======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 =======
Updated by TeamXscript on 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
website:
Vous devez être
connecté pour voir les liens.
C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [1]) -> Launched at 12:54:00 on 26/10/2011, Normal boot
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Nico@NICO-PC (System manufacturer System Product Name)
============== SEARCH ==============
File found: C:\Windows\SysWOW64\ConduitEngine.tmp
Folder found: C:\Users\Nico\AppData\Local\Conduit
Folder found: C:\Users\Nico\AppData\LocalLow\Conduit
Folder found: C:\Program Files (x86)\Conduit
Folder found: C:\Users\Nico\AppData\LocalLow\ConduitEngine
Folder found: C:\Program Files (x86)\ConduitEngine
-- File opened: C:\Users\Nico\AppData\Roaming\Mozilla\FireFox\Profiles\kg4yucai.default\Prefs.js --
Line found: user_pref("CT2851639.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT285...
Line found: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1243674/1239347/CA", "\"0\"...
Line found: user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2851639", ...
Line found: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo...
Line found: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc...
Line found: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo...
Line found: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local...
Line found: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\...
Line found: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5....
Line found: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6....
Line found: user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2851639",...
Line found: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2851639&octid=...
Line found: user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=fr", "\"634...
Line found: user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Nico\\AppData\\Roaming\\Mozilla\\Fi...
Line found: user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.6.0.10");
Line found: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://home.Zbani.com/en/get/");
Line found: user_pref("CommunityToolbar.ToolbarsList", "CT2851639");
Line found: user_pref("CommunityToolbar.ToolbarsList2", "CT2851639");
Line found: user_pref("CommunityToolbar.ToolbarsList4", "CT2851639");
Line found: user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Mon Oct 03 2011 13:21:09 GMT-0400");
Line found: user_pref("CommunityToolbar.globalUserId", "44975263-c803-43eb-91d0-07700af78f7c");
Line found: user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Line found: user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Line found: user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon Oct 03 2011 13:21:1...
Line found: user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Line found: user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Mon Oct 03 2011 13:21:18 GMT-040...
Line found: user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line found: user_pref("CommunityToolbar.notifications.locale", "en");
Line found: user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Line found: user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Mon Oct 03 2011 13:21:10 GMT-0400");
Line found: user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Line found: user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Line found: user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line found: user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Line found: user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Line found: user_pref("CommunityToolbar.notifications.userId", "2faff6b6-b8b0-47a1-9e10-a0d311b616cd");
-- File closed --
Key found: HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key found: HKLM\Software\Classes\CLSID\{AC6240AE-33B6-40D3-8683-31BBE86049A0}
Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC6240AE-33B6-40D3-8683-31BBE86049A0}
Key found: HKLM\Software\Classes\Conduit.Engine
Key found: HKLM\Software\Classes\Toolbar.CT2851639
Key found: HKLM\Software\Conduit
Key found: HKLM\Software\conduitEngine
Key found: HKCU\Software\AppDataLow\Toolbar
Key found: HKCU\Software\AppDataLow\Software\Conduit
Key found: HKCU\Software\AppDataLow\Software\conduitEngine
Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Key found: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9F397B84-F03A-4AD4-AA22-63443B5A7082}
Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Value found: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D}
============== ADDITIONNAL SCAN ==============
**** Mozilla Firefox Version [6.0 (fr)] ****
HKLM_MozillaPlugins\@esn.me/esnsonar,version=0.70.0 (x)
HKLM_MozillaPlugins\@esn.me/esnsonar,version=0.70.3 (x)
HKLM_MozillaPlugins\@esn/esnlaunch,version=1.96.0 (x)
HKLM_MozillaPlugins\@nvidia.com/3DVision (x)
HKLM_MozillaPlugins\@nvidia.com/3DVisionStreaming (x)
HKLM_MozillaPlugins\@pandonetworks.com/PandoWebPlugin (x)
HKLM_MozillaPlugins\Adobe Reader (x)
HKCU_MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin (x)
HKCU_MozillaPlugins\pandonetworks.com/PandoWebPlugin (x)
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Components\browsercomps.dll (Mozilla Foundation)
Extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} (Skype Click to Call)
HKLM_Extensions|{1E73965B-8B48-48be-9C8D-68B920ABC1C4} - C:\Program Files (x86)\AVG\AVG10\Firefox4\
HKLM_Extensions|{23fcfd51-4958-4f00-80a3-ae97e717ed8b} - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
HKLM_Extensions|{6904342A-8307-11DF-A508-4AE2DFD72085} - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
HKLM_Extensions|{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
-- C:\Users\Nico\AppData\Roaming\Mozilla\FireFox\Profiles\kg4yucai.default --
Extensions\admin@zbani.com (Zbani Toolbar)
Extensions\staged (?)
Extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} (uTorrentBar_FR Community Toolbar)
Prefs.js - browser.search.defaultenginename, Zbani
Prefs.js - browser.search.defaulturl, home.Zbani.com/en/get/
Prefs.js - browser.search.selectedEngine, Google
Prefs.js - browser.startup.homepage, hxxp://roxit.ca
Prefs.js - browser.startup.homepage_override.buildID, 20110811165603
Prefs.js - browser.startup.homepage_override.mstone, rv:6.0
Prefs.js - keyword.URL, hxxp://home.Zbani.com/en/get/
========================================
**** Google Chrome Version [14.0.835.202] ****
Extension\fnjbmmemklcjgepojigaapkoodmkgbae (C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx) (?)
Extension\jfmjfhklogoienhpfnppmbcbjfjnkonk (C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx) (?)
Extension\jmfkcklnlgedgbglfkkgedjfmejoahla (C:\Program Files (x86)\AVG\AVG10\Chrome\safesearch.crx) (?)
Extension\lifbcibllhkdhoafpjfnlhfpfgnpldfl (C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx) (?)
Extension\nneajnkjbffgblleaoojgaacokifdkhm (C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx) (?)
Extension\paoponfhfdfnjgddpnpjkambkcgdaaib (C:\Users\Nico\AppData\Local\Temp\crx86FD.tmp) (?)
-- C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default --
Preferences - default_search_provider: "Google" (Enabled: true) (hxxp://www.google.com/search?q={searchTerms})
Preferences - homepage: hxxp://google.com/
Preferences - homepage_is_newtabpage: true
Plugin - Remoting Viewer (Enabled: true) (internal-remoting-viewer) (x)
Plugin - Native Client (Enabled: true) (C:\Users\Nico\AppData\Local\Google\Chrome\Application\14.0.835.202\ppGoogleNaClPluginChrome.dll)
Plugin - Battlefield Play4Free Updater (Enabled: true) (C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.53.2_0\npBP4FUpdater.dll)
Plugin - Battlefield Play4Free Updater (Enabled: true) (C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.53.2_0\BP4FUpdater.exe)
Plugin - AVG Internet Security (Enabled: true) (C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll)
Plugin - Skype Toolbars (Enabled: true) (C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.5.0.8013_0\npSkypeChromePlugin.dll) (x)
Plugin - DivX VOD Helper Plug-in (Enabled: true) (C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll)
Plugin - NVIDIA 3D Vision (Enabled: true) (C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll)
Plugin - NVIDIA 3D VISION (Enabled: true) (C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll)
Plugin - Pando Web Plugin (Enabled: true) (C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll)
Plugin - RealJukebox NS Plugin (Enabled: true) (C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll)
Plugin - Facebook Video Calling Plugin (Enabled: true) (C:\Users\Nico\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll)
Plugin - "Java" (Enabled: true)
Plugin - "Silverlight" (Enabled: true)
Plugin - "DivX Player" (Enabled: true)
Plugin - "Remoting Viewer" (Enabled: true)
Plugin - "Native Client" (Enabled: true)
Plugin - "Battlefield Play4Free Updater" (Enabled: true)
Plugin - "AVG Internet Security" (Enabled: true)
Plugin - "Skype Toolbars" (Enabled: true)
Plugin - "DivX VOD Helper Plug-in" (Enabled: true)
Plugin - "NVIDIA 3D Vision" (Enabled: true)
Plugin - "NVIDIA 3D VISION" (Enabled: true)
Plugin - "Pando Web Plugin" (Enabled: true)
Plugin - "RealJukebox NS Plugin" (Enabled: true)
Plugin - "Facebook Video Calling Plugin" (Enabled: true)
========================================
**** Internet Explorer Version [9.0.8112.16421] ****
HKCU_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKCU_Main|Start Page - hxxp://home.zbani.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Start Page - hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKCU_URLSearchHooks|{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - "SearchHook Class" (C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll)
HKCU_URLSearchHooks|{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - "uTorrentBar_FR Toolbar" (C:\Program Files (x86)\uTorrentBar_FR\prxtbuTor.dll)
HKLM_URLSearchHooks|{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - "uTorrentBar_FR Toolbar" (C:\Program Files (x86)\uTorrentBar_FR\prxtbuTor.dll)
HKCU_SearchScopes\zbani - "Zbani" (hxxp://home.zbani.com/en/get/{searchTerms})
HKCU_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "uTorrentBar_FR Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...)
HKLM_SearchScopes\zbani - "Zbani" (hxxp://home.zbani.com/en/get/{searchTerms})
HKLM_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "uTorrentBar_FR Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...)
HKLM_Toolbar|{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} (C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll)
HKLM_Toolbar|{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} (C:\Program Files (x86)\uTorrentBar_FR\prxtbuTor.dll)
HKLM_Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D} (C:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll)
HKCU_ElevationPolicy\{1024F1BE-76DC-40d5-AB98-664A4185E5FA} - C:\Users\Nico\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe (Skype Limited)
HKCU_ElevationPolicy\{7AEFE841-DCA1-4A95-80CB-BE935D016000} - C:\Program Files (x86)\Battlelog Web Plugins\esnlauncher2.exe (?)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{1024F1BE-76DC-40d5-AB98-664A4185E5FA} - C:\Users\Nico\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe (Skype Limited)
HKLM_ElevationPolicy\{4857763C-D59B-4A30-A05E-BD00B48EC8CD} - C:\Program Files (x86)\uTorrentBar_FR\uTorrentBar_FRToolbarHelper.exe (?)
HKLM_ElevationPolicy\{49CF0734-BF9A-4444-BC9F-C26E56AF042F} - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.3\SonarHost.exe (ESN Social Software AB)
HKLM_ElevationPolicy\{50A6102E-D757-409e-97B7-6EA4EEEA5BC3} - C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe (Apple Inc.)
HKLM_ElevationPolicy\{5F17E524-3447-4c7d-8E5F-4EFF31CDE3B7} - C:\Program Files (x86)\DivX\DivX Plus Web Player\DDMService.exe (DivX, LLC)
HKLM_ElevationPolicy\{64903E32-AE0B-408D-909C-09A08791F28D} - C:\Program Files (x86)\DivX\DivX Plus Web Player\dwpBroker.exe (?)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{7AEFE841-DCA1-4A95-80CB-BE935D016000} - C:\Program Files (x86)\Battlelog Web Plugins\esnlauncher2.exe (?)
HKLM_ElevationPolicy\{8D2A5716-2205-4EB2-8443-03AB6B9F4B3B} - C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSIX.exe (Futuremark Corporation)
HKLM_ElevationPolicy\{9F0A97AE-886F-49b1-A497-229B9546CF5B} - C:\Program Files (x86)\Druide\Antidote 7\Programmes32\agentantidote.exe (Druide informatique inc.)
HKLM_ElevationPolicy\{9F397B84-F03A-4AD4-AA22-63443B5A7082} - C:\Program Files (x86)\ConduitEngine\ConduitEngineHelper.exe (?)
HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
HKLM_ElevationPolicy\{B547B64F-7393-4AC7-B440-1B9CCD4857E9} - C:\Users\Nico\AppData\Local\Conduit\CT2851639\uTorrentBar_FRAutoUpdateHelper.exe (?)
HKLM_ElevationPolicy\{D802E3EF-2513-4661-972E-BAD737EFBA88} - C:\Program Files (x86)\DivX\DivX OVS Helper\OVSHelperBroker.exe (DivX, LLC.)
BHO\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - "uTorrentBar_FR Toolbar" (C:\Program Files (x86)\uTorrentBar_FR\prxtbuTor.dll)
BHO\{30F9B915-B755-4826-820B-08FBA6BD249D} - "Conduit Engine " (C:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll)
BHO\{326E768D-4182-46FD-9C16-1449A49795F4} - "DivX Plus Web Player HTML5 <video>" (C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll)
BHO\{593DDEC6-7468-4cdd-90E1-42DADAA222E9} - "DivX HiQ" (C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll)
BHO\{5FF49FE8-B332-4CB9-B102-FB6951629E55} - "Virtual Storage Mount Notification" (C:\Windows\SysWOW64\CbFsMntNtf3.dll)
BHO\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - "Skype Browser Helper" (C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll)
========================================
C:\Program Files (x86)\Ad-Remover\Quarantine: 0 File(s)
C:\Program Files (x86)\Ad-Remover\Backup: 0 File(s)
C:\Ad-Report-SCAN[1].txt - 26/10/2011 12:54:04 (16641 Byte(s))
End at: 12:55:12, 26/10/2011
============== E.O.F ==============