~1\EoRezo\EOREZO~2.DLL
[24/10/2008 16:11|--a------] C:\PROGRA~1\EoRezo\EOREZO~3.DLL
[24/10/2008 16:22|--a------] C:\PROGRA~1\EoRezo\EO6CF9~1.DLL
[24/10/2008 16:23|--a------] C:\PROGRA~1\EoRezo\EO400A~1.DLL
[24/10/2008 16:23|--a------] C:\PROGRA~1\EoRezo\EO400E~1.DLL
[24/10/2008 16:25|--a------] C:\PROGRA~1\EoRezo\EO5002~1.DLL
[24/10/2008 16:25|--a------] C:\PROGRA~1\EoRezo\EO5006~1.DLL
[01/11/2008 15:56|--a------] C:\PROGRA~1\EoRezo\EO600A~1.DLL
[25/11/2008 15:58|--a------] C:\PROGRA~1\EoRezo\EO600E~1.DLL
[26/06/2007 14:33|--a------] C:\PROGRA~1\EoRezo\FREEIM~1.DLL
[26/06/2007 14:33|--a------] C:\PROGRA~1\EoRezo\Host.cyp
[15/12/2008 11:02|d--------] C:\PROGRA~1\EoRezo\lang
[12/11/2008 12:53|--a------] C:\PROGRA~1\EoRezo\MNGINS~1.DLL
[15/12/2008 11:02|--a------] C:\PROGRA~1\EoRezo\unins000.dat
[15/12/2008 11:02|--a------] C:\PROGRA~1\EoRezo\unins000.exe
[21/12/2007 10:23|--a------] C:\PROGRA~1\EoRezo\user.cyp
[07/11/2007 01:19|--a------] C:\PROGRA~1\EoRezo\EoAdv\atl90.dll
[24/10/2008 15:37|--a------] C:\PROGRA~1\EoRezo\EoAdv\EoAdv.dll
[18/11/2008 15:15|--a------] C:\PROGRA~1\EoRezo\EoAdv\EOREZO~1.DLL
[07/11/2007 01:19|--a------] C:\PROGRA~1\EoRezo\EoAdv\mfc90.dll
[06/11/2007 20:24|--a------] C:\PROGRA~1\EoRezo\EoAdv\MICROS~1.MAN
[06/11/2007 20:24|--a------] C:\PROGRA~1\EoRezo\EoAdv\MICROS~2.MAN
[06/11/2007 22:51|--a------] C:\PROGRA~1\EoRezo\EoAdv\MICROS~3.MAN
[07/11/2007 01:19|--a------] C:\PROGRA~1\EoRezo\EoAdv\msvcr90.dll
[26/06/2007 14:33|--a------] C:\PROGRA~1\EoRezo\lang\IHM_EO~3.XML
[26/06/2007 14:33|--a------] C:\PROGRA~1\EoRezo\lang\IH935B~1.XML
[26/06/2007 14:33|--a------] C:\PROGRA~1\EoRezo\lang\IHM_EO~1.XML
[26/06/2007 14:33|--a------] C:\PROGRA~1\EoRezo\lang\IH0447~1.XML
[26/06/2007 14:33|--a------] C:\PROGRA~1\EoRezo\lang\IHM_EO~2.XML
[26/06/2007 14:33|--a------] C:\PROGRA~1\EoRezo\lang\IHM_EO~4.XML
[26/06/2007 14:33|--a------] C:\PROGRA~1\EoRezo\lang\lang_en.xml
[26/06/2007 14:33|--a------] C:\PROGRA~1\EoRezo\lang\lang_es.xml
[26/06/2007 14:33|--a------] C:\PROGRA~1\EoRezo\lang\lang_fr.xml
[26/06/2007 14:33|--a------] C:\PROGRA~1\EoRezo\lang\lang_it.xml
[16/12/2008 16:01|d--------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo
[15/12/2008 11:03|--a------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo\cmhost.cyp
[16/12/2008 15:11|--a------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo\CONFME~1.CYP
[16/12/2008 12:01|d--------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo\db
[16/12/2008 15:11|d--------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo\EODESK~1
[15/12/2008 15:15|d--------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo\eoStats
[15/12/2008 11:03|--a------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo\host.cyp
[16/12/2008 17:02|d--------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo\SOFTWA~1
[16/12/2008 15:11|--a------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo\user.cyp
[16/12/2008 12:01|--a------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo\db\cat.cyp
[16/12/2008 15:11|--a------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo\EODESK~1\config.xml
[16/12/2008 15:11|--a------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo\EODESK~1\EODESK~1.HTM
[16/12/2008 15:11|--a------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo\EODESK~1\USERCO~1.XML
[16/12/2008 15:01|--a------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo\eoStats\eoStats.txt
[09/12/2008 10:12|--a------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo\SOFTWA~1\SOFTWA~1.EXE
[09/12/2008 10:13|--a------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo\SOFTWA~1\SOFTWA~2.EXE
[15/12/2008 11:02|--a------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo\SOFTWA~1\unins000.dat
[15/12/2008 11:02|--a------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo\SOFTWA~1\unins000.exe
[16/12/2008 17:02|--a------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo\SOFTWA~1\USER_C~1.CYP
[15/12/2008 11:05|--a------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo\SOFTWA~1\USER_P~1.CYP
[16/12/2008 17:02|--a------] C:\DOCUME~1\Momo\Cookies\MOMO@E~1.TXT
+-----------------------| Everest Poker Elements found :
.
+-----------------------| FunWebProducts/MyWay/MyWebSearch/MyGlobalSearch Elements found :
.
+-----------------------| Messenger Skinner Elements found :
.
+-----------------------| Sweetim Elements found :
.
+-----------------------| ADDED SCAN :
+---------- Scanning prefs.js ... ( # Mozilla User Preferences )
...\gftzl64b.default\prefs.js :
~~~~ Mozilla FireFox version 3.0.4 ~~~~
Start Page : "http://lo.st#home"
+----------+
+---------------------------------------------------------------------------+
+--[HKEY_CURRENT_USER\..\Run]
ccleaner REG_SZ "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
+--[HKEY_LOCAL_MACHINE\..\Run]
LVCOMSX REG_SZ C:\WINDOWS\system32\LVCOMSX.EXE
PaperPort PTD REG_SZ C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
IndexSearch REG_SZ C:\Program Files\Scansoft\PaperPort\IndexSearch.exe
SoundMan REG_SZ SOUNDMAN.EXE
ItsTV REG_SZ "C:\Program Files\ItsLabel\ItsTV.exe"
OnlineArmor GUI REG_SZ "C:\Program Files\Tall Emu\Online Armor\oaui.exe"
EoEngine REG_SZ "C:\Program Files\EoRezo\EoEngine.exe"
SoftwareHelper REG_SZ C:\Documents and Settings\Momo\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
avast! REG_SZ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre6\bin\jusched.exe"
+--[HKEY_USERS\.DEFAULT\..\Run]
+--[HKEY_CURRENT_USER\..\Internet Explorer\MAIN]
Start Page : hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
+--[HKEY_LOCAL_MACHINE\..\Internet Explorer\MAIN]
Start Page : hxxp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
+---------------------------------------------------------------------------+
- "C:\AD-report-Scan-16.12.2008.log" (~9529 bytes)
# END at: 17:18:30 | 16/12/2008 - Time elapsed: 94.3 seconds
+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 171 lines ]
+---------------------------------------------------------------------------+
--------- Logfile of AD-Remover 1.0.7.7 by C_XX ---------
# START at: 17:16:56 | Mar 16/12/2008 | Microsoft® Windows XP™ (v5.1.2600)
# BOOT MODE: Normal
# OPTION: Scan | EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat
# PC: MONIQUE-0CF3FX3 | USER: Momo ( Current user is an administrator)
# DRIVE(S):
- C:\ (File System: NTFS)
- G:\ (File System: NTFS)
- H:\ (File System: NTFS)
# Internet Explorer v6.0.2900.2180
--------- [ RUNNING PROCESSES: 42 ] ---------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Tall Emu\Online Armor\oasrv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\brss01a.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Tall Emu\Online Armor\oaui.exe
C:\Program Files\EoRezo\EoEngine.exe
C:\Documents and Settings\Momo\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\BRMFRSMG.EXE
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\Program Files\Scansoft\PaperPort\SmartUI\SmartUI.exe
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
G:\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\ntvdm.exe
-----------------------------------
+-----------------------| Boonty/Boonty Games Elements found :
.
[10/11/2006 10:55|--a------] C:\WINDOWS\system32\PANDOR~2.DLL
+-----------------------| Eorezo Elements found :
"HKEY_CLASSES_ROOT\EoRezoBHO.EoBho"
"HKEY_CLASSES_ROOT\EoRezoBHO.EoBho.1"
"HKEY_CURRENT_USER\SOFTWARE\EoRezo"
"HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\EoRezoBHO.DLL"
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eoEngine_is1"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run" /v "EoEngine"
.
[15/12/2008 11:02|d--------] C:\PROGRA~1\EoRezo
[27/06/2007 13:56|--a------] C:\PROGRA~1\EoRezo\CONFME~1.CYP
[15/12/2008 11:02|d--------] C:\PROGRA~1\EoRezo\EoAdv
[25/11/2008 15:56|--a------] C:\PROGRA~1\EoRezo\EoEngine.exe
[15/12/2008 11:02|--a------] C:\PROGRA~1\EoRezo\eoEngine.url
[24/10/2008 15:42|--a------] C:\PROGRA~1\EoRezo\EOMULT~1.DLL
[25/11/2008 15:57|--a------] C:\PROGRA~1\EoRezo\EOREZO~1.DLL
[24/10/2008 16:08|--a------] C:\PROGRA~1\EoRezo\EOREZO~4.DLL
[24/10/2008 16:08|--a------] C:\PROGRA~1\EoRezo\EO6115~1.DLL
[24/10/2008 16:09|--a------] C:\PROGRA~1\EoRezo\EO4511~1.DLL
[24/10/2008 16:09|--a------] C:\PROGRA~1\EoRezo\EO4515~1.DLL
[24/10/2008 16:10|--a------] C:\PROGRA~1\EoRezo\EO5519~1.DLL
[24/10/2008 15:43|--a------] C:\PROGRA~1\EoRezo\EO551D~1.DLL
[24/10/2008 16:10|--a------] C:\PROGRA~1\EoRezo\EOREZO~2.DLL
[24/10/2008 16:11|--a------] C:\PROGRA~1\EoRezo\EOREZO~3.DLL
[24/10/2008 16:22|--a------] C:\PROGRA~1\EoRezo\EO6CF9~1.DLL
[24/10/2008 16:23|--a------] C:\PROGRA~1\EoRezo\EO400A~1.DLL
[24/10/2008 16:23|--a------] C:\PROGRA~1\EoRezo\EO400E~1.DLL
[24/10/2008 16:25|--a------] C:\PROGRA~1\EoRezo\EO5002~1.DLL
[24/10/2008 16:25|--a------] C:\PROGRA~1\EoRezo\EO5006~1.DLL
[01/11/2008 15:56|--a------] C:\PROGRA~1\EoRezo\EO600A~1.DLL
[25/11/2008 15:58|--a------] C:\PROGRA~1\EoRezo\EO600E~1.DLL
[26/06/2007 14:33|--a------] C:\PROGRA~1\EoRezo\FREEIM~1.DLL
[26/06/2007 14:33|--a------] C:\PROGRA~1\EoRezo\Host.cyp
[15/12/2008 11:02|d--------] C:\PROGRA~1\EoRezo\lang
[12/11/2008 12:53|--a------] C:\PROGRA~1\EoRezo\MNGINS~1.DLL
[15/12/2008 11:02|--a------] C:\PROGRA~1\EoRezo\unins000.dat
[15/12/2008 11:02|--a------] C:\PROGRA~1\EoRezo\unins000.exe
[21/12/2007 10:23|--a------] C:\PROGRA~1\EoRezo\user.cyp
[07/11/2007 01:19|--a------] C:\PROGRA~1\EoRezo\EoAdv\atl90.dll
[24/10/2008 15:37|--a------] C:\PROGRA~1\EoRezo\EoAdv\EoAdv.dll
[18/11/2008 15:15|--a------] C:\PROGRA~1\EoRezo\EoAdv\EOREZO~1.DLL
[07/11/2007 01:19|--a------] C:\PROGRA~1\EoRezo\EoAdv\mfc90.dll
[06/11/2007 20:24|--a------] C:\PROGRA~1\EoRezo\EoAdv\MICROS~1.MAN
[06/11/2007 20:24|--a------] C:\PROGRA~1\EoRezo\EoAdv\MICROS~2.MAN
[06/11/2007 22:51|--a------] C:\PROGRA~1\EoRezo\EoAdv\MICROS~3.MAN
[07/11/2007 01:19|--a------] C:\PROGRA~1\EoRezo\EoAdv\msvcr90.dll
[26/06/2007 14:33|--a------] C:\PROGRA~1\EoRezo\lang\IHM_EO~3.XML
[26/06/2007 14:33|--a------] C:\PROGRA~1\EoRezo\lang\IH935B~1.XML
[26/06/2007 14:33|--a------] C:\PROGRA~1\EoRezo\lang\IHM_EO~1.XML
[26/06/2007 14:33|--a------] C:\PROGRA~1\EoRezo\lang\IH0447~1.XML
[26/06/2007 14:33|--a------] C:\PROGRA~1\EoRezo\lang\IHM_EO~2.XML
[26/06/2007 14:33|--a------] C:\PROGRA~1\EoRezo\lang\IHM_EO~4.XML
[26/06/2007 14:33|--a------] C:\PROGRA~1\EoRezo\lang\lang_en.xml
[26/06/2007 14:33|--a------] C:\PROGRA~1\EoRezo\lang\lang_es.xml
[26/06/2007 14:33|--a------] C:\PROGRA~1\EoRezo\lang\lang_fr.xml
[26/06/2007 14:33|--a------] C:\PROGRA~1\EoRezo\lang\lang_it.xml
[16/12/2008 16:01|d--------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo
[15/12/2008 11:03|--a------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo\cmhost.cyp
[16/12/2008 15:11|--a------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo\CONFME~1.CYP
[16/12/2008 12:01|d--------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo\db
[16/12/2008 15:11|d--------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo\EODESK~1
[15/12/2008 15:15|d--------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo\eoStats
[15/12/2008 11:03|--a------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo\host.cyp
[16/12/2008 17:02|d--------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo\SOFTWA~1
[16/12/2008 15:11|--a------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo\user.cyp
[16/12/2008 12:01|--a------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo\db\cat.cyp
[16/12/2008 15:11|--a------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo\EODESK~1\config.xml
[16/12/2008 15:11|--a------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo\EODESK~1\EODESK~1.HTM
[16/12/2008 15:11|--a------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo\EODESK~1\USERCO~1.XML
[16/12/2008 15:01|--a------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo\eoStats\eoStats.txt
[09/12/2008 10:12|--a------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo\SOFTWA~1\SOFTWA~1.EXE
[09/12/2008 10:13|--a------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo\SOFTWA~1\SOFTWA~2.EXE
[15/12/2008 11:02|--a------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo\SOFTWA~1\unins000.dat
[15/12/2008 11:02|--a------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo\SOFTWA~1\unins000.exe
[16/12/2008 17:02|--a------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo\SOFTWA~1\USER_C~1.CYP
[15/12/2008 11:05|--a------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo\SOFTWA~1\USER_P~1.CYP
[16/12/2008 17:02|--a------] C:\DOCUME~1\Momo\Cookies\MOMO@E~1.TXT
+-----------------------| Everest Poker Elements found :
.
+-----------------------| FunWebProducts/MyWay/MyWebSearch/MyGlobalSearch Elements found :
.
+-----------------------| Messenger Skinner Elements found :
.
+-----------------------| Sweetim Elements found :
.
+-----------------------| ADDED SCAN :
+---------- Scanning prefs.js ... ( # Mozilla User Preferences )
...\gftzl64b.default\prefs.js :
~~~~ Mozilla FireFox version 3.0.4 ~~~~
Start Page : "http://lo.st#home"
+----------+
+---------------------------------------------------------------------------+
+--[HKEY_CURRENT_USER\..\Run]
ccleaner REG_SZ "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
+--[HKEY_LOCAL_MACHINE\..\Run]
LVCOMSX REG_SZ C:\WINDOWS\system32\LVCOMSX.EXE
PaperPort PTD REG_SZ C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
IndexSearch REG_SZ C:\Program Files\Scansoft\PaperPort\IndexSearch.exe
SoundMan REG_SZ SOUNDMAN.EXE
ItsTV REG_SZ "C:\Program Files\ItsLabel\ItsTV.exe"
OnlineArmor GUI REG_SZ "C:\Program Files\Tall Emu\Online Armor\oaui.exe"
EoEngine REG_SZ "C:\Program Files\EoRezo\EoEngine.exe"
SoftwareHelper REG_SZ C:\Documents and Settings\Momo\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
avast! REG_SZ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre6\bin\jusched.exe"
+--[HKEY_USERS\.DEFAULT\..\Run]
+--[HKEY_CURRENT_USER\..\Internet Explorer\MAIN]
Start Page : hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
+--[HKEY_LOCAL_MACHINE\..\Internet Explorer\MAIN]
Start Page : hxxp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
+---------------------------------------------------------------------------+
- "C:\AD-report-Scan-16.12.2008.log" (~9529 bytes)
# END at: 17:18:30 | 16/12/2008 - Time elapsed: 94.3 seconds
+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 171 lines ]
+---------------------------------------------------------------------------+
lol
tu relance Ad-remover
tu choisie l'option B (suppression ; nettoyage)
dans la fenêtre qui s'ouvre tu coche tout et tu supprime tout
poste le rapport générer après suppression
tu relance Ad-remover
tu choisie l'option B (suppression ; nettoyage)
dans la fenêtre qui s'ouvre tu coche tout et tu supprime tout
poste le rapport générer après suppression
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
--------- Logfile of AD-Remover 1.0.7.7 by C_XX ---------
*** Limited to ***
Boonty/BoontyGames
Eorezo
Everest Poker
Funwebproduct/MyWay/MyWebsearch
Messenger Skinner
Sweetim
******************
# START at: 17:52:17 | Mar 16/12/2008 | Microsoft® Windows XP™ (v5.1.2600)
# BOOT MODE: Normal
# OPTION: Clean | EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat
# PC: MONIQUE-0CF3FX3 | USER: Momo ( Current user is an administrator)
# DRIVE(S):
- C:\ (File System: NTFS)
- G:\ (File System: NTFS)
- H:\ (File System: NTFS)
# Internet Explorer v6.0.2900.2180
--------- [ RUNNING PROCESSES: 43 ] ---------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Tall Emu\Online Armor\oasrv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\brss01a.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Tall Emu\Online Armor\oaui.exe
C:\Program Files\EoRezo\EoEngine.exe
C:\Documents and Settings\Momo\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\BRMFRSMG.EXE
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\Program Files\Scansoft\PaperPort\SmartUI\SmartUI.exe
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
G:\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\ntvdm.exe
-----------------------------------
(!) ---- IE start pages reset
+-----------------------| Boonty/Boonty Games Elements Deleted :
.
[10/11/2006 10:55|--a------] C:\WINDOWS\system32\PANDOR~2.DLL
+-----------------------| Eorezo Elements Deleted :
"HKEY_CURRENT_USER\SOFTWARE\EoRezo"
"HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run" /v "EoEngine"
.
[16/12/2008 17:27|d--------] C:\Program Files\EoRezo
/!\ NOT DELETED - [16/12/2008 17:26|d--------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo
/!\ NOT DELETED - [16/12/2008 17:52|d--------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo\SOFTWA~1
/!\ NOT DELETED - [09/12/2008 10:13|--a------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo\SOFTWA~1\SOFTWA~2.EXE
[16/12/2008 17:02|--a------] C:\DOCUME~1\Momo\Cookies\MOMO@E~1.TXT
+-----------------------| Everest Poker Elements Deleted :
.
+-----------------------| FunWebProducts/MyWay/MyWebSearch/MyGlobalSearch Elements Deleted :
.
+-----------------------| Messenger Skinner Elements Deleted :
.
+-----------------------| Sweetim Elements Deleted :
.
(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives.
************* /!\ File(s)/Folder(s) Not Deleted /!\ *************
"C:\Documents and Settings\Momo\Application Data\EoRezo\SoftwareUpdate"
"C:\Documents and Settings\Momo\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe"
Second run ...
"C:\Documents and Settings\Momo\Application Data\EoRezo\SoftwareUpdate" - RESIST !
"C:\Documents and Settings\Momo\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe" - RESIST !
+-----------------------| ADDED SCAN :
+---------- Scanning prefs.js ... ( # Mozilla User Preferences )
...\gftzl64b.default\prefs.js :
~~~~ Mozilla FireFox version 3.0.4 ~~~~
Start Page : "http://lo.st#home"
+----------+
+--[HKEY_CURRENT_USER\..\Run]
ccleaner REG_SZ "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
+--[HKEY_LOCAL_MACHINE\..\Run]
LVCOMSX REG_SZ C:\WINDOWS\system32\LVCOMSX.EXE
PaperPort PTD REG_SZ C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
IndexSearch REG_SZ C:\Program Files\Scansoft\PaperPort\IndexSearch.exe
SoundMan REG_SZ SOUNDMAN.EXE
ItsTV REG_SZ "C:\Program Files\ItsLabel\ItsTV.exe"
OnlineArmor GUI REG_SZ "C:\Program Files\Tall Emu\Online Armor\oaui.exe"
SoftwareHelper REG_SZ C:\Documents and Settings\Momo\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
avast! REG_SZ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre6\bin\jusched.exe"
+--[HKEY_USERS\.DEFAULT\..\Run]
+--[HKEY_CURRENT_USER\..\Internet Explorer\MAIN]
Start Page : hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
+--[HKEY_LOCAL_MACHINE\..\Internet Explorer\MAIN]
Start Page : hxxp://fr.msn.com/
+---------------------------------------------------------------------------+
- "C:\AD-report-Clean-16.12.2008.log" (~5350 bytes)
- "C:\AD-report-Scan-16.12.2008.log" (~9864 bytes)
# END at: 17:54:30 | 16/12/2008 - Time elapsed: 2 minutes, 13 seconds
+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 117 lines ]
+---------------------------------------------------------------------------+
*** Limited to ***
Boonty/BoontyGames
Eorezo
Everest Poker
Funwebproduct/MyWay/MyWebsearch
Messenger Skinner
Sweetim
******************
# START at: 17:52:17 | Mar 16/12/2008 | Microsoft® Windows XP™ (v5.1.2600)
# BOOT MODE: Normal
# OPTION: Clean | EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat
# PC: MONIQUE-0CF3FX3 | USER: Momo ( Current user is an administrator)
# DRIVE(S):
- C:\ (File System: NTFS)
- G:\ (File System: NTFS)
- H:\ (File System: NTFS)
# Internet Explorer v6.0.2900.2180
--------- [ RUNNING PROCESSES: 43 ] ---------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Tall Emu\Online Armor\oasrv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\brss01a.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Tall Emu\Online Armor\oaui.exe
C:\Program Files\EoRezo\EoEngine.exe
C:\Documents and Settings\Momo\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\BRMFRSMG.EXE
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\Program Files\Scansoft\PaperPort\SmartUI\SmartUI.exe
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
G:\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\ntvdm.exe
-----------------------------------
(!) ---- IE start pages reset
+-----------------------| Boonty/Boonty Games Elements Deleted :
.
[10/11/2006 10:55|--a------] C:\WINDOWS\system32\PANDOR~2.DLL
+-----------------------| Eorezo Elements Deleted :
"HKEY_CURRENT_USER\SOFTWARE\EoRezo"
"HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run" /v "EoEngine"
.
[16/12/2008 17:27|d--------] C:\Program Files\EoRezo
/!\ NOT DELETED - [16/12/2008 17:26|d--------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo
/!\ NOT DELETED - [16/12/2008 17:52|d--------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo\SOFTWA~1
/!\ NOT DELETED - [09/12/2008 10:13|--a------] C:\DOCUME~1\Momo\APPLIC~1\EoRezo\SOFTWA~1\SOFTWA~2.EXE
[16/12/2008 17:02|--a------] C:\DOCUME~1\Momo\Cookies\MOMO@E~1.TXT
+-----------------------| Everest Poker Elements Deleted :
.
+-----------------------| FunWebProducts/MyWay/MyWebSearch/MyGlobalSearch Elements Deleted :
.
+-----------------------| Messenger Skinner Elements Deleted :
.
+-----------------------| Sweetim Elements Deleted :
.
(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives.
************* /!\ File(s)/Folder(s) Not Deleted /!\ *************
"C:\Documents and Settings\Momo\Application Data\EoRezo\SoftwareUpdate"
"C:\Documents and Settings\Momo\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe"
Second run ...
"C:\Documents and Settings\Momo\Application Data\EoRezo\SoftwareUpdate" - RESIST !
"C:\Documents and Settings\Momo\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe" - RESIST !
+-----------------------| ADDED SCAN :
+---------- Scanning prefs.js ... ( # Mozilla User Preferences )
...\gftzl64b.default\prefs.js :
~~~~ Mozilla FireFox version 3.0.4 ~~~~
Start Page : "http://lo.st#home"
+----------+
+--[HKEY_CURRENT_USER\..\Run]
ccleaner REG_SZ "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
+--[HKEY_LOCAL_MACHINE\..\Run]
LVCOMSX REG_SZ C:\WINDOWS\system32\LVCOMSX.EXE
PaperPort PTD REG_SZ C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
IndexSearch REG_SZ C:\Program Files\Scansoft\PaperPort\IndexSearch.exe
SoundMan REG_SZ SOUNDMAN.EXE
ItsTV REG_SZ "C:\Program Files\ItsLabel\ItsTV.exe"
OnlineArmor GUI REG_SZ "C:\Program Files\Tall Emu\Online Armor\oaui.exe"
SoftwareHelper REG_SZ C:\Documents and Settings\Momo\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
avast! REG_SZ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre6\bin\jusched.exe"
+--[HKEY_USERS\.DEFAULT\..\Run]
+--[HKEY_CURRENT_USER\..\Internet Explorer\MAIN]
Start Page : hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
+--[HKEY_LOCAL_MACHINE\..\Internet Explorer\MAIN]
Start Page : hxxp://fr.msn.com/
+---------------------------------------------------------------------------+
- "C:\AD-report-Clean-16.12.2008.log" (~5350 bytes)
- "C:\AD-report-Scan-16.12.2008.log" (~9864 bytes)
# END at: 17:54:30 | 16/12/2008 - Time elapsed: 2 minutes, 13 seconds
+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 117 lines ]
+---------------------------------------------------------------------------+
c'est terminé donc.
D'abord encore merci pour ton aide et surtout ta grande patience envers moi.
question comment eorezo entre-t-il dans le PC ?
D'abord encore merci pour ton aide et surtout ta grande patience envers moi.
question comment eorezo entre-t-il dans le PC ?
il est installer probablement en telechargeant des logiciel içi
http://ww17.eorezo.com/cgi-bin/index.cgi
http://ww17.eorezo.com/cgi-bin/index.cgi