Examination de Log Hijackthis (Résolu!) (1/2)

Connexion au forum informatique de Sur-la-Toile

La discussion « Examination de Log Hijackthis » se trouve dans le forum « Virus, troyens, etc... »

	Examination de Log Hijackthis
	» Liste des Forums » Virus, troyens, etc... » Discussion » Discussion disponible en mode résumé (4 messages)

431 messages dans la rubrique Humour, Délires, Jeux

215 messages dans la rubrique Dépannage Informatique

179 messages dans la rubrique Hors sujet

17 ans.

Le 23-09-2006 à 12:50 #

Salut à tous, je voudrais savoir si quelqu'un pouvait m'aider pour examiner mon log Hijackthis ...

Je vous en remercie d'avance.
Logfile of HijackThis v1.99.1
Scan saved at 12:45:13, on 23/09/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\WINDOWS\System32\devldr32.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Mozilla Firefox 2 Beta 2\firefox.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Documents and Settings\Yooplaboom2\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ChangerBHO Class - {1D4C7057-EAD2-44C6-AD18-9092905F28F1} - C:\WINDOWS\system32\catsrva.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: WeeklyExecuter Class - {590FFB84-6A29-4797-9C0E-B15DF2C4CDCB} - C:\WINDOWS\System32\tload.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Clicker Class - {A97B5EF1-CA64-466F-AC40-F770ED52DB92} - C:\WINDOWS\system32\mscoriezz.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {590FFB84-6A29-4797-9C0E-B15DF2C4CDCB} (WeeklyExecuter Class) - http://www.googlecaches.com/install/tload.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

[ Ce message a été modifié par : : Bluespirit93 le 23-09-2006 12:52 ]

2583 messages dans la rubrique Virus, troyens, etc...

249 messages dans la rubrique Dépannage Informatique

20 ans.

Le 23-09-2006 à 12:52 #

Bonjour.

Peux-tu poster sans BBCode merci

20 ans.

Le 23-09-2006 à 13:00 #

Merci.

I) Télécharge Ewido V4.

Lancer Ewido puis :

a) Le mettre à jour en cliquant update now.
b) Redémarrer en mode sans échec Si tu ne sais pas comment faire vas voir cette page
c) Dans l'onglet "Scanner", aller dans Settings puis sous "How to act" choisir Quarantine
d) Maitenant dans l'onglet "Scanner", choisir le "complete system scan".
e) A la fin du scan, cliquer seulement sur : "Apply all actions"
f) Ensuite, cliquer sur "Save Report " puis "Save report as", enregistrer le rapport dans les documents et redémarrer normalement.
g) Post le rapport ewido.

Si tu as des problèmes et avant de poser une question sur l'utilisation de ce logiciel, regarder ce tuto explicatif by Rub_Mic.

II) Renomme hijackThis en bonjour.exe puis post un nouveau rapport.

17 ans.

Le 23-09-2006 à 13:59 #

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 13:51:21 23/09/2006

+ Scan result:

C:\Documents and Settings\Yooplaboom2\Local Settings\Temporary Internet Files\Content.IE5\9D9EFBOF\trustinbar[1].exe -> Adware.Azesearch : Cleaned with backup (quarantined).
C:\WINDOWS\trustinbar.exe -> Adware.Azesearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Interface\{81CDDAE8-3B92-4F0D-86C1-8DD5DB6A8471} -> Adware.Generic : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\TypeLib\{EFA1EC0F-8359-41B7-A178-7DD6805A0C79} -> Adware.Generic : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\15on1.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\18eighteen.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\18inchesofpain.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\18teenlive.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\18yearsold.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\1freepornfinder.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\1stlesbianexperience.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\2.joyourself.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\2.livejasmin.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\2.liveprivates.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\21sexturycash.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\24inchesofpain.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\24ktgoldcasino.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\2bigtobetrue.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\2chicks1dick.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\2crazybitches.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\2hotboobs.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\30somethingmag.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\32redpoker.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\40inchplus.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\40somethingmag.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\43things.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\6buckanal.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\6buckasians.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\6buckcum.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\6buckebony.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\6buckhardcore.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\6bucklesbians.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\6buckmodels.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\6buckorgy.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\6buckteens.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\6buckvideos.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\888.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\89.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\8thstreetlatinas.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\Sharerent.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\absolutepoker.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\access.amberathome.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\access.bangingthebiway.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\access.cockasaurus.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\access.completeamateur.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\access.crissy-moran.net -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\access.dakotaraepatrick.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\access.flashergirls.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\access.hotindianbabe.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\access.jenakayricci.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\access.kelly-e.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\access.maliyah-madison.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\access.mandirosefanelli.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\access.poweredpussy.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\access.rachelaziani.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\access.rearendhim.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\access.shellydepalma.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\access.squirterz.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\access.suzannewinters.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\access.tawny-roberts.net -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\access.taylorgianni.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\access.tcbabes.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\access.twistedpass.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\accessfreeporn.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\addictinggames.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\admin.teenrevenue.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\adorablelegs.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\adpayout.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\adult-kingdom.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\adult-profit.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\adultalchemy.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\adultassociate.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\adultcams.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\adultdvdlist.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\adultflics.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\adultfriendfinder.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\adultmoviemax.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\adultmovienetwork.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\adultpaymaster.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\adultrealitypass.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\adultrental.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\adultswim.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\adultvideonetwork.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\adultwebmasterempire.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\adultxxxpornstars.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\adv.noblepoker.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\advnt03.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\adwareremovergold.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\affiliate.sapphiccash.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\agedladies.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\agnula.org -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\aiaa.seas.ucla.edu -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\allaccessadult.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\allamateurmovies.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\allasianpass.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\alldumb.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\allgangbang.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\allgayrealitypass.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\allhandjobpass.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\allinternal.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\allmales.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\allnetworkpass.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\allpornsitespass.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\allrealitypass.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\allrealityxxxpass.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\allsitesaccess.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\allstarporngirls.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\allstarstuds.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\allteens.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\alphahentai.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\alt.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\amateur-beaver.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\amateur.imlive.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\amateurbangers.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\amateurbignaturals.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\amateurblowout.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\amateurerotica.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\amateurgirls.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\amateurpie.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\amateursgonebad.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\amazingpass.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\amazon.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\amberathome.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\americandaydreams.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\amigos.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\anal-assult.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\analblowout.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\analcravings.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\analfuckthrills.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\analmaids.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\analmatureorgies.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\analog-pussy.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\analsexlessons.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\analsexvirgin.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\analurges.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\analvalley.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\analwishes.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\angel2slut.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\animeecstasy.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\animenation.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\anitaagni.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\archive.salon.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\archives.cnn.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\argentinalove.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\asiafriendfinder.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\asian.imlive.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\asianallure.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\asianblowout.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\asiancream.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\asianerotics.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\asianfetish.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\asiankitty.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\asiannudes.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\asianparade.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\asiansexdates.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\asiansexqueens.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\asiansexthrills.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\aspinalls.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\assgrinders.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\asshookers.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\assmasterpiece.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\assparade.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\assplundering.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\asspoundinghunks.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\assthenmouth.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\asstraffic.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\atomfilms.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\attractwomennow.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\auntjudys.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\autumn-jade.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\avert.org -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\babygotboobs.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\babylon-x.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\babyonboard.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\backdoormoms.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\backseatbangers.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\badblackbabes.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\badboys.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\badlesbiangirls.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\baitbus.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\ballhoneys.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bangamidget.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bangboat.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bangbrosnetwork.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bangbrosonline.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bangbrosworldwide.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bangedbyagang.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bangindahood.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bangingmachines.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bangingthebiway.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bangkokbangers.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bangmatch.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bangmyhotwife.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\banner.24ktgoldcasino.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\banner.aspinallsonlinecasino.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\banner.flamingoclub.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\banner.goldenpalace.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\banner.goldenpalacebingo.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\banner.grandonline.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\banner.onlinecasino.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\barebackbottoms.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\barebackway.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\barefootbadgirls.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\barefootfuckers.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\barefootmaniacs.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bbw.imlive.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bbwsexdates.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bbwsexvideos.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bdsmsexdates.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\beijingbeavers.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bestgamblecasino.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bestmovies.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\betonlesbiansex.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bettersexmall.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bi-sex.straponfuckers.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bian.in -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bicuriosity.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\big-titts.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bigassadventure.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bigbettybangin.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bigblackpimp.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bigboobpass.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bigboobs.hu -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bigboobsalert.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bigbreastssex.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bigbushbeavers.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bigchurch.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bigcockbangers.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bigcockblowout.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bigcocks.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bigcocksex.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bigcocksporn.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bigcockteenaddiction.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bigdickgirls.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bigdicksandsmallchicks.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bigfatporn.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bigfishgames.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bigfuckingorgy.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bigleaguefacials.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bigmouthfuls.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bignaturals.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bigolderwomen.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bigsausagepizza.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bigtitbimbos.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bigtitblowout.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bigtitbuffet.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bigtitchaz.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bigtitfilms.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bigtitinvasion.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bigtitpatrol.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bigtitqueens.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bigtitscastle.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bigtitsfans.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bigtitsmatures.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bigtitsroundasses.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bigtitssexmovies.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bikinibikini.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bikinihookups.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bioinfo.mbi.ucla.edu -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bisexplanet.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bisexualbangers.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bisexualshardcore.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bitchinmovies.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bj21.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bjmath.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bjsandwich.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bjstats.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\black.imlive.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\blackandstacked.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\blackcockswhitesluts.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\blackdickswhitechicks.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\blackdonginhongkong.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\blackjack-primer.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\blackjack.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\blackjackballroom.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\blackjackinfo.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\blackmachines.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\blackseducer.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\blacksexdates.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\blacksinbecky.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\blackwithlatin.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\blinddatebangers.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\blog.wired.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bloghof.net -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\blogs.citypages.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\blogthings.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\blondegroupies.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\blondesofporn.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\blowjobsbabes.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bodog.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bombaybang.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bondageblowout.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bonemywife.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\boobcamp2000.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\boobcruise.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\boobexamscam.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\boobiebondage.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\boobs.imlive.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\boobs.pl -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\boobsahoy.comicgenesis.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\boobstation.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bootyliciousmag.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\boundandbanged.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\boyknights.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\boysandmom.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\boyscollection.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\boysfirsttime.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\boysfistmoms.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\boysthatgag.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\boystrymoms.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\boyswedding.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\brandibelle.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bravotv.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\brazilbootybangers.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\brilliantxxxmovies.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\broadbandxxxmovies.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\brokeblackbitches.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\brothersincash.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\brothersoft.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\brownsugarsluts.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\brunettedolls.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\brunob.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\brutalanalsex.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\brutalblowjobs.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\brutaldildos.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bubblebuttbonanza.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bubblebuttsgalore.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bubblegumdreams.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bunnypoker.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\burritobitches.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bushhunter.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\busstopwhores.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bustanutonaslut.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bustyadventures.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bustyandreal.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bustyangelique.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bustydustystash.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bustyinescudna.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bustykellykay.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bustykerrymarie.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\bustymerilyn.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\buttbangboys.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\buttfuckbonanza.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\buttmagic.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\buttnakedinthestreets.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\buymaxoderm.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\buyvprx.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\c.fsx.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\cafepress.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\camboyslive.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\camcrush.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\cams.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\candifromtheblock.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\candyblackass.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\captainstabbin.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\cardplayer.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\cardschat.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\cardsgate-cs.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\cartoon69.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\cartooncooters.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\cartooncopulations.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\cashmaniacs.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\casino.rengocasino.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\castingcouchteens.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\casualsexgroup.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\celeb-king.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\cheat-at-poker.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\cheatatpokeronline.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\cheerchix.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\cheerleaderauditions.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\cherrybrady.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\chicksonvids.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\chloesworld.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\christianlesbians.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\chubby.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\chunkyangels.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\cig-arette.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\click.payserve.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\click.silvercash.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\clickcashmoney.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\clitlickinlesbians.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\cloutsisters.org -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\club21.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\clubanita.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\clubcharlie.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\clubsandy.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\clubstrawberry.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\clubyoung.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\cockasaurus.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\cocklovingmoms.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\cocksusa.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\cockybastard.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\coedblowout.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\coedchicks.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\coedsneedcash.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\colage.org -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\collegebadgirls.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\collegefucktour.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\collegepartytime.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\collegepussy.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\collegesexdates.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\collegespringbreak.girlsgonewild.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\collegeteencreamers.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\collegeteensbookbang.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\collegewildparties.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\colossalcumshots.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\colossaltits.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\combosignup.21sexturycash.com -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-842925246-2077806209-1801674531-1004\Software\TrustIn\URL Changer\comme

17 ans.

Le 23-09-2006 à 14:01 #

Log de Hijackthis apres l'avoir renommé en bonjour.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Mozilla Firefox 2 Beta 2\firefox.exe
C:\Documents and Settings\Yooplaboom2\Bureau\bonjour.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ChangerBHO Class - {1D4C7057-EAD2-44C6-AD18-9092905F28F1} - C:\WINDOWS\system32\catsrva.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Clicker Class - {A97B5EF1-CA64-466F-AC40-F770ED52DB92} - C:\WINDOWS\system32\mscoriezz.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

20 ans.

Le 23-09-2006 à 14:05 #

Bonjour.

I) Va sur Cette page et clic sur sur le lien "Download the trial" à droite.

a) Lance l'installation et donne ton e mail.

b) Clique sur Check for Updates puis sur install pour terminer l'installation.

c) Si demandé, redémarre ton ordinateur.

d) Lance Spy sweeper puis va dans l'onglet Options puis dans Update. Clique alors sur Update Spy Sweeper.

e) Va maintenant dans l'onglet Sweep (toujours dans Oprtions ) puis coche ( à droite ) :

* Windows Registry
* Memory objects
* Cookies
* Compressed Files
* System Restore Folder
* Sweep alla user accounts
* Enable Direct Disk Sweeping
* Sweep for rootkits

d) Dans l'onglet Sweep cette fois dans le menu de gauche, clique sur Start Sweep

f) A la fin du scan, clique sur Continue

g) Coche tous puis clique sur Quarantine Selected

h) Clique sur View Session Log, puis save to File. Enregistre le rapprot dans tes document puis post le

II) Post un nouveau bonjour.exe en collant bien tout le rapport

17 ans.

Le 23-09-2006 à 19:52 #

Voilà le log Spy Sweeper :

19:51: Removal process completed. Elapsed time 00:00:11
19:51: Warning: Failed to delete profile shadow file "C:\WINDOWS\Temp\SSTDD.tmp". Reason: Le fichier spécifié est introuvable
19:51: Warning: Failed to delete profile shadow file ".log". Reason: Le fichier spécifié est introuvable
19:51: Quarantining All Traces: xiti cookie
19:51: Quarantining All Traces: weborama cookie
19:51: Quarantining All Traces: mediaplex cookie
19:51: Quarantining All Traces: webtrends cookie
19:51: Quarantining All Traces: atlas dmt cookie
19:51: Quarantining All Traces: trustin bar
19:51: Quarantining All Traces: trustin url changer
19:51: Quarantining All Traces: trojan-downloader-small
19:51: Quarantining All Traces: henbang
19:50: Removal process initiated
19:49: The Spy Communication shield has blocked access to: SOFT.TRUSTINCASH.COM
19:49: The Spy Communication shield has blocked access to: SOFT.TRUSTINCASH.COM
19:46: Traces Found: 17
19:46: Full Sweep has completed. Elapsed time 02:10:28
19:45: File Sweep Complete, Elapsed Time: 02:07:49
19:30: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
19:30: Warning: Stream read error
19:30: Warning: Stream read error
19:30: Warning: Stream read error
19:30: Warning: Stream read error
19:30: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
19:30: Warning: Stream read error
19:30: Warning: Stream read error
19:30: Warning: Stream read error
19:30: Warning: Stream read error
19:30: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
19:30: Warning: Stream read error
19:30: Warning: Stream read error
19:30: Warning: Stream read error
19:30: Warning: Stream read error
19:29: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
19:29: Warning: Stream read error
19:29: Warning: Stream read error
19:29: Warning: Stream read error
19:29: Warning: Stream read error
19:29: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
19:29: Warning: Stream read error
19:29: Warning: Stream read error
19:29: Warning: Stream read error
19:29: Warning: Stream read error
19:29: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
19:29: Warning: Stream read error
19:29: Warning: Stream read error
19:29: Warning: Stream read error
19:29: Warning: Stream read error
19:29: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
19:29: Warning: Stream read error
19:29: Warning: Stream read error
19:29: Warning: Stream read error
19:29: Warning: Stream read error
19:29: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
19:29: Warning: Stream read error
19:29: Warning: Stream read error
19:29: Warning: Stream read error
19:28: Warning: Stream read error
19:28: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
19:28: Warning: Stream read error
19:28: Warning: Stream read error
19:28: Warning: Stream read error
19:28: Warning: Stream read error
19:28: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
19:28: Warning: Stream read error
19:28: Warning: Stream read error
19:28: Warning: Stream read error
19:28: Warning: Stream read error
19:28: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
19:28: Warning: Stream read error
19:28: Warning: Stream read error
19:28: Warning: Stream read error
19:28: Warning: Stream read error
19:28: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
19:28: Warning: Stream read error
19:28: Warning: Stream read error
19:28: Warning: Stream read error
19:28: Warning: Stream read error
19:28: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
19:28: Warning: Stream read error
19:28: Warning: Stream read error
19:28: Warning: Stream read error
19:28: Warning: Stream read error
19:27: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
19:27: Warning: Stream read error
19:27: Warning: Stream read error
19:27: Warning: Stream read error
19:27: Warning: Stream read error
19:25: Warning: Stream read error
19:19: Warning: Stream read error
19:19: Warning: Stream read error
19:18: Warning: Failed to access drive F:
19:18: Warning: Failed to access drive E:
19:13: Warning: Failed to open file "c:\documents and settings\yooplaboom2\local settings\temporary internet files\content.ie5\pnzj8ejx\adsadclient31[2].htm". Opération réussie
19:13: Warning: Failed to open file "c:\documents and settings\yooplaboom2\local settings\temporary internet files\content.ie5\9d9efbof\sha1auth[1].htm". Opération réussie
19:13: Warning: Failed to open file "c:\documents and settings\yooplaboom2\local settings\temporary internet files\content.ie5\8p2j8dev\adsadclient31[2].htm". Opération réussie
19:13: Warning: Failed to open file "c:\documents and settings\yooplaboom2\local settings\temporary internet files\content.ie5\8p2j8dev\show_ads[1].htm". Opération réussie
19:13: Warning: Failed to open file "c:\documents and settings\yooplaboom2\local settings\temp\~dfa803.tmp". Opération réussie
19:13: Warning: Failed to open file "c:\documents and settings\yooplaboom2\local settings\temporary internet files\content.ie5\7r5rfery\urchin[1].htm". Opération réussie
19:13: Warning: Failed to open file "c:\documents and settings\yooplaboom2\local settings\temporary internet files\content.ie5\7r5rfery\om_acct_nm[1].txt". Opération réussie
19:13: Warning: Failed to open file "c:\documents and settings\yooplaboom2\local settings\temporary internet files\content.ie5\9d9efbof\dw_customize[1].xml". Opération réussie
19:13: Warning: Failed to open file "c:\documents and settings\yooplaboom2\local settings\temp\~df1f38.tmp". Opération réussie
19:13: Warning: Failed to open file "c:\windows\temp\_avast4_\webshlock.txt". Opération réussie
19:13: Warning: Failed to open file "c:\documents and settings\yooplaboom2\local settings\application data\microsoft\messenger\yooplaboom93@hotmail.fr\sharingmetadata\pending.dat". Opération réussie
18:52: The Spy Communication shield has blocked access to: SOFT.TRUSTINCASH.COM
18:52: The Spy Communication shield has blocked access to: SOFT.TRUSTINCASH.COM
18:44: The Spy Communication shield has blocked access to: SOFT.TRUSTINCASH.COM
18:44: The Spy Communication shield has blocked access to: SOFT.TRUSTINCASH.COM
18:34: C:\System Volume Information\_restore{c47d7f92-7e17-4db7-b7e4-1abc8454a2d3}\RP22\A0008911.exe (ID = 351008)
18:27: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
18:27: Warning: Stream read error
18:27: Warning: Stream read error
18:27: Warning: Stream read error
18:27: Warning: Stream read error
18:27: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
18:27: Warning: Stream read error
18:27: Warning: Stream read error
18:27: Warning: Stream read error
18:27: Warning: Stream read error
18:27: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
18:27: Warning: Stream read error
18:27: Warning: Stream read error
18:27: Warning: Stream read error
18:27: Warning: Stream read error
18:27: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
18:27: Warning: Stream read error
18:27: Warning: Stream read error
18:27: Warning: Stream read error
18:26: Warning: Stream read error
18:26: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
18:26: Warning: Stream read error
18:26: Warning: Stream read error
18:26: Warning: Stream read error
18:26: Warning: Stream read error
18:26: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
18:26: Warning: Stream read error
18:26: Warning: Stream read error
18:26: Warning: Stream read error
18:26: Warning: Stream read error
18:26: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
18:26: Warning: Stream read error
18:26: Warning: Stream read error
18:26: Warning: Stream read error
18:26: Warning: Stream read error
18:26: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
18:26: Warning: Stream read error
18:26: Warning: Stream read error
18:26: Warning: Stream read error
18:26: Warning: Stream read error
18:26: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
18:26: Warning: Stream read error
18:26: Warning: Stream read error
18:26: Warning: Stream read error
18:25: Warning: Stream read error
18:25: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
18:25: Warning: Stream read error
18:25: Warning: Stream read error
18:25: Warning: Stream read error
18:25: Warning: Stream read error
18:25: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
18:25: Warning: Stream read error
18:25: Warning: Stream read error
18:25: Warning: Stream read error
18:25: Warning: Stream read error
18:25: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
18:25: Warning: Stream read error
18:25: Warning: Stream read error
18:25: Warning: Stream read error
18:25: Warning: Stream read error
18:25: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
18:25: Warning: Stream read error
18:25: Warning: Stream read error
18:25: Warning: Stream read error
18:25: Warning: Stream read error
18:25: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
18:25: Warning: Stream read error
18:25: Warning: Stream read error
18:24: Warning: Stream read error
18:24: Warning: Stream read error
18:02: C:\System Volume Information\_restore{c47d7f92-7e17-4db7-b7e4-1abc8454a2d3}\RP18\A0004729.exe (ID = 351008)
17:58: C:\System Volume Information\_restore{c47d7f92-7e17-4db7-b7e4-1abc8454a2d3}\RP22\A0008913.dll (ID = 351078)
17:48: C:\System Volume Information\_restore{c47d7f92-7e17-4db7-b7e4-1abc8454a2d3}\RP22\A0008910.exe (ID = 351008)
17:48: Found Trojan Horse: trojan-downloader-small
17:39: C:\System Volume Information\_restore{c47d7f92-7e17-4db7-b7e4-1abc8454a2d3}\RP22\A0008914.dll (ID = 351078)
17:39: Warning: TWinStartupScanner.Initialize(): could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
17:39: Warning: Stream read error
17:39: Warning: Stream read error
17:39: Warning: Stream read error
17:39: Warning: Stream read error
17:39: C:\System Volume Information\_restore{c47d7f92-7e17-4db7-b7e4-1abc8454a2d3}\RP22\A0008915.dll (ID = 351078)
17:39: Found Adware: henbang
17:38: Starting File Sweep
17:38: Warning: Failed to access drive A:
17:38: Cookie Sweep Complete, Elapsed Time: 00:00:00
17:38: c:\documents and settings\yooplaboom2\cookies\yooplaboom2@xiti[1].txt (ID = 3717)
17:38: Found Spy Cookie: xiti cookie
17:38: c:\documents and settings\yooplaboom2\cookies\yooplaboom2@weborama[2].txt (ID = 3658)
17:38: Found Spy Cookie: weborama cookie
17:38: c:\documents and settings\yooplaboom2\cookies\yooplaboom2@mediaplex[1].txt (ID = 6442)
17:38: Found Spy Cookie: mediaplex cookie
17:38: c:\documents and settings\yooplaboom2\cookies\yooplaboom2@m.webtrends[2].txt (ID = 3669)
17:38: Found Spy Cookie: webtrends cookie
17:38: c:\documents and settings\yooplaboom2\cookies\yooplaboom2@atdmt[2].txt (ID = 2253)
17:38: Found Spy Cookie: atlas dmt cookie
17:38: Starting Cookie Sweep
17:38: Warning: TIdentifyCookieObj.GetCookiePaths(): Unable to map user: S-1-5-21-842925246-2077806209-1801674531-1003.bak
17:38: Warning: Stream read error
17:38: Warning: Stream read error
17:38: Warning: Stream read error
17:38: Warning: Stream read error
17:38: Warning: Stream read error
17:37: Warning: Stream read error
17:37: Registry Sweep Complete, Elapsed Time:00:00:34
17:37: HKU\WRSS_Profile_S-1-5-21-842925246-2077806209-1801674531-1003\software\trustin\url changer\ (ID = 1544805)
17:37: Warning: TIdentifyRegistryObj.Identify: Unable to map user: S-1-5-21-842925246-2077806209-1801674531-1003.bak
17:37: Warning: Stream read error
17:37: Warning: Stream read error
17:37: Warning: Stream read error
17:37: Warning: Stream read error
17:37: HKLM\software\classes\inetloader.weeklyexecuter.1\ (ID = 1551611)
17:37: HKLM\software\classes\inetloader.weeklyexecuter\ (ID = 1551605)
17:37: HKLM\software\classes\changerbho.changerbho\ (ID = 1551547)
17:37: HKCR\inetloader.weeklyexecuter\ (ID = 1544612)
17:37: Found Adware: trustin bar
17:37: HKCR\changerbho.changerbho\ (ID = 1544554)
17:37: Found Adware: trustin url changer
17:37: Starting Registry Sweep
17:37: Memory Sweep Complete, Elapsed Time: 00:01:25
17:35: Starting Memory Sweep
17:35: Warning: TIdentify2700Obj.Identify: Unable to map user: S-1-5-21-842925246-2077806209-1801674531-1003.bak
17:35: Warning: Stream read error
17:35: Warning: Stream read error
17:35: Warning: Stream read error
17:35: Warning: Stream read error
17:35: Sweep initiated using definitions version 767
17:35: Spy Sweeper 5.0.5.1286 started
17:35: | Start of Session, samedi 23 septembre 2006 |
********
17:35: | End of Session, samedi 23 septembre 2006 |
17:28: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
17:28: Warning: Stream read error
17:28: Warning: Stream read error
17:28: Warning: Stream read error
17:28: Warning: Stream read error
17:28: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
17:28: Warning: Stream read error
17:28: Warning: Stream read error
17:28: Warning: Stream read error
17:28: Warning: Stream read error
17:27: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
17:27: Warning: Stream read error
17:27: Warning: Stream read error
17:27: Warning: Stream read error
17:27: Warning: Stream read error
17:27: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
17:27: Warning: Stream read error
17:27: Warning: Stream read error
17:27: Warning: Stream read error
17:27: Warning: Stream read error
17:27: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
17:27: Warning: Stream read error
17:27: Warning: Stream read error
17:27: Warning: Stream read error
17:27: Warning: Stream read error
17:27: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
17:27: Warning: Stream read error
17:27: Warning: Stream read error
17:27: Warning: Stream read error
17:27: Warning: Stream read error
17:27: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
17:27: Warning: Stream read error
17:27: Warning: Stream read error
17:27: Warning: Stream read error
17:26: Warning: Stream read error
17:26: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
17:26: Warning: Stream read error
17:26: Warning: Stream read error
17:26: Warning: Stream read error
17:26: Warning: Stream read error
17:26: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
17:26: Warning: Stream read error
17:26: Warning: Stream read error
17:26: Warning: Stream read error
17:26: Warning: Stream read error
17:26: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
17:26: Warning: Stream read error
17:26: Warning: Stream read error
17:26: Warning: Stream read error
17:26: Warning: Stream read error
17:26: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
17:26: Warning: Stream read error
17:26: Warning: Stream read error
17:26: Warning: Stream read error
17:26: Warning: Stream read error
17:26: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
17:26: Warning: Stream read error
17:26: Warning: Stream read error
17:26: Warning: Stream read error
17:25: Warning: Stream read error
17:25: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
17:25: Warning: Stream read error
17:25: Warning: Stream read error
17:25: Warning: Stream read error
17:25: Warning: Stream read error
Keylogger Shield: On
BHO Shield: On
IE Security Shield: On
Alternate Data Stream (ADS) Execution Shield: On
Startup Shield: On
17:25: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
17:25: Warning: Stream read error
Common Ad Sites Shield: Off
Hosts File Shield: On
Spy Communication Shield: On
17:25: Warning: Stream read error
ActiveX Shield: On
17:25: Warning: Stream read error
Windows Messenger Service Shield: On
IE Favorites Shield: On
Spy Installation Shield: On
17:25: Warning: Stream read error
Memory Shield: On
IE Hijack Shield: On
IE Tracking Cookies Shield: Off
17:25: Shield States
17:25: Spyware Definitions: 767
17:24: Spy Sweeper 5.0.5.1286 started
14:26: | End of Session, samedi 23 septembre 2006 |
14:25: Your spyware definitions have been updated.
Operation: File Access
Target:
Source: C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
14:24: Tamper Detection
14:20: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
14:20: Warning: Stream read error
14:20: Warning: Stream read error
14:20: Warning: Stream read error
14:19: Warning: Stream read error
14:19: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
14:19: Warning: Stream read error
14:19: Warning: Stream read error
14:19: Warning: Stream read error
14:19: Warning: Stream read error
14:19: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
14:19: Warning: Stream read error
14:19: Warning: Stream read error
14:19: Warning: Stream read error
14:19: Warning: Stream read error
14:19: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
14:19: Warning: Stream read error
14:19: Warning: Stream read error
14:19: Warning: Stream read error
14:19: Warning: Stream read error
14:19: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
14:19: Warning: Stream read error
14:19: Warning: Stream read error
14:19: Warning: Stream read error
14:19: Warning: Stream read error
14:18: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
14:18: Warning: Stream read error
14:18: Warning: Stream read error
14:18: Warning: Stream read error
14:18: Warning: Stream read error
14:18: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
14:18: Warning: Stream read error
14:18: Warning: Stream read error
14:18: Warning: Stream read error
14:18: Warning: Stream read error
14:18: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
14:18: Warning: Stream read error
14:18: Warning: Stream read error
14:18: Warning: Stream read error
14:18: Warning: Stream read error
14:18: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
14:18: Warning: Stream read error
14:18: Warning: Stream read error
14:18: Warning: Stream read error
14:18: Warning: Stream read error
14:17: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
14:17: Warning: Stream read error
14:17: Warning: Stream read error
14:17: Warning: Stream read error
14:17: Warning: Stream read error
14:17: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
14:17: Warning: Stream read error
14:17: Warning: Stream read error
14:17: Warning: Stream read error
14:17: Warning: Stream read error
14:17: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
14:17: Warning: Stream read error
14:17: Warning: Stream read error
14:17: Warning: Stream read error
14:17: Warning: Stream read error
14:17: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
14:17: Warning: Stream read error
Keylogger Shield: On
BHO Shield: On
IE Security Shield: On
14:17: Warning: Stream read error
Alternate Data Stream (ADS) Execution Shield: On
Startup Shield: On
14:17: Warning: Stream read error
14:16: Warning: Stream read error
Common Ad Sites Shield: Off
Hosts File Shield: On
14:16: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
14:16: Warning: Stream read error
Spy Communication Shield: On
14:16: Messenger service has been disabled.
14:16: Warning: Stream read error
ActiveX Shield: On
Windows Messenger Service Shield: On
IE Favorites Shield: On
Spy Installation Shield: On
14:16: Warning: Stream read error
14:16: Warning: Stream read error
Memory Shield: On
IE Hijack Shield: On
IE Tracking Cookies Shield: Off
14:16: Shield States
14:16: Spyware Definitions: 691
14:16: Spy Sweeper 5.0.5.1286 started
14:16: Spy Sweeper 5.0.5.1286 started
14:16: | Start of Session, samedi 23 septembre 2006 |
********
16:28: Warning: Stream read error
16:27: Warning: Stream read error
16:26: Warning: Failed to access drive F:
16:26: Warning: Failed to access drive E:
16:21: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
16:21: Warning: Stream read error
16:21: Warning: Stream read error
16:21: Warning: Stream read error
16:21: Warning: Stream read error
16:21: Warning: Failed to open file "c:\documents and settings\yooplaboom2\application data\mozilla\firefox\profiles\hhrdom89.default\parent.lock". Opération réussie
16:21: Warning: Failed to open file "c:\documents and settings\yooplaboom2\local settings\temp\~dfdd8d.tmp". Opération réussie
16:21: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
16:21: Warning: Stream read error
16:21: Warning: Failed to open file "c:\documents and settings\yooplaboom2\local settings\temporary internet files\content.ie5\9d9efbof\adsadclient31[1].htm". Opération réussie
16:21: Warning: Failed to open file "c:\documents and settings\yooplaboom2\local settings\temporary internet files\content.ie5\pnzj8ejx\sha1auth[1].htm". Opération réussie
16:21: Warning: Failed to open file "c:\documents and settings\yooplaboom2\cookies\yooplaboom2@www.sur-la-toile[2].txt". Opération réussie
16:21: Warning: Stream read error
16:21: Warning: Stream read error
16:21: Warning: Stream read error
16:21: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
16:21: Warning: Stream read error
16:21: Warning: Failed to open file "c:\documents and settings\yooplaboom2\local settings\temporary internet files\content.ie5\7r5rfery\adsadclient31[1].htm". Opération réussie
16:21: Warning: Stream read error
16:21: Warning: Stream read error
16:21: Warning: Stream read error
16:20: Warning: Failed to open file "c:\documents and settings\yooplaboom2\application data\microsoft\msn messenger\827187985\mapfile\tfrbf.dat". Opération réussie
16:20: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
16:20: Warning: Stream read error
16:20: Warning: Stream read error
16:20: Warning: Failed to open file "c:\documents and settings\yooplaboom2\application data\openoffice.org2\.lock". Opération réussie
16:20: Warning: Stream read error
16:20: Warning: Stream read error
16:20: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
16:20: Warning: Stream read error
16:20: Warning: Failed to open file "c:\windows\temp\_avast4_\unp164767785.tmp". Opération réussie
16:20: Warning: Failed to open file "c:\windows\temp\_avast4_\webshlock.txt". Opération réussie
16:20: Warning: Failed to open file "c:\documents and settings\yooplaboom2\local settings\temp\~df2206.tmp". Opération réussie
16:20: Warning: Failed to open file "c:\documents and settings\yooplaboom2\local settings\temporary internet files\content.ie5\pnzj8ejx\pl[1].htm". Opération réussie
16:20: Warning: Stream read error
16:20: Warning: Stream read error
16:20: Warning: Stream read error
16:20: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
16:20: Warning: Failed to open file "c:\documents and settings\yooplaboom2\local settings\application data\microsoft\messenger\yooplaboom93@hotmail.fr\sharingmetadata\pending.dat". Opération réussie
16:20: Warning: Stream read error
16:20: Warning: Stream read error
16:20: Warning: Stream read error
16:20: Warning: Stream read error
16:20: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
16:20: Warning: Stream read error
16:20: Warning: Stream read error
16:20: Warning: Stream read error
16:20: Warning: Stream read error
16:20: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
16:20: Warning: Stream read error
16:20: Warning: Stream read error
16:20: Warning: Stream read error
16:20: Warning: Stream read error
16:19: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
16:19: Warning: Stream read error
16:19: Warning: Stream read error
16:19: Warning: Stream read error
16:19: Warning: Stream read error
16:19: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
16:19: Warning: Stream read error
16:19: Warning: Stream read error
16:19: Warning: Stream read error
16:19: Warning: Stream read error
16:19: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
16:19: Warning: Stream read error
16:19: Warning: Stream read error
16:19: Warning: Stream read error
16:19: Warning: Stream read error
16:19: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
16:19: Warning: Stream read error
16:19: Warning: Stream read error
16:19: Warning: Stream read error
16:19: Warning: Stream read error
16:19: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
16:19: Warning: Stream read error
16:19: Warning: Stream read error
16:19: Warning: Stream read error
16:19: Warning: Stream read error
16:19: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
16:19: Warning: Stream read error
16:18: Warning: Stream read error
16:18: Warning: Stream read error
16:18: Warning: Stream read error
15:54: Spy Installation Shield: found: Adware: henbang, version 1.0.0.0
15:36: C:\System Volume Information\_restore{c47d7f92-7e17-4db7-b7e4-1abc8454a2d3}\RP22\A0008911.exe (ID = 351008)
15:18: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
15:18: Warning: Stream read error
15:18: Warning: Stream read error
15:18: Warning: Stream read error
15:18: Warning: Stream read error
15:18: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
15:18: Warning: Stream read error
15:18: Warning: Stream read error
15:18: Warning: Stream read error
15:18: Warning: Stream read error
15:18: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
15:18: Warning: Stream read error
15:18: Warning: Stream read error
15:18: Warning: Stream read error
15:18: Warning: Stream read error
15:18: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
15:18: Warning: Stream read error
15:18: Warning: Stream read error
15:18: Warning: Stream read error
15:18: Warning: Stream read error
15:17: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
15:17: Warning: Stream read error
15:17: Warning: Stream read error
15:17: Warning: Stream read error
15:17: Warning: Stream read error
15:17: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
15:17: Warning: Stream read error
15:17: Warning: Stream read error
15:17: Warning: Stream read error
15:17: Warning: Stream read error
15:17: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
15:17: Warning: Stream read error
15:17: Warning: Stream read error
15:17: Warning: Stream read error
15:17: Warning: Stream read error
15:17: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
15:17: Warning: Stream read error
15:17: Warning: Stream read error
15:17: Warning: Stream read error
15:17: Warning: Stream read error
15:17: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
15:17: Warning: Stream read error
15:17: Warning: Stream read error
15:17: Warning: Stream read error
15:17: Warning: Stream read error
15:16: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
15:16: Warning: Stream read error
15:16: Warning: Stream read error
15:16: Warning: Stream read error
15:16: Warning: Stream read error
15:16: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
15:16: Warning: Stream read error
15:16: Warning: Stream read error
15:16: Warning: Stream read error
15:16: Warning: Stream read error
15:16: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
15:16: Warning: Stream read error
15:16: Warning: Stream read error
15:16: Warning: Stream read error
15:16: Warning: Stream read error
15:16: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
15:16: Warning: Stream read error
15:16: Warning: Stream read error
15:16: Warning: Stream read error
15:16: Warning: Stream read error
15:16: Warning: TCSIDLs.Refresh: could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
15:16: Warning: Stream read error
15:16: Warning: Stream read error
15:16: Warning: Stream read error
15:15: Warning: Stream read error
15:00: C:\System Volume Information\_restore{c47d7f92-7e17-4db7-b7e4-1abc8454a2d3}\RP18\A0004729.exe (ID = 351008)
14:56: C:\System Volume Information\_restore{c47d7f92-7e17-4db7-b7e4-1abc8454a2d3}\RP22\A0008913.dll (ID = 351078)
14:53: C:\System Volume Information\_restore{c47d7f92-7e17-4db7-b7e4-1abc8454a2d3}\RP20\A0008800.dll (ID = 351078)
14:43: C:\System Volume Information\_restore{c47d7f92-7e17-4db7-b7e4-1abc8454a2d3}\RP22\A0008910.exe (ID = 351008)
14:43: Found Trojan Horse: trojan-downloader-small
14:31: C:\System Volume Information\_restore{c47d7f92-7e17-4db7-b7e4-1abc8454a2d3}\RP22\A0008914.dll (ID = 351078)
14:31: Warning: TWinStartupScanner.Initialize(): could not map user [S-1-5-21-842925246-2077806209-1801674531-1003.bak]
14:31: Warning: Stream read error
14:31: Warning: Stream read error
14:31: Warning: Stream read error
14:31: Warning: Stream read error
14:31: C:\System Volume Information\_restore{c47d7f92-7e17-4db7-b7e4-1abc8454a2d3}\RP22\A0008915.dll (ID = 351078)
14:31: Found Adware: henbang
14:29: Starting File Sweep
14:29: Warning: Failed to access drive A:
14:29: Cookie Sweep Complete, Elapsed Time: 00:00:01
14:29: c:\documents and settings\yooplaboom2\cookies\yooplaboom2@xiti[1].txt (ID = 3717)
14:29: Found Spy Cookie: xiti cookie
14:29: c:\documents and settings\yooplaboom2\cookies\yooplaboom2@weborama[2].txt (ID = 3658)
14:29: Found Spy Cookie: weborama cookie
14:29: c:\documents and settings\yooplaboom2\cookies\yooplaboom2@mediaplex[1].txt (ID = 6442)
14:29: Found Spy Cookie: mediaplex cookie
14:29: c:\documents and settings\yooplaboom2\cookies\yooplaboom2@m.webtrends[2].txt (ID = 3669)
14:29: Found Spy Cookie: webtrends cookie
14:29: c:\documents and settings\yooplaboom2\cookies\yooplaboom2@atdmt[2].txt (ID = 2253)
14:29: Found Spy Cookie: atlas dmt cookie
14:29: Starting Cookie Sweep
14:29: Warning: TIdentifyCookieObj.GetCookiePaths(): Unable to map user: S-1-5-21-842925246-2077806209-1801674531-1003.bak
14:29: Warning: Stream read error
14:29: Warning: Stream read error
14:29: Warning: Stream read error
14:29: Warning: Stream read error
14:29: Warning: Stream read error
14:29: Warning: Stream read error
14:29: Registry Sweep Complete, Elapsed Time:00:00:34
14:29: HKU\WRSS_Profile_S-1-5-21-842925246-2077806209-1801674531-1003\software\trustin\url changer\ (ID = 1544805)
14:29: Warning: TIdentifyRegistryObj.Identify: Unable to map user: S-1-5-21-842925246-2077806209-1801674531-1003.bak
14:29: Warning: Stream read error
14:29: Warning: Stream read error
14:29: Warning: Stream read error
14:29: Warning: Stream read error
14:28: HKLM\software\classes\inetloader.weeklyexecuter.1\ (ID = 1551611)
14:28: HKLM\software\classes\inetloader.weeklyexecuter\ (ID = 1551605)
14:28: HKLM\software\classes\changerbho.changerbho\ (ID = 1551547)
14:28: HKCR\inetloader.weeklyexecuter\ (ID = 1544612)
14:28: Found Adware: trustin bar
14:28: HKCR\changerbho.changerbho\ (ID = 1544554)
14:28: Found Adware: trustin url changer
14:28: Starting Registry Sweep
14:28: Memory Sweep Complete, Elapsed Time: 00:02:05
14:26: Starting Memory Sweep
14:26: Warning: TIdentify2700Obj.Identify: Unable to map user: S-1-5-21-842925246-2077806209-1801674531-1003.bak
14:26: Warning: Stream read error
14:26: Warning: Stream read error
14:26: Warning: Stream read error
14:26: Warning: Stream read error
14:26: Sweep initiated using definitions version 767
14:26: Spy Sweeper 5.0.5.1286 started
14:26: | Start of Session, samedi 23 septembre 2006 |
********

17 ans.

Le 23-09-2006 à 19:55 #

Log de bonjour.exe

Logfile of HijackThis v1.99.1
Scan saved at 19:54:12, on 23/09/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\WINDOWS\System32\devldr32.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox 2 Beta 2\firefox.exe
C:\Documents and Settings\Yooplaboom2\Bureau\bonjour.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ChangerBHO Class - {1D4C7057-EAD2-44C6-AD18-9092905F28F1} - C:\WINDOWS\system32\catsrva.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Clicker Class - {A97B5EF1-CA64-466F-AC40-F770ED52DB92} - C:\WINDOWS\system32\mscoriezz.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install
O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

20 ans.

Le 23-09-2006 à 20:29 #

Bonsoir.

I) Relance Hijackthis, coche les lignes qui suivent et clique sur fix checked :

O2 - BHO: ChangerBHO Class - {1D4C7057-EAD2-44C6-AD18-9092905F28F1} - C:\WINDOWS\system32\catsrva.dll (file missing)

O2 - BHO: Clicker Class - {A97B5EF1-CA64-466F-AC40-F770ED52DB92} - C:\WINDOWS\system32\mscoriezz.dll

II) Télécharge Ccleaner et installe-le.

Lance Ccleaner, clique sur Options - Avancé et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures". Clique ensuite sur analyse. Quand elle est terminée, clique sur lancer le nettoyage.

Si tu as des problèmes et avant de poser une question sur l'utilisation de ce logiciel, regarde ce Tuto explicatif.

III) Fais un scan antivirus en ligne avec IE : http://www.pandasoftware.fr/Activescan/Activescan.html. Enregistre et post ensuite le rapport. (Si tu as Avast désactive le le temps du scan).

17 ans.

Le 24-09-2006 à 12:58 #

Voilà le raport Panda

Incident Statut Analyse

Spyware:Cookie/Searchportal No Désinfecté C:\Documents and Settings\Bonne\Cookies\bonne@searchportal.information[1].txt
Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Bonne\Cookies\bonne@xiti[1].txt
Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Maéva\Cookies\maéva@xiti[1].txt
Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Maéva.YOOPLABOOM\Application Data\Mozilla\Firefox\Profiles\xbci1zjj.default\cookies.txt[.xiti.com/]
Spyware:Cookie/Cgi-bin No Désinfecté C:\Documents and Settings\Maéva.YOOPLABOOM\Cookies\maéva@cgi-bin[1].txt
Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Maéva.YOOPLABOOM\Cookies\maéva@xiti[1].txt
Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Yooplaboom\Cookies\yooplaboom@xiti[1].txt
Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\Yooplaboom2\Application Data\Mozilla\Firefox\Profiles\hhrdom89.default\cookies.txt[.weborama.fr/]
Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\Yooplaboom2\Application Data\Mozilla\Firefox\Profiles\hhrdom89.default\cookies.txt[.bluestreak.com/]
Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Yooplaboom2\Application Data\Mozilla\Firefox\Profiles\hhrdom89.default\cookies.txt[.xiti.com/]
Spyware:Cookie/FastClick No Désinfecté C:\Documents and Settings\Yooplaboom2\Application Data\Mozilla\Firefox\Profiles\hhrdom89.default\cookies.txt[.fastclick.net/]
Spyware:Cookie/Tradedoubler No Désinfecté C:\Documents and Settings\Yooplaboom2\Application Data\Mozilla\Firefox\Profiles\hhrdom89.default\cookies.txt[.tradedoubler.com/]
Spyware:Cookie/FastClick No Désinfecté C:\Documents and Settings\Yooplaboom2\Application Data\Mozilla\Firefox\Profiles\hhrdom89.default\cookies.txt[.fastclick.net/]
Spyware:Cookie/Falkag No Désinfecté C:\Documents and Settings\Yooplaboom2\Application Data\Mozilla\Firefox\Profiles\hhrdom89.default\cookies.txt[as1.falkag.de/]

» Liste des Forums » Virus, troyens, etc...

Ces discussions pourraient vous intéresser également:

Examination Log Hijackthis
wuauclt.exe "Examination par Hijack"

Log de hijackthis PLEASE HELP
hijackthis
hijackthis

Sujets Connexes

Arakien & WéWé

Du nouveau ?

Rafraîchir

Forums

Navigation

Connectés

Il y a actuellement 441 visiteurs et 16 toiliens en ligne, ainsi que 8 connectés sur le tchat.

Recherche

Concours

Partenaires

Sauf mention contraire, le contenu du blog et du forum est sous licence Creative Commons By-Sa. Vous avez le droit de le reproduire à condition de citer l'auteur, de faire un lien vers la page d'origine, et de partager vos travaux dérivés selon les mêmes conditions.

Conditions d'utilisation -

Partenaires: [Informatique Multimédia] [Portail du Maroc] [Actualité High Tech]
[Tutoriaux Photoshop] [éligibilité ADSL] [Astuces Windows]

Page générée en 313 millisecondes sur WWW1.

Examination de Log Hijackthis

Participer! →

Bluespirit93 →

Le 23-09-2006 à 12:50 #

freeman206 →

Le 23-09-2006 à 12:52 #

freeman206 →

Le 23-09-2006 à 13:00 #

Bluespirit93 →

Le 23-09-2006 à 13:59 #

Bluespirit93 →

Le 23-09-2006 à 14:01 #

freeman206 →

Le 23-09-2006 à 14:05 #

Bluespirit93 →

Le 23-09-2006 à 19:52 #

Bluespirit93 →

Le 23-09-2006 à 19:55 #

freeman206 →

Le 23-09-2006 à 20:29 #

Bluespirit93 →

Le 24-09-2006 à 12:58 #

Participer! →

Ces discussions pourraient vous intéresser également:

Sujets Connexes

Arakien & WéWé

Du nouveau ?

Forums

Navigation

Publicité

Connectés

Recherche

Concours

Partenaires