ok je reprend courage voila ta demande et merci !!!!!!!!!
------- LOGFILE OF AD-REMOVER 1.1.0.4 | ONLY XP/VISTA -------
Updated by C_XX on 03/02/2009 at 18:00
Start at: 17:59:09 | Wed 04/02/2009 | Microsoft
Windows Vista
Home Premium SP1 (V6.0.6001)
Boot mode: MSE
Option: SCAN | Executed from: C:\Users\fab\Desktop\Ad-remover.bat
Pc: PC-DE-FAB | User: fab ( Current user is an administrator)
Drive(s):
- C:\ (File System: NTFS)
- L:\ (File System: FAT)
System Drive: C:\
Windows Directory: C:\Windows\
System Directory: C:\Windows\System32\
--- Running Processes: 20
--- User Account Control is ENABLE
+--------------------| Boonty/Boonty Games Elements Found:
Service: Boonty Games
.
HKCR\boontybox
HKLM\Software\Boonty
HKLM\Software\Classes\boontybox
HKLM\SYSTEM\ControlSet001\Services\Boonty Games
HKLM\SYSTEM\CurrentControlSet\Services\Boonty Games
HKLM\SYSTEM\ControlSet003\Services\Boonty Games
.
C:\Program Files\Common Files\BOONTY Shared
C:\Program Files\Common Files\BOONTY Shared\Service
+--------------------| Eorezo Elements Found:
HKCR\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
HKCU\SOFTWARE\EoRezo
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\SOFTWARE\EoRezo
HKLM\SOFTWARE\Classes\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}
HKLM\SOFTWARE\Classes\AppID\EoRezoBHO.DLL
HKLM\SOFTWARE\Classes\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
.
C:\Users\fab\AppData\Roaming\EoRezo
C:\Users\fab\AppData\Roaming\EoRezo\db
C:\Users\fab\AppData\Roaming\EoRezo\eoDesktop
C:\Users\fab\AppData\Roaming\EoRezo\eoStats
C:\Users\fab\AppData\Roaming\EoRezo\EoWeather
C:\Users\fab\AppData\Roaming\EoRezo\EoWeather\images
C:\Users\fab\AppData\Roaming\EoRezo\EoWeather\images_classic
C:\Users\fab\AppData\Roaming\EoRezo\EoWeather\images_station_meteo
+--------------------| Infected Poker Softwares Elements Found:
HKCU\Software\Casino DelRio
HKCU\Software\Europa Casino
HKCU\Software\Grand Virtual
HKCU\Software\PartyGaming
HKCU\Software\Titan Poker
HKCU\Software\Vegas Red Casino
HKLM\Software\Europa Casino
HKLM\Software\Casino DelRio
HKLM\Software\Titan Poker
HKLM\Software\Vegas Red Casino
HKU\S-1-5-21-3011629767-1692924723-1835710867-1002\Software\Titan Poker
.
C:\Programs\PartyGaming
C:\Programs\PartyGaming\language
C:\Programs\PartyGaming\PartyCasino
C:\Programs\PartyGaming\language\en_US
C:\Programs\PartyGaming\language\en_US\temp
C:\Programs\PartyGaming\PartyCasino\Language
C:\Programs\PartyGaming\PartyCasino\Language\en_US
C:\Programs\PartyGaming\PartyCasino\Language\fr_FR
C:\Programs\PartyGaming\PartyCasino\Language\en_US\articles
C:\Programs\PartyGaming\PartyCasino\Language\fr_FR\Articles
C:\Programs\PartyGaming\PartyCasino\Language\fr_FR\images
C:\Programs\PartyGaming\PartyCasino\Language\fr_FR\images\games
C:\Programs\PartyGaming\PartyCasino\Language\fr_FR\images\lobby
C:\Programs\PartyGaming\PartyCasino\Language\fr_FR\images\games\cardgames
C:\Programs\PartyGaming\PartyCasino\Language\fr_FR\images\games\keno
C:\Programs\PartyGaming\PartyCasino\Language\fr_FR\images\games\slots
C:\Programs\PartyGaming\PartyCasino\Language\fr_FR\images\games\cardgames\multiplayerbj
C:\Programs\PartyGaming\PartyCasino\Language\fr_FR\images\games\cardgames\poker
C:\Programs\PartyGaming\PartyCasino\Language\fr_FR\images\games\cardgames\videopoker
C:\Programs\PartyGaming\PartyCasino\Language\fr_FR\images\games\cardgames\multiplayerbj\multiplayerblackjack
C:\Programs\PartyGaming\PartyCasino\Language\fr_FR\images\games\cardgames\poker\studcaribbeanpoker
C:\Programs\PartyGaming\PartyCasino\Language\fr_FR\images\games\cardgames\poker\threecardpoker
C:\Programs\PartyGaming\PartyCasino\Language\fr_FR\images\games\cardgames\videopoker\deuceswild
C:\Programs\PartyGaming\PartyCasino\Language\fr_FR\images\games\cardgames\videopoker\flamingo
C:\Programs\PartyGaming\PartyCasino\Language\fr_FR\images\games\cardgames\videopoker\jacksorbetter
C:\Programs\PartyGaming\PartyCasino\Language\fr_FR\images\games\cardgames\videopoker\jokerpoker
C:\Programs\PartyGaming\PartyCasino\Language\fr_FR\images\games\cardgames\videopoker\junglerumble
C:\Programs\PartyGaming\PartyCasino\Language\fr_FR\images\games\cardgames\videopoker\kangacash
C:\Programs\PartyGaming\PartyCasino\Language\fr_FR\images\games\cardgames\videopoker\vegasclub
C:\Programs\PartyGaming\PartyCasino\Language\fr_FR\images\games\keno\safecrackerkeno
C:\Programs\PartyGaming\PartyCasino\Language\fr_FR\images\games\slots\goldengopher
C:\Programs\PartyGaming\PartyCasino\Language\fr_FR\images\games\slots\metropolis
C:\Programs\PartyGaming\PartyCasino\Language\fr_FR\images\games\slots\superfortunewheel
C:\Programs\PartyGaming\PartyCasino\Language\fr_FR\images\games\slots\theterminator
C:\Windows\Prefetch\CASINOGAME.EXE-C98D3BDB.pf
C:\Windows\Prefetch\CASINOPATCH.TEMP.EXE-EB177865.pf
+--------------------| FunWebProducts/MyWay/MyWebSearch/MyGlobalSearch Elements Found:
.
.
+--------------------| It's TV Elements Found:
HKCU\SOFTWARE\ItsLabel
HKU\S-1-5-21-3011629767-1692924723-1835710867-1002\Software\ItsLabel
.
C:\Users\fab\AppData\Roaming\ItsLabel
C:\Users\fab\AppData\Roaming\ItsLabel\ItsTV
+--------------------| Sweetim Elements Found:
HKCU\SOFTWARE\SWEETIE
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A0AADCD-3A72-4B5F-900F-E3BB5A838E2A}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
HKLM\SOFTWARE\Macrogaming
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
.
C:\Program Files\Macrogaming
C:\Program Files\Macrogaming\SweetIM
C:\Program Files\Macrogaming\SweetIMBarForIE
C:\Program Files\Macrogaming\SweetIM\conf
C:\Program Files\Macrogaming\SweetIM\data
C:\Program Files\Macrogaming\SweetIM\conf\users
C:\Program Files\Macrogaming\SweetIM\conf\users\fabien.foropon@hotmail.fr
C:\Program Files\Macrogaming\SweetIM\data\contentdb
C:\Program Files\Macrogaming\SweetIMBarForIE\Cache
+--------------------| Added Scan:
---- Mozilla FireFox Version 2.0 ----
ProfilePath: 1cyy61pq.default
.
Prefs.js: Browser.Search.DefaultEngineName: "Google"
Prefs.js: Browser.Search.SelectedEngine: "lo.st"
Prefs.js: Browser.Search.SelectedEngine: "Live Search"
Prefs.js: Browser.Search.DefaultUrl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
Prefs.js: Browser.Startup.HomePage: "http://lo.st#home"
.
(Prefs.js) FOUND: user_pref("browser.search.selectedEngine", "lo.st");
(Prefs.js) FOUND: user_pref("browser.startup.homepage", "http://lo.st#home");
.
.
.
.
---- Internet Explorer Version 7.0.6001.18000 ----
+--[HKEY_CURRENT_USER\..\Internet Explorer\Main]
Search bar: hxxp://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60327
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start page: hxxp://www.google.fr/
+--[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
Default_Page_URL: hxxp://www.google.com
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start page: hxxp://www.msn.com/
+--[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
Tabs: hxxp://ieframe.dll/tabswelcome.htm
+---------------------------------------------------------------------------+
[~7710 Bytes] - "C:\Ad-Report-Scan-04.02.2009.log"
-
End at: 17:59:56 | 04/02/2009
.
+--------------------| E.O.F - 149 Lines
.