Ouvrir
Fermer
|
|
|
|
Bienvenue sur CoupDePoucePc !! Nous sommes le
et il est déjà
Coupdepoucepc.fr est un site d’entraide et de dépannage informatique en ligne, totalement gratuit.
L'équipe est composée de passionnés, bénévoles, désireux de vous aider rapidement dans une ambiance conviviale.
|
|
|
Regarde ce sujet :
1 Utilisateur(s) anonymes
|
trojan Eorezo
|
|
Coupdepoucienne Accro !
Inscrite depuis le : 22 12 2008
Mes configs
|
Bonjour, j'ai windows 7,pc de bureau voici mon ti problème : après avoir lancé malwarebytes voici son rapport :trojan Eorezo registry key je supprime la clé dans le registre mais cela reviens a chaque fois que je nettoie avec malwarebytes.. comment m'en débarrasser? merci pour l'aide que vous m'apporterez .
Posté le : 03/06/2013 19:37
|
|
|
Re: trojan Eorezo
|
|
Inscrit depuis le : 02 05 2010
Mes configs
|
Bonjour, on va dabord vérifié si ton ordinateur est infecté ou pas Est-ce tu as télécharger des logiciels et que tu as installé ? Sur quel site que tu as téléchargé ? On vas plus approfondir pour voir et si tu as des questions n'hésite pas de les posées Prend ton ton temps et lis bien les procédures Télécharger ZHPDiag http://telechargement.zebulon.fr/telecharger-zhpdiag.html Sous Window XP utilise cette procédure ci-dessous :
une fois installer tu clic sur l'icône > une fenêtre vas s'ouvrir et clic sur la loupe pour scanner > un fois fini clic sur en enregistrer > tu ouvre le rapport et tu sélectionne tout puis copier et tu met le rapport complet ICI
Sous Vista et Windows 7 (Seven) utilise cette procédure ci-dessous : >>>> Tu dois utiliser cette Procédure <<<< une fois installer, tu clic droit sur l'icône puis clic sur exécuter en tant qu'administrateur > une fenêtre vas s'ouvrir et clic sur la loupe pour scanner > un fois fini clic sur en enregistrer > tu ouvre le rapport et tu sélectionne tout puis copier et tu met le rapport complet ICI <<<<< Clique dessus la photo pour l'agrandir >>>>> Sur ton bureau tu trouveras le rapport de (ZHPDiag) Pour poster le rapport en lien rends toi sur ce site ci-dessous: http://cjoint.com/ - Clique sur Parcourir et va jusqu'au rapport qui a été sauvegardé
- Clic gauche dessus clique ensuite sur Ouvrir
- Clique sur Créer le lien Cjoint
- Une fois l'upload fini un lien apparaît clic droit dessus choisis Copier dans le menu
ce lien tu le met sur la prochaine réponse ici (attention ! ne modifier pas le lien, si non on ne peut pas voir le rapport ZHPDiag) - Colle le lien dans ta prochaine réponse
de bien vouloir répondre a toutes les question c'est très important et de faire tous ce que je t'ai demandé de faire tiens nous informés anthony0371 @ Plus
Posté le : 03/06/2013 19:48
|
_________________
Chers Membres, n'oubliez pas de venir voir régulièrement si vous avez de nouvelles réponses. Merci.
|
|
Re: trojan Eorezo
|
|
Coupdepoucienne Accro !
Inscrite depuis le : 22 12 2008
Mes configs
|
bonjour je n'ai pas télecharger de logiciels ,ou peut etre que je ne m'en souviens plus.. cela fait un moment que j'ai ce probleme et souvent mon pc bugg apres que mon compagnon sois allé sur les sites de jeux vidéos.. j'ai appliqué la marche a suivre ,voici le lien: http://cjoint.com/?CFgoUCNoB4Jmerci pour l'aide
Posté le : 06/06/2013 14:51
|
|
|
Re: trojan Eorezo
|
|
Inscrit depuis le : 02 05 2010
Mes configs
|
Bonjour, Ton ordinateur est bien infecté
Tu supprime tous car si je te met cette liste rouge car ils sont infectés
ZHPFix ne sert pas à scanner, mais à supprimé les infections
tu suis bien mais instruction ci-dessous et surtout n'essai pas les autres fonctions télécharge ZHPFix 1.12.32
Voici le lien : http://telechargement.zebulon.fr/telecharger-zhpfix.html Sous Window XP utilise cette procédure ci-dessous :
une fois installer, tu clique l'icone de ZHPFix >>>> une fenêtre vas s'ouvrir > tu sélectionne les ligne en rouge ci-dessous puis copier et clic sur l'icône coller presse papier a coter de l’icône appareil photo (1) et tu clic sur GO (2) > un fois finit, tu refait un scanne avec ZHPdiag et tu le met le rapport ici Sous Vista et Windows 7 (Seven) utilise cette procédure ci-dessous : >>>> Tu dois utiliser cette Procédure <<<<
une fois installer, tu clique droit sur l'icone de ZHPFix puis executer en tant administarteur > une fenêtre vas s'ouvrir > tu sélectionne les ligne en rouge ci-dessous puis copier et clic sur l'icône coller presse papier a coter de l’icône appareil photo (1) et tu clic sur GO (2) > un fois finit, tu refait un scanne avec ZHPdiag et tu le met le rapport ici
Si il te demande de redémarrer, tu le feras après avoir tous supprimer voici les infections ci-dessous : Ligne rouge (liste) a supprimé ci-dessous [MD5.981794879E8FD26CDD6ABCFF3F3F65EF] - (...) -- C:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [3085264] [PID.2004] M3 - MFPP: Plugins - [ninie lolo] -- C:\Users\ninie lolo\AppData\Roaming\Mozilla\Firefox\Profiles\ep8ti82w.default\searchplugins\babylon.xml =>Toolbar.Babylon M3 - MFPP: Plugins - [ninie lolo] -- C:\Users\ninie lolo\AppData\Roaming\Mozilla\Firefox\Profiles\ep8ti82w.default\searchplugins\MyStart Search.xml M3 - MFPP: Plugins - [ninie lolo] -- C:\Users\ninie lolo\AppData\Roaming\Mozilla\Firefox\Profiles\ep8ti82w.default\searchplugins\SearchquWebSearch.xml =>PUP.Datamngr M3 - MFPP: Plugins - [ninie lolo] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\babylon.xml =>Toolbar.Babylon M3 - MFPP: Plugins - [ninie lolo] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\SearchquWebSearch.xml =>PUP.Datamngr M2 - MFEP: prefs.js [ninie lolo - ep8ti82w.default\{EEE6C361-6118-11DC-9C72-001320C79847}] [] SweetPacks Toolbar for Firefox v1.9.0.0 (..) =>PUP.SweetIM R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.searchnu.com O2 - BHO: Searchqu Toolbar [64Bits] - {7FF99715-3016-4381-84CE-E4E4C9673020} Clé orpheline =>PUP.Datamngr O2 - BHO: Searchqu Toolbar [64Bits] - {99079a25-328f-4bd4-be04-00955acaa0a7} . (...) -- C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll (.not file.) =>PUP.Datamngr O2 - BHO: SWEETIE [64Bits] - {EEE6C35C-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetPacks Toolbar module for Internet Expl.) -- C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll =>PUP.SweetIM O4 - Global Startup: C:\Users\ninie lolo\Desktop\Search the Web.url . (...) -- C:\Users\ninie lolo\Desktop\Search the Web.url =>Adware.IMBooster O4 - Global Startup: C:\Users\ninie lolo\Desktop\SweetPcFix.url . (.Safer Networking Limited - Spybot - Search & Destroy.) -- C:\Users\ninie lolo\Desktop\SweetPcFix.url =>PUP.SweetPCFix O23 - Service: Browser Manager (Browser Manager) . (...) - C:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe O42 - Logiciel: Browser Manager - (...) [HKLM][64Bits] -- {15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} O42 - Logiciel: Internet Explorer Toolbar 4.6 by SweetPacks - (.SweetIM Technologies Ltd..) [HKLM][64Bits] -- {C3E85EE9-5892-4142-B537-BCEB3DAC4C3D} =>PUP.SweetIM O42 - Logiciel: Tuto Firefox 41.0.0.0 - (.PcTuto.) [HKLM][64Bits] -- Tuto Firefox 4_is1 =>PUP.AgenceExclusive [HKCU\Software\5b558dd1e66deb48] [HKCU\Software\Agence-Exclusive] =>PUP.AgenceExcusive [HKCU\Software\AppDataLow\Software\searchqutb] =>PUP.Datamngr [HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr [HKCU\Software\Datamngr] =>PUP.Datamngr [HKCU\Software\Iminent] =>Adware.IMBooster [HKCU\Software\InstallCore] =>PUP.InstallCore [HKCU\Software\PCTuto] =>PUP.AgenceExclusive [HKCU\Software\SweetIM] =>PUP.SweetIM [HKLM\Software\DataMngr] =>PUP.Datamngr [HKLM\Software\Wow6432Node\5b558dd1e66deb48] [HKLM\Software\Wow6432Node\Agence-Exclusive] =>PUP.AgenceExcusive [HKLM\Software\Wow6432Node\Babylon] =>Toolbar.Babylon [HKLM\Software\Wow6432Node\Bandoo] =>Adware.Bandoo [HKLM\Software\Wow6432Node\DataMngr] =>PUP.Datamngr [HKLM\Software\Wow6432Node\GamesBarSetup] =>Adware.GamesBar [HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster [HKLM\Software\Wow6432Node\PCTuto] =>PUP.AgenceExclusive [HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM [HKLM\Software\Wow6432Node\Trymedia Systems] =>Adware.Trymedia [HKLM\Software\Wow6432Node\iWin] O43 - CFD: 18/01/2013 - 08:33:03 - [6,112] ----D C:\Program Files (x86)\Accelerer PC =>Rogue.PCSpeedUp O43 - CFD: 14/12/2009 - 12:03:10 - [0,002] ----D C:\Program Files (x86)\GamesBar =>Adware.GamesBar O43 - CFD: 13/10/2012 - 22:12:54 - [7,308] ----D C:\Program Files (x86)\PcTuto =>PUP.AgenceExclusive O43 - CFD: 19/01/2013 - 19:56:43 - [4,093] ----D C:\Program Files (x86)\SweetIM =>PUP.SweetIM O43 - CFD: 11/11/2012 - 12:52:05 - [6,525] ----D C:\Program Files (x86)\Webplayer setup =>Adware.SocialSkinz O43 - CFD: 11/11/2012 - 13:04:45 - [0] ----D C:\Program Files (x86)\Windows Searchqu Toolbar =>PUP.Datamngr O43 - CFD: 06/10/2012 - 11:48:09 - [0] ----D C:\ProgramData\Babylon =>Toolbar.Babylon O43 - CFD: 06/06/2013 - 07:26:31 - [8,371] ----D C:\ProgramData\Browser Manager O43 - CFD: 09/01/2010 - 19:49:28 - [0,002] ----D C:\ProgramData\Partner O43 - CFD: 29/10/2012 - 20:05:13 - [15,522] ----D C:\ProgramData\Trymedia =>Adware.Trymedia O43 - CFD: 17/10/2012 - 16:03:50 - [0] ----D C:\Users\ninie lolo\AppData\Roaming\Agence-Exclusive =>PUP.AgenceExcusive O43 - CFD: 06/10/2012 - 11:48:09 - [0,016] ----D C:\Users\ninie lolo\AppData\Roaming\Babylon =>Toolbar.Babylon O43 - CFD: 24/05/2013 - 20:26:54 - [37,804] ----D C:\Users\ninie lolo\AppData\Roaming\OpenCandy =>Adware.OpenCandy O43 - CFD: 13/10/2012 - 22:12:53 - [0,913] ----D C:\Users\ninie lolo\AppData\Local\Agence-Exclusive =>PUP.AgenceExcusive O43 - CFD: 06/09/2011 - 10:19:59 - [0] ----D C:\Users\ninie lolo\AppData\Local\OpenCandy =>Adware.OpenCandy O53 - SMSR:HKLM\...\startupreg\SweetIM [Key] . (...) -- C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (.not file.) =>PUP.SweetIM O53 - SMSR:HKLM\...\startupreg\Sweetpacks Communicator [Key] . (...) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.) =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "http://www.searchqu.com/web?src=ffb&systemid=101&q="); =>PUP.Datamngr O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("browser.search.defaultenginename", "Search Results"); O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("browser.search.order.1", "Search Results"); O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.admin", false); =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.aflt", "babsst"); =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}"); =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.bbDpng", "11"); =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.cntry", "FR"); =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.dfltLng", "en"); =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.dpkLst", "1169821598,3855095921,302281469,2400444324,3654782829,1334533236,3874294282,3866767[...] =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.envrmnt", "production"); =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.excTlbr", false); =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.hdrMd5", "C6899BFD9E843E514325242B09CFFE98"); =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.hmpg", false); =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.id", "0cc8ba79000000000000002511a8d2d2"); =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.instlDay", "15655"); =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.instlRef", "sst"); =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.8.3.811:28:44"); =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.mntrvrsn", "1.3.1"); =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.newTab", true); =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.pnu_base", "{\"newVrsn\":\"48\",\"lastVrsn\":\"48\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\[...] =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.sg", "azb"); =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.smplGrp", "azb"); =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.tlbrId", "base"); =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "http://search.babylon.com/?babsrc=TB_ ... a79000000000000002511a8d2[...] =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.vrsn", "1.8.3.8"); =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.vrsnTs", "1.8.3.811:28:44"); =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.vrsni", "1.8.3.8"); =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar_i.newTab", true); =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar_i.newTabUrl", "http://search.babylon.com/?affID=1089 ... NT_ss&mntrId=0cc8ba79[...] =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.3.811:28:44"); =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.RevertDialog.enable", "false"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "1370277404353"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.Visibility.enable", "true"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.Visibility.intervaldays", "7"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.cargo", "3.1010000.00000"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.cda.HideOveride.enable", "true"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.cda.returnValue", "hide"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.0.enable", "true"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.0.height", "335"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.0.url", "http://www.sweetim.com/simffbar/optio ... e_id;&toolbar_version[...] =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.0.width", "761"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.1.enable", "true"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-handler.js"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.1.height", "300"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.1.width", "500"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.2.enable", "true"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handler.js"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.2.height", "150"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.2.url", "http://www.sweetim.com/simffbar/simcdadialog.asp"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.2.width", "530"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.google.com/.*|.*.google.co.in/.*|.[...] =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.mode.debug", "false"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.newtab.created", "false"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.newtab.enable", "true"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.previous.keyword.URL", ""); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.rc.url", "http://www.sweetim.com/simffbar/rc.ht ... ON;&crg=$cargo;"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.0.callback", "simVerification"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.0.domain-blacklist", ""); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "http://(www.|apps.)?facebook\\.com.*"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.0.enable", "false"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.0.url", "http://sc.sweetim.com/apps/in/fb/infb.js"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.1.callback", "simVerification"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ""); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "https://(www.|apps.)?facebook\\.com.*"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.1.enable", "false"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_httpS"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.1.url", "https://sc.sweetim.com/apps/in/fb/infb.js"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.2.callback", ""); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..*|.*.yahoo..*|.*.youtube.com.*[...] =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.2.domain-whitelist", ""); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.2.enable", "false"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.2.url", "http://cdn1.certified-apps.com/script ... =3104&tid=chff1"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"http://*google.*\" param=\[...] =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.search.history", "nature%20morte%20pot%20de%20miel,pot%20de%20miel,mandarine%20et%20citron,nature%20mor[...] =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.search.history.capacity", "10"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.searchguard.enable", "false"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.simapp_id", "{C0BE43C4-616A-11E2-9A1C-002511A8D2D2}"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.version", "1.9.0.0"); =>PUP.SweetIM O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Search the web (Babylon)) - http://search.babylon.com =>Adware.IMBooster O69 - SBI: SearchScopes [HKCU] {8A96AF9E-4074-43b7-BEA3-87217BDA74C8} - (Web Search) - http://www.searchqu.com =>PUP.Datamngr O69 - SBI: SearchScopes [HKCU] {8B63A8D6-BBED-4341-8867-790E5F524C96} - (MyStart Search) - http://mystart.hiyo.com O69 - SBI: SearchScopes [HKCU] {9B6103C1-F818-48a8-9683-314055BE6075} - (MyStart Search) - http://mystart.hiyo.com O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2414} [DefaultScope] - (Search Results) - http://dts.search-results.com O87 - FAEL: "{E33007D1-810E-488B-9DB3-E2B131892FCF}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.) =>PUP.SweetIM O87 - FAEL: "{45F98D7B-E192-4820-9528-0F34CCEE7671}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.) =>PUP.SweetIM [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>Toolbar.Babylon [HKLM\Software\Classes\AppID\{1301a8a5-3dfb-4731-a162-b357d00c9644}] =>Adware.Bandoo [HKLM\Software\Wow6432Node\Classes\AppID\{1301a8a5-3dfb-4731-a162-b357d00c9644}] =>Adware.Bandoo [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{293A63F7-C3B6-423A-9845-901AC0A7EE6E}] =>PUP.Eorezo [HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] =>Adware.AskSBAR [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624f4-c5dd-4e1d-bdd0-1e9c9b7799cc}] =>Adware.Bandoo [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624f4-c5dd-4e1d-bdd0-1e9c9b7799cc}] =>Adware.Bandoo [HKLM\Software\Classes\AppID\{759F1421-4D31-4c1f-8C51-E4956A037676}] =>Spyware.AgenceExclusive [HKLM\Software\Wow6432Node\Classes\AppID\{759F1421-4D31-4c1f-8C51-E4956A037676}] =>Spyware.AgenceExclusive [HKLM\Software\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}] =>Adware.AskSBAR [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12}] =>Adware.Bandoo [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12}] =>Adware.Bandoo [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7FF99715-3016-4381-84CE-E4E4C9673020}] =>Adware.Bandoo [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8a96af9e-4074-43b7-bea3-87217bda74c8}] =>Adware.Bandoo [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43B7-BEA3-87217BDA74C8}] =>Adware.Bandoo [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo [HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}] =>Adware.AskSBAR [HKLM\Software\Wow6432Node\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}] =>Adware.AskSBAR [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}] =>Adware.Bandoo [HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}] =>Adware.Bandoo [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}] =>Adware.Bandoo [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9c8a3ca5-889e-4554-beec-ec0876e4e96a}] =>Adware.Bandoo [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9c8a3ca5-889e-4554-beec-ec0876e4e96a}] =>Adware.Bandoo [HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Adware.AskSBAR [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Adware.AskSBAR [HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper [HKLM\Software\Wow6432Node\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper [HKLM\Software\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}] =>Toolbar.Babylon [HKLM\Software\Wow6432Node\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}] =>Toolbar.Babylon [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Adware.AskSBAR [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Adware.AskSBAR [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}] =>Adware.IMBooster [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f9189560-573a-4fde-b055-ae7b0f4cf080}] =>Adware.Bandoo [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f9189560-573a-4fde-b055-ae7b0f4cf080}] =>Adware.Bandoo [HKLM\Software\Classes\Interface\{ff871e51-2655-4d06-aed5-745962a96b32}] =>Adware.Bandoo [HKLM\Software\Classes\AppID\bandoocore.exe] =>Adware.Bandoo [HKLM\Software\Classes\AppID\GenericAskToolbar.DLL] =>Adware.AskSBAR [HKLM\Software\Classes\AppID\PCTutoBHO.DLL] =>Spyware.AgenceExclusive [HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd] =>Adware.AskSBAR [HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1] =>Adware.AskSBAR [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9] =>Adware.MyWebSearch [HKCU\Software\Agence-Exclusive] =>Spyware.AgenceExclusive [HKLM\Software\Wow6432Node\Agence-Exclusive] =>Spyware.AgenceExclusive [HKLM\Software\Wow6432Node\Bandoo] =>Adware.Bandoo [HKCU\Software\DataMngr] =>Adware.Bandoo [HKLM\Software\DataMngr] =>Adware.Bandoo [HKLM\Software\Wow6432Node\DataMngr] =>Adware.Bandoo [HKLM\Software\Wow6432Node\GamesBarSetup] =>Adware.GamesBar [HKCU\Software\Iminent] =>Adware.IMBooster [HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster [HKLM\Software\Wow6432Node\iwin] =>Adware.BHO [HKCU\Software\PCTuto] =>Spyware.AgenceExclusive [HKLM\Software\Wow6432Node\PCTuto] =>Spyware.AgenceExclusive [HKCU\Software\SweetIM] =>PUP.SweetIM [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SweetIM] =>PUP.SweetIM [HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM [HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASAPI32] =>Toolbar.Babylon [HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASMANCS] =>Toolbar.Babylon [HKLM\Software\Wow6432Node\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32] =>Adware.Bandoo [HKLM\Software\Wow6432Node\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS] =>Adware.Bandoo [HKLM\Software\Wow6432Node\Microsoft\Tracing\SearchquMediaBar_RASAPI32] =>Adware.Bandoo [HKLM\Software\Wow6432Node\Microsoft\Tracing\SearchquMediaBar_RASMANCS] =>Adware.Bandoo [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}] =>Toolbar.Babylon [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP] =>Adware.IMBooster [HKLM\Software\Classes\Prod.cap] =>Toolbar.Babylon [HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM [HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM [HKLM\Software\Wow6432Node\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM [HKLM\Software\Wow6432Node\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}] =>PUP.SweetIM [HKCU\Software\InstallCore] =>Adware.InstallCore [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings] =>PUP.BProtector [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}] =>Toolbar.Babylon [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}] =>Toolbar.Babylon [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}] =>Toolbar.Babylon [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}] =>Toolbar.Babylon [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}] =>Toolbar.Babylon [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}] =>Toolbar.Babylon [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}] =>Toolbar.Babylon [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}] =>Toolbar.Babylon [HKLM\Software\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}] =>Toolbar.Babylon [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}] =>PUP.BProtector [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47] =>Adware.IMBooster [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856] =>Adware.IMBooster [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494] =>Adware.IMBooster [HKLM\Software\Wow6432Node\Canneverbe Limited\OpenCandy] =>Adware.OpenCandy [HKLM\Software\Classes\SWEETIE.IEToolbar] =>PUP.SweetIM [HKLM\Software\Classes\SWEETIE.IEToolbar.1] =>PUP.SweetIM [HKLM\Software\Classes\Toolbar3.SWEETIE] =>PUP.SweetIM [HKLM\Software\Classes\Toolbar3.SWEETIE.1] =>PUP.SweetIM [HKLM\Software\Classes\AppID\BandooCore.EXE] =>Adware.Bandoo [HKLM\Software\Wow6432Node\Classes\SWEETIE.IEToolbar] =>PUP.SweetIM [HKLM\Software\Wow6432Node\Classes\SWEETIE.IEToolbar.1] =>PUP.SweetIM [HKLM\Software\Wow6432Node\Classes\Toolbar3.SWEETIE] =>PUP.SweetIM [HKLM\Software\Wow6432Node\Classes\Toolbar3.SWEETIE.1] =>PUP.SweetIM [HKLM\Software\Wow6432Node\Classes\AppID\BandooCore.EXE] =>Adware.Bandoo [HKLM\Software\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^ [HKLM\Software\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^ [HKLM\Software\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156] =>PUP.SweetIM^ [HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks]:{00000000-6E41-4FD3-8538-502F5495E5FC} =>Adware.ShopperReports [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar]:{99079A25-328F-4BD4-BE04-00955ACAA0A7} =>Adware.Bandoo [HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Adware.AskSBAR C:\Program Files (x86)\GamesBar =>Adware.GamesBar C:\Program Files (x86)\PCTuto =>Spyware.AgenceExclusive C:\Program Files (x86)\SweetIM =>PUP.SweetIM C:\Program Files (x86)\Webplayer setup =>Adware.SocialSkinz C:\Program Files (x86)\Windows Searchqu Toolbar =>Adware.Bandoo C:\Program Files (x86)\Accelerer PC =>Rogue.PCSpeedUp C:\ProgramData\Babylon =>Toolbar.Babylon C:\ProgramData\Browser Manager =>Toolbar.Babylon C:\ProgramData\Trymedia =>Adware.Trymedia C:\ProgramData\Partner =>Spyware.Partner C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCTuto =>Spyware.AgenceExclusive C:\Users\ninie lolo\AppData\Roaming\Agence-Exclusive =>Spyware.AgenceExclusive C:\Users\ninie lolo\AppData\Roaming\Babylon =>Toolbar.Babylon C:\Users\ninie lolo\AppData\Roaming\OpenCandy =>Adware.OpenCandy C:\Users\ninie lolo\AppData\Local\Agence-Exclusive =>Spyware.AgenceExclusive C:\Users\ninie lolo\AppData\Local\OpenCandy =>Adware.OpenCandy C:\Users\ninie lolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn =>PUP.SweetIM C:\Users\ninie lolo\AppData\Roaming\Mozilla\Firefox\Profiles\ep8ti82w.default\bprotector_extensions.sqlite =>PUP.BProtector C:\Users\ninie lolo\AppData\Roaming\Mozilla\Firefox\Profiles\ep8ti82w.default\SearchPlugins\MyStart Search.xml =>Spyware.VMNToolbar C:\Users\ninie lolo\AppData\Roaming\Mozilla\Firefox\Profiles\ep8ti82w.default\SearchPlugins\SearchquWebSearch.xml =>Adware.Bandoo O90 - PUC: "9EE58E3C298524145B73CBBED3CAC4D3" . (.Internet Explorer Toolbar 4.6 by SweetPacks.) -- C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}\ARPPRODUCTICON.exe =>PUP.SweetIM [HKCU\Software\5b558dd1e66deb48\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.762.17]:guid="{16cdff19-861d-48e3-a751-d99a27784753}" [HKCU\Software\5b558dd1e66deb48\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.762.17]:version="2.3.762.17" [HKCU\Software\5b558dd1e66deb48\history\{16cdff19-861d-48e3-a751-d99a27784753}2.6.1123.78]:guid="{16cdff19-861d-48e3-a751-d99a27784753}" [HKCU\Software\5b558dd1e66deb48\history\{16cdff19-861d-48e3-a751-d99a27784753}2.6.1123.78]:version="2.6.1123.78" [HKCU\Software\5b558dd1e66deb48\history\{16cdff19-861d-48e3-a751-d99a27784753}2.6.1125.80]:guid="{16cdff19-861d-48e3-a751-d99a27784753}" [HKCU\Software\5b558dd1e66deb48\history\{16cdff19-861d-48e3-a751-d99a27784753}2.6.1125.80]:version="2.6.1125.80" [HKCU\Software\5b558dd1e66deb48\history\{16cdff19-861d-48e3-a751-d99a27784753}2.6.1249.132]:guid="{16cdff19-861d-48e3-a751-d99a27784753}" [HKCU\Software\5b558dd1e66deb48\history\{16cdff19-861d-48e3-a751-d99a27784753}2.6.1249.132]:version="2.6.1249.132" [HKCU\Software\5b558dd1e66deb48] =>Toolbar.Babylon^ [HKCU\Software\5b558dd1e66deb48]:GUID="{16cdff19-861d-48e3-a751-d99a27784753}" [HKCU\Software\5b558dd1e66deb48]:version="2.6.1339.144" [HKLM\Software\Wow6432Node\5b558dd1e66deb48] =>Toolbar.Babylon^ [HKLM\Software\Wow6432Node\5b558dd1e66deb48]:GUID="{16cdff19-861d-48e3-a751-d99a27784753}" [HKLM\Software\Wow6432Node\5b558dd1e66deb48]:version="2.6.1339.144" SR - | Auto 3085264 | (Browser Manager) . (...) - C:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
M3 - MFPP: Plugins - [ninie lolo] -- C:\Users\ninie lolo\AppData\Roaming\Mozilla\Firefox\Profiles\ep8ti82w.default\searchplugins\askcom.xml M3 - MFPP: Plugins - [ninie lolo] -- C:\Users\ninie lolo\AppData\Roaming\Mozilla\Firefox\Profiles\ep8ti82w.default\searchplugins\Search_Results.xml M3 - MFPP: Plugins - [ninie lolo] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\Search_Results.xml M2 - MFEP: prefs.js [ninie lolo - ep8ti82w.default\toolbar@ask.com] [] v (..) R3 - URLSearchHook: UrlSearchHook Class [64Bits] - {00000000-6E41-4FD3-8538-502F5495E5FC} . (.Ask - Ask Toolbar.) (5.15.2.23037) -- C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll =>Toolbar.Ask R3 - URLSearchHook: (no name) [64Bits] - {08C06D61-F1F3-4799-86F8-BE1A89362C85} . (.Ask - Ask Toolbar.) (No version) -- (.not file.) =>Toolbar.Ask O2 - BHO: ToolbarOrange.InitToolbarBHO [64Bits] - {1d970ed5-3eda-438d-bffd-715931e2775b} . (...) -- mscoree.dll (.not file.) O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Clé orpheline O2 - BHO: Ask Toolbar BHO [64Bits] - {D4027C7F-154A-4066-A1AD-4243D8127440} . (.Ask - Ask Toolbar.) -- C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll =>Toolbar.Ask [MD5.013414E136AC76598B19552DC31DE718] [APT] [Scheduled Update for Ask Toolbar] (...) -- C:\Program Files (x86)\Ask.com\UpdateTask.exe [135336] =>Toolbar.Ask O42 - Logiciel: Ask Toolbar - (.Ask.com.) [HKLM][64Bits] -- {86D4B82A-ABED-442A-BE86-96357B70F4FE} =>Toolbar.Ask O42 - Logiciel: Skype Toolbars - (.Skype Technologies S.A..) [HKLM][64Bits] -- {981029E0-7FC9-4CF3-AB39-6F133621921A} O42 - Logiciel: ToolbarFR - (.Orange.) [HKLM][64Bits] -- {A047FE02-C91C-41CB-898C-4ED21B86025A} [HKCU\Software\APN] [HKCU\Software\AppDataLow\Software\AskToolbar] [HKCU\Software\Ask.com] [HKCU\Software\Conduit] [HKCU\Software\Softonic] [HKCU\Software\YahooPartnerToolbar] [HKLM\Software\Tarma Installer] =>Toolbar.Tarma [HKLM\Software\Wow6432Node\APN] [HKLM\Software\Wow6432Node\AskToolbar] [HKLM\Software\Wow6432Node\Conduit] O43 - CFD: 21/10/2012 - 11:03:10 - [3,428] ----D C:\Program Files (x86)\Ask.com O43 - CFD: 04/04/2011 - 20:55:12 - [0,007] ----D C:\Program Files (x86)\Bing Bar Installer O43 - CFD: 06/10/2011 - 13:48:04 - [0,609] ----D C:\Program Files (x86)\Conduit O43 - CFD: 21/10/2012 - 10:52:33 - [0] ----D C:\ProgramData\Ask O43 - CFD: 11/11/2012 - 12:53:43 - [0,280] ----D C:\ProgramData\Tarma Installer =>Toolbar.Tarma O43 - CFD: 27/05/2013 - 16:13:37 - [0] ----D C:\Users\ninie lolo\AppData\Local\Conduit O69 - SBI: C:\Users\ninie lolo\AppData\Roaming\Mozilla\Firefox\Profiles\ep8ti82w.default\searchplugins\askcom.xml O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.SearchProtectorEnabled", false); =>Toolbar.Conduit O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.SearchProtectorToolbarDisabled", false); =>Toolbar.Conduit O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.searchProtectorDialogDelayInSec", 10); =>Toolbar.Conduit O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.searchProtectorEnableByLogin", true); =>Toolbar.Conduit O69 - SBI: SearchScopes [HKCU] {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - (Ask Search) - http://websearch.ask.com [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}] =>Toolbar.Conduit [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}] =>Toolbar.Ask [HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}] =>Toolbar.Ask [HKLM\Software\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}] =>Toolbar.Ask [HKLM\Software\Classes\AppID\{759F1421-4D31-4C1F-8C51-E4956A037676}] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Classes\AppID\{759F1421-4D31-4C1F-8C51-E4956A037676}] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}] =>Toolbar.Ask [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype [HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}] =>Toolbar.Ask [HKLM\Software\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}] =>Toolbar.Ask [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A047FE02-C91C-41CB-898C-4ED21B86025A}] =>Toolbar.Orange [HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}] =>Toolbar.Ask [HKLM\Software\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}] =>Toolbar.Ask [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C9A6357B-25CC-4BCF-96C1-78736985D412}] =>Toolbar.Agent [HKLM\Software\Classes\SearchBar.Client] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Google\Chrome\Extensions\paoponfhfdfnjgddpnpjkambkcgdaaib] =>Toolbar.Conduit [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E] =>Toolbar.Ask [HKLM\Software\Classes\Installer\Features\0E9201899CF73FC4BA93F631631229A1] =>Toolbar.Agent [HKLM\Software\Classes\Installer\Products\0E9201899CF73FC4BA93F631631229A1] =>Toolbar.Agent [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0E9201899CF73FC4BA93F631631229A1] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Classes\Installer\Features\0E9201899CF73FC4BA93F631631229A1] =>Toolbar.Agent redémarre ton ordinateur - Téléchargez Ad-Remover.voici le lien ci-dessous :
http://general-changelog-team.fr/fr/d ... tils-de-c-xx/5-ad-remover - Double-cliquez sur l'icône AD-Remover.
- Au menu principal, (1) cliquez sur [Nettoyer].
- Confirmez le lancement de l'analyse et laissez l'outil travailler.
Télécharge le logiciel AdwCleaner Version:1.703 Voici le lien ci-dessous : http://general-changelog-team.fr/fr/d ... ls-de-xplode/2-adwcleaner une fois télécharger tu met le logiciel sur le bureau et clic sur le logiciel , une fois installait (1) clic sur supprimer
refait un scanne avec ZHPDiag tiens-nous infomés anthony0371 @ Plus
Posté le : 06/06/2013 15:29
|
_________________
Chers Membres, n'oubliez pas de venir voir régulièrement si vous avez de nouvelles réponses. Merci.
|
|
Re: trojan Eorezo
|
|
Coupdepoucienne Accro !
Inscrite depuis le : 22 12 2008
Mes configs
|
Bonjour, http://cjoint.com/?CFgt7MhDQvdvoila le rapport apres relancer ZHPdiag merci j'espere qu'il n'y a plus de virus grrrr
Posté le : 06/06/2013 20:04
|
|
|
Re: trojan Eorezo
|
|
Inscrit depuis le : 02 05 2010
Mes configs
|
Bonjour, Ton ordinateur est bien infecté
Tu supprime tous car si je te met cette liste rouge car ils sont infectés
ZHPFix ne sert pas à scanner, mais à supprimé les infections
tu suis bien mais instruction ci-dessous et surtout n'essai pas les autres fonctions télécharge ZHPFix 1.12.32
Voici le lien : http://telechargement.zebulon.fr/telecharger-zhpfix.html Sous Window XP utilise cette procédure ci-dessous :
une fois installer, tu clique l'icone de ZHPFix >>>> une fenêtre vas s'ouvrir > tu sélectionne les ligne en rouge ci-dessous puis copier et clic sur l'icône coller presse papier a coter de l’icône appareil photo (1) et tu clic sur GO (2) > un fois finit, tu refait un scanne avec ZHPdiag et tu le met le rapport ici Sous Vista et Windows 7 (Seven) utilise cette procédure ci-dessous : >>>> Tu dois utiliser cette Procédure <<<<
une fois installer, tu clique droit sur l'icone de ZHPFix puis executer en tant administarteur > une fenêtre vas s'ouvrir > tu sélectionne les ligne en rouge ci-dessous puis copier et clic sur l'icône coller presse papier a coter de l’icône appareil photo (1) et tu clic sur GO (2) > un fois finit, tu refait un scanne avec ZHPdiag et tu le met le rapport ici
Si il te demande de redémarrer, tu le feras après avoir tous supprimer voici les infections ci-dessous : Ligne rouge (liste) a supprimé ci-dessous [MD5.981794879E8FD26CDD6ABCFF3F3F65EF] - (...) -- C:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [3085264] [PID.1192] [HKCU\Software\SweetIM] =>PUP.SweetIM O43 - CFD: 06/06/2013 - 07:26:31 - [8,371] ----D C:\ProgramData\Browser Manager O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.admin", false); =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.aflt", "babsst"); =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}"); =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.dfltLng", "en"); =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.dpkLst", "1169821598,3855095921,302281469,2400444324,3654782829,1334533236,3874294282,3866767[...] =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.excTlbr", false); =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.id", "0cc8ba79000000000000002511a8d2d2"); =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.instlDay", "15655"); =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.instlRef", "sst"); =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.tlbrId", "base"); =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "http://search.babylon.com/?babsrc=TB_ ... a79000000000000002511a8d2[...] =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.vrsn", "1.8.3.8"); =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.vrsni", "1.8.3.8"); =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar_i.newTabUrl", "http://search.babylon.com/?affID=1089 ... NT_ss&mntrId=0cc8ba79[...] =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.3.811:28:44"); =>Toolbar.Babylon O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.RevertDialog.enable", "false"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "0"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.Visibility.enable", "true"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.Visibility.intervaldays", "7"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.cda.HideOveride.enable", "true"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.0.url", "http://www.sweetim.com/simffbar/optio ... e_id;&toolbar_version[...] =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.1.enable", "true"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.1.height", "335"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.1.id", "id_options_dialog"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.1.title", "$string.config.label;"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.1.url", "http://www.sweetim.com/simffbar/optio ... e_id;&toolbar_version[...] =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.1.width", "761"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.2.enable", "true"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/exampledialog-handler.js"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.2.height", "300"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.2.id", "id_example_dialog"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.2.title", "Example (unit-test) dialog"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.2.url", "chrome://sim_toolbar_package/content/exampledialog.html"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.2.width", "500"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.3.enable", "true"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.3.handler", "chrome://sim_toolbar_package/content/cdadialog-handler.js"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.3.height", "150"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.3.id", "id_dialog_hide_disable_remove"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.3.title", "Option Dialog"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.3.url", "http://www.sweetim.com/simffbar/simcdadialog.asp"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.3.width", "530"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.google.com/.*|.*.google.co.in/.*|.[...] =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.mode.debug", "false"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.newtab.created", "false"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.newtab.enable", "true"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.previous.keyword.URL", ""); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.rc.url", "http://www.sweetim.com/simffbar/rc.ht ... ON;&crg=$cargo;"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.0.callback", "simVerification"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.0.domain-blacklist", ""); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "http://(www.|apps.)?facebook\\.com.*"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.0.enable", "false"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.0.url", "http://sc.sweetim.com/apps/in/fb/infb.js"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.1.callback", "simVerification"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ""); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "https://(www.|apps.)?facebook\\.com.*"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.1.enable", "false"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_httpS"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.1.url", "https://sc.sweetim.com/apps/in/fb/infb.js"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.2.url", "http://cdn1.certified-apps.com/script ... =3104&tid=chff1"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.3.addcontextdiv", "false"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.3.callback", ""); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.3.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..*|.*.yahoo..*|.*.youtube.com.*[...] =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.3.domain-whitelist", ""); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.3.elementid", "id_predict_include_script"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.3.enable", "false"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.3.id", "id_script_prad"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.3.url", "http://cdn1.certified-apps.com/script ... =3104&tid=chff1"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"http://*google.*\" param=\[...] =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.search.history.capacity", "10"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.searchguard.enable", "false"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.simapp_id", "{C0BE43C4-616A-11E2-9A1C-002511A8D2D2}"); =>PUP.SweetIM O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.version", "1.9.0.0"); =>PUP.SweetIM [HKCU\Software\SweetIM] =>PUP.SweetIM [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Adware.AskSBAR C:\ProgramData\Browser Manager =>Toolbar.Babylon C:\Users\ninie lolo\AppData\Roaming\Mozilla\Firefox\Profiles\ep8ti82w.default\bprotector_extensions.sqlite =>PUP.BProtector [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED] =>Toolbar.Ask [HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch [HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch [HKLM\Software\Wow6432Node\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch [HKLM\Software\Wow6432Node\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E] =>Toolbar.Ask [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{08C06D61-F1F3-4799-86F8-BE1A89362C85}] =>Toolbar.Orange [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>Toolbar.Agent [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>Toolbar.Agent [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2] =>Toolbar.Ask [HKLM\Software\Classes\Toolbar.CT2851639] =>Toolbar.Conduit [HKLM\Software\Wow6432Node\Classes\Toolbar.CT2851639] =>Toolbar.Conduit C:\Users\ninie lolo\AppData\LocalLow\AskToolbar =>Toolbar.AskTBar C:\Users\ninie lolo\AppData\LocalLow\Conduit =>Toolbar.Conduit O90 - PUC: "A28B4D68DEBAA244EB686953B7074FEF" . (.Ask Toolbar.) -- C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\ARPPRODUCTICON.exe =>Toolbar.Ask R3 - URLSearchHook: (no name) [64Bits] - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} . (.Microsoft Corporation - Navigateur Internet.) (No version) -- (.not file.) [MD5.00000000000000000000000000000000] [APT] [{360DC700-F0D9-4134-94BF-E0545AF057B4}] (...) -- E:\setup.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{4FBB0666-6D9E-411E-A4F0-61A8C4886E8D}] (...) -- E:\setup.exe (.not file.) [0] O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O64 - Services: CurCS - 11/02/2011 - C:\Windows\System32\drivers\npf.sys (npf) .(.CACE Technologies, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) - LEGACY_NPF [MD5.62B7C506B092D460898F3296DA94B728] [SPRF][18/07/2009] (.Oberon Media - FullRemove.) -- C:\ProgramData\FullRemove.exe [36136] SR - | Auto 14/07/2009 27136 | c:\program files (x86)\common files\akamai\netsession_win_ca0e279.dll (Akamai) . (.Akamai Technologies, Inc..) - C:\Windows\System32\svchost.exe eMule µTorrent v3.3.0.29420 =>P2P.µTorrent [MD5.BB7245420097B251D1271F5B6F0C9F02] - (.BitTorrent Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe [802136] [PID.2500] =>P2P.µTorrent M2 - MFEP: prefs.js [ninie lolo - ep8ti82w.default\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}] [] uTorrentBar_FR Community Toolbar v3.18.0.7 (..) =>P2P.µTorrent O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.µTorrent O4 - HKUS\S-1-5-21-3251470970-1943291794-2502108607-1000\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.µTorrent O4 - GS\QuickLaunch: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.µTorrent O42 - Logiciel: eMule - (...) [HKLM][64Bits] -- eMule O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKLM][64Bits] -- uTorrent =>P2P.µTorrent [HKCU\Software\BitTorrent] =>P2P.BitTorrent [HKCU\Software\eMule] O43 - CFD: 14/12/2009 - 16:13:24 - [714,096] ----D C:\Program Files (x86)\eMule O43 - CFD: 01/10/2012 - 21:03:00 - [10,268] ----D C:\Program Files (x86)\MP3 Rocket O43 - CFD: 03/05/2013 - 17:53:44 - [0,765] ----D C:\Program Files (x86)\uTorrent =>P2P.µTorrent O43 - CFD: 04/10/2011 - 14:55:16 - [0,003] ----D C:\Users\ninie lolo\AppData\Roaming\BitTorrent =>P2P.BitTorrent O43 - CFD: 01/10/2012 - 21:03:04 - [2,196] ----D C:\Users\ninie lolo\AppData\Roaming\MP3Rocket O43 - CFD: 06/06/2013 - 19:53:54 - [6,656] ----D C:\Users\ninie lolo\AppData\Roaming\uTorrent =>P2P.µTorrent O43 - CFD: 04/10/2011 - 15:13:00 - [0] ----D C:\Users\ninie lolo\AppData\Local\uTorrent =>P2P.µTorrent O53 - SMSR:HKLM\...\startupreg\uTorrent [Key] . (.BitTorrent Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.µTorrent O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.SearchCaption", "uTorrentBar_FR Customized Web Search"); =>P2P.µTorrent O87 - FAEL: "TCP Query User{9B130DBF-CC3C-4AF8-9EEA-7B913BEC27C8}C:\program files (x86)\emule\emule.exe" | In - Private - P6 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\program files (x86)\emule\emule.exe O87 - FAEL: "UDP Query User{C3F08076-54C5-418D-BEE6-857DF5AF84D0}C:\program files (x86)\emule\emule.exe" | In - Private - P17 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\program files (x86)\emule\emule.exe O87 - FAEL: "TCP Query User{37D3CF96-530F-48F8-9213-48958DCE06C5}C:\program files (x86)\emule\emule.exe" | In - Public - P6 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\program files (x86)\emule\emule.exe O87 - FAEL: "UDP Query User{D389BA23-904A-4088-8893-E00DE7B36ACF}C:\program files (x86)\emule\emule.exe" | In - Public - P17 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\program files (x86)\emule\emule.exe O87 - FAEL: "TCP Query User{FE3C0AA8-79B1-46CF-B70D-EA1C57EBA705}C:\program files (x86)\utorrent\utorrent.exe" | In - Private - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\program files (x86)\utorrent\utorrent.exe =>P2P.µTorrent O87 - FAEL: "UDP Query User{EF6E7A8D-433B-4B16-9029-DB3F1CFBAD98}C:\program files (x86)\utorrent\utorrent.exe" | In - Private - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\program files (x86)\utorrent\utorrent.exe =>P2P.µTorrent O87 - FAEL: "{67AE082F-1104-4547-A546-B26D0D62781F}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.µTorrent O87 - FAEL: "{BC32E3BA-3521-42BD-AB9D-6E883C2FF9EC}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.µTorrent Spybot - Search & Destroy v1.6.2 O4 - GS\QuickLaunch: Infotravail.lnk - Clé orpheline O4 - GS\Desktop: Photorécit1 - Raccourci.lnk - Clé orpheline O4 - GS\Desktop: Spybot - Search & Destroy.lnk . (.Safer Networking Limited - Spybot - Search & Destroy.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe [MD5.00000000000000000000000000000000] [APT] [{190CB91A-5A3D-4FDE-B884-B7C70572E3F3}] (...) -- C:\Users\ninie lolo\Desktop\eCOMO_Installer_2.00f.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{4020DFE8-5481-4B3B-AA52-049871527697}] (...) -- C:\Program Files (x86)\Creative\Creative WebCam NX\PC-CAM Center\CTPCCam.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{4D4D7677-84C5-44F7-8990-0E4E59390C66}] (...) -- E:\JM20337\jm20337\Win98 Driver\Setup.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{E3796512-8982-45A0-A93C-0E4551D30480}] (...) -- C:\Users\ninie lolo\Downloads\eCOMO_Installer_2.00f(2).exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{EC3B2FB6-6E98-4AF0-9CCC-C7A624F2660E}] (...) -- C:\Program Files (x86)\Creative\Creative WebCam NX\PC-CAM Center\CTPCCam.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{FE84B442-7639-4760-9F36-172E11D8A5EC}] (...) -- C:\Program Files (x86)\Creative\Creative WebCam NX\PC-CAM Center\CTPCCam.exe (.not file.) [0] O42 - Logiciel: Akamai NetSession Interface - (...) [HKCU][64Bits] -- Akamai O42 - Logiciel: Akamai NetSession Interface Service - (...) [HKLM][64Bits] -- Akamai O42 - Logiciel: HiYo - (.IncrediMail - Certified Microsoft Partner.) [HKLM][64Bits] -- {00E1E235-AB45-4695-A156-073118949ED4} O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM][64Bits] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 [HKCU\Software\ImInstaller] [HKLM\Software\Wow6432Node\ImInstaller] O43 - CFD: 01/02/2013 - 20:47:38 - [1050,093] ----D C:\Program Files (x86)\BoontyGames O43 - CFD: 05/04/2010 - 10:19:35 - [52,723] ----D C:\Program Files (x86)\Spybot - Search & Destroy O43 - CFD: 06/06/2013 - 12:15:22 - [30,506] ----D C:\Program Files (x86)\Common Files\Akamai O43 - CFD: 25/12/2009 - 13:16:49 - [0,066] ----D C:\Program Files (x86)\Common Files\BOONTY Shared O43 - CFD: 24/05/2013 - 22:22:05 - [0,000] ----D C:\ProgramData\boost_interprocess O43 - CFD: 11/06/2012 - 23:09:47 - [40,412] ----D C:\ProgramData\Spybot - Search & Destroy O43 - CFD: 12/11/2011 - 11:17:28 - [33,094] ----D C:\Users\ninie lolo\AppData\Local\Akamai
redémarre ton ordinateur - Téléchargez Ad-Remover.voici le lien ci-dessous :
http://general-changelog-team.fr/fr/d ... tils-de-c-xx/5-ad-remover - Double-cliquez sur l'icône AD-Remover.
- Au menu principal, (1) cliquez sur [Nettoyer].
- Confirmez le lancement de l'analyse et laissez l'outil travailler.
Télécharge le logiciel AdwCleaner Version:1.703 Voici le lien ci-dessous : http://general-changelog-team.fr/fr/d ... ls-de-xplode/2-adwcleaner une fois télécharger tu met le logiciel sur le bureau et clic sur le logiciel , une fois installait (1) clic sur supprimer
refait un scanne avec ZHPDiag tiens-nous infomés anthony0371 @ Plus
Posté le : 06/06/2013 20:13
|
_________________
Chers Membres, n'oubliez pas de venir voir régulièrement si vous avez de nouvelles réponses. Merci.
|
|
Re: trojan Eorezo
|
|
Coupdepoucienne Accro !
Inscrite depuis le : 22 12 2008
Mes configs
|
bonjour anthony0371
j'ai suivie la procédure que tu ma indiqué mais il y a un petit probleme avec AD-R cela fait plus d'une 1/2 heure que je l'ai activé pour nettoyer et il est bloqué a 95% c'est normal? merci de m'aider
Posté le : 08/06/2013 15:05
|
|
|
Re: trojan Eorezo
|
|
Inscrit depuis le : 02 05 2010
Mes configs
|
Bonjour, Il faut patienter, cela veux dire que ton ordinateur est vraiment infecté autrement tu peux le stopper et de refaire un scanne avec ZHPDiag Anthony0371 @ Plus
Posté le : 08/06/2013 15:35
|
_________________
Chers Membres, n'oubliez pas de venir voir régulièrement si vous avez de nouvelles réponses. Merci.
|
|
Re: trojan Eorezo
|
|
Coupdepoucienne Accro !
Inscrite depuis le : 22 12 2008
Mes configs
|
Bonjour,
re anthony0371
cela fait 4h que AD-R nettoie mon pc il est toujours a 75% je ne peut plus le fermer ni rien d'autre j'ai beau cliquer sur la croix rouge rien ne se passe j'ai l'impréssion que le programme bugg grave! merci a toi de m'aider
Posté le : 08/06/2013 20:38
|
|
|
Re: trojan Eorezo
|
|
Inscrit depuis le : 02 05 2010
Mes configs
|
Bonjour, fait ceci pour l'arrêter : ctrl+alt+suppr >>> gestionnaire de tâche >>>> processus et clique droit sur ad-r et arrêter le processuss refait un scan avec ZHPDiag anthony @ Plus
Posté le : 08/06/2013 21:15
|
_________________
Chers Membres, n'oubliez pas de venir voir régulièrement si vous avez de nouvelles réponses. Merci.
|
|
|
|