# AdwCleaner v6.000 - Rapport créé le 16/08/2016 à 19:56:15 # Mis à jour le 12/08/2016 par ToolsLib # Base de données : 2016-08-16.1 [Serveur] # Système d'exploitation : Windows 10 Home (X64) # Nom d'utilisateur : Alice - BOUHBOUH # Exécuté depuis : C:\Users\Alice\Downloads\adwcleaner_6.000.exe # Mode: Scan # Support : https://toolslib.net/forum ***** [ Services ] ***** Aucun service malveillant trouvé. ***** [ Dossiers ] ***** Dossier trouvé: C:\Users\Alice\AppData\Local\Giant Savings Dossier trouvé: C:\Users\Alice\AppData\LocalLow\Claro LTD Dossier trouvé: C:\Users\Alice\AppData\LocalLow\SweetIM Dossier trouvé: C:\Users\Alice\AppData\Roaming\cacaoweb Dossier trouvé: C:\Users\Alice\AppData\Roaming\Funmoods Dossier trouvé: C:\Users\Alice\AppData\Roaming\OpenCandy Dossier trouvé: C:\Users\Alice\AppData\Roaming\RPEng Dossier trouvé: C:\Users\Invité\webplayer Dossier trouvé: C:\Users\Invité\Webplayer Dossier trouvé: C:\Users\Invité\AppData\Roaming\cacaoweb Dossier trouvé: C:\ProgramData\Tarma Installer Dossier trouvé: C:\ProgramData\Application Data\Tarma Installer Dossier trouvé: C:\Program Files (x86)\Giant Savings Dossier trouvé: C:\Users\Alice\AppData\Roaming\Mozilla\Firefox\Profiles\y41uezyq.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF} Dossier trouvé: C:\Users\Alice\AppData\Roaming\Mozilla\Firefox\Profiles\y41uezyq.default\extensions\cacaoweb@cacaoweb.org Dossier trouvé: C:\Users\Alice\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj ***** [ Fichiers ] ***** Fichier trouvé: C:\Users\Invité\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WebPlayerV2.lnk Fichier trouvé: C:\Users\Public\Desktop\eBay.lnk Fichier trouvé: C:\user.js Fichier trouvé: C:\Users\Alice\AppData\Roaming\Mozilla\Firefox\Profiles\y41uezyq.default\extensions\staged\ffxtlbr@funmoods.com.json Fichier trouvé: C:\Users\Alice\AppData\Roaming\Mozilla\Firefox\Profiles\y41uezyq.default\searchplugins\Web Search.xml Fichier trouvé: C:\Users\Alice\AppData\Roaming\Mozilla\Firefox\Profiles\y41uezyq.default\searchplugins\Search Provided by Yahoo.xml Fichier trouvé: C:\Users\Alice\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_halffneccaebicfdfajnbfgpglahfgoe_0.localstorage-journal Fichier trouvé: C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_fr.windfinder.com_0.localstorage Fichier trouvé: C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_fr.windfinder.com_0.localstorage-journal Fichier trouvé: C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage Fichier trouvé: C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal Fichier trouvé: C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_fr.windfinder.com_0.localstorage Fichier trouvé: C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_fr.windfinder.com_0.localstorage-journal Fichier trouvé: C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage Fichier trouvé: C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal ***** [ DLL ] ***** Aucune DLL patchée trouvée. ***** [ WMI ] ***** Aucune clé malveillante trouvée. ***** [ Raccourcis ] ***** Aucun raccourci infecté trouvé. ***** [ Tâches planifiées ] ***** Tâche trouvée: DealPlyUpdate Tâche trouvée: Funmoods Tâche trouvée: OpenCandyHelperRunOnce ***** [ Registre ] ***** Clé trouvée: HKLM\SOFTWARE\Classes\CrossriderApp0004479.BHO Clé trouvée: HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc Clé trouvée: HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc.1 Clé trouvée: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK Clé trouvée: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1 Clé trouvée: HKLM\SOFTWARE\Classes\Prod.cap Clé trouvée: [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Clé trouvée: [x64] HKLM\SOFTWARE\Classes\Interface\{16466D47-74A8-4928-B8B2-07CD79ABFC9F} Clé trouvée: [x64] HKLM\SOFTWARE\Classes\Interface\{26D5CC0A-7A46-4D86-AF45-2EFA320B0C54} Clé trouvée: [x64] HKLM\SOFTWARE\Classes\Interface\{2D13AC8F-037E-40C5-ADA6-231BA74EA2F4} Clé trouvée: [x64] HKLM\SOFTWARE\Classes\Interface\{322EDCF5-9E7D-4021-8C67-F3FFE4961A38} Clé trouvée: [x64] HKLM\SOFTWARE\Classes\Interface\{3E254398-828F-4D51-A39E-3F6B6D96A12C} Clé trouvée: [x64] HKLM\SOFTWARE\Classes\Interface\{442DAF0C-7EAD-48D9-ABEA-E0036470D6D5} Clé trouvée: [x64] HKLM\SOFTWARE\Classes\Interface\{58EB187D-24F8-4423-BD6C-655CE4C416BD} Clé trouvée: [x64] HKLM\SOFTWARE\Classes\Interface\{6BEB066C-A791-4A21-B934-7783533FE888} Clé trouvée: [x64] HKLM\SOFTWARE\Classes\Interface\{A07612DF-B1DD-484F-A1C3-36CA4CE919D2} Clé trouvée: [x64] HKLM\SOFTWARE\Classes\Interface\{A76F97B2-2C56-456A-A29E-72741595C2E8} Clé trouvée: [x64] HKLM\SOFTWARE\Classes\Interface\{B19D9D96-E59C-4936-B283-8A831CDB3A53} Clé trouvée: [x64] HKLM\SOFTWARE\Classes\Interface\{DC8AAABA-3F8B-4866-8B3A-D9368133A478} Clé trouvée: [x64] HKLM\SOFTWARE\Classes\Interface\{E15519AE-99BE-42DD-BE60-FFC3C183F443} Clé trouvée: [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847} Clé trouvée: [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847} Clé trouvée: [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847} Clé trouvée: [x64] HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270} Clé trouvée: [x64] HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A} Valeur trouvée: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}] Clé trouvée: HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Clé trouvée: HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706} Clé trouvée: HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062} Clé trouvée: HKLM\SOFTWARE\Classes\AppID\{CCC3E766-7BA9-4629-AC1A-7F4B7F362E65} Clé trouvée: HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Clé trouvée: HKLM\SOFTWARE\Classes\CLSID\{05340575-7D2A-4266-9A84-7EEBDC476884} Clé trouvée: HKLM\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840} Clé trouvée: HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Clé trouvée: HKLM\SOFTWARE\Classes\CLSID\{97C47A30-3CFB-474B-94E3-6019A7EE0610} Clé trouvée: HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Clé trouvée: HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8} Clé trouvée: HKLM\SOFTWARE\Classes\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146} Clé trouvée: HKLM\SOFTWARE\Classes\CLSID\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A} Clé trouvée: HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Clé trouvée: HKLM\SOFTWARE\Classes\Interface\{16466D47-74A8-4928-B8B2-07CD79ABFC9F} Clé trouvée: HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Clé trouvée: HKLM\SOFTWARE\Classes\Interface\{26D5CC0A-7A46-4D86-AF45-2EFA320B0C54} Clé trouvée: HKLM\SOFTWARE\Classes\Interface\{2D13AC8F-037E-40C5-ADA6-231BA74EA2F4} Clé trouvée: HKLM\SOFTWARE\Classes\Interface\{322EDCF5-9E7D-4021-8C67-F3FFE4961A38} Clé trouvée: HKLM\SOFTWARE\Classes\Interface\{3E254398-828F-4D51-A39E-3F6B6D96A12C} Clé trouvée: HKLM\SOFTWARE\Classes\Interface\{442DAF0C-7EAD-48D9-ABEA-E0036470D6D5} Clé trouvée: HKLM\SOFTWARE\Classes\Interface\{58EB187D-24F8-4423-BD6C-655CE4C416BD} Clé trouvée: HKLM\SOFTWARE\Classes\Interface\{6BEB066C-A791-4A21-B934-7783533FE888} Clé trouvée: HKLM\SOFTWARE\Classes\Interface\{A07612DF-B1DD-484F-A1C3-36CA4CE919D2} Clé trouvée: HKLM\SOFTWARE\Classes\Interface\{A76F97B2-2C56-456A-A29E-72741595C2E8} Clé trouvée: HKLM\SOFTWARE\Classes\Interface\{B19D9D96-E59C-4936-B283-8A831CDB3A53} Clé trouvée: HKLM\SOFTWARE\Classes\Interface\{DC8AAABA-3F8B-4866-8B3A-D9368133A478} Clé trouvée: HKLM\SOFTWARE\Classes\Interface\{E15519AE-99BE-42DD-BE60-FFC3C183F443} Clé trouvée: HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847} Clé trouvée: HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847} Clé trouvée: HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847} Clé trouvée: HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270} Clé trouvée: HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A} Clé trouvée: HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Clé trouvée: HKLM\SOFTWARE\Classes\TypeLib\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706} Clé trouvée: HKLM\SOFTWARE\Classes\TypeLib\{A903AC15-686E-4D67-A355-86FCBE9F60DA} Clé trouvée: HKLM\SOFTWARE\Classes\TypeLib\{CCC3E766-7BA9-4629-AC1A-7F4B7F362E65} Clé trouvée: HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847} Clé trouvée: HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847} Clé trouvée: HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552} Valeur trouvée: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}] Clé trouvée: [x64] HKLM\SOFTWARE\Tarma Installer Clé trouvée: HKU\S-1-5-21-967937696-1063600968-1196017105-1000\Software\BabylonToolbar Clé trouvée: HKU\S-1-5-21-967937696-1063600968-1196017105-1000\Software\cacaoweb Clé trouvée: HKU\S-1-5-21-967937696-1063600968-1196017105-1000\Software\Claro LTD Clé trouvée: HKU\S-1-5-21-967937696-1063600968-1196017105-1000\Software\Cr_Installer Clé trouvée: HKU\S-1-5-21-967937696-1063600968-1196017105-1000\Software\InstallCore Clé trouvée: HKU\S-1-5-21-967937696-1063600968-1196017105-1000\Software\Microsoft\Babylon Clé trouvée: HKU\S-1-5-21-967937696-1063600968-1196017105-1000\Software\PRODUCTSETUP Clé trouvée: HKU\S-1-5-21-967937696-1063600968-1196017105-1000\Software\SweetIM Clé trouvée: HKU\S-1-5-21-967937696-1063600968-1196017105-1000\Software\TeleCharger Clé trouvée: HKU\S-1-5-21-967937696-1063600968-1196017105-1000\Software\AppDataLow\Software\Crossrider Clé trouvée: HKU\S-1-5-21-967937696-1063600968-1196017105-1000\Software\AppDataLow\Software\Giant Savings Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-967937696-1063600968-1196017105-1000\Software\Claro LTD Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-967937696-1063600968-1196017105-1000\Software\SweetIM Clé trouvée: HKCU\Software\BabylonToolbar Clé trouvée: HKCU\Software\cacaoweb Clé trouvée: HKCU\Software\Claro LTD Clé trouvée: HKCU\Software\Cr_Installer Clé trouvée: HKCU\Software\InstallCore Clé trouvée: HKCU\Software\Microsoft\Babylon Clé trouvée: HKCU\Software\PRODUCTSETUP Clé trouvée: HKCU\Software\SweetIM Clé trouvée: HKCU\Software\TeleCharger Clé trouvée: HKCU\Software\AppDataLow\Software\Crossrider Clé trouvée: HKCU\Software\AppDataLow\Software\Giant Savings Clé trouvée: HKLM\SOFTWARE\Babylon Clé trouvée: HKLM\SOFTWARE\BabylonToolbar Clé trouvée: HKLM\SOFTWARE\Claro LTD Clé trouvée: HKLM\SOFTWARE\DealPly Clé trouvée: HKLM\SOFTWARE\InstallCore Clé trouvée: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA} Clé trouvée: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F21ABA47-CE22-4B3D-8F47-8BF08C21C094} Clé trouvée: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2468513CA2D6943A1A233CD3F88CE7 Clé trouvée: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467 Clé trouvée: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193 Clé trouvée: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\20E71B53321C641458DBDAF83979D193 Clé trouvée: [x64] HKLM\SOFTWARE\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193 Clé trouvée: HKLM\SOFTWARE\Classes\Installer\Features\3192AA38321C641458DBDAF83979D193 Clé trouvée: HKLM\SOFTWARE\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193 Clé trouvée: HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\20E71B53321C641458DBDAF83979D193 Donnée trouvée: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRghHJFwKBVpDGRhFJV8ATA0UFgEOIg4LBxRDGQJGcwgMU1sUEQIFIk0FA1ADB0VXfVBdFElXTwhuIVdBM1wCVFlXM3FNAw== Valeur trouvée: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain] Clé trouvée: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Donnée trouvée: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - Clé trouvée: HKU\S-1-5-21-967937696-1063600968-1196017105-1000\Software\Microsoft\Internet Explorer\SearchScopes\OldSearch Clé trouvée: HKU\S-1-5-21-967937696-1063600968-1196017105-1000\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} Clé trouvée: HKU\S-1-5-21-967937696-1063600968-1196017105-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\OldSearch Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} Clé trouvée: HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Clé trouvée: HKLM\SOFTWARE\Classes\AppID\esrv.EXE Clé trouvée: HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E} Clé trouvée: HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24} Clé trouvée: HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6} Clé trouvée: HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9} Valeur trouvée: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe] Valeur trouvée: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll] Clé trouvée: HKLM\SOFTWARE\Classes\c Valeur trouvée: HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb [] Valeur trouvée: HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje [] Valeur trouvée: HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje [] Valeur trouvée: HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn [] Valeur trouvée: HKLM\SOFTWARE\Google\Chrome\Extensions\ndkhncnongaclekkbelchmeafffimifj [] Valeur trouvée: HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj [] ***** [ Navigateurs web ] ***** Firefox préf trouvée: [C:\Users\Alice\AppData\Roaming\Mozilla\Firefox\Profiles\y41uezyq.default\prefs.js] - "browser.newtab.url" - "hxxp://home.sweetim.com/?src=97&barid=null" Firefox préf trouvée: [C:\Users\Alice\AppData\Roaming\Mozilla\Firefox\Profiles\y41uezyq.default\prefs.js] - "browser.search.defaultenginename" - "SweetIM Search" Firefox préf trouvée: [C:\Users\Alice\AppData\Roaming\Mozilla\Firefox\Profiles\y41uezyq.default\prefs.js] - "browser.search.selectedEngine" - "Search Provided by Yahoo" Firefox préf trouvée: [C:\Users\Alice\AppData\Roaming\Mozilla\Firefox\Profiles\y41uezyq.default\prefs.js] - "browser.startup.homepage" - "hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_15_43¶m1=1¶m2=f%3D1%26b%3DFirefox%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0D0CtD0E0AtCzy0E0BzzyC0A0EtDtA0BtN0D0Tzu0StCtAzytCtN1L2XzutAtFtCyEtFtDtFtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StBtDyCzz0ByEzytBtGyD0BtA0DtGyCyC0DtDtGtD0E0B0AtGzy0A0DyDtDzztB0ByD0EtB0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzzyBzytDzy0EtCtDtGtDtB0EyDtGyEzytAyDtG0ByCtAyCtG0FtAtAyBzz0EtCyBzzzy0ByD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtCtByC%26cr%3D1229499961%26a%3Dwncy_ir_15_43%26os%3DWindows%2B7%2BHome%2BPremium" Firefox préf trouvée: [C:\Users\Alice\AppData\Roaming\Mozilla\Firefox\Profiles\y41uezyq.default\prefs.js] - "extensions.funmoods.hmpgUrl" - "hxxp://searchfunmoods.com/?f=1&a=ironpub12&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtCzy0E0BzzyC0A0EtDtA0BtN0D0Tzu0StAzzyCtN1L2XzutBtFtBtFtCtFyEyCyCtN1L1Czu1L1C1F1G1E2Y1StCtB&cr=1468607914&ir=" Firefox préf trouvée: [C:\Users\Alice\AppData\Roaming\Mozilla\Firefox\Profiles\y41uezyq.default\prefs.js] - "extensions.funmoods.newTabUrl" - "hxxp://searchfunmoods.com/?f=2&a=ironpub12&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtCzy0E0BzzyC0A0EtDtA0BtN0D0Tzu0StAzzyCtN1L2XzutBtFtBtFtCtFyEyCyCtN1L1Czu1L1C1F1G1E2Y1StCtB&cr=1468607914&ir=" Firefox préf trouvée: [C:\Users\Alice\AppData\Roaming\Mozilla\Firefox\Profiles\y41uezyq.default\prefs.js] - "extensions.funmoods.prdct" - "funmoods" Firefox préf trouvée: [C:\Users\Alice\AppData\Roaming\Mozilla\Firefox\Profiles\y41uezyq.default\prefs.js] - "extensions.funmoods.prtnrId" - "funmoods" Firefox préf trouvée: [C:\Users\Alice\AppData\Roaming\Mozilla\Firefox\Profiles\y41uezyq.default\prefs.js] - "extensions.funmoods.tlbrSrchUrl" - "hxxp://searchfunmoods.com/?f=3&a=ironpub12&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtCzy0E0BzzyC0A0EtDtA0BtN0D0Tzu0StAzzyCtN1L2XzutBtFtBtFtCtFyEyCyCtN1L1Czu1L1C1F1G1E2Y1StCtB&cr=1468607914&ir=&q=" Firefox préf trouvée: [C:\Users\Alice\AppData\Roaming\Mozilla\Firefox\Profiles\y41uezyq.default\prefs.js] - "keyword.URL" - "hxxp://search.sweetim.com/search.asp?src=2&crg=3.1010000.10025&q=" Firefox préf trouvée: [C:\Users\Alice\AppData\Roaming\Mozilla\Firefox\Profiles\y41uezyq.default\prefs.js] - "sweetim.toolbar.dialogs.0.url" - "hxxp://www.sweetim.com/simffbar/options_remote_ff_1_6.html" Firefox préf trouvée: [C:\Users\Alice\AppData\Roaming\Mozilla\Firefox\Profiles\y41uezyq.default\prefs.js] - "sweetim.toolbar.dialogs.2.url" - "hxxp://www.sweetim.com/simffbar/simcdadialog.asp" Firefox préf trouvée: [C:\Users\Alice\AppData\Roaming\Mozilla\Firefox\Profiles\y41uezyq.default\prefs.js] - "sweetim.toolbar.dnscatch.domain-blacklist" - ".*.sweetim.com/.* .*.facebook.com/.* .*.google.com/.* .*.google.co.in/.* .*.google.com.br/.* .*.google.es/.* .*.youtube.com/.* .*.yahoo.com/.* .*.orkut.com.br/.* .*login.live.com/.* .*youtubedownloader.mybrowserbar.com/.*" Firefox préf trouvée: [C:\Users\Alice\AppData\Roaming\Mozilla\Firefox\Profiles\y41uezyq.default\prefs.js] - "sweetim.toolbar.rc.url" - "hxxp://www.sweetim.com/simffbar/rc.html?toolbar_version=$ITEM_VERSION;&crg=$cargo;" Firefox préf trouvée: [C:\Users\Alice\AppData\Roaming\Mozilla\Firefox\Profiles\y41uezyq.default\prefs.js] - "sweetim.toolbar.scripts.0.url" - "hxxp://sc.sweetim.com/apps/in/fb/infb.js" Firefox préf trouvée: [C:\Users\Alice\AppData\Roaming\Mozilla\Firefox\Profiles\y41uezyq.default\prefs.js] - "sweetim.toolbar.scripts.1.url" - "hxxps://sc.sweetim.com/apps/in/fb/infb.js" Firefox préf trouvée: [C:\Users\Alice\AppData\Roaming\Mozilla\Firefox\Profiles\y41uezyq.default\prefs.js] - "sweetim.toolbar.scripts.2.domain-blacklist" - ".*.google..* .*.bing..* .*.live..* .*.msn..* .*.yahoo..* .*.youtube.com.* .*ask.com.* .*.sweetim.com.*" Firefox préf trouvée: [C:\Users\Alice\AppData\Roaming\Mozilla\Firefox\Profiles\y41uezyq.default\prefs.js] - "sweetim.toolbar.urls.homepage" - "hxxp://home.sweetim.com/?crg=3.1010000.10025&barid={C31A47D3-50ED-11E2-ABFE-DC0EA19EB86A}" Firefox préf trouvée: [C:\Users\Alice\AppData\Roaming\Mozilla\Firefox\Profiles\y41uezyq.default\user.js] - "extensions.funmoods.hmpgUrl" - "hxxp://searchfunmoods.com/?f=1&a=ironpub12&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtCzy0E0BzzyC0A0EtDtA0BtN0D0Tzu0StAzzyCtN1L2XzutBtFtBtFtCtFyEyCyCtN1L1Czu1L1C1F1G1E2Y1StCtB&cr=1468607914&ir=" Firefox préf trouvée: [C:\Users\Alice\AppData\Roaming\Mozilla\Firefox\Profiles\y41uezyq.default\user.js] - "extensions.funmoods.newTabUrl" - "hxxp://searchfunmoods.com/?f=2&a=ironpub12&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtCzy0E0BzzyC0A0EtDtA0BtN0D0Tzu0StAzzyCtN1L2XzutBtFtBtFtCtFyEyCyCtN1L1Czu1L1C1F1G1E2Y1StCtB&cr=1468607914&ir=" Firefox préf trouvée: [C:\Users\Alice\AppData\Roaming\Mozilla\Firefox\Profiles\y41uezyq.default\user.js] - "extensions.funmoods.tlbrSrchUrl" - "hxxp://searchfunmoods.com/?f=3&a=ironpub12&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtCzy0E0BzzyC0A0EtDtA0BtN0D0Tzu0StAzzyCtN1L2XzutBtFtBtFtCtFyEyCyCtN1L1Czu1L1C1F1G1E2Y1StCtB&cr=1468607914&ir=&q=" Firefox préf trouvée: [C:\Users\Alice\AppData\Roaming\Mozilla\Firefox\Profiles\y41uezyq.default\user.js] - "extensions.funmoods.prtnrId" - "funmoods" Firefox préf trouvée: [C:\Users\Alice\AppData\Roaming\Mozilla\Firefox\Profiles\y41uezyq.default\user.js] - "extensions.funmoods.prdct" - "funmoods" Chromium préf trouvée: [C:\Users\Alice\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRghHJFwKBVpDGRhFJV8ATA0UFgEOIg4LBxRDGQJGcwgMU1sUEQIFIk0FA1oDB0VXfV5bFElXTwhuIVdBM1wCVFlXM3FNAw== Chromium préf trouvée: [C:\Users\Alice\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - jcdgjdiieiljkfkdcloehkohchhpekkn Chromium préf trouvée: [C:\Users\Alice\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - ndkhncnongaclekkbelchmeafffimifj Chromium préf trouvée: [C:\Users\Alice\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - niapdbllcanepiiimjjndipklodoedlc Chromium préf trouvée: [C:\Users\Alice\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - ogccgbmabaphcakpiclgcnmcnimhokcj Chromium préf trouvée: [C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Web data] - fr.windfinder.com ************************* C:\AdwCleaner\AdwCleaner[S0].txt - [22395 octets] - [16/08/2016 19:56:15] ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [22470 octets] ##########