Win32:Adware.gen(ADW)

vikings75 -  
 Utilisateur anonyme -
Bonjour,
Mon avast me dit que j'ai un virus Win32:Adware.gen(ADW). J'ai effectué quelque recherche sur google pour essayer de le rêgler. Alors je fais appel à vous pour voir si tout est bien supprimer. Mon Laptop est infecté, sur mon laptop j'ai avast, CCleaner, RegCleaner, Ad-Aware et hijackthis. Je vous écris depuis un autre ordi. Voici le scan Hijack :

ogfile of HijackThis v1.99.1
Scan saved at 12:18:56, on 2010-01-09
Platform: Unknown Windows (WinNT 6.00.1906 SP2)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\hijackthis_199\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.rds.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.mirarsearch.com/?useie5=1&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: (no name) - {50635E50-A9FB-49EB-B6D3-D64DEC8E4CE7} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [WhereSphere] C:\Users\Simon Allard\AppData\Roaming\WhereSphere\wheresphere.exe
O4 - HKCU\..\Run: [SfKg6wIPuS] C:\Users\Simon Allard\AppData\Roaming\Microsoft\Windows\oulwsv.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = C:\Acer\Empowering Technology\eAPLauncher.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: (no name) - {49783ED4-258D-4f9f-BE11-137C18D3E543} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - (no file)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O11 - Options group: [INTERNATIONAL] International
O13 - Gopher Prefix:
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Google Update Service (gupdate1ca8afa5435345) (gupdate1ca8afa5435345) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe" /svc (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kwanzy Service - Unknown owner - C:\ProgramData\Kwanzy\kwanzy135.exe" "C:\Program Files\Kwanzy\kwanzy.dll" Service (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: RelevantKnowledge - Unknown owner - C:\Program Files\RelevantKnowledge\rlservice.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

8 réponses

Réponse 1 / 8
Utilisateur anonyme
 
bonjour
ogfile of HijackThis v1.99.1

supprime hijackthis car il est obselète
retélécharge le
Télécharge Hijackthis, outil de diagnostic et de réparation
http://www.trendsecure.com/portal/en-US/tools/security_tools­/hijackthis/download
* Clique sur exécutable, et clique sur enregistrer
* Place Hijackthis.exe sur ton bureau, puis lance le
* Clique sur exécuter
* Clique sur Do a system scan and save a log file
* Clique sur Save log pour enregistrer le rapport qui s'ouvrira
avec le bloc-note
* Poste le rapport: Clique sur édition en haut du bloc-note
Clique sur tout sélectionner, revenir sur "édition", et clique sur
copier. Reviens sur le forum sur ta réponse, clic droit sur la zone du
message, puis coller
0
Réponse 2 / 8
vikings75
 
Ton lien ne marchait pas, alors je suis été chercher sur un autre site, version 2.02

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:35:21, on 2010-01-09
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
F:\RegCleaner.exe
F:\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rds.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.mirarsearch.com/?useie5=1&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: (no name) - {50635E50-A9FB-49EB-B6D3-D64DEC8E4CE7} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [WhereSphere] C:\Users\Simon Allard\AppData\Roaming\WhereSphere\wheresphere.exe
O4 - HKCU\..\Run: [SfKg6wIPuS] C:\Users\Simon Allard\AppData\Roaming\Microsoft\Windows\oulwsv.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')
O4 - Global Startup: Empowering Technology Launcher.lnk = C:\Acer\Empowering Technology\eAPLauncher.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: (no name) - {49783ED4-258D-4f9f-BE11-137C18D3E543} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - (no file)
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O13 - Gopher Prefix:
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Google Update Service (gupdate1ca8afa5435345) (gupdate1ca8afa5435345) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kwanzy Service - Unknown owner - C:\ProgramData\Kwanzy\kwanzy135.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: RelevantKnowledge - Unknown owner - C:\Program Files\RelevantKnowledge\rlservice.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
0
Utilisateur anonyme
 
Tu as une infection LOP, ce qui fait apparaitre des pop-up CID
Elles s'installent par ces programmes qu'il éviter à tout prix:
* Le sponsor de Messenger Plus!
* Bittorent
* BitDownload
* BitGrabber
* NetPumper
* BitRoll
* TorrentQ
* Torrent101

Désactive l'UAC: controle de compte d'utilisateur

Clique sur le menu Démarrer puis sur Panneau de configuration , Comptes d'utilisateurs
Clique sur Activer ou désactiver le contrôle des comptes d'utilisateurs:
Une nouvelle fenêtre s'ouvre,décoche la case Utiliser le contrôle des comptes d'utilisateurs pour vous aider à protéger votre ordinateur puis OK:
Une demande s'affiche si vous voulez redémarrer votre ordinateur, clique sur redémarrer maintenant

https://forums.cnetfrance.fr


Télécharge Lop S&D(de Eric_71 et Angeldark) sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
http://eric71.geekstogo.com/tools/LopSD.exe

* Double-clique dessus pour lancer l'installation
* Clic droit sur le raccourci Lop S&D présent sur ton Bureau, et sur exécuter en tant qu'administrateur
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)

je reviendrai tout à l'heure
0
Réponse 3 / 8
vikings75
 
J'avais oublié de le dire mon Laptop (ordi) inffecter est en mode sans échec avec prise du réseau. Voilà ton LOP.


--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6002 ) Service Pack 2
X86-based PC ( Multiprocessor Free : AMD Turion(tm) 64 X2 Mobile Technology TL-58 )
BIOS : PhoenixBIOS 4.0 Release 6.1
USER : Simon Allard ( Administrator )
BOOT : Fail-safe with network boot
C:\ (Local Disk) - NTFS - Total:111 Go (Free:36 Go)
D:\ (Local Disk) - NTFS - Total:111 Go (Free:101 Go)
E:\ (CD or DVD)
F:\ (USB) - FAT - Total:982 Mo (Free:0 Go)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 2010-01-09|12:46 )

[ UAC => 0 ]

--------------------\\ Listing des dossiers dans Local

[2007-12-15|18:21] C:\Users\SIMONA~1\AppData\Local\Acer Arcade Deluxe
[2007-12-16|05:32] C:\Users\SIMONA~1\AppData\Local\acer eNM
[2007-12-16|10:37] C:\Users\SIMONA~1\AppData\Local\Adobe
[2007-12-21|13:37] C:\Users\SIMONA~1\AppData\Local\Apple
[2008-07-30|05:49] C:\Users\SIMONA~1\AppData\Local\Apple Computer
[2007-12-16|05:30] C:\Users\SIMONA~1\AppData\Local\Application Data
[2007-12-18|00:05] C:\Users\SIMONA~1\AppData\Local\CyberLink
[2009-03-14|20:56] C:\Users\SIMONA~1\AppData\Local\d3d9caps.dat
[2010-01-08|11:02] C:\Users\SIMONA~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-08-25|16:44] C:\Users\SIMONA~1\AppData\Local\Downloaded Installations
[2007-12-16|01:04] C:\Users\SIMONA~1\AppData\Local\DV Wizard
[2009-05-25|19:04] C:\Users\SIMONA~1\AppData\Local\FullTiltPoker
[2009-08-04|08:57] C:\Users\SIMONA~1\AppData\Local\GDIPFONTCACHEV1.DAT
[2010-01-01|10:49] C:\Users\SIMONA~1\AppData\Local\Google
[2007-12-16|05:30] C:\Users\SIMONA~1\AppData\Local\Historique
[2007-12-18|00:05] C:\Users\SIMONA~1\AppData\Local\HomeMedia
[2009-10-15|09:34] C:\Users\SIMONA~1\AppData\Local\Microsoft
[2008-07-19|09:18] C:\Users\SIMONA~1\AppData\Local\Microsoft Games
[2009-05-02|18:19] C:\Users\SIMONA~1\AppData\Local\Microsoft Help
[2008-07-03|19:14] C:\Users\SIMONA~1\AppData\Local\Mozilla
[2008-08-25|16:46] C:\Users\SIMONA~1\AppData\Local\PC_Drivers_Headquarters
[2009-02-01|14:27] C:\Users\SIMONA~1\AppData\Local\PlayMovie
[2009-12-16|06:30] C:\Users\SIMONA~1\AppData\Local\PokerStars
[2007-12-15|18:20] C:\Users\SIMONA~1\AppData\Local\PowerCinema
[2010-01-09|12:44] C:\Users\SIMONA~1\AppData\Local\Temp
[2007-12-16|05:30] C:\Users\SIMONA~1\AppData\Local\Temporary Internet Files
[2007-12-17|14:58] C:\Users\SIMONA~1\AppData\Local\VirtualStore

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[2010-01-09 12:45][--a------] C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2010-01-09 12:45][--a------] C:\Windows\tasks\Ad-Aware Update (Daily 4).job
[2010-01-09 12:45][--a------] C:\Windows\tasks\Ad-Aware Update (Daily 3).job
[2010-01-09 12:45][--a------] C:\Windows\tasks\Ad-Aware Update (Daily 2).job
[2010-01-09 12:45][--a------] C:\Windows\tasks\Ad-Aware Update (Daily 1).job
[2010-01-09 11:11][--a------] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010-01-09 11:17][--a------] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010-01-08 20:00][--a------] C:\Windows\tasks\Norton Internet Security - Analyse systŠme complŠte - Simon Allard.job
[2010-01-09 08:16][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{7B3208A9-DA50-4C77-A8A2-0715C4526F0D}.job
[2010-01-07 08:51][--ah-----] C:\Windows\tasks\SA.DAT
[2010-01-06 20:27][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[2010-01-01|10:49] C:\ProgramData\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
[2007-08-07|01:27] C:\ProgramData\Adobe
[2007-12-21|13:36] C:\ProgramData\Apple
[2008-01-01|14:31] C:\ProgramData\Apple Computer
[2006-11-02|08:02] C:\ProgramData\Application Data
[2009-01-13|22:35] C:\ProgramData\avg8
[2007-12-16|05:27] C:\ProgramData\Bureau
[2007-12-15|20:56] C:\ProgramData\CyberLink
[2009-12-19|08:41] C:\ProgramData\DAEMON Tools Lite
[2006-11-02|08:02] C:\ProgramData\Desktop
[2006-11-02|08:02] C:\ProgramData\Documents
[2007-12-16|05:27] C:\ProgramData\Favoris
[2006-11-02|08:02] C:\ProgramData\Favorites
[2008-05-21|19:01] C:\ProgramData\Hewlett-Packard
[2007-12-16|09:56] C:\ProgramData\HipSoft
[2008-05-21|19:14] C:\ProgramData\HP
[2008-05-21|19:16] C:\ProgramData\hpzinstall.log
[2010-01-07|08:53] C:\ProgramData\Kwanzy
[2010-01-01|10:49] C:\ProgramData\Lavasoft
[2008-12-16|14:16] C:\ProgramData\Malwarebytes
[2007-12-16|05:27] C:\ProgramData\Menu D‚marrer
[2009-05-27|14:31] C:\ProgramData\Messenger Plus!
[2009-03-20|14:51] C:\ProgramData\Microsoft
[2009-12-10|14:48] C:\ProgramData\Microsoft Help
[2007-12-16|05:27] C:\ProgramData\ModŠles
[2009-01-05|11:19] C:\ProgramData\Norton
[2009-01-05|11:16] C:\ProgramData\NortonInstaller
[2009-08-05|08:04] C:\ProgramData\ntuser.pol
[2009-11-14|10:28] C:\ProgramData\NVIDIA
[2010-01-09|11:41] C:\ProgramData\nvModes.001
[2010-01-09|11:41] C:\ProgramData\nvModes.dat
[2008-08-25|16:45] C:\ProgramData\PC Drivers HeadQuarters
[2009-01-13|13:49] C:\ProgramData\Spybot - Search & Destroy
[2006-11-02|08:02] C:\ProgramData\Start Menu
[2009-01-13|12:45] C:\ProgramData\SUPERAntiSpyware.com
[2009-01-05|10:56] C:\ProgramData\Symantec
[2007-12-17|15:02] C:\ProgramData\TEMP
[2006-11-02|08:02] C:\ProgramData\Templates
[2008-02-21|20:23] C:\ProgramData\Trymedia
[2008-05-21|19:16] C:\ProgramData\WEBREG
[2007-12-15|19:37] C:\ProgramData\WLInstaller
[2007-12-31|20:01] C:\ProgramData\Xerox

--------------------\\ Listing des dossiers dans C:\Program Files

[2007-12-16|05:34] C:\Program Files\Acer Arcade Deluxe
[2008-12-21|22:01] C:\Program Files\Acer GameZone
[2007-12-16|05:50] C:\Program Files\Acer Inc
[2007-08-07|01:27] C:\Program Files\Adobe
[2009-12-19|08:52] C:\Program Files\Alcohol Soft
[2009-08-30|17:16] C:\Program Files\Alwil Software
[2007-12-16|05:43] C:\Program Files\Apoint2K
[2008-07-29|17:56] C:\Program Files\Apple Software Update
[2009-01-13|12:52] C:\Program Files\AVG
[2009-01-13|00:58] C:\Program Files\Bonjour
[2008-12-18|12:51] C:\Program Files\CCleaner
[2010-01-01|10:25] C:\Program Files\Common Files
[2009-01-06|19:13] C:\Program Files\Conduit
[2007-08-07|00:12] C:\Program Files\CONEXANT
[2007-08-07|00:56] C:\Program Files\CyberLink
[2009-12-19|08:42] C:\Program Files\DAEMON Tools Lite
[2009-12-19|08:42] C:\Program Files\DAEMON Tools Toolbar
[2010-01-03|15:03] C:\Program Files\Everest Poker
[2007-12-16|05:27] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[2009-08-09|20:37] C:\Program Files\Full Tilt Poker
[2007-12-16|00:45] C:\Program Files\GamesBar
[2010-01-01|11:06] C:\Program Files\Google
[2008-05-21|19:13] C:\Program Files\Hewlett-Packard
[2008-05-21|19:14] C:\Program Files\HP
[2010-01-01|10:27] C:\Program Files\InstallShield Installation Information
[2009-12-13|21:26] C:\Program Files\Internet Explorer
[2008-07-29|18:12] C:\Program Files\iPod
[2008-07-29|18:12] C:\Program Files\iTunes
[2008-11-28|22:29] C:\Program Files\java
[2008-12-21|10:55] C:\Program Files\K-Lite Codec Pack
[2010-01-09|11:46] C:\Program Files\Kwanzy
[2009-01-13|21:43] C:\Program Files\Launch Manager
[2010-01-01|10:49] C:\Program Files\Lavasoft
[2009-02-02|00:44] C:\Program Files\LEGO Media
[2007-12-16|10:54] C:\Program Files\licenses
[2008-01-02|15:14] C:\Program Files\Maxis
[2009-03-02|11:32] C:\Program Files\MediaInfo
[2009-05-27|14:12] C:\Program Files\Messenger Plus! Live
[2009-11-10|07:16] C:\Program Files\Microsoft
[2006-11-02|07:37] C:\Program Files\Microsoft Games
[2008-02-20|17:26] C:\Program Files\Microsoft Office
[2009-09-09|21:25] C:\Program Files\Microsoft Silverlight
[2008-02-20|17:26] C:\Program Files\Microsoft Visual Studio
[2008-02-20|17:20] C:\Program Files\Microsoft Visual Studio 8
[2009-08-03|20:42] C:\Program Files\Microsoft Works
[2008-02-20|17:24] C:\Program Files\Microsoft.NET
[2009-11-13|23:24] C:\Program Files\Movie Maker
[2010-01-07|08:54] C:\Program Files\Mozilla Firefox
[2008-02-20|17:26] C:\Program Files\MSBuild
[2007-12-15|19:54] C:\Program Files\MSXML 4.0
[2007-08-07|00:54] C:\Program Files\NewTech Infosystems
[2008-12-21|11:44] C:\Program Files\NoAdware
[2009-06-15|07:36] C:\Program Files\Patrician III
[2008-08-25|16:45] C:\Program Files\PC Drivers HeadQuarters
[2009-07-25|19:27] C:\Program Files\Picasa2
[2009-05-25|19:04] C:\Program Files\PokerStars
[2008-07-29|18:11] C:\Program Files\QuickTime
[2007-12-16|05:35] C:\Program Files\Realtek
[2006-11-02|07:37] C:\Program Files\Reference Assemblies
[2010-01-09|12:13] C:\Program Files\RegCleaner
[2009-06-30|20:05] C:\Program Files\SharkScope
[2009-01-13|13:52] C:\Program Files\Spybot - Search & Destroy
[2009-01-13|13:50] C:\Program Files\SUPERAntiSpyware
[2006-11-02|08:01] C:\Program Files\Uninstall Information
[2008-12-20|23:45] C:\Program Files\uTorrent
[2009-01-21|21:05] C:\Program Files\VideoLAN
[2009-11-13|23:24] C:\Program Files\Windows Calendar
[2009-11-13|23:24] C:\Program Files\Windows Collaboration
[2009-11-13|23:24] C:\Program Files\Windows Defender
[2009-11-13|23:24] C:\Program Files\Windows Journal
[2009-11-10|07:19] C:\Program Files\Windows Live
[2009-03-20|14:54] C:\Program Files\Windows Live SkyDrive
[2009-12-13|21:26] C:\Program Files\Windows Mail
[2009-11-13|23:24] C:\Program Files\Windows Media Player
[2007-12-16|05:27] C:\Program Files\Windows NT
[2009-11-13|23:24] C:\Program Files\Windows Photo Gallery
[2009-11-16|18:19] C:\Program Files\Windows Portable Devices
[2009-11-13|23:24] C:\Program Files\Windows Sidebar
[2008-12-27|23:46] C:\Program Files\WinRAR
[2007-12-16|05:30] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[2007-08-07|01:27] C:\Program Files\Common Files\Adobe
[2007-12-21|13:36] C:\Program Files\Common Files\Apple
[2008-02-20|17:26] C:\Program Files\Common Files\DESIGNER
[2008-05-21|19:13] C:\Program Files\Common Files\Hewlett-Packard
[2008-05-21|19:12] C:\Program Files\Common Files\HP
[2007-08-07|00:56] C:\Program Files\Common Files\InstallShield
[2007-12-16|10:55] C:\Program Files\Common Files\Java
[2007-08-07|00:53] C:\Program Files\Common Files\LightScribe
[2009-08-03|20:42] C:\Program Files\Common Files\microsoft shared
[2007-08-07|00:53] C:\Program Files\Common Files\muvee Technologies
[2007-08-07|00:54] C:\Program Files\Common Files\NewTech Infosystems
[2006-11-02|06:18] C:\Program Files\Common Files\Services
[2006-11-02|06:18] C:\Program Files\Common Files\SpeechEngines
[2009-01-05|11:16] C:\Program Files\Common Files\Symantec Shared
[2009-11-13|23:24] C:\Program Files\Common Files\System
[2009-03-20|14:51] C:\Program Files\Common Files\Windows Live
[2007-12-15|19:40] C:\Program Files\Common Files\WindowsLiveInstaller

--------------------\\ Process

( 30 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-09 12:46:27
Windows 6.0.6002 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\SIMONA~1\AppData\Roaming\Azureus\torrents\Druide_Antidote_RX_v5.0_Incl.Keygen_FRANCAIS[www.quebectorrent.com][1].torrent
C:\Users\SIMONA~1\AppData\Roaming\uTorrent\Norton Internet Security 2009 activation crack x13.exe.torrent
C:\Users\SIMONA~1\Documents\Programme\Antidote RX v8 - Fran‡ais\Antidote RX v8 - Fran‡ais\3 - Activation\keygen RX v2.[LaFaucheuse].exe
C:\Users\SIMONA~1\Downloads\Druide_Antidote_RX_v5.0_Incl.Keygen_FRENCH-BS
C:\Users\SIMONA~1\Downloads\Druide_Antidote_RX_v5.0_Incl.Keygen_FRENCH-BS\AntidoteRX5
C:\Users\SIMONA~1\Downloads\Druide_Antidote_RX_v5.0_Incl.Keygen_FRENCH-BS\bs.nfo
C:\Users\SIMONA~1\Downloads\Druide_Antidote_RX_v5.0_Incl.Keygen_FRENCH-BS\AntidoteRX5\keygen.exe
C:\Users\SIMONA~1\Downloads\Druide_Antidote_RX_v5.0_Incl.Keygen_FRENCH-BS\AntidoteRX5\setup.msi


[F:30][D:3]-> C:\Users\SIMONA~1\AppData\Local\Temp
[F:15][D:1]-> C:\Users\SIMONA~1\AppData\Roaming\MICROS~1\Windows\Cookies
[F:6][D:4]-> C:\Users\SIMONA~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:5][D:5]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 2010-01-09|12:48 - Option : [1]

--------------------\\ Fin du rapport a 12:48:59
[ UAC => 1 ]
0
Utilisateur anonyme
 
C:\Users\SIMONA~1\AppData\Roaming\Azureus\torrents\Druide_Antidote_RX_v5.0_Incl.Keygen_FRANCAIS[www.quebectorrent.com][1].torrent
C:\Users\SIMONA~1\AppData\Roaming\uTorrent\Norton Internet Security 2009 activation crack x13.exe.torrent
C:\Users\SIMONA~1\Documents\Programme\Antidote RX v8 - Fran‡ais\Antidote RX v8 - Fran‡ais\3 - Activation\keygen RX v2.[LaFaucheuse].exe
C:\Users\SIMONA~1\Downloads\Druide_Antidote_RX_v5.0_Incl.Keygen_FRENCH-BS
C:\Users\SIMONA~1\Downloads\Druide_Antidote_RX_v5.0_Incl.Keygen_FRENCH-BS\AntidoteRX5
C:\Users\SIMONA~1\Downloads\Druide_Antidote_RX_v5.0_Incl.Keygen_FRENCH-BS\bs.nfo
C:\Users\SIMONA~1\Downloads\Druide_Antidote_RX_v5.0_Incl.Keygen_FRENCH-BS\AntidoteRX5\keygen.exe
C:\Users\SIMONA~1\Downloads\Druide_Antidote_RX_v5.0_Incl.Keygen_FRENCH-BS\AntidoteRX5\setup.msi

lit ceci sur le danger des cracks en cliquant sur ce lien:
https://forum.malekal.com/viewtopic.php?t=893&start=


Télécharge malwarebytes' anti-malware
https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/
Enregistre le sur le bureau
Double-clique sur l'icône Download_mbam-setup.exe pour lancer le processus d'installation
Si la pare-feu demande l'autorisation de se connecter pour malwarebytes, accepte
Il va se mettre à jour une fois faite
Va dans l'onglet recherche
Sélectionne exécuter un examen complet
Clique sur rechercher
Le scan démarre
A la fin de l'analyse, le message s'affiche: L'examen s'est terminé normalement.
Clique sur afficher les résultats pour afficher les objets trouvés
Clique sur OK pour pousuivre
Si des malwares ont été détectés, cliquer sur afficher les résultats
Sélectionne tout (ou laisser coché)
Clique sur supprimer la sélection
Malwarebytes va détruire les fichiers et les clés de registre et en mettre une
copie dans la quarantaine
Malewarebytes va ouvrir le bloc-note et y copier le rapport
Redémarre le PC
Une fois redémarré, double-clique sur Malewarebytes
Va dans l'onglet rapport/log
Clique dessus pour l'afficher une fois affiché, cliquer sur édition en haut du
bloc-note puis sur sélectionner tout
Revient sur édition, puis sur copier et revient sur le forum et dans ta réponse
Clic droit dans le cadre de la réponse et coller
0
Réponse 4 / 8
vikings75
 
Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3531
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18865

2010-01-09 17:24:19
mbam-log-2010-01-09 (17-24-19).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 254899
Temps écoulé: 1 hour(s), 6 minute(s), 33 second(s)

Processus mémoire infecté(s): 2
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 8
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 3
Fichier(s) infecté(s): 11

Processus mémoire infecté(s):
C:\Users\Simon Allard\AppData\Roaming\Microsoft\Windows\oulwsv.exe (Trojan.Downloader) -> Unloaded process successfully.
C:\Users\Simon Allard\AppData\Roaming\WhereSphere\WhereSphere.exe (Adware.WhereSphere) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
C:\Users\Simon Allard\AppData\Roaming\Mozilla\Firefox\Profiles\awmotktn.default\extensions\{e45a0de0-b4de-11de-8a39-0800200c9a66}\components\wsff.dll (Adware.WhereSphere) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\internetprogram.pornpro_bho (Adware.PLayMP3z) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\internetprogram.pornpro_bho.1 (Adware.PLayMP3z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{88c9b3c7-06b6-5c05-cfec-c09dbc10cc30} (Adware.PLayMP3z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{88c9b3c7-06b6-5c05-cfec-c09dbc10cc30} (Adware.PLayMP3z) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\kwanzy (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\wheresphere (Adware.WhereSphere) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\WhereSphere (Adware.WhereSphere) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Kwanzy Service (Adware.Kwanzy) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sfkg6wipus (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wheresphere (Adware.WhereSphere) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Users\Simon Allard\AppData\Roaming\WhereSphere (Adware.WhereSphere) -> Quarantined and deleted successfully.
C:\Program Files\Kwanzy (Adware.Kwanzy) -> Quarantined and deleted successfully.
C:\ProgramData\Kwanzy (Adware.Kwanzy) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Users\Simon Allard\AppData\Roaming\Microsoft\Windows\oulwsv.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Simon Allard\AppData\Roaming\Mozilla\Firefox\Profiles\awmotktn.default\extensions\{e45a0de0-b4de-11de-8a39-0800200c9a66}\components\wsff.dll (Adware.WhereSphere) -> Quarantined and deleted successfully.
C:\Program Files\Kwanzy\kwanzy.exe (Adware.Kwanzy) -> Quarantined and deleted successfully.
C:\Program Files\Kwanzy\uninstall.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\ProgramData\Kwanzy\kwanzy135.exe (Adware.Kwanzy) -> Quarantined and deleted successfully.
C:\hijackthis_199\backups\backup-20100109-115605-631.dll (Adware.Mirar) -> Quarantined and deleted successfully.
C:\Users\Simon Allard\AppData\Roaming\WhereSphere\config.cfg (Adware.WhereSphere) -> Quarantined and deleted successfully.
C:\Users\Simon Allard\AppData\Roaming\WhereSphere\wheresphere.exe (Adware.WhereSphere) -> Quarantined and deleted successfully.
C:\Users\Simon Allard\AppData\Roaming\WhereSphere\WSUninstall.exe (Adware.WhereSphere) -> Quarantined and deleted successfully.
C:\Program Files\mozilla firefox\searchPlugins\kwanzy135.xml (Adware.Kwanzy) -> Quarantined and deleted successfully.
C:\Users\Simon Allard\Documents\My Documents.url (Trojan.Zlob) -> Quarantined and deleted successfully.
0
Utilisateur anonyme
 
vide la quarantaine de Malwarebytes
Tu as téléchargé des programmes Kwanzi, et Whersphere qui ont infecté ton PC, ne les télécharge plus
Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.

- http://images.malwareremoval.com/random/RSIT.exe

! Déconnecte toi et ferme toutes tes applications en cours !

* Double-clique sur RSIT.exe pour le lancer .
* Une première fenêtre s'ouvre avec en titre : Disclaimer of warranty .
* Devant l'option List files/folders created ... , tu choisis 2 months
* Clique ensuite sur Continue pour lancer l'analyse ...
* Laisse faire le scan et ne touche pas au PC ...
* Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).
* Héberge le contenu de log.txt (c'est celui qui apparait à l'écran), ainsi que de info.txt ici.
Clique sur parcourir
Une fois que tu as trouvé les rapports à héberger, clique sur ouvrir
Clique sur Cliquez ici pour déposer le fichier, puis donne le lien
qui apparait comme ceci http:/www.cijoint.fr/cjlink.php?file=cj200911/cijgAdC3Ch.txt

Note : les rapports seront en outre sauvegardés dans ce dossier C:\rsit
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 8
vikings75
 
http://www.cijoint.fr/cjlink.php?file=cj201001/cijLdnOoQK.txt
http://www.cijoint.fr/cjlink.php?file=cj201001/cijiRCl8QN.txt
0
Utilisateur anonyme
 
bonjour
Les toolbars ne servent à rien. Certaines sont néfastes et espionnent ta navigation
Certaines sont inutiles, elles ne font qu'alourdir la navigation
Soit vigilent lorsque tu installes ou met à jour un logiciel gratuit
Lit bien les instructions, et décoche la case sur les suppléments qu'on te propose
telle que les barres d'outil comme Ask, Kiwee, Search Setting, Crawler, Daemon
(à ne pas confondre avec le logiciel Daemon), Dealio qui sont les plus fréquentes
et néfastes
Les toolbars, c'est pas obligatoire
Je vais te donner ceci en passant, c'est à lire
https://forum.malekal.com/viewtopic.php?f=45&t=6173


Désactive l'UAC: contrôle de compte d'utilisateur

Clique sur le menu Démarrer puis sur Panneau de configuration , Comptes d'utilisateurs
Clique sur Activer ou désactiver le contrôle des comptes d'utilisateurs:
Une nouvelle fenêtre s'ouvre,décoche la case Utiliser le contrôle des comptes d'utilisateurs pour vous aider à protéger votre ordinateur puis OK:
Une demande s'affiche si vous voulez redémarrer votre ordinateur, clique sur redémarrer maintenant

https://forums.cnetfrance.fr

Télécharge Toolbar-S&D (Eric_71, Angeldark, Sham_Rock et XmichouX) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cpVobGk5bHnxrhQ4yaoEUDJvOYNnEGyYjgqHZz5GqZLfutR3fMFPlsC3-CGIilfupPAguYATNyua3csodN_frdMK8sSzUpit10Yac-QJCOkMqJKkbdKcP6ySs8trWPgoNVIq4TGGWCe6o0txXQv-ZueJF9vZzw3RXsGwFYIqN2lvF2LPdQzS8mE1d5kWOVOz6EMzQuE5-lClSJM869uq3oc7-t7yg%3D%3D&attredirects=3
http://eric71.geekstogo.com/tools/ToolBarSD.exe

!! Déconnecte toi et ferme toute tes applications en cours le temps de la manipe !! Désactive ton antivirus.

* Lance l'installation du programme en exécutant le fichier téléchargé.
* Clic droit sur le raccourci de Toolbar-S&D, et sur exécuter en tant qu'administrateur pour le lancer
* Sélectionne la langue souhaitée en tapant la lettre de ton choix, puis appuie sur la touche Entrée.
* Sélectionne l'option 1 (Recherche), puis appuie sur la touche entrée. Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
0
Réponse 6 / 8
vikings75
 
-----------\\ ToolBar S&D 1.2.9 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6002 ) Service Pack 2
X86-based PC ( Multiprocessor Free : AMD Turion(tm) 64 X2 Mobile Technology TL-58 )
BIOS : PhoenixBIOS 4.0 Release 6.1
USER : Simon Allard ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:111 Go (Free:33 Go)
D:\ (Local Disk) - NTFS - Total:111 Go (Free:101 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
G:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [1] ( 2010-01-10| 9:11 )

[ UAC => 0 ]

-----------\\ Recherche de Fichiers / Dossiers ...

C:\Program Files\DAEMON Tools Toolbar
C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT
C:\Program Files\DAEMON Tools Toolbar\Resources
C:\Program Files\DAEMON Tools Toolbar\uninst.exe
C:\Program Files\DAEMON Tools Toolbar\_DTLite.xml
C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT\chrome
C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT\chrome.manifest
C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT\components
C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT\install.rdf
C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT\chrome\dttoolbar.jar
C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT\components\DTToolbarFF.dll
C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT\components\DTToolbarFF.xpt
C:\Program Files\DAEMON Tools Toolbar\Resources\about.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\AboutWindow.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\AddRadioStation.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\as.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\as.png
C:\Program Files\DAEMON Tools Toolbar\Resources\astro.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\az.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\b1.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\b1.png
C:\Program Files\DAEMON Tools Toolbar\Resources\BurnImage.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\buy.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\cond000.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond001.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond003.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond004.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond005.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond006.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond007.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond008.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond009.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond010.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond011.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond019.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond020.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond021.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond022.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond023.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond024.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond025.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond026.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond037.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond038.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond039.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond040.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond041.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond046.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond048.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond050.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond051.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond052.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond053.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond054.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond055.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond056.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond057.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond058.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond059.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond060.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond061.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond062.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond063.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond064.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond065.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond066.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond067.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond068.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond069.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond075.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond076.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond077.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond078.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond079.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond080.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond084.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond085.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond086.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond087.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond088.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond089.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond090.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond091.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond092.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond093.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond094.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond095.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond108.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond109.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond110.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond111.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond112.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond113.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond120.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond121.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond122.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond126.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond127.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond128.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond129.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond130.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond131.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond132.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond133.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond134.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond135.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond136.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond137.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond138.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond140.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond141.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond142.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond143.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond148.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond149.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond152.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond154.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond155.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond156.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond157.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\Config.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\d.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\d2.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\daemon.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\ds.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\dsearch.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\dt.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\DTPro.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\Dwnl.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\emulation.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\features.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\GameCentrix.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\gd.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\genre.xml
C:\Program Files\DAEMON Tools Toolbar\Resources\globe.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\GrabImage.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\hb.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\hb.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\help.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\ip.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\lang.xml
C:\Program Files\DAEMON Tools Toolbar\Resources\lingvo.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\m.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\mail.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mailc.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mailc_disable.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mailc_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mailc_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mailc_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mail_disable.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mail_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mail_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mail_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\MenuRadioConfig.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\MenuRadioStation.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\MenuRSCur.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\MenuTr.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\next.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\next_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\next_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\next_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\none.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\none_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\noW.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\op.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\play.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\play.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\play_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\play_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\play_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\pragma.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\prev.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\prev_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\prev_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\prev_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\prod.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\Radio.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioBg.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioBg.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioBgMask.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDisp.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDisp_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDown.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDown.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDown_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDown_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDown_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioE.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioG.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioL.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioLDotMask.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioLeft.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioLeftMask.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioLM.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioN.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioR.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioR.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioRM.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioRU.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioVolume.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioVolume_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioVolume_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioVolume_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioW.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\refresh.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\refresh_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\refresh_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\refresh_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Rss.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\Rss1.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\rssClose.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\rssL.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\rssOpen.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\size.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\size_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\skins.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\spt.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\stop.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\stop.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\stop_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\stop_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\stop_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\style.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\SupportRequest.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\time.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\TitleIcon.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\toolbar.xml
C:\Program Files\DAEMON Tools Toolbar\Resources\trans.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\Trash.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Trash_disable.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Trash_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Trash_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Trash_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\u.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\vol.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\vol.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\vol_back.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\vol_dott.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\vol_dott_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\vol_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\vol_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\vol_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wb.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtClose.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtClose_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtClose_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtClose_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtText.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtText_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtText_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtText_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Weather_m42.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Weather_m43.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wi.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi0.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi1.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi10.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi11.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi12.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi13.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi2.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi3.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi4.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi5.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi6.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi7.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi8.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi9.ico
C:\Program Files\GamesBar
C:\Program Files\GamesBar\Localization-English.ini

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"SEARCH PAGE"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Local Page"="C:\\Windows\\system32\\blank.htm"
"SearchMigratedDefaultURL"="https://search.yahoo.com/web{searchTerms}&ei=utf-8&fr=b1ie7"
"Start Page"="https://www.rds.ca/"
"Url"="http://www.microsoft.com/athome/community/rss.xml"
"Url"="http://rss.msn.com/en-us/?feedoutput=rss&ocid=iehrs&unsub=true"
"Url"="http://www.microsoft.com/atwork/community/rss.xml"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://fr.yahoo.com/"
"Default_Page_URL"="https://fr.yahoo.com/"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Local Page"="C:\\Windows\\System32\\blank.htm"
"Search Bar"="http://www.mirarsearch.com/?useie5=1&q="


--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\SIMONA~1\AppData\Roaming\Azureus\torrents\Druide_Antidote_RX_v5.0_Incl.Keygen_FRANCAIS[www.quebectorrent.com][1].torrent
C:\Users\SIMONA~1\AppData\Roaming\uTorrent\Norton Internet Security 2009 activation crack x13.exe.torrent
C:\Users\SIMONA~1\Documents\Programme\Antidote RX v8 - Fran‡ais\Antidote RX v8 - Fran‡ais\3 - Activation\keygen RX v2.[LaFaucheuse].exe


[ UAC => 1 ]


1 - "C:\ToolBar SD\TB_1.txt" - 2010-01-10| 9:12 - Option : [1]

-----------\\ Fin du rapport a 9:12:38,63
0
Utilisateur anonyme
 
Clic droit sur Toolbar-S&D, et sur exécuter en tant qu'administrateur . Tape sur 2 puis appuie sur la touche entrée.
Ne ferme pas la fenêtre lors de la suppression
Un rapport sera créé, poste son contenu ici.
0
Réponse 7 / 8
vikings75
 
-----------\\ ToolBar S&D 1.2.9 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6002 ) Service Pack 2
X86-based PC ( Multiprocessor Free : AMD Turion(tm) 64 X2 Mobile Technology TL-58 )
BIOS : PhoenixBIOS 4.0 Release 6.1
USER : Simon Allard ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:111 Go (Free:33 Go)
D:\ (Local Disk) - NTFS - Total:111 Go (Free:101 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
G:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [2] ( 2010-01-10|11:06 )

[ UAC => 1 ]

-----------\\ SUPPRESSION

Supprime! - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
Supprime! - C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT
Supprime! - C:\Program Files\DAEMON Tools Toolbar\Resources
Supprime! - C:\Program Files\DAEMON Tools Toolbar\uninst.exe
Supprime! - C:\Program Files\DAEMON Tools Toolbar\_DTLite.xml
Supprime! - C:\Program Files\GamesBar\Localization-English.ini
Supprime! - C:\Program Files\DAEMON Tools Toolbar
Supprime! - C:\Program Files\GamesBar

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"SEARCH PAGE"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Local Page"="C:\\Windows\\system32\\blank.htm"
"SearchMigratedDefaultURL"="https://search.yahoo.com/web{searchTerms}&ei=utf-8&fr=b1ie7"
"Start Page"="https://www.rds.ca/"
"Url"="http://go.microsoft.com/fwlink/?LinkID=68928"
"Url"="http://go.microsoft.com/fwlink/?LinkID=44406"
"Url"="http://go.microsoft.com/fwlink/?LinkID=68929"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/"
"Default_Page_URL"="https://fr.yahoo.com/"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Local Page"="C:\\Windows\\System32\\blank.htm"
"Search Bar"="http://www.mirarsearch.com/?useie5=1&q="


--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\SIMONA~1\AppData\Roaming\Azureus\torrents\Druide_Antidote_RX_v5.0_Incl.Keygen_FRANCAIS[www.quebectorrent.com][1].torrent
C:\Users\SIMONA~1\AppData\Roaming\uTorrent\Norton Internet Security 2009 activation crack x13.exe.torrent
C:\Users\SIMONA~1\Documents\Programme\Antidote RX v8 - Fran‡ais\Antidote RX v8 - Fran‡ais\3 - Activation\keygen RX v2.[LaFaucheuse].exe


[ UAC => 1 ]


1 - "C:\ToolBar SD\TB_1.txt" - 2010-01-10| 9:12 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 2010-01-10|11:07 - Option : [2]

-----------\\ Fin du rapport a 11:07:50,41
0
Utilisateur anonyme
 
Télécharge AD Remover ( de Cyrildu17 / C_XX ) sur ton bureau :
http://pagesperso-orange.fr/NosTools/C_XX/AD-R.exe
ou
https://www.androidworld.fr/

Désactive l'anti-virus

Déconnecte toi et ferme toutes les applications en cours

Double clique sur le programme d'installation , et installe le dans son emplacement par défaut. ( C:\Program files )
Clique droit sur l'icône Ad-remover présent sur ton bureau, et sur exécuter en tant qu'administrateur pour le lancer
Au menu principal, sélectionne l'option L, puis appuie sur la touche entrée
Poste le rapport qui apparait à la fin .

( le rapport est sauvegardé aussi sous C:\Ad-report(date).log )

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

Note :
"Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall
0
Réponse 8 / 8
vikings75
 
.
======= LOGFILE OF AD-REMOVER 1.1.4.6_G | ONLY XP/VISTA/7 =======
.
Updated by C_XX on 05.01.2010 at 18:50
Contact: AdRemover.contact@gmail.com
Website: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Launch at: 11:25:17, 2010-01-10 | Normal Boot | Option: CLEAN
Executed from: C:\Program Files\Ad-Remover\
Operating system: Microsoft® Windows Vista™ Home Premium Service Pack 2 v6.0.6002
Computer Name: PORTABLE | Current user: Simon Allard

.
============== NEUTRALIZED ELEMENT(S) ==============
.
Service: RelevantKnowledge - ... [b]NOT DELETED !![/b]

C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Games\PartyPoker.lnk
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Titan Poker.lnk
C:\Poker\Poker 770
C:\Programs\PartyGaming
C:\Users\SIMONA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Poker 770
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Everest Poker
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\PartyPoker
C:\Program Files\Everest Poker
C:\ProgramData\Trymedia
C:\Users\Public\Desktop\Everest Poker.lnk

(!) -- Temp files deleted.

.
HKCU\software\Grand Virtual
HKCU\software\InternetProgram
HKLM\Software\Classes\AppID\{C58810EE-6B56-BDD6-5FAE-D204717DA8F6}
HKLM\software\classes\appid\InternetProgram.DLL
HKLM\Software\Classes\Interface\{133548AB-2040-C274-3F84-B4F038825BE1}
HKLM\Software\Classes\Interface\{2E194B1B-87C9-59A8-0CF4-3AE44A06DA1F}
HKLM\Software\Classes\Interface\{35D3032D-F301-7A91-0C1F-6A346950470E}
HKLM\Software\Classes\Interface\{8EE8D862-C866-C104-4964-8CD062B2A7F5}
HKLM\Software\Classes\Interface\{9EBD4DDC-B5A2-4731-57AE-5D300F116E3A}
HKLM\Software\Classes\Interface\{C8C038A1-9D2C-40AC-6D03-9ED96B02AF42}
HKLM\Software\Classes\Interface\{DB885111-F39F-4D88-9EE5-C88460B6DF7B}
HKLM\Software\Microsoft\Internet Explorer\Extensions\{49783ED4-258D-4f9f-BE11-137C18D3E543}
HKLM\Software\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}
HKLM\software\microsoft\windows\currentversion\uninstall\Everest Poker
.
============== Added scan ==============
.
.
* Mozilla FireFox Version 3.0.16 [fr] *
.
ProfilePath: awmotktn.default (Simon Allard)
.
(SIMONA~1, prefs.js) Browser.download.dir, C:\Users\Simon Allard\Downloads
(SIMONA~1, prefs.js) Browser.download.lastDir, C:\Users\Simon Allard\Videos\Partie\zzz_torrent\Jacks.Teen.America.Mission.22
(SIMONA~1, prefs.js) Browser.search.defaultenginename, Web Search
(SIMONA~1, prefs.js) Browser.search.defaulturl, hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1640187&SearchSource=3&q=
(SIMONA~1, prefs.js) Browser.startup.homepage, hxxp://www.torrent411.com/index.php
(SIMONA~1, prefs.js) Extensions.enabledItems, DTToolbar@toolbarnet.com:1.0.7.0088,{e45a0de0-b4de-11de-8a39-0800200c9a66}:2,{e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20080609.0,{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07,{4E551550-1870-479D-BF66-DF77900E100E}:1.0,{20a82645-c095-46ed-80e3-08825760534b}:1.1,{8241b8d6-6bac-4f48-b012-464cf0f636e9}:1.5.48.0,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.16
(SIMONA~1, prefs.js) Privacy.popups.showBrowserMessage, false
.
(SIMONA~1, prefs.js) ERASED - Browser.search.defaultenginename, Web Search
.
.
.
* Internet Explorer Version 8.0.6001.18865 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Do404Search: 01000000
Local Page: C:\Windows\system32\blank.htm
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Enable Browser Extensions: yes
Use Custom Search URL: 1 (0x1)
Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Default_page_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Start Page: hxxp://fr.msn.com/
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\Windows\System32\blank.htm
Use Custom Search URL: 1 (0x1)
Search Bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
============== Suspect (Cracks, Serials, ...) ==============
.
C:\Users\Simon Allard\AppData\Roaming\Azureus\torrents\Druide_Antidote_RX_v5.0_Incl.Keygen_FRANCAIS[www.quebectorrent.com][1].torrent
C:\Users\Simon Allard\AppData\Roaming\uTorrent\Norton Internet Security 2009 activation crack x13.exe.torrent
C:\Users\Simon Allard\Documents\Programme\Antidote RX v8 - Fran‡ais\Antidote RX v8 - Fran‡ais\3 - Activation\AntidoteRXvx_Patcher.[LaFaucheuse].exe
C:\Users\Simon Allard\Documents\Programme\Antidote RX v8 - Fran‡ais\Antidote RX v8 - Fran‡ais\3 - Activation\keygen RX v2.[LaFaucheuse].exe
.
===================================
.
4950 Byte(s) - C:\Ad-Report-CLEAN[1].log
.
0 File(s) - C:\Users\SIMONA~1\AppData\Local\Temp
3 File(s) - C:\Windows\Temp
8 File(s) - C:\Windows\Prefetch
.
20 File(s) - C:\Program Files\Ad-Remover\BACKUP
1425 File(s) - C:\Program Files\Ad-Remover\QUARANTINE
.
End at: 11:39:35 | 2010-01-10 - CLEAN[1]
.
============== E.O.F ==============
.
0
Utilisateur anonyme
 
Service: RelevantKnowledge - ... [b]NOT DELETED !!/b
c'est pas supprimé, on verra cela après

pourrai tu me refaire un RSIT
0

Discussions similaires

Problème avec "PUADIManager:Win32/OfferCore
Knaki -
bazfile -

3 réponses
win32:malware-gen bloqué par avast
ikkual -
Utilisateur anonyme -

69 réponses
Pb Windows 7, .EXE n'est pas app win32 valide
Witeric -
Lio -

15 réponses
Menaces HackTool:Win32
LeMax5993 -
lisa4777 -

4 réponses
PUADlManager:Win32/OfferCore
tenmalade -
tenmalade -

2 réponses