======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: http://www.teamxscript.org C:\Program Files\Ad-Remover\main.exe (CLEAN [4]) -> Lancé à 05:05:17 le 02/09/2011, Mode normal Microsoft Windows XP Professionnel Service Pack 3 (X86) Etienne@ETIENNE ( ) ============== ACTION(S) ============== (!) -- Fichiers temporaires supprimés. Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} ============== SCAN ADDITIONNEL ============== **** Mozilla Firefox Version [3.6.21 (fr)] **** Plugins\npFoxitReaderPlugin.dll (Foxit Software Company) HKLM_MozillaPlugins\Adobe Reader (x) HKLM_MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 (x) -- C:\Documents and Settings\Etienne\Application Data\Mozilla\FireFox\Profiles\vvldnc3w.default -- Extensions\accessme@security.compass (Access Me) Extensions\firebug@software.joehewitt.com (Firebug) Extensions\kempelton-fx@arvidaxelsson.se (Kempelton) Extensions\plugin@yontoo.com (Yontoo Layers) Extensions\savemytabs@dmitriy.khudorozhkov (Save My Tabs) Extensions\sqlime@security.compass (SQL Inject Me) Extensions\staged-xpis (?) Extensions\xssme@security.compass (XSS Me) Extensions\{9A752782-D706-479b-98F8-3F66BF921692} (Hyperwords) Extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947} (Tamper Data) Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12} (Web Developer) Extensions\{dc572301-7619-498c-a57d-39143191b318} (?) Extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B} (Memory Fox) Searchplugins\hyperwords.xml (?) Prefs.js - browser.download.lastDir, H:\\Download Prefs.js - browser.search.selectedEngine, Web Search Prefs.js - browser.startup.homepage, hxxp://www.google.fr/ Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.21 Prefs.js - privacy.popups.showBrowserMessage, false ======================================== **** Google Chrome Version [13.0.782.218] **** Extension\niapdbllcanepiiimjjndipklodoedlc (C:\DOCUME~1\Etienne\LOCALS~1\Temp\YontooLayers.crx) (x) -- C:\Documents and Settings\Etienne\Local Settings\Application Data\Google\Chrome\User Data\Default -- Preferences - default_search_provider: "Web Search" (Activé: true) (hxxp://www.searchqu.com/web?src=crb&systemid=403&q={searchTerms}) Preferences - homepage: hxxp://www.google.fr/ Preferences - homepage_is_newtabpage: false Plugin - "Foxit Reader Plugin for Mozilla" (Activé: true) Plugin - "Yahoo! activeX Plug-in Bridge" (Activé: true) Preferences - urls_to_restore_on_startup: hxxp://www.google.fr/ ======================================== **** Internet Explorer Version [8.0.6001.18702] **** HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896 HKCU_Main|Start Page - hxxp://fr.msn.com/ HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Start Page - hxxp://fr.msn.com/ HKCU_Toolbar\WebBrowser|{47833539-D0C5-4125-9FA8-0819E2EAAC93} (C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll) HKLM_Toolbar|{47833539-D0C5-4125-9FA8-0819E2EAAC93} (C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll) HKLM_Toolbar|{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} (C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll) HKLM_ElevationPolicy\a0145ae0-d7da-48de-a06c-3b25aebfca2d - C:\Program Files\Hot_MP3\Hot_MP3ToolbarHelper.exe (x) HKLM_ElevationPolicy\{C442AC41-9200-4770-8CC0-7CDB4F245C55} - C:\Program Files\Google\Update\GoogleUpdate.exe (?) HKLM_ElevationPolicy\{d8a5d001-3352-40db-9d1c-ed46683193b5} - C:\Program Files\Windows Live\Writer\WindowsLiveWriter.exe (x) HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?) BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?) BHO\{D4027C7F-154A-4066-A1AD-4243D8127440} (?) ======================================== C:\Program Files\Ad-Remover\Quarantine: 67 Fichier(s) C:\Program Files\Ad-Remover\Backup: 17 Fichier(s) C:\Ad-Report-CLEAN[1].txt - 02/09/2011 04:16:38 (10041 Octet(s)) C:\Ad-Report-CLEAN[2].txt - 02/09/2011 04:25:22 (4912 Octet(s)) C:\Ad-Report-CLEAN[3].txt - 02/09/2011 04:40:23 (4868 Octet(s)) C:\Ad-Report-CLEAN[4].txt - 02/09/2011 05:05:22 (4422 Octet(s)) C:\Ad-Report-SCAN[1].txt - 02/09/2011 04:15:28 (11315 Octet(s)) Fin à: 05:07:07, 02/09/2011 ============== E.O.F ==============