Espionnage et rapport Ad-remover
karolyne1973
Messages postés
3
Statut
Membre
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
Apres avoir eu quelques soucis pour poster mon message précédent, je me permets de le remettre plus clairement ici.
Donc suite à de très gros doutes sur un espionnage de mes données personnelles par mon patron, j'ai donc fait un scan et un nettoyage par ad-remover. Le probleme est que je ne parviens pas a comprendre le rapport.
Avant tout, je tiens à préciser que:
- j'utilise un pc perso pour travailler professionnellement,
- je me connecte au net par wifi ou par fil,
- je ne travaille pas en France mais en Turquie,
- les lois locales contre la surveillance informatique sans accord préalable sont inexistantes et que de toute façon, les employeurs s'en moquent et font, à peu près, tout ce qu'ils veulent,
- l'espionnage dans mon entreprise est une donnée courante tant au niveau des actes professionnels que personnels....
Donc...
J'aimerais beaucoup avoir votre aide pour savoir....
======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 =======
Updated by TeamXscript on 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
website: http://www.teamxscript.org
C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 13:44:27 on 08/09/2011, Normal boot
Microsoft Windows 7 Home Basic (X64)
user@USER-BILGISAYAR (Dell Inc. Inspiron N5010)
============== ACTION(S) ==============
Folder deleted: C:\Users\user\AppData\Roaming\Mozilla\FireFox\Profiles\7kxu2wis.default\conduit
Folder deleted: C:\Users\user\AppData\Roaming\Mozilla\FireFox\Profiles\7kxu2wis.default\ConduitEngine
Folder deleted: C:\Users\user\AppData\Roaming\Mozilla\FireFox\Profiles\7kxu2wis.default\extensions\engine@conduit.com
Folder deleted: C:\Users\user\AppData\Local\Conduit
Folder deleted: C:\Users\user\AppData\LocalLow\Conduit
Folder deleted: C:\Program Files (x86)\Conduit
Folder deleted: C:\Users\user\AppData\LocalLow\ConduitEngine
Folder deleted: C:\Program Files (x86)\ConduitEngine
Folder deleted: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CrazyLoader
Folder deleted: C:\Program Files (x86)\CrazyLoader
Folder deleted: C:\Users\user\AppData\Local\OpenCandy
Folder deleted: C:\Users\user\AppData\LocalLow\PriceGong
Folder deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports
Folder deleted: C:\Users\user\AppData\Roaming\ShopperReports3
Folder deleted: C:\Users\user\AppData\LocalLow\ShopperReports3
Folder deleted: C:\Program Files (x86)\ShopperReports3
(!) -- Temporary files deleted.
-- File opened: C:\Users\user\AppData\Roaming\Mozilla\FireFox\Profiles\7kxu2wis.default\Prefs.js --
/!\ Unable to open the file, cleaning interrupted /!\
-- File closed --
Key deleted: HKLM\Software\Classes\CLSID\{09325003-167C-483d-A4BA-8B3122ABB432}
Key deleted: HKLM\Software\Classes\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227}
Key deleted: HKLM\Software\Classes\CLSID\{100EB1FD-D03E-47fd-81F3-EE91287F9465}
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100EB1FD-D03E-47fd-81F3-EE91287F9465}
Key deleted: HKLM\Software\Classes\CLSID\{20EA9658-6BC3-4599-A87D-6371FE9295FC}
Key deleted: HKLM\Software\Classes\CLSID\{2721A8E5-BFDB-4562-9912-9E0531CA616C}
Key deleted: HKLM\Software\Classes\AppID\{7025E484-D4B0-441a-9F0B-69063BD679CE}
Key deleted: HKLM\Software\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
Key deleted: HKLM\Software\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Key deleted: HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key deleted: HKLM\Software\Classes\CLSID\{396CFC12-932D-496b-A0A8-5D7201E105E1}
Key deleted: HKLM\Software\Classes\AppID\{A89256AD-EC17-4a83-BEF5-4B8BC4F39306}
Key deleted: HKLM\Software\Classes\CLSID\{6DD76B7B-6423-4df0-9A07-84A6CAD973A0}
Key deleted: HKLM\Software\Classes\CLSID\{6DF77AA3-27AF-46f2-A1DA-B569AC6BEEFF}
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6DF77AA3-27AF-46f2-A1DA-B569AC6BEEFF}
Key deleted: HKLM\Software\Classes\CLSID\{6F6C45E4-E231-4F0F-8CD8-AA5770303EAA}
Key deleted: HKLM\Software\Classes\Interface\{6F6C45E4-E231-4F0F-8CD8-AA5770303EAA}
Key deleted: HKLM\Software\Classes\CLSID\{74C22317-5B90-471f-9AD2-FEC049870A16}
Key deleted: HKLM\Software\Classes\CLSID\{7F6CFB6A-9227-4bb8-B941-F2B067E76F51}
Key deleted: HKLM\Software\Classes\CLSID\{86429515-0E67-40F2-999B-0C4BFD785ACE}
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{86429515-0E67-40F2-999B-0C4BFD785ACE}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{86429515-0E67-40F2-999B-0C4BFD785ACE}
Key deleted: HKLM\Software\Classes\CLSID\{86460CE5-46A0-4543-B8FE-2D2AE182A2FE}
Key deleted: HKLM\Software\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079a25-328f-4bd4-be04-00955acaa0a7}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079a25-328f-4bd4-be04-00955acaa0a7}
Key deleted: HKLM\Software\Classes\CLSID\{A16AD1E9-F69A-45af-9462-B1C286708842}
Key deleted: HKLM\Software\Classes\CLSID\{A1755B14-2AFA-42a6-97C3-AA81B4482B71}
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1755B14-2AFA-42a6-97C3-AA81B4482B71}
Key deleted: HKLM\Software\Classes\CLSID\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE}
Key deleted: HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE}
Key deleted: HKLM\Software\Classes\CLSID\{AB0EE208-DF60-4fa7-A617-C4269760033E}
Key deleted: HKLM\Software\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
Key deleted: HKLM\Software\Classes\CLSID\{B63808A8-641E-4201-BFF7-4ADBC6F42FA4}
Key deleted: HKLM\Software\Classes\AppID\{8258B35C-05B8-4c0e-9525-9BCCC70F8F2D}
Key deleted: HKLM\Software\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
Key deleted: HKLM\Software\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
Key deleted: HKLM\Software\Classes\CLSID\{C5F65718-341D-4e7d-9842-FCB9CC89527E}
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C5F65718-341D-4e7d-9842-FCB9CC89527E}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C5F65718-341D-4e7d-9842-FCB9CC89527E}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5F65718-341D-4e7d-9842-FCB9CC89527E}
Key deleted: HKLM\Software\Classes\CLSID\{C9CCBB35-D123-4a31-AFFC-9B2933132116}
Key deleted: HKLM\Software\Classes\CLSID\{CB1CC8F5-D23C-400F-8472-F6AEFEDE4768}
Key deleted: HKLM\Software\Classes\Interface\{CB1CC8F5-D23C-400F-8472-F6AEFEDE4768}
Key deleted: HKLM\Software\Classes\CLSID\{E12AEAB6-7D12-4c07-8E36-5892EFB4DAFB}
Key deleted: HKLM\Software\Classes\CLSID\{E2F2C137-A782-4fb5-81AF-086156F5EB0A}
Key deleted: HKLM\Software\Classes\CLSID\{F1D06C9F-51F0-4476-BEDE-5DDF91BE304E}
Key deleted: HKLM\Software\Classes\CLSID\{f379a94e-3c5d-4bad-b32c-0e3af1cc3617}
Key deleted: HKLM\Software\Classes\CLSID\{F3A32DF2-7413-4fb1-B575-1AC920A17B76}
Key deleted: HKLM\Software\Classes\Interface\{21BA420E-161C-413A-B21E-4E42AE1F4226}
Key deleted: HKLM\Software\Classes\Interface\{453DB0C5-F41C-4D97-8DD6-CC72ECD5F699}
Key deleted: HKLM\Software\Classes\Interface\{471E3998-588E-41D5-A874-FA11C44B70DE}
Key deleted: HKLM\Software\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Key deleted: HKLM\Software\Classes\Interface\{4AFC07D0-59BB-46B8-B097-1A46E88EEF71}
Key deleted: HKLM\Software\Classes\Interface\{4F309FEB-422A-4808-91D0-71DFACCCA399}
Key deleted: HKLM\Software\Classes\Interface\{6511CE4C-4722-40D0-AD3D-4AFA2F50978A}
Key deleted: HKLM\Software\Classes\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB}
Key deleted: HKLM\Software\Classes\Interface\{8F271B52-1E44-42D7-B316-BA23A0FD9DB4}
Key deleted: HKLM\Software\Classes\Interface\{9BEC9B38-BF39-4899-806E-A1C5DFEB60A2}
Key deleted: HKLM\Software\Classes\Interface\{AEBF09E2-0C15-43C8-99BF-928C645D98A0}
Key deleted: HKLM\Software\Classes\Interface\{B86D82BF-D39F-439A-A07C-43EDDC6F6EA6}
Key deleted: HKLM\Software\Classes\Interface\{D4E856E7-C034-49BA-BFEF-B785F3CBD7BA}
Key deleted: HKLM\Software\Classes\Interface\{D8560AC2-21B5-4C1A-BDD4-BD12BC83B082}
Key deleted: HKLM\Software\Classes\Interface\{DA6305B9-0869-4235-8C1D-533A65E639E5}
Key deleted: HKLM\Software\Classes\Interface\{DB7A9C36-6C85-48BE-BA8D-151B6B144BE0}
Key deleted: HKLM\Software\Classes\Interface\{E25DA6D6-C365-46CF-ABAF-DC5893135D7A}
Key deleted: HKLM\Software\Classes\Interface\{E6961C59-CFCE-4CCD-B794-BC78DB98413A}
Key deleted: HKLM\Software\Classes\Interface\{F77F3DFC-F5DC-4316-AB50-B50B16F2BEF4}
Key deleted: HKLM\Software\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Key deleted: HKLM\Software\Classes\TypeLib\{573F4ABB-A1A2-44ED-9BA9-A8DAD40AAC46}
Key deleted: HKLM\Software\Classes\TypeLib\{5FE0CEAE-CB69-40AF-A323-40F94257DACB}
Key deleted: HKLM\Software\Classes\TypeLib\{63AF3145-D2DC-4F1D-BB3A-3AAD9FEC3430}
Key deleted: HKLM\Software\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
Key deleted: HKLM\Software\Classes\TypeLib\{ACC62306-9A63-4864-BD2F-C8825D2D7EA6}
Key deleted: HKLM\Software\Classes\TypeLib\{CDCA70D8-C6A6-49EE-9BED-7429D6C477A2}
Key deleted: HKLM\Software\Classes\TypeLib\{D136987F-E1C4-4CCC-A220-893DF03EC5DF}
Key deleted: HKLM\Software\Classes\TypeLib\{D530F69A-EB2D-4EC6-BD37-E123AEFCA011}
Key deleted: HKLM\Software\Classes\TypeLib\{E343EDFC-1E6C-4CB5-AA29-E9C922641C80}
Key deleted: HKLM\Software\Classes\TypeLib\{F1A1892C-2A6C-4817-98B4-FF81443CBA20}
Key deleted: HKLM\Software\Classes\TypeLib\{F5BCBC2A-E8F6-4A47-BBCB-61713EA03787}
Key deleted: HKLM\Software\Classes\BandooCore.BandooCore
Key deleted: HKLM\Software\Classes\BandooCore.BandooCore.1
Key deleted: HKLM\Software\Classes\BandooCore.ResourcesMngr
Key deleted: HKLM\Software\Classes\BandooCore.ResourcesMngr.1
Key deleted: HKLM\Software\Classes\BandooCore.SettingsMngr
Key deleted: HKLM\Software\Classes\BandooCore.SettingsMngr.1
Key deleted: HKLM\Software\Classes\BandooCore.StatisticMngr
Key deleted: HKLM\Software\Classes\BandooCore.StatisticMngr.1
Key deleted: HKLM\Software\Classes\Conduit.Engine
Key deleted: HKLM\Software\Classes\Crazyloader.Spointer
Key deleted: HKLM\Software\Classes\Crazyloader.Spointer.1
Key deleted: HKLM\Software\Classes\Crazyloader.SpointerCtrl
Key deleted: HKLM\Software\Classes\Crazyloader.SpointerCtrl.1
Key deleted: HKLM\Software\Classes\Crazyloader.SpointerWebDisp
Key deleted: HKLM\Software\Classes\Crazyloader.SpointerWebDisp.1
Key deleted: HKLM\Software\Classes\ShopperReports.AsyncReporter
Key deleted: HKLM\Software\Classes\ShopperReports.AsyncReporter.1
Key deleted: HKLM\Software\Classes\ShopperReports.Dwnldr
Key deleted: HKLM\Software\Classes\ShopperReports.Dwnldr.1
Key deleted: HKLM\Software\Classes\ShopperReports.HbAx
Key deleted: HKLM\Software\Classes\ShopperReports.HbAx.1
Key deleted: HKLM\Software\Classes\ShopperReports.HbGuru
Key deleted: HKLM\Software\Classes\ShopperReports.HbGuru.1
Key deleted: HKLM\Software\Classes\ShopperReports.HbInfoBand
Key deleted: HKLM\Software\Classes\ShopperReports.HbInfoBand.1
Key deleted: HKLM\Software\Classes\ShopperReports.IEButton
Key deleted: HKLM\Software\Classes\ShopperReports.IEButton.1
Key deleted: HKLM\Software\Classes\ShopperReports.IEButtonA
Key deleted: HKLM\Software\Classes\ShopperReports.IEButtonA.1
Key deleted: HKLM\Software\Classes\ShopperReports.MozillaNvgtnTrpr
Key deleted: HKLM\Software\Classes\ShopperReports.MozillaNvgtnTrpr.1
Key deleted: HKLM\Software\Classes\ShopperReports.MozillaPSExecuter
Key deleted: HKLM\Software\Classes\ShopperReports.MozillaPSExecuter.1
Key deleted: HKLM\Software\Classes\ShopperReports.ReportData
Key deleted: HKLM\Software\Classes\ShopperReports.ReportData.1
Key deleted: HKLM\Software\Classes\ShopperReports.Reporter
Key deleted: HKLM\Software\Classes\ShopperReports.Reporter.1
Key deleted: HKLM\Software\Classes\ShopperReports.RprtCtrl
Key deleted: HKLM\Software\Classes\ShopperReports.RprtCtrl.1
Key deleted: HKLM\Software\Classes\ShopperReports.Scopes
Key deleted: HKLM\Software\Classes\ShopperReports.Scopes.1
Key deleted: HKLM\Software\Classes\ShopperReports.Stock
Key deleted: HKLM\Software\Classes\ShopperReports.Stock.1
Key deleted: HKLM\Software\Classes\ShopperReports.TriggerImmidiate
Key deleted: HKLM\Software\Classes\ShopperReports.TriggerImmidiate.1
Key deleted: HKLM\Software\Classes\ShopperReports.TriggerImmidiateOrRandomTS
Key deleted: HKLM\Software\Classes\ShopperReports.TriggerImmidiateOrRandomTS.1
Key deleted: HKLM\Software\Classes\ShopperReports.TriggerOnceInDay
Key deleted: HKLM\Software\Classes\ShopperReports.TriggerOnceInDay.1
Key deleted: HKLM\Software\Classes\Toolbar.CT2504091
Key deleted: HKLM\Software\Classes\Toolbar.CT2542115
Key deleted: HKLM\Software\Classes\Toolbar.CT2786678
Key deleted: HKLM\Software\Classes\AppID\BandooCore.EXE
Key deleted: HKLM\Software\Classes\AppID\BRNstIE.DLL
Key deleted: HKLM\Software\Classes\AppID\CmndFF.DLL
Key deleted: HKLM\Software\Classes\AppID\mozillaps.dll
Key deleted: HKLM\Software\Classes\AppID\Pltfrm.DLL
Key deleted: HKLM\Software\bandoo
Key deleted: HKLM\Software\Conduit
Key deleted: HKLM\Software\conduitEngine
Key deleted: HKLM\Software\ShopperReports3
Key deleted: HKCU\Software\Conduit
Key deleted: HKCU\Software\DataMngr
Key deleted: HKCU\Software\ShopperReports3
Key deleted: HKCU\Software\Spointer
Key deleted: HKCU\Software\AppDataLow\Toolbar
Key deleted: HKCU\Software\AppDataLow\Software\Conduit
Key deleted: HKCU\Software\AppDataLow\Software\conduitEngine
Key deleted: HKCU\Software\AppDataLow\Software\PriceGong
Key deleted: HKCU\Software\AppDataLow\Software\ShopperReports3
Key deleted: HKLM\Software\aMSN\OpenCandy
Key deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{273FFDDC-002C-4DE4-AE97-043454C543EB}
Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC}
Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12}
Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}
Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DBA4B812-2415-4000-AFCB-56F53E668DC5}
Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4fde-B055-AE7B0F4CF080}
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ShopperReportsSA
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
Key deleted: HKLM\Software\Google\Chrome\Extensions\fikmanfpkongnopggnndbikhhicdpfka
Key deleted: HKLM\Software\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2}
Key deleted: HKLM\Software\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3}
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{89F88394-3828-4D03-A0CF-8203604C3DA6}
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4233F04-1789-483C-A137-731E8F113DD5}
Value deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|ShopperReports 3.1.69.0
Value deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|SRS_IT_E879077EB776555235A899
Value deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|ShopperReports 3.2.7.0
Value deleted: HKLM\Software\Mozilla\Firefox\Extensions|crazyloader@spointer.com
Value deleted: HKLM\Software\Mozilla\Firefox\Extensions|ShopperReports@ShopperReports.com
Value deleted: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D}
Value deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{30F9B915-B755-4826-820B-08FBA6BD249D}
============== ADDITIONNAL SCAN ==============
**** Mozilla Firefox Version [6.0.1 (fr)] ****
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Searchplugins\SearchResults.xml ( hxxp://dts.search-results.com/sr?src=ffb&appid=102&systemid=406&q={searchTerms}/)
Searchplugins\vmndtxtb3.xml (hxxp://www.mystart.com/search_w.php)
Components\browsercomps.dll (Mozilla Foundation)
Extensions\{F0E1168A-B4B5-484C-B77E-0D28E6B64096} (QuestScan)
HKLM_Extensions|web2pdfextension@web2pdf.adobedotcom - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
HKCU_Extensions|hideip@hide-ip-soft.com - C:\Windows\vf_hip\
-- C:\Users\user\AppData\Roaming\Mozilla\FireFox\Profiles\7kxu2wis.default --
Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} (Greasemonkey)
Searchplugins\icqplugin-4.xml (?)
Searchplugins\icqplugin-5.xml (?)
Searchplugins\icqplugin.xml (?)
Prefs.js - browser.search.defaultenginename, ICQ Search
Prefs.js - browser.search.defaulturl, hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.9&q=
Prefs.js - browser.search.selectedEngine, Google
Prefs.js - browser.startup.homepage, hxxp://www.google.com
Prefs.js - browser.startup.homepage_override.buildID, 20110830092941
Prefs.js - browser.startup.homepage_override.mstone, rv:6.0.1
========================================
**** Internet Explorer Version [8.0.7600.16385] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{ba14329e-9550-4989-b3f2-9732e92d17cc} - "Vuze Remote Toolbar" (C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll)
HKCU_URLSearchHooks|{4daac69c-cba7-45e2-9bc8-1044483d3352} - "Softonic_France Toolbar" (C:\Program Files (x86)\Softonic_France\tbSoft.dll)
HKCU_URLSearchHooks|{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} (x)
HKLM_URLSearchHooks|{855F3B16-6D32-4fe6-8A56-BBB695989046} (x)
HKLM_URLSearchHooks|{4daac69c-cba7-45e2-9bc8-1044483d3352} - "Softonic_France Toolbar" (C:\Program Files (x86)\Softonic_France\tbSoft.dll)
HKLM_URLSearchHooks|{ba14329e-9550-4989-b3f2-9732e92d17cc} - "Vuze Remote Toolbar" (C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll)
HKCU_SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19} - "ICQ Search" (hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd)
HKCU_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} - "Search Results" (hxxp://dts.search-results.com/sr?src=ieb&appid=102&systemid=406&q={searchTerms})
HKCU_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "?" (?)
HKLM_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} - "Search Results" (hxxp://dts.search-results.com/sr?src=ieb&appid=102&systemid=406&q={searchTerms})
HKCU_Toolbar\WebBrowser|{BA14329E-9550-4989-B3F2-9732E92D17CC} (C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll)
HKCU_Toolbar\WebBrowser|{4DAAC69C-CBA7-45E2-9BC8-1044483D3352} (C:\Program Files (x86)\Softonic_France\tbSoft.dll)
HKCU_Toolbar\WebBrowser|{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} (x)
HKCU_Toolbar\WebBrowser|{47833539-D0C5-4125-9FA8-0819E2EAAC93} (C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll)
HKLM_Toolbar|{4daac69c-cba7-45e2-9bc8-1044483d3352} (C:\Program Files (x86)\Softonic_France\tbSoft.dll)
HKLM_Toolbar|{47833539-D0C5-4125-9FA8-0819E2EAAC93} (C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll)
HKLM_Toolbar|{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} (C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll)
HKLM_Toolbar|{99079a25-328f-4bd4-be04-00955acaa0a7} (x)
HKLM_Toolbar|{ba14329e-9550-4989-b3f2-9732e92d17cc} (C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll)
HKLM_Toolbar|{8dcb7100-df86-4384-8842-8fa844297b3f} ("C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll") (x)
HKLM_ElevationPolicy\{3E749613-EA46-4552-8836-0DFE40D54775} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\dtUser.exe (x)
HKLM_ElevationPolicy\{6A7C9604-8A57-4B28-821B-BDEDF0E04788} - C:\Program Files\Microsoft Office\Office14\winproj.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{aa851425-0109-43f3-9ed2-7b7090125861} - C:\Program Files (x86)\Microsoft\BingBar\BingBar.exe (Microsoft Corporation.)
HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
HKLM_ElevationPolicy\{C1E54091-D5C3-4510-B41A-E4286EC5AB33} - C:\Users\user\AppData\Local\Conduit\CT2504091\Vuze_RemoteAutoUpdateHelper.exe (x)
HKLM_ElevationPolicy\{C2F19E74-1134-4116-B2C9-DC8B8817233E} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\dtUser.exe (x)
HKLM_ElevationPolicy\{C7EDB957-3EAA-4921-8140-0B70B9BBB35E} - C:\Program Files (x86)\Vuze_Remote\Vuze_RemoteToolbarHelper.exe (?)
HKCU_Extensions\{9885224C-1217-4c5f-83C2-00002E6CEF2B} - "NeoTrace It!" (C:\PROGRA~2\NEOTRA~1\ntx_cold.ico)
HKLM_Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F} - "Bluetooth'a Gönder" (C:\Program Files\WIDCOMM\Bluetooth Software\bt_cold_icon.ico)
BHO\{4daac69c-cba7-45e2-9bc8-1044483d3352} - "Softonic_France Toolbar" (C:\Program Files (x86)\Softonic_France\tbSoft.dll)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - "avast! WebRep" (C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll)
BHO\{ba14329e-9550-4989-b3f2-9732e92d17cc} - "Vuze Remote Toolbar" (C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll)
BHO\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "Bing Bar Helper" ("C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll") (x)
========================================
C:\Program Files (x86)\Ad-Remover\Quarantine: 517 File(s)
C:\Program Files (x86)\Ad-Remover\Backup: 14 File(s)
C:\Ad-Report-CLEAN[1].txt - 08/09/2011 13:45:36 (22374 Byte(s))
End at: 13:46:38, 08/09/2011
============== E.O.F ==============
Merci pour vos éclaircissements et votre aide.
Bonne journée
Apres avoir eu quelques soucis pour poster mon message précédent, je me permets de le remettre plus clairement ici.
Donc suite à de très gros doutes sur un espionnage de mes données personnelles par mon patron, j'ai donc fait un scan et un nettoyage par ad-remover. Le probleme est que je ne parviens pas a comprendre le rapport.
Avant tout, je tiens à préciser que:
- j'utilise un pc perso pour travailler professionnellement,
- je me connecte au net par wifi ou par fil,
- je ne travaille pas en France mais en Turquie,
- les lois locales contre la surveillance informatique sans accord préalable sont inexistantes et que de toute façon, les employeurs s'en moquent et font, à peu près, tout ce qu'ils veulent,
- l'espionnage dans mon entreprise est une donnée courante tant au niveau des actes professionnels que personnels....
Donc...
J'aimerais beaucoup avoir votre aide pour savoir....
======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 =======
Updated by TeamXscript on 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
website: http://www.teamxscript.org
C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 13:44:27 on 08/09/2011, Normal boot
Microsoft Windows 7 Home Basic (X64)
user@USER-BILGISAYAR (Dell Inc. Inspiron N5010)
============== ACTION(S) ==============
Folder deleted: C:\Users\user\AppData\Roaming\Mozilla\FireFox\Profiles\7kxu2wis.default\conduit
Folder deleted: C:\Users\user\AppData\Roaming\Mozilla\FireFox\Profiles\7kxu2wis.default\ConduitEngine
Folder deleted: C:\Users\user\AppData\Roaming\Mozilla\FireFox\Profiles\7kxu2wis.default\extensions\engine@conduit.com
Folder deleted: C:\Users\user\AppData\Local\Conduit
Folder deleted: C:\Users\user\AppData\LocalLow\Conduit
Folder deleted: C:\Program Files (x86)\Conduit
Folder deleted: C:\Users\user\AppData\LocalLow\ConduitEngine
Folder deleted: C:\Program Files (x86)\ConduitEngine
Folder deleted: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CrazyLoader
Folder deleted: C:\Program Files (x86)\CrazyLoader
Folder deleted: C:\Users\user\AppData\Local\OpenCandy
Folder deleted: C:\Users\user\AppData\LocalLow\PriceGong
Folder deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports
Folder deleted: C:\Users\user\AppData\Roaming\ShopperReports3
Folder deleted: C:\Users\user\AppData\LocalLow\ShopperReports3
Folder deleted: C:\Program Files (x86)\ShopperReports3
(!) -- Temporary files deleted.
-- File opened: C:\Users\user\AppData\Roaming\Mozilla\FireFox\Profiles\7kxu2wis.default\Prefs.js --
/!\ Unable to open the file, cleaning interrupted /!\
-- File closed --
Key deleted: HKLM\Software\Classes\CLSID\{09325003-167C-483d-A4BA-8B3122ABB432}
Key deleted: HKLM\Software\Classes\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227}
Key deleted: HKLM\Software\Classes\CLSID\{100EB1FD-D03E-47fd-81F3-EE91287F9465}
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100EB1FD-D03E-47fd-81F3-EE91287F9465}
Key deleted: HKLM\Software\Classes\CLSID\{20EA9658-6BC3-4599-A87D-6371FE9295FC}
Key deleted: HKLM\Software\Classes\CLSID\{2721A8E5-BFDB-4562-9912-9E0531CA616C}
Key deleted: HKLM\Software\Classes\AppID\{7025E484-D4B0-441a-9F0B-69063BD679CE}
Key deleted: HKLM\Software\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
Key deleted: HKLM\Software\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Key deleted: HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key deleted: HKLM\Software\Classes\CLSID\{396CFC12-932D-496b-A0A8-5D7201E105E1}
Key deleted: HKLM\Software\Classes\AppID\{A89256AD-EC17-4a83-BEF5-4B8BC4F39306}
Key deleted: HKLM\Software\Classes\CLSID\{6DD76B7B-6423-4df0-9A07-84A6CAD973A0}
Key deleted: HKLM\Software\Classes\CLSID\{6DF77AA3-27AF-46f2-A1DA-B569AC6BEEFF}
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6DF77AA3-27AF-46f2-A1DA-B569AC6BEEFF}
Key deleted: HKLM\Software\Classes\CLSID\{6F6C45E4-E231-4F0F-8CD8-AA5770303EAA}
Key deleted: HKLM\Software\Classes\Interface\{6F6C45E4-E231-4F0F-8CD8-AA5770303EAA}
Key deleted: HKLM\Software\Classes\CLSID\{74C22317-5B90-471f-9AD2-FEC049870A16}
Key deleted: HKLM\Software\Classes\CLSID\{7F6CFB6A-9227-4bb8-B941-F2B067E76F51}
Key deleted: HKLM\Software\Classes\CLSID\{86429515-0E67-40F2-999B-0C4BFD785ACE}
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{86429515-0E67-40F2-999B-0C4BFD785ACE}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{86429515-0E67-40F2-999B-0C4BFD785ACE}
Key deleted: HKLM\Software\Classes\CLSID\{86460CE5-46A0-4543-B8FE-2D2AE182A2FE}
Key deleted: HKLM\Software\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079a25-328f-4bd4-be04-00955acaa0a7}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079a25-328f-4bd4-be04-00955acaa0a7}
Key deleted: HKLM\Software\Classes\CLSID\{A16AD1E9-F69A-45af-9462-B1C286708842}
Key deleted: HKLM\Software\Classes\CLSID\{A1755B14-2AFA-42a6-97C3-AA81B4482B71}
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1755B14-2AFA-42a6-97C3-AA81B4482B71}
Key deleted: HKLM\Software\Classes\CLSID\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE}
Key deleted: HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE}
Key deleted: HKLM\Software\Classes\CLSID\{AB0EE208-DF60-4fa7-A617-C4269760033E}
Key deleted: HKLM\Software\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
Key deleted: HKLM\Software\Classes\CLSID\{B63808A8-641E-4201-BFF7-4ADBC6F42FA4}
Key deleted: HKLM\Software\Classes\AppID\{8258B35C-05B8-4c0e-9525-9BCCC70F8F2D}
Key deleted: HKLM\Software\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
Key deleted: HKLM\Software\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
Key deleted: HKLM\Software\Classes\CLSID\{C5F65718-341D-4e7d-9842-FCB9CC89527E}
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C5F65718-341D-4e7d-9842-FCB9CC89527E}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C5F65718-341D-4e7d-9842-FCB9CC89527E}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5F65718-341D-4e7d-9842-FCB9CC89527E}
Key deleted: HKLM\Software\Classes\CLSID\{C9CCBB35-D123-4a31-AFFC-9B2933132116}
Key deleted: HKLM\Software\Classes\CLSID\{CB1CC8F5-D23C-400F-8472-F6AEFEDE4768}
Key deleted: HKLM\Software\Classes\Interface\{CB1CC8F5-D23C-400F-8472-F6AEFEDE4768}
Key deleted: HKLM\Software\Classes\CLSID\{E12AEAB6-7D12-4c07-8E36-5892EFB4DAFB}
Key deleted: HKLM\Software\Classes\CLSID\{E2F2C137-A782-4fb5-81AF-086156F5EB0A}
Key deleted: HKLM\Software\Classes\CLSID\{F1D06C9F-51F0-4476-BEDE-5DDF91BE304E}
Key deleted: HKLM\Software\Classes\CLSID\{f379a94e-3c5d-4bad-b32c-0e3af1cc3617}
Key deleted: HKLM\Software\Classes\CLSID\{F3A32DF2-7413-4fb1-B575-1AC920A17B76}
Key deleted: HKLM\Software\Classes\Interface\{21BA420E-161C-413A-B21E-4E42AE1F4226}
Key deleted: HKLM\Software\Classes\Interface\{453DB0C5-F41C-4D97-8DD6-CC72ECD5F699}
Key deleted: HKLM\Software\Classes\Interface\{471E3998-588E-41D5-A874-FA11C44B70DE}
Key deleted: HKLM\Software\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Key deleted: HKLM\Software\Classes\Interface\{4AFC07D0-59BB-46B8-B097-1A46E88EEF71}
Key deleted: HKLM\Software\Classes\Interface\{4F309FEB-422A-4808-91D0-71DFACCCA399}
Key deleted: HKLM\Software\Classes\Interface\{6511CE4C-4722-40D0-AD3D-4AFA2F50978A}
Key deleted: HKLM\Software\Classes\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB}
Key deleted: HKLM\Software\Classes\Interface\{8F271B52-1E44-42D7-B316-BA23A0FD9DB4}
Key deleted: HKLM\Software\Classes\Interface\{9BEC9B38-BF39-4899-806E-A1C5DFEB60A2}
Key deleted: HKLM\Software\Classes\Interface\{AEBF09E2-0C15-43C8-99BF-928C645D98A0}
Key deleted: HKLM\Software\Classes\Interface\{B86D82BF-D39F-439A-A07C-43EDDC6F6EA6}
Key deleted: HKLM\Software\Classes\Interface\{D4E856E7-C034-49BA-BFEF-B785F3CBD7BA}
Key deleted: HKLM\Software\Classes\Interface\{D8560AC2-21B5-4C1A-BDD4-BD12BC83B082}
Key deleted: HKLM\Software\Classes\Interface\{DA6305B9-0869-4235-8C1D-533A65E639E5}
Key deleted: HKLM\Software\Classes\Interface\{DB7A9C36-6C85-48BE-BA8D-151B6B144BE0}
Key deleted: HKLM\Software\Classes\Interface\{E25DA6D6-C365-46CF-ABAF-DC5893135D7A}
Key deleted: HKLM\Software\Classes\Interface\{E6961C59-CFCE-4CCD-B794-BC78DB98413A}
Key deleted: HKLM\Software\Classes\Interface\{F77F3DFC-F5DC-4316-AB50-B50B16F2BEF4}
Key deleted: HKLM\Software\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Key deleted: HKLM\Software\Classes\TypeLib\{573F4ABB-A1A2-44ED-9BA9-A8DAD40AAC46}
Key deleted: HKLM\Software\Classes\TypeLib\{5FE0CEAE-CB69-40AF-A323-40F94257DACB}
Key deleted: HKLM\Software\Classes\TypeLib\{63AF3145-D2DC-4F1D-BB3A-3AAD9FEC3430}
Key deleted: HKLM\Software\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
Key deleted: HKLM\Software\Classes\TypeLib\{ACC62306-9A63-4864-BD2F-C8825D2D7EA6}
Key deleted: HKLM\Software\Classes\TypeLib\{CDCA70D8-C6A6-49EE-9BED-7429D6C477A2}
Key deleted: HKLM\Software\Classes\TypeLib\{D136987F-E1C4-4CCC-A220-893DF03EC5DF}
Key deleted: HKLM\Software\Classes\TypeLib\{D530F69A-EB2D-4EC6-BD37-E123AEFCA011}
Key deleted: HKLM\Software\Classes\TypeLib\{E343EDFC-1E6C-4CB5-AA29-E9C922641C80}
Key deleted: HKLM\Software\Classes\TypeLib\{F1A1892C-2A6C-4817-98B4-FF81443CBA20}
Key deleted: HKLM\Software\Classes\TypeLib\{F5BCBC2A-E8F6-4A47-BBCB-61713EA03787}
Key deleted: HKLM\Software\Classes\BandooCore.BandooCore
Key deleted: HKLM\Software\Classes\BandooCore.BandooCore.1
Key deleted: HKLM\Software\Classes\BandooCore.ResourcesMngr
Key deleted: HKLM\Software\Classes\BandooCore.ResourcesMngr.1
Key deleted: HKLM\Software\Classes\BandooCore.SettingsMngr
Key deleted: HKLM\Software\Classes\BandooCore.SettingsMngr.1
Key deleted: HKLM\Software\Classes\BandooCore.StatisticMngr
Key deleted: HKLM\Software\Classes\BandooCore.StatisticMngr.1
Key deleted: HKLM\Software\Classes\Conduit.Engine
Key deleted: HKLM\Software\Classes\Crazyloader.Spointer
Key deleted: HKLM\Software\Classes\Crazyloader.Spointer.1
Key deleted: HKLM\Software\Classes\Crazyloader.SpointerCtrl
Key deleted: HKLM\Software\Classes\Crazyloader.SpointerCtrl.1
Key deleted: HKLM\Software\Classes\Crazyloader.SpointerWebDisp
Key deleted: HKLM\Software\Classes\Crazyloader.SpointerWebDisp.1
Key deleted: HKLM\Software\Classes\ShopperReports.AsyncReporter
Key deleted: HKLM\Software\Classes\ShopperReports.AsyncReporter.1
Key deleted: HKLM\Software\Classes\ShopperReports.Dwnldr
Key deleted: HKLM\Software\Classes\ShopperReports.Dwnldr.1
Key deleted: HKLM\Software\Classes\ShopperReports.HbAx
Key deleted: HKLM\Software\Classes\ShopperReports.HbAx.1
Key deleted: HKLM\Software\Classes\ShopperReports.HbGuru
Key deleted: HKLM\Software\Classes\ShopperReports.HbGuru.1
Key deleted: HKLM\Software\Classes\ShopperReports.HbInfoBand
Key deleted: HKLM\Software\Classes\ShopperReports.HbInfoBand.1
Key deleted: HKLM\Software\Classes\ShopperReports.IEButton
Key deleted: HKLM\Software\Classes\ShopperReports.IEButton.1
Key deleted: HKLM\Software\Classes\ShopperReports.IEButtonA
Key deleted: HKLM\Software\Classes\ShopperReports.IEButtonA.1
Key deleted: HKLM\Software\Classes\ShopperReports.MozillaNvgtnTrpr
Key deleted: HKLM\Software\Classes\ShopperReports.MozillaNvgtnTrpr.1
Key deleted: HKLM\Software\Classes\ShopperReports.MozillaPSExecuter
Key deleted: HKLM\Software\Classes\ShopperReports.MozillaPSExecuter.1
Key deleted: HKLM\Software\Classes\ShopperReports.ReportData
Key deleted: HKLM\Software\Classes\ShopperReports.ReportData.1
Key deleted: HKLM\Software\Classes\ShopperReports.Reporter
Key deleted: HKLM\Software\Classes\ShopperReports.Reporter.1
Key deleted: HKLM\Software\Classes\ShopperReports.RprtCtrl
Key deleted: HKLM\Software\Classes\ShopperReports.RprtCtrl.1
Key deleted: HKLM\Software\Classes\ShopperReports.Scopes
Key deleted: HKLM\Software\Classes\ShopperReports.Scopes.1
Key deleted: HKLM\Software\Classes\ShopperReports.Stock
Key deleted: HKLM\Software\Classes\ShopperReports.Stock.1
Key deleted: HKLM\Software\Classes\ShopperReports.TriggerImmidiate
Key deleted: HKLM\Software\Classes\ShopperReports.TriggerImmidiate.1
Key deleted: HKLM\Software\Classes\ShopperReports.TriggerImmidiateOrRandomTS
Key deleted: HKLM\Software\Classes\ShopperReports.TriggerImmidiateOrRandomTS.1
Key deleted: HKLM\Software\Classes\ShopperReports.TriggerOnceInDay
Key deleted: HKLM\Software\Classes\ShopperReports.TriggerOnceInDay.1
Key deleted: HKLM\Software\Classes\Toolbar.CT2504091
Key deleted: HKLM\Software\Classes\Toolbar.CT2542115
Key deleted: HKLM\Software\Classes\Toolbar.CT2786678
Key deleted: HKLM\Software\Classes\AppID\BandooCore.EXE
Key deleted: HKLM\Software\Classes\AppID\BRNstIE.DLL
Key deleted: HKLM\Software\Classes\AppID\CmndFF.DLL
Key deleted: HKLM\Software\Classes\AppID\mozillaps.dll
Key deleted: HKLM\Software\Classes\AppID\Pltfrm.DLL
Key deleted: HKLM\Software\bandoo
Key deleted: HKLM\Software\Conduit
Key deleted: HKLM\Software\conduitEngine
Key deleted: HKLM\Software\ShopperReports3
Key deleted: HKCU\Software\Conduit
Key deleted: HKCU\Software\DataMngr
Key deleted: HKCU\Software\ShopperReports3
Key deleted: HKCU\Software\Spointer
Key deleted: HKCU\Software\AppDataLow\Toolbar
Key deleted: HKCU\Software\AppDataLow\Software\Conduit
Key deleted: HKCU\Software\AppDataLow\Software\conduitEngine
Key deleted: HKCU\Software\AppDataLow\Software\PriceGong
Key deleted: HKCU\Software\AppDataLow\Software\ShopperReports3
Key deleted: HKLM\Software\aMSN\OpenCandy
Key deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{273FFDDC-002C-4DE4-AE97-043454C543EB}
Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC}
Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12}
Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}
Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DBA4B812-2415-4000-AFCB-56F53E668DC5}
Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4fde-B055-AE7B0F4CF080}
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ShopperReportsSA
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
Key deleted: HKLM\Software\Google\Chrome\Extensions\fikmanfpkongnopggnndbikhhicdpfka
Key deleted: HKLM\Software\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2}
Key deleted: HKLM\Software\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3}
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{89F88394-3828-4D03-A0CF-8203604C3DA6}
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4233F04-1789-483C-A137-731E8F113DD5}
Value deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|ShopperReports 3.1.69.0
Value deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|SRS_IT_E879077EB776555235A899
Value deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|ShopperReports 3.2.7.0
Value deleted: HKLM\Software\Mozilla\Firefox\Extensions|crazyloader@spointer.com
Value deleted: HKLM\Software\Mozilla\Firefox\Extensions|ShopperReports@ShopperReports.com
Value deleted: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D}
Value deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{30F9B915-B755-4826-820B-08FBA6BD249D}
============== ADDITIONNAL SCAN ==============
**** Mozilla Firefox Version [6.0.1 (fr)] ****
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Searchplugins\SearchResults.xml ( hxxp://dts.search-results.com/sr?src=ffb&appid=102&systemid=406&q={searchTerms}/)
Searchplugins\vmndtxtb3.xml (hxxp://www.mystart.com/search_w.php)
Components\browsercomps.dll (Mozilla Foundation)
Extensions\{F0E1168A-B4B5-484C-B77E-0D28E6B64096} (QuestScan)
HKLM_Extensions|web2pdfextension@web2pdf.adobedotcom - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
HKCU_Extensions|hideip@hide-ip-soft.com - C:\Windows\vf_hip\
-- C:\Users\user\AppData\Roaming\Mozilla\FireFox\Profiles\7kxu2wis.default --
Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} (Greasemonkey)
Searchplugins\icqplugin-4.xml (?)
Searchplugins\icqplugin-5.xml (?)
Searchplugins\icqplugin.xml (?)
Prefs.js - browser.search.defaultenginename, ICQ Search
Prefs.js - browser.search.defaulturl, hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.9&q=
Prefs.js - browser.search.selectedEngine, Google
Prefs.js - browser.startup.homepage, hxxp://www.google.com
Prefs.js - browser.startup.homepage_override.buildID, 20110830092941
Prefs.js - browser.startup.homepage_override.mstone, rv:6.0.1
========================================
**** Internet Explorer Version [8.0.7600.16385] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{ba14329e-9550-4989-b3f2-9732e92d17cc} - "Vuze Remote Toolbar" (C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll)
HKCU_URLSearchHooks|{4daac69c-cba7-45e2-9bc8-1044483d3352} - "Softonic_France Toolbar" (C:\Program Files (x86)\Softonic_France\tbSoft.dll)
HKCU_URLSearchHooks|{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} (x)
HKLM_URLSearchHooks|{855F3B16-6D32-4fe6-8A56-BBB695989046} (x)
HKLM_URLSearchHooks|{4daac69c-cba7-45e2-9bc8-1044483d3352} - "Softonic_France Toolbar" (C:\Program Files (x86)\Softonic_France\tbSoft.dll)
HKLM_URLSearchHooks|{ba14329e-9550-4989-b3f2-9732e92d17cc} - "Vuze Remote Toolbar" (C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll)
HKCU_SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19} - "ICQ Search" (hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd)
HKCU_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} - "Search Results" (hxxp://dts.search-results.com/sr?src=ieb&appid=102&systemid=406&q={searchTerms})
HKCU_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "?" (?)
HKLM_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} - "Search Results" (hxxp://dts.search-results.com/sr?src=ieb&appid=102&systemid=406&q={searchTerms})
HKCU_Toolbar\WebBrowser|{BA14329E-9550-4989-B3F2-9732E92D17CC} (C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll)
HKCU_Toolbar\WebBrowser|{4DAAC69C-CBA7-45E2-9BC8-1044483D3352} (C:\Program Files (x86)\Softonic_France\tbSoft.dll)
HKCU_Toolbar\WebBrowser|{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} (x)
HKCU_Toolbar\WebBrowser|{47833539-D0C5-4125-9FA8-0819E2EAAC93} (C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll)
HKLM_Toolbar|{4daac69c-cba7-45e2-9bc8-1044483d3352} (C:\Program Files (x86)\Softonic_France\tbSoft.dll)
HKLM_Toolbar|{47833539-D0C5-4125-9FA8-0819E2EAAC93} (C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll)
HKLM_Toolbar|{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} (C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll)
HKLM_Toolbar|{99079a25-328f-4bd4-be04-00955acaa0a7} (x)
HKLM_Toolbar|{ba14329e-9550-4989-b3f2-9732e92d17cc} (C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll)
HKLM_Toolbar|{8dcb7100-df86-4384-8842-8fa844297b3f} ("C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll") (x)
HKLM_ElevationPolicy\{3E749613-EA46-4552-8836-0DFE40D54775} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\dtUser.exe (x)
HKLM_ElevationPolicy\{6A7C9604-8A57-4B28-821B-BDEDF0E04788} - C:\Program Files\Microsoft Office\Office14\winproj.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{aa851425-0109-43f3-9ed2-7b7090125861} - C:\Program Files (x86)\Microsoft\BingBar\BingBar.exe (Microsoft Corporation.)
HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
HKLM_ElevationPolicy\{C1E54091-D5C3-4510-B41A-E4286EC5AB33} - C:\Users\user\AppData\Local\Conduit\CT2504091\Vuze_RemoteAutoUpdateHelper.exe (x)
HKLM_ElevationPolicy\{C2F19E74-1134-4116-B2C9-DC8B8817233E} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\dtUser.exe (x)
HKLM_ElevationPolicy\{C7EDB957-3EAA-4921-8140-0B70B9BBB35E} - C:\Program Files (x86)\Vuze_Remote\Vuze_RemoteToolbarHelper.exe (?)
HKCU_Extensions\{9885224C-1217-4c5f-83C2-00002E6CEF2B} - "NeoTrace It!" (C:\PROGRA~2\NEOTRA~1\ntx_cold.ico)
HKLM_Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F} - "Bluetooth'a Gönder" (C:\Program Files\WIDCOMM\Bluetooth Software\bt_cold_icon.ico)
BHO\{4daac69c-cba7-45e2-9bc8-1044483d3352} - "Softonic_France Toolbar" (C:\Program Files (x86)\Softonic_France\tbSoft.dll)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - "avast! WebRep" (C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll)
BHO\{ba14329e-9550-4989-b3f2-9732e92d17cc} - "Vuze Remote Toolbar" (C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll)
BHO\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "Bing Bar Helper" ("C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll") (x)
========================================
C:\Program Files (x86)\Ad-Remover\Quarantine: 517 File(s)
C:\Program Files (x86)\Ad-Remover\Backup: 14 File(s)
C:\Ad-Report-CLEAN[1].txt - 08/09/2011 13:45:36 (22374 Byte(s))
End at: 13:46:38, 08/09/2011
============== E.O.F ==============
Merci pour vos éclaircissements et votre aide.
Bonne journée
A voir également:
- Espionnage et rapport Ad-remover
- Pdf watermark remover - Télécharger - PDF
- Ad remover - Télécharger - Antivirus & Antimalwares
- Plan rapport de stage - Guide
- Ad-aware gratuit - Télécharger - Sécurité
- Trojan remover - Télécharger - Antivirus & Antimalwares
2 réponses
salut selon ce rapport c'est toi qui cliques sur n'importe quoi ^^
Télécharge ici :OTL
▶ enregistre le sur ton Bureau.
si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."
sur OTL.exe pour le lancer.
▶ => Clique ici pour voir la Configuration
▶Clic sur Analyse.
A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).
Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)
▶▶▶ NE LE POSTE PAS SUR LE FORUM (il est trop long)
Pour me le transmettre clique sur ce lien : http://www.cijoint.fr/
▶ Clique sur Parcourir et cherche le fichier ci-dessus.
▶ Clique sur Ouvrir.
▶ Clique sur "Cliquez ici pour déposer le fichier".
juste au niveau du bouton , en fin de chargement du fichier , Un lien de cette forme apparaitra :
http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt
▶ Copie ce lien dans ta réponse.
▶▶ Tu feras la meme chose avec le "Extra.txt" qui logiquement sera aussi sur ton bureau.
Télécharge ici :OTL
▶ enregistre le sur ton Bureau.
si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."
sur OTL.exe pour le lancer.
▶ => Clique ici pour voir la Configuration
▶Clic sur Analyse.
A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).
Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)
▶▶▶ NE LE POSTE PAS SUR LE FORUM (il est trop long)
Pour me le transmettre clique sur ce lien : http://www.cijoint.fr/
▶ Clique sur Parcourir et cherche le fichier ci-dessus.
▶ Clique sur Ouvrir.
▶ Clique sur "Cliquez ici pour déposer le fichier".
juste au niveau du bouton , en fin de chargement du fichier , Un lien de cette forme apparaitra :
http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt
▶ Copie ce lien dans ta réponse.
▶▶ Tu feras la meme chose avec le "Extra.txt" qui logiquement sera aussi sur ton bureau.
Tu me dis que je cliques sur n'importe quoi et la tu me dis de charger un prog sans m'expliquer à quoi ça va servir... oups !
J'aimerais simplement avoir qq explications sur ad-remover, c'est tout et pas avoir un nouveau rapport !