Ouvrir 
Fermer
|
|
|
| |
Bienvenue sur CoupDePoucePc !! Nous sommes le
et il est déjà
Coupdepoucepc.fr est un site d’entraide et de dépannage informatique en ligne, totalement gratuit.
L'équipe est composée de passionnés, bénévoles, désireux de vous aider rapidement dans une ambiance conviviale.
|
|
| |
Regarde ce sujet :
1 Utilisateur(s) anonymes
|
|
 trojan Eorezo
|
|
Coupdepoucienne Accro !
Inscrite depuis le : 22 12 2008
 Mes configs
|
Bonjour,
j'ai windows 7,pc de bureau
voici mon ti problème : après avoir lancé malwarebytes voici son rapport :trojan Eorezo registry key
je supprime la clé dans le registre mais cela reviens a chaque fois que je nettoie avec malwarebytes..
comment m'en débarrasser?
merci pour l'aide que vous m'apporterez .
Posté le : 03/06/2013 19:37
|
|
|
|
|
Re: trojan Eorezo
|
|
Inscrit depuis le : 02 05 2010
Mes configs
|
Bonjour, on va dabord vérifié si ton ordinateur est infecté ou pas  Est-ce tu as télécharger des logiciels et que tu as installé ? Sur quel site que tu as téléchargé ? On vas plus approfondir pour voir et si tu as des questions n'hésite pas de les posées  Prend ton ton temps et lis bien les procédures Télécharger ZHPDiag http://telechargement.zebulon.fr/telecharger-zhpdiag.html Sous Window XP utilise cette procédure ci-dessous :
une fois installer tu clic sur l'icône > une fenêtre vas s'ouvrir et clic sur la loupe pour scanner > un fois fini clic sur en enregistrer > tu ouvre le rapport et tu sélectionne tout puis copier et tu met le rapport complet ICI
Sous Vista et Windows 7 (Seven) utilise cette procédure ci-dessous : >>>> Tu dois utiliser cette Procédure <<<< une fois installer, tu clic droit sur l'icône puis clic sur exécuter en tant qu'administrateur > une fenêtre vas s'ouvrir et clic sur la loupe pour scanner > un fois fini clic sur en enregistrer > tu ouvre le rapport et tu sélectionne tout puis copier et tu met le rapport complet ICI  <<<<< Clique dessus la photo pour l'agrandir >>>>>
Sur ton bureau tu trouveras le rapport de (ZHPDiag) Pour poster le rapport en lien rends toi sur ce site ci-dessous: http://cjoint.com/ - Clique sur Parcourir et va jusqu'au rapport qui a été sauvegardé
- Clic gauche dessus clique ensuite sur Ouvrir
 - Clique sur Créer le lien Cjoint
- Une fois l'upload fini un lien apparaît clic droit dessus choisis Copier dans le menu
 ce lien tu le met sur la prochaine réponse ici (attention ! ne modifier pas le lien, si non on ne peut pas voir le rapport ZHPDiag) - Colle le lien dans ta prochaine réponse
 de bien vouloir répondre a toutes les question c'est très important et de faire tous ce que je t'ai demandé de faire
tiens nous informés anthony0371 @ Plus 
Posté le : 03/06/2013 19:48
|
|
_________________
Chers Membres, n'oubliez pas de venir voir régulièrement si vous avez de nouvelles réponses. Merci.
|
|
|
Re: trojan Eorezo
|
|
Coupdepoucienne Accro !
Inscrite depuis le : 22 12 2008
Mes configs
|
bonjour je n'ai pas télecharger de logiciels ,ou peut etre que je ne m'en souviens plus.. cela fait un moment que j'ai ce probleme et souvent mon pc bugg apres que mon compagnon sois allé sur les sites de jeux vidéos.. j'ai appliqué la marche a suivre ,voici le lien: http://cjoint.com/?CFgoUCNoB4Jmerci pour l'aide
Posté le : 06/06/2013 14:51
|
|
|
|
|
Re: trojan Eorezo
|
|
|
Inscrit depuis le : 02 05 2010
Mes configs
|
Bonjour, Ton ordinateur est bien infecté 
Tu supprime tous car si je te met cette liste rouge car ils sont infectés
ZHPFix ne sert pas à scanner, mais à supprimé les infections
tu suis bien mais instruction ci-dessous et surtout n'essai pas les autres fonctions télécharge ZHPFix 1.12.32
Voici le lien : http://telechargement.zebulon.fr/telecharger-zhpfix.html Sous Window XP utilise cette procédure ci-dessous :
une fois installer, tu clique l'icone de ZHPFix >>>> une fenêtre vas s'ouvrir > tu sélectionne les ligne en rouge ci-dessous puis copier et clic sur l'icône coller presse papier a coter de l’icône appareil photo (1) et tu clic sur GO (2) > un fois finit, tu refait un scanne avec ZHPdiag et tu le met le rapport ici Sous Vista et Windows 7 (Seven) utilise cette procédure ci-dessous : >>>> Tu dois utiliser cette Procédure <<<<
une fois installer, tu clique droit sur l'icone de ZHPFix puis executer en tant administarteur > une fenêtre vas s'ouvrir > tu sélectionne les ligne en rouge ci-dessous puis copier et clic sur l'icône coller presse papier a coter de l’icône appareil photo (1) et tu clic sur GO (2) > un fois finit, tu refait un scanne avec ZHPdiag et tu le met le rapport ici
Si il te demande de redémarrer, tu le feras après avoir tous supprimer voici les infections ci-dessous : Ligne rouge (liste) a supprimé ci-dessous [MD5.981794879E8FD26CDD6ABCFF3F3F65EF] - (...) -- C:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [3085264] [PID.2004]
M3 - MFPP: Plugins - [ninie lolo] -- C:\Users\ninie lolo\AppData\Roaming\Mozilla\Firefox\Profiles\ep8ti82w.default\searchplugins\babylon.xml =>Toolbar.Babylon
M3 - MFPP: Plugins - [ninie lolo] -- C:\Users\ninie lolo\AppData\Roaming\Mozilla\Firefox\Profiles\ep8ti82w.default\searchplugins\MyStart Search.xml
M3 - MFPP: Plugins - [ninie lolo] -- C:\Users\ninie lolo\AppData\Roaming\Mozilla\Firefox\Profiles\ep8ti82w.default\searchplugins\SearchquWebSearch.xml =>PUP.Datamngr
M3 - MFPP: Plugins - [ninie lolo] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\babylon.xml =>Toolbar.Babylon
M3 - MFPP: Plugins - [ninie lolo] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\SearchquWebSearch.xml =>PUP.Datamngr
M2 - MFEP: prefs.js [ninie lolo - ep8ti82w.default\{EEE6C361-6118-11DC-9C72-001320C79847}] [] SweetPacks Toolbar for Firefox v1.9.0.0 (..) =>PUP.SweetIM
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.searchnu.com
O2 - BHO: Searchqu Toolbar [64Bits] - {7FF99715-3016-4381-84CE-E4E4C9673020} Clé orpheline =>PUP.Datamngr
O2 - BHO: Searchqu Toolbar [64Bits] - {99079a25-328f-4bd4-be04-00955acaa0a7} . (...) -- C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll (.not file.) =>PUP.Datamngr
O2 - BHO: SWEETIE [64Bits] - {EEE6C35C-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetPacks Toolbar module for Internet Expl.) -- C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll =>PUP.SweetIM
O4 - Global Startup: C:\Users\ninie lolo\Desktop\Search the Web.url . (...) -- C:\Users\ninie lolo\Desktop\Search the Web.url =>Adware.IMBooster
O4 - Global Startup: C:\Users\ninie lolo\Desktop\SweetPcFix.url . (.Safer Networking Limited - Spybot - Search & Destroy.) -- C:\Users\ninie lolo\Desktop\SweetPcFix.url =>PUP.SweetPCFix
O23 - Service: Browser Manager (Browser Manager) . (...) - C:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
O42 - Logiciel: Browser Manager - (...) [HKLM][64Bits] -- {15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}
O42 - Logiciel: Internet Explorer Toolbar 4.6 by SweetPacks - (.SweetIM Technologies Ltd..) [HKLM][64Bits] -- {C3E85EE9-5892-4142-B537-BCEB3DAC4C3D} =>PUP.SweetIM
O42 - Logiciel: Tuto Firefox 41.0.0.0 - (.PcTuto.) [HKLM][64Bits] -- Tuto Firefox 4_is1 =>PUP.AgenceExclusive
[HKCU\Software\5b558dd1e66deb48]
[HKCU\Software\Agence-Exclusive] =>PUP.AgenceExcusive
[HKCU\Software\AppDataLow\Software\searchqutb] =>PUP.Datamngr
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr
[HKCU\Software\Datamngr] =>PUP.Datamngr
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKCU\Software\InstallCore] =>PUP.InstallCore
[HKCU\Software\PCTuto] =>PUP.AgenceExclusive
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\DataMngr] =>PUP.Datamngr
[HKLM\Software\Wow6432Node\5b558dd1e66deb48]
[HKLM\Software\Wow6432Node\Agence-Exclusive] =>PUP.AgenceExcusive
[HKLM\Software\Wow6432Node\Babylon] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Bandoo] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\DataMngr] =>PUP.Datamngr
[HKLM\Software\Wow6432Node\GamesBarSetup] =>Adware.GamesBar
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\PCTuto] =>PUP.AgenceExclusive
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Trymedia Systems] =>Adware.Trymedia
[HKLM\Software\Wow6432Node\iWin]
O43 - CFD: 18/01/2013 - 08:33:03 - [6,112] ----D C:\Program Files (x86)\Accelerer PC =>Rogue.PCSpeedUp
O43 - CFD: 14/12/2009 - 12:03:10 - [0,002] ----D C:\Program Files (x86)\GamesBar =>Adware.GamesBar
O43 - CFD: 13/10/2012 - 22:12:54 - [7,308] ----D C:\Program Files (x86)\PcTuto =>PUP.AgenceExclusive
O43 - CFD: 19/01/2013 - 19:56:43 - [4,093] ----D C:\Program Files (x86)\SweetIM =>PUP.SweetIM
O43 - CFD: 11/11/2012 - 12:52:05 - [6,525] ----D C:\Program Files (x86)\Webplayer setup =>Adware.SocialSkinz
O43 - CFD: 11/11/2012 - 13:04:45 - [0] ----D C:\Program Files (x86)\Windows Searchqu Toolbar =>PUP.Datamngr
O43 - CFD: 06/10/2012 - 11:48:09 - [0] ----D C:\ProgramData\Babylon =>Toolbar.Babylon
O43 - CFD: 06/06/2013 - 07:26:31 - [8,371] ----D C:\ProgramData\Browser Manager
O43 - CFD: 09/01/2010 - 19:49:28 - [0,002] ----D C:\ProgramData\Partner
O43 - CFD: 29/10/2012 - 20:05:13 - [15,522] ----D C:\ProgramData\Trymedia =>Adware.Trymedia
O43 - CFD: 17/10/2012 - 16:03:50 - [0] ----D C:\Users\ninie lolo\AppData\Roaming\Agence-Exclusive =>PUP.AgenceExcusive
O43 - CFD: 06/10/2012 - 11:48:09 - [0,016] ----D C:\Users\ninie lolo\AppData\Roaming\Babylon =>Toolbar.Babylon
O43 - CFD: 24/05/2013 - 20:26:54 - [37,804] ----D C:\Users\ninie lolo\AppData\Roaming\OpenCandy =>Adware.OpenCandy
O43 - CFD: 13/10/2012 - 22:12:53 - [0,913] ----D C:\Users\ninie lolo\AppData\Local\Agence-Exclusive =>PUP.AgenceExcusive
O43 - CFD: 06/09/2011 - 10:19:59 - [0] ----D C:\Users\ninie lolo\AppData\Local\OpenCandy =>Adware.OpenCandy
O53 - SMSR:HKLM\...\startupreg\SweetIM [Key] . (...) -- C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (.not file.) =>PUP.SweetIM
O53 - SMSR:HKLM\...\startupreg\Sweetpacks Communicator [Key] . (...) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.) =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "http://www.searchqu.com/web?src=ffb&systemid=101&q="); =>PUP.Datamngr
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("browser.search.defaultenginename", "Search Results");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("browser.search.order.1", "Search Results");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.admin", false); =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.aflt", "babsst"); =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}"); =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.bbDpng", "11"); =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.cntry", "FR"); =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.dfltLng", "en"); =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.dpkLst", "1169821598,3855095921,302281469,2400444324,3654782829,1334533236,3874294282,3866767[...] =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.envrmnt", "production"); =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.excTlbr", false); =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.hdrMd5", "C6899BFD9E843E514325242B09CFFE98"); =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.hmpg", false); =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.id", "0cc8ba79000000000000002511a8d2d2"); =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.instlDay", "15655"); =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.instlRef", "sst"); =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.8.3.811:28:44"); =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.mntrvrsn", "1.3.1"); =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.newTab", true); =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.pnu_base", "{\"newVrsn\":\"48\",\"lastVrsn\":\"48\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\[...] =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.sg", "azb"); =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.smplGrp", "azb"); =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.tlbrId", "base"); =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "http://search.babylon.com/?babsrc=TB_ ... a79000000000000002511a8d2[...] =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.vrsn", "1.8.3.8"); =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.vrsnTs", "1.8.3.811:28:44"); =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.vrsni", "1.8.3.8"); =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar_i.newTab", true); =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar_i.newTabUrl", "http://search.babylon.com/?affID=1089 ... NT_ss&mntrId=0cc8ba79[...] =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.3.811:28:44"); =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.RevertDialog.enable", "false"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "1370277404353"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.Visibility.enable", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.Visibility.intervaldays", "7"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.cargo", "3.1010000.00000"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.cda.HideOveride.enable", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.cda.returnValue", "hide"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.0.enable", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.0.height", "335"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.0.url", "http://www.sweetim.com/simffbar/optio ... e_id;&toolbar_version[...] =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.0.width", "761"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.1.enable", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-handler.js"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.1.height", "300"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.1.width", "500"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.2.enable", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handler.js"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.2.height", "150"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.2.url", "http://www.sweetim.com/simffbar/simcdadialog.asp"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.2.width", "530"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.google.com/.*|.*.google.co.in/.*|.[...] =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.mode.debug", "false"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.newtab.created", "false"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.newtab.enable", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.previous.keyword.URL", ""); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.rc.url", "http://www.sweetim.com/simffbar/rc.ht ... ON;&crg=$cargo;"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.0.callback", "simVerification"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.0.domain-blacklist", ""); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "http://(www.|apps.)?facebook\\.com.*"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.0.enable", "false"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.0.url", "http://sc.sweetim.com/apps/in/fb/infb.js"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.1.callback", "simVerification"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ""); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "https://(www.|apps.)?facebook\\.com.*"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.1.enable", "false"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_httpS"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.1.url", "https://sc.sweetim.com/apps/in/fb/infb.js"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.2.callback", ""); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..*|.*.yahoo..*|.*.youtube.com.*[...] =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.2.domain-whitelist", ""); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.2.enable", "false"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.2.url", "http://cdn1.certified-apps.com/script ... =3104&tid=chff1"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"http://*google.*\" param=\[...] =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.search.history", "nature%20morte%20pot%20de%20miel,pot%20de%20miel,mandarine%20et%20citron,nature%20mor[...] =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.search.history.capacity", "10"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.searchguard.enable", "false"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.simapp_id", "{C0BE43C4-616A-11E2-9A1C-002511A8D2D2}"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.version", "1.9.0.0"); =>PUP.SweetIM
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Search the web (Babylon)) - http://search.babylon.com =>Adware.IMBooster
O69 - SBI: SearchScopes [HKCU] {8A96AF9E-4074-43b7-BEA3-87217BDA74C8} - (Web Search) - http://www.searchqu.com =>PUP.Datamngr
O69 - SBI: SearchScopes [HKCU] {8B63A8D6-BBED-4341-8867-790E5F524C96} - (MyStart Search) - http://mystart.hiyo.com
O69 - SBI: SearchScopes [HKCU] {9B6103C1-F818-48a8-9683-314055BE6075} - (MyStart Search) - http://mystart.hiyo.com
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2414} [DefaultScope] - (Search Results) - http://dts.search-results.com
O87 - FAEL: "{E33007D1-810E-488B-9DB3-E2B131892FCF}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.) =>PUP.SweetIM
O87 - FAEL: "{45F98D7B-E192-4820-9528-0F34CCEE7671}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.) =>PUP.SweetIM
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\{1301a8a5-3dfb-4731-a162-b357d00c9644}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\AppID\{1301a8a5-3dfb-4731-a162-b357d00c9644}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{293A63F7-C3B6-423A-9845-901AC0A7EE6E}] =>PUP.Eorezo
[HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] =>Adware.AskSBAR
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624f4-c5dd-4e1d-bdd0-1e9c9b7799cc}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624f4-c5dd-4e1d-bdd0-1e9c9b7799cc}] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\{759F1421-4D31-4c1f-8C51-E4956A037676}] =>Spyware.AgenceExclusive
[HKLM\Software\Wow6432Node\Classes\AppID\{759F1421-4D31-4c1f-8C51-E4956A037676}] =>Spyware.AgenceExclusive
[HKLM\Software\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}] =>Adware.AskSBAR
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7FF99715-3016-4381-84CE-E4E4C9673020}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8a96af9e-4074-43b7-bea3-87217bda74c8}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43B7-BEA3-87217BDA74C8}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}] =>Adware.AskSBAR
[HKLM\Software\Wow6432Node\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}] =>Adware.AskSBAR
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}] =>Adware.Bandoo
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}] =>Adware.Bandoo
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9c8a3ca5-889e-4554-beec-ec0876e4e96a}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9c8a3ca5-889e-4554-beec-ec0876e4e96a}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Adware.AskSBAR
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Adware.AskSBAR
[HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Wow6432Node\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Adware.AskSBAR
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Adware.AskSBAR
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f9189560-573a-4fde-b055-ae7b0f4cf080}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f9189560-573a-4fde-b055-ae7b0f4cf080}] =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{ff871e51-2655-4d06-aed5-745962a96b32}] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\bandoocore.exe] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\GenericAskToolbar.DLL] =>Adware.AskSBAR
[HKLM\Software\Classes\AppID\PCTutoBHO.DLL] =>Spyware.AgenceExclusive
[HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd] =>Adware.AskSBAR
[HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1] =>Adware.AskSBAR
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9] =>Adware.MyWebSearch
[HKCU\Software\Agence-Exclusive] =>Spyware.AgenceExclusive
[HKLM\Software\Wow6432Node\Agence-Exclusive] =>Spyware.AgenceExclusive
[HKLM\Software\Wow6432Node\Bandoo] =>Adware.Bandoo
[HKCU\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\DataMngr] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\GamesBarSetup] =>Adware.GamesBar
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\iwin] =>Adware.BHO
[HKCU\Software\PCTuto] =>Spyware.AgenceExclusive
[HKLM\Software\Wow6432Node\PCTuto] =>Spyware.AgenceExclusive
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASAPI32] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASMANCS] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\SearchquMediaBar_RASAPI32] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\SearchquMediaBar_RASMANCS] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP] =>Adware.IMBooster
[HKLM\Software\Classes\Prod.cap] =>Toolbar.Babylon
[HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}] =>PUP.SweetIM
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings] =>PUP.BProtector
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}] =>Toolbar.Babylon
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}] =>Toolbar.Babylon
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}] =>Toolbar.Babylon
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}] =>Toolbar.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}] =>PUP.BProtector
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Canneverbe Limited\OpenCandy] =>Adware.OpenCandy
[HKLM\Software\Classes\SWEETIE.IEToolbar] =>PUP.SweetIM
[HKLM\Software\Classes\SWEETIE.IEToolbar.1] =>PUP.SweetIM
[HKLM\Software\Classes\Toolbar3.SWEETIE] =>PUP.SweetIM
[HKLM\Software\Classes\Toolbar3.SWEETIE.1] =>PUP.SweetIM
[HKLM\Software\Classes\AppID\BandooCore.EXE] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\SWEETIE.IEToolbar] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\SWEETIE.IEToolbar.1] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Toolbar3.SWEETIE] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Toolbar3.SWEETIE.1] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\AppID\BandooCore.EXE] =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156] =>PUP.SweetIM^
[HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks]:{00000000-6E41-4FD3-8538-502F5495E5FC} =>Adware.ShopperReports
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar]:{99079A25-328F-4BD4-BE04-00955ACAA0A7} =>Adware.Bandoo
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Adware.AskSBAR
C:\Program Files (x86)\GamesBar =>Adware.GamesBar
C:\Program Files (x86)\PCTuto =>Spyware.AgenceExclusive
C:\Program Files (x86)\SweetIM =>PUP.SweetIM
C:\Program Files (x86)\Webplayer setup =>Adware.SocialSkinz
C:\Program Files (x86)\Windows Searchqu Toolbar =>Adware.Bandoo
C:\Program Files (x86)\Accelerer PC =>Rogue.PCSpeedUp
C:\ProgramData\Babylon =>Toolbar.Babylon
C:\ProgramData\Browser Manager =>Toolbar.Babylon
C:\ProgramData\Trymedia =>Adware.Trymedia
C:\ProgramData\Partner =>Spyware.Partner
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCTuto =>Spyware.AgenceExclusive
C:\Users\ninie lolo\AppData\Roaming\Agence-Exclusive =>Spyware.AgenceExclusive
C:\Users\ninie lolo\AppData\Roaming\Babylon =>Toolbar.Babylon
C:\Users\ninie lolo\AppData\Roaming\OpenCandy =>Adware.OpenCandy
C:\Users\ninie lolo\AppData\Local\Agence-Exclusive =>Spyware.AgenceExclusive
C:\Users\ninie lolo\AppData\Local\OpenCandy =>Adware.OpenCandy
C:\Users\ninie lolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn =>PUP.SweetIM
C:\Users\ninie lolo\AppData\Roaming\Mozilla\Firefox\Profiles\ep8ti82w.default\bprotector_extensions.sqlite =>PUP.BProtector
C:\Users\ninie lolo\AppData\Roaming\Mozilla\Firefox\Profiles\ep8ti82w.default\SearchPlugins\MyStart Search.xml =>Spyware.VMNToolbar
C:\Users\ninie lolo\AppData\Roaming\Mozilla\Firefox\Profiles\ep8ti82w.default\SearchPlugins\SearchquWebSearch.xml =>Adware.Bandoo
O90 - PUC: "9EE58E3C298524145B73CBBED3CAC4D3" . (.Internet Explorer Toolbar 4.6 by SweetPacks.) -- C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}\ARPPRODUCTICON.exe =>PUP.SweetIM
[HKCU\Software\5b558dd1e66deb48\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.762.17]:guid="{16cdff19-861d-48e3-a751-d99a27784753}"
[HKCU\Software\5b558dd1e66deb48\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.762.17]:version="2.3.762.17"
[HKCU\Software\5b558dd1e66deb48\history\{16cdff19-861d-48e3-a751-d99a27784753}2.6.1123.78]:guid="{16cdff19-861d-48e3-a751-d99a27784753}"
[HKCU\Software\5b558dd1e66deb48\history\{16cdff19-861d-48e3-a751-d99a27784753}2.6.1123.78]:version="2.6.1123.78"
[HKCU\Software\5b558dd1e66deb48\history\{16cdff19-861d-48e3-a751-d99a27784753}2.6.1125.80]:guid="{16cdff19-861d-48e3-a751-d99a27784753}"
[HKCU\Software\5b558dd1e66deb48\history\{16cdff19-861d-48e3-a751-d99a27784753}2.6.1125.80]:version="2.6.1125.80"
[HKCU\Software\5b558dd1e66deb48\history\{16cdff19-861d-48e3-a751-d99a27784753}2.6.1249.132]:guid="{16cdff19-861d-48e3-a751-d99a27784753}"
[HKCU\Software\5b558dd1e66deb48\history\{16cdff19-861d-48e3-a751-d99a27784753}2.6.1249.132]:version="2.6.1249.132"
[HKCU\Software\5b558dd1e66deb48] =>Toolbar.Babylon^
[HKCU\Software\5b558dd1e66deb48]:GUID="{16cdff19-861d-48e3-a751-d99a27784753}"
[HKCU\Software\5b558dd1e66deb48]:version="2.6.1339.144"
[HKLM\Software\Wow6432Node\5b558dd1e66deb48] =>Toolbar.Babylon^
[HKLM\Software\Wow6432Node\5b558dd1e66deb48]:GUID="{16cdff19-861d-48e3-a751-d99a27784753}"
[HKLM\Software\Wow6432Node\5b558dd1e66deb48]:version="2.6.1339.144"
SR - | Auto 3085264 | (Browser Manager) . (...) - C:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
M3 - MFPP: Plugins - [ninie lolo] -- C:\Users\ninie lolo\AppData\Roaming\Mozilla\Firefox\Profiles\ep8ti82w.default\searchplugins\askcom.xml
M3 - MFPP: Plugins - [ninie lolo] -- C:\Users\ninie lolo\AppData\Roaming\Mozilla\Firefox\Profiles\ep8ti82w.default\searchplugins\Search_Results.xml
M3 - MFPP: Plugins - [ninie lolo] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\Search_Results.xml
M2 - MFEP: prefs.js [ninie lolo - ep8ti82w.default\toolbar@ask.com] [] v (..)
R3 - URLSearchHook: UrlSearchHook Class [64Bits] - {00000000-6E41-4FD3-8538-502F5495E5FC} . (.Ask - Ask Toolbar.) (5.15.2.23037) -- C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll =>Toolbar.Ask
R3 - URLSearchHook: (no name) [64Bits] - {08C06D61-F1F3-4799-86F8-BE1A89362C85} . (.Ask - Ask Toolbar.) (No version) -- (.not file.) =>Toolbar.Ask
O2 - BHO: ToolbarOrange.InitToolbarBHO [64Bits] - {1d970ed5-3eda-438d-bffd-715931e2775b} . (...) -- mscoree.dll (.not file.)
O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Clé orpheline
O2 - BHO: Ask Toolbar BHO [64Bits] - {D4027C7F-154A-4066-A1AD-4243D8127440} . (.Ask - Ask Toolbar.) -- C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll =>Toolbar.Ask
[MD5.013414E136AC76598B19552DC31DE718] [APT] [Scheduled Update for Ask Toolbar] (...) -- C:\Program Files (x86)\Ask.com\UpdateTask.exe [135336] =>Toolbar.Ask
O42 - Logiciel: Ask Toolbar - (.Ask.com.) [HKLM][64Bits] -- {86D4B82A-ABED-442A-BE86-96357B70F4FE} =>Toolbar.Ask
O42 - Logiciel: Skype Toolbars - (.Skype Technologies S.A..) [HKLM][64Bits] -- {981029E0-7FC9-4CF3-AB39-6F133621921A}
O42 - Logiciel: ToolbarFR - (.Orange.) [HKLM][64Bits] -- {A047FE02-C91C-41CB-898C-4ED21B86025A}
[HKCU\Software\APN]
[HKCU\Software\AppDataLow\Software\AskToolbar]
[HKCU\Software\Ask.com]
[HKCU\Software\Conduit]
[HKCU\Software\Softonic]
[HKCU\Software\YahooPartnerToolbar]
[HKLM\Software\Tarma Installer] =>Toolbar.Tarma
[HKLM\Software\Wow6432Node\APN]
[HKLM\Software\Wow6432Node\AskToolbar]
[HKLM\Software\Wow6432Node\Conduit]
O43 - CFD: 21/10/2012 - 11:03:10 - [3,428] ----D C:\Program Files (x86)\Ask.com
O43 - CFD: 04/04/2011 - 20:55:12 - [0,007] ----D C:\Program Files (x86)\Bing Bar Installer
O43 - CFD: 06/10/2011 - 13:48:04 - [0,609] ----D C:\Program Files (x86)\Conduit
O43 - CFD: 21/10/2012 - 10:52:33 - [0] ----D C:\ProgramData\Ask
O43 - CFD: 11/11/2012 - 12:53:43 - [0,280] ----D C:\ProgramData\Tarma Installer =>Toolbar.Tarma
O43 - CFD: 27/05/2013 - 16:13:37 - [0] ----D C:\Users\ninie lolo\AppData\Local\Conduit
O69 - SBI: C:\Users\ninie lolo\AppData\Roaming\Mozilla\Firefox\Profiles\ep8ti82w.default\searchplugins\askcom.xml
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.SearchProtectorEnabled", false); =>Toolbar.Conduit
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.SearchProtectorToolbarDisabled", false); =>Toolbar.Conduit
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.searchProtectorDialogDelayInSec", 10); =>Toolbar.Conduit
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.searchProtectorEnableByLogin", true); =>Toolbar.Conduit
O69 - SBI: SearchScopes [HKCU] {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - (Ask Search) - http://websearch.ask.com
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}] =>Toolbar.Ask
[HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}] =>Toolbar.Ask
[HKLM\Software\Classes\AppID\{759F1421-4D31-4C1F-8C51-E4956A037676}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\AppID\{759F1421-4D31-4C1F-8C51-E4956A037676}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
[HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A047FE02-C91C-41CB-898C-4ED21B86025A}] =>Toolbar.Orange
[HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C9A6357B-25CC-4BCF-96C1-78736985D412}] =>Toolbar.Agent
[HKLM\Software\Classes\SearchBar.Client] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\paoponfhfdfnjgddpnpjkambkcgdaaib] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E] =>Toolbar.Ask
[HKLM\Software\Classes\Installer\Features\0E9201899CF73FC4BA93F631631229A1] =>Toolbar.Agent
[HKLM\Software\Classes\Installer\Products\0E9201899CF73FC4BA93F631631229A1] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0E9201899CF73FC4BA93F631631229A1] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Installer\Features\0E9201899CF73FC4BA93F631631229A1] =>Toolbar.Agent redémarre ton ordinateur - Téléchargez Ad-Remover.voici le lien ci-dessous :
http://general-changelog-team.fr/fr/d ... tils-de-c-xx/5-ad-remover - Double-cliquez sur l'icône AD-Remover.
- Au menu principal, (1) cliquez sur [Nettoyer].
- Confirmez le lancement de l'analyse et laissez l'outil travailler.
 Télécharge le logiciel AdwCleaner Version:1.703 Voici le lien ci-dessous : http://general-changelog-team.fr/fr/d ... ls-de-xplode/2-adwcleaner une fois télécharger tu met le logiciel sur le bureau et clic sur le logiciel , une fois installait (1) clic sur supprimer 
refait un scanne avec ZHPDiag tiens-nous infomés anthony0371 @ Plus 
Posté le : 06/06/2013 15:29
|
|
_________________
Chers Membres, n'oubliez pas de venir voir régulièrement si vous avez de nouvelles réponses. Merci.
|
|
|
Re: trojan Eorezo
|
|
Coupdepoucienne Accro !
Inscrite depuis le : 22 12 2008
Mes configs
|
Bonjour, http://cjoint.com/?CFgt7MhDQvdvoila le rapport apres relancer ZHPdiag merci j'espere qu'il n'y a plus de virus grrrr
Posté le : 06/06/2013 20:04
|
|
|
|
|
Re: trojan Eorezo
|
|
|
Inscrit depuis le : 02 05 2010
Mes configs
|
Bonjour, Ton ordinateur est bien infecté
Tu supprime tous car si je te met cette liste rouge car ils sont infectés
ZHPFix ne sert pas à scanner, mais à supprimé les infections
tu suis bien mais instruction ci-dessous et surtout n'essai pas les autres fonctions télécharge ZHPFix 1.12.32
Voici le lien : http://telechargement.zebulon.fr/telecharger-zhpfix.html Sous Window XP utilise cette procédure ci-dessous :
une fois installer, tu clique l'icone de ZHPFix >>>> une fenêtre vas s'ouvrir > tu sélectionne les ligne en rouge ci-dessous puis copier et clic sur l'icône coller presse papier a coter de l’icône appareil photo (1) et tu clic sur GO (2) > un fois finit, tu refait un scanne avec ZHPdiag et tu le met le rapport ici Sous Vista et Windows 7 (Seven) utilise cette procédure ci-dessous : >>>> Tu dois utiliser cette Procédure <<<<
une fois installer, tu clique droit sur l'icone de ZHPFix puis executer en tant administarteur > une fenêtre vas s'ouvrir > tu sélectionne les ligne en rouge ci-dessous puis copier et clic sur l'icône coller presse papier a coter de l’icône appareil photo (1) et tu clic sur GO (2) > un fois finit, tu refait un scanne avec ZHPdiag et tu le met le rapport ici
Si il te demande de redémarrer, tu le feras après avoir tous supprimer voici les infections ci-dessous : Ligne rouge (liste) a supprimé ci-dessous [MD5.981794879E8FD26CDD6ABCFF3F3F65EF] - (...) -- C:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [3085264] [PID.1192]
[HKCU\Software\SweetIM] =>PUP.SweetIM
O43 - CFD: 06/06/2013 - 07:26:31 - [8,371] ----D C:\ProgramData\Browser Manager
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.admin", false); =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.aflt", "babsst"); =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}"); =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.dfltLng", "en"); =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.dpkLst", "1169821598,3855095921,302281469,2400444324,3654782829,1334533236,3874294282,3866767[...] =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.excTlbr", false); =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.id", "0cc8ba79000000000000002511a8d2d2"); =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.instlDay", "15655"); =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.instlRef", "sst"); =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.tlbrId", "base"); =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "http://search.babylon.com/?babsrc=TB_ ... a79000000000000002511a8d2[...] =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.vrsn", "1.8.3.8"); =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.vrsni", "1.8.3.8"); =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar_i.newTabUrl", "http://search.babylon.com/?affID=1089 ... NT_ss&mntrId=0cc8ba79[...] =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.3.811:28:44"); =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.RevertDialog.enable", "false"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "0"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.Visibility.enable", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.Visibility.intervaldays", "7"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.cda.HideOveride.enable", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.0.url", "http://www.sweetim.com/simffbar/optio ... e_id;&toolbar_version[...] =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.1.enable", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.1.height", "335"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.1.id", "id_options_dialog"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.1.title", "$string.config.label;"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.1.url", "http://www.sweetim.com/simffbar/optio ... e_id;&toolbar_version[...] =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.1.width", "761"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.2.enable", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/exampledialog-handler.js"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.2.height", "300"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.2.id", "id_example_dialog"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.2.title", "Example (unit-test) dialog"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.2.url", "chrome://sim_toolbar_package/content/exampledialog.html"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.2.width", "500"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.3.enable", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.3.handler", "chrome://sim_toolbar_package/content/cdadialog-handler.js"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.3.height", "150"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.3.id", "id_dialog_hide_disable_remove"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.3.title", "Option Dialog"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.3.url", "http://www.sweetim.com/simffbar/simcdadialog.asp"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.3.width", "530"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.google.com/.*|.*.google.co.in/.*|.[...] =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.mode.debug", "false"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.newtab.created", "false"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.newtab.enable", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.previous.keyword.URL", ""); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.rc.url", "http://www.sweetim.com/simffbar/rc.ht ... ON;&crg=$cargo;"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.0.callback", "simVerification"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.0.domain-blacklist", ""); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "http://(www.|apps.)?facebook\\.com.*"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.0.enable", "false"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.0.url", "http://sc.sweetim.com/apps/in/fb/infb.js"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.1.callback", "simVerification"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ""); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "https://(www.|apps.)?facebook\\.com.*"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.1.enable", "false"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_httpS"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.1.url", "https://sc.sweetim.com/apps/in/fb/infb.js"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.2.url", "http://cdn1.certified-apps.com/script ... =3104&tid=chff1"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.3.addcontextdiv", "false"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.3.callback", ""); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.3.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..*|.*.yahoo..*|.*.youtube.com.*[...] =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.3.domain-whitelist", ""); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.3.elementid", "id_predict_include_script"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.3.enable", "false"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.3.id", "id_script_prad"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.3.url", "http://cdn1.certified-apps.com/script ... =3104&tid=chff1"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"http://*google.*\" param=\[...] =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.search.history.capacity", "10"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.searchguard.enable", "false"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.simapp_id", "{C0BE43C4-616A-11E2-9A1C-002511A8D2D2}"); =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.version", "1.9.0.0"); =>PUP.SweetIM
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Adware.AskSBAR
C:\ProgramData\Browser Manager =>Toolbar.Babylon
C:\Users\ninie lolo\AppData\Roaming\Mozilla\Firefox\Profiles\ep8ti82w.default\bprotector_extensions.sqlite =>PUP.BProtector
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED] =>Toolbar.Ask
[HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E] =>Toolbar.Ask
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{08C06D61-F1F3-4799-86F8-BE1A89362C85}] =>Toolbar.Orange
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2] =>Toolbar.Ask
[HKLM\Software\Classes\Toolbar.CT2851639] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Toolbar.CT2851639] =>Toolbar.Conduit
C:\Users\ninie lolo\AppData\LocalLow\AskToolbar =>Toolbar.AskTBar
C:\Users\ninie lolo\AppData\LocalLow\Conduit =>Toolbar.Conduit
O90 - PUC: "A28B4D68DEBAA244EB686953B7074FEF" . (.Ask Toolbar.) -- C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\ARPPRODUCTICON.exe =>Toolbar.Ask
R3 - URLSearchHook: (no name) [64Bits] - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} . (.Microsoft Corporation - Navigateur Internet.) (No version) -- (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{360DC700-F0D9-4134-94BF-E0545AF057B4}] (...) -- E:\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{4FBB0666-6D9E-411E-A4F0-61A8C4886E8D}] (...) -- E:\setup.exe (.not file.) [0]
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O64 - Services: CurCS - 11/02/2011 - C:\Windows\System32\drivers\npf.sys (npf) .(.CACE Technologies, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) - LEGACY_NPF
[MD5.62B7C506B092D460898F3296DA94B728] [SPRF][18/07/2009] (.Oberon Media - FullRemove.) -- C:\ProgramData\FullRemove.exe [36136]
SR - | Auto 14/07/2009 27136 | c:\program files (x86)\common files\akamai\netsession_win_ca0e279.dll (Akamai) . (.Akamai Technologies, Inc..) - C:\Windows\System32\svchost.exe
eMule
µTorrent v3.3.0.29420 =>P2P.µTorrent
[MD5.BB7245420097B251D1271F5B6F0C9F02] - (.BitTorrent Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe [802136] [PID.2500] =>P2P.µTorrent
M2 - MFEP: prefs.js [ninie lolo - ep8ti82w.default\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}] [] uTorrentBar_FR Community Toolbar v3.18.0.7 (..) =>P2P.µTorrent
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.µTorrent
O4 - HKUS\S-1-5-21-3251470970-1943291794-2502108607-1000\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.µTorrent
O4 - GS\QuickLaunch: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.µTorrent
O42 - Logiciel: eMule - (...) [HKLM][64Bits] -- eMule
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKLM][64Bits] -- uTorrent =>P2P.µTorrent
[HKCU\Software\BitTorrent] =>P2P.BitTorrent
[HKCU\Software\eMule]
O43 - CFD: 14/12/2009 - 16:13:24 - [714,096] ----D C:\Program Files (x86)\eMule
O43 - CFD: 01/10/2012 - 21:03:00 - [10,268] ----D C:\Program Files (x86)\MP3 Rocket
O43 - CFD: 03/05/2013 - 17:53:44 - [0,765] ----D C:\Program Files (x86)\uTorrent =>P2P.µTorrent
O43 - CFD: 04/10/2011 - 14:55:16 - [0,003] ----D C:\Users\ninie lolo\AppData\Roaming\BitTorrent =>P2P.BitTorrent
O43 - CFD: 01/10/2012 - 21:03:04 - [2,196] ----D C:\Users\ninie lolo\AppData\Roaming\MP3Rocket
O43 - CFD: 06/06/2013 - 19:53:54 - [6,656] ----D C:\Users\ninie lolo\AppData\Roaming\uTorrent =>P2P.µTorrent
O43 - CFD: 04/10/2011 - 15:13:00 - [0] ----D C:\Users\ninie lolo\AppData\Local\uTorrent =>P2P.µTorrent
O53 - SMSR:HKLM\...\startupreg\uTorrent [Key] . (.BitTorrent Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.µTorrent
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.SearchCaption", "uTorrentBar_FR Customized Web Search"); =>P2P.µTorrent
O87 - FAEL: "TCP Query User{9B130DBF-CC3C-4AF8-9EEA-7B913BEC27C8}C:\program files (x86)\emule\emule.exe" | In - Private - P6 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\program files (x86)\emule\emule.exe
O87 - FAEL: "UDP Query User{C3F08076-54C5-418D-BEE6-857DF5AF84D0}C:\program files (x86)\emule\emule.exe" | In - Private - P17 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\program files (x86)\emule\emule.exe
O87 - FAEL: "TCP Query User{37D3CF96-530F-48F8-9213-48958DCE06C5}C:\program files (x86)\emule\emule.exe" | In - Public - P6 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\program files (x86)\emule\emule.exe
O87 - FAEL: "UDP Query User{D389BA23-904A-4088-8893-E00DE7B36ACF}C:\program files (x86)\emule\emule.exe" | In - Public - P17 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\program files (x86)\emule\emule.exe
O87 - FAEL: "TCP Query User{FE3C0AA8-79B1-46CF-B70D-EA1C57EBA705}C:\program files (x86)\utorrent\utorrent.exe" | In - Private - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\program files (x86)\utorrent\utorrent.exe =>P2P.µTorrent
O87 - FAEL: "UDP Query User{EF6E7A8D-433B-4B16-9029-DB3F1CFBAD98}C:\program files (x86)\utorrent\utorrent.exe" | In - Private - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\program files (x86)\utorrent\utorrent.exe =>P2P.µTorrent
O87 - FAEL: "{67AE082F-1104-4547-A546-B26D0D62781F}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.µTorrent
O87 - FAEL: "{BC32E3BA-3521-42BD-AB9D-6E883C2FF9EC}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.µTorrent
Spybot - Search & Destroy v1.6.2
O4 - GS\QuickLaunch: Infotravail.lnk - Clé orpheline
O4 - GS\Desktop: Photorécit1 - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop: Spybot - Search & Destroy.lnk . (.Safer Networking Limited - Spybot - Search & Destroy.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
[MD5.00000000000000000000000000000000] [APT] [{190CB91A-5A3D-4FDE-B884-B7C70572E3F3}] (...) -- C:\Users\ninie lolo\Desktop\eCOMO_Installer_2.00f.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{4020DFE8-5481-4B3B-AA52-049871527697}] (...) -- C:\Program Files (x86)\Creative\Creative WebCam NX\PC-CAM Center\CTPCCam.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{4D4D7677-84C5-44F7-8990-0E4E59390C66}] (...) -- E:\JM20337\jm20337\Win98 Driver\Setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{E3796512-8982-45A0-A93C-0E4551D30480}] (...) -- C:\Users\ninie lolo\Downloads\eCOMO_Installer_2.00f(2).exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{EC3B2FB6-6E98-4AF0-9CCC-C7A624F2660E}] (...) -- C:\Program Files (x86)\Creative\Creative WebCam NX\PC-CAM Center\CTPCCam.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{FE84B442-7639-4760-9F36-172E11D8A5EC}] (...) -- C:\Program Files (x86)\Creative\Creative WebCam NX\PC-CAM Center\CTPCCam.exe (.not file.) [0]
O42 - Logiciel: Akamai NetSession Interface - (...) [HKCU][64Bits] -- Akamai
O42 - Logiciel: Akamai NetSession Interface Service - (...) [HKLM][64Bits] -- Akamai
O42 - Logiciel: HiYo - (.IncrediMail - Certified Microsoft Partner.) [HKLM][64Bits] -- {00E1E235-AB45-4695-A156-073118949ED4}
O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM][64Bits] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1
[HKCU\Software\ImInstaller]
[HKLM\Software\Wow6432Node\ImInstaller]
O43 - CFD: 01/02/2013 - 20:47:38 - [1050,093] ----D C:\Program Files (x86)\BoontyGames
O43 - CFD: 05/04/2010 - 10:19:35 - [52,723] ----D C:\Program Files (x86)\Spybot - Search & Destroy
O43 - CFD: 06/06/2013 - 12:15:22 - [30,506] ----D C:\Program Files (x86)\Common Files\Akamai
O43 - CFD: 25/12/2009 - 13:16:49 - [0,066] ----D C:\Program Files (x86)\Common Files\BOONTY Shared
O43 - CFD: 24/05/2013 - 22:22:05 - [0,000] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 11/06/2012 - 23:09:47 - [40,412] ----D C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 12/11/2011 - 11:17:28 - [33,094] ----D C:\Users\ninie lolo\AppData\Local\Akamai
redémarre ton ordinateur - Téléchargez Ad-Remover.voici le lien ci-dessous :
http://general-changelog-team.fr/fr/d ... tils-de-c-xx/5-ad-remover - Double-cliquez sur l'icône AD-Remover.
- Au menu principal, (1) cliquez sur [Nettoyer].
- Confirmez le lancement de l'analyse et laissez l'outil travailler.
Télécharge le logiciel AdwCleaner Version:1.703 Voici le lien ci-dessous : http://general-changelog-team.fr/fr/d ... ls-de-xplode/2-adwcleaner une fois télécharger tu met le logiciel sur le bureau et clic sur le logiciel , une fois installait (1) clic sur supprimer
refait un scanne avec ZHPDiag tiens-nous infomés anthony0371 @ Plus
Posté le : 06/06/2013 20:13
|
|
_________________
Chers Membres, n'oubliez pas de venir voir régulièrement si vous avez de nouvelles réponses. Merci.
|
|
|
Re: trojan Eorezo
|
|
Coupdepoucienne Accro !
Inscrite depuis le : 22 12 2008
Mes configs
|
bonjour anthony0371
j'ai suivie la procédure que tu ma indiqué mais il y a un petit probleme avec AD-R
cela fait plus d'une 1/2 heure que je l'ai activé pour nettoyer et il est bloqué a 95% c'est normal?
merci de m'aider
Posté le : 08/06/2013 15:05
|
|
|
|
|
Re: trojan Eorezo
|
|
|
Inscrit depuis le : 02 05 2010
Mes configs
|
Bonjour, Il faut patienter, cela veux dire que ton ordinateur est vraiment infecté autrement tu peux le stopper et de refaire un scanne avec ZHPDiag Anthony0371 @ Plus
Posté le : 08/06/2013 15:35
|
|
_________________
Chers Membres, n'oubliez pas de venir voir régulièrement si vous avez de nouvelles réponses. Merci.
|
|
|
Re: trojan Eorezo
|
|
Coupdepoucienne Accro !
Inscrite depuis le : 22 12 2008
Mes configs
|
Bonjour,
re anthony0371
cela fait 4h que AD-R nettoie mon pc il est toujours a 75% je ne peut plus le fermer ni rien d'autre j'ai beau cliquer sur la croix rouge rien ne se passe
j'ai l'impréssion que le programme bugg grave!
merci a toi de m'aider
Posté le : 08/06/2013 20:38
|
|
|
|
|
 Re: trojan Eorezo
|
|
|
Inscrit depuis le : 02 05 2010
Mes configs
|
Bonjour, fait ceci pour l'arrêter : ctrl+alt+suppr >>> gestionnaire de tâche >>>> processus et clique droit sur ad-r et arrêter le processuss refait un scan avec ZHPDiag anthony @ Plus
Posté le : 08/06/2013 21:15
|
|
_________________
Chers Membres, n'oubliez pas de venir voir régulièrement si vous avez de nouvelles réponses. Merci.
|
|
|
|
![Open in new window](javascript:CaricaFoto("http://i73.servimg.com/u/f73/18/23/94/85/zhpdia10.png");)
![Open in new window](javascript:CaricaFoto("http://i32.servimg.com/u/f32/16/82/06/91/sans_t11.jpg");)
![Open in new window](javascript:CaricaFoto("http://i75.servimg.com/u/f75/15/51/97/59/ad-rem10.jpg");)
![Open in new window](javascript:CaricaFoto("http://i75.servimg.com/u/f75/15/51/97/59/adwcle10.jpg");)
