======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: http://www.teamxscript.org C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 20:27:14 le 27/02/2013, Mode normal Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86) maman@PC-DE-MAMAN (ASUSTeK Computer Inc. F3Sc) ============== ACTION(S) ============== Dossier supprimé: C:\Users\maman\AppData\Roaming\Mozilla\FireFox\Profiles\zcuz8us8.default\extensions\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Dossier supprimé: C:\Users\maman\AppData\Local\Conduit Dossier supprimé: C:\Users\maman\AppData\Roaming\OpenCandy Dossier supprimé: C:\Users\maman\AppData\LocalLow\PriceGong Dossier supprimé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong Dossier supprimé: C:\Program Files\PriceGong Dossier supprimé: C:\Users\maman\AppData\LocalLow\Toolbar4 (!) -- Fichiers temporaires supprimés. -- Fichier ouvert: C:\Users\maman\AppData\Roaming\Mozilla\FireFox\Profiles\zcuz8us8.default\Prefs.js -- /!\ Impossible d'ouvrir le fichier, nettoyage interrompu /!\ -- Fichier Fermé -- Clé supprimée: HKLM\Software\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926} Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926} Clé supprimée: HKLM\Software\Classes\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692} Clé supprimée: HKLM\Software\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7} Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079a25-328f-4bd4-be04-00955acaa0a7} Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079a25-328f-4bd4-be04-00955acaa0a7} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079a25-328f-4bd4-be04-00955acaa0a7} Clé supprimée: HKLM\Software\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115} Clé supprimée: HKLM\Software\Classes\CLSID\{D2A2595C-4FE4-4315-AA9B-19DBD6271B71} Clé supprimée: HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Clé supprimée: HKLM\Software\Classes\TypeLib\{8B3372D0-09F0-41A5-8D9B-134E148672FB} Clé supprimée: HKLM\Software\Classes\PriceFactorIE.PriceGongBHO Clé supprimée: HKLM\Software\Classes\PriceFactorIE.PriceGongBHO.1 Clé supprimée: HKLM\Software\Classes\PriceGongIE.PriceGongCtrl Clé supprimée: HKLM\Software\Classes\PriceGongIE.PriceGongCtrl.1 Clé supprimée: HKLM\Software\Classes\Toolbar.CT2801939 Clé supprimée: HKLM\Software\Classes\AppID\PriceGongIE.DLL Clé supprimée: HKLM\Software\Conduit Clé supprimée: HKLM\Software\DataMngr Clé supprimée: HKLM\Software\SearchquMediabarTb Clé supprimée: HKCU\Software\Conduit Clé supprimée: HKCU\Software\DataMngr Clé supprimée: HKCU\Software\AppDataLow\Toolbar Clé supprimée: HKCU\Software\AppDataLow\Software\PriceGong Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8404B250-2D56-4196-B5E3-07BFE735BD09} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\pricegong Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\pricegong Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|DataMngr Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{CA3EB689-8F09-4026-AA10-B9534C691CE0} ============== SCAN ADDITIONNEL ============== **** Mozilla Firefox Version [18.0.2 (fr)] **** HKLM_MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin (x) HKLM_MozillaPlugins\@MarineAquarium3Free_57.com/Plugin (x) HKLM_MozillaPlugins\Adobe Reader (x) Searchplugins\avg-secure-search.xml ( hxxp://isearch.avg.com/search?cid={B000F227-96C1-42B1-AAC8-F18B932FA34A}&mid=5bb3e51d6c3d47d1aadad152ba4c1e83-ef9cf5fa03d4fa906181d23d97833a9f61e414d2&ds=hk011&lang=fr&v=14.2.0.1&sg=&pid=avg&pr=&d=2012-11-28 16:01:15&sap=dsp&q={searchTerms}/) Searchplugins\babylon.xml (hxxp://search.babylon.com/) Searchplugins\bing.xml ( hxxp://www.bing.com/search) Searchplugins\glarysearch.xml (hxxp://isearch.glarysoft.com/) Components\browsercomps.dll (Mozilla Foundation) Extensions\afurladvisor@anchorfree.com (Hotspot Shield Helper (Please allow this installation)) HKLM_Extensions|avg@toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\14.2.0.1 HKCU_Extensions|addlyrics@addlyrics.net - C:\Program Files\AddLyrics\FF\ -- C:\Users\maman\AppData\Roaming\Mozilla\FireFox\Profiles\zcuz8us8.default -- Extensions\57ffxtbr@MarineAquarium3Free_57.com (Marine Aquarium Lite) Extensions\crossriderapp4479@crossrider.com (Giant Savings) Extensions\{55C81E27-A6E2-40AB-B96F-D7107755F451} (Glarysoft Toolbar) Extensions\{62d40876-df18-411f-9d34-a9dd7a197bc5} (BrotherSoft Extreme3 ) Extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829} (PriceGong ) Prefs.js - browser.download.dir, D:\\telecharger Prefs.js - browser.download.lastDir, D:\\nicole\\ensemencer Prefs.js - browser.search.defaultenginename, AVG Secure Search Prefs.js - browser.search.selectedEngine, Google Prefs.js - browser.startup.homepage, hxxp://www.meteo-lille.net/ Prefs.js - browser.startup.homepage_override.buildID, 20130201065344 Prefs.js - browser.startup.homepage_override.mstone, 18.0.2 Prefs.js - keyword.URL, hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=DCAABC84-B723-42E6-BEEE-D784C6934EFF&n=77... ======================================== **** Internet Explorer Version [9.0.8112.16421] **** HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896 HKCU_Main|Start Page - hxxp://fr.msn.com/ HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Start Page - hxxp://fr.msn.com/ HKCU_URLSearchHooks|{9e96c0cd-a901-4032-9236-0e4a264aeee4} - "NCH FR Toolbar" (C:\Program Files\NCH_FR\prxtbNCH_.dll) HKCU_URLSearchHooks|{327f75ed-061b-4339-8cc6-5dd45ad1396d} (x) HKCU_URLSearchHooks|{62d40876-df18-411f-9d34-a9dd7a197bc5} (x) HKLM_URLSearchHooks|{9e96c0cd-a901-4032-9236-0e4a264aeee4} - "NCH FR Toolbar" (C:\Program Files\NCH_FR\prxtbNCH_.dll) HKCU_SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} - "AVG Secure Search" (hxxp://isearch.avg.com/search?cid={B000F227-96C1-42B1-AAC8-F18B932FA34A}&mid=5bb...) HKCU_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} - "Search Results" (hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=410&sr=0&q={searchTerm...) HKCU_SearchScopes\{c1d89ae7-449d-4929-b24b-fded04adbe06} - "Glary Search" (hxxp://isearch.glarysoft.com/?q={searchTerms}&src=iesearch) HKLM_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} - "Search Results" (hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=410&sr=0&q={searchTerm...) HKLM_SearchScopes\{c1d89ae7-449d-4929-b24b-fded04adbe06} - "Glary Search" (hxxp://isearch.glarysoft.com/?q={searchTerms}&src=iesearch) HKCU_Toolbar\WebBrowser|{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} (x) HKLM_Toolbar|{99079a25-328f-4bd4-be04-00955acaa0a7} (x) HKLM_Toolbar|{9e96c0cd-a901-4032-9236-0e4a264aeee4} (C:\Program Files\NCH_FR\prxtbNCH_.dll) HKLM_Toolbar|{95B7759C-8C7F-4BF1-B163-73684A933233} (C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll) HKLM_Toolbar|{32D47EA5-9473-4CAD-805D-9999F15D5AE2} (C:\Program Files\Glarysoft Toolbar\tbcore3.dll) HKCU_ElevationPolicy\{DE8CDA6C-6772-45A1-81D3-8581230C95AA} - C:\Windows\System32\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe (x) HKLM_ElevationPolicy\{0c1c3d4a-dcff-443d-a49f-4abb6af151af} - C:\Program Files\MarineAquarium3Free_57\bar\1.bin\57SrchMn.exe (x) HKLM_ElevationPolicy\{11111111-1111-1111-1111-110011441179} - C:\Program Files\Giant Savings\Giant Savings.exe (215 Apps) HKLM_ElevationPolicy\{21111111-1111-1111-1111-110011441179} - C:\Program Files\Giant Savings\Giant Savings-bg.exe (215 Apps) HKLM_ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7} - C:\Program Files\Java\jre7\bin\jp2launcher.exe (Oracle Corporation) HKLM_ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284} - C:\Program Files\Java\jre7\bin\javaws.exe (Oracle Corporation) HKLM_ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} - C:\Program Files\Glarysoft Toolbar\TbHelper2.exe (?) HKLM_ElevationPolicy\{6dbd484a-faa1-4e09-9d82-5b472d9774e8} - C:\Program Files\MarineAquarium3Free_57\bar\1.bin\57impipe.exe (x) HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x) HKLM_ElevationPolicy\{AABCCB88-3493-4196-8A91-480B006FE82E} - C:\Users\maman\AppData\Local\Conduit\CT2801939\NCH_FRAutoUpdateHelper.exe (x) HKLM_ElevationPolicy\{C3B31A17-E102-4EBA-9430-CBDF71538F7B} - C:\Program Files\NCH_FR\NCH_FRToolbarHelper.exe (?) HKLM_ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A} - C:\Program Files\Java\jre7\bin\ssvagent.exe (Oracle Corporation) HKLM_ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - C:\Program Files\AVG Secure Search\lip.exe (?) HKLM_ElevationPolicy\{e9e780cc-8821-4b00-b4f9-f4c4f82be2c7} - C:\Program Files\MarineAquarium3Free_57\bar\1.bin\57SlSrch.exe (x) HKLM_ElevationPolicy\{EA2D5591-FF97-453D-B17A-38ABB1873503} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\dtUser.exe (Visicom Media Inc.) HKLM_ElevationPolicy\{ecd011be-bc4c-45dd-85bc-70e5f36806d9} - C:\Program Files\MarineAquarium3Free_57\bar\1.bin\57medint.exe (x) HKLM_ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} - C:\Program Files\Common Files\AVG Secure Search\ScriptHelperInstaller\14.2.0\ScriptHelper.exe (?) HKLM_ElevationPolicy\{f90c885b-332c-4379-965c-3ef665f369dc} - C:\Program Files\MarineAquarium3Free_57\bar\1.bin\57SkPlay.exe (x) BHO\{11111111-1111-1111-1111-110011441179} - "Giant Savings" (C:\Program Files\Giant Savings\Giant Savings.dll) BHO\{95B7759C-8C7F-4BF1-B163-73684A933233} - "AVG Security Toolbar" (C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll) BHO\{9D717F81-9148-4f12-8568-69135F087DB0} - "DataMngr" (C:\PROGRA~1\SEARCH~1\Datamngr\BROWSE~1.DLL) BHO\{9e96c0cd-a901-4032-9236-0e4a264aeee4} - "NCH FR Toolbar" (C:\Program Files\NCH_FR\prxtbNCH_.dll) BHO\{A7AF277D-1466-4A7B-93AF-B043984A5671} - "TBSB05810 Class" (C:\Program Files\Glarysoft Toolbar\tbcore3.dll) BHO\{B40720CF-4DDD-40DC-86EA-26404E77C1E8} - "AddLyrics" (C:\Program Files\AddLyrics\AddLyrics.dll) ======================================== C:\Program Files\Ad-Remover\Quarantine: 531 Fichier(s) C:\Program Files\Ad-Remover\Backup: 16 Fichier(s) C:\Ad-Report-CLEAN[1].txt - 27/02/2013 20:27:33 (11640 Octet(s)) Fin à: 20:29:05, 27/02/2013 ============== E.O.F ==============