# AdwCleaner v4.207 - Rapport créé le 05/07/2015 à 19:10:39 # Mis à jour le 21/06/2015 par Xplode # Base de données : 2015-07-05.2 [Serveur] # Système d'exploitation : Windows 8.1 (x64) # Nom d'utilisateur : lahcene90 - WINDOWS-G732J37 # Exécuté depuis : C:\Users\lahcene90\Downloads\adwcleaner_4.207.exe # Option : Scanner ***** [ Services ] ***** ***** [ Fichiers / Dossiers ] ***** Dossier Trouvé : C:\Program Files (x86)\CutThheParice Dossier Trouvé : C:\Program Files (x86)\DiGiSaAAver Dossier Trouvé : C:\Program Files (x86)\globalUpdate Dossier Trouvé : C:\ProgramData\{a99a241f-6b84-1e0d-a99a-a241f6b8907d} Dossier Trouvé : C:\ProgramData\b3bd8e8c00000a29 Dossier Trouvé : C:\Users\lahcene90\AppData\Local\globalUpdate Fichier Trouvé : C:\Users\lahcene90\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gokficnebmomagijbakglkcmhdbchbhn Fichier Trouvé : C:\Users\lahcene90\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gokficnebmomagijbakglkcmhdbchbhn_0.localstorage Fichier Trouvé : C:\Users\lahcene90\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gokficnebmomagijbakglkcmhdbchbhn_0.localstorage-journal Fichier Trouvé : C:\Users\lahcene90\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage Fichier Trouvé : C:\Users\lahcene90\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage-journal Fichier Trouvé : C:\Users\lahcene90\AppData\Roaming\UGYCOBET Fichier Trouvé : C:\Users\lahcene90\AppData\Roaming\UGYCOBET Fichier Trouvé : C:\WINDOWS\Reimage.ini ***** [ Tâches planifiées ] ***** Tâche Trouvée : amiupdaterExd Tâche Trouvée : amiupdaterExi Tâche Trouvée : UGYCOBET Tâche Trouvée : UGYCOBET ***** [ Raccourcis ] ***** Raccourci Infecté : C:\Users\Public\Desktop\Google Chrome.lnk Raccourci Infecté : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk Raccourci Infecté : C:\Users\lahcene90\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk Raccourci Infecté : C:\Users\lahcene90\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk Raccourci Infecté : C:\Users\lahcene90\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk Raccourci Infecté : C:\Users\lahcene90\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk Raccourci Infecté : C:\Users\lahcene90\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk ***** [ Registre ] ***** Clé Trouvée : HKCU\Software\GlobalUpdate Clé Trouvée : HKCU\Software\Reimage Clé Trouvée : [x64] HKCU\Software\GlobalUpdate Clé Trouvée : [x64] HKCU\Software\Reimage Clé Trouvée : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81} Clé Trouvée : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} Clé Trouvée : HKLM\SOFTWARE\372e0d6b-16fe-b4be-81e1-70d91b8434d3 Clé Trouvée : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A} Clé Trouvée : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F} Clé Trouvée : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8} Clé Trouvée : HKLM\SOFTWARE\Classes\Installer\Features\93BAD29AC2E44034A96BCB446EB8552E Clé Trouvée : HKLM\SOFTWARE\Classes\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E Clé Trouvée : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4} Clé Trouvée : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546} Clé Trouvée : HKLM\SOFTWARE\Classes\Interface\{D1611ACC-4B10-4B34-8CDE-0AE7B2A270A6} Clé Trouvée : HKLM\SOFTWARE\Classes\TypeLib\{1FCDF527-B10C-481D-B214-B09EEA106124} Clé Trouvée : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36} Clé Trouvée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507} Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{02F878DF-E2BE-4B85-8CB4-A0D2D4E2ED7F} Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{0FEB2313-F89B-4AC6-8153-84025604A06A} Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{2AF343DD-3102-4F9D-AC95-DCA4C95382C7} Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{3137BC14-D8D7-4B67-8FFA-2E0B2E9D541B} Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{4CA2AC92-971B-47B1-ACB6-357B552155AC} Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{52C5395B-1FCD-47FA-A834-FD830701C2D5} Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{5D3DCC39-9233-4330-94E9-DA92BE49CA1A} Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{615FACDF-DADB-440D-AC91-8AAB0AE9E3AD} Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{762D463B-C45A-456D-A80D-8689C297C91E} Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{7A6BE473-7960-44D0-BD54-D23DA76353DF} Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{803F550E-BAAE-42BB-8917-64BA0006AB17} Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{8D5BC51D-C9D3-43B9-B728-B30677B7C7E8} Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{991C9D8D-A789-4DB9-BDFC-5F33398B04BF} Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4} Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{A5ACC874-D943-483F-A2D1-14598D51F872} Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{B0474212-0D9D-4361-90B3-B89D1A44275D} Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546} Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{BFDE183A-C6FE-41D2-80F9-586C29210AC2} Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{D1611ACC-4B10-4B34-8CDE-0AE7B2A270A6} Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{D83C83BF-3EDD-4410-ADAB-5295116DD8C7} Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{DD260902-9420-4055-A956-9152EB4F3E6A} Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{EB1F9F3C-5526-4DAE-BD4B-3EAA7715DA9F} Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{F1912128-469A-4138-AA26-9699C15BB13E} Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{F68DC16C-9C2B-455B-8853-7E4D34BAA3F4} Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{FBA8498F-B3A0-4942-A2BF-E0CB7BC7E000} Clé Trouvée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\93BAD29AC2E44034A96BCB446EB8552E ***** [ Navigateurs ] ***** -\\ Internet Explorer v11.0.9600.17840 -\\ Mozilla Firefox v39.0 (x86 fr) [zja0ih4c.default-1414783947849] - Ligne Trouvée : user_pref("browser.search.searchengine.alias", "mystartsearch"); [zja0ih4c.default-1414783947849] - Ligne Trouvée : user_pref("browser.search.searchengine.iconURL", "hxxp://www.mystartsearch.com/favicon.ico"); [zja0ih4c.default-1414783947849] - Ligne Trouvée : user_pref("browser.search.searchengine.name", "mystartsearch"); [zja0ih4c.default-1414783947849] - Ligne Trouvée : user_pref("browser.search.searchengine.url", "hxxp://www.mystartsearch.com/web/?type=ds&ts=1435174409&z=d59891ec826380296e82d7cg2zcccwfg8m2z7zaeec&from=wpc&uid=ST500LT012-9WS142_S0V77HF1XXXXS0V77HF1&q[...] [zja0ih4c.default-1414783947849] - Ligne Trouvée : user_pref("extensions.PpPZdn2OHrYlWafj.scode", "(function(){try{if(window.location.href.indexOf(\"rjg9rdsGpja5qHn8qjYErdCHqHn\")>-1){return;}}catch(e){}try{var d=[[\"www.ewoss.com\",\"livewebcams.xyz\[...] [zja0ih4c.default-1414783947849] - Ligne Trouvée : user_pref("extensions.kEcvR5yVLEDblZTY.scode", "(function(){try{if(window.location.href.indexOf(\"rjg9rdsGpja5qHn8qjYErdCHqHn\")>-1){return;}}catch(e){}try{var d=[[\"www.ewoss.com\",\"livewebcams.xyz\[...] [zja0ih4c.default-1414783947849] - Ligne Trouvée : user_pref("extensions.mwWthxYnLTCZJZ37.scode", "(function(){try{if(window.location.href.indexOf(\"rjg9rdsGpja5qHn8qjYErdCHqHn\")>-1){return;}}catch(e){}try{var d=[[\"www.ewoss.com\",\"livewebcams.xyz\[...] [zja0ih4c.default-1414783947849] - Ligne Trouvée : user_pref("plugin.state.npconduitfirefoxplugin", 0); -\\ Google Chrome v43.0.2357.130 [C:\Users\lahcene90\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Trouvée [Homepage] : hxxp://www.google.com/","homepage_changed":true,"homepage_is_newtabpage":true,"pinned_tabs":[],"protection":{"macs":{"browser":{"show_home_button":"B3C821FA0356DD1F0B8ED1871A345608B4984A6C61CB765280286ABA009CE993"},"default_search_provider":{"keyword":"F3133181FCAD419FD99DACC0DB77C2004B854B8B3E121E7A590CDFFFD19555CF","name":"A3BB73201A99038255E0D585366F1DDE04B790419DE9C9E98AD90B2F283D36A8","search_url":"CFF84CF8AAA2119A9BDFF98C2981BD0A7F0964D16650A38939B23900C715F43B"},"default_search_provider_data":{"template_url_data":"84B609A6106AB13770CEB3AB63CA35C33B50724F51B8242C9ECFBDFA09DC98B6"},"extensions":{"settings":{"aapocclcgogkmnckokdopfmhonfmgoek":"15B5E4EA3DDFA2AD7A4DE2237EF64BB62B6AB8B1AAD11716C6F750A02A1DE060","ahfgeienlihckogmohjhadlkjgocpleb":"959E1EA6F0F2BC2D137C710526B397466EA3A466E30FCB914B687F4810932661","aohghmighlieiainnegkcijnfilokake":"1B86E4C94369330B9125CA052853CC27BA6259678EE69F83395D3F21F94CA219","apdfllckaahabafndbhieahigkjlhalf":"A0945FE48CD01F4AAA1F87BF8E2106D976EDE867CDC959BB12EBBFD391BC4BDB","bepbmhgboaologfdajaanbcjmnhjmhfn":"623FB6CB0D44EC84B151A11CAA38B9B6B9AB950025B4E931894E87B0FE46CDCF","blpcfgokakmgnkcojhhkbfbldkacnbeo":"FF597C87D8380F3A0F7E685C5F5C6CFF95E4F5AC7927615DBC7A352A63454C8E","coobgpohoikkiipiblmjeljniedjpjpf":"74B6F2C40ED5400B5EB2436C87FFB868EC924A0B9666BD1994A1CE9D6DFDA70F","dnhpdliibojhegemfjheidglijccjfmc":"AB344E644F198BCD83A8ED0936C6A4E46F2DDA81CE5ECC58FE261855F69ABFEB","eemcgdkfndhakfknompkggombfjjjeno":"539A2E159CAB23CAD987F2B7AF6C2D21F80E2BDF30C53450554030471085896A","ennkphjdgehloodpbhlhldgbnhmacadg":"A318C8DB35E4BA0D16528C75D18E335B22F04C7005AA43E7BA561096B51181E4","felcaaldnbdncclmgdcncolpebgiejap":"BECF73406767FFC4A414A4DB6FD2C9B2FE8E8D74C575548C2157E04A1807AE19","fheoggkfdfchfphceeifdbepaooicaho":"B12089D63453C5FFDB88EDD2E242CD4C9F1B769666BA1292B2C29911A64702A2","gfdkimpbcpahaombhbimeihdjnejgicl":"ECB59ECB47B7A503C239558F5FE50C02711D1AAEEF886D24DD13EB1FCC3DC133","gokficnebmomagijbakglkcmhdbchbhn":"B88E1D22A59726EF6BBFF829798449A1DE359DACD24C7661C409F7AC8964871F","kmendfapggjehodndflmmgagdbamhnfd":"9E369A4C645A7DDDCC5944E161D0CACFB633EE4D38350024FDC91CD4CBF9C6A3","lccekmodgklaepjeofjdjpbminllajkg":"AB7E805263391C6CBF218B0BBE28D1822B9EEB924DB198179EF31FB3F1FB4037","mfehgcgbbipciphmccgaenjidiccnmng":"4BE91534CDB275114E9E0B228AE9438855958799541381829AE0F1B50DFFE29D","mfffpogegjflfpflabcdkioaeobkgjik":"AC98298B340E470532E4E07C10DC2903C76652CD7428A75DE49C27AE64CE4832","mgndgikekgjfcpckkfioiadnlibdjbkf":"FB8AE668EBAE0E8D71BCE17670CDDABB30BD46C77937EC6BC90D24BD993066CA","mhjfbmdgcfjbbpaeojofohoefgiehjai":"286DB4888B5C1DB685C38FE4459C5350D8ACA0233ECB832DF84C00055899F0C1","mliofombcghaamgjkmmmmlepkiacdhkh":"FA4EE7CCA1B2411FF19C93B1EB41E7DA20A08BC30DEE3E1F15CB7EC39F389F7F","nbpagnldghgfoolbancepceaanlmhfmd":"272B92865191095B129488F7E70D168DF78EBA194C271F0DCD2B72DB35563DD8","neajdppkdcdipfabeoofebfddakdcjhd":"BC62A37F7D24DA52125C8BEC03735ABA13B40BF912A53D2AB5B5E9E4EEC80F4C","nkeimhogjdpnpccoofpliimaahmaaome":"EBF9C0A2A7B672AD5CE23428AB3C5ECF8F6A183ED55E621556A2CA0CD227AD62","nmmhkkegccagdldgiimedpiccmgmieda":"0634DBA4613B469C43524B23FB57247641292C61074E3A02C9AECF5C59CA058A","oakhnpcgdembaopakdnfkejfcaeipeik":"831A8BDFC4F3C17F4595C83EE197AB7D84BAF5B47527B625E9CB8C8709FA2CFB","ofahpakdcmmkcppbfmdhklioekdhjigi":"83FBD6EF510FC64AAB8854990D3625FA8BA3E2595FC0D75B69DF9D59EDB2552D","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"78E639192C4312CE5536A61DBE73640C619B86FF2E9E7200D1453446C30BD9D0","pjkljhegncpnkpknbcohdijeoejaedia":"A98A4536B4AF2E349F49B5F795150D5844BAA3D24A4B132C5EAFD6F38261C8D4","plimopelmdneikoknbgpopffpbmlhgpa":"874143D93F44416FE5F753B856CE95684EDECE394CC89B61DB1B9044FCA160E8"}},"google":{"services":{"last_username":"998685A6A1D78A21FBA279FB9C601871953E3C7C90F02CE0ACF83397A63E0575","username":"61429293ECC2B2676BB2ED85337D9FACF99A2282AB65A9F7D04E93F410EA9511"}},"homepage":"C1E04174704E63F7E159869EE3A4736435CC5D5AD148704F19AA214D4D3DB0BC","homepage_is_newtabpage":"5360698CDD49CB1C2F87D0668F313004DDB02716D0BF228E4270CE3EF4302E6B","pinned_tabs":"80DF71C4C419F6BF6B19115B1C2EB4498F7C091350C1BA590445F857EBB9E132","prefs":{"preference_reset_time":"1C71E21FDA773F5834937987EF35BF2224FD543406931A005B772C9D80D76878"},"profile":{"reset_prompt_memento":"0D1EEDD161D387A3DEFACE622F8C5D05B629BC1C8BEE6EADF9AE3F2C685FC578"},"safebrowsing":{"incidents_sent":"49E81A91D4125F34DF99E240D2D42E1B490BCA003AB311F933D891F9292FFC74"},"search_provider_overrides":"4ADF2514445FF2F157D5990CB95BC0039F7AC36946C34BCF8A9537D6838EA220","session":{"restore_on_startup":"5A1789A6DE1F197D12817A2FB71893F3B2910A8442A178939D8EFB3F52748011","startup_urls":"340116ED767867ED6431E2EF42EE7536ECB4209B0FA3454074D5BA4E4D7A9A69"},"software_reporter":{"prompt_reason":"E1819267A59B1354D36D6F945FB83484B313CF4F32FFB5766D095AF72E915645","prompt_seed":"8DF1EB313B6B57F32A9693632E8089CD51008A0B5DA8A58497B3C789F10E1860","prompt_version":"7726AF27BDC2C7AEA694A7D46CE95D5FB17E55325C98D5A17D0DC4A761B96675"},"sync":{"remaining_rollback_tries":"96F1510C54BA188112EFF4AEF0FF47242738C9DCE2D97009F38CBE686EE88A93"}},"super_mac":"F4A58336F2C948450618EF5972375F5CE6F44CB6343A3065220AD2CE7BB558CC"},"session":{"restore_on_startup":5,"startup_urls":["hxxp://www.only-search.com/?babsrc=HP_ss&mntrId=BE3500FF7ABA8077&affID=129300&tsp=5417 [C:\Users\lahcene90\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Trouvée [Startup_URLs] : 340116ED767867ED6431E2EF42EE7536ECB4209B0FA3454074D5BA4E4D7A9A69"},"software_reporter":{"prompt_reason":"E1819267A59B1354D36D6F945FB83484B313CF4F32FFB5766D095AF72E915645","prompt_seed":"8DF1EB313B6B57F32A9693632E8089CD51008A0B5DA8A58497B3C789F10E1860","prompt_version":"7726AF27BDC2C7AEA694A7D46CE95D5FB17E55325C98D5A17D0DC4A761B96675"},"sync":{"remaining_rollback_tries":"96F1510C54BA188112EFF4AEF0FF47242738C9DCE2D97009F38CBE686EE88A93"}},"super_mac":"F4A58336F2C948450618EF5972375F5CE6F44CB6343A3065220AD2CE7BB558CC"},"session":{"restore_on_startup":5,"startup_urls":["hxxp://www.only-search.com/?babsrc=HP_ss&mntrId=BE3500FF7ABA8077&affID=129300&tsp=5417 ************************* AdwCleaner[R0].txt - [14292 octets] - [05/07/2015 19:10:39] ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [14353 octets] ##########