Commentaire : # -------------------------------
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build: 12-18-2018
# Database: 2019-01-02.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-08-2019
# Duration: 00:00:02
# OS: Windows 7 Professional
# Cleaned: 35
# Failed: 0
***** [ Services ] *****
Deleted CRMSvc
Deleted Windefender
***** [ Folders ] *****
Deleted C:\Windows\System32\config\systemprofile\AppData\Roaming\CRMSvc
Deleted C:\Users\hp\AppData\Roaming\CRMSvc
Deleted C:\Program Files\hUmbquBpttZU2
Deleted C:\Program Files\qUgzYKxVLnesC
Deleted C:\Program Files\fHDlqDVwU
Deleted C:\Program Files\ooxzIAzTqruiVIszQdR
Deleted C:\Program Files\VKkhWVSisIE
Deleted C:\Program Files\utzZkkanmIUn
Deleted C:\Users\hp\AppData\Roaming\EpicNet Inc
***** [ Files ] *****
Deleted C:\Windows\System32\drivers\WinmonProcessMonitor.sys
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\ScheduledUpdate
Deleted C:\Windows\System32\Tasks\SOVqgpLsuXhFCxp2
Deleted C:\Windows\System32\Tasks\iYMvCriySoqaGgPjbmR2
Deleted C:\Windows\System32\Tasks\DvwLFWwXutwLxJgmB2
Deleted C:\Windows\System32\Tasks\mMzvDpxKxjJVUr
***** [ Registry ] *****
Deleted HKLM\Software\CRMSvc
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D105DFE2-8DF6-4BA0-ABF1-392716658963}
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\CRMSvc
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0802CEA7-54AB-458C-A324-44564BD06D08}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ScheduledUpdate
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\1655C0CA-7AE7-4012-8502-970C8675E5F8
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BFD061F3-B627-468F-AA64-C7E09071F569}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SOVqgpLsuXhFCxp2
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E2CD688B-B067-4B45-87ED-A2417F0909AB}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\iYMvCriySoqaGgPjbmR2
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E26975C-C130-41D6-979E-F48B349AD655}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DvwLFWwXutwLxJgmB2
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1253A88B-AA02-45E2-A6D0-D87413B55CF7}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1253A88B-AA02-45E2-A6D0-D87413B55CF7}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\mMzvDpxKxjJVUr
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\CloudNet
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cloudnet
Deleted HKCU\Software\EpicNet Inc.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [9956 octets] - [08/01/2019 07:49:46]
AdwCleaner[C00].txt - [8290 octets] - [08/01/2019 07:50:15]
AdwCleaner[S01].txt - [4571 octets] - [08/01/2019 07:54:07]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
Format du document : text/plain
Prévisualisation
# -------------------------------
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build: 12-18-2018
# Database: 2019-01-02.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-08-2019
# Duration: 00:00:07
# OS: Windows 7 Professional
# Cleaned: 102
# Failed: 0
***** [ Services ] *****
Deleted CRMSvc
Deleted Windefender
Deleted Nettrans
Deleted backlh
Deleted WCAssistantService
Deleted Voyasollam
***** [ Folders ] *****
Deleted C:\Windows\System32\config\systemprofile\AppData\Roaming\CRMSvc
Deleted C:\Users\hp\AppData\Roaming\CRMSvc
Deleted C:\Program Files\Speedycar
Deleted C:\ProgramData\Logic Cramble
Deleted C:\Program Files\hUmbquBpttZU2
Deleted C:\Program Files\qUgzYKxVLnesC
Deleted C:\Program Files\fHDlqDVwU
Deleted C:\Program Files\ooxzIAzTqruiVIszQdR
Deleted C:\Program Files\VKkhWVSisIE
Deleted C:\Program Files\utzZkkanmIUn
Deleted C:\ProgramData\Voyasollams
Deleted C:\ProgramData\Voyasollam
Deleted C:\Program Files\butler
Deleted C:\Program Files\FastDataX
Deleted C:\Users\hp\AppData\Roaming\EpicNet Inc
Deleted C:\Users\hp\Desktop\DCE
Deleted C:\ProgramData\PrefsSecure
Deleted C:\Windows\Temp\Smartbar
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted C:\Users\hp\AppData\Local\WhiteClick
Deleted C:\Users\hp\AppData\Roaming\WidModule
***** [ Files ] *****
Deleted C:\Users\hp\Downloads\DriverToolkitInstaller.exe
Deleted C:\Windows\System32\config\systemprofile\appdata\local\installationconfiguration.xml
Deleted C:\Users\hp\appdata\local\installationconfiguration.xml
Deleted C:\Users\hp\AppData\Local\Main.dat
Deleted C:\Users\hp\AppData\Local\Temp\WhiteClick.exe
Deleted C:\Windows\System32\findit.xml
Deleted C:\Windows\System32\drivers\WinmonProcessMonitor.sys
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
Deleted C:\Users\hp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
Deleted C:\Users\hp\Desktop\Google Chrome.lnk
Deleted C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Deleted C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
Deleted C:\Users\hp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Deleted C:\Users\hp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
Deleted C:\Users\hp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\ScheduledUpdate
Deleted C:\Windows\System32\Tasks\SOVqgpLsuXhFCxp2
Deleted C:\Windows\System32\Tasks\iYMvCriySoqaGgPjbmR2
Deleted C:\Windows\System32\Tasks\DvwLFWwXutwLxJgmB2
Deleted C:\Windows\System32\Tasks\mMzvDpxKxjJVUr
***** [ Registry ] *****
Deleted HKLM\Software\CRMSvc
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D105DFE2-8DF6-4BA0-ABF1-392716658963}
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\CRMSvc
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95A869FD-A72B-47C2-8CBA-416FF9CCFC25}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ScheduledUpdate
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Speedycar
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Speedycar_is1
Deleted HKLM\Software\MICROSOFT\TechnologyDesktopnew
Deleted HKLM\SOFTWARE\MICROSOFT\Speedycar
Deleted HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\VOYASOLLAM.EXE
Deleted HKCU\Software\mtVoyasollam
Deleted HKLM\Software\mtVoyasollam
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\1655C0CA-7AE7-4012-8502-970C8675E5F8
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{37282C4D-9E01-49D3-9A0D-308ACD0C3559}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SOVqgpLsuXhFCxp2
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A051C2AB-051B-43AD-BD70-C2FAFE64A39E}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\iYMvCriySoqaGgPjbmR2
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F44DF4B4-5085-4892-8ADE-991E40B3FC3B}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DvwLFWwXutwLxJgmB2
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{936EC811-9F56-4EFF-8B36-5A96F601B766}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{936EC811-9F56-4EFF-8B36-5A96F601B766}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\mMzvDpxKxjJVUr
Deleted HKLM\Software\Wow6432Node\ByteFence
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|ByteFence.exe
Deleted HKCU\Software\drpsu
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\CloudNet
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\FastDataX_is1
Deleted HKCU\Software\FastDataX
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cloudnet
Deleted HKCU\Software\EpicNet Inc.
Deleted HKCU\Software\csastats
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\Voyasollam.exe
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\Application Hosting
Deleted HKLM\Software\Microsoft\Internet Explorer\SearchScopes|DefaultScope
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
Deleted HKLM\Software\Microsoft\Internet Explorer\SearchScopes\ielnksrch
Deleted HKU\S-1-5-18\Environment|SNP
Deleted HKU\.DEFAULT\Environment|SNP
Deleted HKU\S-1-5-18\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKU\.DEFAULT\Software\Lavasoft\Web Companion
Deleted HKLM\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKLM\Software\Classes\CLSID\{198A2D6D-5D0E-4C79-9416-AA889D7CA7A6}
Deleted HKLM\Software\Classes\MailSearch.Helpers.AutoComplete
Deleted HKLM\Software\Classes\MailSearch.MailSearchBandObject
Deleted HKLM\Software\Classes\MailSearch.Installer
Deleted HKLM\Software\Classes\MailSearch.Attributes.BandObjectAttribute
***** [ Chromium (and derivatives) ] *****
Deleted Quick Searcher
Deleted MSN Homepage & Bing Search Engine
***** [ Chromium URLs ] *****
Deleted WebSearch
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [9956 octets] - [08/01/2019 07:49:46]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########