Sujet Précédent Sujet Suivant

Virus chinois

Fermé
yayabeille Messages postés 1 Date d'inscription jeudi 14 juillet 2016 Statut Membre Dernière intervention 14 juillet 2016 - Modifié par Malekal_morte- le 15/07/2016 à 00:09
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 15 juil. 2016 à 00:03
bonjour ,

J'ai plein de chinoiserie qui apparaisse dans des fenetre Explorer...

j'ai fait un adwcleaner et voici le rapport .. quelqu'un peut-il m'aider `????

MERCI!


# AdwCleaner v5.201 - Logfile created 14/07/2016 at 23:46:41
# Updated 30/06/2016 by ToolsLib
# Database : 2016-07-14.1 [Server]
# Operating system : Windows 7 Enterprise Service Pack 1 (X64)
# Username : mbr - MBR7240A
# Running from : C:\Users\mbr\Downloads\adwcleaner_5.201.exe
# Option : Clean
# Support : https://toolslib.net/forum


*
          • [ Services ] *****


[-] Service Deleted : zdengine
[-] Service Deleted : ProntSpooler
[-] Service Deleted : MaohaWifiNetPro
[-] Service Deleted : MaohaWifiSvr
[-] Service Deleted : dowidoly
[-] Service Deleted : wytipyfyzbt


*
          • [ Folders ] *****


[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Popcorn Time
[-] Folder Deleted : C:\Program Files (x86)\Hostify
[-] Folder Deleted : C:\Program Files (x86)\WeatherChickn
[-] Folder Deleted : C:\Program Files (x86)\Popcorn Time
[-] Folder Deleted : C:\Program Files (x86)\EasyHotspot
[-] Folder Deleted : C:\Program Files (x86)\badu
[-] Folder Deleted : C:\Program Files (x86)\ContentPush
[-] Folder Deleted : C:\Program Files (x86)\OtherSearch
[-] Folder Deleted : C:\Program Files (x86)\GreatMaker
[-] Folder Deleted : C:\Program Files (x86)\4C4C4544-1468527809-5A10-8037-B6C04F503332
[-] Folder Deleted : C:\Program Files (x86)\SunnyDay21
[-] Folder Deleted : C:\Program Files (x86)\win_en_77
[#] Folder Deleted : C:\Program Files (x86)\SunnyDay21
[#] Folder Deleted : C:\Program Files (x86)\win_en_77
[-] Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\zdengine
[-] Folder Deleted : C:\Users\mbr\AppData\Local\SunnyDay21
[-] Folder Deleted : C:\Users\mbr\AppData\Local\win_en_77
[-] Folder Deleted : C:\Users\mbr\AppData\Local\csdi_monetize_120160714
[#] Folder Deleted : C:\Users\mbr\AppData\Local\SunnyDay21
[#] Folder Deleted : C:\Users\mbr\AppData\Local\win_en_77
[-] Folder Deleted : C:\Users\mbr\AppData\Roaming\cacaoweb
[-] Folder Deleted : C:\Users\mbr\AppData\Roaming\UPUpdata
[-] Folder Deleted : C:\Users\mbr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YSPackage
[-] Folder Deleted : C:\Users\mbr\AppData\Roaming\Mozilla\Firefox\Profiles\oamtglze.default\extensions\cacaoweb@cacaoweb.org
[-] Folder Deleted : C:\Users\mbr\AppData\Roaming\Profiles\8fi7qcl2.default\YourGSearchFinder_br
[-] Folder Deleted : C:\Users\mbr\AppData\Roaming\Profiles\8fi7qcl2.default\extensions\cacaoweb@cacaoweb.org
[-] Folder Deleted : C:\Program Files\Caster
[-] Folder Deleted : C:\Users\mbr\AppData\Local\app


*
          • [ Files ] *****


[-] File Deleted : C:\END
[-] File Deleted : C:\Windows\SysWOW64\zdengineOff.ini
[-] File Deleted : C:\Windows\SysWOW64\zdengine.dll
[-] File Deleted : C:\Users\mbr\AppData\Local\Temp\zdengine.log
[-] File Deleted : C:\Users\mbr\AppData\Local\Temp\ziengine.ini.log
[-] File Deleted : C:\Users\mbr\AppData\Roaming\WebOptimum_.exe
[-] File Deleted : C:\Users\mbr\AppData\Roaming\RandomDelJiheReg.exe
[-] File Deleted : C:\Users\mbr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MaohaWiFi.lnk
[-] File Deleted : C:\Users\mbr\Desktop\AutoTime.lnk
[-] File Deleted : C:\Windows\SysNative\zdengineOff.ini
[-] File Deleted : C:\Windows\SysNative\zdengine64.dll
[-] File Deleted : C:\Windows\SysNative\drivers\ucguard.sys
[-] File Deleted : C:\Users\mbr\AppData\Local\Apps\2.0\abril.exe
[-] File Deleted : C:\Users\mbr\AppData\Local\Apps\2.0\abril.InstallLog
[-] File Deleted : C:\Users\mbr\AppData\Local\Apps\2.0\abril.InstallState


*
          • [ DLLs ] *****
          • [ WMI ] *****
          • [ Shortcuts ] *****
          • [ Scheduled tasks ] *****
          • [ Registry ] *****


[-] Key Deleted : HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zdengine
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\APPID\zdengine.EXE
[-] Key Deleted : HKCU\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Key Deleted : HKLM\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Key Deleted : HKLM\SOFTWARE\Clients\StartMenuInternet\UCBrowser
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\UCBrowser.exe
[-] Value Deleted : HKLM\SOFTWARE\RegisteredApplications [UCBrowser]
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\UCBrowser.exe
[-] Key Deleted : HKLM\SOFTWARE\5da059a482fd494db3f252126fbc3d5b
[-] Key Deleted : HKLM\SOFTWARE\Classes\UCHTML
[-] Key Deleted : HKLM\SOFTWARE\Classes\UCHTML.AssocFile.CRX
[-] Key Deleted : HKLM\SOFTWARE\Classes\UCHTML.AssocFile.HTM
[-] Key Deleted : HKLM\SOFTWARE\Classes\UCHTML.AssocFile.HTML
[-] Key Deleted : HKLM\SOFTWARE\Classes\UCHTML.AssocFile.MHT
[-] Key Deleted : HKLM\SOFTWARE\Classes\UCHTML.AssocFile.SHTM
[-] Key Deleted : HKLM\SOFTWARE\Classes\UCHTML.AssocFile.SHTML
[-] Key Deleted : HKLM\SOFTWARE\Classes\UCHTML.AssocFile.WEBP
[-] Key Deleted : HKLM\SOFTWARE\Classes\UCHTML.AssocFile.XHT
[-] Key Deleted : HKLM\SOFTWARE\Classes\UCHTML.AssocFile.XHTML
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\myimageconverter.dl.myway.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\myway.com
[-] Key Deleted : HKLM\SOFTWARE\Classes\zdengineLib.DataContainer
[-] Key Deleted : HKLM\SOFTWARE\Classes\zdengineLib.DataContainer.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\zdengineLib.DataController
[-] Key Deleted : HKLM\SOFTWARE\Classes\zdengineLib.DataController.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\zdengineLib.DataTable
[-] Key Deleted : HKLM\SOFTWARE\Classes\zdengineLib.DataTable.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\zdengineLib.DataTableFields
[-] Key Deleted : HKLM\SOFTWARE\Classes\zdengineLib.DataTableFields.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\zdengineLib.DataTableHolder
[-] Key Deleted : HKLM\SOFTWARE\Classes\zdengineLib.DataTableHolder.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\zdengineLib.LSPLogic
[-] Key Deleted : HKLM\SOFTWARE\Classes\zdengineLib.LSPLogic.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\zdengineLib.ReadOnlyManager
[-] Key Deleted : HKLM\SOFTWARE\Classes\zdengineLib.ReadOnlyManager.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\zdengineLib.WFPController
[-] Key Deleted : HKLM\SOFTWARE\Classes\zdengineLib.WFPController.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{25B1494D-230A-42CF-BBF6-EC73868D13DC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8FF10FED-2F0A-4F7F-BE87-B04F1DCD4319}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{176F706B-5175-479C-A3DF-32420F6FB01A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{38BE2BE8-EB8E-41D1-9D94-3B1697094D47}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{53C267B2-B01D-410F-A4DD-A32962EE55F4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8804A543-42D3-4D71-9685-B0243D5526F3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A0F322D5-6A13-4CAB-84CF-FABB5690618E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AC3E336C-B524-47F0-9AA2-5F67AA056086}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C68E9BB6-3DBD-4C4B-910B-C5D84A7EBB03}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F577A1BA-D82D-4BB2-8430-B767285D081D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FF03983-EAA6-4628-8E7C-387B2D4F8EF2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A71C84A-1CC4-4201-B037-C81CE118D66F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{432599E9-40CF-41E3-951A-E1E81B7B1D29}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7D215707-3E74-4E0E-A078-2C95E1CDE233}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9295785F-8C01-4ED3-9322-8BE5C17CA141}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B98E44C8-7BB7-4A4A-B8D2-60874CA109B2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C656BCEB-6B19-4992-9975-D53CEA283356}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D5AC4B9C-8EE4-48AD-A77E-1560AD886A0B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D6914FD3-FD8E-45AD-8993-901E7B2759FD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E0106905-0EDD-4F56-BDB5-890A1F6E8F47}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E26E880F-176C-4007-B2A7-B8F27621EC51}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E776B534-9402-4049-87C3-089EC0F54BAF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCFBBE24-2ADA-4D6E-A381-DEC6E3EAEE21}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{63492C58-6CD7-4FF7-8495-06A6869643EE}
[-] Key Deleted : HKCU\Software\cacaoweb
[-] Key Deleted : HKCU\Software\Microsoft\Tinstalls
[-] Key Deleted : HKCU\Software\Tutorials
[-] Key Deleted : HKCU\Software\TutoTag
[-] Key Deleted : HKCU\Software\MICROSOFT\OTUT
[-] Key Deleted : HKCU\Software\Wizzlabs
[-] Key Deleted : HKCU\Software\MICROSOFT\IDSC
[-] Key Deleted : HKCU\Software\INSTALLPATH\STATUS
[-] Key Deleted : HKCU\Software\UCBrowser
[-] Key Deleted : HKCU\Software\UCBrowserPID
[-] Key Deleted : HKCU\Software\AutoTime
[-] Key Deleted : HKCU\Software\Maoha
[-] Key Deleted : HKLM\SOFTWARE\SUNNYDAY
[-] Key Deleted : HKLM\SOFTWARE\Tutorials
[-] Key Deleted : HKLM\SOFTWARE\zdengine
[-] Key Deleted : HKLM\SOFTWARE\WIN
[-] Key Deleted : HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\{94ebd7b5-82ae-449t-b679-3d04078ed154}
[-] Key Deleted : HKLM\SOFTWARE\UCBrowser
[-] Key Deleted : HKLM\SOFTWARE\UCBrowserPID
[-] Key Deleted : HKLM\SOFTWARE\youndooSoftware
[-] Key Deleted : HKLM\SOFTWARE\OtherSearch
[-] Key Deleted : HKLM\SOFTWARE\Maoha
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E1527582-8509-4011-B922-29E3FB548882}_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Hostify_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ContentPush
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OtherSearch
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SunnyDay21_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\win_en_77_is1
[-] Key Deleted : [x64] HKLM\SOFTWARE\5da059a482fd494db3f252126fbc3d5b
[-] Key Deleted : [x64] HKLM\SOFTWARE\Wizzwifihotspot
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{d35e5e88-e5b8-447f-b6f4-66bc7aa638d1}
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [TCP Query User{D23F392C-20F9-487D-A8B5-5F36B892242E}C:\users\mbr\appdata\roaming\cacaoweb\cacaoweb.exe]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [UDP Query User{CC4C79AA-17F1-4A31-BD93-CE50E262B72D}C:\users\mbr\appdata\roaming\cacaoweb\cacaoweb.exe]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{78C70C79-0C0A-4903-BB4F-C82487D2F8D2}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{CD717F8D-F5F2-452B-8489-BB4EC7C94FB3}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{519651A8-DDFA-48A1-B7AE-2A99B218C8D0}]
[-] Data Restored : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{2ED5EA7B-8588-40E4-AB0F-83C0F853915A} [NameServer]
[-] Data Restored : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{D9458637-A7CD-4511-8A9E-DAF6266AD5E8} [NameServer]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\bestpriceninja.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\land.pckeeper.software
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\pckeeper.software
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\pstatic.bestpriceninja.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\staticimgfarm.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\yeabests.cc
[-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [apphide]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [apphide]
[#] Value Deleted : HKU\S-1-5-21-1033119075-2108966049-1557874966-2196\Software\Microsoft\Windows\CurrentVersion\Run [apphide]
[-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [cacaoweb]
[#] Value Deleted : HKU\S-1-5-21-1033119075-2108966049-1557874966-2196\Software\Microsoft\Windows\CurrentVersion\Run [cacaoweb]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce [usun.exe]
[-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [msiql]
[#] Value Deleted : HKU\S-1-5-21-1033119075-2108966049-1557874966-2196\Software\Microsoft\Windows\CurrentVersion\Run [msiql]
[-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Caster]
[#] Value Deleted : HKU\S-1-5-21-1033119075-2108966049-1557874966-2196\Software\Microsoft\Windows\CurrentVersion\Run [Caster]
[-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [QGuan10in1]
[#] Value Deleted : HKU\S-1-5-21-1033119075-2108966049-1557874966-2196\Software\Microsoft\Windows\CurrentVersion\Run [QGuan10in1]
[-] Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [IDSCCOMAQD]
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\ProntSpooler


*
          • [ Web browsers ] *****


[-] [C:\Users\mbr\AppData\Roaming\Profiles\8fi7qcl2.default\prefs.js] Deleted : user_pref("browser.newtab.url", "hxxp://www.youndoo.com/?z=b5a14c51e024ff93dc4f5afg0zeq7b1w4oam6qdoec&from=wak&uid=LITEONITXLMT-256L9M-11XMSATAX256GB_TW0N42H7550854BI0633&type=hp");
[-] [C:\Users\mbr\AppData\Roaming\Profiles\8fi7qcl2.default\prefs.js] Deleted : user_pref("browser.search.defaultenginename", "youndoo");
[-] [C:\Users\mbr\AppData\Roaming\Profiles\8fi7qcl2.default\prefs.js] Deleted : user_pref("browser.search.defaultenginename.US", "data:text/plain,browser.search.defaultenginename.US=youndoo");
[-] [C:\Users\mbr\AppData\Roaming\Profiles\8fi7qcl2.default\prefs.js] Deleted : user_pref("browser.search.searchengine.hp", "hxxp://www.youndoo.com/?z=b5a14c51e024ff93dc4f5afg0zeq7b1w4oam6qdoec&from=wak&uid=LITEONITXLMT-256L9M-11XMSATAX256GB_TW0N42H7550854BI0633&type=hp");
[-] [C:\Users\mbr\AppData\Roaming\Profiles\8fi7qcl2.default\prefs.js] Deleted : user_pref("browser.search.searchengine.sp", "hxxp://www.youndoo.com/search/?from=wak&q={searchTerms}&type=sp&uid=LITEONITXLMT-256L9M-11XMSATAX256GB_TW0N42H7550854BI0633&z=b5a14c51e024ff93dc4f5afg0zeq7[...]
[-] [C:\Users\mbr\AppData\Roaming\Profiles\8fi7qcl2.default\prefs.js] Deleted : user_pref("browser.search.searchengine.uid", "LITEONITXLMT-256L9M-11XMSATAX256GB_TW0N42H7550854BI0633");
[-] [C:\Users\mbr\AppData\Roaming\Profiles\8fi7qcl2.default\prefs.js] Deleted : user_pref("browser.search.searchengine.url", "hxxp://www.youndoo.com/search/?from=wak&q={searchTerms}&type=sp&uid=LITEONITXLMT-256L9M-11XMSATAX256GB_TW0N42H7550854BI0633&z=b5a14c51e024ff93dc4f5afg0zeq[...]
[-] [C:\Users\mbr\AppData\Roaming\Profiles\8fi7qcl2.default\prefs.js] Deleted : user_pref("browser.search.selectedEngine", "youndoo");
[-] [C:\Users\mbr\AppData\Roaming\Profiles\8fi7qcl2.default\prefs.js] Deleted : user_pref("browser.startup.homepage", "hxxp://www.youndoo.com/?z=b5a14c51e024ff93dc4f5afg0zeq7b1w4oam6qdoec&from=wak&uid=LITEONITXLMT-256L9M-11XMSATAX256GB_TW0N42H7550854BI0633&type=hp");
[-] [C:\Users\mbr\AppData\Roaming\Profiles\8fi7qcl2.default\prefs.js] Deleted : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
[-] [C:\Users\mbr\AppData\Roaming\Profiles\8fi7qcl2.default\prefs.js] Deleted : user_pref("extensions.toolbar.mindspark._brMembers_.BUTTON_STRUCTURE", "[{\"b\":224520315,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":224520316,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...]
[-] [C:\Users\mbr\AppData\Roaming\Profiles\8fi7qcl2.default\prefs.js] Deleted : user_pref("extensions.toolbar.mindspark._brMembers_.browser.version.last", "47.0");
[-] [C:\Users\mbr\AppData\Roaming\Profiles\8fi7qcl2.default\prefs.js] Deleted : user_pref("extensions.toolbar.mindspark._brMembers_.firstKnownVersion", "7.38.8.45986");
[-] [C:\Users\mbr\AppData\Roaming\Profiles\8fi7qcl2.default\prefs.js] Deleted : user_pref("extensions.toolbar.mindspark._brMembers_.homepage", "/index.jhtml?n=782acefe");
[-] [C:\Users\mbr\AppData\Roaming\Profiles\8fi7qcl2.default\prefs.js] Deleted : user_pref("extensions.toolbar.mindspark._brMembers_.hp.enabled", true);
[-] [C:\Users\mbr\AppData\Roaming\Profiles\8fi7qcl2.default\prefs.js] Deleted : user_pref("extensions.toolbar.mindspark._brMembers_.initialized", true);
[-] [C:\Users\mbr\AppData\Roaming\Profiles\8fi7qcl2.default\prefs.js] Deleted : user_pref("extensions.toolbar.mindspark._brMembers_.installation.installDate", "2016071422");
[-] [C:\Users\mbr\AppData\Roaming\Profiles\8fi7qcl2.default\prefs.js] Deleted : user_pref("extensions.toolbar.mindspark._brMembers_.installation.success", true);
[-] [C:\Users\mbr\AppData\Roaming\Profiles\8fi7qcl2.default\prefs.js] Deleted : user_pref("extensions.toolbar.mindspark._brMembers_.lastActivePing", "1468529117082");
[-] [C:\Users\mbr\AppData\Roaming\Profiles\8fi7qcl2.default\prefs.js] Deleted : user_pref("extensions.toolbar.mindspark._brMembers_.lastKnownVersion", "7.38.8.45986");
[-] [C:\Users\mbr\AppData\Roaming\Profiles\8fi7qcl2.default\prefs.js] Deleted : user_pref("extensions.toolbar.mindspark._brMembers_.lssState", "{\"previousLocales\":[\"en-US\",\"en\"],\"supportedLocales\":[\"de\",\"es\",\"pt\",\"ja\",\"en\"],\"defaultLocale\":\"en\",\"supportedLo[...]
[-] [C:\Users\mbr\AppData\Roaming\Profiles\8fi7qcl2.default\prefs.js] Deleted : user_pref("extensions.toolbar.mindspark._brMembers_.options.defaultSearch", false);
[-] [C:\Users\mbr\AppData\Roaming\Profiles\8fi7qcl2.default\prefs.js] Deleted : user_pref("extensions.toolbar.mindspark._brMembers_.options.homePageEnabled", false);
[-] [C:\Users\mbr\AppData\Roaming\Profiles\8fi7qcl2.default\prefs.js] Deleted : user_pref("extensions.toolbar.mindspark._brMembers_.options.keywordEnabled", true);
[-] [C:\Users\mbr\AppData\Roaming\Profiles\8fi7qcl2.default\prefs.js] Deleted : user_pref("extensions.toolbar.mindspark._brMembers_.options.tabEnabled", false);
[-] [C:\Users\mbr\AppData\Roaming\Profiles\8fi7qcl2.default\prefs.js] Deleted : user_pref("extensions.toolbar.mindspark._brMembers_.productDeliveryOption.language", "en");
[-] [C:\Users\mbr\AppData\Roaming\Profiles\8fi7qcl2.default\prefs.js] Deleted : user_pref("extensions.toolbar.mindspark._brMembers_.productDeliveryOption.type", "Toolbar");
[-] [C:\Users\mbr\AppData\Roaming\Profiles\8fi7qcl2.default\prefs.js] Deleted : user_pref("extensions.toolbar.mindspark._brMembers_.successUrl", "hxxp://www.youndoo.com/search/?&z=b5a14c51e024ff93dc4f5afg0zeq7b1w4oam6qdoec&from=wak&uid=LITEONITXLMT-256L9M-11XMSATAX256GB_TW0N42H75[...]
[-] [C:\Users\mbr\AppData\Roaming\Profiles\8fi7qcl2.default\prefs.js] Deleted : user_pref("extensions.toolbar.mindspark._brMembers_.toolbarCollapsed", false);
[-] [C:\Users\mbr\AppData\Roaming\Profiles\8fi7qcl2.default\prefs.js] Deleted : user_pref("extensions.toolbar.mindspark._brMembers_.uninstallTasks", "{\"prefBranchesToDelete\":[\"extensions.toolbar.mindspark._brMembers_.\"],\"filesToDelete\":[\"C:\\\\Users\\\\mbr\\\\AppData\\\\Ro[...]
[-] [C:\Users\mbr\AppData\Roaming\Profiles\8fi7qcl2.default\prefs.js] Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled", true);
[-] [C:\Users\mbr\AppData\Roaming\Profiles\8fi7qcl2.default\prefs.js] Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "yourGSearchfinder@GSearch.com");
[-] [C:\Users\mbr\AppData\Roaming\Profiles\8fi7qcl2.default\prefs.js] Deleted : user_pref("extensions.toolbar.mindspark.lastInstalled", "yourGSearchfinder@GSearch.com");
[-] [C:\Users\mbr\AppData\Roaming\Profiles\8fi7qcl2.default\prefs.js] Deleted : user_pref("keyword.URL", "hxxp://www.youndoo.com/search/?z=b5a14c51e024ff93dc4f5afg0zeq7b1w4oam6qdoec&from=wak&uid=LITEONITXLMT-256L9M-11XMSATAX256GB_TW0N42H7550854BI0633&type=sp&q=");


*


:: "Tracing" keys deleted
:: Winsock settings cleared


*


C:\AdwCleaner\AdwCleaner[C1].txt - [20544 bytes] - [14/07/2016 23:46:41]
C:\AdwCleaner\AdwCleaner[S1].txt - [20871 bytes] - [14/07/2016 23:43:49]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [20692 bytes] ##########

1 réponse

Réponse 1 / 1
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 628
15 juil. 2016 à 00:03
Salut,


Suis le tutoriel FRST. ( prends le temps de lire attentivement - tout y est bien expliqué ).

Télécharge et lance le scan FRST, 3 rapports FRST seront générés :
  • FRST.txt
  • Shortcut.txt
  • Additionnal.txt


Envoie ces 3 rapports sur le site http://pjjoint.malekal.com/ et en retour donne les 3 liens pjjoint qui mènent aux rapports ici dans une nouvelle réponse afin que l'on puisse les consulter.


0

Discussions similaires

Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
Réinitialisation d'un téléphone mobile chinois avec touche
Nadjitam -
Papounet17000 -

1 réponse
Problème authentification
Bass -
Wisko -

6 réponses
Facebook en chinois
lucienette81 -
tek-no-panz -

1 réponse
deblocage de telephone toute marque
farwi88 -
mpuissance4 -

1 réponse